Re: [RFC] Randomness on confidential computing platforms

From: H. Peter Anvin
Date: Mon Jan 29 2024 - 11:41:57 EST

Next message: Cristian Ciocaltea: "Re: [PATCH v4 1/2] dt-bindings: net: starfive,jh7110-dwmac: Add JH7100 SoC compatible"
Previous message: AngeloGioacchino Del Regno: "Re: [PATCH v2 2/2] arm64: dts: mediatek: mt8183-pico6: Fix bluetooth node"
In reply to: Dave Hansen: "Re: [RFC] Randomness on confidential computing platforms"
Next in thread: Kirill A. Shutemov: "Re: [RFC] Randomness on confidential computing platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On January 29, 2024 8:30:11 AM PST, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>On 1/26/24 05:42, Kirill A. Shutemov wrote:
>> 3. Panic after enough re-tries of RDRAND/RDSEED instructions fail.
>> Another DoS variant against the Guest.
>
>I think Sean was going down the same path, but I really dislike the idea
>of having TDX-specific (or CoCo-specific) policy here.
>
>How about we WARN_ON() RDRAND/RDSEED going bonkers? The paranoid folks
>can turn on panic_on_warn, if they haven't already.

That would be good anyway.

Next message: Cristian Ciocaltea: "Re: [PATCH v4 1/2] dt-bindings: net: starfive,jh7110-dwmac: Add JH7100 SoC compatible"
Previous message: AngeloGioacchino Del Regno: "Re: [PATCH v2 2/2] arm64: dts: mediatek: mt8183-pico6: Fix bluetooth node"
In reply to: Dave Hansen: "Re: [RFC] Randomness on confidential computing platforms"
Next in thread: Kirill A. Shutemov: "Re: [RFC] Randomness on confidential computing platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]