About a week ago, I failed to build a Kernel for my new Ryzen 2700X working machine. After some time of configuring my kernel I run into some weird problems
I wanted to have a Kernel with KVM_AMD support enabled. The build was going on fine, until some weird linker errors appeared.
arch/x86/kvm/svm.o: In function `__sev_issue_cmd': /home/phoenix/Kernel/linux-4.17.1/arch/x86/kvm/svm.c:6278: undefined reference to `sev_issue_cmd_external_user' arch/x86/kvm/svm.o: In function `sev_unbind_asid': /home/phoenix/Kernel/linux-4.17.1/arch/x86/kvm/svm.c:1746: undefined reference to `sev_guest_deactivate' /home/phoenix/Kernel/linux-4.17.1/arch/x86/kvm/svm.c:1749: undefined reference to `sev_guest_df_flush' /home/phoenix/Kernel/linux-4.17.1/arch/x86/kvm/svm.c:1758: undefined reference to `sev_guest_decommission' Makefile:1042: recipe for target 'vmlinux' failed</pre>
Full output is on Pastebin (hopefully it’s still there when you find this …)
Since I’m a Kernel newbee, it took me some time to realize what was going on. A google search didn’t revealed a solution, other than something similar on Unix Stackexchange, that was not directly applicable for my case.
The problem persisted and is reproducible in linux-4.17.1 and linux-4.16.15, using this config file. Building linux-4.14.49 was doing fine. For any options that were not defined by the config file I chose the default suggestion.
The problem arises, if
CONFIG_CRYPTO_DEV_CCP_DD is compiled as module
[=m], also if the SEV is not used. Enabling
CONFIG_CRYPTO_DEV_CCP_DD to be compiled in the kernel
[=y] fixes the issue.
This commit already revealed the issue.
I had to Include the
Secure Processor device driver, that is found in
Cryptographic API > Hardware crypto devices
Interestingly, the suggested solution from Unix Stackexchange was not solving the problem for me, neither was it causing problems. I could build the Kernel (4.17.1) with “Kernel-based Virtual Machine Support” set as module. But those are just my two cents, it might have been an issue some versions ago …
Unluckily I cannot contribute to Unix Stackexchange yet (not enough reputation *sigh*), so I cannot improve the answer there.
Thanks to Richard
Many thanks to Richard, who supported me to nail the bug down.