docs: update azure firmware with openhcl (#3473)

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2025-07-20 05:51:46 -04:00 · 2024-11-11 12:50:18 +01:00 · 2024-11-11 12:50:18 +01:00 · 1c5fe3fe24
commit 1c5fe3fe24
parent 36024f20ae
22 changed files with 34 additions and 21 deletions
--- a/docs/versioned_docs/version-2.2/overview/clouds.md
+++ b/docs/versioned_docs/version-2.2/overview/clouds.md
@ -24,7 +24,7 @@ The following table summarizes the state of features for different infrastructur

 With its [CVM offering](https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview), Azure provides the best foundations for Constellation. Regarding (3), Azure provides direct access to remote-attestation statements. However, regarding (4), the standard CVMs still include closed-source firmware running in VM Privilege Level (VMPL) 0. This firmware is signed by Azure. The signature is reflected in the remote-attestation statements of CVMs. Thus, the Azure closed-source firmware becomes part of Constellation's trusted computing base (TCB).

-Recently, Azure [announced](https://techcommunity.microsoft.com/t5/azure-confidential-computing/azure-confidential-vms-using-sev-snp-dcasv5-ecasv5-are-now/ba-p/3573747) the *limited preview* of CVMs with customizable firmware. With this CVM type, (4) switches from *No* to *Yes*. Constellation will support customizable firmware on Azure in the future.
+\* Recently, [Azure announced the open source paravisor OpenHCL](https://techcommunity.microsoft.com/blog/windowsosplatform/openhcl-the-new-open-source-paravisor/4273172). It's the foundation for fully open source and verifiable CVM firmware. Once Azure provides their CVM firmware with reproducible builds based on OpenHCL, (4) switches from *No* to *Yes*. Constellation will support OpenHCL based firmware on Azure in the future.

 ## Google Cloud Platform (GCP)