> +static int __init mem_encrypt_snp_init(void)
> +{
> +     if (!boot_cpu_has(X86_FEATURE_SEV_SNP))
> +             return 1;
> +
> +     if (rmptable_init()) {
> +             setup_clear_cpu_cap(X86_FEATURE_SEV_SNP);
> +             return 1;
> +     }
> +
> +     static_branch_enable(&snp_enable_key);
> +
> +     return 0;
> +}

Could you explain a bit why 'snp_enable_key' is needed in addition to
X86_FEATURE_SEV_SNP?

For a lot of features, we just use cpu_feature_enabled(), which does
both compile-time and static_cpu_has().  This whole series seems to lack
compile-time disables for the code that it adds, like the code it adds
to arch/x86/mm/fault.c or even mm/memory.c.

Reply via email to