Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp365718pxm; Fri, 25 Feb 2022 09:27:19 -0800 (PST) X-Google-Smtp-Source: ABdhPJzyjt5Yum15Kt4kxzgF6PHg5ecgtschKHexEAD9sPVRYg9zNk2cj3FtA4zMv2x4CQNAE6/Z X-Received: by 2002:a17:90b:23c8:b0:1bc:6d87:2eae with SMTP id md8-20020a17090b23c800b001bc6d872eaemr4108347pjb.189.1645810038892; Fri, 25 Feb 2022 09:27:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645810038; cv=none; d=google.com; s=arc-20160816; b=exGl0ZaAOdHC704dQVDdSNeoHqKnoaHOGaWomI0b7r6wvzdgE3MSN2bYVpTH0BwedE dvTRwYsOpD3/0vakfV2dX/EMHUVkZjuYLEVgQ0iYi2TdtC7ek/nt+koDwUunXwLUDVGn oX8wBkm5AiWwFXZWOIE9iO05YkldXUw9ZMxnvXk6+V+rwUm8ts1/2DU+BIGMtab7uEG/ elJMuO+gPREDSZe07FjXi3tMAiFwRZYmEyRCt88VczWuylPT5b3A9JcDAK82jrZ9RZL4 gyfrv8jVJrtIjkAKCv6pZrOnSLLOFIA3xuo+HGQhOkJWIcrANIJHlr8TrzUeGOdBQ9in n6yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=aWLmVQxQDsQDY8xA+iWmKjooufWe/5wC2imqu/MRZlY=; b=HaSwwM02OrIWxab7RmJNV6fUaSghzlDfS3olnsDklkEebf9vFVoll381qf9lK+b5jk cbi6fVzTta9DQi5qkF1OXipplkNATWKycFthF9t2R9G+AwASHCUBHXsw8dXnG780QF2Q x8grV/ShmfL+7nPzisCWStz1/oCp+J3TAAd42xvBgCZ4wFocLnGh8wCNVxKe/VByjvr0 ZiMGbiCN4glMZgdevGXlggpv14yqHlIPAE4WiARx3OiQtgZZ96ZcI1CSdbGvtR+xpr2B 0XlhxrWhFz4y66Sf2JKiDpNMWoqHKfYyxmKcHsHOqelHQGGSOZF7Aucv0LFPlgFNDfgo OFVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=EWUvxbsv; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q142-20020a627594000000b004da3d310563si2104550pfc.240.2022.02.25.09.26.43; Fri, 25 Feb 2022 09:27:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=EWUvxbsv; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240381AbiBYPe4 (ORCPT + 99 others); Fri, 25 Feb 2022 10:34:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238920AbiBYPez (ORCPT ); Fri, 25 Feb 2022 10:34:55 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A6223190B76; Fri, 25 Feb 2022 07:34:22 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 616CBB83253; Fri, 25 Feb 2022 15:34:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5D2B8C340E7; Fri, 25 Feb 2022 15:34:17 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="EWUvxbsv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1645803256; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=aWLmVQxQDsQDY8xA+iWmKjooufWe/5wC2imqu/MRZlY=; b=EWUvxbsv0f37oRy8gRLWgC2f9N5nllIJZsgvlWWTgwSXhwcn1SAw9ahMy2L+erFJzM3Cok 2LgLhaVSk7Y3z5WXitc4qbOO4HNlQEIOEgKhSZKCqlv5kIMeSZSSbrRloP3h+xPoexoTbJ roWa02VZ8DoxU22UyCjoRq3cY9oiQgA= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id ca8076dc (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Fri, 25 Feb 2022 15:34:15 +0000 (UTC) Date: Fri, 25 Feb 2022 16:34:11 +0100 From: "Jason A. Donenfeld" To: Ard Biesheuvel , adrian@parity.io Cc: Alexander Graf , KVM list , Linux Crypto Mailing List , linux-hyperv@vger.kernel.org, Linux Kernel Mailing List , adrian@parity.io, ben@skyportsystems.com, Daniel =?utf-8?B?UC4gQmVycmFuZ8Op?= , Colm MacCarthaigh , Dexuan Cui , "Woodhouse, David" , Eric Biggers , Eduardo Habkost , Greg Kroah-Hartman , Haiyang Zhang , Igor Mammedov , Jann Horn , KY Srinivasan , Laszlo Ersek , Dominik Brodowski , "Michael S. Tsirkin" , QEMU Developers , "Weiss, Radu" , Stephen Hemminger , "Theodore Y. Ts'o" , Wei Liu Subject: Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork Message-ID: References: <20220225124848.909093-1-Jason@zx2c4.com> <05c9f2a9-accb-e0de-aac7-b212adac7eb2@amazon.com> <88ebdc32-2e94-ef28-37ed-1c927c12af43@amazon.com> <9ac68552-c1fc-22c8-13e6-4f344f85a4fb@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Feb 25, 2022 at 04:16:27PM +0100, Ard Biesheuvel wrote: > > > I just booted up a Windows VM, and it looks like Hyper-V uses > > > "Hyper_V_Gen_Counter_V1", which is also quite long, so we can't really > > > HID match on that either. > > > > > > Yes, due to the same problem. I'd really prefer we sort out the ACPI > > matching before this goes mainline. Matching on _HID is explicitly > > discouraged in the VMGenID spec. > > > > OK, this really sucks. Quoting the ACPI spec: > > """ > A _HID object evaluates to either a numeric 32-bit compressed EISA > type ID or a string. If a string, the format must be an alphanumeric > PNP or ACPI ID with no asterisk or other leading characters. > A valid PNP ID must be of the form "AAA####" where A is an uppercase > letter and # is a hex digit. > A valid ACPI ID must be of the form "NNNN####" where N is an uppercase > letter or a digit ('0'-'9') and # is a hex digit. This specification > reserves the string "ACPI" for use only with devices defined herein. > It further reserves all strings representing 4 HEX digits for > exclusive use with PCI-assigned Vendor IDs. > """ > > So now we have to implement Microsoft's fork of ACPI to be able to use > this device, even if we expose it from QEMU instead of Hyper-V? I > strongly object to that. > > Instead, we can match on _HID exposed by QEMU, and cordially invite > Microsoft to align their spec with the ACPI spec. I don't know about that... Seems a bit extreme. Hopefully Alex will be able to sort something out with the ACPI people, and this driver will work inside of Hyper-V. Here's what we currently have: static const struct acpi_device_id vmgenid_ids[] = { { "VMGENID", 0 }, <------------------------------------ ??? { "QEMUVGID", 0 }, <------------------------------------ QEMU { }, }; Adrian added "VMGENID" in last year's v4, so I copied that for this new driver here. But does anybody know which hypervisor it is for? Some internal Amazon thing? Firecracker? VMware? In case Alex does not succeed with the ACPI changes, it'd be nice to know which HIDs for which hypervisors we do and do not support. Jason