Unaccepted Memory Merged For Linux 6.5, Helping AMD SEV-SNP + Intel TDX

Written by Michael Larabel in Virtualization on 7 July 2023 at 06:33 AM EDT. 1 Comment
VIRTUALIZATION
As was anticipated, UEFI Unaccepted Memory support was successfully merged for Linux 6.5 to support this standard that's important with the likes of Intel Trusted Domain Extensions (TDX) and AMD Secure Encrypted Virtualization Secure Nested Page (SEV-SNP) backed virtual machines.

UEFI unaccepted memory support allows for virtual machines to not "accept" the memory until it's actually needed. Up to this point with AMD and Intel secure VMs, all memory had to be accepted immediately at boot time. Needing to deal with all of the memory allocated at boot time can delay the boot process while now supporting UEFI Unaccepted Memory can lead to much faster TDX VM boot times as a result. Intel previously reported that with unaccepted memory support for Sapphire Rapids with Intel TDX, booting to a shell is around 2.5x faster for a 4G TDX VM but can be around 4x faster with 64G of memory available to the VM. Not accepting memory until it's going to actually be used by the virtual machine is also helpful in preventing various attacks on VMs like memory replay.

This code merged for Linux 6.5 allows for the on-demand acceptance of memory in VMs as needed and is wired up both for AMD SEV and Intel TDX. This Linux kernel work on unaccepted memory handling has been in the works the past two years, so it's great to see the code finally over the finish line and mainlined.

EPYC CPU + DDR5


Linus Torvalds picked up the UEFI Unaccepted Memory support via the x86/cc pull of the confidential computing updates for the Linux 6.5 merge window.
1 Comment
Related News
Cloud Hypervisor 39 Adds NVIDIA GPUDirect P2P Support
QEMU 9.0 Released WIth True Multi-Queue Support For VirtIO Block Driver
CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions
More Efficient VirtIO DRM Driver To Import Scanout Buffers From Other Devices
KVM Virtualization With Linux 6.9 Brings More Optimizations For Intel & AMD
LXD 5.21 LTS Released With UI By Default, AMD SEV Memory Encryption For VMs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
GNOME Working To Make Key Rack A Viable Password Manager, Better Printing For Flatpaks
Ubuntu 24.04 LTS Downloads Now Available