Has AMD Disabled a Security Feature on Ryzen? A Change Discovered by Chance

As reported on Ars Technica, a debate is fueling the Linux community and among hardware security experts: the probable removal of support for Transparent Secure Memory Encryption (TSME) from the latest consumer Ryzen processors.

TSME is a technology introduced by AMD about ten years ago to counter physical memory attacks, such as the so-called cold boot attacks. The feature allows for the automatic encryption of the entire content of RAM through firmware, making any data that might be recovered from memory modules physically removed from the system or intercepted during operation unusable.

Although AMD has historically associated memory protection technologies with professional products, over the years many users have verified the presence and correct operation of TSME on various consumer Ryzen CPUs. For this reason, the discovery made by Ben Kilpatrick, a Linux enthusiast focused on privacy issues, during the installation of a new operating system on a platform equipped with a Ryzen 7 9700X based on Zen 5 architecture, was surprising.

Through Host Security ID (HSI), an auditing tool that verifies the state of the hardware and firmware protections of the system, Kilpatrick found that the entry related to memory encryption was suddenly unsupported, despite the TSME option still being enabled in the BIOS. The same tool also indicated that in the past the functionality had been regularly enabled on the same platform.

The report initiated an investigation lasting several weeks that also involved the motherboard manufacturer, MSI. Tests performed by the company's engineers highlighted behavior closely tied to the version of the AGESA firmware package, provided by AMD to partners for hardware initialization during the boot process.

According to findings, consumer Ryzen CPUs continued to support TSME using older versions of AGESA, while with AGESA 1.2.7.0 the functionality appears to be unavailable. The situation is different for Ryzen PRO models, which maintain support regardless of the firmware version used.

During the checks, memory dumps from the AMD Boot Loader (ABL), responsible for hardware initialization before loading the operating system, were also analyzed. The analyses showed that the internal parameter "DfIsTsmeEnabled", used by AGESA to determine the function's activation, is set to FALSE in consumer processors and TRUE in PRO and EPYC models when TSME is enabled from the BIOS.

Kilpatrick then opened a public report on AMD's GitHub repository dedicated to software development. Some company engineers participated in the discussion, initially suggesting BIOS-side checks and comparisons with motherboard manufacturers. However, once the results of the tests conducted by MSI were presented, AMD did not provide further technical details on the causes of the observed behavior.

When directly questioned about the issue, the company stated that TSME is a security feature intended exclusively for AMD PRO technologies. This marks the first public stance explicitly delineating the technology's support to professional processors, without clarifying why the function had remained operational for years on numerous consumer models.

It should also be noted that TSME differs from SME (Secure Memory Encryption), another AMD technology historically associated with PRO and EPYC ranges. SME allows the operating system to selectively encrypt specific areas of memory, while TSME operates at the firmware level and automatically protects the entire RAM without requiring software intervention. This feature makes it particularly effective against various categories of physical attacks.

Currently, AMD has not released official explanations for the changes introduced in recent firmware versions. The question remains open whether the disappearance of TSME support on consumer Ryzen is the result of a deliberate choice or an undocumented technical modification. In the absence of further clarifications, the statement limiting the operational scope to the PRO range leans towards a classic business decision.