Kernel build bug - KVM_AMD and CRYPTO_DEV_CPP

Kernel build bug - KVM_AMD and CRYPTO_DEV_CPP

About a week ago, I failed to build a Kernel for my new Ryzen 2700X working machine. After some time of configuring my kernel I run into some weird problems

The problem

I wanted to have a Kernel with KVM_AMD support enabled. The build was going on fine, until some weird linker errors appeared.

(Full output [Pastebin])

Since I'm a Kernel rookie, it took me some time to realize what was going on. A google search didn't revealed a solution, other than something similar on Unix Stackexchange, that was not directly applicable for my case.

The problem persisted and is reproducible in linux-4.17.1 and linux-4.16.15, using this config file. Building linux-4.14.49 was doing fine. For any options that were not defined by the config file I chose the default suggestion.


The problem arises, if CONFIG_CRYPTO_DEV_CCP_DD is compiled as module [=m], also if the SEV is not used. Enabling CONFIG_CRYPTO_DEV_CCP_DD to be compiled in the kernel [=y] is a workaround for the issue.

This commit already revealed the issue.

I had to Include the "Secure Processor device driver", that is found in Cryptographic API > Hardware crypto devices

Weirdly, the suggested solution from Unix Stackexchange was not solving the problem for me, neither was it causing problems. I could build the Kernel (4.17.1) with "Kernel-based Virtual Machine Support" set as module. But those are just my two cents, it might have been an issue some versions ago ...

Unluckily I cannot contribute to Unix Stackexchange yet (not enough reputation *sigh*), so I cannot improve the answer there.

Thanks to Richard!

Many thanks to Richard, who provided me with support, regarding nailing it down to a bug in the Kernel build system.

Leave a Comment