Announcement

Collapse
No announcement yet.

AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16

    Phoronix: AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16

    With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD's Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline...

    http://www.phoronix.com/scan.php?pag...16-AMD-SEV-KVM

  • #2
    Typo:

    Originally posted by phoronix View Post
    Secure Encrytped Virtualization protects virtual machines

    Comment


    • #3
      Originally posted by tildearrow View Post
      Typo:
      Thanks
      Michael Larabel
      http://www.michaellarabel.com/

      Comment


      • #4
        "With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD's Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline."

        Will this feature work in either of:
        1. AMD Threadripper
        2. Ryzen Pro

        Comment


        • #5
          Originally posted by Jedibeeftrix View Post
          "With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD's Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline."

          Will this feature work in either of:
          1. AMD Threadripper
          2. Ryzen Pro
          As far as I know it's strictly only supported on EPYC.
          Michael Larabel
          http://www.michaellarabel.com/

          Comment


          • #6
            Originally posted by Michael View Post
            As far as I know it's strictly only supported on EPYC.
            According to AMD support it's in both EPYC and Ryzen Pro (https://github.com/AMDESE/AMDSEV/iss...ment-338450973).

            Comment


            • #7
              What good is this when AMD still have AMD Security Processor (previously Platform Security Processor) which is like Intel's Management Engine (ME) and Intel AMT and likely insecure and vulnerable too?

              Comment


              • #8
                Originally posted by uid313 View Post
                What good is this when AMD still have AMD Security Processor (previously Platform Security Processor) which is like Intel's Management Engine (ME) and Intel AMT and likely insecure and vulnerable too?
                What good is x86 with SMM since 386SL?

                The difference with PSP is that it doesn't (yet) have a covert channel like AMT with it's direct link to the NIC. The dedicated Ryzen Pro motherboards will probably have something like this...

                Comment


                • #9
                  I understand that a "legitimate owner" of a VM can verify he is talking to a legit AMD SEV VM by checking its signature.
                  But how could an AMD CPU know it is talking to a "legitimate owner" of a VM, and not some compromised hypervisor presenting the CPU an encrypted VM image it got hold of? After all, there probably are no "legitimate VM owner certificates" burned into the CPU...

                  Comment


                  • #10
                    Originally posted by uid313 View Post
                    What good is this when AMD still have AMD Security Processor (previously Platform Security Processor) which is like Intel's Management Engine (ME) and Intel AMT and likely insecure and vulnerable too?
                    your kernel is likely insecure and vulnerable, what good is it?

                    Comment

                    Working...
                    X