From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
To: x86@kernel.org, Krzysztof Kozlowski <krzk+dt@kernel.org>,
Conor Dooley <conor+dt@kernel.org>,
Rob Herring <robh@kernel.org>,
"K. Y. Srinivasan" <kys@microsoft.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
Michael Kelley <mhklinux@outlook.com>,
"Rafael J. Wysocki" <rafael@kernel.org>
Cc: Saurabh Sengar <ssengar@linux.microsoft.com>,
Chris Oo <cho@microsoft.com>,
"Kirill A. Shutemov" <kas@kernel.org>,
linux-hyperv@vger.kernel.org, devicetree@vger.kernel.org,
linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org,
Ricardo Neri <ricardo.neri@intel.com>,
Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Subject: [PATCH v6 10/10] x86/hyperv/vtl: Use the wakeup mailbox to boot secondary CPUs
Date: Thu, 16 Oct 2025 19:57:32 -0700 [thread overview]
Message-ID: <20251016-rneri-wakeup-mailbox-v6-10-40435fb9305e@linux.intel.com> (raw)
In-Reply-To: <20251016-rneri-wakeup-mailbox-v6-0-40435fb9305e@linux.intel.com>
The hypervisor is an untrusted entity for TDX guests. It cannot be used
to boot secondary CPUs. The function hv_vtl_wakeup_secondary_cpu() cannot
be used.
Instead, the virtual firmware boots the secondary CPUs and places them in
a state to transfer control to the kernel using the wakeup mailbox. The
firmware enumerates the mailbox via either an ACPI table or a DeviceTree
node.
If the wakeup mailbox is present, the kernel updates the APIC callback
wakeup_secondary_cpu_64() to use it.
Reviewed-by: Dexuan Cui <decui@microsoft.com>
Reviewed-by: Michael Kelley <mhklinux@outlook.com>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
---
Changes since v5:
- Added Reviewed-by tag from Dexuan. Thanks!
Changes since v4:
- None
Changes since v3:
- Added Reviewed-by tag from Michael. Thanks!
Changes since v2:
- Unconditionally use the wakeup mailbox in a TDX confidential VM.
(Michael).
- Edited the commit message for clarity.
Changes since v1:
- None
---
arch/x86/hyperv/hv_vtl.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c
index 4a15de4d5ec2..e866e643b66c 100644
--- a/arch/x86/hyperv/hv_vtl.c
+++ b/arch/x86/hyperv/hv_vtl.c
@@ -268,7 +268,15 @@ int __init hv_vtl_early_init(void)
panic("XSAVE has to be disabled as it is not supported by this module.\n"
"Please add 'noxsave' to the kernel command line.\n");
- apic_update_callback(wakeup_secondary_cpu_64, hv_vtl_wakeup_secondary_cpu);
+ /*
+ * TDX confidential VMs do not trust the hypervisor and cannot use it to
+ * boot secondary CPUs. Instead, they will be booted using the wakeup
+ * mailbox if detected during boot. See setup_arch().
+ *
+ * There is no paravisor present if we are here.
+ */
+ if (!hv_isolation_type_tdx())
+ apic_update_callback(wakeup_secondary_cpu_64, hv_vtl_wakeup_secondary_cpu);
return 0;
}
--
2.43.0
prev parent reply other threads:[~2025-10-17 2:48 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-17 2:57 [PATCH v6 00/10] x86/hyperv/hv_vtl: Use a wakeup mailbox to boot secondary CPUs Ricardo Neri
2025-10-17 2:57 ` [PATCH v6 01/10] x86/acpi: Add helper functions to setup and access the wakeup mailbox Ricardo Neri
2025-10-17 9:46 ` Rafael J. Wysocki
2025-10-17 21:10 ` Ricardo Neri
2025-10-18 13:08 ` Rafael J. Wysocki
2025-10-17 2:57 ` [PATCH v6 02/10] x86/acpi: Move acpi_wakeup_cpu() and helpers to smpwakeup.c Ricardo Neri
2025-10-27 14:18 ` Borislav Petkov
2025-10-27 20:58 ` Ricardo Neri
2025-10-29 11:13 ` Borislav Petkov
2025-10-30 5:43 ` Ricardo Neri
2025-11-03 13:40 ` Borislav Petkov
2025-11-10 17:49 ` Ricardo Neri
2025-11-10 19:46 ` Borislav Petkov
2025-11-10 20:56 ` Rafael J. Wysocki
2025-10-17 2:57 ` [PATCH v6 03/10] dt-bindings: reserved-memory: Wakeup Mailbox for Intel processors Ricardo Neri
2025-10-27 14:22 ` Borislav Petkov
2025-10-27 20:45 ` Ricardo Neri
2025-10-27 20:41 ` Wysocki, Rafael J
2025-10-27 22:51 ` Borislav Petkov
2025-10-17 2:57 ` [PATCH v6 04/10] x86/dt: Parse the " Ricardo Neri
2025-10-17 22:17 ` Wei Liu
2025-10-17 2:57 ` [PATCH v6 05/10] x86/hyperv/vtl: Set real_mode_header in hv_vtl_init_platform() Ricardo Neri
2025-10-17 2:57 ` [PATCH v6 06/10] x86/realmode: Make the location of the trampoline configurable Ricardo Neri
2025-10-17 2:57 ` [PATCH v6 07/10] x86/hyperv/vtl: Setup the 64-bit trampoline for TDX guests Ricardo Neri
2025-10-17 2:57 ` [PATCH v6 08/10] x86/smpwakeup: Add a helper get the address of the wakeup mailbox Ricardo Neri
2025-10-17 22:16 ` Wei Liu
2025-10-17 2:57 ` [PATCH v6 09/10] x86/hyperv/vtl: Mark the wakeup mailbox page as private Ricardo Neri
2025-10-17 2:57 ` Ricardo Neri [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251016-rneri-wakeup-mailbox-v6-10-40435fb9305e@linux.intel.com \
--to=ricardo.neri-calderon@linux.intel.com \
--cc=cho@microsoft.com \
--cc=conor+dt@kernel.org \
--cc=decui@microsoft.com \
--cc=devicetree@vger.kernel.org \
--cc=haiyangz@microsoft.com \
--cc=kas@kernel.org \
--cc=krzk+dt@kernel.org \
--cc=kys@microsoft.com \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mhklinux@outlook.com \
--cc=rafael@kernel.org \
--cc=ricardo.neri@intel.com \
--cc=robh@kernel.org \
--cc=ssengar@linux.microsoft.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox