On this first day of the Linux 6.14 merge window to kick off the new kernel development cycle there are a few pull requests around new AMD CPU features worth noting.
First up, the x86/sev pull request was sent out at the start of the day for the latest Secure Encrypted Virtualization (SEV) features for AMD EPYC processors. Notable this cycle is the Segmented RMP mode and support for Zen 5’s RMPREAD instruction. RMPREAD is a new instruction with Zen 5 (EPYC 9005 series) processors for reading architectural-defined RMP (Reverse Map Table) entries and becomes the preferred method now for reading RMP table entries on “Turin” server processors and future AMD processors.
Also with the x86/sev pull request is the AMD TSC pull request for this functionality found in AMD processors since the EPYC 7003 “Milan” processors. The AMD Secure TSC support was revved in Linux patch form the past two years while now finally ready for merging. Secure TSC is a feature with SEV-SNP-enabled EPYC server processors for allowing VMs/guests to securely use the RDTSC and RDTSCP instructions for secure timestamp counter access. The secured aspect is ensuring that the hypervisor cannot alter the RDTSC/RDTSCP parameters after the guest is launched.
“- A segmented Reverse Map table (RMP) is a across-nodes distributed table of sorts which contains per-node descriptors of each node-local 4K page, denoting its ownership (hypervisor, guest, etc) in the realm of confidential computing. Add support for such a table in order to improve referential locality when accessing or modifying RMP table entries
– Add support for reading the TSC in SNP guests by removing any interference or influence the hypervisor might have, with the goal of making a confidential guest even more independent from the hypervisor”
More details on the patches within the x86/sev pull request for those interested.
Also sent out today was the x86/bugs pull request and for the Linux 6.14 cycle was a single set of patches for preparing AMD SRSO_USER_KERNEL_NO support. SRSO_USER_KERNEL_NO is another new feature for Zen 5 processors and is reducing the scope of the mitigations needed around the Inception / Speculative Return Stack Overflow (SRSO) vulnerability. See this earlier article on AMD SRSO_USER_KERNEL_NO for those interested. SRSO_USER_KERNEL_NO is primarily around CPUs not vulnerable to user/kernel boundary issues but needing mitigation only on VMEXIT for virtual machines / cloud computing scenarios.
Lastly, notable on the AMD side as well for this first day of the Linux 6.14 cycle are the performance event changes. This pull brings AMD core PMU driver updates and changes to the AMD RAPL energy countrs support. Most significant there is the core energy counter support for AMD processors being mainlined.
