** Description changed: Since 6.16, TDX host is supported in the kernel but is incompatible with kexec. A cache flush is required in case TDX has been enabled before doing a kexec to avoid silent memory corruption in the new kernel. - An upstream submission [0] fix this. However the second kernel cannot use TDX itself. - The upstream submission is now a v8 and is likely to be merged soon. + An upstream submission [0] fix this. The upstream submission is now a v8 and is likely to be merged soon. + 4 conditions are required at runtime to enable TDX Host: + - Hibernation disabled. + - TDX enabled in the bios. + - kvm_intel.tdx=1 set in the bootcommand line. + - Hardware support. - To enable TDX host, hibernation needs to be disabled, TDX enabled in the bios and a tdx module parameter set to 1. - In specific platforms (SPR/EMR), matching all those conditions will disable kexec due to hardware limitations. + Two limitation are coming with this submission: + - In specific platforms (SPR/EMR), enabling TDX (all conditions fulfilled) will disable kexec due to hardware limitations. + - After kexec, TDX can't be used. This error will manifest by having a dmesg entry similar to: + + virt/tdx: SEAMCALL (0x0000000000000021) failed: 0xc000050000000000 + This has been applied on top of questing Ubuntu-6.17.0-3.3 and tested on - supported hardware by enabling TDX and kexec into a new kernel. + supported hardware by enabling TDX and using kexec into a new kernel. [0] : https://lore.kernel.org/all/[email protected]/
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2121873 Title: Support TDX host in questing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2121873/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
