Commit 9587dd7
committed
KVM: SVM: Drop the module param to control SEV-ES DebugSwap
Rip out the DebugSwap module param, as the sequence of events that led to
its inclusion was one big mistake, the param no longer serves any purpose.
Commit d1f85fb ("KVM: SEV: Enable data breakpoints in SEV-ES") goofed
by not adding a way for the userspace VMM to control the feature.
Functionally, that was fine, but it broke attestation signatures because
SEV_FEATURES are included in the signature.
Commit 5abf6dc ("SEV: disable SEV-ES DebugSwap by default") fixed that
issue, but the underlying flaw of userspace not having a way to control
SEV_FEATURES was still there.
That flaw was addressed by commit 4f5defa ("KVM: SEV: introduce
KVM_SEV_INIT2 operation"), and so then 4dd5eca ("KVM: SEV: allow
SEV-ES DebugSwap again") re-enabled DebugSwap by default.
Now that the dust has settled, the module param doesn't serve any
meaningful purpose.
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://patch.msgid.link/20260109033101.1005769-2-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>1 parent ca2eccb commit 9587dd7
1 file changed
Lines changed: 3 additions & 8 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
53 | 53 | | |
54 | 54 | | |
55 | 55 | | |
56 | | - | |
57 | | - | |
58 | | - | |
59 | 56 | | |
60 | 57 | | |
61 | 58 | | |
| |||
3150 | 3147 | | |
3151 | 3148 | | |
3152 | 3149 | | |
3153 | | - | |
3154 | | - | |
3155 | | - | |
3156 | | - | |
3157 | 3150 | | |
3158 | | - | |
| 3151 | + | |
| 3152 | + | |
| 3153 | + | |
3159 | 3154 | | |
3160 | 3155 | | |
3161 | 3156 | | |
| |||
0 commit comments