Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp1217834rdb; Tue, 30 Jan 2024 11:16:47 -0800 (PST) X-Google-Smtp-Source: AGHT+IEv60Y7ZG36jUZDWulZa9MuKTToJ3IMpb/IpNH5rezYkePx2BLE6rspVff/+r4es8cFICDu X-Received: by 2002:a2e:aa28:0:b0:2cf:1d05:aa93 with SMTP id bf40-20020a2eaa28000000b002cf1d05aa93mr5861856ljb.1.1706642207416; Tue, 30 Jan 2024 11:16:47 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706642207; cv=pass; d=google.com; s=arc-20160816; b=kQSalAR4pZ7iYJ9Jsx8cngOd7k3yxINLTbO1RWDbQIP8uoPZ3uUthvBKRDuhYIMZBb p64QILAzMGRLbnatqbGbLbjN+Bg+ZnIZad7JNJ0J+fhRsojM15AdN5p4NuQsXkqDNiAR xVNhiCZ1Z1Nume5KTNepPNyR2qphMDac3+0GBhqJB1uybKkBLO4DhcQGO0pNjSDU+bNy rIVNJfPCzvDBUUa8wrXHEph74uiz433Ns3jyI0F3bKI4984VLyLmE02UjHkojy55QGFy VLHxZrhZCtyaYJGp7PY/NvWuhfglLSJDesJWthCGd2ALULNBaSrF38V4YQhAYhHeoYx5 RFFw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=FOGTgz8QyzT/ZF/Z5hhIwI5EdOmk9zDiwfNKjfkeYko=; fh=4CNubadS72mO/La+cWKYUqRVacXKh6yn4n5IQzylqWY=; b=bLJ9prdK/+nB5Z5ZPNcTHOwUOrSRN4mZydE+PUHF4Vr8+fGIX5x++euTLQ/CkhoufD xvGRuLBKkWS7p4z1+WU8zwQImNKrvBzfbyWJJB9O9omnHD6NQSZhT9FmTlTWZtfbX1mW VBq+pg/1WjC/ngZNqT6bf6Qj846esu3US0mkwQMtRDixsbEuAZP7mz6VyiB4P8cF6oib 7N3PQjyEQxIEj/7HuDTNARSm8kqeJWUNwKa+l3SyHdxb5kWRDeWfgbk07jCkc7e9tARI PD+oFgGGY+W39HP4GsdRw4Fq+Xb7kD/U3qKHZ5guW6X3TLLrFusraZujBtOMGaBlfHR2 R/+A== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="O8Jl/AK7"; arc=pass (i=1 dkim=pass dkdomain=zx2c4.com); spf=pass (google.com: domain of linux-kernel+bounces-45176-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45176-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id g19-20020a056402091300b0055efb68dce2si2380489edz.175.2024.01.30.11.16.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jan 2024 11:16:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-45176-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="O8Jl/AK7"; arc=pass (i=1 dkim=pass dkdomain=zx2c4.com); spf=pass (google.com: domain of linux-kernel+bounces-45176-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45176-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id DA3491F25192 for ; Tue, 30 Jan 2024 19:16:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BC8FA7AE5A; Tue, 30 Jan 2024 19:16:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="O8Jl/AK7" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BFC187AE4E for ; Tue, 30 Jan 2024 19:16:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706642197; cv=none; b=QuN3tSkbyFfXr6Q14kgjDu9GqtmQw6+sRQBs8UrUxWe4eg8NCrRXqib0wFXIcACDh4eOLTOe/+/dAjfuqlgLMZQAQbEYlrfQvlNWbmfYnBznWHJzmpIKXUiYhVl3Scjgz2JWL1I1F5rChTv1Ds0FgJMvFc9FFyXCwGjtX9wQPfU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706642197; c=relaxed/simple; bh=FOGTgz8QyzT/ZF/Z5hhIwI5EdOmk9zDiwfNKjfkeYko=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=tDjEB8gqKfW0f01GeI4hYNNIy7Kcocq2myfhdPV/U8iQ3969BmHeaGIX/HsvC7IfV63yfkL7CN+ls2wDE7J5ae6l0WVCDv3xMP/erl1jCmZ9qVj8GxJeFdyjw71P6rnSl0sACkIw6L11TbR0Uly3qOEL3f4B5xyN5+a9bgNVKbk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b=O8Jl/AK7; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 144C6C433F1 for ; Tue, 30 Jan 2024 19:16:37 