Microsoft Adds AMD SEV-SNP & Intel TDX Guest Support To Hyper-V With Linux 6.6

Written by Michael Larabel in Virtualization on 4 September 2023 at 05:14 PM EDT. Add A Comment
VIRTUALIZATION
Microsoft continues improving the Hyper-V support within the Linux kernel for benefiting Linux guest VMs running within this hypervisor on Windows. With Linux 6.6 the Hyper-V code adds support for SEV-SNP secure guests on the AMD EPYC side while over on the Intel Xeon Scalable Sapphire Rapids side is initial support for Trust Domain Extensions (TDX) protected guests.

Merged today were the Microsoft-contributed Hyper-V enhancements to the Linux kernel. Most notable with these changes for Linux 6.6 is supporting the secure / confidential computing features found with the latest AMD and Intel server processors. EPYC 7003 and newer processors supporting Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) can now be utilized by Hyper-V VMs for better security.

For select Intel Sapphire Rapids processors supporting Trust Domain Extensions (TDX), that security feature also is in place now for providing hardware-isolated VMs. But for the Sapphire Rapids generation, the TDX feature is just found on processors within the major public cloud service providers like Azure. Presumably for Emerald Rapids or Granite Rapids the TDX functionality will become much more prevalent.

AMD EPYC and Intel Xeon Scalable CPUs


AMD and Intel engineers have already worked on the SEV-SNP and TDX support, respectively, for the upstream Linux kernel itself as well as for the likes of the Kernel-based Virtual Machine (KVM). This work for Linux 6.6 by Microsoft is just about the Hyper-V guest VM support now being enabled.

The list of Hyper-V feature changes for Linux 6.6 can be found via this Git merge.
Add A Comment
Related News
Cloud Hypervisor 39 Adds NVIDIA GPUDirect P2P Support
QEMU 9.0 Released WIth True Multi-Queue Support For VirtIO Block Driver
CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions
More Efficient VirtIO DRM Driver To Import Scanout Buffers From Other Devices
KVM Virtualization With Linux 6.9 Brings More Optimizations For Intel & AMD
LXD 5.21 LTS Released With UI By Default, AMD SEV Memory Encryption For VMs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Ubuntu 24.04 LTS Downloads Now Available
GNOME Working To Make Key Rack A Viable Password Manager, Better Printing For Flatpaks