Dave Hansen
2021-Sep-13 16:02 UTC
[PATCH v2 00/12] x86/sev: KEXEC/KDUMP support for SEV-ES guests
On 9/13/21 8:55 AM, Joerg Roedel wrote:> This does not work under SEV-ES, because the hypervisor has no access > to the vCPU registers and can't make modifications to them. So an > SEV-ES guest needs to reset the vCPU itself and park it using the > AP-reset-hold protocol. Upon wakeup the guest needs to jump to > real-mode and to the reset-vector configured in the AP-Jump-Table.How does this end up looking to an end user that tries to kexec() from a an SEV-ES kernel? Does it just hang?
Joerg Roedel
2021-Sep-13 16:14 UTC
[PATCH v2 00/12] x86/sev: KEXEC/KDUMP support for SEV-ES guests
On Mon, Sep 13, 2021 at 09:02:38AM -0700, Dave Hansen wrote:> On 9/13/21 8:55 AM, Joerg Roedel wrote: > > This does not work under SEV-ES, because the hypervisor has no access > > to the vCPU registers and can't make modifications to them. So an > > SEV-ES guest needs to reset the vCPU itself and park it using the > > AP-reset-hold protocol. Upon wakeup the guest needs to jump to > > real-mode and to the reset-vector configured in the AP-Jump-Table. > > How does this end up looking to an end user that tries to kexec() from a > an SEV-ES kernel? Does it just hang?Yes, the kexec will just hang. This patch-set contains code to disable the kexec syscalls in situations where it would not work for that reason. Actually with the changes to the decompressor in this patch-set the kexec'ed kernel could boot, but would fail to bring up all the APs. Regards, Joerg