Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

ijlal-loutfi
on 18 August 2025

AMD SEV-SNP host support available on Ubuntu 25.04

The release of  Ubuntu 25.04 enabled full AMD SEV-SNP (Secure Encrypted Virtualization- Secure Nested Paging) support on Ubuntu  virtualization hosts, complementing the guest support that’s been available since Ubuntu 22.04 LTS.

This makes Ubuntu the first production-grade Linux distribution to support AMD SEV-SNP from host to guest. No out-of-tree patches, no experimental builds: it all works out of the box.With this, you can now deploy confidential virtual machines (CVMs) on entirely Ubuntu-based stacks, in private clouds, or on bare metal nodes in public clouds.  In this blog, we will zoom into AMD SEV-SNP and how it helps you protect your workloads at the hardware level with confidential computing.

Making confidential computing real for private clouds

The modern enterprise environment has outgrown traditional trust assumptions. Your threat model can no longer ignore privileged code running beneath your VM: not the hypervisor, not the host kernel, not the host firmware, and certainly not the humans with access to it.

AMD SEV-SNP gives us the main building block to close this gap by lifting the trust boundary out of system software and relocating it to hardware. It creates a hardware-enforced boundary around each virtual machine, encrypting guest memory with per-VM keys inaccessible to host software, and enforcing memory integrity via a secure nested page table controlled by the AMD Secure Processor (PSP). This is not an incremental improvement. It’s a categorical transformation of what it means to trust a computing system. 

Ubuntu 25.04 brings AMD SEV SNP to your data center

Ubuntu 25.04 now meets all the technical requirements to act as a confidential computing host on AMD EPYC platforms (Milan and Genoa), including:

  • QEMU 9.2 with SEV-SNP launch and measurement support
  • Linux 6.14 kernel with SEV-SNP KVM and crypto modules

Guest support

Ubuntu has supported running as an AMD SEV-SNP guest since 22.04 LTS  in public clouds. Now, with host support in 25.04, you can run both sides of the boundary on Ubuntu. No extra tools, no mixed environments: just one OS, end to end.

Why confidential computing matters for the data center

It is easy to assume confidential computing is only for the public cloud, or for isolating workloads from cloud operators. However, the assumption that private data centers are secure by virtue of physical control is outdated, because physical control does not mean security: The vulnerabilities you face in private data centers are, in fact, the same as those you’d find in the public cloud. You just own them now. Insider threats, untrusted hypervisors, and vulnerabilities in the virtualization host kernel or VMM remain viable attack vectors. The host privileged software stack is simply too large and too complex to be reliably free of vulnerabilities or backdoors.

With host support now in Ubuntu 25.04, you can bring the security model of AMD SEV SNP to your KVM-based private clouds, without having to switch distributions, recompile toolchains, or sacrifice maintainability.

This technology unlocks a range of compelling use cases , from the secure processing of regulated or sensitive data, to enabling independent software vendors to build confidential SaaS offerings on bare-metal infrastructure. Enterprises can also lift and shift confidential workloads seamlessly between public and private clouds.

A particularly popular use case we’ve observed for confidential virtual machines is in the deployment of large language models, where CVMs power confidential inferencing services. These services protect not only the proprietary weights of the AI model but also the privacy of user prompts.

Looking ahead

With Ubuntu 25.04, confidential computing becomes a deployable reality for AMD platforms.  And you can do it all on the same Ubuntu that already powers your workloads: one OS, one security model, everywhere.

And this is just the beginning. Host-side AMD SEV-SNP support in Ubuntu 25.04 will carry forward to Ubuntu 26.04 LTS, ensuring long term support for production deployments, as well as Ubuntu Pro entitlements including FIPS-compliant kernels, Livepatch, and much more.

Canonical remains committed to working closely with its silicon partners and the open source ecosystem, in order to lead the way in confidential computing and shipping features that are highly secure and intuitive to use

Additional resources

Contact us to learn more

Learn more about Ubuntu’s security in depth

Why you need confidential computing in your data center

Why you need to protect your confidential VM from itself

Related posts

Aaron Prisk
18 August 2025

A journey of a thousand smiles: Questing Quokka

Desktop Article

Embarking on a quest can be serious business – whether you’re going off on a family holiday or traveling the hills of Britain in search of the holy grail, our focus is very much affixed to the finish line. Every year, nearly 1 million people from across the globe pack their bags and trek thousands ...

Canonical
14 August 2025

Canonical launches general availability of Ubuntu for Qualcomm Dragonwing Platforms

Canonical announcements Ubuntu

This release brings certified Ubuntu to Qualcomm Dragonwing QCS6490 and QCS5430 processors, accelerating time to market for ODMs/OEMs ...

Stephanie Domas
11 August 2025

A CISO’s guide to Application Security best practices 

Hardening Article

Effective AppSec is not a one-time fix but a continuous journey across every facet of your application’s lifecycle. By embracing a Secure Software Development Lifecycle (SSDLC) from the outset, diligently uncovering potential risks, and mastering your cybersecurity fundamentals, you lay a robust foundation for resilient applications. ...