Received: by 2002:a05:7412:3b8b:b0:fc:a2b0:25d7 with SMTP id nd11csp2561963rdb; Mon, 12 Feb 2024 08:40:26 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXdcC/JBrtuZ/huVSl5a9ocm1eUsuIrl9vyByYP+Nu0dFPgM2xaR3C3MMtjAASVbwU6fXz4xFgv8FTEupp84mnIag7WRQ7SU8wz9CO0SA== X-Google-Smtp-Source: AGHT+IEUKunFhtRfSxjaecd12wH57lC+ludWd/G0pVusi6nMjNhNMZEuLGuIGaDPOS3Ij5f2FGQG X-Received: by 2002:ae9:e608:0:b0:785:635b:ac2b with SMTP id z8-20020ae9e608000000b00785635bac2bmr7989879qkf.32.1707756026750; Mon, 12 Feb 2024 08:40:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707756026; cv=pass; d=google.com; s=arc-20160816; b=hm1mH5m498sry8sL7X540VrM3d5e3zmTl4f86nzy9JxUKz4ezTfF9RSu5P+T21zC6S e1ebE+aD0KMG4POaD0FbF02enEhh4voDiIBItCsLGEd+VTycfzjBR1d/9fO1MdNjgpSy T3Q3TWRcoQEFVqkKB0WkITCHAdPoZpF5psdeeKOXMflnlDnDEBaofenfEsQpePb3GEjf b5A8p5q7ERzv7KYGZwJSRbWwrxt0ZDxkOrDtFM7rgidvgfiu+5CIIhoTeMLcTViF3tDV DsgtQZI96VFYeOZUYjK6ptqzMJXu4oQPrSGcEEs/ZuV3o+pBpYfDTjt20o6o/wbirC2/ D7Lw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=dQeklz7XleQ5cWK9tnOkGna6cm/Ji39W7G3AvRTDy+0=; fh=w+cJtGRB5Xjd1KlqwHLi+gqigudvXFU/INqiJ5HpQbE=; b=nTqAL6/hbLF3rgIyotoBGICj4BE1EpK8I8qnEL/mn4GJQHOypyHGgPVlnbp8kXS85R TnzVJsc9dgvp6QzdN2dSpaXsLTudPoQeuO/Oz1CqukP6NwkhaSPGY00RHfHLcwqUJClA DSaaRhQoA+9shDH5CGVSMJX6YqeLmwuzHuPzccd98EDR8e3pDifA+gxn0UurJGvWyITX npWHBO6PpKqGWJeuZfp4V6ey9dJlJPUHDr2/cIK90Fug4UypAlqfDMW1breiVF/lNxAR eN58VC5ZqdOSrV5Ca+50gGd5Ri2Qw/madTiL3KUhUETx4UDvNbVxZQ0hsn5z/pChEO8w 9/Yg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@mit.edu header.s=outgoing header.b=fVDCymGL; arc=pass (i=1 spf=pass spfdomain=mit.edu dkim=pass dkdomain=mit.edu dmarc=pass fromdomain=mit.edu); spf=pass (google.com: domain of linux-kernel+bounces-61989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-61989-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mit.edu X-Forwarded-Encrypted: i=2; AJvYcCWAkP76NRPGBIPr/N/roNfrPxJGePcNaWDvTcF0faFxXrUm82QRf0KHr3DgBtMXPD7Tr+sF0JCI5M0hgAx3otGN3fz9gnaaORow3Gz3Wg== Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id x8-20020a05620a098800b00785da4b0aefsi1503500qkx.776.2024.02.12.08.40.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Feb 2024 08:40:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-61989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@mit.edu header.s=outgoing header.b=fVDCymGL; arc=pass (i=1 spf=pass spfdomain=mit.edu dkim=pass dkdomain=mit.edu dmarc=pass fromdomain=mit.edu); spf=pass (google.com: domain of linux-kernel+bounces-61989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-61989-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mit.edu Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 801821C2033F for ; Mon, 12 Feb 2024 16:40:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 945524597F; Mon, 12 Feb 2024 16:33:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mit.edu header.i=@mit.edu header.b="fVDCymGL" Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1BC5D3D566 for ; Mon, 12 Feb 2024 16:33:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=18.9.28.11 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707755611; cv=none; b=KLoXTOX0/hq9vhzrOcnnxxUBeTrr7dRl/vAeCBtoTX0BsQnwAo72hElI+F1Z1U2gvPp/aZ33daM+xgy/zBaRvIMlzbiPsrcpoBI43THLxdFIsoZrnfTkF3stRX1e6sA/G410xQrfuAAtlAffJurWOZ6fmxOMAPi6gs2SMrPv+AM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707755611; c=relaxed/simple; bh=y0rQ7md8dSpziIPwq351580LwTvSO5cMAtMGhD2sD4s=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=D+xb/ON1eqV7XRHzdp0CRiX9MiyIRaD+hDoL9fGtj72XKNUioUjRB35wiAKfv1QfC21pf9jPf8+u44oZx8phEDYAv9I5hHOeYmbsGiAzWXiBYg/fYWyxLZ6tdbrCvj0dLGSfrOWWaxICpAurOiQNambLhUa3q5s+VHTuvm+s0tc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mit.edu; spf=pass smtp.mailfrom=mit.edu; dkim=pass (2048-bit key) header.d=mit.edu header.i=@mit.edu header.b=fVDCymGL; arc=none smtp.client-ip=18.9.28.