Microsoft Sends Out Patches For Hyper-V "Isolation VMs" With Linux

Following the root partition work, the latest major Microsoft virtualization patch series working towards mainline now is support for "Isolation VMs" with Hyper-V on Linux. Hyper-V Isolation VMs are Virtualization-based Security or AMD SEV-SNP (Secure Encrypted Virtualization, Secure Nested Paging) approaches whereby the guest virtual machine memory is encrypted.
Specialized Hyper-V code within the Linux driver is needed for being able to handle these isolated (encrypted) VMs and being able to share memory to/from the host. There are various special use-cases taken into consideration with the encrypted memory handling for optimal security benefit.
At the moment there are 12 patches from Microsoft engineers under a "request for comments" banner on implementing this Hyper-V support for Isolation VMs -- both with VBS and AMD SEV-SNP. It's obviously too late for seeing in the 5.12 kernel but we'll see when this latest Hyper-V driver initiative is buttoned up and ready for mainline.
Add A Comment