On March 25, 2019 8:59:28 PM GMT+01:00, "Lendacky, Thomas" <Thomas.Lendacky@xxxxxxx> wrote: >Maybe what would help is to describe why there is a difference between >SME >and SEV in regards to kexec. During a traditional boot under SME, SME >will >encrypt the kernel, so the SME kexec kernel also needs to be >un-encrypted >in order to replicate a normal SME boot. During a traditional boot >under >SEV, the kernel has already been loaded encrypted, so the SEV kexec >kernel >needs to be encrypted in order to replicate a normal SEV boot. Yah, that should be in a comment above that function. Thx. -- Sent from a small device: formatting sux and brevity is inevitable. _______________________________________________ kexec mailing list kexec@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/kexec
