AMD removes memory encryption from consumer Ryzen chips

AMD has removed Transparent Secure Memory Encryption, or TSME, from consumer-focused Ryzen processors after years of including the feature across its chip lineup. TSME encrypts system memory content to help guard against physical attacks that could expose unencrypted RAM data. AMD previously shipped the capability across standard Ryzen, Ryzen Pro, Threadripper and EPYC products.

The change surfaced after testing a Ryzen 7 9700X CPU using ‘Zen 5’ IP showed no TSME support on consumer hardware. AMD told security professionals that “TSME is a security feature only applied to PRO CPUs as part of AMD PRO Technologies.” On Linux systems, the missing support can be detected through firmware security checks that show the encrypted RAM flag is absent, even when TSME had been enabled in BIOS.

The removal appears to begin with the AGESA 1.2.7.0 build and continue in later AGESA versions. It remains unclear whether firmware is disabling the feature or whether newer consumer CPUs will ship with TSME disabled at the silicon level.