Microsoft Increasing Linux Security On Hyper-V With VTL/VSM Support

Written by Michael Larabel in Microsoft on 1 March 2023 at 07:07 AM EST. 2 Comments
MICROSOFT
Microsoft engineers continue to work heavily on enhancing the Linux support for Hyper-V considering that in the Azure public cloud at last report was more than 50% of their VMs running Linux. Microsoft has continued implementing more Hyper-V features within the Linux kernel and their latest is working on Virtual Trust Level (VTL) integration as part of Virtual Secure Mode (VSM) handling.

Sent out today on the Linux kernel mailing list was the Hyper-V patches working on this Virtual Trust Level (VTL) support as part of the Virtual Secure Mode enablement. Microsoft Linux engineer Saurabh Sengar summed up this work as:
"This patch series introduces support for Virtual Trust Level (VTL) in Hyper-V systems. It provide a foundation for the implementation of Hyper-V VSM support in the Linux kernel, providing a secure platform for the development and deployment of applications.

Virtual Secure Mode (VSM) is a critical aspect of the security infrastructure in Hyper-V systems. It provides a set of hypervisor capabilities and enlightenments that enable the creation and management of new security boundaries within operating system software. The VSM achieves and maintains isolation through Virtual Trust Levels, which are hierarchical, with higher levels being more privileged than lower levels."

The initial Linux kernel patch gets VTL support in place for x86-based platforms, VTL early boot-up handling, and other changes for initially supporting the VTL 2 level. More details on the VTL functionality via the Microsoft documentation.

Virtual Secure Mode documentation


The Microsoft Hyper-V VTL patches for the Linux kernel can be reviewed on the LKML.
2 Comments
Related News
Linux Patch Updated For Rumble Support On Latest Microsoft Xbox Controllers
Microsoft's CBL-Mariner Linux Shows Increasing HPC Interest
Microsoft's CBL-Mariner Adds More Desktop Code, Enables WireGuard & Boots systemd-oomd
Microsoft Officially Launches D3D12 GPU Video Acceleration For WSL Linux Use
Microsoft ONNX Runtime 1.14 Released With A Big Intel AMX Performance Optimization
Microsoft CBL-Mariner 2.0 Update Adds New PipeWire, Other Changes
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
ipmitool Repository Archived, Developer Suspended By GitHub
Linux Kernel Networking Driver Development Impacted By Russian Sanctions
Still Have A Use For Adobe Flash? Ruffle Is Working To Safely Emulate It In Rust
Linux 6.4 To Remove Old Workaround For Running On Very Outdated Distributions
Intel Thunder Bay Is Officially Canceled, Linux Driver Code To Be Removed
Linux 6.4 Looking To Drop The SLOB Memory Allocator
Linux 6.4 AMD Graphics Driver Picking Up New Power Features For The Steam Deck
Fedora 38 Beta Released With Many Exciting Updates