From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1751D2C15B3; Mon, 25 Aug 2025 22:59:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162746; cv=none; b=FqB+f4F1sQwynLneYaccnu+aD4oPDRj+/X9fB/rJQPTCaxxx7H7dW/x2jCAy+d7G0Bgo9hNScXOpfxiAKRo9y8hApbOLLuJ+MzJvOryJt+WcDmELvy9LENwVqoy2x5X5nT6tamh7QG65xQhTe9Vh8kH1f9GqUiQsp8KnUUdmvKs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162746; c=relaxed/simple; bh=xNRcCoQoKv90Slj5/9Y+vtt/ZytlVfLXi7krxkaoW+0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Juw5TpjuqpOV+JEufH5+i1BZy0n+ovrcbip3VOgxoUQZd259WoNG/METnHMgKNwp1Wd+ZqN08y+o73Zm167CODtsR8z/choROBXyRgXcMfcDDG37ozEx5Y90cCfP3aZA2geoMo0Jr2wELxnDRLm6gKGl/7Fcvk17/q1Q7TPG6AU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=E2uPxOSi; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="E2uPxOSi" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162745; x=1787698745; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xNRcCoQoKv90Slj5/9Y+vtt/ZytlVfLXi7krxkaoW+0=; b=E2uPxOSi2nD1U/j0dpAq3dLGcZLZpkRikMkDxmWwEWQyrNk9n9Y7WLon 9HOX9rCRtpPVIhUhxJTxj2xWEDypug0Qo0/SekuUicc4Xh95y/8lrAlSB bSqsPD0wCDFqoAtJpZxcmUly4WO5wgrLPAVVTzIMikUlLVqU1OY5jQXHR SL7n0RrG7bDcklO0miKNHrCEsyzIwPale2P/nARL/YpZNJ/5ATpdGG6f0 koLr4IQuMehKPlwj5KNBkPnJrgXqT+McErrYmZA7nh6YHutDvHKzh2CgU mEmfrh05yV4sAlJgcfmgr2OVpb+sx3+tiayeS6QIinW7J53ajsPyQBFsq Q==; X-CSE-ConnectionGUID: XZMI7po5SdWTn5Ce3d78mg== X-CSE-MsgGUID: CiCbuUMYSo+lt0kbBfidtw== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533325" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533325" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:05 -0700 X-CSE-ConnectionGUID: wNcOqKLJSJKz8oQEA2Z2WQ== X-CSE-MsgGUID: GYq5AecUSzmIWf5MOBPmbQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308402" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:58:59 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 1/7] x86/kexec: Consolidate relocate_kernel() function parameters Date: Tue, 26 Aug 2025 10:58:36 +1200 Message-ID: <16e7fb2fcdaee423c7177e06a36f0f039ebd4527.1756161460.git.kai.huang@intel.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" During kexec, the kernel jumps to the new kernel in relocate_kernel(), which is implemented in assembly and both 32-bit and 64-bit have their own version. Currently, for both 32-bit and 64-bit, the last two parameters of the relocate_kernel() are both 'unsigned int' but actually they only convey a boolean, i.e., one bit information. The 'unsigned int' has enough space to carry two bits information therefore there's no need to pass the two booleans in two separate 'unsigned int'. Consolidate the last two function parameters of relocate_kernel() into a single 'unsigned int' and pass flags instead. Only consolidate the 64-bit version albeit the similar optimization can be done for the 32-bit version too. Don't bother changing the 32-bit version while it is working (since assembly code change is required). Signed-off-by: Kai Huang Reviewed-by: Tom Lendacky Reviewed-by: Borislav Petkov (AMD) Reviewed-by: David Woodhouse --- v6 -> v7: - Add Boris's RB. v5 -> v6: - Add Tom's RB. v4 -> v5: - RELOC_KERNEL_HOST_MEM_ACTIVE -> RELOC_KERNEL_HOST_MEM_ENC_ACTIVE (Tom) - Add a comment to explain only RELOC_KERNEL_PRESERVE_CONTEXT is restored after jumping back from peer kernel for preserved_context kexec (pointed out by Tom). - Use testb instead of testq when comparing the flag with R11 to save 3 bytes (Hpa). v4: - new patch --- arch/x86/include/asm/kexec.h | 12 ++++++++++-- arch/x86/kernel/machine_kexec_64.c | 22 +++++++++++++--------- arch/x86/kernel/relocate_kernel_64.S | 25 +++++++++++++++---------- 3 files changed, 38 insertions(+), 21 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index f2ad77929d6e..12cebbcdb6c8 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -13,6 +13,15 @@ # define KEXEC_DEBUG_EXC_HANDLER_SIZE 6 /* PUSHI, PUSHI, 2-byte JMP */ #endif =20 +#ifdef CONFIG_X86_64 + +#include + +#define RELOC_KERNEL_PRESERVE_CONTEXT BIT(0) +#define RELOC_KERNEL_HOST_MEM_ENC_ACTIVE BIT(1) + +#endif + # define KEXEC_CONTROL_PAGE_SIZE 4096 # define KEXEC_CONTROL_CODE_MAX_SIZE 2048 =20 @@ -121,8 +130,7 @@ typedef unsigned long relocate_kernel_fn(unsigned long indirection_page, unsigned long pa_control_page, unsigned long start_address, - unsigned int preserve_context, - unsigned int host_mem_enc_active); + unsigned int flags); #endif extern relocate_kernel_fn relocate_kernel; #define ARCH_HAS_KIMAGE_ARCH diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_k= exec_64.c index 697fb99406e6..5cda8d8d8b13 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -384,16 +384,10 @@ void __nocfi machine_kexec(struct kimage *image) { unsigned long reloc_start =3D (unsigned long)__relocate_kernel_start; relocate_kernel_fn *relocate_kernel_ptr; - unsigned int host_mem_enc_active; + unsigned int relocate_kernel_flags; int save_ftrace_enabled; void *control_page; =20 - /* - * This must be done before load_segments() since if call depth tracking - * is used then GS must be valid to make any function calls. - */ - host_mem_enc_active =3D cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT); - #ifdef CONFIG_KEXEC_JUMP if (image->preserve_context) save_processor_state(); @@ -427,6 +421,17 @@ void __nocfi machine_kexec(struct kimage *image) */ relocate_kernel_ptr =3D control_page + (unsigned long)relocate_kernel - r= eloc_start; =20 + relocate_kernel_flags =3D 0; + if (image->preserve_context) + relocate_kernel_flags |=3D RELOC_KERNEL_PRESERVE_CONTEXT; + + /* + * This must be done before load_segments() since if call depth tracking + * is used then GS must be valid to make any function