Newer QEMU version (v8.0.4 patched for TDX) shipped with Ubuntu 23.10 (Canonical TDX-enlightened version) changed requirements on the QEMU cmdline. In particular, newer versions of virtiofsd (that Gramine-TDX uses for sharing files) require -object memory-backend-memfd,... and QEMU requires -object memory-backend-memfd,...,private=on (note private=on, without it QEMU/KVM complains about ENCRYPT_OPs).
Description of the changes
Newer QEMU version (v8.0.4 patched for TDX) shipped with Ubuntu 23.10 (Canonical TDX-enlightened version) changed requirements on the QEMU cmdline. In particular, newer versions of virtiofsd (that Gramine-TDX uses for sharing files) require
-object memory-backend-memfd,...and QEMU requires-object memory-backend-memfd,...,private=on(noteprivate=on, without it QEMU/KVM complains about ENCRYPT_OPs).Also see notes in https://github.com/gramineproject/gramine-tdx/discussions/14#discussioncomment-10006771.
How to test this PR?
Run
gramine-tdx helloworld.This change is