From: Chao Gao <chao.gao@intel.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: <linux-coco@lists.linux.dev>, <linux-kernel@vger.kernel.org>,
<kvm@vger.kernel.org>, <x86@kernel.org>,
<reinette.chatre@intel.com>, <ira.weiny@intel.com>,
<kai.huang@intel.com>, <dan.j.williams@intel.com>,
<yilun.xu@linux.intel.com>, <sagis@google.com>,
<vannapurve@google.com>, <paulmck@kernel.org>,
<nik.borisov@suse.com>, <zhenzhong.duan@intel.com>,
<seanjc@google.com>, <rick.p.edgecombe@intel.com>,
<kas@kernel.org>, <dave.hansen@linux.intel.com>,
<vishal.l.verma@intel.com>, Farrah Chen <farrah.chen@intel.com>
Subject: Re: [PATCH v3 09/26] coco/tdx-host: Expose P-SEAMLDR information via sysfs
Date: Fri, 30 Jan 2026 22:44:54 +0800 [thread overview]
Message-ID: <aXzD5nOW0NhCHG7+@intel.com> (raw)
In-Reply-To: <9fb1bbf3-0623-447e-86d7-d48ef20fb42c@intel.com>
>> +What: /sys/devices/faux/tdx_host/seamldr/num_remaining_updates
>> +Contact: linux-coco@lists.linux.dev
>> +Description: (RO) Report the number of remaining updates that can be performed.
>> + The CPU keeps track of TCB versions for each TDX Module that
>> + has been loaded. Since this tracking database has finite
>> + capacity, there's a maximum number of Module updates that can
>> + be performed.
>
>Is it really the CPU? Or some SEAM software construct?
It is the CPU. The CPU provides the database and gives instructions to
P-SEAMLDR for adding records or cleaning up the entire database.
<snip>
>> +#ifdef CONFIG_INTEL_TDX_MODULE_UPDATE
>> +static ssize_t seamldr_version_show(struct device *dev, struct device_attribute *attr,
>> + char *buf)
>> +{
>> + const struct seamldr_info *info = seamldr_get_info();
>
>Uhh... seamldr_get_info() calls down into the SEAMLDR. It happily zaps
>the VMCS and this is surely a slow thing. This also has 0444 permissions
>which means *ANYONE* can call this. Constantly. As fast as they can make
>a few syscalls.
>
>Right?
You are absolutely right.
>
>Are there any concerns about making SEAMLDR calls? Are there any
>system-wide performance implications? How long of an interrupt-blocking
>blip is there for this?
>
>Also, what's the locking around seamldr_get_info()? It writes into a
>global, shared structure. I guess you disabled interrupts so it's
>preempt safe at least. <sigh>
>
>I guess it won't change *that* much. But, sheesh, it seems like an
>awfully bad idea to have lots of CPUs writing into a common data
>structure all at the same time.
/facepalm. Sorry for missing these important considerations.
I overlooked a critical constraint: only one CPU can call P-SEAMLDR at a time;
any second CPU gets VMFailInvalid. Patch 19 adds a lock for SEAMLDR.INSTALL
serialization, but we actually need to serialize all P-SEAMLDR calls or handle
VMFailInvalid with retries.
