kernel-6.17.0-0.rc7.250924gcec1e6e5d1ab3.58

* Wed Sep 24 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.58] - powerpc/tools: drop `-o pipefail` in gcc check scripts (Jan Stancek) - redhat/configs: enable CONFIG_KVM_INTEL_TDX for Fedora x86 (Daniel P. Berrangé) - KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (Kai Huang) - x86/virt/tdx: Update the kexec section in the TDX documentation (Kai Huang) - x86/virt/tdx: Remove the !KEXEC_CORE dependency (Kai Huang) - x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum (Kai Huang) - x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (Kai Huang) - x86/sme: Use percpu boolean to control WBINVD during kexec (Kai Huang) - x86/kexec: Consolidate relocate_kernel() function parameters (Kai Huang) - arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: add Bluetooth support (Jens Glathe) - redhat/configs: clang_lto: disable CONFIG_FORTIFY_KUNIT_TEST (Scott Weaver) Resolves: Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
2025-09-24 15:58:05 -06:00 · 2025-09-24 15:58:05 -06:00 · a91347988c
commit a91347988c
parent bf103b6fa4
10 changed files with 579 additions and 12 deletions
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@ -12,7 +12,7 @@ RHEL_MINOR = 99
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 57
+RHEL_RELEASE = 58

 #
 # RHEL_REBASE_NUM
--- a/Patchlist.changelog
+++ b/Patchlist.changelog
@ -1,5 +1,29 @@
-https://gitlab.com/cki-project/kernel-ark/-/commit/93f899294ed143c40c9266135d6277f61db95588
- 93f899294ed143c40c9266135d6277f61db95588 arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: add Bluetooth support
+https://gitlab.com/cki-project/kernel-ark/-/commit/c15fea2bf80a8241b321218f22357b03f0b12f41
+ c15fea2bf80a8241b321218f22357b03f0b12f41 powerpc/tools: drop `-o pipefail` in gcc check scripts
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/15ed578c7d1e7296ecf9f1983ee041a08445eedc
+ 15ed578c7d1e7296ecf9f1983ee041a08445eedc KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/bfa68866267bf3ece438ce46ede36d6e47856db6
+ bfa68866267bf3ece438ce46ede36d6e47856db6 x86/virt/tdx: Update the kexec section in the TDX documentation
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/d121ab678f21408ef74a1630dd559b4339a59a8e
+ d121ab678f21408ef74a1630dd559b4339a59a8e x86/virt/tdx: Remove the !KEXEC_CORE dependency
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/456812ed2010866f89eb7f6676dbaaec30c9c3bc
+ 456812ed2010866f89eb7f6676dbaaec30c9c3bc x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/a17deef3a2b5f8697fbc42a057999ef9f044becd
+ a17deef3a2b5f8697fbc42a057999ef9f044becd x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/db27aa373645544c32e94663db4346c6faf67243
+ db27aa373645544c32e94663db4346c6faf67243 x86/sme: Use percpu boolean to control WBINVD during kexec
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/0b102e693d33444943a2a41492b0d447426d9d1f
+ 0b102e693d33444943a2a41492b0d447426d9d1f x86/kexec: Consolidate relocate_kernel() function parameters
+
+https://gitlab.com/cki-project/kernel-ark/-/commit/bf476740a82231d9b80dc2056cd78c124e2e815e
+ bf476740a82231d9b80dc2056cd78c124e2e815e arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: add Bluetooth support

 https://gitlab.com/cki-project/kernel-ark/-/commit/572b35f16e61868ff02271ab7257d574e0a161d5
 572b35f16e61868ff02271ab7257d574e0a161d5 Revert "aacraid: Remove depreciated device and vendor PCI id's"
--- a/kernel-x86_64-debug-fedora.config
+++ b/kernel-x86_64-debug-fedora.config
@ -3772,6 +3772,7 @@ CONFIG_KVM_GUEST=y
 CONFIG_KVM_HYPERV=y
 CONFIG_KVM_INTEL=m
 # CONFIG_KVM_INTEL_PROVE_VE is not set
+CONFIG_KVM_INTEL_TDX=y
 CONFIG_KVM_IOAPIC=y
 CONFIG_KVM=m
 CONFIG_KVM_MAX_NR_VCPUS=4096
--- a/kernel-x86_64-fedora.config
+++ b/kernel-x86_64-fedora.config
@ -3746,6 +3746,7 @@ CONFIG_KVM_GUEST=y
 CONFIG_KVM_HYPERV=y
 CONFIG_KVM_INTEL=m
