Re: Question on get random long worse in VM than on host

From: Tangnianyao
Date: Thu Sep 05 2024 - 23:42:34 EST

Next message: Philip Li: "Re: error: ABI 'o32' is not supported on CPU 'mips64'"
Previous message: Stephen Rothwell: "Re: linux-next: duplicate patches in the sophgo tree"
In reply to: Marc Zyngier: "Re: Question on get random long worse in VM than on host"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/5/2024 16:17, Marc Zyngier wrote:
> [...]
>> Process is different between host and guest in arch/arm64, arch_get_random_seed_longs.
>> (1) In host , smccc_trng_available is false, it get randomness from RNDRRS.
>>
>> (2) In guest, smccc_trng_available is true, because kvm emulate it. Guest use smccc trng
>> and hvc, and trap to host kvm. Then in host call stack:
>> kvm_smccc_call_handler
>> kvm_trng_call
>> kvm_trng_do_rnd
>> get_random_long
>> ...
>> arch_get_random_seed_longs
>>
>> host get randomness as (1) and return random u64 to guest.
>> So the randomness guest finally get is from RNDRRS too.
>> Can we let guest get randomness directly from RNDRRS, not using hvc first?
>> The process for guest like (1):
>> 1) kvm not emulated smccc trng for guest
>> 2) guest check smccc trng, and get smccc_trng_available=false
>> 3) guest get randomness from RNDRRS
> I think I gave you the answer to this in my first reply [1].
>
> M.
>
> [1] https://lore.kernel.org/all/86zfotuoio.wl-maz@xxxxxxxxxx/
>

Thank you Marc, I've missed this email.
Userspace should control whether expose TRNG to guest.

Thanks.
Nianyao

Next message: Philip Li: "Re: error: ABI 'o32' is not supported on CPU 'mips64'"
Previous message: Stephen Rothwell: "Re: linux-next: duplicate patches in the sophgo tree"
In reply to: Marc Zyngier: "Re: Question on get random long worse in VM than on host"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]