Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp625039rdb; Mon, 29 Jan 2024 12:44:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IHGuMWGpZNZEy++++z/UjvEucSlC2fT7nUjhjwl/2AfOSZRwFQuWAF7iYQqNFEJxIzxovq2 X-Received: by 2002:a05:6870:a448:b0:218:4e69:e6e1 with SMTP id n8-20020a056870a44800b002184e69e6e1mr8616861oal.11.1706561097346; Mon, 29 Jan 2024 12:44:57 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706561097; cv=pass; d=google.com; s=arc-20160816; b=eB4L0yyKBcbjqkE4ODA0G2p/MuX/ffdctLRaZ6CSL6PTTzFN+xCLhPUq7X1gaVMqy8 EPeED0XgmDmbD6ZfhtaWdppMEOJYmbTaWpqLfB+4Xi5UOE24jiIYSLqaRjnZkCQ0zfXf PgWEVkSOgrGnY1UIgBtRfEKbTNQROSHHaBicDiWBA+dxrBTw5DGhJCM+2sPe7uLk+zMn zToHpRCdqX1JJA5FnQvhhuDqLmZnsAI7hVLjmUEH+YnnLbOkUIeLQs2dJMZGrccQXFPP 8izg5j1gOzxpzhPIUP48HFERVsPJrbnCER2zeZgkvpP5qmtgnxFg9lBxy6RWkBaDL+ww jcTQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=dul3iBi7NUrjBjGHhfjMrZVarHlQOdV+1By7HUnf0hA=; fh=c1v2G0upyKdVtpPQh2u8PgSo7ZatkVmEfC/ZjKq8i/s=; b=A819QivGVIL163gmMnXPFXeujwspAR8eQiTa5o/hrPcy1xr7jYDpFdllahZLn0RC8O 3AwQaOTMXWzIrOxlnzVgJAsFlKnBuUcaXYg1ppwomdonfjJ+K2Gt/AmYUSP4sEx9SABO BLR43L+35SYheN1y+07H9MyQypn17XqJSyr/G4U625MY4JzLfgrv3z3iouJpg4uIhLwL /9m16bueplpkgn+S9TEAjsNV7bi1SMrozrZm0YzW+qyoiVN3Q8nUwpw6Ig2DHmhj0xbL HohLeyEPdXsxnRMx/UadiiNfUUCLW/DZjjYr+sBIFNMkZ5uO246Ejo7A8XnTmIGuijpV sQQg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=iQ9gsx7u; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-43483-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43483-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id c13-20020a6566cd000000b005ce16d1f0d6si6076890pgw.900.2024.01.29.12.44.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 12:44:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-43483-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=iQ9gsx7u; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-43483-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43483-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 963D4282976 for ; Mon, 29 Jan 2024 20:44:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 74E2415697F; Mon, 29 Jan 2024 20:44:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="iQ9gsx7u" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EEE061534EB for ; Mon, 29 Jan 2024 20:44:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.12 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706561054; cv=none; b=XyqV12AVH2fYxpdTluo+1mqlYWNcTJcE5ZnPCjFY1LisTOKfcEK/Fw8FXSbocHPkTnf/CEBpp0YMl8fO9lOSPEO3QJpvLivwflN1oKOk7NisKJ+AaV5OP1whCUyDCmubsAfHiIGHWT4p7MmupiPz2CtwDuiQoKNneb9W67oejNw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706561054; c=relaxed/simple; bh=Elo6Kas6QgeP8iJYfbZQ29s6uVogIsyKYcHhQDUTX4w=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=VxJJSN0VymY8lyFr1NRwQ4X+MAiH8xH9viMiSqQKkDZDVUy91lQfF9CMdQTfmFqBuwlc67wjn2Bv6VhpxZZWPK4z+utgS8hQvOcQDAzzF6hQlogd16K4VU1haZy8m8PB+Nu4uMUGK1ko5yr4Uen1esu19FeU0q5WxjX6OlA9/Vk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=iQ9gsx7u; arc=none smtp.client-ip=192.198.163.