Menu
I'm in the unlucky situation that I need to use a CPU feature that the BIOS hasn't enabled in the ia32 feature control MSR register. The BIOS does set the lock bit so I can't set the bit myself. The BIOS (Asus UEFI BIOS) has no option to change the behavior. Question is, is there any way I can set this bit? I'm thinking if it is possible to write an UEFI extension or some program I could execute from the UEFI shell. But I'm not sure if the register is locked before this would be execute (I know very little about UEFI and its programming environment). Alternatively, is it possible to patch the BIOS update image or modify it using standard tools? Anyone who heard of success stores in this area?
The feature in question is SGX (Software Guard Extensions). The board is Asus Z170-K. Everything is in place to support SGX, except that the BIOS is unable to set this bit.
Update May 22th: I just updated the Asus Z170-K to the newly released BIOS 1803 (released 20th of May). It was a big jump in version number so I was hopeful. Sadly, SGX support still isn't there. I've now filed a new request with Asus and this time I plan not to be just brushed off. I think it is outright amateurish this is not supported from the beginning - it is part and parcel of supporting a Skylake CPU so I think all customers requiring this should try and pursue a refund (I know I'm gonna do that).
742
Probably not feasible without modding the BIOS ROM and re-flashing it. The CPU initialization is one of the earliest parts of of boot. The lock bit would get set in either SEC or PEI phase. Any extension you write will be for the DXE phase, which occurs later.
Your best bet would be to contact Asus technical support. They may release a BIOS update to correct the issue.
If you haven't already, check for a BIOS update.
103
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
