AMD SEV Code Gets Reorganized In Linux 5.13 Ahead Of SEV-SNP Landing

While past the Linux 5.13 merge window, some reorganizing/cleaning to the AMD Secure Encrypted Virtualization (SEV) code was merged to mainline today to make it easier for when the SEV-SNP and other feature code is submitted for Linux 5.14 or later.

While post merge window activity is normally limited to bug/regression fixes for the Linux kernel, some reorganization to the SEV code was merged today ahead of Linux 5.13-rc2. The basis for merging the code now is that it will vastly improve the experience when it comes time to landing new feature code moving forward. Most notably, the SEV-SNP code is out under review and those patches will depend upon this reorganized SEV kernel code.

Today's x86 merge further explained, "the three SEV commits are not really urgent material. But we figured since getting them in now will avoid a huge amount of conflicts between future SEV changes touching tip, the kvm and probably other trees, sending them to you now would be best. The idea is that the tip, kvm etc branches for 5.14 will all base ontop of -rc2 and thus everything will be peachy. What is more, those changes are purely mechanical and defines movement so they should be fine to go now (famous last words)."

Whether SEV-SNP will be ready in time though for mainlining in Linux 5.14 or wait for a later version remains to be determined. SEV Secure Nested Paging is new to AMD EPYC 7003 "Milan" processors for adding integrity protections -- all the technical details are laid out in this whitepaper.