On 3/20/24 15:48, Huang, Kai wrote:
Hi Tom,
I am not aware of kexec() support status for SEV-ES/SEV-SNP guests. Does patch 1 break them?
SNP guests can kexec with some patches that are currently in process around shared to private memory conversions. ES guests can only kexec with a single vCPU. There was a recent patch series to add support for multiple vCPUs.
Patch #1 doesn't break either ES or SNP because we still have an IDT and traditional kernel addressing in place, so the #VC can be handled.
How about plain SEV guest?
A plain SEV guest is fine, since WBINVD is intercepted and would just exit to the hypervisor (#VC doesn't happen with plain SEV).
Thanks,
Tom