FERRAMENTAS LINUX: Cloud Hypervisor 46 Drops Intel SGX Support: Google Steps In to Rescue TDX

sábado, 24 de maio de 2025

Cloud Hypervisor 46 Drops Intel SGX Support: Google Steps In to Rescue TDX

 



Cloud Hypervisor 46 deprecates Intel SGX support as Google engineers step in to maintain TDX. Explore the latest updates, security implications, and future of Rust-based virtualization for high-CPM cloud computing audiences.

Key Changes in Cloud Hypervisor 46

The latest Cloud Hypervisor 46 release marks a significant shift in virtualization security, deprecating Intel Software Guard Extensions (SGX)—despite its presence in modern Xeon processors. Additionally, Intel Trust Domain Extensions (TDX) faces an uncertain future, prompting Google engineers to take over its maintenance.

Why Is Intel SGX Being Removed?

Originally developed by Intel, Cloud Hypervisor was designed as a secure, Rust-based Virtual Machine Monitor (VMM) for cloud workloads. However, due to declining Intel contributions post-layoffs and lack of testing infrastructure, critical security features are now at risk:

  • SGX support deprecated (removal planned for v48)

  • TDX in jeopardy due to untested automation

  • No active maintainers for Intel-specific features

"We no longer have an SGX builder and never had TDX automation. Should we keep untested, bit-rotted code?" — Cloud Hypervisor Maintainers

Google Steps Up for TDX Maintenance

With Intel’s reduced involvement, Google engineers have expressed interest in maintaining TDX support, ensuring enterprise-grade security remains viable. This transition highlights:

  • Shifting leadership in open-source virtualization

  • Enterprise cloud security priorities evolving

  • High-performance computing (HPC) reliance on trusted execution

What’s New in Cloud Hypervisor 46?

Beyond SGX deprecation, this release introduces:

✔ File-locking support for disk images

✔ Improved VM resizing error reporting

 IPv6 address support via --net argument

✔ Experimental AArch64 compatibility with MSHV hypervisor

✔ Multiple bug fixes for stability

The Future of Cloud Virtualization Security

As Intel’s influence wanes, the open-source community is reshaping cloud security standards. Key takeaways:

  • SGX removal reflects declining enterprise adoption

  • Google’s involvement signals long-term TDX viability

  • Rust-based VMMs remain critical for secure cloud workloads

Download Cloud Hypervisor 46 on GitHub.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)