nova/bug-2117170-disable-vmcoreinfo-when-memory-encryption-is-enabled-142e64f6b9ef3135.yaml at cc742602bcdeff185ff120452e4f301398f6aa7b - nova - OpenDev: Free Software Needs Free Tools

openstack/nova

Files

Takashi Kajinami 79846eb0d0 libvirt: Disable VMCoreInfo device for SEV-encrypted instances

When VMCoreInfo device is enabled, the QEMU fw_cfg device in guest OS
requires DMA between host OS and guest OS through the device. However
DMA is prohibited when guest memory is encrypted using SEV, and
the attempt results in kernel crash.

Do not add VMCoreInfo when memory encryption is enabled.

Closes-Bug: #2117170
Change-Id: I05c7b1ae46ccd8d9aa42456b493ac6ee7ddd8bae
Signed-off-by: Takashi Kajinami <kajinamit@oss.nttdata.com>

2025-08-29 21:19:10 +09:00

8 lines

269 B

YAML

Raw Blame History

 ---
 fixes:
   - |
     [`bug 2117170 <https://bugs.launchpad.net/nova/+bug/2117170>`_] Libvirt
     driver no longer enables VMCoreInfo device when an instance has memory
     encryption is enabled, to avoid kernel crash caused by fw_cfg device in
     guest requiring DMA.