From: Chao Gao Date: Wed, 20 May 2026 22:29:08 +0000 (-0700) Subject: x86/virt/seamldr: Install a new TDX module X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=2bfb2ef877f510bc6ebe8a74ce0877d290dc8bcd;p=thirdparty%2Fkernel%2Flinux.git x86/virt/seamldr: Install a new TDX module Continue fleshing out the update proces. The old module is shut down and the system is ready for the new module image. Run the SEAMLDR.INSTALL SEAMCALL on all CPUs. Signed-off-by: Chao Gao Signed-off-by: Dave Hansen Reviewed-by: Tony Lindgren Reviewed-by: Kai Huang Reviewed-by: Xu Yilun Reviewed-by: Kiryl Shutsemau (Meta) Reviewed-by: Rick Edgecombe Link: https://patch.msgid.link/20260520133909.409394-19-chao.gao@intel.com --- diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c index 3fe1d397ecd11..54fa797a20191 100644 --- a/arch/x86/virt/vmx/tdx/seamldr.c +++ b/arch/x86/virt/vmx/tdx/seamldr.c @@ -22,6 +22,7 @@ /* P-SEAMLDR SEAMCALL leaf function */ #define P_SEAMLDR_INFO 0x8000000000000000 +#define P_SEAMLDR_INSTALL 0x8000000000000001 #define SEAMLDR_MAX_NR_MODULE_PAGES 496 #define SEAMLDR_MAX_NR_SIG_PAGES 1 @@ -89,6 +90,15 @@ int seamldr_get_info(struct seamldr_info *seamldr_info) } EXPORT_SYMBOL_FOR_MODULES(seamldr_get_info, "tdx-host"); +/* Call into P-SEAMLDR to install a TDX module update */ +static int seamldr_install(const struct seamldr_params *params) +{ + struct tdx_module_args args = {}; + + args.rcx = __pa(params); + return seamldr_call(P_SEAMLDR_INSTALL, &args); +} + #define TDX_IMAGE_VERSION_2 0x200 /* First page of the on-disk module update image: */ @@ -198,6 +208,7 @@ static int init_seamldr_params(struct seamldr_params *params, enum module_update_state { MODULE_UPDATE_START, MODULE_UPDATE_SHUTDOWN, + MODULE_UPDATE_CPU_INSTALL, MODULE_UPDATE_DONE, }; @@ -273,6 +284,9 @@ static int do_seamldr_install_module(void *seamldr_params) if (is_lead_cpu) ret = tdx_module_shutdown(); break; + case MODULE_UPDATE_CPU_INSTALL: + ret = seamldr_install(seamldr_params); + break; default: break; }