New Patches: AMD Live Migration Support For VMs With Secure Encrypted Virtualization

Written by Michael Larabel in AMD on 13 February 2020 at 09:13 AM EST. 1 Comment
AMD
Beyond the Linux kernel patches presented earlier this week for AMD SEV-ES "Encrypted State" support, another Linux patch series out overnight provides another improvement to Secure Encrypted Virtualization with AMD EPYC server processors.

The newest open-source SEV work to report on this week is live migration support when making use of AMD Secure Encrypted Virtualization. Currently VMs can't be live migrated when making use of this hardware-backed encryption support of virtual machines, but a new patch series enables QEMU/KVM live migration to now work in the presence of SEV.

A set of 12 patches adding more than one thousand lines of new kernel code put the necessary bits into place for handling live migration under SEV. The patches basically allow for passing an encryption context with the hypervisor as well as the commands for copying into a new SEV guest memory space. While the initial work is focused on the Kernel-based Virtual Machine (KVM), this SEV live migration could be extended to other hypervisors as well.

Longtime upstream Linux kernel developer Andy Lutomirski so far has commented on the code and raised some concerns over the increasing complexity of AMD SEV within the Linux kernel, "To be blunt: if I had noticed how the SEV code worked before it was merged, I would have NAKed it. It's too late now to retroactively remove it from the kernel, but perhaps we could try not to pile more complexity on top of the unfortunate foundation we have."

We'll see if this SEV code gets cleaned up in time for the Linux 5.7 cycle this spring.
1 Comment
Related News
ASUS TUF GAMING X670E PLUS Seeing Linux Sensors Support
AMD Hardware Feedback Interface "HFI" Patches Updated For The Linux Kernel
AMD P-State Driver Improvements Getting Ready For Linux 6.14
New AMD XDNA Linux Driver Patches Add Ryzen AI NPU6 IP, Other Improvements
AMD NPU Firmware Upstreamed For The Ryzen AI AMDXDNA Driver Coming In Linux 6.14
AMD Per-Core Energy Counter Support Slated For Linux 6.14
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features