public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed
From: David Vrabel <david.vrabel@citrix.com>
To: Andy Lutomirski <luto@amacapital.net>,
	Linux Virtualization <virtualization@lists.linux-foundation.org>
Cc: Mathew John <mathewj@microsoft.com>,
	Theodore Ts'o <tytso@mit.edu>, Jim Mattson <jmattson@vmware.com>,
	kvm list <kvm@vger.kernel.org>, Gleb Natapov <gleb@kernel.org>,
	Niels Ferguson <niels@microsoft.com>,
	David Hepkin <davidhep@microsoft.com>,
	Doug Covelli <dcovelli@vmware.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Jake Oshins <jakeo@microsoft.com>,
	xen-devel@lists.xenproject.org,
	Alok Kataria <akataria@vmware.com>,
	John Starks <John.Starks@microsoft.com>
Subject: Re: [Xen-devel] [RFC] Hypervisor RNG and enumeration
Date: Thu, 30 Oct 2014 12:21:20 +0000	[thread overview]
Message-ID: <54522D40.8040405@citrix.com> (raw)
In-Reply-To: <CALCETrUuSApjNk+xdB1XEPH+Lz2PGY0gnreHwx5Z6xQ0Vj74tw@mail.gmail.com>

On 29/10/14 05:19, Andy Lutomirski wrote:
> CPUID leaf 4F000002H: miscellaneous features
> --------------------------------------------
> 
[...]
> ### CommonHV RNG
> 
> If CPUID.4F000002H.EAX is nonzero, then it contains an MSR index used to
> communicate with a hypervisor random number generator.  This MSR is
> referred to as MSR_COMMONHV_RNG.
> 
> rdmsr(MSR_COMMONHV_RNG) returns a 64-bit best-effort random number.  If the
> hypervisor is able to generate a 64-bit cryptographically secure random number,
> it SHOULD return it.  If not, then the hypervisor SHOULD do its best to return
> a random number suitable for seeding a cryptographic RNG.
> 
> A guest is expected to read MSR_COMMONHV_RNG several times in a row.
> The hypervisor SHOULD return different values each time.
> 
> rdmsr(MSR_COMMONHV_RNG) MUST NOT result in an exception, but guests MUST
> NOT assume that its return value is indeed secure.  For example, a hypervisor
> is free to return zero in response to rdmsr(MSR_COMMONHV_RNG).

I would add:

  If the hypervisor's pool of random data is exhausted, it MAY
  return 0.  The hypervisor MUST provide at least 4 (?) non-zero
  numbers to each guest.

Xen does not have a continual source of entropy and the only feasible
way is for the toolstack to provide each guest with a fixed size pool of
random data during guest creation.

The fixed size pool could be refilled by the guest if further random
data is needed (e.g., before an in-guest kexec).

> wrmsr(MSR_COMMONHV_RNG) offers the hypervisor up to 64 bits of entropy.
> The hypervisor MAY use it as it sees fit to improve its own random number
> generator.  A hypervisor SHOULD make a reasonable effort to avoid making
> values written to MSR_COMMONHV_RNG visible to untrusted parties, but
> guests SHOULD NOT write sensitive values to wrmsr(MSR_COMMONHV_RNG).

I don't think unprivileged guests should be able to influence the
hypervisor's RNG. Unless the intention here is it only affects the
numbers returned to this guest?

But since the write is optional, I don't object to it.

David

  parent reply	other threads:[~2014-10-30 12:21 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-29  5:19 [RFC] Hypervisor RNG and enumeration Andy Lutomirski
2014-10-29 10:37 ` [Xen-devel] " Andrew Cooper
2014-10-29 13:45   ` Paolo Bonzini
2014-10-29 13:57     ` David Vrabel
2014-10-29 14:01       ` Paolo Bonzini
2014-10-29 16:07   ` H. Peter Anvin
2014-10-29 16:23     ` Andy Lutomirski
2014-10-29 16:07   ` H. Peter Anvin
2014-10-29 16:07   ` H. Peter Anvin
2014-10-29 15:14 ` Ian Jackson
2014-10-29 16:13   ` Andy Lutomirski
2014-10-29 16:29     ` Jake Oshins
2014-10-29 16:50       ` Andy Lutomirski
2014-10-29 18:22       ` Paolo Bonzini
2014-10-30 12:21 ` David Vrabel [this message]
2014-10-30 12:25   ` Paolo Bonzini
2014-10-30 14:45   ` Andy Lutomirski
2014-10-30 15:12     ` Ian Campbell
2014-10-30 14:33 ` Roger Pau Monné

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54522D40.8040405@citrix.com \
    --to=david.vrabel@citrix.com \
    --cc=John.Starks@microsoft.com \
    --cc=akataria@vmware.com \
    --cc=davidhep@microsoft.com \
    --cc=dcovelli@vmware.com \
    --cc=gleb@kernel.org \
    --cc=hpa@zytor.com \
    --cc=jakeo@microsoft.com \
    --cc=jmattson@vmware.com \
    --cc=kvm@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=mathewj@microsoft.com \
    --cc=niels@microsoft.com \
    --cc=pbonzini@redhat.com \
    --cc=tytso@mit.edu \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox