Received: by 2002:a05:7412:3290:b0:fa:6e18:a558 with SMTP id ev16csp719729rdb; Fri, 26 Jan 2024 08:38:35 -0800 (PST) X-Google-Smtp-Source: AGHT+IE54dosxa3XHT/AKWoAxi1vIP/7rArUjD0iC02tdToDxM+TY0OMeptYjN/8eTNh3/qgwXEQ X-Received: by 2002:a17:906:ce4c:b0:a28:ce1f:6995 with SMTP id se12-20020a170906ce4c00b00a28ce1f6995mr982133ejb.36.1706287115117; Fri, 26 Jan 2024 08:38:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706287115; cv=pass; d=google.com; s=arc-20160816; b=lBSXP81bTCDESE0g6lyYYbgWW/krQ49lTuyPf1nZVkZlcnYTl4IO5X+ZCjUyXvPVZu nadddgGrx3mW+yuIsgCyXoc8WZO4mwcKadt3RgET/DL5DAO2ON7M/m+HYn205p9pKCEc J6YcOvOwdaL8VWMRYh6MUOwgfjmu7jGtSjYiErtMs0WRAhDJcUon1TQJCgF/cHDym5FY 1Tytz05Wu1mpoo+WCgM8t5VeTtbdV7NOPE2zG9crXbGiuGwds33GxG1AGLIo2nfyL7a7 qNIYRAEWkw7E+ZtF6hOOlgW2HqWSqhVl6kJ5Rez7eWo2Lrf1FPP7PtrP/Me9pYaCZtsI olVA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=yIxa+CX1/TJs1SziOesxW18rUtHS0l1URIjIkyBIsA8=; fh=nZFg7fulkRE/ubo/2noDRchMIAqWATHDWdQruNH4NBA=; b=W35kUMMynoHaMuG9pTXjrh0WrM+iG2Z5PD2+EmgY4IuOduaqeq+S9TsMO1LO6C/w3F yYSpGnkSdDCfd+cfgEnSuNXvHyxrOpuSWl3v9lv7aK3AXK2asg5Vqp+I5rE6CTS7VE9l n/70NqmjFTqoJ3NMF5xsczaH9gwhyFBTxdkJtWc0xaiPRxqmxXN6jGbcE1rcWNtoZF5A LJ0K/Q2ZUZWCUXa4Cp4EynOQbGmu0F/G2Ax2BGnGBFtr4aOjx64bniXVl5+3xzi79dIb QEqn5vkuEoDbi/fH+cgVqxy/XAh9hh3Q+5ZiBh8tLCh3AiR/PF2d0YLVJyUJNAJIqjCK 8peg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.com header.s=google header.b=XwDKVD2R; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-40351-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40351-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id kf6-20020a17090776c600b00a2cd7bddad7si749371ejc.698.2024.01.26.08.38.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 08:38:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40351-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=google header.b=XwDKVD2R; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-40351-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40351-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id D9D181F2469D for ; Fri, 26 Jan 2024 16:38:34 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CDC601DFD6; Fri, 26 Jan 2024 16:38:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b="XwDKVD2R" Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com [209.85.167.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D0ECA1D559 for ; Fri, 26 Jan 2024 16:38:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.54 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706287097; cv=none; b=t0R3KDga+Tl5pZhCmulkTWIgeoi8eAw0EVz5Ohixcrxr4R4KGbe/DOkjjFOcYSozR1ZU0sdMnHkKfquoVh1WLzsNu24HWRWXyc+xgDpzXpzMtjZoFz0TxKA4ODUNflgNYg+LVRw8lCt97x7mpDZalgzfpgRXtJ2hYDtn1tOrZGM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706287097; c=relaxed/simple; bh=/FfErPD7fPuY6n+IL4H7hJhZx3N0+Izam7zb+o4a8ac=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=TAtC27O3dA6X/iHsd5zSEF6y1kpC0M5eksHhTS8WEGpLTRtUa0imXcZwpt+urJmypQmGTlsIrMy3KxyECnGdZIZuh9PDV3cBJ18UfYOLAZ6vyNdVcwjFiOFt6Ped8+jSWEN7/ayI84jNqsua+m762kV7c9biApREhDGGRPVeUGY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b=XwDKVD2R; arc=none smtp.client-ip=209.85.167.