Microsoft Increasing Linux Security On Hyper-V With VTL/VSM Support

Written by Michael Larabel in Microsoft on 1 March 2023 at 07:07 AM EST. 2 Comments
MICROSOFT
Microsoft engineers continue to work heavily on enhancing the Linux support for Hyper-V considering that in the Azure public cloud at last report was more than 50% of their VMs running Linux. Microsoft has continued implementing more Hyper-V features within the Linux kernel and their latest is working on Virtual Trust Level (VTL) integration as part of Virtual Secure Mode (VSM) handling.

Sent out today on the Linux kernel mailing list was the Hyper-V patches working on this Virtual Trust Level (VTL) support as part of the Virtual Secure Mode enablement. Microsoft Linux engineer Saurabh Sengar summed up this work as:
"This patch series introduces support for Virtual Trust Level (VTL) in Hyper-V systems. It provide a foundation for the implementation of Hyper-V VSM support in the Linux kernel, providing a secure platform for the development and deployment of applications.

Virtual Secure Mode (VSM) is a critical aspect of the security infrastructure in Hyper-V systems. It provides a set of hypervisor capabilities and enlightenments that enable the creation and management of new security boundaries within operating system software. The VSM achieves and maintains isolation through Virtual Trust Levels, which are hierarchical, with higher levels being more privileged than lower levels."

The initial Linux kernel patch gets VTL support in place for x86-based platforms, VTL early boot-up handling, and other changes for initially supporting the VTL 2 level. More details on the VTL functionality via the Microsoft documentation.

Virtual Secure Mode documentation


The Microsoft Hyper-V VTL patches for the Linux kernel can be reviewed on the LKML.
2 Comments
Related News
Microsoft's Azure Linux 3.0 Adds 64K Kernel Option, NFTables & Intel E800 Networking
Microsoft Continues "Demikernel" Development LibOS For Kernel-Bypass I/O
Microsoft Announces Open-Source Hyperlight For Embedded VMM Within Linux/Windows Apps
Microsoft Azure Linux 3.0 Update Pushes Additions For Intel, AMD & Arm
Linux Use On Microsoft Azure Crosses 60%, AlmaLinux Now An Endorsed Distro
Microsoft Open-Sources Rust-Written OpenHCL For Running Confidential Intel/AMD VMs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries