Closed Mengyuan-L closed 1 year ago
I don't believe the AES-NI instructions are interceptable instructions, so I believe it is secure for SEV-ES and SEV-SNP since register state is protected. SEV doesn't protect register state, so data held in those registers would be visible to the hypervisor.
Thanks!
Hi, I am curious if it is secure to run AES-NI instruction inside a SEV/SEV-ES/SEV-SNP VM? Will the hardware intercept such instruction or are those instructions emulated by the hypervisor? Thanks for any information here.