Virtualization

The following virtualization features are available as technology previews.

Nested VMs

Nested KVM virtualization is provided as a technology preview for KVM virtual machines (VMs) running on Oracle Linux 9.

SEV and SEV-ES

The Secure Encrypted Virtualization (SEV) feature is provided for AMD EPYC host machines that use the KVM hypervisor. It encrypts a virtual machine's memory and protects the VM from access by the host.

SEV's enhanced Encrypted State version (SEV-ES) encrypts all CPU register contents when a VM stops running, thus preventing the host from modifying the VM's CPU registers or reading any information from them.

Note that SEV is supported in UEK.