From nobody Sun May 24 19:34:21 2026 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9B703655CB; Fri, 22 May 2026 17:26:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779470772; cv=none; b=ofGfe5PkQPVjyBBT8V1JyjvlV9F5d7vYumezVXfQAGFPIfdaeBRgDPOcQZYiEdoRhK10DF5qr/OHI2ny61ezw/bBMJCPFBK4p5xmz8vVjYRkDkVyTjqM9uDScecpF6C3EYHcT3coh2rVTfhM/syXOfB/jnTE0N35cxtdU8bE9YM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779470772; c=relaxed/simple; bh=tFH20/j9aIlifhePkHVNvmzZ6IOHHqPm769/jjTeKCc=; h=Date:From:To:Subject:Cc:MIME-Version:Message-ID:Content-Type; b=l9Z+KaB19jJR8J9SNJuD8L0BdZeDp/GPM5N05ozmKM9iVEG7rUgJalEljq0ojzfxp22rWv4Wa6wZU1hCw8z2p2tye9G7HscXpq62VUIzlS/i13DXsHu7Gjv5QVHli/96+GBXp7aBz9TSFLia1da/I0RqA61324zPM5LFNv+ssqY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=uiInbSdb; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=WnFP84GF; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="uiInbSdb"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="WnFP84GF" Date: Fri, 22 May 2026 17:26:07 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1779470769; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4yVQJ066XY31WcuyLtsJcjHwJGPWrO4ZCQ7YUHejJak=; b=uiInbSdbPRbxyFYgkvqJIC9PxfAljWC+nPxpaBHdiiw8AXmEADFx11nNMAguNW+KJD+K3d g2KU8lKMalRQxzTkOLu6FEjie5cusjRzaV/fscMudciS78s+bZxxkGu+gRREe2Y1aXwBtA IJAw5V/OfIAcFVUL9i+vLnQd2ijP4te5Br5x192yym6ZnVWcaokjz2gdymtyNfNIULnZwn 507O3hgBdsXWtD0u7+Y5WNhiY9+yEAuacKbti+kKzm9PibO3YB8NKkyHNxjM/ogJp6LeOr qvmDGiKu1tmqGkJ1kAHPoDAQNpA9iggVfIkiqMyK/hzIaiWao4B7odfHzTeajQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1779470769; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4yVQJ066XY31WcuyLtsJcjHwJGPWrO4ZCQ7YUHejJak=; b=WnFP84GFWwsWYwdsy+tiUdQFv4xHc2q8D6sfAo837KCotiYOIrmW5FDAg5X9HBx6NhrWT9 njWWIlfzceSHhTDw== From: "tip-bot2 for Dave Hansen" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/tdx] coco/tdx-host: Lock out module updates when reading version Cc: Dave Hansen , x86@kernel.org, linux-kernel@vger.kernel.org Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <177947076796.711.17487262543330745050.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Precedence: bulk Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable The following commit has been merged into the x86/tdx branch of tip: Commit-ID: 4df1ae579749ccc85ee46cc0caad04eb908ddd41 Gitweb: https://git.kernel.org/tip/4df1ae579749ccc85ee46cc0caad04eb9= 08ddd41 Author: Dave Hansen AuthorDate: Fri, 22 May 2026 08:56:29 -07:00 Committer: Dave Hansen CommitterDate: Fri, 22 May 2026 10:20:09 -07:00 coco/tdx-host: Lock out module updates when reading version The TDX module version is currently stashed in some global variables and dumped out to sysfs without locking. This works fine when the version is static and never changes. But with runtime module updates, the TDX module version can change. Some kind of locking is needed. Barring this, userspace could theoretically see a strange torn module version that is some Frankenstein version from from two different updates. Use the new module update lock/unlock to prevent updates while trying to read the version. Don't be fussy about it. There's no need to snapshot the version or do READ_ONCE(), or minimize lock holding times. sysfs_emit() does not sleep. Also note that the lock/unlock are backed by preempt_dis/enable() which are really cheap CPU-local operations. This is not a heavyweight lock. Signed-off-by: Dave Hansen --- drivers/virt/coco/tdx-host/tdx-host.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/drivers/virt/coco/tdx-host/tdx-host.c b/drivers/virt/coco/tdx-= host/tdx-host.c index e5a672b..d489529 100644 --- a/drivers/virt/coco/tdx-host/tdx-host.c +++ b/drivers/virt/coco/tdx-host/tdx-host.c @@ -26,15 +26,24 @@ static ssize_t version_show(struct device *dev, struct = device_attribute *attr, { const struct tdx_sys_info *tdx_sysinfo =3D tdx_get_sysinfo(); const struct tdx_sys_info_version *ver; + int ret; =20 if (!tdx_sysinfo) return -ENXIO; =20 + /* + * The version number can change during an update. + * Lock out updates while printing the version. + */ + seamldr_lock_module_update(); + ver =3D &tdx_sysinfo->version; + ret =3D sysfs_emit(buf, TDX_VERSION_FMT "\n", ver->major_version, + ver->minor_version, + ver->update_version); + seamldr_unlock_module_update(); =20 - return sysfs_emit(buf, TDX_VERSION_FMT "\n", ver->major_version, - ver->minor_version, - ver->update_version); + return ret; } static DEVICE_ATTR_RO(version); =20