I will make the following changes to see how they look:
1. Move the lock from patch 19 to seamldr_call() to serialize all P-SEAMLDR calls
2. Cache seamldr_info and only update it after successful updates
3. Make seamldr_get_info() return cached data instead of calling P-SEAMLDR every time
next prev parent reply other threads:[~2026-01-30 14:45 UTC|newest]
Thread overview: 132+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-23 14:55 [PATCH v3 00/26] Runtime TDX Module update support Chao Gao
2026-01-23 14:55 ` [PATCH v3 01/26] x86/virt/tdx: Print SEAMCALL leaf numbers in decimal Chao Gao
2026-01-26 10:01 ` Tony Lindgren
2026-01-28 1:28 ` Binbin Wu
2026-01-28 16:26 ` Dave Hansen
2026-01-29 5:44 ` Chao Gao
2026-01-23 14:55 ` [PATCH v3 02/26] x86/virt/tdx: Use %# prefix for hex values in SEAMCALL error messages Chao Gao
2026-01-26 10:02 ` Tony Lindgren
2026-01-28 1:34 ` Binbin Wu
2026-01-28 12:16 ` Chao Gao
2026-01-28 15:18 ` Dave Hansen
2026-01-23 14:55 ` [PATCH v3 03/26] x86/virt/tdx: Move low level SEAMCALL helpers out of <asm/tdx.h> Chao Gao
2026-01-26 10:02 ` Tony Lindgren
2026-01-28 1:37 ` Binbin Wu
2026-01-28 12:42 ` Chao Gao
2026-01-28 16:31 ` Dave Hansen
2026-01-29 14:02 ` Chao Gao
2026-01-29 16:03 ` Dave Hansen
2026-01-28 16:37 ` Dave Hansen
2026-01-29 8:04 ` Chao Gao
2026-01-23 14:55 ` [PATCH v3 04/26] coco/tdx-host: Introduce a "tdx_host" device Chao Gao
2026-01-26 9:52 ` Tony Lindgren
2026-01-28 16:53 ` Dave Hansen
2026-01-28 3:24 ` Binbin Wu
2026-01-29 7:26 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 05/26] coco/tdx-host: Expose TDX Module version Chao Gao
2026-01-26 9:54 ` Tony Lindgren
2026-01-28 3:48 ` Binbin Wu
2026-01-28 17:01 ` Dave Hansen
2026-01-29 14:07 ` Chao Gao
2026-01-29 7:38 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 06/26] x86/virt/tdx: Prepare to support P-SEAMLDR SEAMCALLs Chao Gao
2026-01-26 10:05 ` Tony Lindgren
2026-01-28 5:58 ` Binbin Wu
2026-01-28 23:03 ` Dave Hansen
2026-01-29 9:46 ` Xu Yilun
2026-01-29 16:08 ` Dave Hansen
2026-01-29 14:55 ` Chao Gao
2026-01-29 16:59 ` Dave Hansen
2026-01-23 14:55 ` [PATCH v3 07/26] x86/virt/seamldr: Introduce a wrapper for " Chao Gao
2026-01-26 10:12 ` Tony Lindgren
2026-01-28 6:38 ` Binbin Wu
2026-01-28 23:04 ` Dave Hansen
2026-01-30 8:08 ` Chao Gao
2026-01-30 16:23 ` Dave Hansen
2026-01-28 23:36 ` Dave Hansen
2026-01-30 13:21 ` Chao Gao
2026-01-30 16:18 ` Dave Hansen
2026-02-03 12:15 ` Chao Gao
2026-02-03 15:41 ` Sean Christopherson
2026-02-03 16:12 ` Dave Hansen
2026-02-03 23:54 ` Chao Gao
2026-02-05 16:29 ` Sean Christopherson
2026-02-05 16:37 ` Dave Hansen
2026-01-23 14:55 ` [PATCH v3 08/26] x86/virt/seamldr: Retrieve P-SEAMLDR information Chao Gao
2026-01-26 10:15 ` Tony Lindgren
2026-01-28 6:50 ` Binbin Wu
2026-01-28 23:54 ` Dave Hansen
2026-01-30 4:01 ` Xu Yilun
2026-01-30 16:35 ` Dave Hansen
2026-02-02 0:16 ` Xu Yilun
2026-01-30 13:55 ` Chao Gao
2026-01-30 16:06 ` Dave Hansen
2026-01-28 23:57 ` Dave Hansen
2026-01-30 13:30 ` Chao Gao
2026-01-23 14:55 ` [PATCH v3 09/26] coco/tdx-host: Expose P-SEAMLDR information via sysfs Chao Gao
2026-01-26 9:56 ` Tony Lindgren
2026-01-28 3:07 ` Huang, Kai
2026-01-29 0:08 ` Dave Hansen
2026-01-30 14:44 ` Chao Gao [this message]
2026-01-30 16:02 ` Dave Hansen
2026-01-23 14:55 ` [PATCH v3 10/26] coco/tdx-host: Implement FW_UPLOAD sysfs ABI for TDX Module updates Chao Gao
2026-01-26 10:00 ` Tony Lindgren
2026-01-28 3:30 ` Huang, Kai
2026-01-30 14:07 ` Xu Yilun
2026-02-06 17:15 ` Xing, Cedric
2026-01-23 14:55 ` [PATCH v3 11/26] x86/virt/seamldr: Block TDX Module updates if any CPU is offline Chao Gao
