Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp1275735rdb; Fri, 16 Feb 2024 10:17:47 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVVuXRYgtiyXLUjXf62xdjTHU9JUq5Uj+oDnUyzsVTEzBMxI7+bf5PaeoSnnEChx2YGOa7HWmKwIOsd9UQaB3pj1sb02+8MJ/oSURTQrA== X-Google-Smtp-Source: AGHT+IGGkU6jIl9IWE9MsIkcHeW5nMKUUr6tui2su/Wek9T4PWKO0tOkdnM53rJDAcDZm/wzdw6u X-Received: by 2002:a05:6a20:e614:b0:19e:cc0c:dc46 with SMTP id my20-20020a056a20e61400b0019ecc0cdc46mr6295386pzb.37.1708107467167; Fri, 16 Feb 2024 10:17:47 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708107467; cv=pass; d=google.com; s=arc-20160816; b=Bn4WGAUyWKSj762FxUnnhTl1w7TZbK6MAlM/r7ZqgwnZc59BDNX1/3Xneu7kl1U6fA w8g4gZ1AFQqNGNFKdlpbrft+J+jv09t4u0AXwheiE2xL9g/bl0yjge5T+liwqQTOPfai UfKa2na2XXSxnFy1BQE0zuVy/6rpKPUU/ZpbXiJERsS6ZA8IV+OCGbfDMYKa2MRZyZeG T3CZiQYj5J1oRZyf+j34WbFHVAwSPqAd8W1vdRksbDm1/WDcGN6NTKTgUIXzKq2/+gb6 nzd3mW8xZmymjebQj4aKbGoXAbIn/kx6mOT0iMjfzBRxdT1YseCpF86WAfg8D+Lxu8PH ehWQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=BdEnLjURC2vLeF2UylpFIsRnIjYbTIb+a29A4oK+RJ4=; fh=InHYMu2kt0yL8uOLmJZXdyDaskUCsvjIzca2QI8i/s4=; b=Ytcir5gfs0/ELfxiPBcwTRBwK//ANrIg0VK6YE60euSqXQRhSYmnW7RehzpcZ/YUsI 2qSUBEC+mgMy2P/Sv9QFla6imRMlXhIIM2Xkas6hehs0DORG1On+MtD3TVgGMKQvk6uX dPIT4FxFA8Yq7HXcujICJlgJXMtM8FHKbt4CzAFOiyCVXum38MqPjgjezNsTLZNU2+tB GgQymUDv163Ds9rsFcuapfKb3RksAEn/4O/t2eExN6ammuvDO7GWC/3ia750peAtLgqa Uokp5Q/u85tHsyfkCTfI28mmofdUPZZl9WG6/oSJ//p6pdddCbExWBEHHOmXbpS1UJYs Didg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=krim4vH8; arc=pass (i=1 dkim=pass dkdomain=zx2c4.com); spf=pass (google.com: domain of linux-kernel+bounces-69142-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69142-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d185-20020a6336c2000000b005dc34078517si241516pga.538.2024.02.16.10.17.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 10:17:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-69142-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=krim4vH8; arc=pass (i=1 dkim=pass dkdomain=zx2c4.com); spf=pass (google.com: domain of linux-kernel+bounces-69142-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69142-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id D930D2841FE for ; Fri, 16 Feb 2024 18:17:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 77CB81350C7; Fri, 16 Feb 2024 18:17:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="krim4vH8" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7508F12F377 for ; Fri, 16 Feb 2024 18:17:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708107461; cv=none; b=ZTKCmHoHm72KQv07gBPZEimUvLuJmcp96TwBNIHli/fZOXxpCVAxGO+NX9hd1qdlHvaJ9wdc2mNftZg4vsFmx7ZgET0hxbFN6PPr2xWiAnZVEtQp3y2zOAOdUnu93MnbnIesKTBxwv2035uro0d1bE1BvSS7Dt0XJOgyrgfJcz4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708107461; c=relaxed/simple; bh=BdEnLjURC2vLeF2UylpFIsRnIjYbTIb+a29A4oK+RJ4=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=uc3NmTp4Bq+hsVOWpvQBgy9XfjXXzGcarnuad38VZQbglHrXdMq9mGPEYgTOY/H//KPCYggLP+oDHfbjhxSPUvuXPH9HihFNfzA7INaLTtGE1Pfw7Sta4OS+JV1ThCfrvAUmYIvMswJghexQ+Hkq+PIoLOBFxj0hvT8Yr5ZR+5U= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b=krim4vH8; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9DC2EC43394 for ; Fri, 16 Feb 2024 18:17:40 