OpenHCL: The new, open source paravisor
OpenHCL is an open-source paravisor by Microsoft that enhances virtualization in confidential computing, supporting x86-64 and ARM64 platforms, and facilitating secure VM operation without frequent OS updates.
Read original article
OpenHCL is a new open-source paravisor developed by Microsoft, designed to enhance virtualization technology within confidential computing environments. Unlike traditional hypervisors, OpenHCL operates within the confidential trust boundary, allowing existing virtual machines (VMs) to run securely without the need for constant updates to their operating systems. This flexibility is crucial as confidential computing technology evolves. OpenHCL supports both x86-64 and ARM64 platforms and is compatible with Intel TDX and AMD SEV-SNP confidential computing platforms. It provides essential services such as device emulation, device translation, and diagnostics support, enabling both confidential and non-confidential VMs to operate efficiently. The architecture of OpenHCL includes a virtual machine monitor (VMM) written in Rust, which allows for shared services across different VM types. This approach helps maintain compatibility with legacy systems, as it supports older versions of Windows and Linux without requiring significant modifications. OpenHCL is already in use within Azure, where it has facilitated the operation of over 1.5 million VMs. Microsoft encourages collaboration on the OpenHCL project, inviting contributions and feedback from the community to further enhance its capabilities.
- OpenHCL is an open-source paravisor that enhances virtualization in confidential computing.
- It allows existing VMs to run securely without frequent OS updates.
- OpenHCL supports both x86-64 and ARM64 platforms and is compatible with Intel and AMD confidential computing technologies.
- The architecture includes a Rust-based VMM, enabling shared services for confidential and non-confidential VMs.
- Microsoft invites community collaboration to improve OpenHCL's functionality.
Related
We know 'Linux is a cancer'; could CentOS chaos spell opportunity for Microsoft?
Microsoft's Azure Linux, a lightweight open-source OS, is gaining traction after CentOS support ended. It's used for Azure Kubernetes Service, with LinkedIn's migration boosting credibility, despite challenges in the Linux community.
Why Oxide Chose Illumos
The Oxide Rack will use KVM or bhyve as the VMM, considering Rust for system programming. Key features include live migration, security measures, and strong isolation for enhanced reliability.
Four major desktop hypervisor upgrades arrived at once
In September 2024, Oracle, Parallels, and VMware released significant updates to their desktop hypervisors, enhancing user interfaces, cloud integration, and tools for developers, particularly in generative AI applications.
Software-defined processors: the promise of RISC-V
RISC-V's open-source architecture enhances hardware flexibility and efficiency, fostering innovation in various fields. Organizations support collaboration, while low-cost microcontrollers drive applications in healthcare and consumer goods. Red Hat ensures Linux compatibility.
Hell Freezes over as AMD and Intel Come Together for x86 – ServeTheHome
Intel and AMD have established an x86 advisory board to unify the x86 instruction set architecture, enhancing compatibility and accelerating development, while responding to competition from ARM and RISC-V.
0 commentsRelated
We know 'Linux is a cancer'; could CentOS chaos spell opportunity for Microsoft?
Microsoft's Azure Linux, a lightweight open-source OS, is gaining traction after CentOS support ended. It's used for Azure Kubernetes Service, with LinkedIn's migration boosting credibility, despite challenges in the Linux community.
Why Oxide Chose Illumos
The Oxide Rack will use KVM or bhyve as the VMM, considering Rust for system programming. Key features include live migration, security measures, and strong isolation for enhanced reliability.
Four major desktop hypervisor upgrades arrived at once
In September 2024, Oracle, Parallels, and VMware released significant updates to their desktop hypervisors, enhancing user interfaces, cloud integration, and tools for developers, particularly in generative AI applications.
Software-defined processors: the promise of RISC-V
RISC-V's open-source architecture enhances hardware flexibility and efficiency, fostering innovation in various fields. Organizations support collaboration, while low-cost microcontrollers drive applications in healthcare and consumer goods. Red Hat ensures Linux compatibility.
Hell Freezes over as AMD and Intel Come Together for x86 – ServeTheHome
Intel and AMD have established an x86 advisory board to unify the x86 instruction set architecture, enhancing compatibility and accelerating development, while responding to competition from ARM and RISC-V.