In OpenBSD 7.4, the native hypervisor, vmd(8) became the only open source type-2 hypervisor to default to using a multi-process, privilege separated model for emulating block and network devices.

This talk provides a look at the inspiration from Oracle's contributions to QEMU as a means of multi-layered defense, a review of the challenges and changes required to OpenBSD across 7.4 and 7.5, and a look at the road ahead.