diff options
| author | Ricardo Neri <ricardo.neri-calderon@linux.intel.com> | 2026-03-05 02:41:21 +0300 |
|---|---|---|
| committer | Dexuan Cui <decui@microsoft.com> | 2026-05-28 23:01:26 +0300 |
| commit | 7a035678fc2bdee81881170764ef08a91a076147 (patch) | |
| tree | 1899e5ab0cfbb3061796663be50ec7a627393a9e | |
| parent | 80200341197a799fe39da4e9da61bde4d23ec7ec (diff) | |
| download | linux-7a035678fc2bdee81881170764ef08a91a076147.tar.xz | |
x86/hyperv/vtl: Use the wakeup mailbox to boot secondary CPUs
The hypervisor is an untrusted entity for TDX guests. It cannot be used
to boot secondary CPUs. The function hv_vtl_wakeup_secondary_cpu() cannot
be used.
Instead, the virtual firmware boots the secondary CPUs and places them in
a state to transfer control to the kernel using the wakeup mailbox. The
firmware enumerates the mailbox via either an ACPI table or a DeviceTree
node.
If the wakeup mailbox is present, the kernel updates the APIC callback
wakeup_secondary_cpu_64() to use it.
Reviewed-by: Dexuan Cui <decui@microsoft.com>
Reviewed-by: Michael Kelley <mhklinux@outlook.com>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Signed-off-by: Dexuan Cui <dexuan@kernel.org>
| -rw-r--r-- | arch/x86/hyperv/hv_vtl.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c index 1e2f5b3ea772..07fac3d687c3 100644 --- a/arch/x86/hyperv/hv_vtl.c +++ b/arch/x86/hyperv/hv_vtl.c @@ -274,7 +274,15 @@ int __init hv_vtl_early_init(void) panic("XSAVE has to be disabled as it is not supported by this module.\n" "Please add 'noxsave' to the kernel command line.\n"); - apic_update_callback(wakeup_secondary_cpu_64, hv_vtl_wakeup_secondary_cpu); + /* + * TDX confidential VMs do not trust the hypervisor and cannot use it to + * boot secondary CPUs. Instead, they will be booted using the wakeup + * mailbox if detected during boot. See setup_arch(). + * + * There is no paravisor present if we are here. + */ + if (!hv_isolation_type_tdx()) + apic_update_callback(wakeup_secondary_cpu_64, hv_vtl_wakeup_secondary_cpu); return 0; } |
