IIRC, this memory encryption function can let a hypervisor tell the platform to use different encryption keys for different virtual machines. So even if somehow a compromised VM managed to read data from a neighboring VM theoretically they'd get garbled, encrypted data.
replyThat is not in this one. That is only the datacenter one(SEV) This one (SME) is a single machine wide key and it doesn't have integrity protection either.
replyAh ok, thanks for the clarification!
reply