Because sev_enabled will always be 'false' when we are booting on bare
metal. Whereas when we are running under hypervisor then this variable
will be true for the SEV guest, please see [1].
Both sev_active() and sme_active() make use of this variable
hence we will not be able to set the sev_enabled variable on bare
metal. Basically none of the SEV cases will be executed on bare
metal -- only thing which we need to take care of is clearing the X86_FEATURE_SEV flag so that hypervisor will never launch SEV guest
when mem_encrypt=sme option is provided.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 76:53:47 |
Calls: | 6,657 |
Calls today: | 3 |
Files: | 12,203 |
Messages: | 5,332,821 |
Posted today: | 1 |