On 9/15/23 10:43, Edgecombe, Rick P wrote: > On Sat, 2023-08-26 at 00:14 +1200, Kai Huang wrote: >> There are two problems in terms of using kexec() to boot to a new >> kernel when the old kernel has enabled TDX: 1) Part of the memory >> pages are still TDX private pages; 2) There might be dirty >> cachelines associated with TDX private pages. > Does TDX support hibernate? No. There's a whole bunch of volatile state that's generated inside the CPU and never leaves the CPU, like the ephemeral key that protects TDX module memory. SGX, for instance, never even supported suspend, IIRC. Enclaves just die and have to be rebuilt.
