After providing all required memory to TDX Module, initialize the
Extensions via TDH.EXT.INIT, and then Extension-SEAMCALLs can be used.

The initialization of Extensions touches the required memory (previously
provided by TDH.EXT.MEM.ADD) in private manner. If failed, flush cache
before freeing these memory, to avoid private cache write back damages
the shared pages.

TDX should use movdir64b to clear private pages when reclaiming them on
older platforms with the X86_BUG_TDX_PW_MCE erratum. For simplicity,
don't expect this errata on any TDX Extensions supported platform. So
TDX Extensions & all features that require TDX Extensions (e.g. TDX
Connect) will not call the clearing helpers.

Note the "ext_required" global metadata specifies if TDH.EXT.INIT call
is needed. If 0, the Extensions are already working, so skip the SEAMCALL.

Co-developed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Signed-off-by: Xu Yilun <yilun.xu@linux.intel.com>
---
 arch/x86/virt/vmx/tdx/tdx.h |  1 +
 arch/x86/virt/vmx/tdx/tdx.c | 45 +++++++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h
index 31ccdfcf518c..a26fe94c07ff 100644
--- a/arch/x86/virt/vmx/tdx/tdx.h
+++ b/arch/x86/virt/vmx/tdx/tdx.h
@@ -60,6 +60,7 @@
 #define TDH_VP_WR			43
 #define TDH_SYS_CONFIG_V0		45
 #define TDH_SYS_CONFIG			SEAMCALL_LEAF_VER(TDH_SYS_CONFIG_V0, 1)
+#define TDH_EXT_INIT			60
 #define TDH_EXT_MEM_ADD			61
 
 /* TDX page types */
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index 5fae17c13191..4134f92425da 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -1519,6 +1519,23 @@ static void tdx_clflush_page_array(struct tdx_page_array *array)
 		tdx_clflush_page(array->pages[array->offset + i]);
 }
 
+/* Initialize the TDX Module Extensions then Extension-SEAMCALLs can be used */
+static int tdx_ext_init(void)
+{
+	struct tdx_module_args args = {};
+	u64 r;
+
+	do {
+		r = seamcall(TDH_EXT_INIT, &args);
+		cond_resched();
+	} while (r == TDX_INTERRUPTED_RESUMABLE);
+
+	if (r != TDX_SUCCESS)
+		return -EFAULT;
+
+	return 0;
+}
+
 static int tdx_ext_mem_add(struct tdx_page_array *ext_mem)
 {
 	struct tdx_module_args args = {
@@ -1572,6 +1589,17 @@ static int __maybe_unused init_tdx_ext(void)
 	if (!(tdx_sysinfo.features.tdx_features0 & TDX_FEATURES0_EXT))
 		return 0;
 
+	/*
+	 * With this errata, TDX should use movdir64b to clear private pages
+	 * when reclaiming them. See tdx_quirk_reset_paddr().
+	 *
+	 * Don't expect this errata on any TDX Extensions supported platform.
+	 * All features require TDX Extensions (including TDX Extensions
+	 * itself) will never call tdx_quirk_reset_paddr().
+	 */
+	if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE))
+		return -ENXIO;
+
 	nr_pages = tdx_sysinfo.ext.memory_pool_required_pages;
 	/*
 	 * memory_pool_required_pages == 0 means no need to add more pages,
@@ -1587,6 +1615,20 @@ static int __maybe_unused init_tdx_ext(void)
 			goto out_ext_mem;
 	}
 
+	/*
+	 * ext_required == 0 means no need to call TDH.EXT.INIT, the Extensions
+	 * are already working.
+	 */
+	if (tdx_sysinfo.ext.ext_required) {
+		ret = tdx_ext_init();
+		/*
+		 * Some pages may have been touched by the TDX module.
+		 * Flush cache before returning these pages to kernel.
+		 */
+		if (ret)
+			goto out_flush;
+	}
+
 	/* Extension memory is never reclaimed once assigned */
 	tdx_page_array_ctrl_leak(ext_mem);
 
@@ -1595,6 +1637,9 @@ static int __maybe_unused init_tdx_ext(void)
 
 	return 0;
 
+out_flush:
+	if (ext_mem)
+		wbinvd_on_all_cpus();
 out_ext_mem:
 	tdx_page_array_free(ext_mem);
 