calls. + */ + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) + relocate_kernel_flags |=3D RELOC_KERNEL_HOST_MEM_ENC_ACTIVE; + /* * The segment registers are funny things, they have both a * visible and an invisible part. Whenever the visible part is @@ -443,8 +448,7 @@ void __nocfi machine_kexec(struct kimage *image) image->start =3D relocate_kernel_ptr((unsigned long)image->head, virt_to_phys(control_page), image->start, - image->preserve_context, - host_mem_enc_active); + relocate_kernel_flags); =20 #ifdef CONFIG_KEXEC_JUMP if (image->preserve_context) diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocat= e_kernel_64.S index ea604f4d0b52..26e945f85d19 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -66,8 +66,7 @@ SYM_CODE_START_NOALIGN(relocate_kernel) * %rdi indirection_page * %rsi pa_control_page * %rdx start address - * %rcx preserve_context - * %r8 host_mem_enc_active + * %rcx flags: RELOC_KERNEL_* */ =20 /* Save the CPU context, used for jumping back */ @@ -111,7 +110,7 @@ SYM_CODE_START_NOALIGN(relocate_kernel) /* save indirection list for jumping back */ movq %rdi, pa_backup_pages_map(%rip) =20 - /* Save the preserve_context to %r11 as swap_pages clobbers %rcx. */ + /* Save the flags to %r11 as swap_pages clobbers %rcx. */ movq %rcx, %r11 =20 /* setup a new stack at the end of the physical control page */ @@ -129,9 +128,8 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) /* * %rdi indirection page * %rdx start address - * %r8 host_mem_enc_active * %r9 page table page - * %r11 preserve_context + * %r11 flags: RELOC_KERNEL_* * %r13 original CR4 when relocate_kernel() was invoked */ =20 @@ -204,7 +202,7 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) * entries that will conflict with the now unencrypted memory * used by kexec. Flush the caches before copying the kernel. */ - testq %r8, %r8 + testb $RELOC_KERNEL_HOST_MEM_ENC_ACTIVE, %r11b jz .Lsme_off wbinvd .Lsme_off: @@ -220,7 +218,7 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) movq %cr3, %rax movq %rax, %cr3 =20 - testq %r11, %r11 /* preserve_context */ + testb $RELOC_KERNEL_PRESERVE_CONTEXT, %r11b jnz .Lrelocate =20 /* @@ -273,7 +271,13 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) ANNOTATE_NOENDBR andq $PAGE_MASK, %r8 lea PAGE_SIZE(%r8), %rsp - movl $1, %r11d /* Ensure preserve_context flag is set */ + /* + * Ensure RELOC_KERNEL_PRESERVE_CONTEXT flag is set so that + * swap_pages() can swap pages correctly. Note all other + * RELOC_KERNEL_* flags passed to relocate_kernel() are not + * restored. + */ + movl $RELOC_KERNEL_PRESERVE_CONTEXT, %r11d call swap_pages movq kexec_va_control_page(%rip), %rax 0: addq $virtual_mapped - 0b, %rax @@ -321,7 +325,7 @@ SYM_CODE_START_LOCAL_NOALIGN(swap_pages) UNWIND_HINT_END_OF_STACK /* * %rdi indirection page - * %r11 preserve_context + * %r11 flags: RELOC_KERNEL_* */ movq %rdi, %rcx /* Put the indirection_page in %rcx */ xorl %edi, %edi @@ -357,7 +361,8 @@ SYM_CODE_START_LOCAL_NOALIGN(swap_pages) movq %rdi, %rdx /* Save destination page to %rdx */ movq %rsi, %rax /* Save source page to %rax */ =20 - testq %r11, %r11 /* Only actually swap for ::preserve_context */ + /* Only actually swap for ::preserve_context */ + testb $RELOC_KERNEL_PRESERVE_CONTEXT, %r11b jz .Lnoswap =20 /* copy source page to swap page */ --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD5822D061E; Mon, 25 Aug 2025 22:59:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162753; cv=none; b=owsD1k3Xx8fO6pPH81/4Uy31/LMQEU/X+/DYozYd1Rg07KnIBDPxZgaR7zZYxVFa+nQGhTkE/ULu+Y9le49+EzKL7oqblBmdfteK5vTw7eH6S5FchqCOcZsF9GN7kyhCGKs1GFY+NtXvBrgc87lyda96YK/qJhfn2liKaAgj8+c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162753; c=relaxed/simple; bh=sQLQIb3lXbdRCTd1qONWSd9/8AzyiqqEAKKCpvPKYpw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IH1jxJoTJSYaCMlt39rK+HGYVuhOTmIuXDtu77w92Eg0iRxj+2puttfuBYHVguThYNSlXit1BgAe54ZexnR6khJOks4RQrAHV01GRII1UmIUsN+WwetTrMo0SPtO2nS0/YDlPNX/68xays/wd9+8aruOq/ktTuYN/fV/pFOBVZc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Tt3hM9g5; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Tt3hM9g5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162751; x=1787698751; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sQLQIb3lXbdRCTd1qONWSd9/8AzyiqqEAKKCpvPKYpw=; b=Tt3hM9g5EyShe5hi8RTg6/4Uq3if3kSKDKbFAJThcYjA37iSzXH5MaeR 4pgNtc3RDbRc28bd27NuIUtnjB2lF2gS3HCFR0k4JijQ5U5+qUPOVmAcr cnG/Y3o/Jod5Oan8FmzMmrr6DdkI38CfYX7DLOgYhrti3DaAoAlrJ8ET6 em5YfGdYIKciYV0wbJH2GGz4qbrttcKYfJ1sMeTC7lKgOKCYxEBGKQmlE Bu/Ez8MI5uwNvO477xooCxUEkO98SBfVVqKXdLlBrLvTxzW9EoF705FRY Mtft3Emlf26rXlSx5kmI/XDQbjrQovXVGQyuYrcyYnfoDhBY34bJhhQox Q==; X-CSE-ConnectionGUID: cerAGvNNQOuDTQ2Lm/kiYw== X-CSE-MsgGUID: dBOck5q6Qq6KbmHZr+z7WA== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533344" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533344" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:10 -0700 X-CSE-ConnectionGUID: U1uN8Z/wSeqwLya4LvjUTw== X-CSE-MsgGUID: aE5DiH4iR8iG5lU5lR8kFQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308423" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:04 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 2/7] x86/sme: Use percpu boolean to control WBINVD during kexec Date: Tue, 26 Aug 2025 10:58:37 +1200 Message-ID: X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TL;DR: Prepare to unify how TDX and SME do cache flushing during kexec by making a percpu boolean control whether to do the WBINVD. -- Background -- On SME platforms, dirty cacheline aliases with and without encryption bit can coexist, and the CPU can flush them back to memory in random order. During