On 16/01/2023 18.46, Cédric Le Goater wrote:
From: Cédric Le Goater <c...@redhat.com>
If a secure kernel is started in a non-protected VM, the OS will hang
during boot without giving a proper error message to the user.
Perform the checks on Confidential Guest support at runtime with an
helper called from the service call switching the guest to protected
mode.
Signed-off-by: Cédric Le Goater <c...@redhat.com>
---
In s390_pv_check(), drop the call to s390_pv_guest_check() since
init time has already checked the same conditions. However, to
report an error when the machine is not protected and the kernel
secure, we still need s390_pv_check().
Basically Ack for this patch ... I'm just wondering whether we should maybe
use a different name for the function. We now have s390_pv_guest_check() and
390_pv_check() ... hard to distinguish. Maybe we should call them
s390_pv_initial_check() and s390_pv_runtime_check() (or
s390_pv_diag308_check()) or something similar instead?
Thomas