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="krim4vH8" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1708107456; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BdEnLjURC2vLeF2UylpFIsRnIjYbTIb+a29A4oK+RJ4=; b=krim4vH8NfJBX8BgCXL7rTZQ/o0DbrS71iXmQoFgjGZkbt1gdm6o58wwztJ/TR5ySJqWOl iWoxS0p0oJ3YqURNhKB2OgZNcoi8RIBhNytH98YfbCLxzNeoyFS0nHgzQo++5biUtvitS3 jgDiuFMXBZDDpawvje72ScdbvQsPhAE= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 599735ed (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Fri, 16 Feb 2024 18:17:35 +0000 (UTC) Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-607d633381fso9198547b3.1 for ; Fri, 16 Feb 2024 10:17:35 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCVaFi9J0ZuLSwZxQ1ma8Y+SnlUpR0Kx3mcyE54lMkxl89bgQNIsX1C6XONH3tv3XjuIcMfGxqJR00SIelPFx/12DxdLB8oBCmnWW5Fw X-Gm-Message-State: AOJu0YzcvBFk2ElgxrLsCe/hUq6v2Gw6VPTVWXX1ZHkFRr5UVfoiemBe 5zsdk0e3OTXBV/ekGShC5ba9njET0zXgBu/k8A15Q8oOdPoQWTnxzw2jLOzGIcAzKrfu5nQmlwR GTp/nqnYXht0zBhTbrVCCQBIAaiI= X-Received: by 2002:a81:ac1d:0:b0:608:771:20c0 with SMTP id k29-20020a81ac1d000000b00608077120c0mr928994ywh.24.1708107454216; Fri, 16 Feb 2024 10:17:34 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240214195744.8332-1-Jason@zx2c4.com> <20240214195744.8332-3-Jason@zx2c4.com> In-Reply-To: From: "Jason A. Donenfeld" Date: Fri, 16 Feb 2024 19:17:23 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 2/2] x86/coco: Require seeding RNG with RDRAND on CoCo systems To: "Reshetova, Elena" Cc: "x86@kernel.org" , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" , Borislav Petkov , =?UTF-8?Q?Daniel_P_=2E_Berrang=C3=A9?= , Dave Hansen , "H . Peter Anvin" , Ingo Molnar , "Kirill A . Shutemov" , "Theodore Ts'o" , Thomas Gleixner Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Elena, On Fri, Feb 16, 2024 at 8:57=E2=80=AFAM Reshetova, Elena wrote: > So, yes, coco_random_init() happens first, which actually now has a nice > side-effect that on coco platforms we drop HW CPU output even earlier > in the entropy pool (Yay!). > Which at this point would be almost perfect, *if* we could also > count this entropy drop and allow ChaCha seeding to benefit straight from > this early drop of entropy. I addressed this already in my last reply. I wouldn't get too hung up on the entropy counting stuff. The RNG is going to get initialized just fine anyway no matter what, and whether or not it's counted, it'll still be used and available basically immediately anyway. > How about changing this to use add_hwgenerator_randomness()? That function is only for the hwrng API. It handles sleep semantics and that's specific to that interface boundary. It is not for random drivers and platforms to call directory. > And adjust cc_random_init() to try rdseed first and only fallback to rdra= nd > if it fails? I guess that's possible, but what even is the point? I don't think that really more directly accomplishes the objective here anyway. The whole idea is we want to ensure that RDRAND is at least working for 32 bytes and if not panic. That's *all* we care about. Later on the RNG will eat rdseed opportunistically as it can; let it handle that as it does, and leave this patch here to be simple and direct and accomplish the one single solitary goal of panicking if it can't avoid the worst case scenario. Jason