[PATCH v5 07/10] x86/hyperv/vtl: Setup the 64-bit trampoline for TDX guests

linux-acpi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
To: x86@kernel.org, Krzysztof Kozlowski <krzk+dt@kernel.org>,
	 Conor Dooley <conor+dt@kernel.org>,
	Rob Herring <robh@kernel.org>,
	 "K. Y. Srinivasan" <kys@microsoft.com>,
	 Haiyang Zhang <haiyangz@microsoft.com>,
	Wei Liu <wei.liu@kernel.org>,  Dexuan Cui <decui@microsoft.com>,
	Michael Kelley <mhklinux@outlook.com>,
	 "Rafael J. Wysocki" <rafael@kernel.org>
Cc: Saurabh Sengar <ssengar@linux.microsoft.com>,
	 Chris Oo <cho@microsoft.com>,
	 "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	 linux-hyperv@vger.kernel.org, devicetree@vger.kernel.org,
	 linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org,
	 Ricardo Neri <ricardo.neri@intel.com>,
	 Yunhong Jiang <yunhong.jiang@linux.intel.com>,
	 Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Subject: [PATCH v5 07/10] x86/hyperv/vtl: Setup the 64-bit trampoline for TDX guests
Date: Fri, 27 Jun 2025 20:35:13 -0700	[thread overview]
Message-ID: <20250627-rneri-wakeup-mailbox-v5-7-df547b1d196e@linux.intel.com> (raw)
In-Reply-To: <20250627-rneri-wakeup-mailbox-v5-0-df547b1d196e@linux.intel.com>

From: Yunhong Jiang <yunhong.jiang@linux.intel.com>

The hypervisor is an untrusted entity for TDX guests. It cannot be used
to boot secondary CPUs - neither via hypercalls not the INIT assert,
de-assert plus Start-Up IPI messages.

Instead, the platform virtual firmware boots the secondary CPUs and
puts them in a state to transfer control to the kernel. This mechanism uses
the wakeup mailbox described in the Multiprocessor Wakeup Structure of the
ACPI specification. The entry point to the kernel is trampoline_start64.

Allocate and setup the trampoline using the default x86_platform callbacks.

The platform firmware configures the secondary CPUs in long mode. It is no
longer necessary to locate the trampoline under 1MB memory. After handoff
from firmware, the trampoline code switches briefly to 32-bit addressing
mode, which has an addressing limit of 4GB. Set the upper bound of the
trampoline memory accordingly.

Reviewed-by: Michael Kelley <mhklinux@outlook.com>
Signed-off-by: Yunhong Jiang <yunhong.jiang@linux.intel.com>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
---
Changes since v4:
 - None

Changes since v3:
 - Added Reviewed-by tag from Michael. Thanks!

Changes since v2:
 - Added a note regarding there is no need to check for a present
   paravisor.
 - Edited commit message for clarity.

Changes since v1:
 - Dropped the function hv_reserve_real_mode(). Instead, used the new
   members realmode_limit and reserve_bios members of x86_init to
   set the upper bound of the trampoline memory. (Thomas)
---
 arch/x86/hyperv/hv_vtl.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c
index e10b63b7a49f..ca0d23206e67 100644
--- a/arch/x86/hyperv/hv_vtl.c
+++ b/arch/x86/hyperv/hv_vtl.c
@@ -63,9 +63,14 @@ void __init hv_vtl_init_platform(void)
 	 */
 	pr_info("Linux runs in Hyper-V Virtual Trust Level %d\n", ms_hyperv.vtl);
 
-	x86_platform.realmode_reserve = x86_init_noop;
-	x86_platform.realmode_init = x86_init_noop;
-	real_mode_header = &hv_vtl_real_mode_header;
+	/* There is no paravisor present if we are here. */
+	if (hv_isolation_type_tdx()) {
+		x86_init.resources.realmode_limit = SZ_4G;
+	} else {
+		x86_platform.realmode_reserve = x86_init_noop;
+		x86_platform.realmode_init = x86_init_noop;
+		real_mode_header = &hv_vtl_real_mode_header;
+	}
 	x86_init.irqs.pre_vector_init = x86_init_noop;
 	x86_init.timers.timer_init = x86_init_noop;
 	x86_init.resources.probe_roms = x86_init_noop;

-- 
2.43.0

next prev parent reply	other threads:[~2025-06-28  3:35 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-28  3:35 [PATCH v5 00/10] x86/hyperv/hv_vtl: Use a wakeup mailbox to boot secondary CPUs Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 01/10] x86/acpi: Add a helper functions to setup and access the wakeup mailbox Ricardo Neri
2025-06-30 18:55   ` Rafael J. Wysocki
2025-06-30 22:51     ` Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 02/10] x86/acpi: Move acpi_wakeup_cpu() and helpers to smpwakeup.c Ricardo Neri
2025-06-30 11:03   ` Peter Zijlstra
2025-06-30 12:07     ` Kirill A. Shutemov
2025-06-30 13:26       ` Peter Zijlstra
2025-06-30 18:58   ` Rafael J. Wysocki
2025-06-30 22:50     ` Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 03/10] dt-bindings: reserved-memory: Wakeup Mailbox for Intel processors Ricardo Neri
2025-06-30 19:02   ` Rafael J. Wysocki
2025-06-30 22:49     ` Ricardo Neri
2025-07-08 12:41   ` Rob Herring (Arm)
2025-06-28  3:35 ` [PATCH v5 04/10] x86/dt: Parse the " Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 05/10] x86/hyperv/vtl: Set real_mode_header in hv_vtl_init_platform() Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 06/10] x86/realmode: Make the location of the trampoline configurable Ricardo Neri
2025-06-28  3:35 ` Ricardo Neri [this message]
2025-06-28  3:35 ` [PATCH v5 08/10] x86/smpwakeup: Add a helper get the address of the wakeup mailbox Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 09/10] x86/hyperv/vtl: Mark the wakeup mailbox page as private Ricardo Neri
2025-06-28  3:35 ` [PATCH v5 10/10] x86/hyperv/vtl: Use the wakeup mailbox to boot secondary CPUs Ricardo Neri
2025-08-20 23:11 ` [PATCH v5 00/10] x86/hyperv/hv_vtl: Use a " Ricardo Neri

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e10b63b7a49 dfblob:ca0d23206e6 )
 OR (
bs:"[PATCH v5 07/10] x86/hyperv/vtl: Setup the 64-bit trampoline for TDX guests" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250627-rneri-wakeup-mailbox-v5-7-df547b1d196e@linux.intel.com \
    --to=ricardo.neri-calderon@linux.intel.com \
    --cc=cho@microsoft.com \
    --cc=conor+dt@kernel.org \
    --cc=decui@microsoft.com \
    --cc=devicetree@vger.kernel.org \
    --cc=haiyangz@microsoft.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=krzk+dt@kernel.org \
    --cc=kys@microsoft.com \
    --cc=linux-acpi@vger.kernel.org \
    --cc=linux-hyperv@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mhklinux@outlook.com \
    --cc=rafael@kernel.org \
    --cc=ricardo.neri@intel.com \
    --cc=robh@kernel.org \
    --cc=ssengar@linux.microsoft.com \
    --cc=wei.liu@kernel.org \
    --cc=x86@kernel.org \
    --cc=yunhong.jiang@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).