Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp1735738pxu; Fri, 16 Oct 2020 22:37:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxU9ul+PIyHQhnBad1fo9XjFWsJU9G+CDUbNfFwRu5eF3p4XGJrmgIIMtEvLVDYegRCzY4t X-Received: by 2002:a17:907:212b:: with SMTP id qo11mr7177408ejb.107.1602913060771; Fri, 16 Oct 2020 22:37:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602913060; cv=none; d=google.com; s=arc-20160816; b=z3Azw59uKw9xxUZwqi4ZeZn7v8PbOgAPppUU3C4t5AZlvwfiCXAgjj2QXRU4Eoz3LZ kxiIxQtuhs4wESA/HXmOrpmKy5SbXbQNFMNvUbG5LkvTDy/qI31NZY+4MuOul7jU0tDJ qQNKv1RMEcItzP2TOGGpoL7SMjU19U1cI8Xh/cxlPdcSVuERgkmz/5kQt0itK5MXeF1i SUua2f3oUtXPDTvrvAoQLqgRzoDrIX5ErtC6sIU7jdTSXt/98q+c3mNZzd0jca561lMw Rc+HzNQiYJRQJYMPIhbxVaw8x8rv7Z6tViRaX4LUgyFPnqj33OHqPlxWHRM3G75Aqegn TmAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=3873Gz7KcIIbF+58FjeBy17mgG4PokwG1uQJvpJfj+4=; b=rcurv/Tl9ZEhj6CrnVhe9fxJONkhVHzuc+GbTUzr5eqFZ0tww8wLuLe6bDrmZH4y1D U6A6knJyqCBU3gEpxRCi2IxsX+jYSmzV9MEl43JFbzE/IsivrKYBIYbIckcDA6/3x2b8 Rvau28wnDLS0AmHv9cnFJ8x+uD5vzCkak01w669juvgSECLNUcOt2Zqi3qhm3jXDf31p 7XWXHi3ZvLkSL0VVV57l4sThlw0z+Q/QgTTc6gYwKGFM6ll/ulpmxzkAEkIhycE+75GD ADVcj89GdwKuqTfQ5Et/CEVsn/XYH7Ep/3wA2r5SFj+7y+R0xHCuO4jwHz5kCO6KFfzr B2cQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q7si3111971ejd.647.2020.10.16.22.37.18; Fri, 16 Oct 2020 22:37:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2411557AbgJQFZy (ORCPT + 99 others); Sat, 17 Oct 2020 01:25:54 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:43826 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2411543AbgJQFZv (ORCPT ); Sat, 17 Oct 2020 01:25:51 -0400 Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id 09H3a6p1014024; Sat, 17 Oct 2020 05:36:06 +0200 Date: Sat, 17 Oct 2020 05:36:06 +0200 From: Willy Tarreau To: Jann Horn Cc: "Catangiu, Adrian Costin" , Andy Lutomirski , Jason Donenfeld , "Theodore Y. Ts'o" , Eric Biggers , "linux-doc@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "virtualization@lists.linux-foundation.org" , "Graf (AWS), Alexander" , "MacCarthaigh, Colm" , "Woodhouse, David" , "bonzini@gnu.org" , "Singh, Balbir" , "Weiss, Radu" , "oridgar@gmail.com" , "ghammer@redhat.com" , "corbet@lwn.net" , "gregkh@linuxfoundation.org" , "mst@redhat.com" , "qemu-devel@nongnu.org" , KVM list , Michal Hocko , "Rafael J. Wysocki" , Pavel Machek , Linux API Subject: Re: [PATCH] drivers/virt: vmgenid: add vm generation id driver Message-ID: <20201017033606.GA14014@1wt.eu> References: <788878CE-2578-4991-A5A6-669DCABAC2F2@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.1 (2016-04-27) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Oct 17, 2020 at 03:40:08AM +0200, Jann Horn wrote: > [adding some more people who are interested in RNG stuff: Andy, Jason, > Theodore, Willy Tarreau, Eric Biggers. also linux-api@, because this > concerns some pretty fundamental API stuff related to RNG usage] > > On Fri, Oct 16, 2020 at 4:33 PM Catangiu, Adrian Costin > wrote: > > This patch is a driver which exposes the Virtual Machine Generation ID > > via a char-dev FS interface that provides ID update sync and async > > notification, retrieval and confirmation mechanisms: > > > > When the device is 'open()'ed a copy of the current vm UUID is > > associated with the file handle. 'read()' operations block until the > > associated UUID is no longer up to date - until HW vm gen id changes - > > at which point the new UUID is provided/returned. Nonblocking 'read()' > > uses EWOULDBLOCK to signal that there is no _new_ UUID available. > > > > 'poll()' is implemented to allow polling for UUID updates. Such > > updates result in 'EPOLLIN' events. > > > > Subsequent read()s following a UUID update no longer block, but return > > the updated UUID. The application needs to acknowledge the UUID update > > by confirming it through a 'write()'. > > Only on writing back to the driver the right/latest UUID, will the > > driver mark this "watcher" as up to date and remove EPOLLIN status. > > > > 'mmap()' support allows mapping a single read-only shared page which > > will always contain the latest UUID value at offset 0. > > It would be nicer if that page just contained an incrementing counter, > instead of a UUID. It's not like the application cares *what* the UUID > changed to, just that it *did* change and all RNGs state now needs to > be reseeded from the kernel, right? And an application can't reliably > read the entire UUID from the memory mapping anyway, because the VM > might be forked in the middle. > > So I think your kernel driver should detect UUID changes and then turn > those into a monotonically incrementing counter. (Probably 64 bits > wide?) (That's probably also a little bit faster than comparing an > entire UUID.) I agree with this. Further, I'm observing there is a very common confusion between "universally unique" and "random". Randoms are needed when seeking unpredictability. A random number generator *must* be able to return the same value multiple times in a row (though this is rare), otherwise it's not random. To illustrate this, a die has less than 3 bits of randomness and is sufficient to play games with friends where a counter would allow everyone to cheat. Conversely if you want to assign IDs to members of your family you'd rather use a counter than a die for this or you risk collisions and/or long series of retries to pick unique IDs. RFC4122 explains in great length how to produce guaranteed unique IDs, and this only involves space, time and counters. There's indeed a lazy variant that probably everyone uses nowadays, consisting in picking random numbers, but this is not guaranteed unique anymore. If the UUIDs used there are real UUIDs, it could be as simple as updating them according to their format, i.e. updating the timestamp, and if the timestamp is already the same, just increase the seq counter. Doing this doesn't require entropy, doesn't need to block and doesn't needlessly leak randoms that sometimes make people feel nervous. Just my two cents, Willy