Re: [PATCH v5 0/5] TDX host: kexec() support

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Huang, Kai" <kai.huang@intel.com>
To: Sagi Shahar <sagis@google.com>
Cc: "bp@alien8.de" <bp@alien8.de>,
	"Hansen, Dave" <dave.hansen@intel.com>,
	"hpa@zytor.com" <hpa@zytor.com>,
	"kirill.shutemov@linux.intel.com"
	<kirill.shutemov@linux.intel.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"luto@kernel.org" <luto@kernel.org>,
	"mingo@redhat.com" <mingo@redhat.com>,
	"pbonzini@redhat.com" <pbonzini@redhat.com>,
	"peterz@infradead.org" <peterz@infradead.org>,
	"seanjc@google.com" <seanjc@google.com>,
	"tglx@linutronix.de" <tglx@linutronix.de>,
	"thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
	"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH v5 0/5] TDX host: kexec() support
Date: Tue, 20 Aug 2024 10:43:55 +1200	[thread overview]
Message-ID: <f4b60d0e-bec7-45d0-bbdf-fb04362c863a@intel.com> (raw)
In-Reply-To: <CAAhR5DEEsFNqdxbd62tGh9Cj7ZQMQs6fEjAKs6djkZzgZALOfw@mail.gmail.com>



On 20/08/2024 10:28 am, Sagi Shahar wrote:
> On Mon, Aug 19, 2024 at 5:16 PM Huang, Kai <kai.huang@intel.com> wrote:
>>
>>
>>
>> On 20/08/2024 9:21 am, Sagi Shahar wrote:
>>>> Currently kexec() support and TDX host are muturally exclusive in the
>>>> Kconfig.  This series adds the TDX host kexec support so that they can
>>>> work together and can be enabled at the same time in the Kconfig.
>>>
>>> I tried testing the kexec functionality and noticed that the TDX module
>>> fails initialization on the second kernel so you can't actually kexec
>>> between 2 kernels that enable TDX. Is that the expected behavior? Are
>>> there future patches to enable that functionality?
>>>
>>
>> Thanks for testing!
>>
>> Yes this is the expected behaviour.  If the first kernel has enabled
>> TDX, then the second kernel will fail to init TDX.  The reason the first
>> SEAMCALL to initialize TDX module in the second kernel will fail due to
>> module having been initialized.
>>
>> However if the first kernel has not enabled TDX, the second kernel is
>> able to enable it.
> 
> Are there any plans to support both kernels being able to enable TDX
> in the future? Either by changes to KVM or the TDX module?

AFAICT we haven't received such requirement so far.  Let me double check 
internally and get back here.

Btw, if we want to do this purely from software, changing KVM isn't the 
right thing to do.  We need to somehow pass key data structures managing 
TDX module to the second kernel, e.g., module status, locations of 
PAMTs.  And the second kernel needs to be modified to understand those, 
which means some old (second) kernels with TDX support may not be able 
to support this even if we add this to the kernel.

next prev parent reply	other threads:[~2024-08-19 22:44 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-08-15 12:29 [PATCH v5 0/5] TDX host: kexec() support Kai Huang
2024-08-15 12:29 ` [PATCH v5 1/5] x86/kexec: do unconditional WBINVD for bare-metal in stop_this_cpu() Kai Huang
2024-08-15 12:29 ` [PATCH v5 2/5] x86/kexec: do unconditional WBINVD for bare-metal in relocate_kernel() Kai Huang
2024-08-15 23:45   ` Huang, Kai
2024-09-04 15:30   ` Borislav Petkov
2024-09-04 23:55     ` Huang, Kai
2024-08-15 12:29 ` [PATCH v5 3/5] x86/virt/tdx: Make module initializatiton state immutable in reboot notifier Kai Huang
2024-08-15 12:29 ` [PATCH v5 4/5] x86/kexec: Reset TDX private memory on platforms with TDX erratum Kai Huang
2024-08-15 12:29 ` [PATCH v5 5/5] x86/virt/tdx: Remove the !KEXEC_CORE dependency Kai Huang
2024-08-19 21:21 ` [PATCH v5 0/5] TDX host: kexec() support Sagi Shahar
2024-08-19 22:16   ` Huang, Kai
2024-08-19 22:28     ` Sagi Shahar
2024-08-19 22:43       ` Huang, Kai [this message]
2024-08-23 16:15         ` Sagi Shahar
2024-08-24  9:31           ` Huang, Kai
2024-08-26 19:22             ` Sagi Shahar
2024-08-26 22:50               ` Huang, Kai

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f4b60d0e-bec7-45d0-bbdf-fb04362c863a@intel.com \
    --to=kai.huang@intel.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@intel.com \
    --cc=hpa@zytor.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=sagis@google.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox