
Intel SGX Enclave Support in Windows 10 Fall Update [pdf] - transpute
http://www.alex-ionescu.com/Enclave%20Support%20In%20Windows%2010%20Fall%20Update.pdf
======
DiabloD3
Interesting thing from the PDF:

"At this point, it should also be stressed, that if you have already purchased
a Skylake processor, you likely did not get an SGX-compatible part. In an
incredible, pretty non-talked about snafu, only Skylake parts after October
26th, at the earliest will have SGX enabled, and you’re likely to be able to
buy them only after November 30th.

These parts have a different “S-part” number, but otherwise have the same
CPUID, Stepping, Model Numbers, etc. Manufacturers are free to interchangeably
sell you whichever part they have in stock, without any recourse to you, the
buyer. You can read Intel’s Product Change Notification (Intel, 2015) to see
which parts you should attempt to buy, if your vendor will let you verify this
information before buying.

Worse, even if you end up getting a compatible S-part processor, your BIOS
must still be updated to set the appropriate enable bit in the
IA32_FEATURE_CONTROL (0000`003Ah) MSR, in this case the SGX Global Enable Bit
(18) and your BIOS must additionally reserve a region of RAM for SGX use."

