AMD's Secure Memory Encryption (SME) feature has been found to be causing issues to certain Linux systems and as such, the feature will be disabled by default from now on. The issue was discovered on October 5 by Linux engineer Paul Menzel.
The SME feature is apparently causing boot failures on certain AMD Raven Ridge systems The issue was detected on a Ryzen 3 2200G system which was paired up with an MSI B350M MORTAR motherboard. In other Ryzen PCs, with SME enabled, black screen problems - something AMD is closely familiar with - have also been reported. Hence, the problem might be present on other Zen-based processor families too.
Selecting the symbol `AMD_MEM_ENCRYPT` – as done in Debian 5.13.9-1~exp1 [1] – also selects `AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT`, as it defaults to yes, causing boot failures on AMD Raven systems. [...] It even causes black screens on other systems as reported to the Debian bug tracking system
Do not enable AMD memory encryption in Kconfig by default due to shortcomings of some platforms, leading to boot failures.
For those wondering what SME or Secure Memory Encryption is, the feature allows encryption of system DRAM so as to protect sensitive data inside it from hacking efforts or attacks.
Source: LKML via Freedesktop
50 Comments - Add comment