diff options
| -rw-r--r-- | target/i386/sev.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/target/i386/sev.c b/target/i386/sev.c index cad3281..e3abbee 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1223,6 +1223,14 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) size_t hash_len = HASH_SIZE; int aligned_len; + /* + * Only add the kernel hashes if the sev-guest configuration explicitly + * stated kernel-hashes=on. + */ + if (!sev_guest->kernel_hashes) { + return false; + } + if (!pc_system_ovmf_table_find(SEV_HASH_TABLE_RV_GUID, &data, NULL)) { error_setg(errp, "SEV: kernel specified but OVMF has no hash table guid"); return false; |