So this means the secure VM feature is secure up to the threat model of someone able to crack open the hardware.
Honestly that's kind of what I would have expected. Just making it almost impossible to get VM memory remotely by owning the hypervisor is pretty good and reduces your attack surface to people who can get into the data center and have electronics expertise.
Honestly that's kind of what I would have expected. Just making it almost impossible to get VM memory remotely by owning the hypervisor is pretty good and reduces your attack surface to people who can get into the data center and have electronics expertise.