Re: [PATCH v2 21/31] x86/virt/tdx: Add SEAMCALL wrappers for trusted IOMMU setup and clear
From: Xu Yilun
Date: Wed Apr 22 2026 - 02:57:26 EST
On Thu, Apr 09, 2026 at 07:30:32AM +0000, Tian, Kevin wrote:
> > From: Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx>
> > Sent: Saturday, March 28, 2026 12:01 AM
> >
> > From: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxx>
> >
> > Add SEAMCALLs to setup/clear trusted IOMMU for TDX Connect.
>
> what is 'trusted IOMMU'? a new hardware, or some sensitive resource in
> the IOMMU which is only visible to TDX module?
Some extended HW resources in IOMMU so I think the later.
>
> If the latter it's clearer to say "trusted configuration in IOMMU".
Yeah. And I realized there are more configuration except IOMMU, so I
would say:
Add SEAMCALLs to setup/clear the IOMMU device and related I/O stack to
work in trusted (TDX) mode.
>
> >
> > Enable TEE I/O support for a target device requires to setup trusted IOMMU
> > for the related IOMMU device first, even only for enabling physical secure
> > links like SPDM/IDE.
>
> this series is just about SPDM/IDE. then the first part about TEE I/O is not
> really relevant.
This is truely obscure. I want to clarify some potential concern about
why we need to setup IOMMU when only to enable PCIe link encryption, my
re-phase:
With the setup SEAMCALL, TDX Module ensures that related resources in
the IOMMU device & I/O stack are in expected state and protected from
further untrusted access, so that subsequent SPDM/IDE enabling is
secure.
>
> >
> > TDH.IOMMU.SETUP takes the register base address (VTBAR) to position an
> > IOMMU device, and outputs an IOMMU_ID as the trusted IOMMU identifier.
> > TDH.IOMMU.CLEAR takes the IOMMU_ID to reverse the setup.
>
> Intel IOMMU is called VT-d. It has a register block but not a PCI device so
> there is no BAR resource related.
>
> let's just call it 'reg_base'
Yes.
>
> intel-iommu driver already has its own 'id' definition for each iommu device.
> It's clearer to add a prefix to this new id, e.g. tdx_iommu_id?
Yes.