tlendacky
commented
1 year ago I don't believe the AES-NI instructions are interceptable instructions, so I believe it is secure for SEV-ES and SEV-SNP since register state is protected. SEV doesn't protect register state, so data held in those registers would be visible to the hypervisor.
Mengyuan-L
Hi, I am curious if it is secure to run AES-NI instruction inside a SEV/SEV-ES/SEV-SNP VM? Will the hardware intercept such instruction or are those instructions emulated by the hypervisor? Thanks for any information here.