[PATCH] x86: Disable kexec for TDX guests

Dave Hansen dave.hansen at intel.com
Sat Mar 25 09:25:36 PDT 2023


On 3/25/23 09:01, Kirill A. Shutemov wrote:
> The last item is tricky. TDX guests use ACPI MADT MPWK to bring up
> secondary CPUs. The mechanism doesn't allow to put a CPU back offline if
> it has woken up.
...
> +int arch_kexec_load(void)
> +{
> +	if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) {
> +		pr_warn_once("Disable kexec: not yet supported in TDX guest\n");
> +		return -EOPNOTSUPP;
> +	}
> +
> +	return 0;
> +}

So, let's put all this together:

1. TDX implementations use MADT for wakeup exclusively right now (but
   are not necessarily _required_ to do so forever)
2. MADT doesn't support CPU offlining
3. kexec() requires offlining

Thus, current TDX implementations can't support TDX guests.  This
*doesn't* say that TDX will always use the MADT for wakeups.

Yet, the check you have here is for TDX and *not* for the MADT.

That seems wrong.

Let's say SEV or arm64 comes along and uses the MADT for their guests.
They'll add another arch_kexec_load(), with a check for *their* feature.

This all seems like you should be disabling kexec() the moment the MADT
CPU wakeup is used instead of making it based on TDX.



More information about the kexec mailing list