Microsoft Sends Out Patches For Hyper-V "Isolation VMs" With Linux

With the forthcoming Linux 5.12 kernel there is a big Redmond victory with Linux being able to boot as the root partition on Microsoft's hypervisor while moving forward the company still has more in store for the ongoing years long effort of Linux on Hyper-V.

Following the root partition work, the latest major Microsoft virtualization patch series working towards mainline now is support for "Isolation VMs" with Hyper-V on Linux. Hyper-V Isolation VMs are Virtualization-based Security or AMD SEV-SNP (Secure Encrypted Virtualization, Secure Nested Paging) approaches whereby the guest virtual machine memory is encrypted.

Specialized Hyper-V code within the Linux driver is needed for being able to handle these isolated (encrypted) VMs and being able to share memory to/from the host. There are various special use-cases taken into consideration with the encrypted memory handling for optimal security benefit.

At the moment there are 12 patches from Microsoft engineers under a "request for comments" banner on implementing this Hyper-V support for Isolation VMs -- both with VBS and AMD SEV-SNP. It's obviously too late for seeing in the 5.12 kernel but we'll see when this latest Hyper-V driver initiative is buttoned up and ready for mainline.