kexec, the caches must be flushed before jumping to the new kernel otherwise the dirty cachelines could silently corrupt the memory used by the new kernel due to different encryption property. TDX also needs a cache flush during kexec for the same reason. It would be good to have a generic way to flush the cache instead of scattering checks for each feature all around. When SME is enabled, the kernel basically encrypts all memory including the kernel itself and a simple memory write from the kernel could dirty cachelines. Currently, the kernel uses WBINVD to flush the cache for SME during kexec in two places: 1) the one in stop_this_cpu() for all remote CPUs when the kexec-ing CPU stops them; 2) the one in the relocate_kernel() where the kexec-ing CPU jumps to the new kernel. -- Solution -- Unlike SME, TDX can only dirty cachelines when it is used (i.e., when SEAMCALLs are performed). Since there are no more SEAMCALLs after the aforementioned WBINVDs, leverage this for TDX. To unify the approach for SME and TDX, use a percpu boolean to indicate the cache may be in an incoherent state and needs flushing during kexec, and set the boolean for SME. TDX can then leverage it. While SME could use a global flag (since it's enabled at early boot and enabled on all CPUs), the percpu flag fits TDX better: The percpu flag can be set when a CPU makes a SEAMCALL, and cleared when another WBINVD on the CPU obviates the need for a kexec-time WBINVD. Saving kexec-time WBINVD is valuable, because there is an existing race[*] where kexec could proceed while another CPU is active. WBINVD could make this race worse, so it's worth skipping it when possible. -- Side effect to SME -- Today the first WBINVD in the stop_this_cpu() is performed when SME is *supported* by the platform, and the second WBINVD is done in relocate_kernel() when SME is *activated* by the kernel. Make things simple by changing to do the second WBINVD when the platform supports SME. This allows the kernel to simply turn on this percpu boolean when bringing up a CPU by checking whether the platform supports SME. No other functional change intended. [*] The aforementioned race: During kexec native_stop_other_cpus() is called to stop all remote CPUs before jumping to the new kernel. native_stop_other_cpus() firstly sends normal REBOOT vector IPIs to stop remote CPUs and waits them to stop. If that times out, it sends NMI to stop the CPUs that are still alive. The race may happen when native_stop_other_cpus() has to send NMIs and could potentially result in the system hang (see [1] for more information). Link: https://lore.kernel.org/kvm/b963fcd60abe26c7ec5dc20b42f1a2ebbcc72397.= 1750934177.git.kai.huang@intel.com/ [1] Signed-off-by: Kai Huang Reviewed-by: Tom Lendacky Tested-by: Tom Lendacky Reviewed-by: Borislav Petkov (AMD) --- v6 -> v7: - Add Boris's RB. v5 -> v6: - No change v4 -> v5: - Code rebase due to change RELOC_KERNEL_HOST_MEM_ACTIVE to RELOC_KERNEL_HOST_MEM_ENC_ACTIVE. v3 -> v4: - Simplify the changelog using AI -- Boris - Call out "Test CPUID bit directly due to mem_encrypt=3Doff" in the comment -- Boris - Add a comment to explain the percpu boolean -- Boris - s/wbinvd/WBINVD -- Boris - Code update due to patch 1 being added --- arch/x86/include/asm/kexec.h | 4 ++-- arch/x86/include/asm/processor.h | 2 ++ arch/x86/kernel/cpu/amd.c | 17 +++++++++++++++++ arch/x86/kernel/machine_kexec_64.c | 14 ++++++++++---- arch/x86/kernel/process.c | 24 +++++++++++------------- arch/x86/kernel/relocate_kernel_64.S | 13 ++++++++++--- 6 files changed, 52 insertions(+), 22 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index 12cebbcdb6c8..5cfb27f26583 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -17,8 +17,8 @@ =20 #include =20 -#define RELOC_KERNEL_PRESERVE_CONTEXT BIT(0) -#define RELOC_KERNEL_HOST_MEM_ENC_ACTIVE BIT(1) +#define RELOC_KERNEL_PRESERVE_CONTEXT BIT(0) +#define RELOC_KERNEL_CACHE_INCOHERENT BIT(1) =20 #endif =20 diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/proces= sor.h index bde58f6510ac..a24c7805acdb 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -731,6 +731,8 @@ void __noreturn stop_this_cpu(void *dummy); void microcode_check(struct cpuinfo_x86 *prev_info); void store_cpu_caps(struct cpuinfo_x86 *info); =20 +DECLARE_PER_CPU(bool, cache_state_incoherent); + enum l1tf_mitigations { L1TF_MITIGATION_OFF, L1TF_MITIGATION_AUTO, diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index a5ece6ebe8a7..66a682be4a1a 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -545,6 +545,23 @@ static void early_detect_mem_encrypt(struct cpuinfo_x8= 6 *c) { u64 msr; =20 + /* + * Mark using WBINVD is needed during kexec on processors that + * support SME. This provides support for performing a successful + * kexec when going from SME inactive to SME active (or vice-versa). + * + * The cache must be cleared so that if there are entries with the + * same physical address, both with and without the encryption bit, + * they don't race each other when flushed and potentially end up + * with the wrong entry being committed to memory. + * + * Test the CPUID bit directly because with mem_encrypt=3Doff the + * BSP will clear the X86_FEATURE_SME bit and the APs will not + * see it set after that. + */ + if (c->extended_cpuid_level >=3D 0x8000001f && (cpuid_eax(0x8000001f) & B= IT(0))) + __this_cpu_write(cache_state_incoherent, true); + /* * BIOS support is required for SME and SEV. * For SME: If BIOS has enabled SME then adjust x86_phys_bits by diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_k= exec_64.c index 5cda8d8d8b13..dfb91091f451 