Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp1052697rdb; Tue, 30 Jan 2024 06:44:18 -0800 (PST) X-Google-Smtp-Source: AGHT+IFpOX6Ek2SciyI7iKtB0IksIDrlJ29hDGtxB/XuZxGomZ24de6DxJbIw2gNFEV3GKRrfjKF X-Received: by 2002:a05:6a00:4e4b:b0:6d9:999b:3785 with SMTP id gu11-20020a056a004e4b00b006d9999b3785mr4195280pfb.30.1706625857663; Tue, 30 Jan 2024 06:44:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706625857; cv=pass; d=google.com; s=arc-20160816; b=Midc6RMZyK844X+5kIXisEkNM9c0Xw4kuE+Z3VyqA7WSpkH6BTe/c/rrnfUYOB3aDt ERmd9u2+qt+P56K+QRqwMSv4a5CrhQdsriR5m6z/m17qAE3nlBEHumJfoo+B8jpZUs6O DxKL/pcPwr8QFbE+3o6myd5npVEIgCuLV4jkH0/7B/u63HwVkJHBHNSMcPoMrB1KWK5n 2SOfIkShBDJk7F9+rGMylDtLYsHTFy1rrj6C2IUke4AiQu7HaLvcYwwsD5J5RS2/iwz1 fdWJL0DkaDJ2w3fAWT00Sx3huLFPnGP/kTyrFQ8GCC7gcDrf4yMkA0BWUbYkXRkK98Sw BbEw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:in-reply-to:content-disposition:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:references :reply-to:message-id:subject:cc:to:from:date:dkim-signature; bh=jRW+7BPDkpJOfSPsAAPyhv359GDriIgfSBM3vPDMKM4=; fh=lXEvTjmCI3VJG7OeArHlJaTrqrYQd+GJXN1FBjAK/EQ=; b=x0/hnYHbaBPfEu2Iey8cycAIQ+D2IbddZpshBcVIdnLdoYSWr53VIpk03kz2D5i3kd vikNqE784TcbMRIafjhRBHOwYwdvYOlE4GBFVunyJkH3E818l6UwFBgTP2XQ+bfbDvFw TQtcznn+s6TcNwmw83dfCQ2rYtE6/Y80wNJEwE0wU1hav0OtdLcgIWJcTto7wcuxRtBP vgz7N4P8i7ULlZPvZ562etfN0ZcbrbLFzyIp5gFxl/4Q40Z2hrNujNEgaaCVxWEZ50V4 w/kTwhE+9bB04a5HpVyLxB3olHgbGHwaKci6zo2O0MBWkgVQcilMn7tWEUaa+0kinJ/T g4oA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FpP07AUB; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-44765-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-44765-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id ei32-20020a056a0080e000b006dd86cca0e4si7557868pfb.389.2024.01.30.06.44.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jan 2024 06:44:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-44765-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FpP07AUB; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-44765-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-44765-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id B9E612887DE for ; Tue, 30 Jan 2024 14:43:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9E1A47C0B9; Tue, 30 Jan 2024 14:43:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="FpP07AUB" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0B86C846B for ; Tue, 30 Jan 2024 14:43:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706625811; cv=none; b=JuGtalHhS/VnZXdpm8fTYcLCO3xPMeoBQI9uoeKzjeEUglp8HMpzmkXSSi4WTULaSqD3iNOPNUjkC/dHUU/+mDI7zNDkoRQJpcJJCBpY9Bkp9Ic/ICnPAalSAOOYQLGTgKKB1I7Htc8zSGCo3UARcto6vv+gq77AVIUD/sVSIgQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706625811; c=relaxed/simple; bh=/5SL87WwijxzN6C1Ml+S3tPaPqexhCvXWCZXZXhoHiY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=t3V8CjdEyDrYcYLtsvup+O8BGU7eJx+Wen/4J/R4V9xLEa9irQTSh2HiWzmaNR9/BRc4iS5Db+KvVRCdIw/j//kVJfvxBZOUa14YqErvFEWJjhb6K5hSymZPdjKC2vSamGzDFV91B8jv5/ZzMwRnWJvq0uiJlIuvzNi2Zl9tFwM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=FpP07AUB; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706625808; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references; bh=jRW+7BPDkpJOfSPsAAPyhv359GDriIgfSBM3vPDMKM4=; b=FpP07AUBh2CO7zF5bqa2ciVEjUvO0pJsVruGKl3ct2wZyIaoJb+fxrEykCc4Lxi96Hp0hD qSgLKy+nDSwVavbvvSKw0miKcva9a1SeyuiJj5lFAv98eN8r55DQJ/zWcNGJsNz4b6AWY9 bS584dX9QlCnAWZLCo4O40OXytCAFqY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-436-EpcxHYDJM0uAtLf6ZZO_-g-1; Tue, 30 Jan 2024 09:43:25 -0500 X-MC-Unique: EpcxHYDJM0uAtLf6ZZO_-g-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 76C2384AE41; Tue, 30 Jan 2024 14:43:24 +0000 (UTC) Received: from redhat.com (unknown [10.42.28.52]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 18D4440C122E; Tue, 30 Jan 2024 14:43:21 +0000 (UTC) Date: Tue, 30 Jan 2024 14:43:19 +0000 From: Daniel =?utf-8?B?UC4gQmVycmFuZ8Op?