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mit.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=mit.edu Received: from cwcc.thunk.org (pool-173-48-116-68.bstnma.fios.verizon.net [173.48.116.68]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 41CGWaFt017659 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Feb 2024 11:32:38 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1707755561; bh=dQeklz7XleQ5cWK9tnOkGna6cm/Ji39W7G3AvRTDy+0=; h=Date:From:Subject:Message-ID:MIME-Version:Content-Type; b=fVDCymGL76+YwEh2v7DrscPA0mjbKOyrxO+8OGo8720Uh6qpG0+FptkkJpErxIjyn Tn5RtmfOwKe7Syq6ViHb+qspjyXAs205iKkzHMuknxsLRyqum9TeBkC+L0LnLm+Zx0 u6BpKwUp7xWfJr88EdcKc2I5jZmapwhEyaJ+GDYD2BEknlveGK4LRZb40EqZSvf30r rmIcE0anqTRcMy0n5kml8jBH4JMCqtduNnKMqhmq1O3lT4pU0NBmB7tsI5RaYfOpVC L68FGPizpap9TJ09qTbaO1YgsH7F0j+zmOtqrtZBhl7YT9q+aodYiaLbpzjAMNQhtw tQVB0X3ep/7Vw== Received: by cwcc.thunk.org (Postfix, from userid 15806) id BEA7915C0336; Mon, 12 Feb 2024 11:32:36 -0500 (EST) Date: Mon, 12 Feb 2024 11:32:36 -0500 From: "Theodore Ts'o" To: "Reshetova, Elena" Cc: "Jason A. Donenfeld" , "Kirill A. Shutemov" , "H. Peter Anvin" , Dave Hansen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "x86@kernel.org" , Kuppuswamy Sathyanarayanan , "Nakajima, Jun" , Tom Lendacky , "Kalra, Ashish" , Sean Christopherson , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH 1/2] x86/random: Retry on RDSEED failure Message-ID: <20240212163236.GA444708@mit.edu> References: <20240131171042.GA2371371@mit.edu> <20240201045710.GD2356784@mit.edu> <20240202153927.GA119530@mit.edu> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: On Mon, Feb 12, 2024 at 08:25:33AM +0000, Reshetova, Elena wrote: > What if we instead of doing some special treatment on rdrand/seed, we > try to fix the underneath problem of Linux RNG not supporting CoCo threat > model. Linux RNG has almost set in stone definition of what sources contribute > entropy and what don’t (with some additional flexibility with flags like trust_cpu). > This works well for the current fixed threat model, but doesn’t work for > CoCo because some sources are suddenly not trusted anymore to contribute > entropy. However, some are still trusted and that is not just rdrand/rdseed, > but we would also trust add_hwgenerator_randomness (given that we use > TEE IO device here or have a way to get this input securely). So, even in > theoretical scenario that both rdrand/rdseed is broken (let's say HW failure), > a Linux RNG can actually boot securely in the guest if we have enough > entropy from add_hwgenerator_randomness. So the problem with this is that there is now way we can authenticate the hardware RNG. For example, the hypervisor could claim that there is a ChaosKey USB key attached, and at the moment, unlike all other hardware random number generators, the Linux kernel is configured to blindly trust the ChaosKey because it was designed by Keith Packard and Bdale Garbee, and "It Must Be Good". But the only way that we know that it is a ChaosKey is by its USB major and minor id numbers --- and a malicious hypervisor could fake up such a device. And of course, that's not unique to the hypervisor --- someone could create a hardware USB key that claimed to be a ChaosKey, but which generated a fixed sequence, say 3,1,4,1,5,9,2,6,... and it would pass most RNG quality checkers, since it's obviously not a repeated sequence of digits, so the mandated FIPS required check would give it a thumbs up. And it doesn't have to be a faked ChaosKey device; a hypervisor could claim that there is a virtual TPM with its hardware random number generator, but it's also gimmicked to always give the same fixed sequence, and there's no way the guest OS could know otherwise. Hence, for the unique requirements of Confidential Compute, I'm afraid it's RDRAND/RSEED or bust.... - Ted