From nobody Mon Jun  8 07:24:55 2026
Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 11EA13D4103;
	Fri,  5 Jun 2026 21:25:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=193.142.43.55
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1780694719; cv=none;
 b=a/6Zg8/8tT8UP57ns7g32hAEhaoTLyRLqv7EF2hruPh5mAacgLDmLlTWStG2N5foaNn/6mJme6QsEFdeMwc/bxw1K4Y4Nh+pceGcopl6osK8srPoNIQ7mTaT/hCqvZeBHKXTwK6rXm2nAzHgbI01KGKj7Ey+MF9PprNJucI2wo8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1780694719; c=relaxed/simple;
	bh=cmZdkSTnfQqg6Ieng9XWuhaTVA4giOGQohfXo89+O1Q=;
	h=Date:From:To:Subject:Cc:In-Reply-To:References:MIME-Version:
	 Message-ID:Content-Type;
 b=MHJPs8Q5gmxrF3ku4EkwEZIMQrp1CT9fs1hQfOTFKyWFXlwuprwhicETqMFraeHe3Buu4stVv7M37O7NfQbc38mPOAzLt/fVVW67AGyzQEJsxhchy67PH2nBbzvi6KqfUNmyLNtpRFYyw8j1lsgJFXaT60NGRJ4uJSLMDwVD3H0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=linutronix.de;
 spf=pass smtp.mailfrom=linutronix.de;
 dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de
 header.b=hgkWthJO;
 dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de
 header.b=wNmMUm9c; arc=none smtp.client-ip=193.142.43.55
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=linutronix.de
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=linutronix.de
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de
 header.b="hgkWthJO";
	dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de
 header.b="wNmMUm9c"
Date: Fri, 05 Jun 2026 21:25:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
	s=2020; t=1780694715;
	h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=GZ7tHqDCEmb9DLSSjgkbAQ/HwI6kpRve42vNawcbJXc=;
	b=hgkWthJOFhEwS3CV31S2EUM4kgTaNMUP1FcMg90KV3uhTIMIuG1BuZVF2L5rx6m9F3nqS6
	0Q2qSMoYqAogJxe5Mb5u8JiGPCD3h3mYEu2bF4ERnKuj/2bmqdh02bxNFhj8K0vUKTW4Uw
	kb31F2o5c8RNnW9oALyx7shIpja6qw5b55dXF3gm0t1pFfgrR496mm3U1r1Yx51rD4pFWA
	Y1/DxR+seRNCDP4h8c4FeHVVpBheAwiu4R6MbiBhFIBpe4PRJaKFl8CT3yuHrP8eWIBDMu
	ufMDDDZrQdHg8Wso+j0h3/WhRiNrzqYFYdB/FI2/AHt/84qQ1AmA0gTuAXe++g==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
	s=2020e; t=1780694715;
	h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=GZ7tHqDCEmb9DLSSjgkbAQ/HwI6kpRve42vNawcbJXc=;
	b=wNmMUm9c4sDirFno0WIu4l/gZrxAPCtZhs2qdMGuFUIcONX6D7WV21d7dfwPfvHfEmCp+5
	n160n/AfNLNJOdCQ==
From: "tip-bot2 for Chao Gao" <tip-bot2@linutronix.de>
Sender: tip-bot2@linutronix.de
Reply-to: linux-kernel@vger.kernel.org
To: linux-tip-commits@vger.kernel.org
Subject: [tip: x86/tdx] x86/virt/seamldr: Install a new TDX module
Cc: Chao Gao <chao.gao@intel.com>, Dave Hansen <dave.hansen@linux.intel.com>,
 Tony Lindgren <tony.lindgren@linux.intel.com>,
 Kai Huang <kai.huang@intel.com>, Xu Yilun <yilun.xu@linux.intel.com>,
 "Kiryl Shutsemau (Meta)" <kas@kernel.org>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>, x86@kernel.org,
 linux-kernel@vger.kernel.org
In-Reply-To: <20260520133909.409394-19-chao.gao@intel.com>
References: <20260520133909.409394-19-chao.gao@intel.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Message-ID: <178069471379.710.1358051880544510391.tip-bot2@tip-bot2>
Robot-ID: <tip-bot2@linutronix.de>
Robot-Unsubscribe: 
 Contact <mailto:tglx@kernel.org> to get blacklisted from these emails
Precedence: bulk
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

The following commit has been merged into the x86/tdx branch of tip:

Commit-ID:     2bfb2ef877f510bc6ebe8a74ce0877d290dc8bcd
Gitweb:        https://git.kernel.org/tip/2bfb2ef877f510bc6ebe8a74ce0877d29=
0dc8bcd
Author:        Chao Gao <chao.gao@intel.com>
AuthorDate:    Wed, 20 May 2026 15:29:08 -07:00
Committer:     Dave Hansen <dave.hansen@linux.intel.com>
CommitterDate: Wed, 03 Jun 2026 08:59:43 -07:00

x86/virt/seamldr: Install a new TDX module

Continue fleshing out the update proces. The old module is shut down
and the system is ready for the new module image. Run the
SEAMLDR.INSTALL SEAMCALL on all CPUs.

Signed-off-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Tony Lindgren <tony.lindgren@linux.intel.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Xu Yilun <yilun.xu@linux.intel.com>
Reviewed-by: Kiryl Shutsemau (Meta) <kas@kernel.org>
Reviewed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Link: https://patch.msgid.link/20260520133909.409394-19-chao.gao@intel.com
---
 arch/x86/virt/vmx/tdx/seamldr.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamld=
r.c
index 3fe1d39..54fa797 100644
--- a/arch/x86/virt/vmx/tdx/seamldr.c
+++ b/arch/x86/virt/vmx/tdx/seamldr.c
@@ -22,6 +22,7 @@
=20
 /* P-SEAMLDR SEAMCALL leaf function */
 #define P_SEAMLDR_INFO			0x8000000000000000
+#define P_SEAMLDR_INSTALL		0x8000000000000001
=20
 #define SEAMLDR_MAX_NR_MODULE_PAGES	496
 #define SEAMLDR_MAX_NR_SIG_PAGES	1
@@ -89,6 +90,15 @@ int seamldr_get_info(struct seamldr_info *seamldr_info)
 }
 EXPORT_SYMBOL_FOR_MODULES(seamldr_get_info, "tdx-host");
=20
+/* Call into P-SEAMLDR to install a TDX module update */
+static int seamldr_install(const struct seamldr_params *params)
+{
+	struct tdx_module_args args =3D {};
+
+	args.rcx =3D __pa(params);
+	return seamldr_call(P_SEAMLDR_INSTALL, &args);
+}
+
 #define TDX_IMAGE_VERSION_2		0x200
=20
 /* First page of the on-disk module update image: */
@@ -198,6 +208,7 @@ static int init_seamldr_params(struct seamldr_params *p=
arams,
 enum module_update_state {
 	MODULE_UPDATE_START,
 	MODULE_UPDATE_SHUTDOWN,
+	MODULE_UPDATE_CPU_INSTALL,
 	MODULE_UPDATE_DONE,
 };
=20
@@ -273,6 +284,9 @@ static int do_seamldr_install_module(void *seamldr_para=
ms)
 			if (is_lead_cpu)
 				ret =3D tdx_module_shutdown();
 			break;
+		case MODULE_UPDATE_CPU_INSTALL:
+			ret =3D seamldr_install(seamldr_params);
+			break;
 		default:
 			break;
 		}