[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrXtLf3ZFtyrbwj29C=t3PcTxRT2AJWZCUHdKC3AYyUVAA@mail.gmail.com>
Date: Tue, 12 Aug 2014 12:11:29 -0700
From: Andy Lutomirski <luto@...capital.net>
To: kvm list <kvm@...r.kernel.org>, "H. Peter Anvin" <hpa@...or.com>,
"Theodore Ts'o" <tytso@....edu>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Kees Cook <keescook@...omium.org>, X86 ML <x86@...nel.org>
Cc: Daniel Borkmann <dborkman@...hat.com>,
Srivatsa Vaddagiri <vatsa@...ux.vnet.ibm.com>,
Raghavendra K T <raghavendra.kt@...ux.vnet.ibm.com>,
Gleb Natapov <gleb@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Bandan Das <bsd@...hat.com>, Andrew Honig <ahonig@...gle.com>,
Andy Lutomirski <luto@...capital.net>
Subject: Re: [PATCH v5 0/5] random,x86,kvm: Rework arch RNG seeds and get some
from kvm
On Wed, Jul 23, 2014 at 9:57 PM, Andy Lutomirski <luto@...capital.net> wrote:
> This introduces and uses a very simple synchronous mechanism to get
> /dev/urandom-style bits appropriate for initial KVM PV guest RNG
> seeding.
>
> It also re-works the way that architectural random data is fed into
> random.c's pools. I added a new arch hook called arch_get_rng_seed.
> The default implementation is more or less the same as the current
> code, except that random_get_entropy is now called unconditionally.
>
> x86 gets a custom arch_get_rng_seed. It will use KVM_GET_RNG_SEED
> if available, and, if it does anything, it will log the number of
> bits collected from each available architectural source. If more
> paravirt seed sources show up, it will be a natural place to add
> them.
>
> I sent the corresponding kvm-unit-tests and qemu changes separately.
What's the status of this series? I assume that it's too late for at
least patches 2-5 to make it into 3.17.
--Andy
>
> Changes from v4:
> - Got rid of the RDRAND behavior change. If this series is accepted,
> I may resend it separately, but I think it's an unrelated issue.
> - Fix up the changelog entries -- I misunderstood how the old code
> worked.
> - Avoid lots of failed attempts to use KVM_GET_RNG_SEED if it's not
> available.
>
> Changes from v3:
> - Other than KASLR, the guest pieces are completely rewritten.
> Patches 2-4 have essentially nothing in common with v2.
>
> Changes from v2:
> - Bisection fix (patch 2 had a misplaced brace). The final states is
> identical to that of v2.
> - Improve the 0/5 description a little bit.
>
> Changes from v1:
> - Split patches 2 and 3
> - Log all arch sources in init_std_data
> - Fix the 32-bit kaslr build
>
> Andy Lutomirski (5):
> x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit
> random: Add and use arch_get_rng_seed
> x86,random: Add an x86 implementation of arch_get_rng_seed
> x86,random,kvm: Use KVM_GET_RNG_SEED in arch_get_rng_seed
> x86,kaslr: Use MSR_KVM_GET_RNG_SEED for KASLR if available
>
> Documentation/virtual/kvm/cpuid.txt | 3 ++
> arch/x86/Kconfig | 4 ++
> arch/x86/boot/compressed/aslr.c | 27 +++++++++++++
> arch/x86/include/asm/archrandom.h | 6 +++
> arch/x86/include/asm/kvm_guest.h | 9 +++++
> arch/x86/include/asm/processor.h | 21 ++++++++--
> arch/x86/include/uapi/asm/kvm_para.h | 2 +
> arch/x86/kernel/Makefile | 2 +
> arch/x86/kernel/archrandom.c | 74 ++++++++++++++++++++++++++++++++++++
> arch/x86/kernel/kvm.c | 10 +++++
> arch/x86/kvm/cpuid.c | 3 +-
> arch/x86/kvm/x86.c | 4 ++
> drivers/char/random.c | 14 +++++--
> include/linux/random.h | 40 +++++++++++++++++++
> 14 files changed, 212 insertions(+), 7 deletions(-)
> create mode 100644 arch/x86/kernel/archrandom.c
>
> --
> 1.9.3
>
--
Andy Lutomirski
AMA Capital Management, LLC
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists