Linux 6.19: Kernel Gains Foundational PCIe Link Encryption for AMD SEV-TIO
Over the weekend, one of the most compelling updates in recent months landed in the Linux 6.19 branch: the kernel has gained foundational infrastructure for encrypting PCI Express links and authenticating connected devices. Several vendors are contributing to this effort simultaneously, and the first real consumer of the new code is AMD’s SEV-TIO secure I/O technology, which is now beginning its journey upstream.
The pull request for the PCI subsystem updates was submitted by Intel’s Dan Williams. He introduced a unified kernel framework for PCIe link encryption and device authentication — a foundation upon which implementations from different manufacturers can build. The first such implementation is already present: support for AMD SEV-TIO Trusted I/O. Additional solutions, including Intel TDX and ARM CCA, are expected in subsequent kernel releases, roughly between versions 6.20 and 7.0, once their dependencies are resolved.
PCIe link encryption relies on a constellation of technologies with evocative yet less-than-memorable abbreviations. At the center stands the IDE protocol (Integrity and Data Encryption), responsible for establishing keys in both the transmitter and the receiver at each end of the link. Control traffic for IDE is exchanged through DOE mailboxes (Data Object Exchange) using PCI configuration requests. Behind the scenes, all of this is orchestrated by a security manager operating within a trusted execution environment — the TEE Security Manager (TSM). This may take the form of firmware running on a dedicated coprocessor, as with AMD SEV-TIO, or a specialized software component executing in a secure processor mode, as in Intel TDX or ARM CCA.
A crucial detail is that the link-encryption keys are not installed by the Linux driver, but by the TSM itself. This design ensures that a confidential virtual machine can directly query the manager — for example, asking whether a given device can be certified. Since the host system lies outside the VM’s trusted boundary, it must not be able to substitute the keys. The matter is further complicated by the fact that almost no architecture offers the OS a standard mechanism to configure keys in the PCIe root port. As a result, relying on TSM-installed link encryption is currently the only viable approach for cross-architecture support.
Acceptance of this pull request unlocks the next wave of development. The following stage will involve implementing a full end-to-end workflow for assigning confidential devices to virtual machines. In the PCIe specification, this integration is defined by a separate protocol: the TEE Device Interface Security Protocol (TDISP). For now, Linux gains a valuable link-encryption framework analogous in spirit to memory encryption: the kernel will be able to authenticate devices via certificates and protect traffic from attacks involving intermediary “sniffing” boards attempting to intercept unencrypted PCIe data.
This kernel change represents only the first phase of upstreaming AMD SEV-TIO. In this step alone, roughly four thousand lines of new code have been added, along with documentation for the new sysfs interface surrounding the TEE Security Manager. Full-fledged SEV-TIO support for protecting PCIe devices — network cards, accelerators, storage systems, and more — is already available on modern AMD EPYC 9005 Turin platforms and will continue to evolve with future Linux releases.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