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: by mail-lf1-f54.google.com with SMTP id 2adb3069b0e04-50ea9daac4cso588764e87.3 for ; Fri, 26 Jan 2024 08:38:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=google; t=1706287093; x=1706891893; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=yIxa+CX1/TJs1SziOesxW18rUtHS0l1URIjIkyBIsA8=; b=XwDKVD2RLd1CZDfeeMEsBkWMS2jUFIsglljV6SKUUpnli4HJJuW2lf6H4R3ndVcBEF /IGT4Mt6B/olhQvxoqkE9YPjbaRvWAnacgmBn6lgZZ31J7ytw9mzqp67ifkSCWw5NmYH nzKxbeyCYLjesvcbGWnnP6aM92m1I2ylFLxh9vxCqwLUg4daJZsx8THaTnt6TTlDD89Q ZQuAqzqRCcZUp4TPKH+nC6CP9zXb6x1VdAIvgsN2CtqTK4IbgFPxF9uK9S/razHH4FWT FjsEspWwDMr+lMvDu329Vnit8qkf8tYWKIKCbs72DOFaio5V/+4QyMIEO1h5CKzBS0uU 1+PA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706287093; x=1706891893; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yIxa+CX1/TJs1SziOesxW18rUtHS0l1URIjIkyBIsA8=; b=b49VrPD2lO6To3CzaBY71TWVrjpraBNmOeP8eckFtqvPbyfFoc9SLRbF5fnGh23ECX fX6P2JamjETR7wvvNS0HIsGsff0YsbXc75/qr4hRHycb6zW7lPVBSmt9NcidMwhgsQGO /Y+lXg07MqSVusil+hJnrv55rdYMPUwDG8eK5WhXZxQqC9icW3vfsdZ+o2vQiRK9L6St i76ZLJQWmdBoZOqxb4jf2hpNzUvsd1lUOSp5nuSik2XQOAcgSnsobpArG1kxqS+ieEsS rZ9GynlS+ev45vf2Dojg6R8C9rt9GFRApvVBV6bmhsET0MvU6gSBPdHQR7elfKiMjZKs JtDQ== X-Gm-Message-State: AOJu0Yzy89zUDg3h9z0j/q0HxE+wq/iMjSVJodr/+wC8vaEk0nl2Jkpt bKWE3h3aDCGxpXQ6N4PtnaBzbfD3i3YksLhRQTv4JOcwciDZc4sTbCQLo+hfn4U= X-Received: by 2002:ac2:5a51:0:b0:510:1777:9559 with SMTP id r17-20020ac25a51000000b0051017779559mr821159lfn.86.1706287092847; Fri, 26 Jan 2024 08:38:12 -0800 (PST) Received: from ?IPV6:2a10:bac0:b000:7589:7285:c2ff:fedd:7e3a? ([2a10:bac0:b000:7589:7285:c2ff:fedd:7e3a]) by smtp.gmail.com with ESMTPSA id c9-20020ac25f69000000b005101772e298sm220688lfc.19.2024.01.26.08.36.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 26 Jan 2024 08:36:41 -0800 (PST) Message-ID: <4f717166-863e-4145-8b8b-37e09415e855@suse.com> Date: Fri, 26 Jan 2024 18:35:59 +0200 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC] Randomness on confidential computing platforms Content-Language: en-US To: =?UTF-8?Q?Daniel_P=2E_Berrang=C3=A9?= , "Reshetova, Elena" Cc: "Kirill A. Shutemov" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , "x86@kernel.org" , Theodore Ts'o , "Jason A. Donenfeld" , Kuppuswamy Sathyanarayanan , "Nakajima, Jun" , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" References: <20240126134230.1166943-1-kirill.shutemov@linux.intel.com> <6afe76be-90a7-4cf7-8c6c-23e6a14f8116@suse.com> From: Nikolay Borisov In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 26.01.24 г. 17:57 ч., Daniel P. Berrangé wrote: > If the CPU performance counters could report RDRAND exhaustion directly, > then the host admin could trust that information and monitor it, but the > host shouldn't rely on the (hostile) guest software to tell it about I guess it really depends on the POV - from the POV of an encrypted guest the VMM is hostile so we ideally don't like to divulge more information than is absolutely necessary. OTOH, from the POV of the VMM we could say that the guest could be running anything and so a facility like that could cause some confusion on the VMM site. I think it would be very hard to reconcile the 2 views. > exhaustion.