Linux 6.4 Can Run As A Confidential AMD SEV-SNP vTOM Guest On Microsoft Hyper-V

Written by Michael Larabel in Microsoft on 25 April 2023 at 06:46 AM EDT. 1 Comment
For those making use of Microsoft Hyper-V virtualization there are some notable additions to find with the in-development Linux 6.4 kernel.

First up, with the AMD Secure Encrypted Virtualization (SEV) changes for Linux 6.4 there is the necessary bits in place so that the mainline kernel can run as a confidential SEV-SNP-backed vTOM guest on Microsoft Hyper-V. The vTOM guest splits the address space into encrypted and un-encrypted portions and allows for unmodified guests on the Hyper-V confidential computing hypervisor. AMD vTOM in this context stands for virtual Top Of Memory.


The x86/sev pull is what provides that Linux 6.4 support for running as a confidential Microsoft Hyper-V VM with SEV-SNP vTOM. The AMD SEV changes for this kernel also include double buffering messages between the guest and the hardware PSP to better ensure message integrity and avoiding possible leak attacks.

Separately there is the Hyper-V updates submitted already as well for the Linux 6.4 kernel merge window. The Microsoft Hyper-V changes here include PCI pass-through support for Hyper-V confidential VMs, Hyper-V VTL mode support, and other improvements/fixes. The Hyper-V VTL mode support is for Microsoft's Virtual Trust Level to further enhance security with their virtualization stack.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week