OpenHCL Architecture

Prerequisites:

Overview

OpenHCL is a paravisor execution environment that runs within the guest partition of a virtual machine. It provides virtualization services to the guest OS from within the guest partition itself, rather than from the host as is traditionally done.

The following diagram offers a brief, high-level overview of the OpenHCL Architecture.

OpenHCL High Level Overview

Virtual Trust Levels (VTLs)

OpenHCL relies on Virtual Trust Levels (VTLs) to establish a security boundary between itself and the guest OS.

VTL2: OpenHCL runs here¹. It has higher privileges and is isolated from VTL0.
VTL0 (and sometimes VTL1): The Guest OS (e.g., Windows, Linux) runs here. It cannot access VTL2 memory or resources.

This isolation is enforced by the system configured by the underlying virtual machine monitor (Hyper-V) and can be backed by:

Hardware TEEs, like Intel TDX and AMD SEV-SNP.
Software-based constructs, like Hyper-V VSM.

Scenarios

OpenHCL enables several key scenarios by providing a trusted execution environment within the VM:

Azure Boost

OpenHCL acts as a compatibility layer for Azure Boost. It translates legacy synthetic device interfaces (like VMBus networking and storage) used by the guest OS into the hardware-accelerated interfaces (proprietary Microsoft Azure Network Adapter (MANA) and NVMe) provided by the Azure Boost infrastructure. This allows unmodified guests to take advantage of next-generation hardware.

The following diagram shows a high level overview of how synthetic networking is supported in OpenHCL over Microsoft Azure Network Adapter (MANA)

OpenHCL Synthetic Networking

The following diagram shows a high level overview of how accelerated networking is supported in OpenHCL over MANA

OpenHCL Accelerated Networking

Confidential Computing

In Confidential VMs (CVMs), the host is not trusted. OpenHCL runs inside the encrypted VM context (VTL2) and provides necessary services (like device emulation and TPM) that the untrusted host cannot securely provide. Security-sensitive devices, such as the virtual TPM, can be further isolated by running them in separate worker processes within VTL2 for defense-in-depth protection.

Trusted Launch

OpenHCL hosts a virtual TPM (vTPM) and enforces Secure Boot policies, ensuring the integrity of the guest boot process.

Architecture Components

OpenHCL is built on top of a specialized Linux kernel and consists of several userspace processes that work together to provide these services.

For more details on the internal components and boot process, see:

Why not VTL1? Windows already uses VTL1 in order to host the Secure Kernel.

The OpenVMM Guide