34.Key AbstractDigital Esm W900

Merged on Sunday prior to tagging Linux 6.2-rc6 is a late "fix" for the AMD Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) code to avoid possible situations of undefined behavior with difficult to debug issues where a modern Linux host with SEV-SNP may try booting a Linux virtual machine with an outdated kernel.

Some AMD SEV-SNP features need guest-side support to work correctly and so if a modern Linux host with a recent kernel that supports newer features of modern AMD EPYC CPUs tries booting a guest virtual machine with a kernel lacking support for some SEV features, there can be problems -- problems that aren't necessarily straight-forward to diagnose. Surprisingly it took until yesterday for the mainline Linux kernel to receive SEV-SNP guest feature negotiation support to deal with this real possibility of the host/hypervisor having a newer kernel than what is found on the guest VMs. 

This is being treated as a fix so it was picked up for Linux 6.2-rc6 rather than waiting for the next merge window. In turn it will also be back-ported soon to stable Linux kernel series.

The link for this article located at Phoronix is no longer available.