lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230208211212.41951-1-mst@redhat.com>
Date:   Wed, 8 Feb 2023 16:12:23 -0500
From:   "Michael S. Tsirkin" <mst@...hat.com>
To:     qemu-devel@...gnu.org, "Jason A. Donenfeld" <Jason@...c4.com>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        Dov Murik <dovmurik@...ux.ibm.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Gerd Hoffmann <kraxel@...hat.com>,
        Daniel P . Berrangé <berrange@...hat.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Richard Henderson <richard.henderson@...aro.org>,
        "H . Peter Anvin" <hpa@...or.com>,
        Philippe Mathieu-Daudé <philmd@...aro.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Borislav Petkov <bp@...en8.de>,
        Eric Biggers <ebiggers@...nel.org>
Subject: [PATCH RFC 0/7] revert RNG seed mess

All attempts to fix up passing RNG seed via setup_data entry failed.
Let's just rip out all of it.  We'll start over.


Warning: all I did was git revert the relevant patches and resolve the
(trivial) conflicts. Not even compiled - it's almost midnight here.

Jason this is the kind of approach I'd like to see, not yet another
pointer math rich patch I need to spend time reviewing. Just get us back
to where we started. We can redo "x86: use typedef for SetupData struct"
later if we want, it's benign.

Could you do something like this pls?
Or test and ack if this patchset happens to work by luck.

Michael S. Tsirkin (7):
  Revert "x86: don't let decompressed kernel image clobber setup_data"
  Revert "x86: do not re-randomize RNG seed on snapshot load"
  Revert "x86: re-initialize RNG seed when selecting kernel"
  Revert "x86: reinitialize RNG seed on system reboot"
  Revert "x86: use typedef for SetupData struct"
  Revert "x86: return modified setup_data only if read as memory, not as
    file"
  Revert "hw/i386: pass RNG seed via setup_data entry"

 include/hw/i386/microvm.h |   5 +-
 include/hw/i386/pc.h      |   3 -
 include/hw/i386/x86.h     |   3 +-
 include/hw/nvram/fw_cfg.h |  31 ----------
 hw/i386/microvm.c         |  17 ++----
 hw/i386/pc.c              |   4 +-
 hw/i386/pc_piix.c         |   2 -
 hw/i386/pc_q35.c          |   2 -
 hw/i386/x86.c             | 122 ++++++++++----------------------------
 hw/nvram/fw_cfg.c         |  21 ++-----
 10 files changed, 49 insertions(+), 161 deletions(-)

-- 
MST

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