Re: Standardizing an MSR or other hypercall to get an RNG seed?

On Fri, Sep 19, 2014 at 09:40:42AM -0700, H. Peter Anvin wrote: There is a huge disadvantage to the fact that CPUID is a user space instruction, though. But if the goal is to provide something like getrandom(2) direct from the Host OS, it's not necessarily harmful to allow the Guest ring 3

Re: Standardizing an MSR or other hypercall to get an RNG seed?

On Fri, Sep 19, 2014 at 03:06:55PM -0700, Andy Lutomirski wrote: On Fri, Sep 19, 2014 at 3:05 PM, Theodore Ts'o ty...@mit.edu wrote: On Fri, Sep 19, 2014 at 09:40:42AM -0700, H. Peter Anvin wrote: There is a huge disadvantage to the fact that CPUID is a user space instruction, though

Re: Standardizing an MSR or other hypercall to get an RNG seed?

On Fri, Sep 19, 2014 at 04:29:53PM -0700, H. Peter Anvin wrote: Actually, a much bigger reason is because it lets rogue guest *user space*, even will a well-behaved guest OS, do something potentially harmful to the host. Right, but if the host kernel is dependent on the guest OS for

Re: [PATCH v5 0/5] random,x86,kvm: Rework arch RNG seeds and get some from kvm

On Wed, Aug 13, 2014 at 12:48:41AM -0700, H. Peter Anvin wrote: The proposed arch_get_rng_seed() is not really what it claims to be; it most definitely does not produce seed-grade randomness, instead it seems to be an arch function for best-effort initialization of the entropy pools -- which

Re: [PATCH v5 0/5] random,x86,kvm: Rework arch RNG seeds and get some from kvm

On Wed, Aug 13, 2014 at 10:45:25AM -0700, H. Peter Anvin wrote: On 08/13/2014 09:13 AM, Andy Lutomirski wrote: Sounds good to me. FWIW, I'd like to see a second use added in random.c: I think that we should do this, or even all of init_std_data, on resume from suspend and especially

Re: [PATCH v5 0/5] random,x86,kvm: Rework arch RNG seeds and get some from kvm

On Tue, Aug 12, 2014 at 12:11:29PM -0700, Andy Lutomirski wrote: What's the status of this series? I assume that it's too late for at least patches 2-5 to make it into 3.17. Which tree were you hoping this patch series to go through? I was assuming it would go through the x86 tree since the

Re: [PATCH v5 2/5] random: Add and use arch_get_rng_seed

...@amacapital.net Acked-by: Theodore Ts'o ty...@mit.edu - Ted -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [PATCH v4 2/5] random: Add and use arch_get_rng_seed

On Thu, Jul 17, 2014 at 11:22:17AM -0700, Andy Lutomirski wrote: Currently, init_std_data contains its own logic for using arch random sources. This logic is a bit strange: it reads one long of arch random data per byte of internal state. This isn't true. Check out the init_std_data() a bit

Re: [PATCH v3 2/5] random,x86: Add arch_get_slow_rng_u64

On Wed, Jul 16, 2014 at 09:55:15PM -0700, H. Peter Anvin wrote: On 07/16/2014 05:03 PM, Andy Lutomirski wrote: I meant that prandom isn't using rdrand for early seeding. We should probably fix that. It wouldn't hurt to explicitly use arch_get_random_long() in prandom, but it does use

Re: [PATCH v3 2/5] random,x86: Add arch_get_slow_rng_u64

On Thu, Jul 17, 2014 at 10:12:27AM -0700, Andy Lutomirski wrote: Unless I'm reading the code wrong, the prandom_reseed_late call can happen after userspace is running. But there is also the prandom_reseed() call, which happens early.