| #
b0820861 |
| 16-Jun-2026 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge tag 'x86_tdx_for_7.2-rc1' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip
Pull x86 TDX updates from Dave Hansen: "There are a few cleanups, and some changes that should allow TDX and
Merge tag 'x86_tdx_for_7.2-rc1' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip
Pull x86 TDX updates from Dave Hansen: "There are a few cleanups, and some changes that should allow TDX and kexec to coexist nicely.
The biggest change, however, is support for updating the TDX module after boot, just like CPU microcode. TDX users really want this because it lets them do security updates without tearing things down and rebooting.
- Add TDX module update support
- Make kexec and TDX finally place nice together
- Put TDX error codes into a single header"
* tag 'x86_tdx_for_7.2-rc1' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (30 commits) x86/virt/tdx: Document TDX module update x86/virt/tdx: Enable TDX module runtime updates x86/virt/tdx: Refresh TDX module version after update coco/tdx-host: Lock out module updates when reading version x86/virt/seamldr: Add module update locking x86/virt/tdx: Restore TDX module state x86/virt/seamldr: Initialize the newly-installed TDX module x86/virt/seamldr: Install a new TDX module x86/virt/tdx: Reset software states during TDX module shutdown x86/virt/seamldr: Shut down the current TDX module x86/virt/seamldr: Abort updates after a failed step x86/virt/seamldr: Introduce skeleton for TDX module updates x86/virt/seamldr: Allocate and populate a module update request coco/tdx-host: Implement firmware upload sysfs ABI for TDX module updates coco/tdx-host: Don't expose P-SEAMLDR information on CPUs with erratum coco/tdx-host: Expose P-SEAMLDR information via sysfs x86/virt/seamldr: Add a helper to retrieve P-SEAMLDR information x86/virt/seamldr: Introduce a wrapper for P-SEAMLDR SEAMCALLs coco/tdx-host: Expose TDX module version coco/tdx-host: Introduce a "tdx_host" device ...
show more ...
|
| #
59783353 |
| 21-May-2026 |
Chao Gao <chao.gao@intel.com> |
coco/tdx-host: Introduce a "tdx_host" device
TDX depends on a platform firmware module that runs on the CPU. Unlike other CoCo architectures, TDX has no hardware "device" running the show, just a bl
coco/tdx-host: Introduce a "tdx_host" device
TDX depends on a platform firmware module that runs on the CPU. Unlike other CoCo architectures, TDX has no hardware "device" running the show, just a blob on the CPU.
Create a virtual device to anchor interactions with this platform firmware. This lets later code:
- expose metadata: TDX module version, seamldr version, to userspace as device attributes
- implement firmware uploader APIs (which are tied to a device) to support TDX module runtime updates
Use a faux device because the TDX module is singular within the system and has no platform resources. Using a faux device eliminates the need to create a stub bus.
The call to tdx_get_sysinfo() ensures that the TDX module is ready to provide services.
Note that AMD has a PCI device for the PSP for SEV and ARM CCA will likely have a faux device [1].
Thanks to Dan and Yilun for all the help on this one.
[ dhansen: trim changelog ]
Signed-off-by: Chao Gao <chao.gao@intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com> Reviewed-by: Tony Lindgren <tony.lindgren@linux.intel.com> Reviewed-by: Xu Yilun <yilun.xu@linux.intel.com> Reviewed-by: Kai Huang <kai.huang@intel.com> Reviewed-by: Kiryl Shutsemau (Meta) <kas@kernel.org> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Link: https://lore.kernel.org/all/2025073035-bulginess-rematch-b92e@gregkh/ # [1] Link: https://patch.msgid.link/20260520133909.409394-7-chao.gao@intel.com
show more ...
|