From nobody Mon Apr 6 16:31:03 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0E1D73976BB; Wed, 4 Mar 2026 23:42:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772667754; cv=none; b=jUSkKQefwlumlG9i/Q9Ys2QD6V5FMIyUClwRan9Jh0OFplOq2QIfgBHHettmOMeaTSQlmBZqEkh39eNv9E0/CqayNSJYN+YqczYd3C4TZDcHnhaHJIIje8TqbH3YeGHiDqz4hiuaRaGJZK4miqI0WBeiRFcN2rUmFZmEK76/WC0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772667754; c=relaxed/simple; bh=L8Ru1Y1TQTL3fMh3bls020gKDtFIM4GJX2W6RnGN4oA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=YzVcubs7a2DaL1zs6IpPhSggdh6j0DoFOvYCnFEMXYjA5TiOb8QCMZf29UJfkl6YNLyXNFhZ/YVNzVLmID79HJ08rQOtIR1eq4kKTimLrGbRF94lfYX9xI2+8GWlS0M07hfJXEpYyCZpTb+6eBT5lBr93dkdXVb5NMP5nhvLpUU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=pass smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=XIJbNVsK; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="XIJbNVsK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1772667753; x=1804203753; h=from:date:subject:mime-version:content-transfer-encoding: message-id:references:in-reply-to:to:cc; bh=L8Ru1Y1TQTL3fMh3bls020gKDtFIM4GJX2W6RnGN4oA=; b=XIJbNVsKJ5sqN7Y3Ve0xOZWZAM9+D56WodO3cqvj6yWOOFsU3orXPmbf wvuuOGNbFnirPI/vttRXvi1S4AMMHqerGvLrauKrI8NUgnEIWam4VxijA 41Wi2TjH/Lk0ZUcq7FCbc7n1TFNOl66c+9Q6E3yb1CHXzOSVonT0bpmH+ YOj/AVmrfBqwSf/KoYxvxhMYzOcD3HajhrEsbGrnCdFJBjELYEJGFiIcC 2ij9OqTgqvxyAnaMXIo5dgiZ4sAjH/H7M2co6H0IG5zicn/tWDPjJ1+A4 BldN6N3ZKZ9G81RhWDzrj7zNrG+Dg4CD0rDBdj4IlabZxNtKjs1Xs8dew A==; X-CSE-ConnectionGUID: oBOMegsvRKKurdpgz0JlYg== X-CSE-MsgGUID: uq8zzZIKRRO0Z80ddFkdXA== X-IronPort-AV: E=McAfee;i="6800,10657,11719"; a="96359396" X-IronPort-AV: E=Sophos;i="6.21,324,1763452800"; d="scan'208";a="96359396" Received: from fmviesa006.fm.intel.com ([10.60.135.146]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Mar 2026 15:42:30 -0800 X-CSE-ConnectionGUID: 6xn8DzpJTkeJXjN2O9UDPw== X-CSE-MsgGUID: BhDGoJiYTtm1bJ0ThOlNGg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.21,324,1763452800"; d="scan'208";a="215376913" Received: from unknown (HELO [172.25.112.21]) ([172.25.112.21]) by fmviesa006.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Mar 2026 15:42:29 -0800 From: Ricardo Neri Date: Wed, 04 Mar 2026 15:41:18 -0800 Subject: [PATCH v9 07/10] x86/hyperv/vtl: Setup the 64-bit trampoline for TDX guests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260304-rneri-wakeup-mailbox-v9-7-a5c6845e6251@linux.intel.com> References: <20260304-rneri-wakeup-mailbox-v9-0-a5c6845e6251@linux.intel.com> In-Reply-To: <20260304-rneri-wakeup-mailbox-v9-0-a5c6845e6251@linux.intel.com> To: x86@kernel.org, Krzysztof Kozlowski , Conor Dooley , Rob Herring , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Michael Kelley , "Rafael J. Wysocki" Cc: Saurabh Sengar , Chris Oo , "Kirill A. Shutemov" , linux-hyperv@vger.kernel.org, devicetree@vger.kernel.org, linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org, Ricardo Neri , Yunhong Jiang , Ricardo Neri X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1772667694; l=2745; i=ricardo.neri-calderon@linux.intel.com; s=20250602; h=from:subject:message-id; bh=gZ53l7WuF1Dvxd82tcmGZ1N9jujHl1P/hFTFjsVZFn0=; b=s1yOtexGbHwKfPQMvOJrkBmnW+al2MUn7C1xWVdDG+35/vJ1TBIZ9CaDoAYn3jFrxa/oRikSJ Mu7cwdf5u+RBkdioq9WAAcbMPC3XO0PJmUneRoo7zE2d4Ipr2MnMZyw X-Developer-Key: i=ricardo.neri-calderon@linux.intel.com; a=ed25519; pk=NfZw5SyQ2lxVfmNMaMR6KUj3+0OhcwDPyRzFDH9gY2w= From: Yunhong Jiang The hypervisor is an untrusted entity for TDX guests. It cannot be used to boot secondary CPUs - neither via hypercalls nor the INIT assert, de-assert, plus Start-Up IPI messages. Instead, the platform virtual firmware boots the secondary CPUs and puts them in a state to transfer control to the kernel. This mechanism uses the wakeup mailbox described in the Multiprocessor Wakeup Structure of the ACPI specification. The entry point to the kernel is trampoline_start64. Allocate and setup the trampoline using the default x86_platform callbacks. The platform firmware configures the secondary CPUs in long mode. It is no longer necessary to locate the trampoline under 1MB memory. After handoff from firmware, the trampoline code switches briefly to 32-bit addressing mode, which has an addressing limit of 4GB. Set the upper bound of the trampoline memory accordingly. Reviewed-by: Dexuan Cui Reviewed-by: Michael Kelley Signed-off-by: Yunhong Jiang Signed-off-by: Ricardo Neri --- Changes in v9: - None Changes in v8: - None Changes in v7: - None Changes in v6: - Added Reviewed-by tag from Dexuan. Thanks! Changes in v5: - None Changes in v4: - Added Reviewed-by tag from Michael. Thanks! Changes in v3: - Added a note regarding there is no need to check for a present paravisor. - Edited commit message for clarity. Changes in v2: - Dropped the function hv_reserve_real_mode(). Instead, used the new members realmode_limit and reserve_bios members of x86_init to set the upper bound of the trampoline memory. (Thomas) --- arch/x86/hyperv/hv_vtl.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c index e045bf3a2c59..b94fffa67312 100644 --- a/arch/x86/hyperv/hv_vtl.c +++ b/arch/x86/hyperv/hv_vtl.c @@ -68,9 +68,14 @@ void __init hv_vtl_init_platform(void) */ pr_info("Linux runs in Hyper-V Virtual Trust Level %d\n", ms_hyperv.vtl); =20 - x86_platform.realmode_reserve =3D x86_init_noop; - x86_platform.realmode_init =3D x86_init_noop; - real_mode_header =3D &hv_vtl_real_mode_header; + /* There is no paravisor present if we are here. */ + if (hv_isolation_type_tdx()) { + x86_init.resources.realmode_limit =3D SZ_4G; + } else { + x86_platform.realmode_reserve =3D x86_init_noop; + x86_platform.realmode_init =3D x86_init_noop; + real_mode_header =3D &hv_vtl_real_mode_header; + } x86_init.irqs.pre_vector_init =3D x86_init_noop; x86_init.timers.timer_init =3D x86_init_noop; x86_init.resources.probe_roms =3D x86_init_noop; --=20 2.43.0