Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp524586rdb; Mon, 29 Jan 2024 09:17:55 -0800 (PST) X-Google-Smtp-Source: AGHT+IHbTYQL0U0+x2wwLmk5ZZjSNLHHZdZ+FLnXNPi6XSz6eh2oRfmFJX22HRnnkCCgWW5nyq6w X-Received: by 2002:a05:6402:22ac:b0:55e:fb9b:e0dc with SMTP id cx12-20020a05640222ac00b0055efb9be0dcmr2415909edb.37.1706548675260; Mon, 29 Jan 2024 09:17:55 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706548675; cv=pass; d=google.com; s=arc-20160816; b=R7rSF4MkXG649lNxoIMpLDT+mu6fxNeNRvS7tz49qz+q7+sXrEozkKeu05MHGRv/e/ p3CbXuE4r8JFZr9jhqPsUKChvIsY1PYZT3xiUSWaHOnhBjOuADpoe6P2pVsLL3eh9O9P pyvFONkUE9SI0d6ynNBAW0pLfbhJBXoZ0Pgc0ZNs2L8dfT48RE0ccfQMFVZ/iVKEh8uN drJy+5k0lX63rbe+mmR6s1gza3ZA88ZYA34qAhp0d/lUVZ5TqoSMkBp3z3vvH/GAS5zn /SLVuYwbfRD7uTF4u8jbSVagJj9MuM+ELINYMTUI8KhnSfEWL6rY0oxIsM80YYt84GCZ Co8g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:references:in-reply-to :user-agent:subject:cc:to:from:date:dkim-signature:dkim-filter; bh=5MgQaeiM+/jYwFflXcmFfBk4nscCJV22lLY8J+jZeMM=; fh=YkUm/31F/LwHgSUytZ5r3hv36lq90x1rUiQnumaffSE=; b=xspG2tDSUUPh7lG0WgT45LEkwlJZrcPNjht9cdQtM930i3+pFAAnZ3oYC+DE9s2NET kwcm85LQZTugHkeOo8Wvlo7ZFaNu0HGlRRQRioRb2SECRxvT+g9EhAiWI5SC8mgyIw34 ZfVApuFa6JhZJt+FeO/QqQYKLfLYAS9+G9yQSzfDNSFcU7/U7zNL/kuFp1pxRaHZP9sn Y6zL4bya2g7/05jYnyM4qGwib5rZLwfl7YgF6LjQHJg5eqZQX07TxE9vJD4KEnuylYQe mCSuCPWRbwVh6+6im+DfAxz2YqZGqfLa5fHGcqkvfkEj2DlSGobzBrDDjduZeJEZ6n/X w2fQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=temperror (no key for signature) header.i=@zytor.com header.s=2024011201 header.b=ZyG41W4t; arc=pass (i=1 spf=pass spfdomain=zytor.com dmarc=pass fromdomain=zytor.com); spf=pass (google.com: domain of linux-kernel+bounces-43186-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43186-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id h23-20020a0564020e9700b0055f07775fefsi942055eda.58.2024.01.29.09.17.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 09:17:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-43186-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@zytor.com header.s=2024011201 header.b=ZyG41W4t; arc=pass (i=1 spf=pass spfdomain=zytor.com dmarc=pass fromdomain=zytor.com); spf=pass (google.com: domain of linux-kernel+bounces-43186-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43186-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 4E82E1F2C2DA for ; Mon, 29 Jan 2024 17:09:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CEC8315AADC; Mon, 29 Jan 2024 17:08:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=zytor.com header.i=@zytor.com header.b="ZyG41W4t" Received: from mail.zytor.com (terminus.zytor.com [198.137.202.