Red Hat Developing "F-UKI" As Their Newest Open-Source Project

Written by Michael Larabel in Red Hat on 5 February 2025 at 08:55 AM EST. 20 Comments
RED HAT
Red Hat engineer Anirban Sinha presented at FOSDEM 2025 last weekend in Brussels on F-UKI, a new project being worked on at Red Hat as part of the confidential computing push for loading guest firmware within a Unified Kernel Image (UKI) for confidential VMs.

Red Hat's F-UKI is aiming to be the way to load firmware for confidential VMs with the likes of AMD SEV-SNP and Intel TDX. Due to firmware images needing to be measured as part pf the measured boot processes for security and guests wanting predictable behavior/expectations by supplying their own firmware for VMs, F-UKI aims to be the ideal solution for the industry by pairing the firmware update handling with unified kernel images.

Red Hat F-UKI


UKIs can already be signed and measured and all-around the design of UKIs make for a pleasant experience for tacking on firmware updates to. Again, this is only about the context of confidential VMs and not about changing the bare metal firmware update handling or similar. So far changes have been merged to QEMU and systemd for F-UKI but other work remains ongoing.

Red Hat FUKI


Those wanting to learn more about Red Hat's F-UKI project can see this FOSDEM presentation page for all the assets on the F-UKI talk.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week