Post Syndicated from original https://lwn.net/Articles/921266/

If legacy networks are like individual homes with a few doors
where a handful of people have the key, then cloud-based environments are like
apartment complexes that offer both higher density and greater flexibility,
but which include more key holders and potential entry points. The importance
of protecting virtual machines (VMs) running in these environments — from
both the host and other tenants — has become increasingly clear.
The Linux Secure VM Service
Module (SVSM) is
a new, Rust-based, open-source project that aims to help preserve the confidentiality
and integrity of VMs on AMD hardware.