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -29,6 +29,7 @@ #include #include #include +#include =20 #ifdef CONFIG_ACPI /* @@ -426,11 +427,11 @@ void __nocfi machine_kexec(struct kimage *image) relocate_kernel_flags |=3D RELOC_KERNEL_PRESERVE_CONTEXT; =20 /* - * This must be done before load_segments() since if call depth tracking - * is used then GS must be valid to make any function calls. + * This must be done before load_segments() since it resets + * GS to 0 and percpu data needs the correct GS to work. */ - if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) - relocate_kernel_flags |=3D RELOC_KERNEL_HOST_MEM_ENC_ACTIVE; + if (this_cpu_read(cache_state_incoherent)) + relocate_kernel_flags |=3D RELOC_KERNEL_CACHE_INCOHERENT; =20 /* * The segment registers are funny things, they have both a @@ -441,6 +442,11 @@ void __nocfi machine_kexec(struct kimage *image) * * Take advantage of this here by force loading the segments, * before the GDT is zapped with an invalid value. + * + * load_segments() resets GS to 0. Don't make any function call + * after here since call depth tracking uses percpu variables to + * operate (relocate_kernel() is explicitly ignored by call depth + * tracking). */ load_segments(); =20 diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 1b7960cf6eb0..f2bbbeef5477 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -88,6 +88,16 @@ EXPORT_PER_CPU_SYMBOL(cpu_tss_rw); DEFINE_PER_CPU(bool, __tss_limit_invalid); EXPORT_PER_CPU_SYMBOL_GPL(__tss_limit_invalid); =20 +/* + * The cache may be in an incoherent state and needs flushing during kexec. + * E.g., on SME/TDX platforms, dirty cacheline aliases with and without + * encryption bit(s) can coexist and the cache needs to be flushed before + * booting to the new kernel to avoid the silent memory corruption due to + * dirty cachelines with different encryption property being written back + * to the memory. + */ +DEFINE_PER_CPU(bool, cache_state_incoherent); + /* * this gets called so that we can store lazy state into memory and copy t= he * current task into the new thread. @@ -827,19 +837,7 @@ void __noreturn stop_this_cpu(void *dummy) disable_local_APIC(); mcheck_cpu_clear(c); =20 - /* - * Use wbinvd on processors that support SME. This provides support - * for performing a successful kexec when going from SME inactive - * to SME active (or vice-versa). The cache must be cleared so that - * if there are entries with the same physical address, both with and - * without the encryption bit, they don't race each other when flushed - * and potentially end up with the wrong entry being committed to - * memory. - * - * Test the CPUID bit directly because the machine might've cleared - * X86_FEATURE_SME due to cmdline options. - */ - if (c->extended_cpuid_level >=3D 0x8000001f && (cpuid_eax(0x8000001f) & B= IT(0))) + if (this_cpu_read(cache_state_incoherent)) wbinvd(); =20 /* diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocat= e_kernel_64.S index 26e945f85d19..11e20bb13aca 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -198,14 +198,21 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) movq %r9, %cr3 =20 /* + * If the memory cache is in incoherent state, e.g., due to + * memory encryption, do WBINVD to flush cache. + * * If SME is active, there could be old encrypted cache line * entries that will conflict with the now unencrypted memory * used by kexec. Flush the caches before copying the kernel. + * + * Note SME sets this flag to true when the platform supports + * SME, so the WBINVD is performed even SME is not activated + * by the kernel. But this has no harm. */ - testb $RELOC_KERNEL_HOST_MEM_ENC_ACTIVE, %r11b - jz .Lsme_off + testb $RELOC_KERNEL_CACHE_INCOHERENT, %r11b + jz .Lnowbinvd wbinvd -.Lsme_off: +.Lnowbinvd: =20 call swap_pages =20 --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4A84E2D0C82; Mon, 25 Aug 2025 22:59:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162757; cv=none; b=VpCB1pNGOoABc1WW7FgaQ296MMCC0FZtDqsgY4KK4axqOZ8YF2Y5MPXSmblwIWd2hV9UZvgzezE7/TgEQ/N9cla6xBk3GGgOg14oujU1AH7e/W1n0+Yc//ufYsqmGoSMdjpe6TyCE50WXzF/AgSqwRkPuNKf9gZn3eK0uz+I8sI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162757; c=relaxed/simple; bh=Ofg/UDToVH9qFqg6h8UOGVTfr9OxNQiv8OrCJPx9AQ8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=aC2D7M0+7PktmhlcrnZZgn5rOBxV0KpHs6HSfNYepn2EtMYVhVsmvaEx5m2Lqj86mqN4K6Vztivpasl2jdxVUm37eQlWeI9f8LrtsCQgsmNRWV4hP4pgerxNRFwn/eKKdoKCdb8QhVJdjL4p+Tz57OGmU6MLa5ve9Ms+S8L+HzA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=dzq87vPW; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="dzq87vPW" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162756; x=1787698756; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Ofg/UDToVH9qFqg6h8UOGVTfr9OxNQiv8OrCJPx9AQ8=; b=dzq87vPW5aw98i+elqvu4jgLN2hyrMwTLnvp8fTJivqtM6ZAV5qiBOpu R3ZZRG7AxbcLD/IIZ+d8P4B4BlYzxVPBPd+p5AejN2ket51L9A40itUwk /vRkrKBJwG3El5EZrOb8uUM/kPEPQtVZu6ktupU+vgJdGOu7F7mfPTpgm U6QllZqgP8hXxAargiIGKe9Xs9Lp+d9w6m+Pb+xqmjQFdyEw09I4hQ2xM r0EZsqbj35UfzLC1mu2Ih9969JEm8NkQ+n30JWA0yOrX8UiZDCdncjaxe iTvMeOJG/mWvqKQFQpfZk85knW80/RGk9uNrk1OACf90NGVpB6SIJZaxi w==; X-CSE-ConnectionGUID: hEcZJGrsSiqkyV3iESdZ2g== X-CSE-MsgGUID: 9VVcgQOAShWRpLm5VrHzkQ== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533369" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533369" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:16 -0700 X-CSE-ConnectionGUID: PhIIub0/Sjuv37jB/CC/dA== X-CSE-MsgGUID: GkjcV/a+TNq+hnFBm9Mh8w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308435" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:10 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 3/7] x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL Date: Tue, 26 Aug 2025 10:58:38 +1200 Message-ID: <65859cd0daf3bc29926e68fea17252db84604b97.1756161460.git.kai.huang@intel.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On TDX platforms, dirty cacheline aliases with and without encryption bits can coexist, and the cpu can flush them back to memory in random order. During kexec, the caches must be flushed before jumping to the new kernel otherwise the dirty cachelines could silently corrupt the memory used by the new kernel due to different encryption property. A percpu boolean is used to mark whether the cache of a given CPU may be in an incoherent state, and the kexec performs WBINVD on the CPUs with that boolean turned on. For TDX, only the TDX module or the TDX guests can generate dirty cachelines of TDX private memory, i.e., they are only generated when the kernel does a SEAMCALL. Set that boolean when the kernel does SEAMCALL so that kexec can flush the cache correctly. The kernel provides both the __seamcall*() assembly functions and the seamcall*() wrapper ones which additionally handle running out of entropy error in a loop. Most of the SEAMCALLs are called using the seamcall*(), except TDH.VP.ENTER and TDH.PHYMEM.PAGE.RDMD which are called using __seamcall*() variant directly. To cover the two special cases, add a new __seamcall_dirty_cache() helper which only sets the percpu boolean and calls the __seamcall*(), and change the special cases to use the new helper. To cover all other SEAMCALLs, change seamcall*() to call the new helper. For the SEAMCALLs invoked via seamcall*(), they can be made from both task context and IRQ disabled context. Given SEAMCALL is just a lengthy instruction (e.g., thousands of cycles) from kernel's point of view and preempt_{disable|enable}() is cheap compared to it, just unconditionally disable preemption during setting the boolean and making SEAMCALL. Signed-off-by: Kai Huang Tested-by: Farrah Chen Reviewed-by: Chao Gao Reviewed-by: Rick Edgecombe --- arch/x86/include/asm/tdx.h | 25 ++++++++++++++++++++++++- arch/x86/virt/vmx/tdx/tdx.c | 4 ++-- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 57b46f05ff97..c178360c1fb1 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -102,10 +102,31 @@ u64 __seamcall_ret(u64 fn, struct tdx_module_args *ar= gs); u64 __seamcall_saved_ret(u64 fn, struct tdx_module_args *args); void tdx_init(void); =20 +#include #include +#include =20 typedef u64 (*sc_func_t)(u64 fn, struct tdx_module_args *args); =20 +static __always_inline u64 __seamcall_dirty_cache(sc_func_t func, u64 fn, + struct tdx_module_args *args) +{ + lockdep_assert_preemption_disabled(); + + /* + * SEAMCALLs are made to the TDX module and can generate dirty + * cachelines of TDX private memory. Mark cache state incoherent + * so that the cache can be flushed during kexec. + * + * This needs to be done before actually making the SEAMCALL, + * because kexec-ing CPU could send NMI to stop remote CPUs, + * in which case even disabling IRQ won't help here. + */ + this_cpu_write(cache_state_incoherent, true); + + return func(fn, args); +} + static __always_inline u64 sc_retry(sc_func_t func, u64 fn, struct tdx_module_args *args) { @@ -113,7 +134,9 @@ static __always_inline u64 sc_retry(sc_func_t func, u64= fn, u64 ret; =20 do { - ret =3D func(fn, args); + preempt_disable(); + ret =3D __seamcall_dirty_cache(func, fn, args); + preempt_enable(); } while (ret =3D=3D TDX_RND_NO_ENTROPY && --retry); =20 return ret; diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 823850399bb7..2abf53ed59c8 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -1268,7 +1268,7 @@ static bool paddr_is_tdx_private(unsigned long phys) return false; =20 /* Get page type from the TDX module */ - sret =3D __seamcall_ret(TDH_PHYMEM_PAGE_RDMD, &args); + sret =3D __seamcall_dirty_cache(__seamcall_ret, TDH_PHYMEM_PAGE_RDMD, &ar= gs); =20 /* * The SEAMCALL will not return success unless there is a @@ -1524,7 +1524,7 @@ noinstr __flatten u64 tdh_vp_enter(struct tdx_vp *td,= struct tdx_module_args *ar { args->rcx =3D tdx_tdvpr_pa(td); =20 - return __seamcall_saved_ret(TDH_VP_ENTER, args); + return __seamcall_dirty_cache(__seamcall_saved_ret, TDH_VP_ENTER, args); } EXPORT_SYMBOL_GPL(tdh_vp_enter); =20 --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EAADE2D0C82; Mon, 25 Aug 2025 22:59:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162763; cv=none; b=A6Ita3kWr6Vcpiu3wogfB56w65RJDHhOx9caCd/EDzzmVoCSSjyH2lVUFTcPyP0dLc1SmnyQdg0gfmfyaH0E+0AHYBn4EFlSmnwLWC8RxD2skRo1KIhRq2PTac4lapYdO/I3HK3G9/ctzogiigt7qMu7NSyW1adfJMt6MnziUB8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162763; c=relaxed/simple; bh=kEXKic3dGl+hZ/XHZEbeEXIlQqYcgxBCNPzqY8fwb4M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MFyY1JxNAup2ZTF1QW1ZuDSllTOmEu5kTQoZUykXWYvEf6SUuvONjbEyvYsC+hprAwooSgP9fdtzm6H9ajD/WkWjV8LAYpPZJ7qk09o0DWvRbK2sZ/pTbZJl31C3BIUoXrlbAG5ejGrpvqoj5qMdSqxNuZNbU3yW+C6VyXbAQWQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=CgcKFXL2; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="CgcKFXL2" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162762; x=1787698762; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kEXKic3dGl+hZ/XHZEbeEXIlQqYcgxBCNPzqY8fwb4M=; b=CgcKFXL2ahpk4znwesN+2l4KtGZms+Bop+idWpzGWXE5v6hn6i/LQFln blQQHOewYgkAGI92PqWVQrsNNeQ9mKbdwvxC/g0ufHa8Ztm2X704pid19 yrNEH6r+T4NJUJnFACvTZtJlzQ0C5rcTe7XST9mehrqQJIN1gTFfPAzvG /+/NWXg7XD50sDDje6fh1mBPxV2V3Wm25I3Md0HC4McY0d7IUn99/Zld1 nnheY6l3NzIjkRQKBkS4Rh81E4bcFTeSYuJ8xpt2uWrLBYaSUxs5MRbXY r1/b5Y8gnVLFS5nbQGIoYDK2Kt9wdPZLU01eS0aR6N3j7gmfgct4qMFJL