[Expired for linux (Ubuntu) because there has been no activity for 60
days.]
** Changed in: linux (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2040163
Title:
Azure: Update TDX support
Status in linux package in Ubuntu:
Expired
Bug description:
SRU Justification
[Impact]
Refresh the TDX support and support DDA for a TDX VM with paravisor.
Ideally we would revert
commit b8b46adebbd8 ("UBUNTU: SAUCE: Support TDX+HCL (July 9, 2023)"), and
apply "[PATCH v7 0/8] x86/hyperv: Add AMD sev-snp enlightened guest support
on hyperv" [1]
and apply "[PATCH v3 00/10] Support TDX guests on Hyper-V (the Hyper-V
specific part)" [2]
(Note: [2] depends on [1]), but that would introduce too many changes, and
actually "AMD sev-snp enlightened guest support on hyperv" still needs some
extra patches that are not in the upstream yet, e.g. Tianyu Lan's #HV
interrupt injection patch [3] is not in the upstream yet.
So I think a better way to have [2] is to make a patch that adds the missing
part of [2] for the 6.2-based linux-azure kernel, hence I made this patch.
This patch mainly does the below two things:
a) Add commit 23378295042a ("Drivers: hv: vmbus: Bring the post_msg_page back
for TDX VMs with the paravisor") [4]
This fixes a bug in the hv_pci driver for device assignment (DDA) for a TDX
VM with the paravisor: in such a VM, the hyperv_pcpu_input_arg must be
private (i.e. encrypted), otherwise the hypercalls in hv_pci fail since the
hypercalls in such a VM is handled by the paravisor rather than by the
hypervisor.
b) Undo some hack code introduced by
commit b8b46adebbd8 ("UBUNTU: SAUCE: Support TDX+HCL (July 9, 2023)"),
e.g. in hyperv_init(), this patch moves the below code to its original place:
cpuhp_setup_state(CPUHP_AP_HYPERV_ONLINE, "x86/hyperv_init:online",
hv_cpu_init, hv_cpu_die);
With this patch, now hyperv_init() in this 6.2 linux-azure kernel is
exactly the same as the version in the mainline kernel.
References:
[1] https://lwn.net/ml/linux-kernel/ZOQMiLEdPsD+pF8q@liuwe-devbox-debian-v2/
[2] https://lwn.net/ml/linux-kernel/ZOfwSDjW0wlHozYV@liuwe-devbox-debian-v2/
[3]
https://lwn.net/ml/linux-kernel/[email protected]/
[4]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=23378295042a4bcaeec350733a4771678e7a1f3a
[Test Plan]
Microsoft tested.
I tested the patch for a TDX VM without and with paravisor, a VBS VM,
a SNP VM with paravisor, and a regular VM. All the VMs have 128 vCPUs
and 20 GB of memory. All worked as expected.
[Regression potential]
Azure TDX enabled VMs could misbehave.
[Other Info]
SF: #00364214
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2040163/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
