[PATCH v4 08/24] x86/virt/seamldr: Block TDX Module updates if any CPU is offline

Next message: Chao Gao: "[PATCH v4 10/24] x86/virt/seamldr: Allocate and populate a module update request"
Previous message: Chao Gao: "[PATCH v4 09/24] x86/virt/seamldr: Check update limit before TDX Module updates"
In reply to: Chao Gao: "[PATCH v4 09/24] x86/virt/seamldr: Check update limit before TDX Module updates"
Next in thread: Chao Gao: "[PATCH v4 10/24] x86/virt/seamldr: Allocate and populate a module update request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Chao Gao

Date: Thu Feb 12 2026 - 09:38:12 EST

P-SEAMLDR requires every CPU to call SEAMLDR.INSTALL during updates. So,
every CPU should be online during updates.

Check if all CPUs are online and abort the update if any CPU is offline at
the very beginning. Without this check, P-SEAMLDR will report failure at a
later phase where the old TDX module is gone and TDs have to be killed.

Hold cpus_read_lock to avoid races between CPU hotplug and TDX Module
updates.

Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
Reviewed-by: Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx>
Reviewed-by: Tony Lindgren <tony.lindgren@xxxxxxxxxxxxxxx>
---
arch/x86/virt/vmx/tdx/seamldr.c | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c
index 4d40b08f9bed..694243f1f220 100644
--- a/arch/x86/virt/vmx/tdx/seamldr.c
+++ b/arch/x86/virt/vmx/tdx/seamldr.c
@@ -6,6 +6,8 @@
*/
#define pr_fmt(fmt) "seamldr: " fmt

+#include <linux/cpuhplock.h>
+#include <linux/cpumask.h>
#include <linux/mm.h>
#include <linux/spinlock.h>

@@ -53,6 +55,12 @@ int seamldr_install_module(const u8 *data, u32 size)
if (WARN_ON_ONCE(!is_vmalloc_addr(data)))
return -EINVAL;

+ guard(cpus_read_lock)();
+ if (!cpumask_equal(cpu_online_mask, cpu_present_mask)) {
+ pr_err("Cannot update the TDX Module if any CPU is offline\n");
+ return -EBUSY;
+ }
+
/* TODO: Update TDX Module here */
return 0;
}
--
2.47.3