Re: [PATCH 1/2] x86/random: Retry on RDSEED failure

From: James Bottomley
Date: Fri Feb 02 2024 - 10:48:47 EST

Next message: Maxime Ripard: "Re: Re: [PATCH v5 08/44] drm/connector: hdmi: Add Broadcast RGB property"
Previous message: Dave Martin: "Re: [PATCH] arm64: jump_label: use constraint "S" instead of "i""
In reply to: Jason A. Donenfeld: "Re: [PATCH 1/2] x86/random: Retry on RDSEED failure"
Next in thread: Theodore Ts'o: "Re: [PATCH 1/2] x86/random: Retry on RDSEED failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2024-02-01 at 19:09 +0100, Jason A. Donenfeld wrote:
[...]
> Anyway, that's about where I'm at. I figure I'll wait to see if the
> internal inquiry within Intel yields anything interesting, and then
> maybe we can move forward with solutions (B) or (F) or (G) or a
> different Roald Dahl novel instead.

It's a lot to quote, so I cut it, but all of your solutions assume a
rdseed/rdrand failure equates to a system one but it really doesn't: in
most systems there are other entropy sources. In confidential
computing it is an issue because we have no other trusted sources. The
problem with picking on rdseed/rdrand is that there are bound to be
older CPUs somewhere that have rng generation bugs that this will
expose. How about making the failure contingent on the entropy pool
not having any entropy when the first random number is requested? That
way systems with more than one usable entropy source won't flag a bug,
but it will still flag up confidential computing systems where there's
a malicious entropy depleter.

James

Next message: Maxime Ripard: "Re: Re: [PATCH v5 08/44] drm/connector: hdmi: Add Broadcast RGB property"
Previous message: Dave Martin: "Re: [PATCH] arm64: jump_label: use constraint "S" instead of "i""
In reply to: Jason A. Donenfeld: "Re: [PATCH 1/2] x86/random: Retry on RDSEED failure"
Next in thread: Theodore Ts'o: "Re: [PATCH 1/2] x86/random: Retry on RDSEED failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]