KVM With Linux 5.13 Has AMD SEV Improvements, Intel SGX For Guests

Written by Michael Larabel in Virtualization on 30 April 2021 at 06:22 AM EDT. 1 Comment
VIRTUALIZATION
Along with this week's release of QEMU 6.0, exciting on the Linux virtualization front are the KVM changes that are ready to go with the 5.13 kernel.

Linux 5.13 is bringing a number of KVM improvements especially as it pertains to Intel/AMD processor features.

The AMD code in particular has seen some shiny new feature work. The changes for Linux 5.13 do include a new KVM API for supporting AMD Secure Encrypted Virtualization (SEV) live migration of guests. However, the guest API didn't get completed in time for the Linux 5.13 cycle. Also on the AMD SEV front there is now support for AMD SEV virtual machines to share the same encryption context if desired, such as if having multiple VMs spawned by the same user. The AMD code path now supports virtual SPEC_CTRL handling so that the hypervisor doesn't need to intervene for speculation control (SPEC_CTRL_MSR) handling. The AMD code also has improved SYSENTER emulation for the 5.13 kernel.

Meanwhile on the Intel front for Linux 5.13 there is the support for Software Guard Extensions (SGX) within virtual machines.

The Kernel-based Virtual Machine (KVM) for Linux 5.13 on the x86 front also has optimizations to its nested SVM code and optimizations to the new MMU code.

For KVM on ARM there is now guest SVE support when running in nVHE mode as well as performance improvements within the S2 fault handler.

More details on the KVM changes for Linux 5.13 via this PR.
1 Comment
Related News
CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions
More Efficient VirtIO DRM Driver To Import Scanout Buffers From Other Devices
KVM Virtualization With Linux 6.9 Brings More Optimizations For Intel & AMD
LXD 5.21 LTS Released With UI By Default, AMD SEV Memory Encryption For VMs
VirtualBox KVM Backend Adds Support For SR-IOV Graphics
PVM Virtualization Framework Proposed For Linux - Built Atop The KVM Hypervisor
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
KDE's KWin Merges Wayland Explicit Sync Support
Open-Source Radeon Driver Enables Support For Vulkan Video H.264/H.265 Encode
Ubuntu 24.04 Beta Now Available For Testing