-- 
2.25.1

On Sat, 2026-03-28 at 00:01 +0800, Xu Yilun wrote:
> After providing all required memory to TDX Module, initialize the
> Extensions via TDH.EXT.INIT, and then Extension-SEAMCALLs can be used.
> 
> The initialization of Extensions touches the required memory (previously
> provided by TDH.EXT.MEM.ADD) in private manner. If failed, flush cache
> before freeing these memory, to avoid private cache write back damages
> the shared pages.
> 
> TDX should use movdir64b to clear private pages when reclaiming them on
> older platforms with the X86_BUG_TDX_PW_MCE erratum. For simplicity,
> don't expect this errata on any TDX Extensions supported platform. So
> TDX Extensions & all features that require TDX Extensions (e.g. TDX
> Connect) will not call the clearing helpers.
> 
> Note the "ext_required" global metadata specifies if TDH.EXT.INIT call
> is needed. If 0, the Extensions are already working, so skip the SEAMCALL.
> 
> Co-developed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
> Signed-off-by: Xu Yilun <yilun.xu@linux.intel.com>
> ---
>  arch/x86/virt/vmx/tdx/tdx.h |  1 +
>  arch/x86/virt/vmx/tdx/tdx.c | 45 +++++++++++++++++++++++++++++++++++++
>  2 files changed, 46 insertions(+)
> 
> diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h
> index 31ccdfcf518c..a26fe94c07ff 100644
> --- a/arch/x86/virt/vmx/tdx/tdx.h
> +++ b/arch/x86/virt/vmx/tdx/tdx.h
> @@ -60,6 +60,7 @@
>  #define TDH_VP_WR			43
>  #define TDH_SYS_CONFIG_V0		45
>  #define TDH_SYS_CONFIG			SEAMCALL_LEAF_VER(TDH_SYS_CONFIG_V0, 1)
> +#define TDH_EXT_INIT			60
>  #define TDH_EXT_MEM_ADD			61
>  
>  /* TDX page types */
> diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
> index 5fae17c13191..4134f92425da 100644
> --- a/arch/x86/virt/vmx/tdx/tdx.c
> +++ b/arch/x86/virt/vmx/tdx/tdx.c
> @@ -1519,6 +1519,23 @@ static void tdx_clflush_page_array(struct tdx_page_array *array)
>  		tdx_clflush_page(array->pages[array->offset + i]);
>  }
>  
> +/* Initialize the TDX Module Extensions then Extension-SEAMCALLs can be used */
> +static int tdx_ext_init(void)
> +{
> +	struct tdx_module_args args = {};
> +	u64 r;
> +
> +	do {
> +		r = seamcall(TDH_EXT_INIT, &args);
> +		cond_resched();
> +	} while (r == TDX_INTERRUPTED_RESUMABLE);
> +
> +	if (r != TDX_SUCCESS)
> +		return -EFAULT;
> +
> +	return 0;
> +}
> +
>  static int tdx_ext_mem_add(struct tdx_page_array *ext_mem)
>  {
>  	struct tdx_module_args args = {
> @@ -1572,6 +1589,17 @@ static int __maybe_unused init_tdx_ext(void)
>  	if (!(tdx_sysinfo.features.tdx_features0 & TDX_FEATURES0_EXT))
>  		return 0;
>  
> +	/*
> +	 * With this errata, TDX should use movdir64b to clear private pages
> +	 * when reclaiming them. See tdx_quirk_reset_paddr().
> +	 *
> +	 * Don't expect this errata on any TDX Extensions supported platform.
> +	 * All features require TDX Extensions (including TDX Extensions
> +	 * itself) will never call tdx_quirk_reset_paddr().
> +	 */
> +	if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE))
> +		return -ENXIO;

I don't know if we are going to want to sprinkle these over every new feature
until the end of time. If this feature will only show up on the platforms with
this erratum, then I say we just drop the check.

> +
>  	nr_pages = tdx_sysinfo.ext.memory_pool_required_pages;
>  	/*
>  	 * memory_pool_required_pages == 0 means no need to add more pages,
> @@ -1587,6 +1615,20 @@ static int __maybe_unused init_tdx_ext(void)
>  			goto out_ext_mem;
>  	}
>  
> +	/*
> +	 * ext_required == 0 means no need to call TDH.EXT.INIT, the Extensions
> +	 * are already working.

How does this scenario happen exactly? And why not check it above at the
beginning? Before the allocation, so it doesn't need to free.

Is there a scenario where the memory needs to be given, but the extension is
already inited?

> +	 */
> +	if (tdx_sysinfo.ext.ext_required) {
> +		ret = tdx_ext_init();
> +		/*
> +		 * Some pages may have been touched by the TDX module.
> +		 * Flush cache before returning these pages to kernel.
> +		 */
> +		if (ret)
> +			goto out_flush;
> +	}
> +
>  	/* Extension memory is never reclaimed once assigned */
>  	tdx_page_array_ctrl_leak(ext_mem);
>  
> @@ -1595,6 +1637,9 @@ static int __maybe_unused init_tdx_ext(void)
>  
>  	return 0;
>  
> +out_flush:
> +	if (ext_mem)

For the error path we don't need to be efficient. But also why does it assume
tdx_ext_init() can touch the pages, but tdx_ext_mem_add() can't?


