Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp639581rdb; Mon, 29 Jan 2024 13:19:04 -0800 (PST) X-Google-Smtp-Source: AGHT+IHEVccczTc4XiXUxfPJosf8xqvgIoh7Myo/TiWAq5FjehHbP5rP05cDUYeksy/QxTs/k97f X-Received: by 2002:a17:902:820c:b0:1d6:f263:5699 with SMTP id x12-20020a170902820c00b001d6f2635699mr3778092pln.30.1706563144189; Mon, 29 Jan 2024 13:19:04 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706563144; cv=pass; d=google.com; s=arc-20160816; b=p7F8NEuK1F+Zw/mOyndWouM1cyrF03aWONzPgdn4NyFXX+7a3IYFWnflZ6dhtobj6P mDPQ7y4S6zNGRYZh0N0aUUqC3cHLon+wejWD8GnY3QSkEO4OV2sKJNB3MpmIe4Un3K+Q NbcKvTDjd6RHD0EYmJKn5FIdircQwlQrCU2ofI29Ec1Y1ypLXBQIlftjJWNerDJIyIZ+ EOmLOFbBqDsvw2iWQ/7h5y7F+2zA7BHmXIi3BUufejyvVd6peaNIPBxlDJv24La0kBVs pAvRYvDT7zvSFiYXnnpZqMJlXhjKxdIcnvp9g9fM4RlWGVSl+zMceqdOIwgdC0K6F3v5 jRXg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:references:in-reply-to :user-agent:subject:cc:to:from:date:dkim-signature:dkim-filter; bh=dMGw3Un7uxvzazwAB1e4UsYVGTCXNpV2yIiZzPYUZ88=; fh=irW/4zVowq22TPklJI42vpo0NYi9tFeOt72wIT/QcmY=; b=HYPX5Uht5p1gRLVnrUCWRjKNESb7Jb5CqfGwdsZpG45bkftWyeDY5Tukgc0eJ/wYRc zP9wTDcPET7DKPZ+UzYLV6g20mBqyy3XYWFAkj8CbQapGUT0MQ8uzV1TejuIlGsetfVB vrc7KFOen77etOsjiZ7rIxJSfKXR50HyKlNv4wKLy12wLBtN/vIOQmH1ntOI7d5/2i0a pqBKwS5W2yaSpklz3ZFFXhDdbjlPv0OEAIamc2pdem/jlF62JLHNF9+Oc+IT87/hqMC/ kvxzppbpFEO8zA8HC/hs0qp2RPxJVTVDspHUUNw0EP48CWHJQI7KiU2uzLhDJk/+8gea 7dtg== ARC-Authentication-Results: i=2; mx.google.com; dkim=fail header.i=@zytor.com header.s=2024011201 header.b=Hzl0pbQs; arc=pass (i=1 spf=pass spfdomain=zytor.com dmarc=pass fromdomain=zytor.com); spf=pass (google.com: domain of linux-kernel+bounces-43513-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43513-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id l72-20020a633e4b000000b005d54ef5dd07si6175830pga.161.2024.01.29.13.19.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 13:19:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-43513-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=fail header.i=@zytor.com header.s=2024011201 header.b=Hzl0pbQs; arc=pass (i=1 spf=pass spfdomain=zytor.com dmarc=pass fromdomain=zytor.com); spf=pass (google.com: domain of linux-kernel+bounces-43513-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43513-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=zytor.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id CDB0628756B for ; Mon, 29 Jan 2024 21:18:14 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2B237157E97; Mon, 29 Jan 2024 21:18:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=zytor.com header.i=@zytor.com header.b="Hzl0pbQs" Received: from mail.zytor.com (terminus.zytor.com [198.137.202.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C913157E7C for ; Mon, 29 Jan 2024 21:18:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.137.202.136 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706563091; cv=none; b=CN4QGb/BMRP3VP1pwY0sm5+3xoWak8Zzh1y2aOqoyoGNfJvv01yKtFOfXSQFTtCOyHfjf+lsfI228LEmCKwHwKTgyQQlccbCFHu0QW9BAk6lSkqC03wDtke4Pes5aqODqplvBpmWjSubw30ETdVSswGW1l/YgDHK9d7dn/sT++U= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706563091; c=relaxed/simple; bh=iMnLWZpXGWZO6f778duq9Mp4OZb1fe9L6qPadvah6Sk=; h=Date:From:To:CC:Subject:In-Reply-To:References:Message-ID: MIME-Version:Content-Type; b=Al6JNT9kuIQCHVI419jCGWZT3FWAJhK4ILV9mFWpQArJg9DNs/CwjfXp+6dhax6BFahblB/ykdKnutilV9TXS+IJjPxgGILMz8jrH3XRP6yXH0vKaur2fvmWGy+m0uWdGLraqlnHD0/GR3LX/upVeyAn6wBAC6oP8x8kqvGM3ek= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zytor.com; spf=pass smtp.mailfrom=zytor.com; dkim=fail (2048-bit key) header.d=zytor.com header.i=@zytor.com header.b=Hzl0pbQs reason="signature verification failed"; arc=none smtp.client-ip=198.137.202.136 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zytor.