OpenHCL is a new open-source paravisor developed by Microsoft, designed to enhance the security of virtual machines (VMs) in the cloud without requiring continual OS updates. It supports both x86-64 and ARM64 platforms and Intel TDX and AMD SEV-SNP confidential computing platforms. OpenHCL offers device emulation, device translation, and diagnostics support, allowing guests to run securely without modifications. Used extensively in Azure, OpenHCL is poised to provide significant advances in virtualization and confidential computing technology.
Table of contents
IntroOpenHCL capabilitiesOpenHCL architectureThe two approaches to running confidential VMsWhy is Windows not fully enlightened to run as a confidential guest? I.e., why does Windows rely on a paravisor?OpenHCL and COCONUT-SVSMOpen for collaborationSort: