AMD SEV Firmware Added To Linux-Firmware Tree For Easier Updating

For those making use of Secure Encrypted Virtualization for secure VMs running on AMD EPYC platforms, the firmware bits required for supporting SEV have now been added to the linux-firmware.git tree to allow for easier updating to this virtualization security feature.

AMD Secure Encrypted Virtualization, the extension of Secure Memory Encryption (SME) to allow virtual machines to provide page-granular memory encryption support using their own per-VM secure keys, requires firmware support to function. Up to now the AMD SEV firmware updates have been distributed as part of the system BIOS images. But now to allow AMD to more easily update the SEV firmware outside of server/motherboard BIOS releases and those vendors' release schedules, AMD added support for distributing these binaries independently and offering them via the de facto Git tree for Linux firmware binaries.

Now next time you (or your distribution) pulls from Linux-Firmware.Git for updating available firmware binaries, it will include the latest AMD SEV firmware files. This should be useful for any new SEV features requiring firmware support and/or security updates to more quickly and easily be distributed to Linux users rather than being held up by system BIOS updates.