Microsoft Adds AMD SEV-SNP & Intel TDX Guest Support To Hyper-V With Linux 6.6

Written by Michael Larabel in Virtualization on 4 September 2023 at 05:14 PM EDT. Add A Comment
VIRTUALIZATION
Microsoft continues improving the Hyper-V support within the Linux kernel for benefiting Linux guest VMs running within this hypervisor on Windows. With Linux 6.6 the Hyper-V code adds support for SEV-SNP secure guests on the AMD EPYC side while over on the Intel Xeon Scalable Sapphire Rapids side is initial support for Trust Domain Extensions (TDX) protected guests.

Merged today were the Microsoft-contributed Hyper-V enhancements to the Linux kernel. Most notable with these changes for Linux 6.6 is supporting the secure / confidential computing features found with the latest AMD and Intel server processors. EPYC 7003 and newer processors supporting Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) can now be utilized by Hyper-V VMs for better security.

For select Intel Sapphire Rapids processors supporting Trust Domain Extensions (TDX), that security feature also is in place now for providing hardware-isolated VMs. But for the Sapphire Rapids generation, the TDX feature is just found on processors within the major public cloud service providers like Azure. Presumably for Emerald Rapids or Granite Rapids the TDX functionality will become much more prevalent.

AMD EPYC and Intel Xeon Scalable CPUs


AMD and Intel engineers have already worked on the SEV-SNP and TDX support, respectively, for the upstream Linux kernel itself as well as for the likes of the Kernel-based Virtual Machine (KVM). This work for Linux 6.6 by Microsoft is just about the Hyper-V guest VM support now being enabled.

The list of Hyper-V feature changes for Linux 6.6 can be found via this Git merge.
Add A Comment
Related News
Linux Developers Consider Ending 32-bit KVM Host Virtualization Support`
QEMU 9.2 Released With VirtIO GPU Vulkan Support, AVX10 & Experimental Rust Support
Rust Hypervisor Firmware v0.5 Supports For More CPUs & Improves EFI Support
Linux 6.13 KVM Eliminates An "Awful Idea", Many x86_64 Improvements
Virtual CPUFreq Driver Coming With Linux 6.13 For Better Power/Performance Within VMs
IBM Power11 CPUs Launching In 2025 - Linux 6.13 Preps KVM Nested Guests For Power11
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
KDE Starts December By Landing A Number Of New Features
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries