Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp919315ybv; Wed, 5 Feb 2020 17:13:56 -0800 (PST) X-Google-Smtp-Source: APXvYqy1aOOyTTCYyqt5iu8Lzks8FQSTORZ0y7umI+KzEHTDs1Ce9Tbrjs8kMlxaZGTY676bcv8X X-Received: by 2002:a9d:6452:: with SMTP id m18mr27403515otl.366.1580951636427; Wed, 05 Feb 2020 17:13:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580951636; cv=none; d=google.com; s=arc-20160816; b=KC/4JSuAAJPvfnqXXXNaHlQT5Yxn3TsxikQtMmTFP/zbL0CY+nes/uBH0GsHvYsqFK 33fu7YkhBSEh9dAphwQEnrHmNQLDXnGzZg8oHgd7cvUn5rXbnmpdYTy3tqF6qZU9QRQw dQKHOuMBt0VJZrtfZOhp4d20mLmMsKNkTLy4QRTsXWqNGAmn4Ow/FWKFCLgJ7ljYR7aS /4mJ9bdXrrYw87QGe0dVTXZ6H71zmGr/fLCUXcqWONthQi0yf2AXTyFlDkXfL62BA7d9 wk0J/TsKGxkrOvyjGqwl1h9pnUInCzyYLzopHjBgJTyI1Eszfahko9sN/+mXQGWPV2q9 U7TQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:in-reply-to:cc:references:message-id :date:subject:mime-version:from:content-transfer-encoding :dkim-signature; bh=1HZcNHl+ZiGpLzKAil0t0TkdkIzFUKmP524EuuoH/Ck=; b=oHTkByQTOVpTrhXLftHXyRjED4W81hW5+YizWkAxI0KLRlfcegPo2yTMUfU4LBDYv3 wvVIyxtaLNpW+GWHyZ+UMuzG9CymrbeCY+ZuXQQd5OVWwR/UciLvF+F6eUrPQVRX/gol xGauLCK4au4bLDBloDe1Zd5X1WAHcqHshJZoi7LlVZZNwfW1Jyq0fPSAAAg6Sa/2Gsgv N9pMKORTXXaSsmZ8C4CMmnIK/Sk00i2Ib1hvK5lx6tkmGwQJOj0Y2rjJEfAbsY6IQ+yh 2fLvRaZdxUbJFzxVAot1sjiHytnwB943bE5vM3YqPJ7+gn7924b6E30w6qSutMScVR5M EcJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=ZK2uy6zA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y8si871271otg.309.2020.02.05.17.13.32; Wed, 05 Feb 2020 17:13:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=ZK2uy6zA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727582AbgBFBI6 (ORCPT + 99 others); Wed, 5 Feb 2020 20:08:58 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:42920 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727149AbgBFBI6 (ORCPT ); Wed, 5 Feb 2020 20:08:58 -0500 Received: by mail-pg1-f194.google.com with SMTP id w21so1831895pgl.9 for ; Wed, 05 Feb 2020 17:08:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=1HZcNHl+ZiGpLzKAil0t0TkdkIzFUKmP524EuuoH/Ck=; b=ZK2uy6zAf8SYDYMAseyEf2T3wvNO+N2p6rIMpZuapl0EwOuRCnXCf7qbzcpV+ygIJs s4CKahRf2Zf/LvTzUkSzrvLGKir2UE7XQeUeFVyAE0SJyBVvuMr61s+n8KUO2bYd2jj7 uRFoPW+KlauWDInVKrYj7T6+hNn/769D5xKBVbkLZ4vGEp+T8ch5erkam4ZEpsxO1yGo 66bcJmvHujD5Sw5RzuJxxzXcLmFJ8ciSuEkXRyH+/jAFvIMo0QK8F7zSfxhdCUtVtwM+ AI+fMDki0M6jbxBG2DcDaYxN85rripRxj/9okSc0/AwRvqine/4J70GkJUTbFacTBY9B vy2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=1HZcNHl+ZiGpLzKAil0t0TkdkIzFUKmP524EuuoH/Ck=; b=gBJYbmqHhu1R8bwirM36XqbjfEnSL4z0XKLhztqjPVcfXRs3iLYqtg/NmCN827w/qV bDpejhSIEdlMNPjPwQmeXtrO0/VUadn9I+gMinu3UcUgfZm1PTfXTP0xLMiuUC+Dv817 PK5u2LvCHI6M9Pkf1DWvud7+FaS7tDGOVq/zRQERJYpV4iKgYetBUBCsqXAfV3Ka/Gez zuF4onPuXmTOlSeQadFZoHa2s9YOLEyXN0qhNMdNg7q77mI+uC9nrxbv9K7+VQgyfFpd zCzVvevH77qw2utYtMjEExB+sN8yN0nzQGo5vXv3R1rBda3Yhd2cNQLymVU55CYAUcA/ tVdQ== X-Gm-Message-State: APjAAAUtTQPqkG1aE97THnICanrvOSc9bFzfRKwwWCZUzv7jxvuOhVH5 9nBEnKaBN+8uXmmgdiI567Zvmg== X-Received: by 2002:a63:e243:: with SMTP id y3mr710289pgj.361.1580951337276; Wed, 05 Feb 2020 17:08:57 -0800 (PST) Received: from ?IPv6:2601:646:c200:1ef2:39b0:37ac:a612:685e? ([2601:646:c200:1ef2:39b0:37ac:a612:685e]) by smtp.gmail.com with ESMTPSA id y2sm706571pff.139.2020.02.05.17.08.56 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 05 Feb 2020 17:08:56 -0800 (PST) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Andy Lutomirski Mime-Version: 1.0 (1.0) Subject: Re: [RFC PATCH 03/11] x86/boot: Allow a "silent" kaslr random byte fetch Date: Wed, 5 Feb 2020 17:08:55 -0800 Message-Id: References: <20200205223950.1212394-4-kristen@linux.intel.com> Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, arjan@linux.intel.com, keescook@chromium.org, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com In-Reply-To: <20200205223950.1212394-4-kristen@linux.intel.com> To: Kristen Carlson Accardi X-Mailer: iPhone Mail (17C54) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Feb 5, 2020, at 2:39 PM, Kristen Carlson Accardi wrote: >=20 > =EF=BB=BFFrom: Kees Cook >=20 > Under earlyprintk, each RNG call produces a debug report line. When > shuffling hundreds of functions, this is not useful information (each > line is identical and tells us nothing new). Instead, allow for a NULL > "purpose" to suppress the debug reporting. Have you counted how many RDRAND calls this causes? RDRAND is exceedingly s= low on all CPUs I=E2=80=99ve looked at. The whole =E2=80=9CRDRAND has great b= andwidth=E2=80=9D marketing BS actually means that it has decent bandwidth i= f all CPUs hammer it at the same time. The latency is abysmal. I have asked= Intel to improve this, but the latency of that request will be quadrillions= of cycles :) It wouldn=E2=80=99t shock me if just the RDRAND calls account for a respecta= ble fraction of total time. The RDTSC fallback, on the other hand, may be so= predictable as to be useless. I would suggest adding a little ChaCha20 DRBG or similar to the KASLR enviro= nment instead. What crypto primitives are available there?=