Q==; X-CSE-ConnectionGUID: seL9qeBoQaWaRB95SQ+dPQ== X-CSE-MsgGUID: p5JgPOmZTc6PzHQzFNkfzw== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533396" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533396" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:22 -0700 X-CSE-ConnectionGUID: H2TppVnPSKOYQMrPCQsl4Q== X-CSE-MsgGUID: 6bbhAbTeTJq0juy0WuSBYQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308445" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:16 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 4/7] x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum Date: Tue, 26 Aug 2025 10:58:39 +1200 Message-ID: X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Some early TDX-capable platforms have an erratum: A kernel partial write (a write transaction of less than cacheline lands at memory controller) to TDX private memory poisons that memory, and a subsequent read triggers a machine check. On those platforms, the old kernel must reset TDX private memory before jumping to the new kernel, otherwise the new kernel may see unexpected machine check. Currently the kernel doesn't track which page is a TDX private page. For simplicity just fail kexec/kdump for those platforms. Leverage the existing machine_kexec_prepare() to fail kexec/kdump by adding the check of the presence of the TDX erratum (which is only checked for if the kernel is built with TDX host support). This rejects kexec/kdump when the kernel is loading the kexec/kdump kernel image. The alternative is to reject kexec/kdump when the kernel is jumping to the new kernel. But for kexec this requires adding a new check (e.g., arch_kexec_allowed()) in the common code to fail kernel_kexec() at early stage. Kdump (crash_kexec()) needs similar check, but it's hard to justify because crash_kexec() is not supposed to abort. It's feasible to further relax this limitation, i.e., only fail kexec when TDX is actually enabled by the kernel. But this is still a half measure compared to resetting TDX private memory so just do the simplest thing for now. The impact to userspace is the users will get an error when loading the kexec/kdump kernel image: kexec_load failed: Operation not supported This might be confusing to the users, thus also print the reason in the dmesg: [..] kexec: Not allowed on platform with tdx_pw_mce bug. Signed-off-by: Kai Huang Tested-by: Farrah Chen Reviewed-by: Rick Edgecombe --- arch/x86/kernel/machine_kexec_64.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_k= exec_64.c index dfb91091f451..15088d14904f 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -347,6 +347,22 @@ int machine_kexec_prepare(struct kimage *image) unsigned long reloc_end =3D (unsigned long)__relocate_kernel_end; int result; =20 + /* + * Some early TDX-capable platforms have an erratum. A kernel + * partial write (a write transaction of less than cacheline + * lands at memory controller) to TDX private memory poisons that + * memory, and a subsequent read triggers a machine check. + * + * On those platforms the old kernel must reset TDX private + * memory before jumping to the new kernel otherwise the new + * kernel may see unexpected machine check. For simplicity + * just fail kexec/kdump on those platforms. + */ + if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE)) { + pr_info_once("Not allowed on platform with tdx_pw_mce bug\n"); + return -EOPNOTSUPP; + } + /* Setup the identity mapped 64bit page table */ result =3D init_pgtable(image, __pa(control_page)); if (result) --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AC1A92C21FE; Mon, 25 Aug 2025 22:59:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162769; cv=none; b=XKpEeUSlvefFR7d1MSwnU1MVh864hadPZBWcmP0QbDIcL9P02/0sZNi+cfKYOlyNfzvqxakVbu5hhJ+g1n1tHjKpjHz+tP/1Br9Z20vabPodcAg1EDQOKYxeSVPwzzxBf6X3Ci4muHYmYXpykHB84kYu3fLZo2xuqbKY7SqKjy0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162769; c=relaxed/simple; bh=ObPUqNlIio++VGV8CmQ4YDrJyoIrTWqqB4hd4548ko4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GYeni5AW6IqvTw4qRfQk4FZZRI7sflDXllnuzL6Yl0LdsajJ3Esa4bXA37ZpURqxSW4grxZWZf0nT2NxsPPj3wYAjsiggIxBVOl7VvbCvwArZGHmhamkO1zROE1f8SQugA0GQ4zg3pzB/j15yjOPgyOLxZbA/ulC2iK+pUwclmM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=W6TghaxF; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="W6TghaxF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162768; x=1787698768; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ObPUqNlIio++VGV8CmQ4YDrJyoIrTWqqB4hd4548ko4=; b=W6TghaxFU1iMYY0TNtlN+uZi3hw4njzHCoebM+jkTEsLLRRjtx5/SqCc Rda1dVxz+oPcFQhXogGaTG7nawRTG+aBSFGYbjK1LOVQRwIqIie8fHJH8 iWmgkTWjYGKyJbj9XIyDS+9Vw3uWLIL8oJ5h78zdLBWs8yGxvKpofP5DE H7Pn3pKYiE4UWdPXKQ3wwSHizAvwqbQBEqGunxGDTy8t0C5JtHqSAC32u idUqL0xRwL2BGTzCT8620ZDFOgULdWbN/krS5kWtYYuKobwwJWDgaRJqA I7Wi73s6n2Ur7NdTRtraFghGpPpEtF+fbMZymkzL8yaC751f5gM5imSiU A==; X-CSE-ConnectionGUID: PUwMoC2vTEqbV78dv0S6Bw== X-CSE-MsgGUID: IJ/hFvlITom4hmAek/Qtag== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533412" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533412" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:27 -0700 X-CSE-ConnectionGUID: ZXymxT8WRjeE5MBvrI62Xw== X-CSE-MsgGUID: RD3v71PMQvy+wDqAr9IoZg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308455" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:21 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 5/7] x86/virt/tdx: Remove the !KEXEC_CORE dependency Date: Tue, 26 Aug 2025 10:58:40 +1200 Message-ID: X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" During kexec it is now guaranteed that all dirty cachelines of TDX private memory are flushed before jumping to