The following commit has been merged into the x86/tdx branch of tip: Commit-ID: 7ba6ac73f8981bd5ae463108757d0d25388affc4 Gitweb: https://git.kernel.org/tip/7ba6ac73f8981bd5ae463108757d0d25388affc4 Author: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> AuthorDate: Fri, 08 Dec 2023 09:07:40 -08:00 Committer: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> CommitterDate: Fri, 08 Dec 2023 09:12:56 -08:00 x86/virt/tdx: Disable TDX host support when kexec is enabled TDX host support currently lacks the ability to handle kexec. Disable TDX when kexec is enabled. Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> Link: https://lore.kernel.org/all/20231208170740.53979-20-dave.hansen%40intel.com --- arch/x86/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index e255d8a..01cdb16 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1973,6 +1973,7 @@ config INTEL_TDX_HOST depends on X86_X2APIC select ARCH_KEEP_MEMBLOCK depends on CONTIG_ALLOC + depends on !KEXEC_CORE help Intel Trust Domain Extensions (TDX) protects guest VMs from malicious host and certain physical attacks. This option enables necessary TDX
|