From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48FE5343D7B for ; Mon, 27 Apr 2026 15:30:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.20 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777303801; cv=none; b=npn5BBAVKgPNjDc+xsfrAV9ojBCDWwHMpfq7/LI+LfQss7QAURcRTqmkzMBTNuZr3T0L1/eDk6zF4lrVQEYMKFtev42IhI/cMWytY0p5v+WWBY7YQVCplvREvcSUdxtGYPpoGT4ksE7UcapB/KtE3QIy13dzELwrlr0t/GXlsfE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777303801; c=relaxed/simple; bh=7jJ7eblQ5a5Un2crtpNxhvp6+2PVrme2ig2h67JHyH4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=m42S6oZjRLXioNO8oz0i+NHJJBvxhtCTYW7V5fVk8AuyWycUokjSsZ1cUkPWcjNFKgWrokk4ILLX0DV9pE4ic+Tokwsn6IpXCduhSkeGWlb2HRHR1ameo6og3ZKH7L4QMlBMSAkTKz6wlSBcbdwM8uGixZatr1HHle4C92NR0gM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=bAJ8R1rP; arc=none smtp.client-ip=198.175.65.20 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="bAJ8R1rP" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1777303800; x=1808839800; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7jJ7eblQ5a5Un2crtpNxhvp6+2PVrme2ig2h67JHyH4=; b=bAJ8R1rPwZl6Mi6am2dAgx3O+ddA9DbHvqWV6el+dIkVqIzjlYMgcUY4 Dm17bVZEYSfa1/d+kRDIbcicwMRTm6so91dI9d1c8Iy41WG5i87AY76nn EbPLNIJKLcuX0ZyszrtPi59/DQXuIGBhkM+fxDUywOUr1FtJBGA4A0xsF 8UK5QKslr+aRLCNdtgYO9I4JD2xY0xEJtHzkvqNgSsKQu7jflcMtdkBOJ cUpkJBrBE+uzBDjq97upDLbdRRmaJCE2hy1z7VhsaKI9TLJOXaOF5rg8U PSMAYEsJb/jDp+H/GoKHOw8X6vWC3i2BdVGFypJCkjVkDm0zAxLdz6ClW Q==; X-CSE-ConnectionGUID: D/wCfTe/TX6veLjZYtwqkw== X-CSE-MsgGUID: OigJk8fAR4aevSwZ57HApg== X-IronPort-AV: E=McAfee;i="6800,10657,11769"; a="77900679" X-IronPort-AV: E=Sophos;i="6.23,202,1770624000"; d="scan'208";a="77900679" Received: from orviesa006.jf.intel.com ([10.64.159.146]) by orvoesa112.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2026 08:29:57 -0700 X-CSE-ConnectionGUID: JA9RVQmKSkG+1Qc82mzNdQ== X-CSE-MsgGUID: 5KJncBUWRwC/9oNpjMI1hw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,202,1770624000"; d="scan'208";a="232673227" Received: from 984fee019967.jf.intel.com ([10.23.153.244]) by orviesa006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2026 08:29:57 -0700 From: Chao Gao To: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, x86@kernel.org Cc: binbin.wu@linux.intel.com, dave.hansen@linux.intel.com, djbw@kernel.org, ira.weiny@intel.com, kai.huang@intel.com, kas@kernel.org, nik.borisov@suse.com, paulmck@kernel.org, pbonzini@redhat.com, reinette.chatre@intel.com, rick.p.edgecombe@intel.com, sagis@google.com, seanjc@google.com, tony.lindgren@linux.intel.com, vannapurve@google.com, vishal.l.verma@intel.com, yilun.xu@linux.intel.com, xiaoyao.li@intel.com, yan.y.zhao@intel.com, Chao Gao , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" Subject: [PATCH v8 05/21] x86/virt/seamldr: Add a helper to retrieve P-SEAMLDR information Date: Mon, 27 Apr 2026 08:27:59 -0700 Message-ID: <20260427152854.101171-6-chao.gao@intel.