 # CONFIG_KVM_INTEL_PROVE_VE is not set
+CONFIG_KVM_INTEL_TDX=y
 CONFIG_KVM_IOAPIC=y
 CONFIG_KVM=m
 CONFIG_KVM_MAX_NR_VCPUS=4096
--- a/kernel-x86_64-rt-debug-fedora.config
+++ b/kernel-x86_64-rt-debug-fedora.config
@ -3777,6 +3777,7 @@ CONFIG_KVM_GUEST=y
 CONFIG_KVM_HYPERV=y
 CONFIG_KVM_INTEL=m
 # CONFIG_KVM_INTEL_PROVE_VE is not set
+CONFIG_KVM_INTEL_TDX=y
 CONFIG_KVM_IOAPIC=y
 CONFIG_KVM=m
 CONFIG_KVM_MAX_NR_VCPUS=4096
--- a/kernel-x86_64-rt-fedora.config
+++ b/kernel-x86_64-rt-fedora.config
@ -3751,6 +3751,7 @@ CONFIG_KVM_GUEST=y
 CONFIG_KVM_HYPERV=y
 CONFIG_KVM_INTEL=m
 # CONFIG_KVM_INTEL_PROVE_VE is not set
+CONFIG_KVM_INTEL_TDX=y
 CONFIG_KVM_IOAPIC=y
 CONFIG_KVM=m
 CONFIG_KVM_MAX_NR_VCPUS=4096
--- a/kernel.changelog
+++ b/kernel.changelog
@ -1,8 +1,21 @@
-* Tue Sep 23 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.57]
+* Wed Sep 24 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.58]
+- powerpc/tools: drop `-o pipefail` in gcc check scripts (Jan Stancek)
+- redhat/configs: enable CONFIG_KVM_INTEL_TDX for Fedora x86 (Daniel P. Berrangé)
+- KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (Kai Huang)
+- x86/virt/tdx: Update the kexec section in the TDX documentation (Kai Huang)
+- x86/virt/tdx: Remove the !KEXEC_CORE dependency (Kai Huang)
+- x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum (Kai Huang)
+- x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (Kai Huang)
+- x86/sme: Use percpu boolean to control WBINVD during kexec (Kai Huang)
+- x86/kexec: Consolidate relocate_kernel() function parameters (Kai Huang)
 - arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: add Bluetooth support (Jens Glathe)
 - redhat/configs: clang_lto: disable CONFIG_FORTIFY_KUNIT_TEST (Scott Weaver)
 Resolves: 

+* Wed Sep 24 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.57]
+- Consolidate configs to common for 6.17 (Justin M. Forbes)
+Resolves: 
+
 * Tue Sep 23 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.56]
 - Add 1010-config-newlines-test.bats self test. (Alexandra Hájková)
 - Linux v6.17.0-0.rc7.cec1e6e5d1ab
--- a/kernel.spec
+++ b/kernel.spec
@ -176,13 +176,13 @@ Summary: The Linux kernel
 %define specrpmversion 6.17.0
 %define specversion 6.17.0
 %define patchversion 6.17
-%define pkgrelease 0.rc7.250923gcec1e6e5d1ab3.57
+%define pkgrelease 0.rc7.250924gcec1e6e5d1ab3.58
 %define kversion 6
 %define tarfile_release 6.17-rc7-20-gcec1e6e5d1ab3
 # This is needed to do merge window version magic
 %define patchlevel 17
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 0.rc7.250923gcec1e6e5d1ab3.57%{?buildid}%{?dist}
+%define specrelease 0.rc7.250924gcec1e6e5d1ab3.58%{?buildid}%{?dist}
 # This defines the kabi tarball version
 %define kabiversion 6.17.0

@ -4395,13 +4395,25 @@ fi\
 #
 #
 %changelog
-* Tue Sep 23 2025 Justin M. Forbes <jforbes@fedoraproject.org> [6.17.0-0.rc7.250923gcec1e6e5d1ab3.57]
- Linux v6.17.0-0.rc7.250923gcec1e6e5d1ab3
+* Wed Sep 24 2025 Justin M. Forbes <jforbes@fedoraproject.org> [6.17.0-0.rc7.250924gcec1e6e5d1ab3.58]
+- Linux v6.17.0-0.rc7.250924gcec1e6e5d1ab3

-* Tue Sep 23 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.57]
+* Wed Sep 24 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.58]
+- powerpc/tools: drop `-o pipefail` in gcc check scripts (Jan Stancek)
+- redhat/configs: enable CONFIG_KVM_INTEL_TDX for Fedora x86 (Daniel P. Berrangé)
+- KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (Kai Huang)
+- x86/virt/tdx: Update the kexec section in the TDX documentation (Kai Huang)
+- x86/virt/tdx: Remove the !KEXEC_CORE dependency (Kai Huang)
+- x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum (Kai Huang)
+- x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (Kai Huang)
+- x86/sme: Use percpu boolean to control WBINVD during kexec (Kai Huang)
+- x86/kexec: Consolidate relocate_kernel() function parameters (Kai Huang)
 - arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: add Bluetooth support (Jens Glathe)
 - redhat/configs: clang_lto: disable CONFIG_FORTIFY_KUNIT_TEST (Scott Weaver)

+* Wed Sep 24 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.57]
+- Consolidate configs to common for 6.17 (Justin M. Forbes)
+
 * Tue Sep 23 2025 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.17.0-0.rc7.cec1e6e5d1ab.56]
 - Add 1010-config-newlines-test.bats self test. (Alexandra Hájková)
 - Linux v6.17.0-0.rc7.cec1e6e5d1ab
--- a/patch-6.17-redhat.patch
+++ b/patch-6.17-redhat.patch
@ -1,5 +1,6 @@
 Documentation/admin-guide/kernel-parameters.txt    |  20 +
 Documentation/admin-guide/rh-waived-features.rst   |  21 +
+ Documentation/arch/x86/tdx.rst                     |  14 +-
 Kconfig                                            |   2 +
 Kconfig.redhat                                     |  31 ++
 Makefile                                           |  38 +-
@ -7,11 +8,23 @@
 arch/arm64/Kconfig                                 |   2 +-
 .../boot/dts/qcom/x1e80100-lenovo-yoga-slim7x.dts  | 143 ++++++
 arch/arm64/kernel/setup.c                          |  27 +
+ .../tools/gcc-check-fpatchable-function-entry.sh   |   1 -
+ arch/powerpc/tools/gcc-check-mprofile-kernel.sh    |   1 -
 arch/s390/include/asm/ipl.h                        |   1 +
 arch/s390/kernel/ipl.c                             |   5 +
 arch/s390/kernel/setup.c                           |   4 +
+ arch/x86/Kconfig                                   |   1 -
+ arch/x86/include/asm/kexec.h                       |  12 +-
+ arch/x86/include/asm/processor.h                   |   2 +
+ arch/x86/include/asm/tdx.h                         |  31 +-
+ arch/x86/kernel/cpu/amd.c                          |  17 +
 arch/x86/kernel/cpu/common.c                       |   1 +
+ arch/x86/kernel/machine_kexec_64.c                 |  44 +-
+ arch/x86/kernel/process.c                          |  24 +-
+ arch/x86/kernel/relocate_kernel_64.S               |  36 +-
 arch/x86/kernel/setup.c                            | 101 +++-
+ arch/x86/kvm/vmx/tdx.c                             |  10 +
+ arch/x86/virt/vmx/tdx/tdx.c                        |  23 +-
 crypto/akcipher.c                                  |   3 +-
 crypto/dh.c                                        |  25 +
 crypto/drbg.c                                      |  18 +-
@ -80,7 +93,7 @@
 security/lockdown/lockdown.c                       |  11 +
 tools/testing/selftests/bpf/Makefile               |   2 +-
 tools/testing/selftests/bpf/prog_tests/ksyms_btf.c |  31 --
- 82 files changed, 2911 insertions(+), 243 deletions(-)
+ 95 files changed, 3078 insertions(+), 292 deletions(-)

 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
 index 5a7a83c411e9c..bf40371c718ff 100644
@ -147,6 +160,38 @@ index 0000000000000..45caec7fbae64
 +List of Red Hat Waived Features
 +===============================
 +
+diff --git a/Documentation/arch/x86/tdx.rst b/Documentation/arch/x86/tdx.rst
+index 719043cd8b469..61670e7df2f7c 100644
+--- a/Documentation/arch/x86/tdx.rst
+++ b/Documentation/arch/x86/tdx.rst
+@@ -142,13 +142,6 @@ but depends on the BIOS to behave correctly.
+ Note TDX works with CPU logical online/offline, thus the kernel still
+ allows to offline logical CPU and online it again.
+ 
+-Kexec()
+-~~~~~~~
+-
+-TDX host support currently lacks the ability to handle kexec.  For
+-simplicity only one of them can be enabled in the Kconfig.  This will be
+-fixed in the future.
+-
+ Erratum
+ ~~~~~~~
+ 
+@@ -171,6 +164,13 @@ If the platform has such erratum, the kernel prints additional message in
+ machine check handler to tell user the machine check may be caused by
+ kernel bug on TDX private memory.
+ 
+Kexec
+~~~~~~~
+
+Currently kexec doesn't work on the TDX platforms with the aforementioned
+erratum.  It fails when loading the kexec kernel image.  Otherwise it
+works normally.
