* [PATCH v3 01/10] x86/kexec/64: Disable kexec when SEV-ES is active
[not found] <20220127101044.13803-1-joro@8bytes.org>
@ 2022-01-27 10:10 ` Joerg Roedel
0 siblings, 0 replies; only message in thread
From: Joerg Roedel @ 2022-01-27 10:10 UTC (permalink / raw)
To: x86
Cc: Joerg Roedel, Joerg Roedel, stable, Eric Biederman, kexec, hpa,
Andy Lutomirski, Dave Hansen, Peter Zijlstra, Jiri Slaby,
Dan Williams, Tom Lendacky, Juergen Gross, Kees Cook,
David Rientjes, Cfir Cohen, Erdem Aktas, Masami Hiramatsu,
Mike Stunes, Sean Christopherson, Martin Radev, Arvind Sankar,
linux-coco, linux-kernel, kvm, virtualization
From: Joerg Roedel <jroedel@suse.de>
SEV-ES needs special handling to support kexec. Disable it when SEV-ES
is active until support is implemented.
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
arch/x86/kernel/machine_kexec_64.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index f5da4a18070a..5079a75f8944 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -269,11 +269,22 @@ static void load_segments(void)
);
}
+static bool machine_kexec_supported(void)
+{
+ if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
+ return false;
+
+ return true;
+}
+
int machine_kexec_prepare(struct kimage *image)
{
unsigned long start_pgtable;
int result;
+ if (!machine_kexec_supported())
+ return -ENOSYS;
+
/* Calculate the offsets */
start_pgtable = page_to_pfn(image->control_code_page) << PAGE_SHIFT;
--
2.34.1
^ permalink raw reply related [flat|nested] only message in thread