diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2018-10-09 18:35:29 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-11-04 14:51:50 +0100 |
| commit | 6be48d8274ef4d947bc03311f98f055112b65e0a (patch) | |
| tree | 7be3ad761b63d598746adc7147ade5c70f7def5b /arch | |
| parent | 98154205f7a94bc5580767097313238ca39b8dc2 (diff) | |
| download | linux-stable-6be48d8274ef4d947bc03311f98f055112b65e0a.tar.gz linux-stable-6be48d8274ef4d947bc03311f98f055112b65e0a.tar.bz2 linux-stable-6be48d8274ef4d947bc03311f98f055112b65e0a.zip | |
KVM: x86: support CONFIG_KVM_AMD=y with CONFIG_CRYPTO_DEV_CCP_DD=m
[ Upstream commit 853c110982eaff0d99dace3f66f1ba58b5bfd9d5 ]
SEV requires access to the AMD cryptographic device APIs, and this
does not work when KVM is builtin and the crypto driver is a module.
Actually the Kconfig conditions for CONFIG_KVM_AMD_SEV try to disable
SEV in that case, but it does not work because the actual crypto
calls are not culled, only sev_hardware_setup() is.
This patch adds two CONFIG_KVM_AMD_SEV checks that gate all the remaining
SEV code; it fixes this particular configuration, and drops 5 KiB of
code when CONFIG_KVM_AMD_SEV=n.
Reported-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/kvm/svm.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index ef772e5634d4..3e59a187fe30 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -436,14 +436,18 @@ static inline struct kvm_svm *to_kvm_svm(struct kvm *kvm) static inline bool svm_sev_enabled(void) { - return max_sev_asid; + return IS_ENABLED(CONFIG_KVM_AMD_SEV) ? max_sev_asid : 0; } static inline bool sev_guest(struct kvm *kvm) { +#ifdef CONFIG_KVM_AMD_SEV struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; return sev->active; +#else + return false; +#endif } static inline int sev_get_asid(struct kvm *kvm) |