AMD SEV-ES allows for protecting the guest register state from the hypervisor. CPU register state is encrypted that cannot be accessed or modified by the system hypervisor. The intent of SEV-ES is to help fend off control-flow attacks by modifying the VM state, unauthorized reading of the virtual machine state, and other similar attacks. SEV-ES does allow for selectively sharing certain information to the hypervisor about certain switches where needed.
Extend memfd_create() system call with the ability to create memory areas
visible only in the context of the owning process and not mapped not only
to other processes but in the kernel page tables as well.
The user will create a file descriptor using the memfd_create system call.
The user than has to use ioctl() to define the desired protection mode for
the memory associated with that file descriptor and only when the mode is
set it is possible to mmap() the memory. For instance, the following
exapmple will create an uncached mapping (error handling is omitted):
The memfd subsystem wasn’t designed for address-space isolation; indeed, its initial purpose was as a sort of interprocess communication mechanism. It does, however, provide a way to create a memory region attached to a file descriptor with specific characteristics; a memfd can be “sealed”, for example, so that a recipient knows that it will not be changed. Rapoport decided that it would be a good foundation on which to build a “secret memory” feature.