From: Joerg Roedel jroedel@suse.de
For now, kexec is not supported when running as an SEV-ES guest. Doing so requires additional hypervisor support and special code to hand over the CPUs to the new kernel in a safe way.
Until this is implemented, do not support kexec in SEV-ES guests.
Cc: stable@vger.kernel.org # v5.10+ Signed-off-by: Joerg Roedel jroedel@suse.de --- arch/x86/kernel/machine_kexec_64.c | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c index c078b0d3ab0e..f902cc9cc634 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -620,3 +620,11 @@ void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages) */ set_memory_encrypted((unsigned long)vaddr, pages); } + +/* + * Kexec is not supported in SEV-ES guests yet + */ +bool arch_kexec_supported(void) +{ + return !sev_es_active(); +}