Microsoft Begins Landing Hyper-V Isolation VM Support In Linux 5.16
Microsoft has submitted their set of Hyper-V hypervisor updates today for the Linux 5.16 merge window. This time around it's noteworthy with the initial enablement work around Hyper-V "Isolation VM" support.
Microsoft's Hyper-V supports the notion of "Isolation VMs" that are virtual machines backed by either Virtualization-Based Security (VBS) or using AMD SEV-SNP encrypted virtualization for better isolation of virtual machines.
Hyper-V Isolation VMs have their memory encrypted where the host cannot access the guest memory directly unless marked appropriate by the guest.
Microsoft has been working on their Hyper-V Isolation VM support for Linux going back a while and these initial enablement patches have gone through several rounds of review. For those interested in the SEV-SNP hardware encrypted path instead of the VBS route, AMD continues working to mainline their SEV-SNP support in the Linux kernel but not yet over the finish line. The complete SEV-SNP patch-set though is available externally should you want to build your own patched kernel for use with EPYC 7003 series processors.
More details on Hyper-V Isolation VMs are available via docs.microsoft.com.
The initial Hyper-V Isolation VM support was the main feature addition of this pull request that has now landed in Linux 5.16.