Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum

From: Huang, Kai
Date: Wed Mar 12 2025 - 20:58:47 EST


On Wed, 2025-03-12 at 23:27 +0000, Edgecombe, Rick P wrote:
> On Thu, 2025-03-13 at 00:34 +1300, Kai Huang wrote:
> > The impact to userspace is the users will get an error when loading the
> > kexec/kdump kernel image:
> >
> >   kexec_load failed: Operation not supported
> >
> > This might be confusing to the users, thus also print the reason in the
> > dmesg:
> >
> >   [..] kexec: not allowed on platform with tdx_pw_mce bug.
>
> Continuing an internal discussion... A problem with the plan to more simply
> start support for kexec by not supporting the errata platforms is that when
> these platforms configure TDX they will lose kexec by default.
>
> Probably a better default for a lot of kernels would be to have kexec work by
> default, and require opt-in to use TDX (and lose kexec). One idea was a kernel
> parameter be required to enable TDX on those platforms. But then we are starting
> to add complexity to avoid other complexity (the errata platform kexec support).
>
> Still, it may be a net win on complexity.

We can add a kernel parameter 'tdx_host={on|off}' and skip all TDX code (thus no
erratum detection) when it is off. I suppose it will be useful in general
anyway even w/o the context of kexec.