Fedora 34 Adding SEVCTL Utility For Managing AMD SEV
([Fedora] 3 Hours Ago
AMD Secure Encrypted Virtualization)
- Reference: 0001249901
- News link: https://www.phoronix.com/?page=news_item&px=Fedora-34-Will-Have-SEVCTL
- Source link:
The upcoming release of [1]Fedora 34 will make it the first major Linux distribution to have sevctl available, an open-source utility for managing AMD EPYC systems with Secure Encrypted Virtualization (SEV).
SEVCTL is a utility for managing AMD Secure Encrypted Virtualization with displaying various SEV details, managing of certificates, resetting the platform's persistent state, and other features for what is exposed by the SEV management API with EPYC processors.
[2]
SEV allows for isolating of guests and the hypervisor using unique keys managed by the AMD Secure Processor. AMD [3]Secure Encrypted Virtualization has been built upon since its original introduction with the EPYC 7001 "Naples" processors. AMD has been upstreaming SEV support into the Linux kernel and relevant pieces of the open-source virtualization stack. Most recently they've begun [4]working to upstream SEV-SNP for EPYC 7003 Milan CPUs .
SEVCTL is an Apache 2.0 licensed utility under the Enarx project for dealing with various vendor Trusted Execution Environments.
SEVCTL has been in development the past year and is available on [5]GitHub while Fedora 34 is the first major distribution packaging it. The Fedora 34 details on SEVCTL can be found via [6]this blog post by Red Hat's Connor Kuehl.
[1] https://www.phoronix.com/scan.php?page=search&q=Fedora+34
[2] https://www.phoronix.com/image-viewer.php?id=2021&image=amd_fedora_sevctl_lrg
[3] https://www.phoronix.com/scan.php?page=search&q=Secure%20Encrypted%20Virtualization
[4] https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Linux-RFC
[5] https://github.com/enarx/sevctl
[6] https://codeofconnor.com/sevctl-available-soon-in-fedora-34/
SEVCTL is a utility for managing AMD Secure Encrypted Virtualization with displaying various SEV details, managing of certificates, resetting the platform's persistent state, and other features for what is exposed by the SEV management API with EPYC processors.
[2]
SEV allows for isolating of guests and the hypervisor using unique keys managed by the AMD Secure Processor. AMD [3]Secure Encrypted Virtualization has been built upon since its original introduction with the EPYC 7001 "Naples" processors. AMD has been upstreaming SEV support into the Linux kernel and relevant pieces of the open-source virtualization stack. Most recently they've begun [4]working to upstream SEV-SNP for EPYC 7003 Milan CPUs .
SEVCTL is an Apache 2.0 licensed utility under the Enarx project for dealing with various vendor Trusted Execution Environments.
SEVCTL has been in development the past year and is available on [5]GitHub while Fedora 34 is the first major distribution packaging it. The Fedora 34 details on SEVCTL can be found via [6]this blog post by Red Hat's Connor Kuehl.
[1] https://www.phoronix.com/scan.php?page=search&q=Fedora+34
[2] https://www.phoronix.com/image-viewer.php?id=2021&image=amd_fedora_sevctl_lrg
[3] https://www.phoronix.com/scan.php?page=search&q=Secure%20Encrypted%20Virtualization
[4] https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Linux-RFC
[5] https://github.com/enarx/sevctl
[6] https://codeofconnor.com/sevctl-available-soon-in-fedora-34/
phoronix