[10:47] <caribou> mhcerri: ok, I took the time to create the bug with the details : LP: #1956575
[10:47] <ubottu> Launchpad bug 1956575 in linux (Ubuntu Focal) "[Regression] Focal kernel  5.4.0-92.103 fails to boot when Secure Encrypted Virtualization(SEV) is enabled" [Undecided, Confirmed] https://launchpad.net/bugs/1956575
[10:56] <caribou> xnox: you might want to have a look at this one, this is something you worked on
[11:50] <mhcerri> thanks, caribou! yesterday we received a very similar user report, but for a cloud kernel. but the bisect will be very helpful
[11:51] <mhcerri> we are also working to improve or tests with sev
[12:01] <caribou> I have another issue with the -kvm kernel that does not boot with SEV : LP: #1955395
[12:01] <ubottu> Launchpad bug 1955395 in linux (Ubuntu Jammy) "KVM flavor of Jammy kernel 5.13 does not boot when Secure Encrypted Virtualization( SEV) is enabled" [Undecided, Confirmed] https://launchpad.net/bugs/1955395
[12:01] <caribou> I understand that SEV enabled hardware is not easily available
[15:20] <caribou> mhcerri: FYI, I have just updated the LP bug - I made a mistake in the bisected commit which is now correct
[15:24] <mhcerri> caribou, thanks! I was about to ping you :-) I was reviewing the previous commit and I couldn't find what was wrong with it
[15:24] <caribou> Neither could I ! turns out I forgot the last "git bisect good" :-/
[15:26] <caribou> it is now more inline with the backtrace : "efi: Support for MOK variable config table"
[15:26] <mhcerri> caribou, so 7ca05228f713c24eb55574b36e32d9b54c5a1b76 should be the offending commit, right? or is it the last good commit?
[15:27] <caribou> "first bad commit"
[15:28] <mhcerri> I see. it is the commit that added efi_mokvar_sysfs_init(). that makes more sense indeed
[15:29] <caribou> I'm running another bisect on Bionic just to confirm but it is apparently also present in Bionic; I'll update the series on the bug once confirmed
[15:29] <mhcerri> but it's still curious why sev triggers it
[15:29] <mhcerri> caribou, you mean 4.15 bionic?
[15:30] <caribou> yep
[15:42] <caribou> hmm, that IS interesting : https://support.hpe.com/hpesc/public/docDisplay?docId=a00119071en_us&docLocale=en_US
[15:43] <caribou> "Advisory: Red Hat Enterprise Linux 8.3 - Guest Stops Responding at efi_mokvar_sysfs_init+0xa9/0x19d with AMD Secure Encrypted Virtualization (SEV) Enabled"
[15:44] <caribou> And this is the upstream fix : "x86/ioremap: Map EFI-reserved memory as encrypted for SEV"
[15:44] <caribou> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b
[15:44] <ubottu> Commit 8d651ee in kernel/git/torvalds/linux.git "x86/ioremap: Map EFI-reserved memory as encrypted for SEV"
[16:21] <caribou> mhcerri: ok, I've just built a 5.4.0-92.103 plus 8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b and the VM boots fine
[16:21] <caribou> I have also identified the failing commit in bionic so I'll add bionic + hirsute series to the bug
[16:25] <mhcerri> caribou, nice! can you add that info to the bug (If you haven't yet) I will try to test it as well
[16:25] <caribou> just did it :)
[16:28] <mhcerri> thanks
[16:58] <mhcerri> caribou, we don't have the mokvar-table.c commit in 4.15, so I don't think this exact problem will occur with the 4.15 bionic kernel