ubuntu@ubuntu:~$ uname -a
Linux ubuntu 5.15.0-77-generic #84-Ubuntu SMP Fri Jun 16 16:16:44 UTC 2023 x86_6
4 x86_64 x86_64 GNU/Linux
ubuntu@ubuntu:~$ sudo dmesg | grep -i sev
[ 0.217323] AMD Memory Encryption Features active: SEV
[ 5.296555] SVM: KVM is unsupported when running as an SEV guest
I've verified a Jammy guest as follows:
1. Reproduced the problem with kernel 5.15.0-75-generic:
https:/ /pastebin. ubuntu. com/p/844W5SzjR 8/
2. As a workaround removed:
<launchSecurity type="sev"> 0x0003< /policy>
<policy>
</launchSecurity>
3. Installed kernel from -proposed:
root@ubuntu:~# apt-cache policy linux-image-virtual linux-virtual virtual: archive. ubuntu. com/ubuntu jammy-proposed/main amd64 Packages dpkg/status archive. ubuntu. com/ubuntu jammy-updates/main amd64 Packages security. ubuntu. com/ubuntu jammy-security/main amd64 Packages archive. ubuntu. com/ubuntu jammy/main amd64 Packages archive. ubuntu. com/ubuntu jammy-proposed/main amd64 Packages dpkg/status archive. ubuntu. com/ubuntu jammy-updates/main amd64 Packages security. ubuntu. com/ubuntu jammy-security/main amd64 Packages archive. ubuntu. com/ubuntu jammy/main amd64 Packages
linux-image-
Installed: 5.15.0.77.75
Candidate: 5.15.0.77.75
Version table:
*** 5.15.0.77.75 500
500 http://
100 /var/lib/
5.15.0.75.73 500
500 http://
500 http://
5.15.0.25.27 500
500 http://
linux-virtual:
Installed: 5.15.0.77.75
Candidate: 5.15.0.77.75
Version table:
*** 5.15.0.77.75 500
500 http://
100 /var/lib/
5.15.0.75.73 500
500 http://
500 http://
5.15.0.25.27 500
500 http://
4. Added back:
<launchSecurity type="sev"> 0x0003< /policy>
<policy>
</launchSecurity>
5. Instance booted fine:
ubuntu@ubuntu:~$ uname -a
Linux ubuntu 5.15.0-77-generic #84-Ubuntu SMP Fri Jun 16 16:16:44 UTC 2023 x86_6
4 x86_64 x86_64 GNU/Linux
ubuntu@ubuntu:~$ sudo dmesg | grep -i sev
[ 0.217323] AMD Memory Encryption Features active: SEV
[ 5.296555] SVM: KVM is unsupported when running as an SEV guest
6. Full dmesg: https:/ /paste. ubuntu. com/p/5MDcKbVzP v/