Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp177899iob; Mon, 2 May 2022 16:22:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwLmCxNT7bMl0Xw1zo9HjP9RyLvwOgmXXMQkpf2GPBbkat8NOEy7wrZxOcxFhkkUMZ9enzY X-Received: by 2002:a17:902:d4ce:b0:15e:8d66:d20d with SMTP id o14-20020a170902d4ce00b0015e8d66d20dmr13160271plg.70.1651533749820; Mon, 02 May 2022 16:22:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651533749; cv=none; d=google.com; s=arc-20160816; b=b/8OInlEeQNTmc/OSe/8qi3fFqlwQ2yeVO5/5OeBPN3ZwfzoTbYbXImdXFSZrcGhLf 0dZKx3cdu0G0QcKynEmep12kAZeIjRcL+Vac2Sb/D/bgSBd8hfRsb1StMuVjWw9Cexb5 MgUuXjWL2BKIm0tUWFEPVhaQQFcBoWqC10HKY5voQGUwEsTiDLlqrdEBQ8k0fg8lxzfC lEQns/pi5R/EwNPJvBcOOPcDeh6LNKnMDnkd8OS34aZ6iy1bcwqzuCBJ1bzeDsnTEhTw S8IE8KwUPjlfJjzKpRnu0GijimX1N6FEUnFOGKh1NRffKDLXPsG6gCE6k/Q12UiZ7W8L hjFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=ctDsXsKXvAtZj691w4iWAEq9RykXl3vWrD9DktFiGVY=; b=CSwZGPXCsSa5hgsCG9ePj/PcEOWEp0enNyCyPAKBRCnUcro1C5NBdsnlAokXF8Xj1g uRk00hSSco4XDS4OfItw3H5JAbyzERRtfCtmjc4aU0u3JzYsw9eRPR8jk+gzzblrIcE3 38HP139ZT/IpFP/+Gt/XNeXmDBfUilwxnVEzcP9o1J8L7czv2YItu9t1LfKSagGYMgnp 1LnccuCSMR3gaTrM2nmK3pXHyjG0FT+LlgMO6We50fOYBzv6sP/RipKxsE9WShZBYG04 7hRb4JxUCYanCnL9tu15Ls4EZ2fU1FKoFqlvjURciTHAsWXwTg2xXP3S4YRhlGkY7U+A O5AA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="foTQPk/H"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id d16-20020a634f10000000b003ab770bb2bcsi15199896pgb.685.2022.05.02.16.22.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 May 2022 16:22:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="foTQPk/H"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 9F29427B2E; Mon, 2 May 2022 16:22:20 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244521AbiEBSJ0 (ORCPT + 99 others); Mon, 2 May 2022 14:09:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33380 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238752AbiEBSJ0 (ORCPT ); Mon, 2 May 2022 14:09:26 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3A6824F; Mon, 2 May 2022 11:05:53 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8452DB81995; Mon, 2 May 2022 18:05:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2319FC385A4; Mon, 2 May 2022 18:05:50 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="foTQPk/H" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1651514748; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ctDsXsKXvAtZj691w4iWAEq9RykXl3vWrD9DktFiGVY=; b=foTQPk/HYdy167gL1/7PpthZ+BJtH/emMh3g9JqQsWiye7suZmTFXAoDLqutHT6ZJS/cmq n1ko2twM3MeT/jcKNO+Qqhe4jHuDdqxZpg2p1UYkHrOQjVwGqqHvGEKBgUrL71G69WYM/B GbP1nSXoT0ngZedfSfHzrFNIuVPyIH8= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 83a2e9c6 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Mon, 2 May 2022 18:05:45 +0000 (UTC) Date: Mon, 2 May 2022 20:04:21 +0200 From: "Jason A. Donenfeld" To: Lennart Poettering Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, Dominik Brodowski , Greg Kroah-Hartman , Theodore Ts'o , Alexander Graf , Colm MacCarthaigh , Torben Hansen , Jann Horn Subject: Re: [PATCH 2/2] random: add fork_event sysctl for polling VM forks Message-ID: References: <20220502140602.130373-1-Jason@zx2c4.com> <20220502140602.130373-2-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hey Lennart, On Mon, May 02, 2022 at 06:51:19PM +0200, Lennart Poettering wrote: > On Mo, 02.05.22 18:12, Jason A. Donenfeld (Jason@zx2c4.com) wrote: > > > > > In order to inform userspace of virtual machine forks, this commit adds > > > > a "fork_event" sysctl, which does not return any data, but allows > > > > userspace processes to poll() on it for notification of VM forks. > > > > > > > > It avoids exposing the actual vmgenid from the hypervisor to userspace, > > > > in case there is any randomness value in keeping it secret. Rather, > > > > userspace is expected to simply use getrandom() if it wants a fresh > > > > value. > > > > > > Wouldn't it make sense to expose a monotonic 64bit counter of detected > > > VM forks since boot through read()? It might be interesting to know > > > for userspace how many forks it missed the fork events for. Moreover it > > > might be interesting to userspace to know if any fork happened so far > > > *at* *all*, by checking if the counter is non-zero. > > > > "Might be interesting" is different from "definitely useful". I'm not > > going to add this without a clear use case. This feature is pretty > > narrowly scoped in its objectives right now, and I intend to keep it > > that way if possible. > > Sure, whatever. I mean, if you think it's preferable to have 3 API > abstractions for the same concept each for it's special usecase, then > that's certainly one way to do things. I personally would try to > figure out a modicum of generalization for things like this. But maybe > that' just me… > > I can just tell you, that in systemd we'd have a usecase for consuming > such a generation counter: we try to provide stable MAC addresses for > synthetic network interfaces managed by networkd, so we hash them from > /etc/machine-id, but otoh people also want them to change when they > clone their VMs. We could very nicely solve this if we had a > generation counter easily accessible from userspace, that starts at 0 > initially. Because then we can hash as we always did when the counter > is zero, but otherwise use something else, possibly hashed from the > generation counter. This doesn't work, because you could have memory-A split into memory-A.1 and memory-A.2, and both A.2 and A.1 would ++counter, and wind up with the same new value "2". The solution is to instead have the hypervisor pass a unique value and a counter. We currently have a 16 byte unique value from the hypervisor, which I'm keeping as a kernel space secret for the RNG; we're waiting on a word-sized monotonic counter interface from hypervisors in the future. When we have the latter, then we can start talking about mmapable things. Your use case would probably be served by exposing that 16-byte unique value (hashed with some constant for safety I suppose), but I'm hesitant to start going down that route all at once, especially if we're to have a more useful counter in the future. Jason