Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp2902399lqt; Tue, 23 Apr 2024 05:24:09 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVsiyz1gnJPnGm7fz08Dy6CrCgoExcvG5dIJQ8vUlN24DquC473xnCsAlFNpFc3SNZ2PWvWUXar9QsvtoPxqS3XisX+Io0/nt1+5IdvWA== X-Google-Smtp-Source: AGHT+IFlL8FQcUuXXAuH2s+fxLB++sdy10ZhHhzmHL2z7bbD/4j39rcglrZSHxEZ4oCvP1FDmKwF X-Received: by 2002:a17:907:9717:b0:a58:873a:6bde with SMTP id jg23-20020a170907971700b00a58873a6bdemr179942ejc.44.1713875049431; Tue, 23 Apr 2024 05:24:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713875049; cv=pass; d=google.com; s=arc-20160816; b=SMzb4tPEaqlbaqcNtMDwplVbG2CfJHvB+glKUtQ2o9ES16fsrcMBdt3IDWGoxjoUaX m3Tp3C8Z7tXJ+hYD4iF0JAwF+oo4eDbJVc6qMuBLBurRJ9mHAkWydu6vjBdlM4spCx+Z iaSlLbeUjL8iaXmc/W9mcYbNn3xEjtNtWoaEwwEvOIp+C5HYqt7rdb1T6mgj48saf9v5 0pzXKxOefpKqeTNm8GOilBD6PRvxogADl/9OKizCbUA3ZjROEDd9NP+GKS8SzWSbqnNk vkODghji9ZqRT/vzzFbm615aSJAOAYb5VmJdckRPvoPKh8/4ZPIRLFUINEFKMRmmuQZK Wq/Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date; bh=5DmUvjxy5vtrmeA+aWwOw6GwVTh9Pm0+Jafzv1sTFSA=; fh=9HJsJMPIaZ35BJF38G+Xk9lfAGHRhTmAdAeiXDrlaGM=; b=EufB5JXGn4Jsi4/x2YwqmIOmPt/tPIlPU7/XjA+qaJVNlY/+eosrhJh9vA/gYMM5xQ KL2+J7njAuz3zaZAsBwINlO0HOxxcqntGkDk9kNH8X3lU4x8c4YTjB/MVlmXNxDLqdSS tRsQg9GR0BD7m3oroA0uK/5G9JdJlxDWoDAtoR8WeW34O/4JvQ+egOQ9fDXAxRTYKVQU kkF4fVJV7JWTbBMhp0qOeOh60kzACBhMWNOjESsA3B4m6dJqqnF6FzaLsiFnVbEb+qbZ ZXGkf66seQyTDBQNWjSfGxIYlplMDZIDbKkEOhaRKuHqMc5la79PzbWasDvnUGfANww1 2Svw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=0pointer.de); spf=pass (google.com: domain of linux-kernel+bounces-155155-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-155155-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id n15-20020a170906164f00b00a5534ae9cf8si6844826ejd.701.2024.04.23.05.24.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 Apr 2024 05:24:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-155155-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=0pointer.de); spf=pass (google.com: domain of linux-kernel+bounces-155155-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-155155-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 2B7E01F21C5F for ; Tue, 23 Apr 2024 12:24:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A8CBB127E0B; Tue, 23 Apr 2024 12:23:46 +0000 (UTC) Received: from gardel.0pointer.net (gardel.0pointer.net [85.214.157.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB9598529E; Tue, 23 Apr 2024 12:23:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=85.214.157.71 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713875026; cv=none; b=kmh5VCAP7ZPe+ImlKVDt/hAPFiktUTGpi08XENI8s5nJ9GJ2QXlwz4CSKQB7K70Z64296NvujBXQw3QEudYKGnk71RBRWRKMSTbzDLosHRRVby29vG+0imgeV8pAzE4Ay5ZsrMyS+yEHYZr/57uoLfsOZZASp/Y/YEZcaJqRS+g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713875026; c=relaxed/simple; bh=5DmUvjxy5vtrmeA+aWwOw6GwVTh9Pm0+Jafzv1sTFSA=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=cwzDmaozonsKxGpZBSxPNg4LD9pC6r548aljuJQy0wI12dO2oWP1aMLKRoSZ4pYVLQXIZBMo/Wd9Cusg9/WpkObEQWq50+ftsbCPMxsN6rKodeGIOX61XIXIVTOqP7Dk6fXzCFS15uhjP+WLvkyK03U5/cbqhc4ybFsdUnU78UQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=0pointer.de; spf=pass smtp.mailfrom=0pointer.de; arc=none smtp.client-ip=85.214.157.71 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=0pointer.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=0pointer.de Received: from gardel-login.0pointer.net (gardel-mail [IPv6:2a01:238:43ed:c300:10c3:bcf3:3266:da74]) by gardel.0pointer.net (Postfix) with ESMTP id 3A406E80104; Tue, 23 Apr 2024 14:23:36 +0200 (CEST) Received: by gardel-login.0pointer.net (Postfix, from userid 1000) id A91ED1602F7; Tue, 23 Apr 2024 14:23:35 +0200 (CEST) Date: Tue, 23 Apr 2024 14:23:35 +0200 From: Lennart Poettering To: "Jason A. Donenfeld" Cc: Alexander Graf , linux-kernel@vger.kernel.org, stable@vger.kernel.org, Greg Kroah-Hartman , Linus Torvalds , Babis Chalios , Theodore Ts'o , "Cali, Marco" , Arnd Bergmann , "rostedt@goodmis.org" , Christian Brauner , linux@leemhuis.info, regressions@lists.linux.dev Subject: Re: [REGRESSION] Re: [PATCH] Revert "vmgenid: emit uevent when VMGENID updates" Message-ID: References: <20240418114814.24601-1-Jason@zx2c4.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: On Di, 23.04.24 03:21, Jason A. Donenfeld (Jason@zx2c4.com) wrote: Jason! Can you please explain to me what the precise problem is with the uevent? It doesn't leak any information about the actual vmgenid, it just lets userspace know that the machine was cloned, basically. What's the problem with that? I'd really like to understand? There are many usecases for this in the VM world, for example we'd like to hook things up so that various userspace managed concepts, such as DHCP leases, MAC addresses are automatically refreshed. This has no relationship to RNGs or anything like this, it's just an event we can handle in userspace to trigger address refreshes like this. Hence, why is the revert necessary? This was already in a released kernel, and we have started work on making use of this in systemd, and afaics this does not compromise the kernel RNG in even the remotest of ways, hence why is a revert necessary? From my usersace perspective it's just very very sad, that this simple, trivial interface we wanted to use, that was in a stable kernel is now gone again. Can you explain what the problem with this single-line trivial interface is? I really would like to understand! Lennart (BTW: even if the uevent would leak the vmgenid somehow to userspace — which it does not —, at least on qemu — i.e. one of the most relevant VM platforms — the vmgenid can be read directly from userspace by cat'ing /sys/firmware/qemu_fw_cfg/by_name/etc/vmgenid_guid/raw, i.e. it's not that well protected anyway). -- Lennart Poettering, Berlin