[libvirt-users] SEV machines and memory pinning

Hello, I am working on implementing SEV support in OpenStack. There are some questions that came up in the discussion of the spec [0] [0] https://review.openstack.org/#/c/641994/ As far as i understand, the memory for SEV machines need to be pinned so that it doesn't migrate to swap and page migration. ROMS, UEFI pflash and video RAM should be pinned too. Initially we planned to use hard_limit of <memtune> element to pin the memory. However, from the discussion in the spec it seems that there is no way to determine a good enough value and that hard_limit should not be used at all. What should be used then? There is a suggestion to use something like this: <memoryBacking> <hugepages> <page size="2" unit="M" nodeset="1"/> </hugepages> <nosharepages/> <locked/> <source type="file"/> <access mode="shared"/> <allocation mode="immediate"/> </memoryBacking> Will it work? Are there any caveats we should remember about with this config? If we can use it, is there anything that would be redundant or not necessary for our case?