Fedora 41 Proceeds With AMD SEV-SNP Virtualization Host Support For Confidential VMs

The Fedora change proposal was approved this week by their engineering and steering committee to support AMD SEV-SNP virtualization host support to allow easily launching confidential computing virtual machines (VMs) with Fedora 41.

Now that the AMD SEV-SNP kernel bits are reaching upstream in the Linux kernel and related components after a lot of work, Fedora Linux is proceeding to be one of the first major Linux distributions offering a pleasant out-of-the-box experience for supporting SEV-SNP backed confidential VMs.

The Fedora change proposal describes it as:

"This enables Fedora virtualization hosts to launch confidential virtual machines using AMD's SEV-SNP technology. Confidential virtualization prevents admins with root shell access, or a compromised host software stack, from accessing memory of any running guest. SEV-SNP is an evolution of previously provided SEV and SEV-ES technologies providing stronger protection and unlocking new features such as a secure virtual TPM.

Confidential guests running under a Fedora SEV-SNP enabled KVM host will be able to:

- Self initiate an VM attestation to prove integrity of their running guest machine. This guarantees their guest is running on AMD hardware with SEV-SNP setup in a given configuration, running a particular build for EDK2 firmware, providing data confidentiality even if the host is compromised or malicious.

- Measure all aspects of the guest machine boot process into PCRs in a securely hosted virtual TPM

- Protect against various known weaknesses of the traditional SEV and SEV-ES technologies"

Now that FESCo has approved the feature, barring any last minute issues coming up in the upstream code or other factors, this AMD SEV-SNP support will be found in Fedora 41 that is due for release around the end of October. AMD EPYC 7003 "Milan" and newer EPYC server processors support Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP).