1 of 1 people found this helpful
I moved your question to AMD Server Gurus so we can help you.
Secure Memory Encryption (SME) requires Linux mainline kernel version 4.14 or that it is enabled directly in your BIOS. If you are using BIOS encryption, SME will be invisible to the OS. I would also recommend that you contact your OS vendor and ask them for a timeline of when their SME support is enabled.
3 of 3 people found this helpful
I have SME and SVE enabled in BIOS and ofc an kernel with SME support and booted with SME enabled will show you that.
$ sudo journalctl -b | grep -i '(SME)'
Apr 04 18:29:41 localhost kernel: AMD Secure Memory Encryption (SME) active
Like jesse pointed out you need an kernel >= 4.14.x.
First check whatever your Distribution enabled that support:
zgrep CONFIG_AMD_MEM_ENCRYPT /proc/config.gz
CONFIG_AMD_MEM_ENCRYPT=y <-- support enabled
# CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT is not set <-- most will look like this so no worrie
If your kernel supports that next step is to enable it. For that simple append to your bootloader:
Once booted you can just run " dmesg | grep -i '(SME)' " to see it is enabled or not.