Linux 5.15 disables AMD SME feature by default due to boot issues – Computer – News

Linux kernel 5.15 disables Secure Memory Encryption for some AMD CPUs by default. The feature is pre-enabled by default on supported CPUs, but it may cause boot issues on Linux systems.

According to Phoronix SME is enabled by default since feature support was added to the Linux kernel. However, Linux users have noticed bugs, with the feature causing boot issues in some cases. This may happen, for example, due to interaction problems between SMEs and I/O memory management unit. Also, SME can lead to problems with some GPU drivers, which sometimes have problems if the PC memory is encrypted.

Linux users have reported the possibility of problems with AMD Raven Ridge APUs like the Ryzen 3 2200G, for example. However, boot issues can also occur with other processors. Users who still want to use SME on Linux systems with kernel version 5.15 can enable the feature manually by mem_encrypt=on Type in the command line.

from Secure Memory Extended Encryption Allow supported CPUs to encrypt system memory. On AMD’s EPYC server processors and Ryzen Pro and Threadripper Pro CPUs, the feature is also known as Memory Guard.