Re: [PATCH] KVM: X86: Add missing KVM_AMD dependency

From: Guenter Roeck
Date: Sat Oct 06 2018 - 16:43:49 EST

Next message: Florian Weimer: "Re: [PATCH 2/3] namei: implement AT_THIS_ROOT chroot-like path resolution"
Previous message: Gustavo A. R. Silva: "Re: [PATCH] Staging: rts5208: rtsx_card: Fixed multiple coding style issues"
In reply to: Paolo Bonzini: "Re: [PATCH] KVM: X86: Add missing KVM_AMD dependency"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Paolo,

On 10/05/2018 03:18 PM, Paolo Bonzini wrote:

On 06/10/2018 00:03, Guenter Roeck wrote:

This should be handled by

config KVM_AMD_SEV
def_bool y
bool "AMD Secure Encrypted Virtualization (SEV) support"
depends on KVM_AMD && X86_64
depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
---help---
Provides support for launching Encrypted VMs on AMD processors.

Unfortunately it doesn't. It disables KVM_AMD_SEV, but that doesn't prevent
the calls.

Yes, exactly - that's why I mentioned the sev_guest patch that should
cull all the SEV code from a !KVM_AMD_SEV build.

Maybe this works as well? I haven't tested it yet:

I am sure there are many possible solutions. I would personally prefer one
that enforces KVM_AMD=m with CRYPTO_DEV_CCP_DD=m, but that is just me.

Well, KVM_AMD=y is a relatively unusual choice to begin with. The

It is common enough that we are not the only ones affected. Also, even a
"relatively unusual choice" should, in my opinion, not result in a build
error. Never mind, I'll just apply the suggested workaround and configure
CRYPTO_DEV_CCP_DD=y. I need to do that anyway, after all, if I want to keep
KVM_AMD=y.

Thanks,
Guenter

Next message: Florian Weimer: "Re: [PATCH 2/3] namei: implement AT_THIS_ROOT chroot-like path resolution"
Previous message: Gustavo A. R. Silva: "Re: [PATCH] Staging: rts5208: rtsx_card: Fixed multiple coding style issues"
In reply to: Paolo Bonzini: "Re: [PATCH] KVM: X86: Add missing KVM_AMD dependency"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]