Received: by 2002:a05:7412:3b8b:b0:fc:a2b0:25d7 with SMTP id nd11csp1407132rdb; Sat, 10 Feb 2024 00:15:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IFAKw73D38UFLiOWdmBOE394QQG1h0ioF41gfXjMFzeZUMP0YXZRvFpcYG5LOXgzjueQ/ao X-Received: by 2002:a05:6a00:3c93:b0:6e0:535f:b72e with SMTP id lm19-20020a056a003c9300b006e0535fb72emr2090523pfb.34.1707552910166; Sat, 10 Feb 2024 00:15:10 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707552910; cv=pass; d=google.com; s=arc-20160816; b=BZTvByA+yP3WcLIYcpebF8oWtZGAE8dvINFNmoQS63YuaLkVpquMNskHbo/lh54TK4 itsVREUcB3mGhIMTNQo19yAOVqXIZWB/nSwPfTVbkIeXZdvQcAakIFPMKBywjaU9A7pF chn9QVWc/Wo6CaUzC6mqdN7aCZfZsxw2u19aa9XgkHRLh5gDiwOx/BKsk9X6csomrUo5 cdduZAMdHQ4IwHUgBe6aZJLGtGhlOmsZo0lzVVO1yYIUHdwzkQATIewHauXPDv5zzM5d 2CUN8EbSEm0lPfVCyPUed8oZ1gFUx1JNDZw+SHoMLNXyR3okKJLUVtjWub/6h/wu/gXd B7Vw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=R3kPmUQA57JnyAoUuhOvU7VRZGZZCH6yX6rcCYhnwYU=; fh=JVxSltS5UONiS2E5WaNG+SZmxvdh8oKDx2+yC2NGl7w=; b=ESZ9S2SNGWScVwlTl9m9LUGru8a5a9wupuA0q8/OhL0XJ6+pwUl2EzQVir5Xv53z/z OQfW4nZFuQCRcFZFCAugVSLv/XLTWECUj+/Fv1qjx1Q7nqchWGw86+LQS5rGAF66HhK4 XN7isqIGYH1+zHKy8OciWjLwD7UWEbnKPjsV+Vm6hm5wclAHt+uyxHBCeU/9tz9mn+f4 eT75CZtCeWuJVhkPKJKRP28vjMxy/gcecVc+7O9ER0XQiyzFilJD90hcsG9xh07QnSmB ul1R/8e0TswiCgZozl84w9Km/0BNsDunBzdVlQp/c1zGdzIY7RYMvDaGYja/det4w19R db1g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=IPOvzjMa; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-60284-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-60284-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Forwarded-Encrypted: i=2; AJvYcCXHokfnSauBRlGK3AIZFfuBgXxNpfItae9zIHQkQQhXVwuCZa41SxY8PKqJrvvYcX2p2+h6kajlwBmz/wPPjLaFZHTiebIkhEpc2lLwAw== Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id b19-20020a656693000000b005dc10f2a143si3120743pgw.124.2024.02.10.00.15.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Feb 2024 00:15:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-60284-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=IPOvzjMa; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-60284-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-60284-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id F2D6FB20A5F for ; Sat, 10 Feb 2024 05:09:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A775D1079B; Sat, 10 Feb 2024 05:09:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="IPOvzjMa" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 230205663 for ; Sat, 10 Feb 2024 05:09:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.8 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707541756; cv=none; b=dCRoHL9CyxupaCEDIYUdeiasYUMCxrVrcebqaH8v39S8fJ/JqodM0wS1j3zJ38v0HF7kJ6+euK0zAjjGbwGH8nsqcqDo2ObqoUAhDKYrptNRqApSaPXKxTFzwAFqU5Xu6nCPqs3VE2jsMvzRRQSoqb2gSGxeYeM6etCiwTmKMgs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707541756; c=relaxed/simple; bh=oMjZX/6/DadS/gsZQQTpMkvmtQ/1QCEs0FNmijd4Rhs=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=grYVPvfrM5Ezo+BJZB6rBrc3Ath7a4KYaSxKkrQyegfoo8Fhl7f8xwYojlDd7uF5W6vCXkQ7/sjV+fq7aXEFpbmApXOaTk20FNYn9dQ0psF9vptoTgaUDqokbv4oLenZgRLgadzTfdRs0B2AkRwtHcisBzzwCTaPR6he3uKF6xM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=IPOvzjMa; arc=none smtp.client-ip=192.198.163.8 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1707541755; x=1739077755; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=oMjZX/6/DadS/gsZQQTpMkvmtQ/1QCEs0FNmijd4Rhs=; b=IPOvzjMaFsFremGHlUDnYE4mLpJ+pN6DkERxmOI9II+NF3ollgIl0FIg DUWeEwWMwt0GY4hrO9iW6B9aHrfP/ADX5eSK0ST+X4LnC8f58Vt+zuY3c PPhSlxaXAIV2F6ac43ky9dZ7d1ULOpby6jFau79u1Og161ajWnhVXZ1Ye c/ghGOIAwGMcoP+pXAPSoPEzpa7yjOi7HumO+EpYs69G0+y8y38lQDsU2 e9A9mPrWYPcO/+2Qlurg/K1grslp9giddUeEDybXNwCsWnQOftB7tDpC9 FFu+U7/2+vYOIg/NrFPstgBlZT3WHiYmhRrdNHevF5ba9ctc+/5iyhfdk A==; X-IronPort-AV: E=McAfee;i="6600,9927,10979"; a="19048176" X-IronPort-AV: E=Sophos;i="6.05,258,1701158400"; d="scan'208";a="19048176" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Feb 2024 21:09:14 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,258,1701158400"; d="scan'208";a="6764203" Received: from tassilo.jf.intel.com (HELO tassilo) ([10.54.38.190]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Feb 2024 21:09:14 -0800 Date: Fri, 9 Feb 2024 21:09:12 -0800 From: Andi Kleen To: "Jason A. Donenfeld" Cc: x86@kernel.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, Borislav Petkov , Daniel P =?iso-8859-1?Q?=2E_Berrang=E9?= , Dave Hansen , Elena Reshetova , "H . Peter Anvin" , Ingo Molnar , "Kirill A . Shutemov" , Theodore Ts'o , Thomas Gleixner Subject: Re: [PATCH] x86/coco: Require seeding RNG with RDRAND on CoCo systems Message-ID: References: <20240209164946.4164052-1-Jason@zx2c4.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240209164946.4164052-1-Jason@zx2c4.com> > + for (i = 0; i < ARRAY_SIZE(rng_seed); i += longs) { > + longs = arch_get_random_longs(&rng_seed[i], ARRAY_SIZE(rng_seed) - i); > + > + /* > + * A zero return value means that the guest is under attack, > + * the hardware is broken, or some other mishap has occurred > + * that means the RNG cannot be properly rng_seeded, which also > + * likely means most crypto inside of the CoCo instance will be > + * broken, defeating the purpose of CoCo in the first place. So > + * just panic here because it's absolutely unsafe to continue > + * executing. > + */ > + BUG_ON(longs == 0); BUG_ON doesn't necessarily panic. If you want panic, use panic. -Andi