Re: [RFC PATCH 14/15] x86/virt/tdx: Embed version info in SEAMCALL leaf function definitions
From: Xu Yilun
Date: Sat Jun 13 2026 - 12:20:33 EST
On Fri, Jun 12, 2026 at 08:47:26AM +0300, Adrian Hunter wrote:
> On 22/05/2026 06:41, Xu Yilun wrote:
> > Embed version information in SEAMCALL leaf function definitions rather
> > than let the caller open code them. For now, only TDH.VP.INIT is
> > involved.
>
> > @@ -31,7 +44,7 @@
> > #define TDH_VP_CREATE 10
> > #define TDH_MNG_KEY_FREEID 20
> > #define TDH_MNG_INIT 21
> > -#define TDH_VP_INIT 22
> > +#define TDH_VP_INIT SEAMCALL_LEAF_VER(22, 1)
>
> FWIW I find the macro a bit ugly, and hiding the version number in
> the leaf number macro a little counter-intuitive compared with setting
> it at the call site. It anyway needs some explanation at the call site.
We actually discussed about this and realized we don't need to keep
version. This is because:
1. Newer version SEAMCALLs are always compatible with older ones.
2. System security requires us to stop using an older TDX module when
there is a newer one. So don't try to support an older TDX module
which doesn't understand newer version SEAMCALLs.
https://lore.kernel.org/all/ca331aa3-6304-4e07-9ed9-94dc69726382@xxxxxxxxx/
>
> > @@ -2217,8 +2217,8 @@ u64 tdh_vp_init(struct tdx_vp *vp, u64 initial_rcx, u32 x2apicid)
> > .r8 = x2apicid,
> > };
> >
> > - /* apicid requires version == 1. */
> > - return seamcall(TDH_VP_INIT | (1ULL << TDX_VERSION_SHIFT), &args);
> > + /* apicid requires version == 1. See TDH_VP_INIT definition.*/
> > + return seamcall(TDH_VP_INIT, &args);
>
> Now the reader has to go look at TDH_VP_INIT.
mm.. I think I should just delete the comment.