[PATCH 0/2] kexec: Refuse kernel-unsafe Microsoft Hypervisor transitions

Stanislav Kinsburskii skinsburskii at linux.microsoft.com
Wed Feb 11 15:30:51 PST 2026 

On Wed, Jan 28, 2026 at 05:41:56PM +0000, Stanislav Kinsburskii wrote:
> When Microsoft Hypervisor is active, the kernel may have memory “deposited”
> to the hypervisor. Those pages are no longer safe for the kernel to touch,
> and attempting to access them can trigger a GPF. The problem becomes acute
> with kexec: the “deposited pages” state does not survive the transition,
> and the next kernel has no reliable way to know which pages are still
> owned/managed by the hypervisor.
> 
> Until there is a proper handoff mechanism to preserve that state across
> kexec, the only safe behavior is to refuse kexec whenever there is shared
> hypervisor state that cannot survive the transition—most notably deposited
> pages, and also cases where VMs are still running.
> 
> This series adds the missing kexec integration point needed by MSHV: a
> callback at the kexec “freeze” stage so the driver can make the transition
> safe (or block it). With this hook, MSHV can refuse kexec while VMs are
> running, attempt to withdraw deposited pages when possible (e.g. L1VH
> host), and fail the transition if any pages remain deposited.
> 
> ---
> 
> Stanislav Kinsburskii (2):
>       kexec: Add permission notifier chain for kexec operations
>       mshv: Add kexec blocking support
> 

Hi,

I’m sending a gentle follow‑up on the patch series below, which I posted
about two weeks ago. I wanted to check whether anyone has had a chance
to look at it, or if there are concerns I should address.

Any feedback would be appreciated.

Thanks for your time.

Best regards,
Stanislav

> 
>  drivers/hv/Makefile            |    1 +
>  drivers/hv/hv_proc.c           |    4 ++
>  drivers/hv/mshv_kexec.c        |   66 ++++++++++++++++++++++++++++++++++++++++
>  drivers/hv/mshv_root.h         |   14 ++++++++
>  drivers/hv/mshv_root_hv_call.c |    2 +
>  drivers/hv/mshv_root_main.c    |    7 ++++
>  include/linux/kexec.h          |    6 ++++
>  kernel/kexec_core.c            |   24 +++++++++++++++
>  8 files changed, 124 insertions(+)
>  create mode 100644 drivers/hv/mshv_kexec.c
>

More information about the kexec mailing list