+
+ Interaction vs S3 and deeper states
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ 
 diff --git a/Kconfig b/Kconfig
 index 307e581144de3..11e93e479ce4f 100644
 --- a/Kconfig
@ -520,6 +565,30 @@ index 77c7926a4df66..1727fc3f6a778 100644
 	}
 
 	arm64_memblock_init();
+diff --git a/arch/powerpc/tools/gcc-check-fpatchable-function-entry.sh b/arch/powerpc/tools/gcc-check-fpatchable-function-entry.sh
+index 06706903503b6..baed467a016b3 100755
+--- a/arch/powerpc/tools/gcc-check-fpatchable-function-entry.sh
+++ b/arch/powerpc/tools/gcc-check-fpatchable-function-entry.sh
+@@ -2,7 +2,6 @@
+ # SPDX-License-Identifier: GPL-2.0
+ 
+ set -e
+-set -o pipefail
+ 
+ # To debug, uncomment the following line
+ # set -x
+diff --git a/arch/powerpc/tools/gcc-check-mprofile-kernel.sh b/arch/powerpc/tools/gcc-check-mprofile-kernel.sh
+index 73e331e7660ef..6193b0ed0c775 100755
+--- a/arch/powerpc/tools/gcc-check-mprofile-kernel.sh
+++ b/arch/powerpc/tools/gcc-check-mprofile-kernel.sh
+@@ -2,7 +2,6 @@
+ # SPDX-License-Identifier: GPL-2.0
+ 
+ set -e
+-set -o pipefail
+ 
+ # To debug, uncomment the following line
+ # set -x
 diff --git a/arch/s390/include/asm/ipl.h b/arch/s390/include/asm/ipl.h
 index b0d00032479d6..afb9544fb0074 100644
 --- a/arch/s390/include/asm/ipl.h
@ -567,6 +636,148 @@ index 7b529868789f9..c054a407afa68 100644
 	/* Have one command line that is parsed and saved in /proc/cmdline */
 	/* boot_command_line has been already set up in early.c */
 	*cmdline_p = boot_command_line;
+diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
+index 52c8910ba2efd..983dca8bbb0e6 100644
+--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
+@@ -1896,7 +1896,6 @@ config INTEL_TDX_HOST
+ 	depends on X86_X2APIC
+ 	select ARCH_KEEP_MEMBLOCK
+ 	depends on CONTIG_ALLOC
+-	depends on !KEXEC_CORE
+ 	depends on X86_MCE
+ 	help
+ 	  Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
+diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h
+index f2ad77929d6ef..5cfb27f26583c 100644
+--- a/arch/x86/include/asm/kexec.h
+++ b/arch/x86/include/asm/kexec.h
+@@ -13,6 +13,15 @@
+ # define KEXEC_DEBUG_EXC_HANDLER_SIZE	6 /* PUSHI, PUSHI, 2-byte JMP */
+ #endif
+ 
+#ifdef CONFIG_X86_64
+
+#include <linux/bits.h>
+
+#define RELOC_KERNEL_PRESERVE_CONTEXT	BIT(0)
+#define RELOC_KERNEL_CACHE_INCOHERENT	BIT(1)
+
+#endif
+
+ # define KEXEC_CONTROL_PAGE_SIZE	4096
+ # define KEXEC_CONTROL_CODE_MAX_SIZE	2048
+ 
+@@ -121,8 +130,7 @@ typedef unsigned long
+ relocate_kernel_fn(unsigned long indirection_page,
+ 		   unsigned long pa_control_page,
+ 		   unsigned long start_address,
+-		   unsigned int preserve_context,
+-		   unsigned int host_mem_enc_active);
+		   unsigned int flags);
+ #endif
+ extern relocate_kernel_fn relocate_kernel;
+ #define ARCH_HAS_KIMAGE_ARCH
+diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
+index bde58f6510ac4..a24c7805acdb5 100644
+--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
+@@ -731,6 +731,8 @@ void __noreturn stop_this_cpu(void *dummy);
+ void microcode_check(struct cpuinfo_x86 *prev_info);
+ void store_cpu_caps(struct cpuinfo_x86 *info);
+ 
+DECLARE_PER_CPU(bool, cache_state_incoherent);
+
+ enum l1tf_mitigations {
+ 	L1TF_MITIGATION_OFF,
+ 	L1TF_MITIGATION_AUTO,
+diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
+index 7ddef3a698668..913199b1954ba 100644
+--- a/arch/x86/include/asm/tdx.h
+++ b/arch/x86/include/asm/tdx.h
+@@ -102,10 +102,31 @@ u64 __seamcall_ret(u64 fn, struct tdx_module_args *args);
+ u64 __seamcall_saved_ret(u64 fn, struct tdx_module_args *args);
+ void tdx_init(void);
+ 
+#include <linux/preempt.h>
+ #include <asm/archrandom.h>
+#include <asm/processor.h>
+ 
+ typedef u64 (*sc_func_t)(u64 fn, struct tdx_module_args *args);
+ 
+static __always_inline u64 __seamcall_dirty_cache(sc_func_t func, u64 fn,
+						  struct tdx_module_args *args)
+{
+	lockdep_assert_preemption_disabled();
+
+	/*
+	 * SEAMCALLs are made to the TDX module and can generate dirty
+	 * cachelines of TDX private memory.  Mark cache state incoherent
+	 * so that the cache can be flushed during kexec.
