| Storage Settings | Secure VM | Computation | Desktop |
|---|---|---|---|
| preallocation | metadata | off | metadata |
| encryption | on | off | off |
| disk_cache | writethrough | unsafe | none |
| lazy_refcounts | on | on | off |
| format | qcow2 | raw | qcow2 |
| disk bus | virtio | virtio | virtio |
| capacity | 8G | 8G | 8G |
| cluster_size | 1024k | NA | 1024k |
| Host Settings | Secure VM | Computation | Desktop |
|---|---|---|---|
| Transparent HugePages | on | on | on |
| KSM | disable | enable | enable |
| KSM merge across | disable | enable | enable |
| swappiness | 0 | 0 | 35 |
| IO Scheduler | bfq | mq-deadline | mq-deadline |
| Guest Settings | Secure VM | Computation | Desktop |
|---|---|---|---|
| CPU migratable | off | off | on |
| machine | pc-q35-6.2 | pc-q35-6.2 | pc-q35-6.2 |
| watchdog | none | i6300esb poweroff | none |
| boot UEFI | auto | auto | auto |
| vTPM | tpm-crb 2.0 | none | none |
| iothreads | disable | 4 | 4 |
| video | qxl | qxl | virtio |
| network | e1000 | virtio | e1000 |
| keyboard | ps2 (will be disable in the futur) | virtio | virtio |
| memory backing | off | memfd/shared | memfd/shared |
| mouse | disable | virtio | virtio |
| on_poweroff | destroy | restart | destroy |
| on_reboot | destroy | restart | restart |
| on_crash | destroy | restart | destroy |
| suspend_to_mem | off | off | on |
| suspend_to_disk | off | off | on |
| features | acpi apic pae | acpi apic pae | acpi apic pae |
| host fs fmode, dmode, source_dir, target_dir | NA | NA | 644 755 /tmp/ /tmp/host |
| SEV | Secure VM | Computation | Desktop |
|---|---|---|---|
| kvm SEV | mem_encrypt=on kvm_amd sev=1 sev_es=1 | NA | NA |
| sec cbitpos | auto | NA | NA |
| sec reducedPhysBits | auto | NA | NA |
| sec policy | auto | NA | NA |