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zytor.com Received: from [127.0.0.1] ([76.133.66.138]) (authenticated bits=0) by mail.zytor.com (8.17.2/8.17.1) with ESMTPSA id 40TLHAL32340808 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Mon, 29 Jan 2024 13:17:11 -0800 DKIM-Filter: OpenDKIM Filter v2.11.0 mail.zytor.com 40TLHAL32340808 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zytor.com; s=2024011201; t=1706563032; bh=dMGw3Un7uxvzazwAB1e4UsYVGTCXNpV2yIiZzPYUZ88=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=Hzl0pbQs2JzqaFXU86XAApSZQljy1HnasnQfsFh+D6k1BOmC/clVBPNDAqPIy24zp 9IpMMzLDZeCaMcoeyhTi10v4sruul+RIhe9PbMs6Ks8W/dbOgnxajY7jJ27zXeL33v uTtfTI5DsnNwXpOeWOJm2ki4CkunI4MEF5nHN6mNngBIAB4X63zcF19/I53l/XtKMR mETS7v4De+POA/WGxqx/AUC3bQ/LxdLuMIRwY6IUqVc2mkKjB7LifBfL65VuPL9D9E sVhnxq4JsdOJPoaFiOmV9xodzB9TAz4JlusGgx8f2dfnu/lP7AY8GELznRfFDUWZXT o4Zr+j95Nk+nQ== Date: Mon, 29 Jan 2024 13:17:07 -0800 From: "H. Peter Anvin" To: Dave Hansen , "Kirill A. Shutemov" CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "Theodore Ts'o" , "Jason A. Donenfeld" , Kuppuswamy Sathyanarayanan , Elena Reshetova , Jun Nakajima , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [RFC] Randomness on confidential computing platforms User-Agent: K-9 Mail for Android In-Reply-To: <3a37eae3-9d3c-420c-a1c7-2d14f6982774@intel.com> References: <20240126134230.1166943-1-kirill.shutemov@linux.intel.com> <276aaeee-cb01-47d3-a3bf-f8fa2e59016c@intel.com> <3a37eae3-9d3c-420c-a1c7-2d14f6982774@intel.com> Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On January 29, 2024 1:04:23 PM PST, Dave Hansen = wrote: >On 1/29/24 12:26, Kirill A=2E Shutemov wrote: >>>> Do we care? >>> I want to make sure I understand the scenario: >>> >>> 1=2E We're running in a guest under TDX (or SEV-SNP) >>> 2=2E The VMM (or somebody) is attacking the guest by eating all the >>> hardware entropy and RDRAND is effectively busted >>> 3=2E Assuming kernel-based panic_on_warn and WARN_ON() rdrand_long() >>> failure, that rdrand_long() never gets called=2E >> Never gets called during attack=2E It can be used before and after=2E >>=20 >>> 4=2E Userspace is using RDRAND output in some critical place like key >>> generation and is not checking it for failure, nor mixing it with >>> entropy from any other source >>> 5=2E Userspace uses the failed RDRAND output to generate a key >>> 6=2E Someone exploits the horrible key >>> >>> Is that it? >> Yes=2E > >Is there something that fundamentally makes this a VMM vs=2E TDX guest >problem? If a malicious VMM can exhaust RDRAND, why can't malicious >userspace do the same? > >Let's assume buggy userspace exists=2E Is that userspace *uniquely* >exposed to a naughty VMM or is that VMM just added to the list of things >that can attack buggy userspace? The concern, I believe, is that a TDX guest is vulnerable as a *victim*, e= specially if the OS is being malicious=2E However, as you say a malicious user space including a conventional VM cou= ld try to use it to attack another=2E The only thing we can do in the kerne= l about that is to be resilient=2E Note that there is an option to the kernel to suspend boot until enough en= tropy has been gathered that predicting the output of the entropy pool in t= he kernel ought to be equivalent to breaking AES (in which case we have far= worse problems=2E) To harden the VM case in general perhaps we should cons= ider RDRAND to have zero entropy credit when used as a fallback for RDSEED= =2E