SEV-SNP Host Setup

Host configurations for AMD SEV-SNP machines

Platform Setup

The host BIOS and kernel must be capable of supporting AMD SEV-SNP and the host must be configured accordingly.

The latest SEV Firmware version is available on AMD’s SEV Developer Webpage. It can also be updated via a platform OEM BIOS update.

The host kernel must be equal to or later than upstream version 6.11.

To build just the upstream compatible host kernel, use the Confidential Containers fork of AMDESE AMDSEV. Individual components can be built by running the following command:

./build.sh kernel host --install

Additionally, sev-utils can be used to install the required host kernel, but it will unnecessarily build AMD compatible guest kernel, OVMF, and QEMU components as these packages are already packaged with Kata. The additional components can be used with the script utility to test launch and attest a base QEMU SNP guest.

Last modified February 3, 2025: Updating SNP docs to use new instructions/tags for upstream components (e79cf39)

SEV-SNP Host Setup

Categories:

Tags:

Platform Setup