Providing virtual secure mode with different virtual trust levels each having separate memory access protections, interrupt subsystems and private processor states

What is claimed is: 1. A method comprising: implementing, for a virtual machine, a virtual secure mode having multiple virtual trust levels, the multiple virtual trust levels being organized as a hierarchy so that a higher level virtual trust level is more privileged than a lower virtual trust level, each virtual trust level having memory access protections associated with the virtual trust level that are separate from memory access protections of other of the multiple virtual trust levels, each virtual trust level having an interrupt subsystem associated with the virtual trust level that is separate from interrupt subsystems of other of the multiple virtual trust levels, and each virtual trust level having private processor state associated with the virtual trust level that is separate from private processor state of other of the multiple virtual trust levels; allowing a virtual processor of the virtual machine to run in any one of the multiple virtual trust levels, the virtual processor running in only one virtual trust level at a time, and the virtual trust level at which the virtual processor is running being an active virtual trust level; and allowing, by a virtual machine manager managing the virtual machine, a program running on the virtual processor to access memory of the virtual machine based on memory access protections configured for the active virtual trust level. 2. A method as recited in claim 1 , the multiple virtual trust levels comprising two virtual trust levels, the higher level virtual trust level comprising a secure mode and the lower virtual trust level comprising a normal mode. 3. A method as recited in claim 1 , the allowing the program to access memory comprising: receiving a request for a particular type of access to a memory address, the particular type of access comprising read access, write access, or execute access; checking whether memory access protections for the active virtual trust level for one of multiple memory pages that includes the memory address indicate that the particular type of access is allowed; and allowing the program to perform the particular type of access to the memory address only in response to the memory access protections for the active virtual trust level for the one memory page indicating that the particular type of access is allowed. 4. A method as recited in claim 1 , further comprising: allowing, by the virtual machine manager, a program running while the virtual processor is operating in the higher virtual trust level to change memory access protections for the lower virtual trust level; and preventing, by the virtual machine manager, a program running while the virtual processor is operating in the lower virtual trust level from changing memory access protections for the higher virtual trust level. 5. A method as recited in claim 1 , further comprising switching the active virtual trust level from the lower virtual trust level to the higher virtual trust level in response to a particular sequence of instructions being executed. 6. A method as recited in claim 1 , further comprising switching the active virtual trust level from the lower virtual trust level to the higher virtual trust level in response to receipt of an interrupt targeting the higher virtual trust level. 7. A method as recited in claim 1 , further comprising switching the active virtual trust level from the lower virtual trust level to the higher virtual trust level in response to an operation accessing a protected address or protected component of the higher virtual trust level. 8. A method as recited in claim 1 , the active virtual trust level comprising the higher virtual trust level, the method further comprising notifying a program of the active virtual trust level when an interrupt is received for the lower virtual trust level. 9. A method as recited in claim 1 , further comprising allowing, by the virtual machine manager, an additional device that performs direct memory access to access the memory based on the memory access protections configured for the one of the multiple virtual trust levels at which the additional device is running. 10. A computing device comprising: one or more processors; an operating system; and a virtual machine manager implementing a virtual secure mode having multiple virtual trust levels, the multiple virtual trust levels being organized as a hierarchy so that a higher level virtual trust level is more privileged than a lower virtual trust level, each virtual trust level having memory access protections associated with the virtual trust level that are separate from memory access protections of other of the multiple virtual trust levels, each virtual trust level having an interrupt subsystem associated with the virtual trust level that is separate from interrupt subsystems of other of the multiple virtual trust levels, and each virtual trust level having private processor state associated with the virtual trust level that is separate from private processor state of other of the multiple virtual trust levels, the virtual machine manager allowing, for each of one or more virtual processors, the virtual processor to run in any one of the multiple virtual trust levels and to access physical memory based on memory access protections configured for the one of the multiple virtual trust levels at which the virtual processor is running, the one of the multiple virtual trust levels at which the virtual processor is running being an active virtual trust level. 11. A computing device as recited in claim 10 , the one or more virtual processors comprising multiple virtual processors, and each of the multiple virtual processors running in different virtual trust levels concurrently. 12. A computing device as recited in claim 10 , the memory access protections comprising memory access protections for each of multiple memory pages of a virtual memory space mapped to the physical memory. 13. A computing device as recited in claim 12 , the allowing each of one or more virtual processors to access physical memory comprising: receiving a request for a particular type of access to a memory address that maps to the physical memory, the particular type of access comprising read access, write access, or execute access; checking whether memory access protections for the active virtual trust level for one of the multiple memory pages that includes the memory address indicate that the particular type of access is allowed; and allowing the program to perform the particular type of access to the memory address only in response to the memory access protections for the active virtual trust level for the one memory page indicating that the particular type of access is allowed. 14. A computing device as recited in claim 10 , the active virtual trust level comprising a lower virtual trust level of the multiple virtual trust levels, and the virtual machine manager further preventing a program running while the virtual processor is in the active virtual trust level from changing memory access protections for a higher virtual trust level of the multiple virtual trust levels. 15. A computing device as recited in claim 14 , the virtual machine manager further switching the active virtual trust level of the virtual processor from the lower virtual trust level to the higher virtual trust level in response to receipt of an interrupt targeting the higher virtual trust level. 16. A computing device as recited in claim 14 , the virtual machine manager further switching the active virtual trust level of the virtual processor from the lower virtual trust level to the higher virtu