[PATCH 02/12] x86/kexec/64: Forbid kexec when running as an SEV-ES guest

[PATCH 00/12] x86/sev: KEXEC/KDUMP support for SEV-ES guests · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 01/12] kexec: Allow architecture code to opt-out at runtime · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 02/12] x86/kexec/64: Forbid kexec when running as an SEV-ES guest · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 03/12] x86/sev: Save and print negotiated GHCB protocol version · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 05/12] x86/sev: Use GHCB protocol version 2 if supported · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 06/12] x86/sev: Cache AP Jump Table Address · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 04/12] x86/sev: Do not hardcode GHCB protocol version · Joerg Roedel <joro@8bytes.org> · 2021-07-21
Re: [PATCH 04/12] x86/sev: Do not hardcode GHCB protocol version · Tom Lendacky <thomas.lendacky@amd.com> · 2021-07-21
Re: [PATCH 04/12] x86/sev: Do not hardcode GHCB protocol version · Joerg Roedel <hidden> · 2021-07-31
[PATCH 07/12] x86/sev: Setup code to park APs in the AP Jump Table · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 11/12] x86/sev: Handle CLFLUSH MMIO events · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 12/12] x86/sev: Support kexec under SEV-ES with AP Jump Table blob · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 10/12] x86/sev: Add MMIO handling support to boot/compressed/ code · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 09/12] x86/sev: Use AP Jump Table blob to stop CPU · Joerg Roedel <joro@8bytes.org> · 2021-07-21
[PATCH 08/12] x86/sev: Park APs on AP Jump Table with GHCB protocol version 2 · Joerg Roedel <joro@8bytes.org> · 2021-07-21

STALE1761d

Revisions (4)

2021-07-05 rfc [diff vs current]
2021-07-21 v1 current
2021-09-13 v2 [diff vs current]
2022-01-27 v3 [diff vs current]

From: Joerg Roedel <joro@8bytes.org>
Date: 2021-07-21 14:20:49
Also in: kvm, linux-coco, lkml, stable
Subsystem: the rest, x86 architecture (32-bit and 64-bit) · Maintainers: Linus Torvalds, Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen

From: Joerg Roedel <redacted>

For now, kexec is not supported when running as an SEV-ES guest. Doing
so requires additional hypervisor support and special code to hand
over the CPUs to the new kernel in a safe way.

Until this is implemented, do not support kexec in SEV-ES guests.

Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Joerg Roedel <redacted>
---
 arch/x86/kernel/machine_kexec_64.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 131f30fdcfbd..a8e16a411b40 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c

@@ -591,3 +591,11 @@ void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages)
 	 */
 	set_memory_encrypted((unsigned long)vaddr, pages);
 }
+
+/*
+ * Kexec is not supported in SEV-ES guests yet
+ */
+bool arch_kexec_supported(void)
+{
+	return !sev_es_active();
+}

-- 
2.31.1

_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help