Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1155701iob;
        Wed, 4 May 2022 16:08:10 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwRzwnsHkW3Gs1efDKzhNuG9aEBGgANWtRl4GoIP8dGfajaHsYtTE0pCQBGws26/0IvxLgw
X-Received: by 2002:a17:907:3e83:b0:6f0:ebf:c79e with SMTP id hs3-20020a1709073e8300b006f00ebfc79emr22753550ejc.454.1651705690610;
        Wed, 04 May 2022 16:08:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1651705690; cv=none;
        d=google.com; s=arc-20160816;
        b=GKAnaPhnpJ1J01XD30DFFgRlYiukgJQKMOOI3VY4jN3zNba5bLXbelmxMuyDD2Y7DD
         kqse6YEzQk5BAm7xffd/QtZqNkqfawG8oqY1hhmET1KScNL8bPQU37JyFRhERuPw+cxY
         +n7uwjIt9JfzrwHeoPM/Rb2SQLVu4oLBfJLJ6UpmFW+tGYMtCxjhmxrsy85hl8BFbpBB
         s3Qp6fETlGgBSTnUm+zKCyLSzrzIXZk9GQYUbT/UwbRUBxSvZRaxd++GjdfEZSt+CiUo
         UghQoLlhTe96VBmEWHQXrrPGWhxUE/cqmR6vHkl2yUBS9JEoNB1KXZgjx+yGVGi5WZ3s
         vwGw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=IxergFl485EsXY2KxptRvd0tHpmPVRyaJTdUoOrikA0=;
        b=Z1S8vWffax5DhYsNW3zDlCbNynD3iCajt8c6Pwcv2PnNGLueDxg7G9kg8IW0j0xLhv
         sOZ9X+ztlPLUiGLQZ/RrJoVqP8yIP07RLxZhMssd6t6+jVzErgkiYEw3DRIwUtziy0hA
         /HSYTxcFhKGLKRzd1wnsVhHJaFtkIQJE3q8mpi898fAkJlGHfFQkuhIC4uWqfpDFAD8L
         8pbFcVjdPCRPQqFwoxrmRdWHxSUslqxc9/TUpoZjgoi7k//FU0ZHB1ho1Wx/OYLqbDWi
         Iu/J09XLP+RBPfHfdj8NB4n6N33xaokRlyBgkF3k1SfwIvI7RXWpibFKBy+26HimVeu/
         h5mw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=CRGjQoNR;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id j1-20020a170906430100b006f383329d34si163455ejm.845.2022.05.04.16.07.41;
        Wed, 04 May 2022 16:08:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=CRGjQoNR;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1377452AbiEDTJJ (ORCPT <rfc822;phruse7@gmail.com> + 99 others);
        Wed, 4 May 2022 15:09:09 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35972 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1377484AbiEDTI4 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Wed, 4 May 2022 15:08:56 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE016DE3;
        Wed,  4 May 2022 12:05:16 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id C7A33B8282B;
        Wed,  4 May 2022 19:05:14 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id B7A6BC385A5;
        Wed,  4 May 2022 19:05:12 +0000 (UTC)
Authentication-Results: smtp.kernel.org;
        dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="CRGjQoNR"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105;
        t=1651691110;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=IxergFl485EsXY2KxptRvd0tHpmPVRyaJTdUoOrikA0=;
        b=CRGjQoNRUpEsYavQXvZk051nbB+Z+hM28IoCV9yZxl4KCq5jebxounT6kA8AqSNG3V6tMx
        D6VP8NroEjouvUCb68yuju53H+hPnkSFxcQVXa73d146I7PpI6icduzs3UMgZiencdkqoG
        wzLwBHXOqaVomlZjafSWf5AMOS83Ffw=
Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 93d71f1d (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO);
        Wed, 4 May 2022 19:05:10 +0000 (UTC)
Date:   Wed, 4 May 2022 21:05:01 +0200
From:   "Jason A. Donenfeld" <Jason@zx2c4.com>
To:     Thomas Gleixner <tglx@linutronix.de>
Cc:     Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>,
        LKML <linux-kernel@vger.kernel.org>, x86@kernel.org,
        Filipe Manana <fdmanana@suse.com>, linux-crypto@vger.kernel.org
Subject: Re: [patch 3/3] x86/fpu: Make FPU protection more robust
Message-ID: <YnLOXZp6WgH7ULVU@zx2c4.com>
References: <20220501192740.203963477@linutronix.de>
 <20220501193102.704267030@linutronix.de>
 <Ym/sHqKqmLOJubgE@zn.tnic>
 <87k0b4lydr.ffs@tglx>
 <YnDwjjdiSQ5Yml6E@hirez.programming.kicks-ass.net>
 <87fslpjomx.ffs@tglx>
 <YnKh96isoB7jiFrv@zx2c4.com>
 <87czgtjlfq.ffs@tglx>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <87czgtjlfq.ffs@tglx>
X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
        RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Hey Thomas,

On Wed, May 04, 2022 at 06:45:45PM +0200, Thomas Gleixner wrote:
> add_disk_randomness() on !RT kernels. That's what made me look into this
> in the first place as it unearthed the long standing FPU protection
> bug. See the first patch in this thread.
> 
> Possibly add_device_randomness() too, but I haven't seen evidence so far.

It looks like it's being hit from add_input_randomness() via
input_handle_event() too. There are two positions we could take toward
this:

One stance to take would be that if an event happens in an interrupt,
add_interrupt_randomness() should in theory already be siphashing in a
cycle counter so additional calls to add_{input,disk}_randomness() don't
contribute substantially (unless you assume the num field has some
entropic value). If that's compelling, then the next thing to do would
be adding a `if (in_interrupt()) return;` early on in some function, and
then we forever after impose a rule, "never mix into the input pool
directly from an irq".

The other stance is that these input/disk events are relatively rare --
compared to, say, a storm of interrupts from a NIC -- so mixing into the
input pool from there isn't actually a problem, and we benefit from the
quasi domain-specific accounting and the superior mixing function,
there, so keep it around. And the non-raw spinlock on the input pool
won't negatively affect RT from this context, because all its callers on
RT should be threaded.

The second stance seems easier and more conservative from a certain
perspective -- we don't need to change anything -- so I'm more inclined
toward it. And given that you've fixed the bug now, it sounds like
that's fine with you too. But if you're thinking about it differently in
fact, let me know.

Jason