2026-01-26 10:16 ` Tony Lindgren
2026-02-02 0:31 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 12/26] x86/virt/seamldr: Verify availability of slots for TDX Module updates Chao Gao
2026-01-26 10:17 ` Tony Lindgren
2026-01-23 14:55 ` [PATCH v3 13/26] x86/virt/seamldr: Allocate and populate a module update request Chao Gao
2026-01-26 10:23 ` Tony Lindgren
2026-01-27 3:21 ` Huang, Kai
2026-01-28 11:28 ` Chao Gao
2026-01-28 22:33 ` Huang, Kai
2026-01-28 4:03 ` Huang, Kai
2026-01-30 14:56 ` Chao Gao
2026-02-02 3:08 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 14/26] x86/virt/seamldr: Introduce skeleton for TDX Module updates Chao Gao
2026-01-26 10:28 ` Tony Lindgren
2026-02-02 6:01 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 15/26] x86/virt/seamldr: Abort updates if errors occurred midway Chao Gao
2026-01-26 10:31 ` Tony Lindgren
2026-02-02 6:08 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 16/26] x86/virt/seamldr: Shut down the current TDX module Chao Gao
2026-01-26 10:42 ` Tony Lindgren
2026-02-02 6:31 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 17/26] x86/virt/tdx: Reset software states after TDX module shutdown Chao Gao
2026-01-26 10:43 ` Tony Lindgren
2026-01-23 14:55 ` [PATCH v3 18/26] x86/virt/seamldr: Log TDX Module update failures Chao Gao
2026-01-26 10:45 ` Tony Lindgren
2026-02-02 7:11 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 19/26] x86/virt/seamldr: Install a new TDX Module Chao Gao
2026-01-26 10:52 ` Tony Lindgren
2026-01-23 14:55 ` [PATCH v3 20/26] x86/virt/seamldr: Do TDX per-CPU initialization after updates Chao Gao
2026-01-26 10:53 ` Tony Lindgren
2026-02-02 7:32 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 21/26] x86/virt/tdx: Establish contexts for the new TDX Module Chao Gao
2026-01-26 10:54 ` Tony Lindgren
2026-01-23 14:55 ` [PATCH v3 22/26] x86/virt/tdx: Update tdx_sysinfo and check features post-update Chao Gao
2026-01-26 11:07 ` Tony Lindgren
2026-02-02 7:33 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 23/26] x86/virt/tdx: Enable TDX Module runtime updates Chao Gao
2026-01-26 11:14 ` Tony Lindgren
2026-02-04 10:03 ` Tony Lindgren
2026-02-02 7:41 ` Xu Yilun
2026-01-23 14:55 ` [PATCH v3 24/26] x86/virt/seamldr: Extend sigstruct to 16KB Chao Gao
2026-01-26 11:15 ` Tony Lindgren
2026-01-27 3:58 ` Huang, Kai
2026-01-28 23:01 ` Huang, Kai
2026-01-30 14:25 ` Chao Gao
2026-02-02 11:57 ` Huang, Kai
2026-01-23 14:55 ` [PATCH v3 25/26] x86/virt/tdx: Avoid updates during update-sensitive operations Chao Gao
2026-01-26 11:23 ` Tony Lindgren
2026-01-23 14:55 ` [PATCH v3 26/26] coco/tdx-host: Set and document TDX Module update expectations Chao Gao
2026-01-26 11:28 ` Tony Lindgren
2026-01-26 22:14 ` dan.j.williams
2026-01-27 12:17 ` Chao Gao
2026-01-27 17:23 ` dan.j.williams
2026-01-28 17:52 ` [PATCH v3 00/26] Runtime TDX Module update support Sagi Shahar
2026-01-29 1:51 ` Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aXzD5nOW0NhCHG7+@intel.com \
--to=chao.gao@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=farrah.chen@intel.com \
--cc=ira.weiny@intel.com \
--cc=kai.huang@intel.com \
--cc=kas@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=nik.borisov@suse.com \
--cc=paulmck@kernel.org \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=sagis@google.com \
--cc=seanjc@google.com \
--cc=vannapurve@google.com \
--cc=vishal.l.verma@intel.com \
--cc=x86@kernel.org \
--cc=yilun.xu@linux.intel.com \
--cc=zhenzhong.duan@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.