From mboxrd@z Thu Jan 1 00:00:00 1970 From: "H. Peter Anvin" Subject: Re: random: Providing a seed value to VM guests Date: Thu, 01 May 2014 16:00:31 -0700 Message-ID: <5362D20F.6010401@zytor.com> References: <20140501192618.GA25829@thunk.org> <900441a0-24e8-4976-ad35-3971805b9f34@email.android.com> <20140501203910.GB25829@thunk.org> <5362B618.50602@zytor.com> <20140501222832.GD25829@thunk.org> <5362CEBC.9090705@zytor.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: "Theodore Ts'o" , "linux-kernel@vger.kernel.org" , kvm list , Florian Weimer , Kees Cook To: Andy Lutomirski Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On 05/01/2014 03:56 PM, Andy Lutomirski wrote: > > I think we're comparing: > > a) cpuid to detect rdrand *or* emulated rdrand followed by rdrand > > to > > b) cpuid to detect rdrand or the paravirt seed msr/cpuid call, > followed by rdrand or the msr or cpuid read > > this seems like it barely makes a difference, especially since (a) > probably requires detecting KVM anyway. Well, it lets one do something like: if (boot_cpu_has(X86_FEATURE_RDRAND) || boot_cpu_has(X86_FEATURE_RDRAND_SIMULATED)) rdrand_long(...); We need the ifs anyway for early code; the arch_*() interfaces are only available after alternatives run. -hpa