| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9d0c6505922590655c79d4ef7880f4bae2a39ccf.camel@intel.com>
Date: Thu, 8 Jan 2026 20:30:39 +0000
From: "Verma, Vishal L" <vishal.l.verma@...el.com>
To: "kas@...nel.org" <kas@...nel.org>, "Edgecombe, Rick P"
<rick.p.edgecombe@...el.com>
CC: "Gao, Chao" <chao.gao@...el.com>, "mingo@...hat.com" <mingo@...hat.com>,
"Huang, Kai" <kai.huang@...el.com>, "x86@...nel.org" <x86@...nel.org>,
"hpa@...or.com" <hpa@...or.com>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "Williams, Dan J" <dan.j.williams@...el.com>,
"bp@...en8.de" <bp@...en8.de>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"tglx@...utronix.de" <tglx@...utronix.de>, "linux-coco@...ts.linux.dev"
<linux-coco@...ts.linux.dev>, "dave.hansen@...ux.intel.com"
<dave.hansen@...ux.intel.com>
Subject: Re: [PATCH 2/2] x86/virt/tdx: Print TDX module version during init
On Thu, 2026-01-08 at 20:20 +0000, Edgecombe, Rick P wrote:
> On Thu, 2026-01-08 at 18:39 +0000, Verma, Vishal L wrote:
> > > It can be useful to dump version information, even if get_tdx_sys_info()
> > > fails. Version info is likely to be valid on failure.
> >
> > Good point, maybe something like this to print it as soon as it is
> > retrieved?
> >
> > ---3<---
> >
> > diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
> > index fba00ddc11f1..5ce4ebe99774 100644
> > --- a/arch/x86/virt/vmx/tdx/tdx.c
> > +++ b/arch/x86/virt/vmx/tdx/tdx.c
> > @@ -1084,11 +1084,6 @@ static int init_tdx_module(void)
> > if (ret)
> > return ret;
> >
> > - pr_info("Module version: %u.%u.%02u\n",
> > - tdx_sysinfo.version.major_version,
> > - tdx_sysinfo.version.minor_version,
> > - tdx_sysinfo.version.update_version);
> > -
> > /* Check whether the kernel can support this module */
> > ret = check_features(&tdx_sysinfo);
> > if (ret)
> > diff --git a/arch/x86/virt/vmx/tdx/tdx_global_metadata.c
> > b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c
> > index 0454124803f3..4c9917a9c2c3 100644
> > --- a/arch/x86/virt/vmx/tdx/tdx_global_metadata.c
> > +++ b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c
> > @@ -105,6 +105,12 @@ static int get_tdx_sys_info(struct tdx_sys_info *sysinfo)
> > int ret = 0;
> >
> > ret = ret ?: get_tdx_sys_info_version(&sysinfo->version);
> > +
> > + pr_info("Module version: %u.%u.%02u\n",
> > + sysinfo->version.major_version,
> > + sysinfo->version.minor_version,
> > + sysinfo->version.update_version);
> > +
> > ret = ret ?: get_tdx_sys_info_features(&sysinfo->features);
> > ret = ret ?: get_tdx_sys_info_tdmr(&sysinfo->tdmr);
> > ret = ret ?: get_tdx_sys_info_td_ctrl(&sysinfo->td_ctrl);
>
> It's awkward because it doesn't check if get_tdx_sys_info_version() fails, even
> the though the rest of the code handles this case. I'd just leave it. Let's keep
> this as simple as possible, because anything here will be a huge upgrade.
I considered gating it on 'ret', but making it unconditional also
provides us an indirect hint as to which field failed to retrieve.
Do you mean leave it as in stick to printing only after
get_tdx_sys_info()?
Powered by blists - more mailing lists