[vel0city]

IIRC, this memory encryption function can let a hypervisor tell the platform to use different encryption keys for different virtual machines. So even if somehow a compromised VM managed to read data from a neighboring VM theoretically they'd get garbled, encrypted data.

[porridgeraisin]

That is not in this one. That is only the datacenter one(SEV) This one (SME) is a single machine wide key and it doesn't have integrity protection either.

[vel0city]

Ah ok, thanks for the clarification!