Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp176204iob; Mon, 2 May 2022 16:20:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx/EhmMdUCvelKNAOelalA+iMo+cVvgrgO+j/tVpY3riNCxjLDYcDpYS70xFPww9V2A05ay X-Received: by 2002:aa7:96c2:0:b0:50d:90da:f8f with SMTP id h2-20020aa796c2000000b0050d90da0f8fmr13732680pfq.52.1651533623725; Mon, 02 May 2022 16:20:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651533623; cv=none; d=google.com; s=arc-20160816; b=x1JJzEPlilGElWsAEewSCYthuhGD/TzNBhM+M/UdDuAu3O9io4X6YVPyRtxL31Suvs 9HtmzHWZC4vIEEdUa/tqFDKojWqTdzrsN9eJb1qiDjPjkPt5ctmiEEXsUYqU+xGh0q09 F6KsyzvjqHXVao4C7HLKtlodEdfKd1Kn68UZK5ZW1YwOcmfcYflg4SPNyqjp5pu+thju XByl9R/3Du58kBeaU6JSXVth2x00NZ6JlGe6mAzqZtzjXPtIP8gXFqEasKQpsaqsfKWu oxnqDIDA21naoSMff+qlRAgAvB4DOM8XQgI6bbrfHUKsNnYKWhABCHlf7BGF94ZgzONR gveA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=pCPz9yDQbtceEsLuC3rMNC0OSyPzfVOMTuOAVe0IAaI=; b=IDE7MtEpKMzYoJgX+XGuU2Ke6EU81e0bVcz3kM5iWXluTmFDRxGungfYRHyZxBbNCq BhKeDqCMpAoQRozEaZpSLJuIyPM+jXy5s8g2uRSpZ7oe91SjOEiDi3m2nf0xnuoxGYLT QYKYno5JwrJpFTT5Ldrpecp1JyMHwYeS/LMYRsT3MrnLPZLzfxNdatZlkQxOCL3zPA4E CKisq0yD/JAC3tGlVKLrSmtLygSwTy+Ee2cCufCvPVSYEXcjcBrDMimNX4Gyj9ic2Iwv bILd0QeQLSM888nXynbhsRBJc3LU2PmY2GHgAgbWEElQVOkwrcfncfWWne8wbA52s1T+ QkOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=pc08Ys26; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id l18-20020a170902d35200b00153b2d16540si14201442plk.328.2022.05.02.16.20.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 May 2022 16:20:23 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=pc08Ys26; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id A5C7C31DD4; Mon, 2 May 2022 16:19:46 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352032AbiEBSuR (ORCPT + 99 others); Mon, 2 May 2022 14:50:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242074AbiEBSuO (ORCPT ); Mon, 2 May 2022 14:50:14 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 894B6BE04; Mon, 2 May 2022 11:46:45 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 2C175614A5; Mon, 2 May 2022 18:46:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7CB9BC385AC; Mon, 2 May 2022 18:46:43 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="pc08Ys26" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1651517201; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=pCPz9yDQbtceEsLuC3rMNC0OSyPzfVOMTuOAVe0IAaI=; b=pc08Ys26CvQoChqk5TWzKuQrrCDplm9XM18Nz3iWgufCENImlQUhBGLML2o/lPWGKcqYPq FJaivNTJI9lFFR3MbAQtaedId3uE4WGZg6GClWGiJ/kezmvk29n1zwnUXHv3rFFia4wCQ2 wO6oFUr7D6SKvUb91cXB4A6GqTSopfo= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id fcb55f61 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Mon, 2 May 2022 18:46:41 +0000 (UTC) Date: Mon, 2 May 2022 20:46:34 +0200 From: "Jason A. Donenfeld" To: Alexander Graf Cc: Lennart Poettering , linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, Dominik Brodowski , Greg Kroah-Hartman , Theodore Ts'o , Colm MacCarthaigh , Torben Hansen , Jann Horn , "Michael Kelley (LINUX)" Subject: Re: [PATCH 2/2] random: add fork_event sysctl for polling VM forks Message-ID: References: <20220502140602.130373-1-Jason@zx2c4.com> <20220502140602.130373-2-Jason@zx2c4.com> <480469e6-0eb0-8d76-0b8d-111579e73701@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <480469e6-0eb0-8d76-0b8d-111579e73701@amazon.com> X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 02, 2022 at 08:34:38PM +0200, Alexander Graf wrote: > Michael, since we already changed the CID in the spec, can we add a > property to the device that indicates the first 4 bytes of the UUID will > always be different between parent and child? > > That should give us the ability to mmap the vmgenid directly to user > space and act based on a simple u32 compare for clone notification, no? That is not a good idea. We want an _additional_ 4 bytes, so that we can keep the first 16 bytes (128 bits) as a kernel space secret. Jason