Unlike other hypervisors (e.g. KVM, XEN, etc.), KSM’s purpose is not to run other Operating Systems, instead, KSM can be used as an extra layer of protection to the existing running OS. This type of virtualization is usually seen in Anti-viruses, or sandboxers or even Viruses. KSM also supports nesting, that means it can emulate other hardware-assisted virtualization tools (VT-x).
EPT violation #VE (enabled only when support is present)
EPTP switching VMFUNC (if not available natively, it will be emulated using a VMCALL)
Builtin Userspace physical memory sandboxer (Optional)
Builtin Introspection engine (Optional)
APIC virtualization (Experimental, do not use)
VMX Nesting (Experimental, do not use)
Windows NT kernel (7/8/8.1/10)
Linux kernel (tested under 3.16, 4.8.13 and mainline)
An Intel processor (with VT-x and EPT support)
A working C compiler (GCC or Microsoft compiler aka CL are supported)
这份代码的作者参考了KVM和XEN 很多地方写的比较专业，代码方面用了一些比较新的特性 所以对一些老的CPU支持不是很好,最低支持到4代U xeon系列 不清楚.