Discover Security Projects News
Linux 6.3-rc3 Adding Protection From Malicious Guests Hammering AMD's Secure Processor
A change sent in this Sunday ahead of the Linux 6.3-rc3 release is a late addition adding a throttling mechanism to protect the hypervisor from potentially malicious AMD Secure Encrypted Virtualization (SEV) guests. The change is to protect the AMD Secure Processor from being potentially overloaded with requests by nefarious guest VMs.
Google engineer Dionna Glaze has been working on this "throttling awareness" support for AMD SEV guests and this Linux kernel code was agreed to by AMD's Linux engineers.
Given the security nature of this change, it was sent in now that the code is deemed ready and outside of the usual kernel merge window period. These AMD SEV patches were sent in today as part of the x86/urgent pull request prior to tonight's Linux 6.3-rc3 release.