> Wait, what? Can you name specific ones? Nowadays, enabling KSM for > untrusted VMs seems like a terrible idea to me, security-wise.
Of course it is not used to share data among different customers/tenants, as far as I know it is used by Oracle Cloud to merge the same pages in clear containers. https://medium.com/cri-o/intel-clear-containers-and-cri-o-70824fb51811 One performance enhancing feature is the use of KSM, a recent KVM optimized for memory sharing and boot speed. Another is the use of an optimized Clear Containers mini-OS. Pasha
