diff --git a/src/runtime/virtcontainers/qemu_amd64.go b/src/runtime/virtcontainers/qemu_amd64.go
index b2d6b2004..757065961 100644
--- a/src/runtime/virtcontainers/qemu_amd64.go
+++ b/src/runtime/virtcontainers/qemu_amd64.go
@@ -24,6 +24,8 @@ type qemuAmd64 struct {
 	vmFactory bool
 
 	devLoadersCount uint32
+
+	sgxEPCSize int64
 }
 
 const (
@@ -140,6 +142,17 @@ func newQemuArch(config HypervisorConfig) (qemuArch, error) {
 		}
 	}
 
+	if config.SGXEPCSize != 0 {
+		q.sgxEPCSize = config.SGXEPCSize
+		if q.qemuMachine.Options != "" {
+			q.qemuMachine.Options += ","
+		}
+		// qemu sandboxes will only support one EPC per sandbox
+		// this is because there is only one annotation (sgx.intel.com/epc)
+		// to specify the size of the EPC.
+		q.qemuMachine.Options += "sgx-epc.0.memdev=epc0,sgx-epc.0.node=0"
+	}
+
 	q.handleImagePath(config)
 
 	return q, nil
@@ -233,6 +246,16 @@ func (q *qemuAmd64) enableProtection() error {
 
 // append protection device
 func (q *qemuAmd64) appendProtectionDevice(devices []govmmQemu.Device, firmware, firmwareVolume string) ([]govmmQemu.Device, string, error) {
+	if q.sgxEPCSize != 0 {
+		devices = append(devices,
+			govmmQemu.Object{
+				Type:     govmmQemu.MemoryBackendEPC,
+				ID:       "epc0",
+				Prealloc: true,
+				Size:     uint64(q.sgxEPCSize),
+			})
+	}
+
 	switch q.protection {
 	case tdxProtection:
 		id := q.devLoadersCount