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4243B15AAD5 for ; Mon, 29 Jan 2024 17:08:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.137.202.136 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706548083; cv=none; b=ERlcLpCAV9YcDHOJY1uZOnZipsGSSh1EJr04vya8oeq/9jyOXZf8dyu8WVzf/5MGf2u+xnU2jY5FtzVEHYvTA/BVfScwt+usFAn5PcwSO9m2AKp06zEnGAB8p+s/4h/n5jcXnQss+YkNETu5Uhw9IvElCD8pA7nxsKuqPG7y3Pc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706548083; c=relaxed/simple; bh=0LKrBNn/tdgYxQG5tXJjBvRgb8P6qEb0b3d3tmgiVL4=; h=Date:From:To:CC:Subject:In-Reply-To:References:Message-ID: MIME-Version:Content-Type; b=B09sCF6u9g+SnJzCm09nYmxOamh9uXjuNK77ovUd2xiINilQcit0Hilr47Hwy7tNjboLfN7tBaITwADedNbp4OS3DYJV4EkxJ6JARTivm/ziSlQjV1xuQ3Ebwosq4Qs7N2ZSimBl1MsxVT06AwFTZqpVJc1Zfx9y9NaUQdJbTqc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zytor.com; spf=pass smtp.mailfrom=zytor.com; dkim=fail (2048-bit key) header.d=zytor.com header.i=@zytor.com header.b=ZyG41W4t reason="signature verification failed"; arc=none smtp.client-ip=198.137.202.136 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zytor.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zytor.com Received: from [127.0.0.1] ([76.133.66.138]) (authenticated bits=0) by mail.zytor.com (8.17.2/8.17.1) with ESMTPSA id 40TH7GOG2246529 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Mon, 29 Jan 2024 09:07:17 -0800 DKIM-Filter: OpenDKIM Filter v2.11.0 mail.zytor.com 40TH7GOG2246529 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zytor.com; s=2024011201; t=1706548038; bh=5MgQaeiM+/jYwFflXcmFfBk4nscCJV22lLY8J+jZeMM=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=ZyG41W4tgHSLobFqHKGEupEcCs6PB4mbtcLDIHcTPTTwHOWrC6KexJsTVE/ff1ndU 5OhAYNEdR0F9PJ8N9QmcyiE/p4a/BsVtg9A3vkhIFlKrmuEPMfzdrOH+WrRUL5ZNAZ XaSakUAOVmfiYPxnQA88cpcdKcvql9+I9IkyajGURzbsa2dFSlvldE7easV1Fr5a28 jPTOcYZ+w3RbBq3V9aYJ+pnfqIn+S8o50V4owFWZG/QUB9amNec8PPwVbpGZUlgk4u eDWwBPjI0gtp3sv2rA0YBljxZi6YdWSs9/lDJYj2hjpzoTQZ/caRio78l6o8JJnVGY oEyTNk0vyAYkg== Date: Mon, 29 Jan 2024 09:07:13 -0800 From: "H. Peter Anvin" To: "Kirill A. Shutemov" , Dave Hansen CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "Theodore Ts'o" , "Jason A. Donenfeld" , Kuppuswamy Sathyanarayanan , Elena Reshetova , Jun Nakajima , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [RFC] Randomness on confidential computing platforms User-Agent: K-9 Mail for Android In-Reply-To: References: <20240126134230.1166943-1-kirill.shutemov@linux.intel.com> <276aaeee-cb01-47d3-a3bf-f8fa2e59016c@intel.com> Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On January 29, 2024 8:41:49 AM PST, "Kirill A=2E Shutemov" wrote: >On Mon, Jan 29, 2024 at 08:30:11AM -0800, Dave Hansen wrote: >> On 1/26/24 05:42, Kirill A=2E Shutemov wrote: >> > 3=2E Panic after enough re-tries of RDRAND/RDSEED instructions fail= =2E >> > Another DoS variant against the Guest=2E >>=20 >> I think Sean was going down the same path, but I really dislike the ide= a >> of having TDX-specific (or CoCo-specific) policy here=2E >>=20 >> How about we WARN_ON() RDRAND/RDSEED going bonkers? The paranoid folks >> can turn on panic_on_warn, if they haven't already=2E > >Sure, we can do it for kernel, but we have no control on what userspace >does=2E > >Sensible userspace on RDRAND/RDSEED failure should fallback to kernel >asking for random bytes, but who knows if it happens in practice >everywhere=2E > >Do we care? > You can't fix what you can't touch=2E