AMD Advances Confidential Computing In Linux 6.11 With SEV-SNP + SVSM Guest Support

The AMD Secure Encrypted Virtualization (SEV) changes have been submitted for the recently opened Linux 6.11 merge window. Notable this cycle is getting support in the mainline kernel for SEV-SNP guest support over a Secure VM Service Module (SVSM).

As reported on a few months back, the mainline kernel support around Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) was nearing "the ultimate goal of the AMD confidential computing side, providing the most comprehensive confidential computing environment up to date." While the hope then was to have it all buttoned up for Linux 6.10, now with Linux 6.11 it appears to be that way with the SEV-SNP guest bits landing.

AMD Linux engineer Borislav Petkov today sent out the x86/sev pull request and explained:

"Add support for running the kernel in a SEV-SNP guest, over a Secure VM Service Module (SVSM).

When running over a SVSM, different services can run at different protection levels, apart from the guest OS but still within the secure SNP environment. They can provide services to the guest, like a vTPM, for example.

This series adds the required facilities to interface with such a SVSM module."

That pull as of minutes ago was merged to Linux 6.11 Git.

Additionally, to be sent in separately as part of the KVM updates for Linux 6.11 is the long-awaited SEV-SNP KVM guest support for the mainline kernel. That's been a long time coming and up to now maintained out-of-tree by AMD while it went through the lengthy review process.

For the Secure VM Service Module, AMD does maintain this repository providing a Linux SVSM module for secure x86 virtualization in Rust and their newer solution is the COCONUT SVSM for confidential VMs.

SEV-SNP is found with AMD EPYC processors since the EPYC 7003 "Milan" series for providing greater security for virtual machines.