+	 *
+	 * This needs to be done before actually making the SEAMCALL,
+	 * because kexec-ing CPU could send NMI to stop remote CPUs,
+	 * in which case even disabling IRQ won't help here.
+	 */
+	this_cpu_write(cache_state_incoherent, true);
+
+	return func(fn, args);
+}
+
+ static __always_inline u64 sc_retry(sc_func_t func, u64 fn,
+ 			   struct tdx_module_args *args)
+ {
+@@ -113,7 +134,9 @@ static __always_inline u64 sc_retry(sc_func_t func, u64 fn,
+ 	u64 ret;
+ 
+ 	do {
+-		ret = func(fn, args);
+		preempt_disable();
+		ret = __seamcall_dirty_cache(func, fn, args);
+		preempt_enable();
+ 	} while (ret == TDX_RND_NO_ENTROPY && --retry);
+ 
+ 	return ret;
+@@ -203,5 +226,11 @@ static inline const char *tdx_dump_mce_info(struct mce *m) { return NULL; }
+ static inline const struct tdx_sys_info *tdx_get_sysinfo(void) { return NULL; }
+ #endif	/* CONFIG_INTEL_TDX_HOST */
+ 
+#ifdef CONFIG_KEXEC_CORE
+void tdx_cpu_flush_cache_for_kexec(void);
+#else
+static inline void tdx_cpu_flush_cache_for_kexec(void) { }
+#endif
+
+ #endif /* !__ASSEMBLER__ */
+ #endif /* _ASM_X86_TDX_H */
+diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
+index a6f88ca1a6b49..5398db4dedb4a 100644
+--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
+@@ -545,6 +545,23 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c)
+ {
+ 	u64 msr;
+ 
+	/*
+	 * Mark using WBINVD is needed during kexec on processors that
+	 * support SME. This provides support for performing a successful
+	 * kexec when going from SME inactive to SME active (or vice-versa).
+	 *
+	 * The cache must be cleared so that if there are entries with the
+	 * same physical address, both with and without the encryption bit,
+	 * they don't race each other when flushed and potentially end up
+	 * with the wrong entry being committed to memory.
+	 *
+	 * Test the CPUID bit directly because with mem_encrypt=off the
+	 * BSP will clear the X86_FEATURE_SME bit and the APs will not
+	 * see it set after that.
+	 */
+	if (c->extended_cpuid_level >= 0x8000001f && (cpuid_eax(0x8000001f) & BIT(0)))
+		__this_cpu_write(cache_state_incoherent, true);
+
+ 	/*
+ 	 * BIOS support is required for SME and SEV.
+ 	 *   For SME: If BIOS has enabled SME then adjust x86_phys_bits by
 diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
 index f98ec9c7fc07f..f93e35e238ade 100644
 --- a/arch/x86/kernel/cpu/common.c
@ -579,6 +790,243 @@ index f98ec9c7fc07f..f93e35e238ade 100644
 		setup_force_cpu_cap(X86_FEATURE_CPUID);
 		get_cpu_address_sizes(c);
 		cpu_parse_early_param();
+diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
+index 697fb99406e6b..15088d14904fc 100644
+--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
+@@ -29,6 +29,7 @@
+ #include <asm/set_memory.h>
+ #include <asm/cpu.h>
+ #include <asm/efi.h>
+#include <asm/processor.h>
+ 
+ #ifdef CONFIG_ACPI
+ /*
+@@ -346,6 +347,22 @@ int machine_kexec_prepare(struct kimage *image)
+ 	unsigned long reloc_end = (unsigned long)__relocate_kernel_end;
+ 	int result;
+ 
+	/*
+	 * Some early TDX-capable platforms have an erratum.  A kernel
+	 * partial write (a write transaction of less than cacheline
+	 * lands at memory controller) to TDX private memory poisons that
+	 * memory, and a subsequent read triggers a machine check.
+	 *
+	 * On those platforms the old kernel must reset TDX private
+	 * memory before jumping to the new kernel otherwise the new
+	 * kernel may see unexpected machine check.  For simplicity
+	 * just fail kexec/kdump on those platforms.
