2025-09-05 –, Room 2
SEV firmware can be updated dynamically while SNP guests are running, which is desired by cloud providers to provide better service to their customers when performing security or functionality updates. This talk focuses on the changes needed within Linux/KVM to provide this support, including the ability to update or rollback firmware, and the effects on attestation reporting. Additionally, new versions of firmware can bring new feature support, and this talk will discuss how this is identified and how it can be taken advantage of.