Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 16:43, Jason A. Donenfeld wrote: Hi Alex, On Fri, Feb 25, 2022 at 04:22:54PM +0100, Alexander Graf wrote: I don't understand the rush here. This had been sitting on the ML for 1 year - and now suddenly talking the match through properly and getting VMGenID spec compatible

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi Alex, On Fri, Feb 25, 2022 at 04:37:43PM +0100, Alexander Graf wrote: > I believe "VMGENID" was for the firecracker prototype that Adrian built > back then, yeah. Matching on _HID for this is a rat hole unfortunately, > so let's see what the ACPI patch gets us :). Thanks. I'll add a comment

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi Alex, On Fri, Feb 25, 2022 at 04:22:54PM +0100, Alexander Graf wrote: > I don't understand the rush here. This had been sitting on the ML for 1 > year - and now suddenly talking the match through properly and getting > VMGenID spec compatible matching support into the ACPI core is a >

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 16:34, Jason A. Donenfeld wrote: On Fri, Feb 25, 2022 at 04:16:27PM +0100, Ard Biesheuvel wrote: I just booted up a Windows VM, and it looks like Hyper-V uses "Hyper_V_Gen_Counter_V1", which is also quite long, so we can't really HID match on that either. Yes, due to the same

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi again, On Fri, Feb 25, 2022 at 04:31:02PM +0100, Alexander Graf wrote: > >> Please expose the vmgenid via /sysfs so that user space even remotely has a > >> chance to check if it's been cloned. > > Export it how? And why, who would care? > You can just As mentioned in

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 04:16:27PM +0100, Ard Biesheuvel wrote: > > > I just booted up a Windows VM, and it looks like Hyper-V uses > > > "Hyper_V_Gen_Counter_V1", which is also quite long, so we can't really > > > HID match on that either. > > > > > > Yes, due to the same problem. I'd really

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 15:36, Greg KH wrote: On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: + + phys_addr = (obj->package.elements[0].integer.value << 0) | + (obj->package.elements[1].integer.value << 32); + state->next_id = devm_memremap(>dev, phys_addr,

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi Alex, On Fri, Feb 25, 2022 at 04:15:59PM +0100, Alexander Graf wrote: > I'm not talking about a notification interface - we've gone through > great length on that one in the previous submission. What I'm more > interested in is *any* way for user space to read the current VM Gen ID. > The

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, 25 Feb 2022 at 16:12, Alexander Graf wrote: > > > On 25.02.22 15:33, Jason A. Donenfeld wrote: > > On Fri, Feb 25, 2022 at 03:18:43PM +0100, Alexander Graf wrote: > >>> I recall this part of the old thread. From what I understood, using > >>> "VMGENID" + "QEMUVGID" worked /well enough/,

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 16:16, Ard Biesheuvel wrote: On Fri, 25 Feb 2022 at 16:12, Alexander Graf wrote: On 25.02.22 15:33, Jason A. Donenfeld wrote: On Fri, Feb 25, 2022 at 03:18:43PM +0100, Alexander Graf wrote: I recall this part of the old thread. From what I understood, using "VMGENID" +

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 15:54, Jason A. Donenfeld wrote: Hi Alex, Missed this remark before: On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: Please expose the vmgenid via /sysfs so that user space even remotely has a chance to check if it's been cloned. No. Did you read the 0/2 cover

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 16:03, Ard Biesheuvel wrote: On Fri, 25 Feb 2022 at 14:58, Alexander Graf wrote: On 25.02.22 13:48, Jason A. Donenfeld wrote: VM Generation ID is a feature from Microsoft, described at , and supported by Hyper-V and QEMU. Its usage

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi Alex, Missed this remark before: On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: > Please expose the vmgenid via /sysfs so that user space even remotely > has a chance to check if it's been cloned. No. Did you read the 0/2 cover letter? I'll quote it for you here: > As a

