From: Kiryl Shutsemau <kas@kernel.org>
To: Vishal Verma <vishal.l.verma@intel.com>
Cc: Thomas Gleixner <tglx@kernel.org>, Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev,
kvm@vger.kernel.org
Subject: Re: [PATCH v2 4/5] x86/tdx: Disable the TDX module during kexec and kdump
Date: Mon, 30 Mar 2026 12:03:59 +0000 [thread overview]
Message-ID: <acpmkzmE2UvnCEob@thinkstation> (raw)
In-Reply-To: <20260323-fuller_tdx_kexec_support-v2-4-87a36409e051@intel.com>
On Mon, Mar 23, 2026 at 02:59:07PM -0600, Vishal Verma wrote:
> Use the TDH.SYS.DISABLE SEAMCALL, which disables the TDX module,
> reclaims all memory resources assigned to TDX, and clears any
> partial-write induced poison, to allow kexec and kdump on platforms with
> the partial write errata.
>
> On TDX-capable platforms with the partial write erratum, kexec has been
> disabled because the new kernel could hit a machine check reading a
> previously poisoned memory location.
>
> Later TDX modules support TDH.SYS.DISABLE, which disables the module and
> reclaims all TDX memory resources, allowing the new kernel to re-initialize
> TDX from scratch. This operation also clears the old memory, cleaning up
> any poison.
>
> Add tdx_sys_disable() to tdx_shutdown(), which is called in the
> syscore_shutdown path for kexec. This is done just before tdx_shutdown()
> disables VMX on all CPUs.
>
> For kdump, call tdx_sys_disable() in the crash path before
> x86_virt_emergency_disable_virtualization_cpu() does VMXOFF.
>
> Since this clears any poison on TDX-managed memory, remove the
> X86_BUG_TDX_PW_MCE check in machine_kexec() that blocked kexec on
> partial write errata platforms.
>
> Co-developed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> Signed-off-by: Vishal Verma <vishal.l.verma@intel.com>
Reviewed-by: Kiryl Shutsemau (Meta) <kas@kernel.org>
--
Kiryl Shutsemau / Kirill A. Shutemov
next prev parent reply other threads:[~2026-03-30 12:04 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 20:59 [PATCH v2 0/5] Fuller TDX kexec support Vishal Verma
2026-03-23 20:59 ` [PATCH v2 1/5] x86/tdx: Move all TDX error defines into <asm/shared/tdx_errno.h> Vishal Verma
2026-03-24 9:49 ` Chao Gao
2026-03-31 19:30 ` Sean Christopherson
2026-03-31 21:46 ` Edgecombe, Rick P
2026-03-23 20:59 ` [PATCH v2 2/5] x86/virt/tdx: Pull kexec cache flush logic into arch/x86 Vishal Verma
2026-03-24 10:03 ` Chao Gao
2026-03-30 11:42 ` Kiryl Shutsemau
2026-03-31 19:22 ` Sean Christopherson
2026-03-31 22:21 ` Edgecombe, Rick P
2026-03-31 23:04 ` Sean Christopherson
2026-03-31 23:29 ` Edgecombe, Rick P
2026-04-01 15:03 ` Dave Hansen
2026-04-01 17:42 ` H. Peter Anvin
2026-04-01 18:12 ` Sean Christopherson
2026-04-01 18:30 ` Dave Hansen
2026-03-23 20:59 ` [PATCH v2 3/5] x86/virt/tdx: Add SEAMCALL wrapper for TDH.SYS.DISABLE Vishal Verma
2026-03-23 21:54 ` Verma, Vishal L
2026-03-23 22:40 ` Huang, Kai
2026-03-24 10:18 ` Chao Gao
2026-03-30 11:58 ` Kiryl Shutsemau
2026-03-30 19:25 ` Edgecombe, Rick P
2026-03-31 12:18 ` Kiryl Shutsemau
2026-03-31 18:22 ` Verma, Vishal L
2026-03-31 21:36 ` Edgecombe, Rick P
2026-04-01 9:26 ` Kiryl Shutsemau
2026-04-01 14:24 ` Dave Hansen
2026-03-23 20:59 ` [PATCH v2 4/5] x86/tdx: Disable the TDX module during kexec and kdump Vishal Verma
2026-03-23 22:41 ` Huang, Kai
2026-03-30 12:03 ` Kiryl Shutsemau [this message]
2026-03-23 20:59 ` [PATCH v2 5/5] x86/virt/tdx: Remove kexec docs Vishal Verma
2026-03-23 22:41 ` Huang, Kai
2026-03-30 12:04 ` Kiryl Shutsemau
2026-04-22 12:45 ` [PATCH] x86/tdx, KVM: fix HKID leak when kexec is initiated with active TDs Nowicki, Robert
2026-04-22 13:14 ` Sean Christopherson
[not found] ` <CH3PR11MB843450CBD154D42B31D15E93832D2@CH3PR11MB8434.namprd11.prod.outlook.com>
2026-04-22 13:34 ` Sean Christopherson
2026-04-22 14:29 ` Edgecombe, Rick P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=acpmkzmE2UvnCEob@thinkstation \
--to=kas@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@kernel.org \
--cc=vishal.l.verma@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.