summaryrefslogtreecommitdiff
path: root/scripts/Makefile.thinlto
diff options
context:
space:
mode:
authorVitaly Kuznetsov <vkuznets@redhat.com>2025-12-22 15:46:46 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2025-12-22 16:18:54 +0100
commitbb9ff576fdff48c242876f55098a3ee20a29df5d (patch)
tree65a9ef062fdcab046fa9d4624fcafdbdbe42f150 /scripts/Makefile.thinlto
parent3f9f0252130e7dd60d41be0802bf58f6471c691d (diff)
downloadlinux-next-bb9ff576fdff48c242876f55098a3ee20a29df5d.tar.gz
linux-next-bb9ff576fdff48c242876f55098a3ee20a29df5d.zip
virt: vmgenid: remap memory as decrypted
It was found that AWS SEV-SNP enabled instances are not able to boot with commit 81256a50aa0f ("x86/mm: Make memremap(MEMREMAP_WB) map memory as encrypted by default") applied and the reason seems to be the vmgenid device which requires unencrypted writeable memory. A similar problem was previously fixed in DRM with commit 7dfede7d7edd ("drm/vmwgfx: Fix guests running with TDX/SEV"). Note, trusting vmgenid device in a Confidential VM is questionable: the malicious host may intentionally avoid notifying the guest when a copy is created. Fixes: 81256a50aa0f ("x86/mm: Make memremap(MEMREMAP_WB) map memory as encrypted by default") Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Cc: stable@vger.kernel.org # 6.15+ Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'scripts/Makefile.thinlto')
0 files changed, 0 insertions, 0 deletions