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 15:33, Jason A. Donenfeld wrote: On Fri, Feb 25, 2022 at 03:18:43PM +0100, Alexander Graf wrote: I recall this part of the old thread. From what I understood, using "VMGENID" + "QEMUVGID" worked /well enough/, even if that wasn't technically in-spec. Ard noted that relying on _CID

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, 25 Feb 2022 at 13:53, Greg KH wrote: > > On Fri, Feb 25, 2022 at 01:48:48PM +0100, Jason A. Donenfeld wrote: > > +static struct acpi_driver acpi_driver = { > > + .name = "vmgenid", > > + .ids = vmgenid_ids, > > + .owner = THIS_MODULE, > > + .ops = { > > + .add

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, 25 Feb 2022 at 14:58, Alexander Graf wrote: > > > On 25.02.22 13:48, Jason A. Donenfeld wrote: > > > > VM Generation ID is a feature from Microsoft, described at > > , and supported by > > Hyper-V and QEMU. Its usage is described in

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: > > + > > + phys_addr = (obj->package.elements[0].integer.value << 0) | > > + (obj->package.elements[1].integer.value << 32); > > + state->next_id = devm_memremap(>dev, phys_addr, > > VMGENID_SIZE,

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 15:12, Jason A. Donenfeld wrote: Hi Alex, On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: +static const struct acpi_device_id vmgenid_ids[] = { + { "VMGENID", 0 }, + { "QEMUVGID", 0 }, According to the VMGenID spec[1], you can only rely on _CID and

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 03:18:43PM +0100, Alexander Graf wrote: > > I recall this part of the old thread. From what I understood, using > > "VMGENID" + "QEMUVGID" worked /well enough/, even if that wasn't > > technically in-spec. Ard noted that relying on _CID like that is > > technically an ACPI

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 3:12 PM Jason A. Donenfeld wrote: > > Hi Alex, > > On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: > > > +static const struct acpi_device_id vmgenid_ids[] = { > > > + { "VMGENID", 0 }, > > > + { "QEMUVGID", 0 }, > > > > > > According to the

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

Hi Alex, On Fri, Feb 25, 2022 at 02:57:38PM +0100, Alexander Graf wrote: > > +static const struct acpi_device_id vmgenid_ids[] = { > > + { "VMGENID", 0 }, > > + { "QEMUVGID", 0 }, > > > According to the VMGenID spec[1], you can only rely on _CID and _DDN for > matching. They both

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On 25.02.22 13:48, Jason A. Donenfeld wrote: VM Generation ID is a feature from Microsoft, described at , and supported by Hyper-V and QEMU. Its usage is described in Microsoft's RNG whitepaper, , as: If the OS is

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 1:53 PM Greg KH wrote: > > On Fri, Feb 25, 2022 at 01:48:48PM +0100, Jason A. Donenfeld wrote: > > +static struct acpi_driver acpi_driver = { > > + .name = "vmgenid", > > + .ids = vmgenid_ids, > > + .owner = THIS_MODULE, > > + .ops = { > > +

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 01:48:48PM +0100, Jason A. Donenfeld wrote: > VM Generation ID is a feature from Microsoft, described at > , and supported by > Hyper-V and QEMU. Its usage is described in Microsoft's RNG whitepaper, >

Re: [PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

On Fri, Feb 25, 2022 at 01:48:48PM +0100, Jason A. Donenfeld wrote: > +static struct acpi_driver acpi_driver = { > + .name = "vmgenid", > + .ids = vmgenid_ids, > + .owner = THIS_MODULE, > + .ops = { > + .add = vmgenid_acpi_add, > + .notify =

[PATCH v4] virt: vmgenid: introduce driver for reinitializing RNG on VM fork

VM Generation ID is a feature from Microsoft, described at , and supported by Hyper-V and QEMU. Its usage is described in Microsoft's RNG whitepaper, , as: If the OS is running in a VM, there is a problem that most