+	 */
+	if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE)) {
+		pr_info_once("Not allowed on platform with tdx_pw_mce bug\n");
+		return -EOPNOTSUPP;
+	}
+
+ 	/* Setup the identity mapped 64bit page table */
+ 	result = init_pgtable(image, __pa(control_page));
+ 	if (result)
+@@ -384,16 +401,10 @@ void __nocfi machine_kexec(struct kimage *image)
+ {
+ 	unsigned long reloc_start = (unsigned long)__relocate_kernel_start;
+ 	relocate_kernel_fn *relocate_kernel_ptr;
+-	unsigned int host_mem_enc_active;
+	unsigned int relocate_kernel_flags;
+ 	int save_ftrace_enabled;
+ 	void *control_page;
+ 
+-	/*
+-	 * This must be done before load_segments() since if call depth tracking
+-	 * is used then GS must be valid to make any function calls.
+-	 */
+-	host_mem_enc_active = cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT);
+-
+ #ifdef CONFIG_KEXEC_JUMP
+ 	if (image->preserve_context)
+ 		save_processor_state();
+@@ -427,6 +438,17 @@ void __nocfi machine_kexec(struct kimage *image)
+ 	 */
+ 	relocate_kernel_ptr = control_page + (unsigned long)relocate_kernel - reloc_start;
+ 
+	relocate_kernel_flags = 0;
+	if (image->preserve_context)
+		relocate_kernel_flags |= RELOC_KERNEL_PRESERVE_CONTEXT;
+
+	/*
+	 * This must be done before load_segments() since it resets
+	 * GS to 0 and percpu data needs the correct GS to work.
+	 */
+	if (this_cpu_read(cache_state_incoherent))
+		relocate_kernel_flags |= RELOC_KERNEL_CACHE_INCOHERENT;
+
+ 	/*
+ 	 * The segment registers are funny things, they have both a
+ 	 * visible and an invisible part.  Whenever the visible part is
+@@ -436,6 +458,11 @@ void __nocfi machine_kexec(struct kimage *image)
+ 	 *
+ 	 * Take advantage of this here by force loading the segments,
+ 	 * before the GDT is zapped with an invalid value.
+	 *
+	 * load_segments() resets GS to 0.  Don't make any function call
+	 * after here since call depth tracking uses percpu variables to
+	 * operate (relocate_kernel() is explicitly ignored by call depth
+	 * tracking).
+ 	 */
+ 	load_segments();
+ 
+@@ -443,8 +470,7 @@ void __nocfi machine_kexec(struct kimage *image)
+ 	image->start = relocate_kernel_ptr((unsigned long)image->head,
+ 					   virt_to_phys(control_page),
+ 					   image->start,
+-					   image->preserve_context,
+-					   host_mem_enc_active);
+					   relocate_kernel_flags);
+ 
+ #ifdef CONFIG_KEXEC_JUMP
+ 	if (image->preserve_context)
+diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
+index 1b7960cf6eb0c..f2bbbeef5477d 100644
+--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
+@@ -88,6 +88,16 @@ EXPORT_PER_CPU_SYMBOL(cpu_tss_rw);
+ DEFINE_PER_CPU(bool, __tss_limit_invalid);
+ EXPORT_PER_CPU_SYMBOL_GPL(__tss_limit_invalid);
+ 
+/*
+ * The cache may be in an incoherent state and needs flushing during kexec.
+ * E.g., on SME/TDX platforms, dirty cacheline aliases with and without
+ * encryption bit(s) can coexist and the cache needs to be flushed before
+ * booting to the new kernel to avoid the silent memory corruption due to
+ * dirty cachelines with different encryption property being written back
+ * to the memory.
+ */
+DEFINE_PER_CPU(bool, cache_state_incoherent);
+
+ /*
+  * this gets called so that we can store lazy state into memory and copy the
+  * current task into the new thread.
+@@ -827,19 +837,7 @@ void __noreturn stop_this_cpu(void *dummy)
+ 	disable_local_APIC();
+ 	mcheck_cpu_clear(c);
+ 
+-	/*
+-	 * Use wbinvd on processors that support SME. This provides support
+-	 * for performing a successful kexec when going from SME inactive
+-	 * to SME active (or vice-versa). The cache must be cleared so that
+-	 * if there are entries with the same physical address, both with and
+-	 * without the encryption bit, they don't race each other when flushed
+-	 * and potentially end up with the wrong entry being committed to
+-	 * memory.
+-	 *
+-	 * Test the CPUID bit directly because the machine might've cleared
+-	 * X86_FEATURE_SME due to cmdline options.
