History

AMD Secure Encrypted Virtualization (SEV) and AMD Secure Memory Encryption (SME) are two security features designed to enhance the security of AMD processors.

AMD Secure Memory Encryption (SME)

SME utilizes a single key to encrypt the system memory. This key is generated by the AMD Secure Processor during boot. To enable SME, users can choose to enable it in the system BIOS or operating system settings. Once enabled in the BIOS, memory encryption becomes transparent and can be used with any operating system.

In 2016, AMD unveiled Secure Encrypted Virtualization (SEV), an innovative x86 technology specifically designed to isolate virtual machines (VMs) from the hypervisor. Traditionally, hypervisors have been trusted components in the virtualization security model. However, there are numerous scenarios, such as cloud environments, where a different VM trust model is desired. Cloud customers may wish to safeguard their VM-based workloads from the cloud administrator to ensure data confidentiality and reduce their exposure to potential bugs in the cloud provider's infrastructure. This creates a need to physically isolate VMs from the hypervisor and other coexisting code on the server.

AMD Secure Encrypted Virtualization (SEV)

SEV takes security a step further by using a unique key for each virtual machine, isolating guests and the hypervisor from one another. The keys are managed by the AMD Secure Processor. To enable SEV, both the guest operating system and hypervisor need to support it. The guest changes allow the virtual machine to indicate which specific pages in memory should be encrypted. On the other hand, hypervisor changes utilize hardware virtualization instructions and communicate with the AMD Secure Processor to manage the appropriate keys in the memory controller.

To address this challenge, AMD initially employed main memory encryption in SEV. This technology allowed each VM to be assigned a unique AES encryption key, automatically encrypting their in-use data. Consequently, when the hypervisor attempted to access a guest's memory, it could only see encrypted data.

In 2017, AMD introduced SEV-ES (Encrypted State), which added an extra layer of protection for CPU register state. SEV-ES encrypted the VM register state during each hypervisor transition, ensuring that the hypervisor could not access the actively used data by the VM. The combination of SEV and SEV-ES helped minimize the attack surface of a VM by preserving data confidentiality in memory.

AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES)

SEV-ES adds an extra layer of security by encrypting all CPU register contents when a virtual machine stops running. This measure effectively prevents information leakage from CPU registers to components like the hypervisor. It can also detect any malicious modifications to the CPU register state.

In 2020, AMD introduces the next generation of SEV, known as SEV-SNP (Secure Nested Paging). SEV-SNP builds upon the existing SEV and SEV-ES functionalities while incorporating new hardware-based security measures. Its primary addition is strong memory integrity protection, which effectively thwarts malicious hypervisor-based attacks like data replay and memory re-mapping. This further strengthens the isolated execution environment.

AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)

SEV-SNP provides strong memory integrity protection to counteract potential malicious hypervisor-based attacks, such as data replay and memory re-mapping. It creates an isolated execution environment to enhance security. Additionally, SEV-SNP introduces several optional security enhancements to support various virtual machine use cases, offer stronger protection around interrupt behavior, and increase defense against recently disclosed side-channel attacks.

Additionally, SEV-SNP includes various optional security enhancements to support different VM use models, offer more robust protection around interrupt behavior, and counteract recently disclosed side-channel attacks.

Last updated 2 months ago