[tip: x86/tdx] x86/virt/seamldr: Add module update locking

[tip-bot2 for Dave Hansen]

The following commit has been merged into the x86/tdx branch of tip:

Commit-ID:     d34f37c3101c0364dba0d561e4911bc6496a2d0a
Gitweb:        https://git.kernel.org/tip/d34f37c3101c0364dba0d561e4911bc6496a2d0a
Author:        Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
AuthorDate:    Fri, 22 May 2026 08:43:02 -07:00
Committer:     Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
CommitterDate: Tue, 26 May 2026 08:29:15 -07:00

x86/virt/seamldr: Add module update locking

TDX metadata like the version number changes during a module update.
Add functions to lock out module updates.

The current stop_machine() implementation uses worker threads. The
scheduler actually does a full, normal context switch over to that
thread. preempt_disable() obviously inhibits that context switch and
thus, locks out stop_machine() users like the module update.

Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
---
 arch/x86/include/asm/seamldr.h  |  2 ++
 arch/x86/virt/vmx/tdx/seamldr.c | 16 ++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/arch/x86/include/asm/seamldr.h b/arch/x86/include/asm/seamldr.h
index 43084e2..cfc6a1b 100644
--- a/arch/x86/include/asm/seamldr.h
+++ b/arch/x86/include/asm/seamldr.h
@@ -32,5 +32,7 @@ static_assert(sizeof(struct seamldr_info) == 256);
 
 int seamldr_get_info(struct seamldr_info *seamldr_info);
 int seamldr_install_module(const u8 *data, u32 data_len);
+void seamldr_lock_module_update(void);
+void seamldr_unlock_module_update(void);
 
 #endif /* _ASM_X86_SEAMLDR_H */
diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c
index f5591d7..b1137ca 100644
--- a/arch/x86/virt/vmx/tdx/seamldr.c
+++ b/arch/x86/virt/vmx/tdx/seamldr.c
@@ -350,3 +350,19 @@ out:
 	return ret;
 }
 EXPORT_SYMBOL_FOR_MODULES(seamldr_install_module, "tdx-host");
+
+/*
+ * stop_machine() does not interrupt preemption-disabled regions.
+ * Simply disabling preempt prevents updates.
+ */
+void seamldr_lock_module_update(void)
+{
+	preempt_disable();
+}
+EXPORT_SYMBOL_FOR_MODULES(seamldr_lock_module_update, "tdx-host");
+
+void seamldr_unlock_module_update(void)
+{
+	preempt_enable();
+}
+EXPORT_SYMBOL_FOR_MODULES(seamldr_unlock_module_update, "tdx-host");