I've verified a Jammy guest as follows: 1. Reproduced the problem with kernel 5.15.0-75-generic:
https://pastebin.ubuntu.com/p/844W5SzjR8/ 2. As a workaround removed: <launchSecurity type="sev"> <policy>0x0003</policy> </launchSecurity> 3. Installed kernel from -proposed: root@ubuntu:~# apt-cache policy linux-image-virtual linux-virtual linux-image-virtual: Installed: 5.15.0.77.75 Candidate: 5.15.0.77.75 Version table: *** 5.15.0.77.75 500 500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages 100 /var/lib/dpkg/status 5.15.0.75.73 500 500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages 5.15.0.25.27 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages linux-virtual: Installed: 5.15.0.77.75 Candidate: 5.15.0.77.75 Version table: *** 5.15.0.77.75 500 500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages 100 /var/lib/dpkg/status 5.15.0.75.73 500 500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages 5.15.0.25.27 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages 4. Added back: <launchSecurity type="sev"> <policy>0x0003</policy> </launchSecurity> 5. Instance booted fine: ubuntu@ubuntu:~$ uname -a Linux ubuntu 5.15.0-77-generic #84-Ubuntu SMP Fri Jun 16 16:16:44 UTC 2023 x86_6 4 x86_64 x86_64 GNU/Linux ubuntu@ubuntu:~$ sudo dmesg | grep -i sev [ 0.217323] AMD Memory Encryption Features active: SEV [ 5.296555] SVM: KVM is unsupported when running as an SEV guest 6. Full dmesg: https://paste.ubuntu.com/p/5MDcKbVzPv/ -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2020319 Title: Encountering an issue with memcpy_fromio causing failed boot of SEV- enabled guest Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: New Status in linux source package in Focal: Fix Committed Status in linux source package in Jammy: Fix Committed Bug description: [Impact] When launching a SEV-enabled guest, the guest kernel panics with the following call trace, indicating a critical error in the system. ========== [ 1.090638] software IO TLB: Memory encryption is active and system is using DMA bounce buffers [ 1.092105] Linux agpgart interface v0.103 [ 1.092716] BUG: unable to handle page fault for address: ffff9b820003d068 [ 1.093445] #PF: supervisor read access in kernel mode [ 1.093966] #PF: error_code(0x0000) - not-present page [ 1.094481] PGD 800100000067 P4D 800100000067 PUD 8001001d7067 PMD 8001001da067 PTE 80000000fed40173 [ 1.094629] Oops: 0000 [#1] SMP NOPTI [ 1.094629] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.0-46-generic #49-Ubuntu [ 1.094629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 [ 1.094629] RIP: 0010:memcpy_fromio+0x27/0x50 [ 1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66 [ 1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212 [ 1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 0000000000000002 [ 1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: ffff9b820001ba90 [ 1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 0000000000000f80 [ 1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: ffff8cc7068eca48 [ 1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 00000000fed40080 [ 1.094629] FS: 0000000000000000(0000) GS:ffff8cc77bd00000(0000) knlGS:0000000000000000 [ 1.094629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 0000000000350ee0 [ 1.094629] Call Trace: [ 1.094629] <TASK> [ 1.094629] crb_map_io+0x315/0x870 [ 1.094629] ? radix_tree_iter_tag_clear+0x12/0x20 [ 1.094629] ? _raw_spin_unlock_irqrestore+0xe/0x30 [ 1.094629] crb_acpi_add+0xc2/0x140 [ 1.094629] acpi_device_probe+0x4c/0x170 [ 1.094629] really_probe+0x222/0x420 [ 1.094629] __driver_probe_device+0x119/0x190 [ 1.094629] driver_probe_device+0x23/0xc0 [ 1.094629] __driver_attach+0xbd/0x1e0 [ 1.094629] ? __device_attach_driver+0x120/0x120 [ 1.094629] bus_for_each_dev+0x7e/0xd0 [ 1.094629] driver_attach+0x1e/0x30 [ 1.094629] bus_add_driver+0x139/0x200 [ 1.094629] driver_register+0x95/0x100 [ 1.094629] ? init_tis+0xfd/0xfd [ 1.094629] acpi_bus_register_driver+0x39/0x50 [ 1.094629] crb_acpi_driver_init+0x15/0x1b [ 1.094629] do_one_initcall+0x48/0x1e0 [ 1.094629] do_initcalls+0x12f/0x159 [ 1.094629] kernel_init_freeable+0x162/0x1b5 [ 1.094629] ? rest_init+0x100/0x100 [ 1.094629] kernel_init+0x1b/0x150 [ 1.094629] ? rest_init+0x100/0x100 [ 1.094629] ret_from_fork+0x22/0x30 [ 1.094629] </TASK> [ 1.094629] Modules linked in: [ 1.094629] CR2: ffff9b820003d068 [ 1.094629] ---[ end trace 3d6d81c42a3c2030 ]--- [ 1.094629] RIP: 0010:memcpy_fromio+0x27/0x50 [ 1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66 [ 1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212 [ 1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 0000000000000002 [ 1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: ffff9b820001ba90 [ 1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 0000000000000f80 [ 1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: ffff8cc7068eca48 [ 1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 00000000fed40080 [ 1.094629] FS: 0000000000000000(0000) GS:ffff8cc77bd00000(0000) knlGS:0000000000000000 [ 1.094629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 0000000000350ee0 [ 1.094629] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 [ 1.094629] Kernel Offset: 0x200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 1.094629] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 ]--- ========== [Fix] The issue arises when launching kernels in libvirt-managed SEV virtual machines due to the addition of a tpm-crb device by virt-install. Upstream commit 4009a4ac82dd has fixed this issue. ========== Author: Joerg Roedel <jroe...@suse.de> Date: Mon Mar 21 10:33:51 2022 +0100 x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO The io-specific memcpy/memset functions use string mmio accesses to do their work. Under SEV, the hypervisor can't emulate these instructions because they read/write directly from/to encrypted memory. ========== [Test Plan] 1. Use virt-install to create a SEV-enabled guest virt-install --name sev_guest --memory 16384 --vcpus 16 --boot uefi --disk /root/focal-server-cloudimg-amd64.img,device=disk,bus=scsi --os-variant ubuntu20.04 --import --controller type=scsi,model=virtio-scsi,driver.iommu=on --controller type=virtio-serial,driver.iommu=on --network default --memballoon driver.iommu=on --graphics none --launchSecurity sev --noautoconsole 2. Poweron the guest and kernel panic occurred. [Where problems could occur] SEV doesn't support string I/O, so the patch unrolls the string I/O operation into a loop operating on one element at a time. The affected range is limited to virtual machines and specific platforms that support SEV (i.e., AMD Epyc) and have SEV-ES not enabled. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2020319/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
