Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum

From: Huang, Kai
Date: Thu Mar 13 2025 - 19:58:13 EST

Next message: Akihiro Suda: "Re: [PATCH v2] x86: disable PKU when running on Apple Virtualization"
Previous message: Jeff Johnson: "Re: [PATCH v2 10/10] wifi: ath11k: add support for MHI bandwidth scaling"
In reply to: Edgecombe, Rick P: "Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum"
Next in thread: Edgecombe, Rick P: "Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2025-03-13 at 22:47 +0000, Edgecombe, Rick P wrote:
> On Thu, 2025-03-13 at 22:32 +0000, Huang, Kai wrote:
> > > >
> > > > We can add a kernel parameter 'tdx_host={on|off}' and skip all TDX code
> > > > (thus
> > > > no
> > > > erratum detection) when it is off. I suppose it will be useful in general
> > > > anyway even w/o the context of kexec.
> > >
> > > What exactly are you thinking? Add a tdx_host parameter, but what is the
> > > default
> > > behavior? When tdx_host=on with the errata, kexec must still be disabled,
> > > right?
> > > Better to return an error, than proceed and crash.
> >
> > The default behaviour is tdx_host=off in order to not disrupt kexec/kdump
> > behaviour on the TDX platforms with erratum. The distros will be able to ship
> > kernels with both CONFIG_KEXEC_CORE and CONFIG_INTEL_TDX_HOST on, and no
> > visible
> > impact to the user who doesn't care about TDX.
> >
> > If the user is interested in TDX, tdx_host=on must be set in the kernel
> > command
> > line, but in this case user is expected to know kexec/kdump can only work
> > normally if the TDX platform doesn't have the erratum -- kexec/kdump are
> > disabled if the platform has the erratum.
>
> So this will switch all of TDX to be default off then, unless the kernel gets a
> parameter set.
>

Currently in KVM TDX is also default off.

> In which case we could also just unlock the Kconfig with just one
> small change. TDX and kexec would still mutually exclusive, but just at runtime.

Yeah I am thinking this too, given the "keyID 0 integrity" thing are still on-
going.

> We should try to flag Paolo and see what he thinks.

I appreciate if you could help to do.

>
> Or is the proposal to only be default tdx_host=off on the errata platforms? And
> tdx_host=on otherwise?

The tricky thing is, naturally, we want to skip all the code in tdx_init() if
tdx_host=off, because there's no reason to do those detection/initialization if
we are not going to use TDX, e.g., we don't need to this one:

register_memory_notifier(&tdx_memory_nb);

.. that means the code of detecting erratum will be skipped too.

If we only to only make tdx_host=off as default for erratum platforms, then we
need to do cleanup (e.g., to unregister the above memory notifier).

This isn't nice and seems hacky.

I don't see making tdx_host=off as default has problem, anyway, as mentioned
above TDX is off by default in KVM.

Next message: Akihiro Suda: "Re: [PATCH v2] x86: disable PKU when running on Apple Virtualization"
Previous message: Jeff Johnson: "Re: [PATCH v2 10/10] wifi: ath11k: add support for MHI bandwidth scaling"
In reply to: Edgecombe, Rick P: "Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum"
Next in thread: Edgecombe, Rick P: "Re: [RFC PATCH 3/5] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]