Intel has published a patch (discovered by Phoronix) that enables support for its Intel Software Defined Silicon (SDSi) mechanism in Linux. The technology is meant for upcoming Intel Xeon processors and is designed to activate additional silicon features after a processor has been deployed.
The patch does not mention any specific features it is meant to unlock or any specific Xeon Scalable processors it is meant to upgrade (we think Sapphire Rapids), yet it gives some general understanding how it is supposed to work. As it turns out, the whole process is purely software, so it does not require any manipulations with hardware. Therefore, it can be done relatively easily.
Intel's SDSi initiative seems to be a major one, yet Intel is not new to offering software upgrades to its CPUs. The most recent example of such software upgradeability is Intel's Virtual RAID on CPU (Intel VROC) technology that relies on the Intel Volume Management Device (VMD) hardware built into the CPU and has to be activated using a special hardware key. The company also once offered its Upgrade Service software upgrade capability for its entry-level client CPUs that would increase their clock speed, unlock a previously unused portion of cache, and activate Hyper-Threading technology.
Intel yet has to fully describe what it intends to offer under its Software Defined Silicon initiative, but the number of possible options is quite limitless.
Originally, Intel's Pentium II/III/4 Xeon processors were essentially desktop parts with additional cache and SMP (symmetrical multiprocessing) support. But Intel's Xeon processors have gained quite a lot of functionality in the last 15 years that is not supported by client CPUs and is not required by client systems. In fact, Intel's latest Xeon Scalable CPUs support instructions that are not supported by client models.
In more recent years, Intel began to differentiate features and performance of its Xeon Scalable processors with premium parts supporting more memory, eight-way SMP capability, the highest number of cores, and all technologies that the chip giant has to offer.
With the launch of its 4th Generation Xeon Scalable 'Sapphire Rapids' processors, Intel will bring support for plethora of new instructions and special-purpose accelerators designed for emerging workloads. Yet, many of Intel's enterprise customers that use on-premise servers may not see any immediate value in technologies like Advanced Matrix Extensions (AMX), Data Streaming Accelerator (DSA), or CXL 1.1. In fact, even hyperscale cloud service providers may not need all the features on all of their systems.
To meet the immediate needs of its clientele, Intel wants to offer them CPUs in the configurations they need now, but with SDSi it can leave the door open for future software upgrades should a client need additional functionality or just decides to repurpose a machine. Such upgradability ensures that Intel's clients do not go to AMD if they need an extra feature or two and will still pay Intel for its technologies.
Here is the official description of Intel's Software Defined Silicon (SDSi) mechanism:
Intel Software Defined Silicon (SDSi) is a post manufacturing mechanism for activating additional silicon features. Features are enabled through a license activation process. The SDSi driver provides a per socket, ioctl interface for applications to perform three main provisioning functions:
1. Provision an Authentication Key Certificate (AKC), a key written to internal NVRAM that is used to authenticate a capability specific activation payload.
2. Provision a Capability Activation Payload (CAP), a token authenticated using the AKC and applied to the CPU configuration to activate a new feature.
3. Read the SDSi State Certificate, containing the CPU configuration state.
The ioctl operations perform function specific mailbox commands that forward the requests to SDSi hardware to perform authentication of the payloads and enable the silicon configuration (to be made available after power cycling).
The SDSi device itself is enumerated as a PCIe VSEC capability on the Intel Out Of Band Management Services Module (OOBMSM) device. The SDSi device is a cell of the intel_pmt MFD driver and as such has a build dependency on CONFIG_MFD_INTEL_PMT.
Link: https://github.com/intel/intel-sdsi