From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D430F35D5E6 for ; Thu, 12 Feb 2026 14:36:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.8 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770906977; cv=none; b=HnT5pvSe5XTTauqDTtvdILk3DwgWzvuWd4bzAkykA/+BSAAdjFfB5Of3JA0fsqeeS7khbfGeIo4cPEjmzKxIuKZ8JEKDZQ2zy4JDTVX2Fxkk/j9dgdPJ2wsc+1xjkg9Maj2lStV9KPv7LBsxb8JDeELBvaxbBMygELI+GRcOZWY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770906977; c=relaxed/simple; bh=k2DuuaKpn+DVryFaIKKAVgA5FgWmenrws7RxXEkqSJ4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=m8YOMu4AWg4Pj67RtBgue0RJJWxtgeEmSFXLXHfyVPB5001GOVF/G39qjD1CAn7HoFUGPGWphREbMuVNtVmyKmAYb8vrpxLADf8bXfNNlZVgo9beroB/9/yOsjJg37tKblTpU/jZC7Pot4L72wwcF4mZD6hwXojv+NmHU1669yw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=LVNk1ZDj; arc=none smtp.client-ip=192.198.163.8 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="LVNk1ZDj" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1770906976; x=1802442976; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=k2DuuaKpn+DVryFaIKKAVgA5FgWmenrws7RxXEkqSJ4=; b=LVNk1ZDjPUHJvsJESTofqH/IUFh9taFPxuOEnaCaptG+sR78SY4AlOwz t9d/9xaSb/nKCrM8Plimy2WEa4c1NPjVeruDsNdc/jLc/KCotJWYnQ7o8 b0GKijUwaB+GmeHDfYZGcWNy0UGOlDtfxen0hMsJL0j3iLqc/tm0Ru0Aa p3e9ZX+ZOvuXS1+9UD4eVOo6+kQ3vs73ZYMcsPhS+7JPXWkDqXpAjWMZ3 PTmAEo1iZD1iKMFhhWSYVx3YOAnCZTdBUbrqs3dxLqZteVB0kQzaofXfX yCHsKyeF65bt+iQ2ypX+rxDihfkAER6FwZNZRV3vFiOiVmqHAbP2eSeuc Q==; X-CSE-ConnectionGUID: ts9khrVoS8uwnaV7ZVJ61g== X-CSE-MsgGUID: 0iCKh+68TCKTiv/v+hxBUA== X-IronPort-AV: E=McAfee;i="6800,10657,11699"; a="89662769" X-IronPort-AV: E=Sophos;i="6.21,286,1763452800"; d="scan'208";a="89662769" Received: from fmviesa006.fm.intel.com ([10.60.135.146]) by fmvoesa102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Feb 2026 06:36:15 -0800 X-CSE-ConnectionGUID: nhsSAK4dRrCCQixVYJsDwA== X-CSE-MsgGUID: wVjmomZ7QwanogookcTYlA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.21,286,1763452800"; d="scan'208";a="211428211" Received: from 984fee019967.jf.intel.com ([10.23.153.244]) by fmviesa006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Feb 2026 06:36:14 -0800 From: Chao Gao To: linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, x86@kernel.org Cc: reinette.chatre@intel.com, ira.weiny@intel.com, kai.huang@intel.com, dan.j.williams@intel.com, yilun.xu@linux.intel.com, sagis@google.com, vannapurve@google.com, paulmck@kernel.org, nik.borisov@suse.com, zhenzhong.duan@intel.com, seanjc@google.com, rick.p.edgecombe@intel.com, kas@kernel.org, dave.hansen@linux.intel.com, vishal.l.verma@intel.com, binbin.wu@linux.intel.com, tony.lindgren@linux.intel.com, Chao Gao , Farrah Chen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" Subject: [PATCH v4 04/24] x86/virt/seamldr: Introduce a wrapper for P-SEAMLDR SEAMCALLs Date: Thu, 12 Feb 2026 06:35:07 -0800 Message-ID: <20260212143606.534586-5-chao.gao@intel.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260212143606.534586-1-chao.gao@intel.com> References: <20260212143606.534586-1-chao.gao@intel.com> Precedence: bulk X-Mailing-List: linux-coco@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The TDX architecture uses the "SEAMCALL" instruction to communicate with SEAM mode software. Right now, the only SEAM mode software that the kernel communicates with is the TDX module. But, there is actually another component that runs in SEAM mode but it is separate from the TDX module: the persistent SEAM loader or "P-SEAMLDR". Right now, the only component that communicates with it is the BIOS which loads the TDX module itself at boot. But, to support updating the TDX module, the kernel now needs to be able to talk to it. P-SEAMLDR SEAMCALLs differ from TDX Module SEAMCALLs in areas such as concurrency requirements. Add a P-SEAMLDR wrapper to handle these differences and prepare for implementing concrete functions. Note that unlike P-SEAMLDR, there is also a non-persistent SEAM loader ("NP-SEAMLDR"). This is an authenticated code module (ACM) that is not callable at runtime. Only BIOS launches it to load P-SEAMLDR at boot; the kernel does not interact with it. For details of P-SEAMLDR SEAMCALLs, see IntelĀ® Trust Domain CPU Architectural Extensions, Revision 343754-002, Chapter 2.3 "INSTRUCTION SET REFERENCE". Signed-off-by: Chao Gao Tested-by: Farrah Chen Link: https://cdrdv2.intel.com/v1/dl/getContent/733582 # [1] --- v4: - Give more background about P-SEAMLDR in changelog [Dave] - Don't handle P-SEAMLDR's "no_entropy" error [Dave] - Assume current VMCS is preserved across P-SEAMLDR calls [Dave] - I'm not adding Reviewed-by tags as the code has changed significantly. v2: - don't create a new, inferior framework to save/restore VMCS - use human-friendly language, just "current VMCS" rather than SDM term "current-VMCS pointer" - don't mix guard() with goto --- arch/x86/virt/vmx/tdx/Makefile | 2 +- arch/x86/virt/vmx/tdx/seamldr.c | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 arch/x86/virt/vmx/tdx/seamldr.c diff --git a/arch/x86/virt/vmx/tdx/Makefile b/arch/x86/virt/vmx/tdx/Makefile index 90da47eb85ee..d1dbc5cc5697 100644 --- a/arch/x86/virt/vmx/tdx/Makefile +++ b/arch/x86/virt/vmx/tdx/Makefile @@ -1,2 +1,2 @@ # SPDX-License-Identifier: GPL-2.0-only -obj-y += seamcall.o tdx.o +obj-y += seamcall.o seamldr.o tdx.o diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c new file mode 100644 index 000000000000..fb59b3e2aa37 --- /dev/null +++ b/arch/x86/virt/vmx/tdx/seamldr.c @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * P-SEAMLDR support for TDX Module management features like runtime updates + * + * Copyright (C) 2025 Intel Corporation + */ +#define pr_fmt(fmt) "seamldr: " fmt + +#include + +#include "seamcall_internal.h" + +/* + * Serialize P-SEAMLDR calls since the hardware only allows a single CPU to + * interact with P-SEAMLDR simultaneously. + */ +static DEFINE_RAW_SPINLOCK(seamldr_lock); + +static __maybe_unused int seamldr_call(u64 fn, struct tdx_module_args *args) +{ + /* + * Serialize P-SEAMLDR calls and disable interrupts as the calls + * can be made from IRQ context. + */ + guard(raw_spinlock_irqsave)(&seamldr_lock); + return seamcall_prerr(fn, args); +} -- 2.47.3