Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Linux 6.3-rc3 strengthens the security mechanism to protect AMD processors from SEV

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)11/24 Report--

CTOnews.com, March 20, ahead of the official arrival of Linux 6.3-rc3, the version released a change on Sunday, adding a restriction mechanism to protect the hypervisor from potential malicious secure encryption Virtualization (SEV) clients, designed to protect AMD security processors from overloading by malicious VM requests.

Dionna Glaze, a Google engineer, has been working to provide "throttling awareness" support for AMD SEV clients, and this Linux kernel code has been approved by AMD Linux engineers. Dionna Glaze explained:

A potentially malicious SEV client can constantly attack the hypervisor that uses the driver to send requests, thus affecting or largely preventing other clients from making requests to the security processor, which is, after all, a shared platform resource.

Therefore, we allow and encourage the host to restrict such requests from the client.

Given the security of this change, these AMD SEV patches appeared as part of x86 / emergency requests before Linux 6.3-rc3 was released, because the code was ready and exceeded the usual kernel merge window.

Of course, these AMD SEV patches are also marked as candidates for backward migration to the stable kernel family to further help AMD security processors defend against such malicious VM users who request overload.

It is worth mentioning that some time ago, it was found that after enabling fTPM (a firmware-based trusted platform module), the Ruilong processor will cause intermittent stutter problems in Win10, Win11 and various Linux distributions. Currently, Linux kernel maintenance members have reverse migrated the fixes in Linux 6.3-rc2 to Linux 6.1.19 and Linux 6.2.6 to fix this problem.

However, this patch only disables the hardware random number generator on versions of fTPM that are known to have the error, and has not completely cured the stutter problem, so CTOnews.com recommends that you update it to the latest version as soon as possible.

Related readings:

"Linux 6.1 Compact 6.2 New Patch released: alleviates intermittent stutters after the AMD Apron processor is enabled with fTPM"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report