> +		wbinvd_on_all_cpus();
>  out_ext_mem:
>  	tdx_page_array_free(ext_mem);
>  

> >  static int tdx_ext_mem_add(struct tdx_page_array *ext_mem)
> >  {
> >  	struct tdx_module_args args = {
> > @@ -1572,6 +1589,17 @@ static int __maybe_unused init_tdx_ext(void)
> >  	if (!(tdx_sysinfo.features.tdx_features0 & TDX_FEATURES0_EXT))
> >  		return 0;
> >  
> > +	/*
> > +	 * With this errata, TDX should use movdir64b to clear private pages
> > +	 * when reclaiming them. See tdx_quirk_reset_paddr().
> > +	 *
> > +	 * Don't expect this errata on any TDX Extensions supported platform.
> > +	 * All features require TDX Extensions (including TDX Extensions
> > +	 * itself) will never call tdx_quirk_reset_paddr().
> > +	 */
> > +	if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE))
> > +		return -ENXIO;
> 
> I don't know if we are going to want to sprinkle these over every new feature
> until the end of time. If this feature will only show up on the platforms with
> this erratum, then I say we just drop the check.

Make sense.

> 
> > +
> >  	nr_pages = tdx_sysinfo.ext.memory_pool_required_pages;
> >  	/*
> >  	 * memory_pool_required_pages == 0 means no need to add more pages,
> > @@ -1587,6 +1615,20 @@ static int __maybe_unused init_tdx_ext(void)
> >  			goto out_ext_mem;
> >  	}
> >  
> > +	/*
> > +	 * ext_required == 0 means no need to call TDH.EXT.INIT, the Extensions
> > +	 * are already working.
> 
> How does this scenario happen exactly? And why not check it above at the
> beginning? Before the allocation, so it doesn't need to free.
> 
> Is there a scenario where the memory needs to be given, but the extension is
> already inited?

mm.. you are right. It leads to something absurd.

I checked with TDX Module team again. The correct understanding is:

 - TDX_FEATURES0_EXT bit shows Extensions is supported.
 - optional feature bits are selected on TDH_SYS_CONFIG
 - If one of the optional feature (e.g. TDX CONNECT) requires Extention,
   memory_pool_required_pages > 0 && ext_required == 1. Otherwise no
   need to initialize Extension.

So yes, I should check memory_pool_required_pages && ext_required at the
beginning.

> 
> > +	 */
> > +	if (tdx_sysinfo.ext.ext_required) {
> > +		ret = tdx_ext_init();
> > +		/*
> > +		 * Some pages may have been touched by the TDX module.
> > +		 * Flush cache before returning these pages to kernel.
> > +		 */
> > +		if (ret)
> > +			goto out_flush;
> > +	}
> > +
> >  	/* Extension memory is never reclaimed once assigned */
> >  	tdx_page_array_ctrl_leak(ext_mem);
> >  
> > @@ -1595,6 +1637,9 @@ static int __maybe_unused init_tdx_ext(void)
> >  
> >  	return 0;
> >  
> > +out_flush:
> > +	if (ext_mem)
> 
> For the error path we don't need to be efficient. But also why does it assume
> tdx_ext_init() can touch the pages, but tdx_ext_mem_add() can't?

The tdx_ext_mem_add() only collects memory, tdx_ext_init() does the
actual initialization for Extensions and touches the memory. But the
detail of when touching the pages is not specified in SPEC, do you think
host doesn't have to tell the difference, just flush when any one of
ext-SEAMCALLs is called?

> 
> 
> > +		wbinvd_on_all_cpus();
> >  out_ext_mem:
> >  	tdx_page_array_free(ext_mem);
> >  
>

On Tue, 2026-03-31 at 22:58 +0800, Xu Yilun wrote:
> > > +	/*
> > > +	 * ext_required == 0 means no need to call TDH.EXT.INIT, the Extensions
> > > +	 * are already working.
> > 
> > How does this scenario happen exactly? And why not check it above at the
> > beginning? Before the allocation, so it doesn't need to free.
> > 
> > Is there a scenario where the memory needs to be given, but the extension is
> > already inited?
> 
> mm.. you are right. It leads to something absurd.
> 
> I checked with TDX Module team again. The correct understanding is:
> 
>  - TDX_FEATURES0_EXT bit shows Extensions is supported.
>  - optional feature bits are selected on TDH_SYS_CONFIG
>  - If one of the optional feature (e.g. TDX CONNECT) requires Extention,
>    memory_pool_required_pages > 0 && ext_required == 1. Otherwise no
>    need to initialize Extension.
> 
> So yes, I should check memory_pool_required_pages && ext_required at the
> beginning.

My understanding is different:

Per spec, the 'EXT_REQUIRED' global metadata just means "Return true if the
TDH.EXT.INIT is required to be called", so I think, architecturally, it's
possible that one particular feature only requires additional memory pool
but doesn't explicitly need to call TDH.EXT.INIT.  Or some feature may not
require any additional memory pool but needs TDH.EXT.INIT.  Or require both
(such as TDX Connect I presume).

We can safely assume 2) and 3) are not required if no feature is configured
in 1) (backward compatibility).  But when there is, I think we can just:

1) If 'MEMORY_POOL_REQUIRED_PAGES' is not zero, do TDH.EXT.MEM.ADD
2) If 'EXT_REQUIRED' is true, do TDH.EXT.INIT