Unaccepted Memory Merged For Linux 6.5, Helping AMD SEV-SNP + Intel TDX

Written by Michael Larabel in Virtualization on 7 July 2023 at 06:33 AM EDT. 1 Comment
VIRTUALIZATION
As was anticipated, UEFI Unaccepted Memory support was successfully merged for Linux 6.5 to support this standard that's important with the likes of Intel Trusted Domain Extensions (TDX) and AMD Secure Encrypted Virtualization Secure Nested Page (SEV-SNP) backed virtual machines.

UEFI unaccepted memory support allows for virtual machines to not "accept" the memory until it's actually needed. Up to this point with AMD and Intel secure VMs, all memory had to be accepted immediately at boot time. Needing to deal with all of the memory allocated at boot time can delay the boot process while now supporting UEFI Unaccepted Memory can lead to much faster TDX VM boot times as a result. Intel previously reported that with unaccepted memory support for Sapphire Rapids with Intel TDX, booting to a shell is around 2.5x faster for a 4G TDX VM but can be around 4x faster with 64G of memory available to the VM. Not accepting memory until it's going to actually be used by the virtual machine is also helpful in preventing various attacks on VMs like memory replay.

This code merged for Linux 6.5 allows for the on-demand acceptance of memory in VMs as needed and is wired up both for AMD SEV and Intel TDX. This Linux kernel work on unaccepted memory handling has been in the works the past two years, so it's great to see the code finally over the finish line and mainlined.

EPYC CPU + DDR5


Linus Torvalds picked up the UEFI Unaccepted Memory support via the x86/cc pull of the confidential computing updates for the Linux 6.5 merge window.
1 Comment
Related News
Linux Developers Consider Ending 32-bit KVM Host Virtualization Support`
QEMU 9.2 Released With VirtIO GPU Vulkan Support, AVX10 & Experimental Rust Support
Rust Hypervisor Firmware v0.5 Supports For More CPUs & Improves EFI Support
Linux 6.13 KVM Eliminates An "Awful Idea", Many x86_64 Improvements
Virtual CPUFreq Driver Coming With Linux 6.13 For Better Power/Performance Within VMs
IBM Power11 CPUs Launching In 2025 - Linux 6.13 Preps KVM Nested Guests For Power11
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features