Re: [RFC] Randomness on confidential computing platforms

From: Dave Hansen
Date: Mon Jan 29 2024 - 17:19:01 EST

Next message: Linus Torvalds: "Re: [linus:master] [eventfs] 852e46e239: BUG:unable_to_handle_page_fault_for_address"
Previous message: Bjorn Helgaas: "Re: [PATCH v2 13/15] PCI: cadence: add resume support to cdns_pcie_host_setup()"
In reply to: Kirill A. Shutemov: "Re: [RFC] Randomness on confidential computing platforms"
Next in thread: H. Peter Anvin: "Re: [RFC] Randomness on confidential computing platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/29/24 13:33, Kirill A. Shutemov wrote:
>> Let's assume buggy userspace exists. Is that userspace *uniquely*
>> exposed to a naughty VMM or is that VMM just added to the list of things
>> that can attack buggy userspace?
> This is good question.
>
> VMM has control over when a VCPU gets scheduled and on what CPU which
> gives it tighter control over the target workload. It can make a
> difference if there's small window for an attack before RDRAND is
> functional again.

This is all a bit too theoretical for my taste. I'm fine with doing
some generic mitigation (WARN_ON_ONCE(hardware_is_exhausted)), but we're
talking about a theoretical attack with theoretical buggy software when
in a theoretically unreachable hardware state.

Until it's clearly much more practical, we have much bigger problems to
worry about.

Next message: Linus Torvalds: "Re: [linus:master] [eventfs] 852e46e239: BUG:unable_to_handle_page_fault_for_address"
Previous message: Bjorn Helgaas: "Re: [PATCH v2 13/15] PCI: cadence: add resume support to cdns_pcie_host_setup()"
In reply to: Kirill A. Shutemov: "Re: [RFC] Randomness on confidential computing platforms"
Next in thread: H. Peter Anvin: "Re: [RFC] Randomness on confidential computing platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]