Rendered at 21:46:24 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
Havoc 42 minutes ago [-]
I'm a little puzzled by the uproar given that all the oneline chatter seems to suggest nobody is using this. If this was AVX512 or something I could understand the give it back reaction...
jdsully 5 minutes ago [-]
[delayed]
stefanfisk 32 minutes ago [-]
Judging by the Reddit threads I saw, A LOT of people were upset even though it was clear that they had not idea what the feature actually provided beyond “encryption”. I’d guess that the majority assumed that the change would result in them basically having to “encryption” in affected AMD devices any more in some vague general sense.
Havoc 26 minutes ago [-]
Exactly. Thus far I've seen 1 person use it...and they seemed to believe it provides rowhammer benefit...so somewhat tangential
dijit 1 hours ago [-]
People don’t like things being taken away, even if I don’t think many people are actually using this feature.
I don’t even think its exposed in most BIOS’s
dist-epoch 7 minutes ago [-]
And it does reduce memory speed by about 0.5-1%.
Modified3019 55 minutes ago [-]
They’ve been doing a bunch of stuff in agesa updates regarding memory stability lately, and also recently broke and fixed setting manual speed on DDR5 memory with ECC enabled (basically any setting higher or lower than 5200mhz or something was ignored).
I wonder if this was also something they just accidentally broke, or if it was an incompetent attempt at larger segmentation.
close04 42 minutes ago [-]
> I wonder if this was also something they just accidentally broke
Their statement suggests it was a calculated decision, reversed after public backlash. I greatly appreciate they listened to user feedback, but they shouldn't have done it secretly to begin with.
> Based on valuable community feedback, we will reinstate this option in an upcoming BIOS release in July.
jolmg 50 minutes ago [-]
Thought there were cases where other devices could have direct access to RAM (e.g. DMA, PCIe controllers outside the CPU, etc.). Wonder how that works in conjunction.
wmf 39 minutes ago [-]
The encryption/decryption is done in the memory controller so it doesn't matter where the access is coming from.
porridgeraisin 20 minutes ago [-]
There are many ways it can work depending on the cpu:
1. No dma, instead you use bounce buffers and the cpu manually encrypts and decrypts on behalf of the pcie
2. The IOMMU sets certain pages as unencrypted and ensures the pcie only accesses those pages and that part of ram alone is now not encrypted.
3. Newer pcie devices use the TDISP(handshake) and IDE(aes gcm hardware module related stuff) protocols to do encrypted communication with the CPUs PCIe root hub, where this functionality is called TIO i.e trusted io on amd and TX connect on intel. As far as nvidia GPUs go which is where I have used this, H100 onwards have the feature. Only server xeons and turins etc support this feature on the cpu side. I think some server SSDs do too. Here you get full encryption full DMA at full bandwidth.
roboror 2 hours ago [-]
Full title: AMD will reinstate memory encryption on Ryzen 9000 CPUs through a BIOS update in July — TSME is coming back after 'valuable community feedback'
helterskelter 53 minutes ago [-]
Good. Intel's equivalent processors have this feature and BS market segmentation is the kind of thing that AMD was historically against. Even if something wasn't officially supported, they didn't go out of their way to prevent its use.
varispeed 31 minutes ago [-]
I wish they could enable use of non-ECC ram on Threadrippers.
I don’t even think its exposed in most BIOS’s
I wonder if this was also something they just accidentally broke, or if it was an incompetent attempt at larger segmentation.
Their statement suggests it was a calculated decision, reversed after public backlash. I greatly appreciate they listened to user feedback, but they shouldn't have done it secretly to begin with.
> Based on valuable community feedback, we will reinstate this option in an upcoming BIOS release in July.
1. No dma, instead you use bounce buffers and the cpu manually encrypts and decrypts on behalf of the pcie
2. The IOMMU sets certain pages as unencrypted and ensures the pcie only accesses those pages and that part of ram alone is now not encrypted.
3. Newer pcie devices use the TDISP(handshake) and IDE(aes gcm hardware module related stuff) protocols to do encrypted communication with the CPUs PCIe root hub, where this functionality is called TIO i.e trusted io on amd and TX connect on intel. As far as nvidia GPUs go which is where I have used this, H100 onwards have the feature. Only server xeons and turins etc support this feature on the cpu side. I think some server SSDs do too. Here you get full encryption full DMA at full bandwidth.