Ahead of the upcoming Linux 6.18 kernel cycle, which will likely end up being this year’s Long Term Support (LTS) version, the AMD Secure AVIC driver appears ready for merging. The AMD Secure AVIC patches were queued this week into a TIP branch and this likely to be submitted for the upcoming Linux 6.18 merge window.
For over the past year now AMD engineers have been working on the Secure AVIC support for Linux as part of their Secure Encrypted Virtualization (SEV-SNP) offerings for confidential virtual machines. Secure AVIC (Advanced Virtual Interrupt Controller) allows for managing guest-owned APIC state for SEV-SNP VM guests with a private, guest-owned backing page on a per-vCPU basis.
Utilizing Secure AVIC can prevent the hypervisor from generating unexpected interrupts to a vCPU and better performance for APIC accesses. Better security and better performance is always a win in my book. There is this PDF slide deck from the Linux Plumbers Conference 2023 initially presenting AMD’s Secure AVIC work for Linux. It wasn’t until 2024 that the RFC patches began surfacing for formal review.
Now as we approach the end of 2025, AMD Secure AVIC appears ready for the mainline Linux kernel. Queued up within tip/tip.git’s “x86/apic” branch this week is the AMD Secure AVIC driver and associated kernel changes for AMD SEV and the like for enabling Secure AVIC. This Secure AVIC support in turn will work with KVM guests when running SEV-SNP VMs on the latest AMD EPYC processors.
With the patches making it into a TIP branch, they in turn should be submitted for the Linux 6.18 merge window come early October. Linux 6.18 stable will be out in December.
