Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp649197rdb; Mon, 29 Jan 2024 13:44:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IE1LohIXZGAq/zNQTxvI/xcSDliGW8XQ7PT1Rr0Rcq47uLje8PJK7xuQtoPIY7rN1ic1V3X X-Received: by 2002:a05:622a:1b07:b0:42a:b059:d8c6 with SMTP id bb7-20020a05622a1b0700b0042ab059d8c6mr1297220qtb.20.1706564688109; Mon, 29 Jan 2024 13:44:48 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706564688; cv=pass; d=google.com; s=arc-20160816; b=lCBw/XzigaaXqvMtgcohwWkQ/wWxogHw91CY43XP1yz12XLgttYzJYNvqd9ZstZVXd WPT0AOEBMcAQQQgEQYysO0qVz6Qg0ct9jB+PcM2haGCqCMtAWaRkUHrrVwfT0kH/w4bT l5SMXzZ/qTsEtZtkII1r1oYnf+dPBNF/ZrHlN5soZ6IqUNP4yanWlGHADV1aIqWjNVS1 n1M4W80rMTTc7kX0IE0Weu4cJkmNEj+pdWPMywa3Z14p2pfsLWhKMdjFQwGat/L/qqlG 8T/GAeixzTNsBRtL4AJYJO5gwPnXkzt+mNllQvJ1bzPfbS6EKlIX8mZgx/63pOdT6Rgk giIQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=jtc1HHNMO3+CH0fG+goF9MspPtLTjlLgp3KrHucRwJk=; fh=c1v2G0upyKdVtpPQh2u8PgSo7ZatkVmEfC/ZjKq8i/s=; b=oaK2sgqL6+tIDaGBFJYBW0LMNe+ujE1xCyabwiDjSshB7Z7jTqC2NuVeT8Q56zGu3o 8lri1KKuw16GAJbXdFiLAAzlVmTUQUL+dL88UVNV7nBn/wZUG5ZH2H9C8w5qXWqnlW/H XDPdW/qa1FWP7LuKIg01SSZ0AQO9EqJtYE7LcBdmFv3vhqS8wx5oWwUlq2Y9cPsL0nua fHha02hhCQU7LVyCRmDDH7Gl4aIHkjfqUHE3pkzvtiUw+PNyjCQqGQ25lRkJ3tmfTJmJ FIbuAFYEjFOxqcv/viXTHIJgeWriH4XCkTXSCbLVXC++3c53KWd8ihH8sg1k28+R5tab IhMQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Y+m9Vxh+; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-43533-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43533-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id d1-20020ac85ac1000000b0042a69a886f0si8646280qtd.540.2024.01.29.13.44.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 13:44:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-43533-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Y+m9Vxh+; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-43533-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43533-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D99921C2309A for ; Mon, 29 Jan 2024 21:44:47 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7BB41158D64; Mon, 29 Jan 2024 21:44:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Y+m9Vxh+" Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 478AB152DFC for ; Mon, 29 Jan 2024 21:44:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=134.134.136.65 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706564680; cv=none; b=E9J6XibKSuqjw8z4Sb2HKUhFyzzwmL6TLt31PwJeEjfLGiq3sMWIhjbVmxAYdFYIfmumR0uWKSCWArWlPS14CaEZK8u9QGPI9hiGGXh2w3hINXCKNufqjsupcMZaEb0QKAgaLdoMBGrgiD6W8REF4nkMEbOI34Jruk1VXPBkcj8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706564680; c=relaxed/simple; bh=ZPrtIDYwdeoYrKa8v/Jr8d+FvYQ17cyId6EuVFn8HZE=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ekocKXsB/9hpRh5CD/jatQ86b0zhyWHJB6kjYSJurjmuH4WPbvNH+Oz/50ucviZJ7i1HBl28A+57jwI4mvB3T357Q+8pMpsioqGHMGFhThZRpRU+ke06f5Y19GLx/tEBuaCJchYML1Qq50k7Q5Z7xBKHAC2Zm0+pB2fZSuCfi7s= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Y+m9Vxh+; arc=none smtp.client-ip=134.134.136.65 