The TDX module version is currently stashed in some global variables
and dumped out to sysfs without locking. This works fine when the
version is static and never changes.
But with runtime module updates, the TDX module version can change.
Some kind of locking is needed. Barring this, userspace could
theoretically see a strange torn module version that is some
Frankenstein version from from two different updates.
Use the new module update lock/unlock to prevent updates while
trying to read the version.
Don't be fussy about it. There's no need to snapshot the version or do
READ_ONCE(), or minimize lock holding times. sysfs_emit() does not
sleep. Also note that the lock/unlock are backed by
preempt_dis/enable() which are really cheap CPU-local operations.
This is not a heavyweight lock.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
{
const struct tdx_sys_info *tdx_sysinfo = tdx_get_sysinfo();
const struct tdx_sys_info_version *ver;
+ int ret;
if (!tdx_sysinfo)
return -ENXIO;
+ /*
+ * The version number can change during an update.
+ * Lock out updates while printing the version.
+ */
+ seamldr_lock_module_update();
+
ver = &tdx_sysinfo->version;
+ ret = sysfs_emit(buf, TDX_VERSION_FMT "\n", ver->major_version,
+ ver->minor_version,
+ ver->update_version);
+ seamldr_unlock_module_update();
- return sysfs_emit(buf, TDX_VERSION_FMT "\n", ver->major_version,
- ver->minor_version,
- ver->update_version);
+ return ret;
}
static DEVICE_ATTR_RO(version);
projects / thirdparty / kernel / linux.git / commitdiff
