Consider this explanation:
and the man page of journald.conf:
Storage=
Controls where to store journal data. One of "volatile",
"persistent", "auto" and "none". If "volatile", journal log data
will be stored only in memory, i.e. below the /run/log/journal
hierarchy (which is created if needed).
Could you please explain what forensic traces in dom0 you are concerned with?
Encrypted RAM not only for cold-boot attacks, side-chain etc…
The ephemeral keys used by qvm-pool protect the pool (the “disk” of the VM) but not its memory. AFAIK, effective RAM encryption requires kernel-level support and/or proper hardware.
The only Xen-related thing I found is this:
https://lists.xenproject.org/archives/html/xen-devel/2017-07/msg01534.html
There is also:
Perhaps you know all that.