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20260427152854.101171-1-chao.gao@intel.com> References: <20260427152854.101171-1-chao.gao@intel.com> Precedence: bulk X-Mailing-List: linux-coco@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit P-SEAMLDR reports its state via SEAMLDR.INFO, including its version and the number of remaining runtime updates. This information is useful for userspace. For example, the admin can use the P-SEAMLDR version to determine whether a candidate TDX module is compatible with the running loader, and can use the remaining update count to determine whether another runtime update is still possible. Add a helper to retrieve P-SEAMLDR information in preparation for exposing P-SEAMLDR version and other necessary information to userspace. Export the new kAPI for use by tdx-host.ko. Note that there are two distinct P-SEAMLDR APIs with similar names: SEAMLDR.INFO: Returns a SEAMLDR_INFO structure containing SEAMLDR information such as version and remaining updates. SEAMLDR.SEAMINFO: Returns a SEAMLDR_SEAMINFO structure containing SEAM and system information such as Convertible Memory Regions (CMRs) and number of CPUs and sockets. The former is used here. For details, see "IntelĀ® Trust Domain Extensions - SEAM Loader (SEAMLDR) Interface Specification". Signed-off-by: Chao Gao Reviewed-by: Kai Huang Reviewed-by: Kiryl Shutsemau (Meta) Reviewed-by: Xiaoyao Li Reviewed-by: Rick Edgecombe --- arch/x86/include/asm/seamldr.h | 36 +++++++++++++++++++++++++++++++++ arch/x86/virt/vmx/tdx/seamldr.c | 20 +++++++++++++++++- 2 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 arch/x86/include/asm/seamldr.h diff --git a/arch/x86/include/asm/seamldr.h b/arch/x86/include/asm/seamldr.h new file mode 100644 index 000000000000..c67e5bc910a9 --- /dev/null +++ b/arch/x86/include/asm/seamldr.h @@ -0,0 +1,36 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_SEAMLDR_H +#define _ASM_X86_SEAMLDR_H + +#include + +/* + * This is called the "SEAMLDR_INFO" data structure and is defined + * in "SEAM Loader (SEAMLDR) Interface Specification". + * + * The SEAMLDR.INFO documentation requires this to be aligned to a + * 256-byte boundary. + */ +struct seamldr_info { + u32 version; + u32 attributes; + u32 vendor_id; + u32 build_date; + u16 build_num; + u16 minor_version; + u16 major_version; + u16 update_version; + u32 acm_x2apicid; + u32 num_remaining_updates; + u8 seam_info[128]; + u8 seam_ready; + u8 seam_debug; + u8 p_seam_ready; + u8 reserved[93]; +} __packed __aligned(256); + +static_assert(sizeof(struct seamldr_info) == 256); + +int seamldr_get_info(struct seamldr_info *seamldr_info); + +#endif /* _ASM_X86_SEAMLDR_H */ diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c index 65616dd2f4d2..7269a239bc22 100644 --- a/arch/x86/virt/vmx/tdx/seamldr.c +++ b/arch/x86/virt/vmx/tdx/seamldr.c @@ -8,8 +8,13 @@ #include +#include + #include "seamcall_internal.h" +/* P-SEAMLDR SEAMCALL leaf function */ +#define P_SEAMLDR_INFO 0x8000000000000000 + /* * Serialize P-SEAMLDR calls since the hardware only allows a single CPU to * interact with P-SEAMLDR simultaneously. Use raw version as the calls can @@ -18,8 +23,21 @@ */ static DEFINE_RAW_SPINLOCK(seamldr_lock); -static __maybe_unused int seamldr_call(u64 fn, struct tdx_module_args *args) +static int seamldr_call(u64 fn, struct tdx_module_args *args) { guard(raw_spinlock)(&seamldr_lock); return seamcall_prerr(fn, args); } + +int seamldr_get_info(struct seamldr_info *seamldr_info) +{ + struct tdx_module_args args = {}; + + /* + * Use slow_virt_to_phys() since @seamldr_info may be allocated on + * the stack. + */ + args.rcx = slow_virt_to_phys(seamldr_info); + return seamldr_call(P_SEAMLDR_INFO, &args); +} +EXPORT_SYMBOL_FOR_MODULES(seamldr_get_info, "tdx-host"); -- 2.47.1