> From: Huang, Kai <kai.huang@xxxxxxxxx> > Sent: Monday, March 28, 2022 9:42 AM > > > > > > > > > > A CPU-attested software module (called the 'TDX module') runs in SEAM > > > VMX root to manage the crypto protected VMs running in SEAM VMX > non- > > > root. > > > SEAM VMX root is also used to host another CPU-attested software > module > > > (called the 'P-SEAMLDR') to load and update the TDX module. > > > > > > Host kernel transits to either the P-SEAMLDR or the TDX module via the > > > new SEAMCALL instruction. SEAMCALLs are host-side interface functions > > > defined by the P-SEAMLDR and the TDX module around the new > SEAMCALL > > > instruction. They are similar to a hypercall, except they are made by > > > > "SEAMCALLs are ... functions ... around the new SEAMCALL instruction" > > > > This is confusing. Probably just: > > May I ask why is it confusing? SEAMCALL is an instruction. One of its arguments carries the function number.