Re: [PATCH v7 06/22] coco/tdx-host: Expose P-SEAMLDR information via sysfs

Next message: Florian Fainelli: "Re: [PATCH 6.6 00/50] 6.6.135-rc1 review"
Previous message: Puranjay Mohan: "[PATCH bpf-next v2 1/2] bpf, arm64: Remove redundant bpf_flush_icache() after pack allocator finalize"
Next in thread: Chao Gao: "Re: [PATCH v7 06/22] coco/tdx-host: Expose P-SEAMLDR information via sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Edgecombe, Rick P

Date: Mon Apr 13 2026 - 15:14:02 EST

On Tue, 2026-03-31 at 05:41 -0700, Chao Gao wrote:
> TDX module updates require userspace to select the appropriate module
> to load. Expose necessary information to facilitate this decision. Two
> values are needed:
>
> - P-SEAMLDR version: for compatibility checks between TDX module and
> P-SEAMLDR
> - num_remaining_updates: indicates how many updates can be performed

Can you explain how all of these overlap?
- TDX module supports module update
- SEAMLDR supports NUM_REMAINING_UPDATES info
- SEAMLDR supports VERSION info

If the TDX module supports module update, do we know the SEAMLDR supports this
other stuff somehow? It might be worth a comment the reasoning.

>
> Expose them as tdx-host device attributes. Make seamldr attributes
> visible only when the update feature is supported, as that's their sole
> purpose.
>
> Unconditional exposure is also problematic because reading them
> triggers P-SEAMLDR calls that break KVM on CPUs with a specific erratum
> (to be enumerated and handled in a later patch).

Since this is later handled with the errata check, what is the point being made
here?

>
> Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
> Reviewed-by: Kiryl Shutsemau (Meta) <kas@xxxxxxxxxx>