lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e09ce9fd-14cb-47aa-a22d-d295e466fbb4@amazon.com>
Date: Mon, 22 Apr 2024 09:51:31 +0200
From: Alexander Graf <graf@...zon.com>
To: "Jason A. Donenfeld" <Jason@...c4.com>, <linux-kernel@...r.kernel.org>
CC: <stable@...r.kernel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>, Lennart Poettering
	<mzxreary@...inter.de>, Babis Chalios <bchalios@...zon.es>, Theodore Ts'o
	<tytso@....edu>, "Cali, Marco" <xmarcalx@...zon.co.uk>, Arnd Bergmann
	<arnd@...db.de>, "rostedt@...dmis.org" <rostedt@...dmis.org>, "Christian
 Brauner" <brauner@...nel.org>, <linux@...mhuis.info>,
	<regressions@...ts.linux.dev>
Subject: [REGRESSION] Re: [PATCH] Revert "vmgenid: emit uevent when VMGENID
 updates"

[Adding CC list of original patch plus regression tracker]

Hi Jason,

On 18.04.24 13:48, Jason A. Donenfeld wrote:
> This reverts commit ad6bcdad2b6724e113f191a12f859a9e8456b26d. I had
> nak'd it, and Greg said on the thread that it links that he wasn't going
> to take it either, especially since it's not his code or his tree, but
> then, seemingly accidentally, it got pushed up some months later, in
> what looks like a mistake, with no further discussion in the linked
> thread. So revert it, since it's clearly not intended.

Reverting this patch creates a user space visible regression compared to 
v6.8. Please treat it as such.

I'm slightly confused to see you passionate about this patch after you 
ghosted the conversation you referenced:

 
https://lore.kernel.org/lkml/00d6172f-e291-4e96-9d3e-63ee8e60d556@amazon.com/

The purpose of this uevent is to notify systemd[1][2] (or similar) that 
a VM clone event happened, so it can for example regenerate MAC 
addresses if it generated them on boot, regenerate its unique machine id 
or simply force rerequest a new DHCP lease.

I don't understand how there's any correlation or dependency to 
vgetrandom() or anything RNG in this and why getting vgetrandom() merged 
upstream is even something to talk about in the same line as this patch [3].

We had a lengthy, constructive conversation with Ted at LPC last year 
about the "PRNG and clone" use case and concluded that it's best for 
everyone to simply assume the system could be cloned at any point, hence 
always force intermix of RDRAND or comparable to any PRNG output. We 
since no longer need an event for that case.


Alex

[1] https://github.com/systemd/systemd/issues/26380
[2] https://lore.kernel.org/lkml/ZJGNREN4tLzQXOJr@gardel-login/
[3] 
https://lore.kernel.org/lkml/CAHmME9pxc-nO_xa=4+1CnvbnuefbRTJHxM7n817c_TPeoxzu_g@mail.gmail.com/

#regzbot introduced: 3aadf100f93d8081

> 
> Fixes: ad6bcdad2b67 ("vmgenid: emit uevent when VMGENID updates")
> Cc: stable@...r.kernel.org
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Link: https://lore.kernel.org/r/20230531095119.11202-2-bchalios@amazon.es
> Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
> ---
>   drivers/virt/vmgenid.c | 2 --
>   1 file changed, 2 deletions(-)
> 
> diff --git a/drivers/virt/vmgenid.c b/drivers/virt/vmgenid.c
> index b67a28da4702..a1c467a0e9f7 100644
> --- a/drivers/virt/vmgenid.c
> +++ b/drivers/virt/vmgenid.c
> @@ -68,7 +68,6 @@ static int vmgenid_add(struct acpi_device *device)
>   static void vmgenid_notify(struct acpi_device *device, u32 event)
>   {
>   	struct vmgenid_state *state = acpi_driver_data(device);
> -	char *envp[] = { "NEW_VMGENID=1", NULL };
>   	u8 old_id[VMGENID_SIZE];
>   
>   	memcpy(old_id, state->this_id, sizeof(old_id));
> @@ -76,7 +75,6 @@ static void vmgenid_notify(struct acpi_device *device, u32 event)
>   	if (!memcmp(old_id, state->this_id, sizeof(old_id)))
>   		return;
>   	add_vmfork_randomness(state->this_id, sizeof(state->this_id));
> -	kobject_uevent_env(&device->dev.kobj, KOBJ_CHANGE, envp);
>   }
>   
>   static const struct acpi_device_id vmgenid_ids[] = {




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