AMD Secure Processor Support In Linux 4.14
Written by Michael Larabel in AMD on 6 September 2017 at 08:05 PM EDT. 20 Comments
AMD --
The crypto subsystem updates have been pulled in for the Linux 4.14 kernel and it includes more complete AMD Secure Processor support, among other changes.

The mainline Linux kernel has already supported the AMD Cryptographic Coprocessor (CCP) for encryption, hashing, and other features. With Linux 4.14 the CCP support is still around along with the Platform Security Processor (PSP) device support. This support is still exposed via the CRYPTO_DEV_CCP Kconfig switch and new CRYPTO_DEV_SP_CCP while is now advertised as just "Support for AMD Secure Processor" rather than just "AMD Cryptographic Coprocessor."

Among the uses for the AMD Secure Processor are for use with the AMD Secure Encrypted Virtualization (SEV) for key management and for Trusted Execution Environments (TEE; there's a new TEE subsystem in Linux as of 4.12). Among the CCP crypto additions in Linux 4.14 is support for RSA and then for v5 CCP hardware is allowing RSA, XSTS-AES-128, and XTS-AES-256. Also queued up for Linux 4.14 as well is the AMD Secure Memory Encryption (SME) support as found on EPYC CPUs.

The AMD Secure Processor is built off ARM TrustZone technology with an ARM Cortex-A5 being embedded into recent APUs and CPUs. With the new AMD EPYC 7000 series there is an AES-128 engine support and the SME and SEV support, among other capabilities.

Other crypto work for the Linux 4.14 kernel include a STM32 HASH module, Microchip / Atmel ECC driver, Freescale RNGC hardware random number generator support, and other changes. The updated code is here.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related AMD News
Popular News