= To: "Jason A. Donenfeld" Cc: "Reshetova, Elena" , "Kirill A. Shutemov" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , "x86@kernel.org" , Theodore Ts'o , Kuppuswamy Sathyanarayanan , "Nakajima, Jun" , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH 1/2] x86/random: Retry on RDSEED failure Message-ID: Reply-To: Daniel =?utf-8?B?UC4gQmVycmFuZ8Op?= References: <20240130083007.1876787-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/2.2.12 (2023-09-09) X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.2 On Tue, Jan 30, 2024 at 03:06:14PM +0100, Jason A. Donenfeld wrote: > Is that an accurate summary? If it is, then the actual problem is that > the hardware provided to solve this problem doesn't actually solve it > that well, so we're caught deciding between guest-guest DoS (some > other guest on the system uses all RDRAND resources) and cryptographic > failure because of a malicious host creating a deterministic > environment. In a CoCo VM environment, a guest DoS is not a unique threat scenario, as it is unrelated to confidentiality. Ensuring fair subdivision of resources between competeing guests is just a general VM threat. There are many easy ways a host admin can stop a guest making computational progress. Simply not scheduling the guest vCPU threads is one. CoCo doesn't try to solve this problem. Preserving confidentiality is the primary aim of CoCo. IOW, if the guest boot is stalled because the kernel is spinning waiting on RDRAND to return data, that's fine. If the kernel panics after "n" RDRAND failures in a row that's fine too. They are both just yet another DoS scenario. If the kernel ignores the RDRAND failure and lets it boot with degraded RNG state there were susceptible to attacks, that would not be OK for CoCo. > But I have two questions: > > 1) Is this CoCo VM stuff even real? Is protecting guests from hosts > actually possible in the end? Is anybody doing this? I assume they > are, so maybe ignore this question, but I would like to register my > gut feeling that on the Intel platform this seems like an endless > whack-a-mole problem like SGX. It is real, but it is also not perfect. I expect it /will/ be an endless whack-a-mole problem though. None the less, it is a significant layer of defence, as compared to traditional VMs where the guest RAM is nothing more than a 'cat' command away from host admin exposure. > 2) Can a malicious host *actually* create a fully deterministic > environment? One that'll produce the same timing for the jitter > entropy creation, and all the other timers and interrupts and things? > I imagine the attestation part of CoCo means these VMs need to run on > real Intel silicon and so it can't be single stepped in TCG or > something, right? So is this problem actually a real one? And to what > degree? Any good experimental research on this? > > Either way, if you're convinced RDRAND is the *only* way here, adding > a `WARN_ON(is_in_early_boot)` to the RDRAND (but not RDSEED) failure > path seems a fairly lightweight bandaid. I just wonder if the hardware > people could come up with something more reliable that we wouldn't > have to agonize over in the kernel. If RDRAND failure is more of a theoretical problem than a practical real world problem, I'd be inclined to just let the kernel loop on RDRAND failure until it suceeds, with a WARN after 'n' iterations to aid diagnosis of the stall in the unlikely even it did hit. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|