+-	 */
+-	if (c->extended_cpuid_level >= 0x8000001f && (cpuid_eax(0x8000001f) & BIT(0)))
+	if (this_cpu_read(cache_state_incoherent))
+ 		wbinvd();
+ 
+ 	/*
+diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S
+index ea604f4d0b52b..11e20bb13acaa 100644
+--- a/arch/x86/kernel/relocate_kernel_64.S
+++ b/arch/x86/kernel/relocate_kernel_64.S
+@@ -66,8 +66,7 @@ SYM_CODE_START_NOALIGN(relocate_kernel)
+ 	 * %rdi indirection_page
+ 	 * %rsi pa_control_page
+ 	 * %rdx start address
+-	 * %rcx preserve_context
+-	 * %r8  host_mem_enc_active
+	 * %rcx flags: RELOC_KERNEL_*
+ 	 */
+ 
+ 	/* Save the CPU context, used for jumping back */
+@@ -111,7 +110,7 @@ SYM_CODE_START_NOALIGN(relocate_kernel)
+ 	/* save indirection list for jumping back */
+ 	movq	%rdi, pa_backup_pages_map(%rip)
+ 
+-	/* Save the preserve_context to %r11 as swap_pages clobbers %rcx. */
+	/* Save the flags to %r11 as swap_pages clobbers %rcx. */
+ 	movq	%rcx, %r11
+ 
+ 	/* setup a new stack at the end of the physical control page */
+@@ -129,9 +128,8 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped)
+ 	/*
+ 	 * %rdi	indirection page
+ 	 * %rdx start address
+-	 * %r8 host_mem_enc_active
+ 	 * %r9 page table page
+-	 * %r11 preserve_context
+	 * %r11 flags: RELOC_KERNEL_*
+ 	 * %r13 original CR4 when relocate_kernel() was invoked
+ 	 */
+ 
+@@ -200,14 +198,21 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped)
+ 	movq	%r9, %cr3
+ 
+ 	/*
+	 * If the memory cache is in incoherent state, e.g., due to
+	 * memory encryption, do WBINVD to flush cache.
+	 *
+ 	 * If SME is active, there could be old encrypted cache line
+ 	 * entries that will conflict with the now unencrypted memory
+ 	 * used by kexec. Flush the caches before copying the kernel.
+	 *
+	 * Note SME sets this flag to true when the platform supports
+	 * SME, so the WBINVD is performed even SME is not activated
+	 * by the kernel.  But this has no harm.
+ 	 */
+-	testq	%r8, %r8
+-	jz .Lsme_off
+	testb	$RELOC_KERNEL_CACHE_INCOHERENT, %r11b
+	jz .Lnowbinvd
+ 	wbinvd
+-.Lsme_off:
+.Lnowbinvd:
+ 
+ 	call	swap_pages
+ 
+@@ -220,7 +225,7 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped)
+ 	movq	%cr3, %rax
+ 	movq	%rax, %cr3
+ 
+-	testq	%r11, %r11	/* preserve_context */
+	testb	$RELOC_KERNEL_PRESERVE_CONTEXT, %r11b
+ 	jnz .Lrelocate
+ 
+ 	/*
+@@ -273,7 +278,13 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped)
+ 	ANNOTATE_NOENDBR
+ 	andq	$PAGE_MASK, %r8
+ 	lea	PAGE_SIZE(%r8), %rsp
+-	movl	$1, %r11d	/* Ensure preserve_context flag is set */
+	/*
+	 * Ensure RELOC_KERNEL_PRESERVE_CONTEXT flag is set so that
+	 * swap_pages() can swap pages correctly.  Note all other
+	 * RELOC_KERNEL_* flags passed to relocate_kernel() are not
+	 * restored.
+	 */
+	movl	$RELOC_KERNEL_PRESERVE_CONTEXT, %r11d
+ 	call	swap_pages
+ 	movq	kexec_va_control_page(%rip), %rax
+ 0:	addq	$virtual_mapped - 0b, %rax
+@@ -321,7 +332,7 @@ SYM_CODE_START_LOCAL_NOALIGN(swap_pages)
+ 	UNWIND_HINT_END_OF_STACK
+ 	/*
+ 	 * %rdi indirection page
+-	 * %r11 preserve_context
+	 * %r11 flags: RELOC_KERNEL_*
+ 	 */
+ 	movq	%rdi, %rcx	/* Put the indirection_page in %rcx */
+ 	xorl	%edi, %edi
+@@ -357,7 +368,8 @@ SYM_CODE_START_LOCAL_NOALIGN(swap_pages)
+ 	movq	%rdi, %rdx    /* Save destination page to %rdx */
+ 	movq	%rsi, %rax    /* Save source page to %rax */
+ 
+-	testq	%r11, %r11    /* Only actually swap for ::preserve_context */
+	/* Only actually swap for ::preserve_context */
+	testb	$RELOC_KERNEL_PRESERVE_CONTEXT, %r11b
+ 	jz	.Lnoswap
+ 
+ 	/* copy source page to swap page */
 diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
 index 1b2edd07a3e17..201705bc317a3 100644
 --- a/arch/x86/kernel/setup.c
@ -726,6 +1174,72 @@ index 1b2edd07a3e17..201705bc317a3 100644
 	unwind_init();
 }
 
+diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
+index 66744f5768c8e..de39c2e267b12 100644
+--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
+@@ -442,6 +442,16 @@ void tdx_disable_virtualization_cpu(void)
+ 		tdx_flush_vp(&arg);
+ 	}
+ 	local_irq_restore(flags);
+
+	/*
+	 * Flush cache now if kexec is possible: this is necessary to avoid
+	 * having dirty private memory cachelines when the new kernel boots,
+	 * but WBINVD is a relatively expensive operation and doing it during
+	 * kexec can exacerbate races in native_stop_other_cpus().  Do it
+	 * now, since this is a safe moment and there is going to be no more
+	 * TDX activity on this CPU from this point on.