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="O8Jl/AK7" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1706642194; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FOGTgz8QyzT/ZF/Z5hhIwI5EdOmk9zDiwfNKjfkeYko=; b=O8Jl/AK71u43fIHtRXabN02FyvK28GDp5NHnbg4eCl9plX6aNgmSACa2ZgLUhrcyyaIzTy 3wOoIYp5k3RqcW8QDAcp9/r9N9BINxD9/VkTeiYp5ELh3Lh0RCLzoH2WqmGGD/QDCo2nwM sru9NONxcP2xKTSnCjtCaPafJHHF8bA= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 5e5bfacf (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Tue, 30 Jan 2024 19:16:33 +0000 (UTC) Received: by mail-yb1-f177.google.com with SMTP id 3f1490d57ef6-dc238cb1b17so4666737276.0 for ; Tue, 30 Jan 2024 11:16:32 -0800 (PST) X-Gm-Message-State: AOJu0YxAfEeS+yJUYlZVwrVfnI3D/7OCVN5R4j1QO2x0LMcFuLnDDb4f u/EJCcKQy6suGfsPdONznOp1lmNzTfO82jVNuKte1BByL2VGju1DcRb9AkjDGNAxdmNkvYdr9Bs 6rCCwAJe5B/EGw2OGcJ5AHfYJo0w= X-Received: by 2002:a05:6902:1022:b0:dc2:3f75:1f79 with SMTP id x2-20020a056902102200b00dc23f751f79mr6364693ybt.23.1706642191426; Tue, 30 Jan 2024 11:16:31 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240130083007.1876787-1-kirill.shutemov@linux.intel.com> In-Reply-To: From: "Jason A. Donenfeld" Date: Tue, 30 Jan 2024 20:16:20 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/2] x86/random: Retry on RDSEED failure To: "Reshetova, Elena" Cc: "Kirill A. Shutemov" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , "x86@kernel.org" , "Theodore Ts'o" , Kuppuswamy Sathyanarayanan , "Nakajima, Jun" , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Elena, On Tue, Jan 30, 2024 at 8:06=E2=80=AFPM Reshetova, Elena wrote: > Yes, sorry, I am just behind answering this thread and it is getting late= here. > This is exactly what I would like to have an open discussion about > with inputs from everyone. > We have to remember that it is not only about host 'producing' > a fully deterministic environment, but also about host being able to > *observe* the entropy input. So the more precise question to ask is > how much can a host observe? Right, observation is just as relevant. > My personal understanding is that host can > observe all guest interrupts and their timings, including APIC timer inte= rrupts > (and IPIs), so what is actually left for the guest as unobservable entrop= y > input? Check out try_to_generate_entropy() and random_get_entropy(), for example. How observable is RDTSC? Other HPTs? > > > I imagine the attestation part of CoCo means these VMs need to run on > > > real Intel silicon and so it can't be single stepped in TCG or > > > something, right? > > Yes, there is an attestation of a confidential VM and some protections in= place > that helps against single-stepping attacks. But I am not sure how this is= relevant > for this, could you please clarify? I was just thinking that if this didn't require genuine Intel hardware with prebaked keys in it that you could emulate a CPU and all its peripherals and ram with defined latencies and such, and run the VM in a very straightforwardly deterministic environment, because nothing would be real. But if this does have to hit metal somewhere, then there's some possibility you at least interact with some hard-to-model physical hardware. Jason