Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp519053pxm; Fri, 25 Feb 2022 12:47:29 -0800 (PST) X-Google-Smtp-Source: ABdhPJwTXGUYYxx1vYjNGGcMSzFbEYcpA/379chVD3KzIRwA6E7U6BgP8l0SnVVEoNU6GFiYHIBu X-Received: by 2002:a17:906:3901:b0:6b2:9fc6:9b2 with SMTP id f1-20020a170906390100b006b29fc609b2mr7339979eje.327.1645822049582; Fri, 25 Feb 2022 12:47:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645822049; cv=none; d=google.com; s=arc-20160816; b=jMIUAvfkLhRYxK+Bi2Ref0pyDx8Wd5tJnr4BPeATGOsezwzz8S54UgbeJE5zC6EZbu y4tthYJMe73kENfZ74tVPf3v7SQ1eQxsy8Rb4zrZ3ybyNCxxbiEnQf9oD2h2+PcM+FNS UpN1uHn0dKBrBvA86tI9+U51DXsPdAkRVUrErWmiJHc8AbVZjYkEwac27hmKb/9fGxV0 dOFsdg2oMae1FW+/GTW0kfwxU0gnuUeuLRxHwXozOqMCi9pE93WFYCxm2q5cYjo1AE6m f3CSZG1kp8SsjDPuccr6Jv2c3RWkXGpeihrkZ/S0rWS4kevaQtV+4Ce7/gBbKdW5znC4 S3BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=AGc3HtA6A4VpWTuoF56TukEqyXDHbzPy+Zb56qBmVE4=; b=g0bpzL67a0QzSyG4XeSy598758XjI4fRjDpJxdstlt8Zuz2ABMDFTg7bS0E1U+cFHA l5z9KVSl+3CRgFBk2xORpx9ey6yv05DAJux/Pg7/DeF4vtttYBA8heqxjGXVxL029OQt hpjCMw5rn4soEc/wx+FnwTWat38W84TmXvMU/wjgdbXW7fitWcY5tVcKalLv/VMU0DlN MfP7pdAkadswGpjzgygmzAjWLAre4tQkZnJkkp58KkxXEJ6hRV891OuTTcxIghB1mOCN SslIZQNsSlMCqlyQE5izMDumTTvuv6yfaCti1c2FM+5cKywzgWie+hjCTAfttbzvh45F C+IQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=WRm6cOGF; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u10-20020a50950a000000b00410b915fe74si2429189eda.90.2022.02.25.12.47.05; Fri, 25 Feb 2022 12:47:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=WRm6cOGF; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242069AbiBYP3N (ORCPT + 99 others); Fri, 25 Feb 2022 10:29:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231340AbiBYP3M (ORCPT ); Fri, 25 Feb 2022 10:29:12 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 87E4D51E44; Fri, 25 Feb 2022 07:28:39 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 33D27B83250; Fri, 25 Feb 2022 15:28:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 77BC2C340F0; Fri, 25 Feb 2022 15:28:34 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="WRm6cOGF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1645802913; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=AGc3HtA6A4VpWTuoF56TukEqyXDHbzPy+Zb56qBmVE4=; b=WRm6cOGFOImn/aW/r2uMGAAnP99kIhA6KQkGrSddTUVxAkWVY9oezzK7F6YN6oeSPEX00v XVn/gXm/ZD0Khupal1wI4/zPDplhrs4umww7//LN2a9PB1DjWjGzF4rwRukBQLnbj5EMHE FRzEd8Ep4ZckCmimiThiqkYgmQENeqQ= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 8a164ef4 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Fri, 25 Feb 2022 15:28:32 +0000 (UTC) Date: Fri, 25 Feb 2022 16:28:29 +0100 From: "Jason A. Donenfeld" To: Alexander Graf Cc: kvm@vger.kernel.org, linux-crypto@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, adrian@parity.io, ardb@kernel.org, ben@skyportsystems.com, berrange@redhat.com, colmmacc@amazon.com, decui@microsoft.com, dwmw@amazon.co.uk, ebiggers@kernel.org, ehabkost@redhat.com, gregkh@linuxfoundation.org, haiyangz@microsoft.com, imammedo@redhat.com, jannh@google.com, kys@microsoft.com, lersek@redhat.com, linux@dominikbrodowski.net, mst@redhat.com, qemu-devel@nongnu.org, raduweis@amazon.com, sthemmin@microsoft.com, tytso@mit.edu, wei.liu@kernel.org Subject: Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork Message-ID: References: <20220225124848.909093-1-Jason@zx2c4.com> <05c9f2a9-accb-e0de-aac7-b212adac7eb2@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Alex, On Fri, Feb 25, 2022 at 04:15:59PM +0100, Alexander Graf wrote: > I'm not talking about a notification interface - we've gone through > great length on that one in the previous submission. What I'm more > interested in is *any* way for user space to read the current VM Gen ID. > The same way I'm interested to see other device attributes of my system > through sysfs. Again, no. Same basic objection: we can do this later and design it coherently with the rest. For example, maybe it's better to expose a generation counter rather than 16 byte blob, and expect userspace to call getrandom() subsequently to get something fresh. Or not! But maybe it should be hashed with a fixed prefix string before being exposed to userspace. Or not! I don't know, but that's not going to happen on this patchset. There is no reason at all why that needs to be done here and now. Trying to do too much at the same time is likely why the previous efforts from your team stalled out last year. Propose something later, in a new thread, and we can discuss then. One step at a time... Jason