the new kernel. The TDX private memory from the old kernel will remain as TDX private memory in the new kernel, but it is OK because kernel read/write to TDX private memory will never cause machine check, except on the platforms with the TDX partial write erratum, which has already been handled. It is safe to allow kexec to work together with TDX now. Remove the !KEXEC_CORE dependency. Signed-off-by: Kai Huang Tested-by: Farrah Chen Reviewed-by: Rick Edgecombe --- arch/x86/Kconfig | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 58d890fe2100..e2cbfb021bc6 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1896,7 +1896,6 @@ config INTEL_TDX_HOST depends on X86_X2APIC select ARCH_KEEP_MEMBLOCK depends on CONTIG_ALLOC - depends on !KEXEC_CORE depends on X86_MCE help Intel Trust Domain Extensions (TDX) protects guest VMs from malicious --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3BC9C29D272; Mon, 25 Aug 2025 22:59:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162774; cv=none; b=KPcTx5p2X4IDkrJTzM2D6VrhVYjgUVc4lcOqwEKjitSbpGLDahuba1rMngsXnVtdFcUYyhNAWRY011LcEsiNJ2DwuNJlJQJs2GqbNC3uct9+P+66FCb4X1mOD37TgsSMrtc5KYEH5wJgN0495pQXk+Cmf7+4g57uxOwHBgt4yq0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162774; c=relaxed/simple; bh=WUHLDpzN4yyBJ03WNWSWNPYEC4Nh6LTe3WOYShwnaxQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=n071l9mg4rqSdFK8XlqN9HVA8T5O3CYIcqWxZ6zW5dM1GtS1HuA4MdQ4B982gNCCby8W1VCDixNi+eFrmUxYuckiBSR6DnKwYjPMKdIWXD6kRa7zSr8u01DD6cZWWkmEfsD8RGAQ4FOfc6M6YNKHr5uk1hOXpOdogjBjMRc22nQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AheI1+5p; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AheI1+5p" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162773; x=1787698773; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WUHLDpzN4yyBJ03WNWSWNPYEC4Nh6LTe3WOYShwnaxQ=; b=AheI1+5pi70upR4AVB5/8iHftFBpZP6lZz7P7XtIfzUYWxxTYaX0KXoN 5ZwPC5PlcxF3+9VRKuq+BGnXEZUfZQTZLUP0ss1JA0sGXUgpQD7Nt2Sq6 xEiCnGARtmyGdDQ33D+yuiRaR2V6qUj+r2Px6fkaK+UHFRxD+fmuGYjFM Y89/DFgE6qrixbCydb5jjPfCpNqa2rYEZvuawXeRGrEcZpYC3Lpv15AJp 9S0I5YMZzFjKJGrzwgwxZj+6NROqEfKwSBSqa0ajEw7Fzh68T/7DPV751 mv7aFyJbW4Y/6gcXy0a4anZgE1JDN2UNIfSKbNjTcmhaxJViDQ5V2rUwf A==; X-CSE-ConnectionGUID: JussvpciQz6Yu6NpQLyWtg== X-CSE-MsgGUID: ZAbB1pw+QO+IvEAbfcn0UA== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533424" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533424" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:33 -0700 X-CSE-ConnectionGUID: 04ZJIXVGSNevN9VfUuNwsg== X-CSE-MsgGUID: 4WpC5Uo+QKGi1gJH/qHkYg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308468" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:27 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com Subject: [PATCH v7 6/7] x86/virt/tdx: Update the kexec section in the TDX documentation Date: Tue, 26 Aug 2025 10:58:41 +1200 Message-ID: <38ebd5c1ba0f8eff392807efb54e90354cc9d105.1756161460.git.kai.huang@intel.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX host kernel now supports kexec/kdump. Update the documentation to reflect that. Opportunistically, remove the parentheses in "Kexec()" and move this section under the "Erratum" section because the updated "Kexec" section now refers to that erratum. Signed-off-by: Kai Huang Tested-by: Farrah Chen Reviewed-by: Rick Edgecombe --- Documentation/arch/x86/tdx.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Documentation/arch/x86/tdx.rst b/Documentation/arch/x86/tdx.rst index 719043cd8b46..61670e7df2f7 100644 --- a/Documentation/arch/x86/tdx.rst +++ b/Documentation/arch/x86/tdx.rst @@ -142,13 +142,6 @@ but depends on the BIOS to behave correctly. Note TDX works with CPU logical online/offline, thus the kernel still allows to offline logical CPU and online it again. =20 -Kexec() -~~~~~~~ - -TDX host support currently lacks the ability to handle kexec. For -simplicity only one of them can be enabled in the Kconfig. This will be -fixed in the future. - Erratum ~~~~~~~ =20 @@ -171,6 +164,13 @@ If the platform has such erratum, the kernel prints ad= ditional message in machine check handler to tell user the machine check may be caused by kernel bug on TDX private memory. =20 +Kexec +~~~~~~~ + +Currently kexec doesn't work on the TDX platforms with the aforementioned +erratum. It fails when loading the kexec kernel image. Otherwise it +works normally. + Interaction vs S3 and deeper states ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ =20 --=20 2.50.1 From nobody Fri Oct 3 20:22:42 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0ECD52C0F78; Mon, 25 Aug 2025 22:59:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162780; cv=none; b=nl7udKY4Z9K1+FlDiTOk4hBMoBcdGjZIZQaYBlqp8S1Dqef1aNNk0K5065rdF3Sne7DUlk3ZktMnpZ7Zq6blkOq5nZ6a65iYFerz6+WznmK754tA8ejaV8JJHaZPvR8y9zsIeYcvCN1N4vNpnVPygriOa6ZAsDvLtfh7G3P9juc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756162780; c=relaxed/simple; bh=Vwviwn3ZG+UNUDH9BSmq4tg9aRmCxgkbakEMYRulqjA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oze427zz0q/e8zach4gISXb5WbAmOGonJ0RQrEWLXDFWJPTCQbmmyV43YmEhDCCLHOIWI5N+Cx4fqJL2zgGcw0BIu/K8r2td1ILGbrh0N1oLbynXcOcfDh4I48bm6MiYHoBon3v161p8LZ48tx5U/4Lp+veO59YORg7o6OEKdak= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=jvXQ4Vta; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="jvXQ4Vta" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1756162779; x=1787698779; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Vwviwn3ZG+UNUDH9BSmq4tg9aRmCxgkbakEMYRulqjA=; b=jvXQ4VtaT+0ne2RVDLL8hsN8UzUeg7D9gCK9PYhZSD0XbzBW53A95Xv/ 9sj23sFV11lv0M7WUy3awhruWK/j9lCM0FEWhWCeqmMesGriq5UAK85my fnha/+CENnGUGwqlJNcvXGhQGWlD5JMxWUGhI2YGF17h3w8bsFP9q/v7g iA9GJkW4/SJIz5BtOlD6X1so+ueRJBPqZ/8OK+R/XDwRd7PKsIrZmzEJa WRf2Qkjugpid+9lCffGl8sZ7ukGal/KYfwSfOGQyHXTzu3AM9B0TP+wYh iPMv9vTaeCyaS4XghekLOGMj9XWPkdiO9eUsEGGgI8JzhG4qCwvbmzTuf w==; X-CSE-ConnectionGUID: DvK42V29TWOPrzSI6oAEAg== X-CSE-MsgGUID: dy+Zxq+FQTqJHpKRPgGdWQ== X-IronPort-AV: E=McAfee;i="6800,10657,11533"; a="58533433" X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="58533433" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:39 -0700 X-CSE-ConnectionGUID: nryLhhB5QIuUgmwqB+wK1A== X-CSE-MsgGUID: YkoJN9z3RyK2HD5aYfaF2A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.18,214,1751266800"; d="scan'208";a="200308475" Received: from ldmartin-desk2.