分析这个

8dd2eee9d526c30fccfe75da7ec5365c6476e510

Guest-first memory for KVM

config KVM_SW_PROTECTED_VM
	bool "Enable support for KVM software-protected VMs"
	depends on EXPERT
	depends on KVM && X86_64
	select KVM_GENERIC_PRIVATE_MEM
	help
	  Enable support for KVM software-protected VMs.  Currently, software-
	  protected VMs are purely a development and testing vehicle for
	  KVM_CREATE_GUEST_MEMFD.  Attempting to run a "real" VM workload as a
	  software-protected VM will fail miserably.

	  If unsure, say "N".

简单看了一下，似乎是需要配置 guest 为可信的才可以打开， 这个容易，反正我们现在都有各种机器，可以找一个环境测试一下:

-machine q35,confidential-guest-support=tdx0
-machine q35,confidential-guest-support=sev0

RAM_GUEST_MEMFD

本站所有文章转发 CSDN 将按侵权追究法律责任，其它情况随意。