** Description changed:
[Impact]
AWS instances with SEV-SNP enabled running the 6.17 kernel fail to boot
following upstream commit 81256a50aa0f ("x86/mm: Make memremap(MEMREMAP_WB)
map
memory as encrypted by default"). The failure occurs because the vmgenid
- driver relies on firmware-provided memory that must be shared (decrypted), but
- is now mapped as encrypted by default.
+ driver relies on memory that must be shared, but is now mapped as encrypted by
+ default.
[Fix]
Clean cherry-pick of bb9ff576fdff ("virt: vmgenid: remap memory as
decrypted") from linux-next.
[Test Plan]
Compile the kernel with this patch applied and boot test on AWS c7a.8xlarge
instances with SEV-SNP enabled and disabled, verifying that the system boots
successfully in both configurations.
[Where problems could occur]
This patch only touches the vmgenid driver, and only affects the memory
- attributes of the vmgenid mapping. However, incorrect assumptions about
- platform firmware behavior could cause boot failures or loss of vmgenid
- functionality.
+ attributes of the vmgenid mapping. However, incorrect assumptions about the
+ sharing requirements of the vmgenid memory region could potentially lead to
+ loss of vmgenid functionality or boot failures.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2137714
Title:
SEV-SNP instances on AWS fail to boot
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/2137714/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