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.59]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2025 15:59:32 -0700 From: Kai Huang To: dave.hansen@intel.com, bp@alien8.de, tglx@linutronix.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, thomas.lendacky@amd.com Cc: x86@kernel.org, kas@kernel.org, rick.p.edgecombe@intel.com, dwmw@amazon.co.uk, linux-kernel@vger.kernel.org, pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org, reinette.chatre@intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, ashish.kalra@amd.com, nik.borisov@suse.com, chao.gao@intel.com, sagis@google.com, farrah.chen@intel.com, Binbin Wu Subject: [PATCH v7 7/7] KVM: TDX: Explicitly do WBINVD when no more TDX SEAMCALLs Date: Tue, 26 Aug 2025 10:58:42 +1200 Message-ID: <14f91fcb323fbd80158aadb4b9f240fad9f9487e.1756161460.git.kai.huang@intel.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On TDX platforms, during kexec, the kernel needs to make sure there are no dirty cachelines of TDX private memory before booting to the new kernel to avoid silent memory corruption to the new kernel. During kexec, the kexec-ing CPU firstly invokes native_stop_other_cpus() to stop all remote CPUs before booting to the new kernel. The remote CPUs will then execute stop_this_cpu() to stop themselves. The kernel has a percpu boolean to indicate whether the cache of a CPU may be in incoherent state. In stop_this_cpu(), the kernel does WBINVD if that percpu boolean is true. TDX turns on that percpu boolean on a CPU when the kernel does SEAMCALL. This makes sure the caches will be flushed during kexec. However, the native_stop_other_cpus() and stop_this_cpu() have a "race"[1] which is extremely rare to happen but could cause the system to hang. Doing WBINVD in stop_this_cpu() could increase the chance of the race happening. Explicitly flush cache in tdx_disable_virtualization_cpu() after which no more TDX activity can happen on this cpu. This moves the WBINVD to an earlier stage than stop_this_cpus(), avoiding a possibly lengthy operation at a time where it could cause this race. Link: https://lore.kernel.org/kvm/b963fcd60abe26c7ec5dc20b42f1a2ebbcc72397.= 1750934177.git.kai.huang@intel.com/ [1] Signed-off-by: Kai Huang Acked-by: Paolo Bonzini Tested-by: Farrah Chen Reviewed-by: Binbin Wu Reviewed-by: Chao Gao --- v6 -> v7: - Remove the tdx_cpu_flush_cache() stub. -- Sean - Rename tdx_cpu_flush_cache() to tdx_cpu_flush_cache_for_kexec(). -- Paolo - Trim down changelog a little bit. -- Sean. v5 -> v6: - Add Chao's RB. v4 -> v5: - No change v3 -> v4: - Change doing wbinvd() from rebooting notifier to tdx_disable_virtualization_cpu() to cover the case where more SEAMCALL can be made after cache flush, i.e., doing kexec when there's TD alive. - Chao. - Add check to skip wbinvd if the boolean is false. -- Chao - Fix typo in the comment -- Binbin. --- arch/x86/include/asm/tdx.h | 1 + arch/x86/kvm/vmx/tdx.c | 12 ++++++++++++ arch/x86/virt/vmx/tdx/tdx.c | 12 ++++++++++++ 3 files changed, 25 insertions(+) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index c178360c1fb1..0b3555be1fa3 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -219,6 +219,7 @@ u64 tdh_mem_page_remove(struct tdx_td *td, u64 gpa, u64= level, u64 *ext_err1, u6 u64 tdh_phymem_cache_wb(bool resume); u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td); u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page); +void tdx_cpu_flush_cache_for_kexec(void); #else static inline void tdx_init(void) { } static inline int tdx_cpu_enable(void) { return -ENODEV; } diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index f457b2e578b2..e181e1e4b3cc 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -423,6 +423,18 @@ void tdx_disable_virtualization_cpu(void) tdx_flush_vp(&arg); } local_irq_restore(flags); + + /* + * No more TDX activity on this CPU from here. Flush cache to + * avoid having to do WBINVD in stop_this_cpu() during kexec. + * + * Kexec calls native_stop_other_cpus() to stop remote CPUs + * before booting to new kernel, but that code has a "race" + * when the normal REBOOT IPI times out and NMIs are sent to + * remote CPUs to stop them. Doing WBINVD in stop_this_cpu() + * could potentially increase the possibility of the "race". + */ + tdx_cpu_flush_cache_for_kexec(); } =20 #define TDX_SEAMCALL_RETRIES 10000 diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 2abf53ed59c8..f8f74e213f0d 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -1872,3 +1872,15 @@ u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct pag= e *page) return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args); } EXPORT_SYMBOL_GPL(tdh_phymem_page_wbinvd_hkid); + +void tdx_cpu_flush_cache_for_kexec(void) +{ + lockdep_assert_preemption_disabled(); + + if (!this_cpu_read(cache_state_incoherent)) + return; + + wbinvd(); + this_cpu_write(cache_state_incoherent, false); +} +EXPORT_SYMBOL_GPL(tdx_cpu_flush_cache_for_kexec); --=20 2.50.1