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706564679; x=1738100679; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=ZPrtIDYwdeoYrKa8v/Jr8d+FvYQ17cyId6EuVFn8HZE=; b=Y+m9Vxh+CqkX7zSO1nhnxw6t633vUDOup+R91noXxKBAmXe3wJOsuw1j LR7CWw0Hki1YY8Kz9fAhO+AbpFoLPJnJqTQ7wJ31f5WgoSzve2WltDeeF xfwAtgmNa2dHZ5G20T8wmCv+mWIqqIFRJIlIPF4aYWtgHG/g7sEWfwoqf Bp6FbNsgt1mcXq+ZPFebj4M05xUUd3uve/tBvkrSVgSTCSZjvmU9arnWJ 75XX+FradiCV7pPOI3yXYW05jL7JOLqmdWBV8Zxd0Cy9+BT2Cmv+XS6Vs hXrVono4X7AN65FgLckvHhInyRpuT7ev/2/KipXq1m2TmJqPqd4be/ss4 w==; X-IronPort-AV: E=McAfee;i="6600,9927,10968"; a="406812961" X-IronPort-AV: E=Sophos;i="6.05,227,1701158400"; d="scan'208";a="406812961" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2024 13:44:38 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10968"; a="931225023" X-IronPort-AV: E=Sophos;i="6.05,227,1701158400"; d="scan'208";a="931225023" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 29 Jan 2024 13:44:34 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 654F8FF; Mon, 29 Jan 2024 23:33:00 +0200 (EET) Date: Mon, 29 Jan 2024 23:33:00 +0200 From: "Kirill A. Shutemov" To: Dave Hansen Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , x86@kernel.org, Theodore Ts'o , "Jason A. Donenfeld" , Kuppuswamy Sathyanarayanan , Elena Reshetova , Jun Nakajima , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [RFC] Randomness on confidential computing platforms Message-ID: References: <20240126134230.1166943-1-kirill.shutemov@linux.intel.com> <276aaeee-cb01-47d3-a3bf-f8fa2e59016c@intel.com> <3a37eae3-9d3c-420c-a1c7-2d14f6982774@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3a37eae3-9d3c-420c-a1c7-2d14f6982774@intel.com> On Mon, Jan 29, 2024 at 01:04:23PM -0800, Dave Hansen wrote: > On 1/29/24 12:26, Kirill A. Shutemov wrote: > >>> Do we care? > >> I want to make sure I understand the scenario: > >> > >> 1. We're running in a guest under TDX (or SEV-SNP) > >> 2. The VMM (or somebody) is attacking the guest by eating all the > >> hardware entropy and RDRAND is effectively busted > >> 3. Assuming kernel-based panic_on_warn and WARN_ON() rdrand_long() > >> failure, that rdrand_long() never gets called. > > Never gets called during attack. It can be used before and after. > > > >> 4. Userspace is using RDRAND output in some critical place like key > >> generation and is not checking it for failure, nor mixing it with > >> entropy from any other source > >> 5. Userspace uses the failed RDRAND output to generate a key > >> 6. Someone exploits the horrible key > >> > >> Is that it? > > Yes. > > Is there something that fundamentally makes this a VMM vs. TDX guest > problem? If a malicious VMM can exhaust RDRAND, why can't malicious > userspace do the same? > > Let's assume buggy userspace exists. Is that userspace *uniquely* > exposed to a naughty VMM or is that VMM just added to the list of things > that can attack buggy userspace? This is good question. VMM has control over when a VCPU gets scheduled and on what CPU which gives it tighter control over the target workload. It can make a difference if there's small window for an attack before RDRAND is functional again. Admittedly, I don't find my own argument very convincing :) -- Kiryl Shutsemau / Kirill A. Shutemov