AMD sent out a set of Linux kernel patches today for enabling use of a new instruction dubbed RMPOPT. Given the timing of these patches, RMPOPT is presumably a feature coming with next-gen AMD EPYC Zen 6 “Venice” processors.
RMPOPT is a new instruction to help minimize the performance overhead of RMP checks on the hypervisor and for non-SNP guests by letting RMP checks be skipped in certain scenarios. With RMPOPT these checks can be skipped when 1G regions of memory are known not to contain any SEV-SNP guest memory.
Today is the first time I’m hearing of AMD RMPOPT and didn’t turn up any other search results hits for patches I may have missed. Today’s patch series further describes RMPOPT as:
“In the SEV-SNP architecture, hypervisor and non-SNP guests are subject to RMP checks on writes to provide integrity of SEV-SNP guest memory.
The RMPOPT architecture enables optimizations whereby the RMP checks can be skipped if 1GB regions of memory are known to not contain any SNP guest memory.
RMPOPT is a new instruction designed to minimize the performance overhead of RMP checks for the hypervisor and non-SNP guests.
As SNP is enabled by default the hypervisor and non-SNP guests are subject to RMP write checks to provide integrity of SNP guest memory.
This patch series add support to enable RMPOPT optimizations globally for all system RAM, and allow RMPUPDATE to disable those optimizations as SNP guests are launched.
Additionally add a configfs interface to re-enable RMP optimizations at runtime and debugfs interface to report per-CPU RMPOPT status across all system RAM.”
The patches don’t explicitly call out what generation of EPYC server processors will introduce RMPOPT support and the code just checks for the presence of the feature. But given the timing this is presumably one of the new features with EPYC Venice processors due to launch later this year. Additionally, one of the patches does note CPUs “0-1023” and with EPYC Venice going up to 256 cores / 512 threads per socket, this would align with a new top-end EPYC Venice dual socket server.
This AMD RMPOPT enablement work for the Linux kernel is now on the mailing list for review and introduction in a future kernel release (post-7.0 as it’s too late given the current merge window).
While on the topic of AMD SEV-SNP, in case you missed it last week: Evaluating The Performance Cost To AMD SEV-SNP On Modern EPYC VMs.
