| caribou | mhcerri: ok, I took the time to create the bug with the details : LP: #1956575 | 10:47 |
|---|---|---|
| ubottu | Launchpad bug 1956575 in linux (Ubuntu Focal) "[Regression] Focal kernel 5.4.0-92.103 fails to boot when Secure Encrypted Virtualization(SEV) is enabled" [Undecided, Confirmed] https://launchpad.net/bugs/1956575 | 10:47 |
| caribou | xnox: you might want to have a look at this one, this is something you worked on | 10:56 |
| mhcerri | thanks, caribou! yesterday we received a very similar user report, but for a cloud kernel. but the bisect will be very helpful | 11:50 |
| mhcerri | we are also working to improve or tests with sev | 11:51 |
| caribou | I have another issue with the -kvm kernel that does not boot with SEV : LP: #1955395 | 12:01 |
| ubottu | Launchpad bug 1955395 in linux (Ubuntu Jammy) "KVM flavor of Jammy kernel 5.13 does not boot when Secure Encrypted Virtualization( SEV) is enabled" [Undecided, Confirmed] https://launchpad.net/bugs/1955395 | 12:01 |
| caribou | I understand that SEV enabled hardware is not easily available | 12:01 |
| caribou | mhcerri: FYI, I have just updated the LP bug - I made a mistake in the bisected commit which is now correct | 15:20 |
| mhcerri | caribou, thanks! I was about to ping you :-) I was reviewing the previous commit and I couldn't find what was wrong with it | 15:24 |
| caribou | Neither could I ! turns out I forgot the last "git bisect good" :-/ | 15:24 |
| caribou | it is now more inline with the backtrace : "efi: Support for MOK variable config table" | 15:26 |
| mhcerri | caribou, so 7ca05228f713c24eb55574b36e32d9b54c5a1b76 should be the offending commit, right? or is it the last good commit? | 15:26 |
| caribou | "first bad commit" | 15:27 |
| mhcerri | I see. it is the commit that added efi_mokvar_sysfs_init(). that makes more sense indeed | 15:28 |
| caribou | I'm running another bisect on Bionic just to confirm but it is apparently also present in Bionic; I'll update the series on the bug once confirmed | 15:29 |
| mhcerri | but it's still curious why sev triggers it | 15:29 |
| mhcerri | caribou, you mean 4.15 bionic? | 15:29 |
| caribou | yep | 15:30 |
| caribou | hmm, that IS interesting : https://support.hpe.com/hpesc/public/docDisplay?docId=a00119071en_us&docLocale=en_US | 15:42 |
| caribou | "Advisory: Red Hat Enterprise Linux 8.3 - Guest Stops Responding at efi_mokvar_sysfs_init+0xa9/0x19d with AMD Secure Encrypted Virtualization (SEV) Enabled" | 15:43 |
| caribou | And this is the upstream fix : "x86/ioremap: Map EFI-reserved memory as encrypted for SEV" | 15:44 |
| caribou | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b | 15:44 |
| ubottu | Commit 8d651ee in kernel/git/torvalds/linux.git "x86/ioremap: Map EFI-reserved memory as encrypted for SEV" | 15:44 |
| caribou | mhcerri: ok, I've just built a 5.4.0-92.103 plus 8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b and the VM boots fine | 16:21 |
| caribou | I have also identified the failing commit in bionic so I'll add bionic + hirsute series to the bug | 16:21 |
| mhcerri | caribou, nice! can you add that info to the bug (If you haven't yet) I will try to test it as well | 16:25 |
| caribou | just did it :) | 16:25 |
| mhcerri | thanks | 16:28 |
| mhcerri | caribou, we don't have the mokvar-table.c commit in 4.15, so I don't think this exact problem will occur with the 4.15 bionic kernel | 16:58 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!