| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6977e73a7a121_30951002f@dwillia2-mobl4.notmuch> Date: Mon, 26 Jan 2026 14:14:18 -0800 From: <dan.j.williams@...el.com> To: Chao Gao <chao.gao@...el.com>, <linux-coco@...ts.linux.dev>, <linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>, <x86@...nel.org> CC: <reinette.chatre@...el.com>, <ira.weiny@...el.com>, <kai.huang@...el.com>, <dan.j.williams@...el.com>, <yilun.xu@...ux.intel.com>, <sagis@...gle.com>, <vannapurve@...gle.com>, <paulmck@...nel.org>, <nik.borisov@...e.com>, <zhenzhong.duan@...el.com>, <seanjc@...gle.com>, <rick.p.edgecombe@...el.com>, <kas@...nel.org>, <dave.hansen@...ux.intel.com>, <vishal.l.verma@...el.com>, Chao Gao <chao.gao@...el.com> Subject: Re: [PATCH v3 26/26] coco/tdx-host: Set and document TDX Module update expectations Chao Gao wrote: > In rare cases, TDX Module updates may cause TD management operations to > fail if they occur during phases of the TD lifecycle that are sensitive > to update compatibility. No. The TDX Module wants to be able to claim that some updates are compatible when they are not. If Linux takes on additional exclusions it modestly increases the scope of changes that can be included in an update. It is not possible to claim "rare" if module updates routinely include that problematic scope. > But not all combinations of P-SEAMLDR, kernel, and TDX Module have the > capability to detect and prevent said incompatibilities. Completely > disabling TDX Module updates on platforms without the capability would > be overkill, as these incompatibility cases are rare and can be > addressed by userspace through coordinated scheduling of updates and TD > management operations. "Completely disabling" is not the tradeoff. The tradeoff is whether or not the TDX Module meets Linux compatible update requirements or not. > To set clear expectations for TDX Module updates, expose the capability > to detect and prevent these incompatibility cases via sysfs and > document the compatibility criteria and indications when those criteria > are violated. Linux derives no benefit from a "compat_capable" kernel ABI. Yes, the internals must export the error condition on collision. I am not debating that nor revisiting the decision of pre-update-fail, vs post-collision-notify. However, if the module violates the Linux expectations that is the module's issue to document or preclude. The fact that the compatibility contract is ambiguous to the kernel is a feature. It puts the onus squarely on module updates to be documented (or tools updated to understand) as meeting or violating Linux compatibility expectations. > Signed-off-by: Chao Gao <chao.gao@...el.com> > --- > v3: > - new, based on a reference patch from Dan Williams One of the details that is missing is the protocol (module documentation or tooling) to determine ahead of time if an update is compatible. That obviates the need for "compat_capable" ABI which serves no long term purpose. Specifically, the expectation is "run non-compatible updates at your own operational risk". So, remove "compat_capable" ABI. Amend the "error" ABI documentation with the details for avoiding failures and the risk of running updates on configurations that support update but not collision avoidance. > --- > .../ABI/testing/sysfs-devices-faux-tdx-host | 45 +++++++++++++++++++ > drivers/virt/coco/tdx-host/tdx-host.c | 13 ++++++ > 2 files changed, 58 insertions(+) [..] > > +What: /sys/devices/faux/tdx_host/firmware/seamldr_upload/error > +Contact: linux-coco@...ts.linux.dev > +Description: (RO) See Documentation/ABI/testing/sysfs-class-firmware for > + baseline expectations for this file. Updates that fail > + compatibility checks end with the "device-busy" error in the > + <STATUS>:<ERROR> format of this attribute. When this is > + signalled current TDs and the current TDX Module stay running. This wants something like --- See version_select_and_load.py [1] documentation for how to detect compatible updates and whether the current platform components catch errors or let them leak and cause potential TD attestation failures. [1]: https://github.com/intel/confidential-computing.tdx.tdx-module.binaries/blob/main/version_select_and_load.py --- ...although I do not immediately see any help text or Documentation for that tool.
Powered by blists - more mailing lists