AMD Overhauls Their SEV-SNP Hypervisor Patches They Are Working To Upstream In Linux
Sent out this week was the seventh iteration of the AMD Secure Nested Paging hypervisor support patches. While up to the "v7" spin, they demoted the patches back to an RFC (Request For Comments) stage as they are effectively starting anew with some elements of the code.
The new AMD SEV-SNP Hypervisor v7 patch series explains:
This version is being posted as an RFC due to fairly extensive changes relating to transitioning the SEV-SNP implementation to using restricted/private memslots (aka Unmapped Private Memory) to manage private guest pages instead of the legacy SEV memory registration ioctls.
Alongside that work we've also been investigating leveraging UPM to to implement lazy-pinning support for SEV guests, rather than the legacy SEV memory registration ioctls which rely on pinning everything in advance.
For both of these SEV and SEV-SNP use-cases we've needed to add a number of hooks in the restricted, so we thought it would be useful for this version at least to include both UPM-based SEV and SNP implementations so can see if these hooks might be needed for other archs/platforms and start consolidating around whether/how they should be defined for general usage. There are still some TODOs in this area, but we hope this implementation is complete enough to at least outline the required additions needed for using UPM for these use-cases.
Outside of UPM-related items, we've also included fairly extensive changes based on review feedback from v6 and would appreciate any feedback on those aspects as well.
...
This part of the Secure Encrypted Paging (SEV-SNP) series focuses on the changes required in a host OS for SEV-SNP support. The series builds upon SEV-SNP Guest Support now part of mainline.
This series provides the basic building blocks to support booting the SEV-SNP VMs, it does not cover all the security enhancement introduced by the SEV-SNP such as interrupt protection.
The CCP driver is enhanced to provide new APIs that use the SEV-SNP specific commands defined in the SEV-SNP firmware specification. The KVM driver uses those APIs to create and managed the SEV-SNP guests.
AMD SEV upstreaming has been an area that has lagged behind the EPYC product launches, including for the earlier SEV-ES iteration with Rome too. AMD has been publishing patches and offering their own SEV'ed kernel on GitHub, but it's taken a while to get everything ironed out and upstreamed post-launch. It was March 2021 that the EPYC 7003 series launched and in now closing out 2022, the SEV-SNP work still isn't settled for the mainline kernel and this hypervisor work is sent out as an RFC series.
AMD comparison of the various SEV capabilities.
This week meanwhile with the Linux 6.2 kernel is where Intel is landing TDX guest attestation support in building off the Trust Domain Extensions (TDX) infrastructure merged back during Linux 5.19 and making more progress there prior to the formal introduction of Xeon Scalable "Sapphire Rapids" processors.
Secure and confidential computing areas continue to be areas of much interest by Linux kernel developers and the industry at large.
For those interested in SEV-SNP hypervisor support there is the v7 patch series for these 64 new and updated patches, coming in just under 5k lines of new code. Hopefully we won't be waiting too long into 2023 before the AMD SEV-SNP hypervisor support is ready to be merged into the Linux kernel. At least with the time spent on it, by the time it is merged it should be in fairly robust shape and hopefully will have finished wiring up the rest of the SEV-SNP features not yet implemented. At least outside of the SEV space, I can't think of any major features still missing from the mainline kernel for the AMD EPYC 7003 "Milan" and new AMD EPYC 9004 "Genoa" server processors.