AMD SEV-SNP Appears Ready For Upstreaming In Linux 5.19

Introduced last year with the AMD EPYC 7003 "Milan" processors was SEV-SNP as the latest iteration of their Secure Encrypted Virtualization technology. SEV-SNP adds additional integrity protections and safeguards as part of this "Secure Nested Paging" extension of SEV. Finally with Linux 5.19 the SEV-SNP support should premiere in the mainline kernel.

Right after the EPYC 7003 series was introduced in March 2021, AMD began sending out Linux patches for SEV-SNP. They continued over the past year sending updated versions of the patches to implement more of the supported functionality and addressing developer feedback. Going back to the hardware launch they've also hosted this code in a GitHub repository for AMD EPYC customers wanting to use their supported kernel build / patches for building a kernel with this functionality in place beyond the SEV/SEV-ES code already in upstream. The hardware-based memory integrity protections can help prevent malicious hypervisor-based attacks and other functionality beyond what is available with Secure Encrypted Virtualization of prior EPYC CPUs.

After going through a number of rounds of review (12+), it looks like the initial SEV-SNP code with working guest OS support is ready for what will land in the Linux 5.19 kernel this summer.

An AMD table comparing SEV, SEV-ES "Encrypted State", and SEV-SNP "Secure Nested Paging" that has been building up on succeeding generations of EPYC processors.

Queued this morning into TIP's x86/sev branch is the AMD SEV-SNP guest driver and other SEV-SNP feature code. With this code now part of TIP.git, it's the last stepping stone prior to being sent in next merge window as part of the various TIP feature pull requests... This puts it hitting mainline around the end of May once the Linux 5.19 cycle gets started.

This is the whole SEV-SNP guest patch series that had been carried via AMDESE's sev-snp-v12 GitHub branch and now part of TIP x86/sev until the Linux 5.19 cycle rolls around -- barring any last minute issues coming up that would lead to these patches being dropped from TIP / x86/sev. There does still appear to be areas for improvement with this SEV-SNP code such as supporting the "lazy validation" mode for pages where as now it's all done under pre-validation. Interrupt security is another SEV-SNP feature still to be addressed too with future patches.

More details on AMD SEV-SNP protections with EPYC 7003 series processors can be found via the AMD whitepaper. It's unfortunate it has taken more than one year after launch for this SEV-SNP functionality to make it into a mainline kernel, but at least it's looking like that initial support will be all in good shape this summer and mainlined in time for the autumn Linux distribution updates and ahead of next-gen EPYC processors releasing.