+	 */
+	tdx_cpu_flush_cache_for_kexec();
+ }
+ 
+ #define TDX_SEAMCALL_RETRIES 10000
+diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
+index c7a9a087ccaf5..458cb109f61a0 100644
+--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
+@@ -1266,7 +1266,7 @@ static bool paddr_is_tdx_private(unsigned long phys)
+ 		return false;
+ 
+ 	/* Get page type from the TDX module */
+-	sret = __seamcall_ret(TDH_PHYMEM_PAGE_RDMD, &args);
+	sret = __seamcall_dirty_cache(__seamcall_ret, TDH_PHYMEM_PAGE_RDMD, &args);
+ 
+ 	/*
+ 	 * The SEAMCALL will not return success unless there is a
+@@ -1522,7 +1522,7 @@ noinstr __flatten u64 tdh_vp_enter(struct tdx_vp *td, struct tdx_module_args *ar
+ {
+ 	args->rcx = tdx_tdvpr_pa(td);
+ 
+-	return __seamcall_saved_ret(TDH_VP_ENTER, args);
+	return __seamcall_dirty_cache(__seamcall_saved_ret, TDH_VP_ENTER, args);
+ }
+ EXPORT_SYMBOL_GPL(tdh_vp_enter);
+ 
+@@ -1870,3 +1870,22 @@ u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page)
+ 	return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args);
+ }
+ EXPORT_SYMBOL_GPL(tdh_phymem_page_wbinvd_hkid);
+
+#ifdef CONFIG_KEXEC_CORE
+void tdx_cpu_flush_cache_for_kexec(void)
+{
+	lockdep_assert_preemption_disabled();
+
+	if (!this_cpu_read(cache_state_incoherent))
+		return;
+
+	/*
+	 * Private memory cachelines need to be clean at the time of
+	 * kexec.  Write them back now, as the caller promises that
+	 * there should be no more SEAMCALLs on this CPU.
+	 */
+	wbinvd();
+	this_cpu_write(cache_state_incoherent, false);
+}
+EXPORT_SYMBOL_GPL(tdx_cpu_flush_cache_for_kexec);
+#endif
 diff --git a/crypto/akcipher.c b/crypto/akcipher.c
 index a36f50c838278..f4f421e6cff20 100644
 --- a/crypto/akcipher.c
--- a/4
+++ b/4
@ -1,3 +1,3 @@
 SHA512 (linux-6.17-rc7-20-gcec1e6e5d1ab3.tar.xz) = 722e85c7d93917e61281d90c7f9805b88e609d35f95e4d4848ecf0bfdca82acfff7bf3c2f6aca4606c338f097dafe354142b0d7d40eb0e2bc635837062b17cd7
-SHA512 (kernel-abi-stablelists-6.17.0.tar.xz) = 7d35f17935435efd98799f4924163a2075b0138e05e37fe8c479540bdf452590770f21a6a8647396c908515105081efa4c8f9a8bd4fa6f04a71c7fa667f33195
-SHA512 (kernel-kabi-dw-6.17.0.tar.xz) = 4de8b691b8fba77b8a09bb35adeca27c105573680342c187b6cdefec6fe7c86912242e63efc8f580d1265c76baf8b7ee9da3ad780e62e5f266e6536f5ded1b3b
+SHA512 (kernel-abi-stablelists-6.17.0.tar.xz) = 617ed6f648d0e661bedb8b789fa4e842a38c601e772e367fc1642b0abcb3091deeafa4cc750a64002cd0ac897596074a57c5ca5298966c363158b215885d5ab3
+SHA512 (kernel-kabi-dw-6.17.0.tar.xz) = 6b33633ec878adae5c518e50368f6c2aaa97282e50d7940032a6b6ea4b6efb9cf1881922bb254d762bf671fc01b42284cb33e19d2de99637a1e130f9b3dfe5f0