[PATCH v4 16/24] x86/virt/seamldr: Install a new TDX Module
From: Chao Gao
Date: Thu Feb 12 2026 - 09:42:44 EST
Following the shutdown of the existing TDX Module, the update process
continues with installing the new module. P-SEAMLDR provides the
SEAMLDR.INSTALL SEAMCALL to perform this installation, which must be
executed serially across all CPUs.
Implement SEAMLDR.INSTALL and execute it on every CPU.
Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
Reviewed-by: Tony Lindgren <tony.lindgren@xxxxxxxxxxxxxxx>
---
arch/x86/virt/vmx/tdx/seamldr.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c
index 4e0a98404c7f..4537311780b1 100644
--- a/arch/x86/virt/vmx/tdx/seamldr.c
+++ b/arch/x86/virt/vmx/tdx/seamldr.c
@@ -22,6 +22,7 @@
/* P-SEAMLDR SEAMCALL leaf function */
#define P_SEAMLDR_INFO 0x8000000000000000
+#define P_SEAMLDR_INSTALL 0x8000000000000001
#define SEAMLDR_MAX_NR_MODULE_4KB_PAGES 496
#define SEAMLDR_MAX_NR_SIG_4KB_PAGES 4
@@ -198,6 +199,7 @@ static struct seamldr_params *init_seamldr_params(const u8 *data, u32 size)
enum tdp_state {
TDP_START,
TDP_SHUTDOWN,
+ TDP_CPU_INSTALL,
TDP_DONE,
};
@@ -232,9 +234,10 @@ static void print_update_failure_message(void)
* See multi_cpu_stop() from where this multi-cpu state-machine was
* adopted, and the rationale for touch_nmi_watchdog()
*/
-static int do_seamldr_install_module(void *params)
+static int do_seamldr_install_module(void *seamldr_params)
{
enum tdp_state newstate, curstate = TDP_START;
+ struct tdx_module_args args = {};
int cpu = smp_processor_id();
bool primary;
int ret = 0;
@@ -253,6 +256,10 @@ static int do_seamldr_install_module(void *params)
if (primary)
ret = tdx_module_shutdown();
break;
+ case TDP_CPU_INSTALL:
+ args.rcx = __pa(seamldr_params);
+ ret = seamldr_call(P_SEAMLDR_INSTALL, &args);
+ break;
default:
break;
}
--
2.47.3