Re: [PATCH v2 0/3] Expose TDX Module version

[Nikolay Borisov]

On 6.01.26 г. 8:47 ч., Chao Gao wrote:
> On Mon, Jan 05, 2026 at 10:38:19AM +0000, Kiryl Shutsemau wrote:
> > On Sun, Jan 04, 2026 at 11:43:43PM -0800, Chao Gao wrote:
> > > Hi reviewers,
> > >
> > > This series is quite straightforward and I believe it's well-polished.
> > > Please consider providing your ack tags. However, since it depends on
> > > two other series (listed below), please review those dependencies first if
> > > you haven't already.
> > >
> > > Changes in v2:
> > >   - Print TDX Module version in demsg (Vishal)
> > >   - Remove all descriptions about autogeneration (Rick)
> > >   - Fix typos (Kai)
> > >   - Stick with TDH.SYS.RD (Dave/Yilun)
> > >   - Rebase onto Sean's VMXON v2 series
> > >
> > > === Problem & Solution ===
> > >
> > > Currently, there is no user interface to get the TDX Module version.
> > > However, in bug reporting or analysis scenarios, the first question
> > > normally asked is which TDX Module version is on your system, to determine
> > > if this is a known issue or a new regression.
> > >
> > > To address this issue, this series exposes the TDX Module version as
> > > sysfs attributes of the tdx_host device [*] and also prints it in dmesg
> > > to keep a record.
> >
> > The version information is also useful for the guest. Maybe we should
> > provide consistent interface for both sides?
>
> Note that only the Major and Minor versions (like 1.5 or 2.0) are available to
> the guest; the TDX Module doesn't allow guests to read the update version.
> Given this limitation, exposing version information to guests isn't
> particularly useful.
>
> And in my opinion, exposing version information to guests is also unnecessary
> since the module version can already be read from the host with this series.
> In debugging scenarios, I'm not sure why the TDX module would be so special
> that guests should know its version but not other host information, such as
> host kernel version, microcode version, etc. None of these are exposed to guest
> kernel (not to mention guest userspace).

Just my 2 cents  on the topic:

One thing which comes to mind is that the information to be provided to 
the guest should ideally come from the hypervisor, for debugging 
purposes at least, i.e via some sort of hypercall. The security model of 
TDX is to ascertain information about the host via the attestation 
mechanism, no? So I'd argue that the version information provided to the 
guest is of no importance