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706561053; x=1738097053; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=Elo6Kas6QgeP8iJYfbZQ29s6uVogIsyKYcHhQDUTX4w=; b=iQ9gsx7uYHD3Ow405moXh8YF/f8oPpayxZTt/D9tYublkUhRIX36oIvP 5HA1jvzwDCLrIfYf69ApCFXdw+vaUaMm7huZHyHFK2cEjROr0veGttdEQ N9pIkP7g+PMaPlEODJiCPN/PLole5wjukZijYffmTjoHsUYgqj2DFIy8N mRj/IqVXFi80dk/5w//skIfqpeM5QTDpYnv2nNoGkaPJ6Zz0DfHAdVWTY ro5W/pmfmCXNvFT8EUKUt6I4B8gDK7ZNx6G7qKeSWDSNDfOVz2ymWJR5H YuLALJ/sH8zyByDPmJiUuWhAPSTq5RmPUORUTucKx96Xd9Z1PFHAmTpHg Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10968"; a="2913273" X-IronPort-AV: E=Sophos;i="6.05,227,1701158400"; d="scan'208";a="2913273" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmvoesa106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2024 12:44:12 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10968"; a="858241427" X-IronPort-AV: E=Sophos;i="6.05,227,1701158400"; d="scan'208";a="858241427" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga004.fm.intel.com with ESMTP; 29 Jan 2024 12:44:07 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id E906FFF; Mon, 29 Jan 2024 22:26:06 +0200 (EET) Date: Mon, 29 Jan 2024 22:26:06 +0200 From: "Kirill A. Shutemov" To: Dave Hansen Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , x86@kernel.org, Theodore Ts'o , "Jason A. Donenfeld" , Kuppuswamy Sathyanarayanan , Elena Reshetova , Jun Nakajima , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [RFC] Randomness on confidential computing platforms Message-ID: References: <20240126134230.1166943-1-kirill.shutemov@linux.intel.com> <276aaeee-cb01-47d3-a3bf-f8fa2e59016c@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Mon, Jan 29, 2024 at 10:55:38AM -0800, Dave Hansen wrote: > On 1/29/24 08:41, Kirill A. Shutemov wrote: > > On Mon, Jan 29, 2024 at 08:30:11AM -0800, Dave Hansen wrote: > >> On 1/26/24 05:42, Kirill A. Shutemov wrote: > >>> 3. Panic after enough re-tries of RDRAND/RDSEED instructions fail. > >>> Another DoS variant against the Guest. > >> > >> I think Sean was going down the same path, but I really dislike the idea > >> of having TDX-specific (or CoCo-specific) policy here. > >> > >> How about we WARN_ON() RDRAND/RDSEED going bonkers? The paranoid folks > >> can turn on panic_on_warn, if they haven't already. > > > > Sure, we can do it for kernel, but we have no control on what userspace > > does. > > > > Sensible userspace on RDRAND/RDSEED failure should fallback to kernel > > asking for random bytes, but who knows if it happens in practice > > everywhere. > > > > Do we care? > > I want to make sure I understand the scenario: > > 1. We're running in a guest under TDX (or SEV-SNP) > 2. The VMM (or somebody) is attacking the guest by eating all the > hardware entropy and RDRAND is effectively busted > 3. Assuming kernel-based panic_on_warn and WARN_ON() rdrand_long() > failure, that rdrand_long() never gets called. Never gets called during attack. It can be used before and after. > 4. Userspace is using RDRAND output in some critical place like key > generation and is not checking it for failure, nor mixing it with > entropy from any other source > 5. Userspace uses the failed RDRAND output to generate a key > 6. Someone exploits the horrible key > > Is that it? Yes. -- Kiryl Shutsemau / Kirill A. Shutemov