P-SEAMLDR returns its information such as version number, in response to the SEAMLDR.INFO SEAMCALL. This information is useful for userspace. For example, the admin can decide which TDX module versions are compatible with the P-SEAMLDR according to the P-SEAMLDR version. Retrieve P-SEAMLDR information in preparation for exposing P-SEAMLDR version and other necessary information to userspace. Export the new kAPI for use by tdx-host.ko. Note that there are two distinct P-SEAMLDR APIs with similar names: SEAMLDR.INFO: Returns a SEAMLDR_INFO structure containing SEAMLDR information such as version and remaining updates. SEAMLDR.SEAMINFO: Returns a SEAMLDR_SEAMINFO structure containing SEAM and system information such as Convertible Memory Regions (CMRs) and number of CPUs and sockets. The former is used here. For details, see "IntelĀ® Trust Domain Extensions - SEAM Loader (SEAMLDR) Interface Specification" revision 343755-003. Signed-off-by: Chao Gao Tested-by: Farrah Chen --- v4: - put seamldr_info on stack [Dave] - improve changelogs to explain SEAMLDR.INFO and SEAMLDR.SEAMINFO [Dave] - add SEAMLDR spec information in the changelog [Dave] - add proper comments above ABI structure definition [Dave] - add unused ABI structure fields rather than marking them as reserved to better align with the specc [Dave] (I omitted "not used by kernel" tags since there are 5-6 such fields and maintaining these tags would be tedious.) --- arch/x86/include/asm/seamldr.h | 36 +++++++++++++++++++++++++++++++++ arch/x86/virt/vmx/tdx/seamldr.c | 15 +++++++++++++- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 arch/x86/include/asm/seamldr.h diff --git a/arch/x86/include/asm/seamldr.h b/arch/x86/include/asm/seamldr.h new file mode 100644 index 000000000000..954d850e34e3 --- /dev/null +++ b/arch/x86/include/asm/seamldr.h @@ -0,0 +1,36 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_SEAMLDR_H +#define _ASM_X86_SEAMLDR_H + +#include + +/* + * This called the "SEAMLDR_INFO" data structure and is defined + * in "SEAM Loader (SEAMLDR) Interface Specification". + * + * The SEAMLDR.INFO documentation requires this to be aligned to a + * 256-byte boundary. + */ +struct seamldr_info { + u32 version; + u32 attributes; + u32 vendor_id; + u32 build_date; + u16 build_num; + u16 minor_version; + u16 major_version; + u16 update_version; + u32 acm_x2apicid; + u32 num_remaining_updates; + u8 seam_info[128]; + u8 seam_ready; + u8 seam_debug; + u8 p_seam_ready; + u8 reserved[93]; +} __packed __aligned(256); + +static_assert(sizeof(struct seamldr_info) == 256); + +int seamldr_get_info(struct seamldr_info *seamldr_info); + +#endif /* _ASM_X86_SEAMLDR_H */ diff --git a/arch/x86/virt/vmx/tdx/seamldr.c b/arch/x86/virt/vmx/tdx/seamldr.c index fb59b3e2aa37..d17db3c0151e 100644 --- a/arch/x86/virt/vmx/tdx/seamldr.c +++ b/arch/x86/virt/vmx/tdx/seamldr.c @@ -8,15 +8,20 @@ #include +#include + #include "seamcall_internal.h" +/* P-SEAMLDR SEAMCALL leaf function */ +#define P_SEAMLDR_INFO 0x8000000000000000 + /* * Serialize P-SEAMLDR calls since the hardware only allows a single CPU to * interact with P-SEAMLDR simultaneously. */ static DEFINE_RAW_SPINLOCK(seamldr_lock); -static __maybe_unused int seamldr_call(u64 fn, struct tdx_module_args *args) +static int seamldr_call(u64 fn, struct tdx_module_args *args) { /* * Serialize P-SEAMLDR calls and disable interrupts as the calls @@ -25,3 +30,11 @@ static __maybe_unused int seamldr_call(u64 fn, struct tdx_module_args *args) guard(raw_spinlock_irqsave)(&seamldr_lock); return seamcall_prerr(fn, args); } + +int seamldr_get_info(struct seamldr_info *seamldr_info) +{ + struct tdx_module_args args = { .rcx = slow_virt_to_phys(seamldr_info) }; + + return seamldr_call(P_SEAMLDR_INFO, &args); +} +EXPORT_SYMBOL_FOR_MODULES(seamldr_get_info, "tdx-host"); -- 2.47.3