Linux Virtualization - Sep 2014 - Standardizing an MSR or other hypercall to get an RNG seed?

On 09/19/2014 05:46 PM, H. Peter Anvin wrote:
> On 09/19/2014 01:46 PM, Andy Lutomirski wrote:
>>>
>>> However, it sounds to me that at least for KVM, it is very easy
just to emulate the RDRAND instruction. The hypervisor would report to the guest
that RDRAND is supported in CPUID and the emulate the instruction when guest
executes it. KVM already traps guest #UD (which would occur if RDRAND executed
while it is not supported) - so this scheme wouldn?t introduce additional
overhead over RDMSR.
>>
>> Because then guest user code will think that rdrand is there and will
>> try to use it, resulting in abysmal performance.
>>
> 
> Yes, the presence of RDRAND implies a cheap and inexhaustible entropy
> source.
A guest kernel couldn't make it look like RDRAND is not present to guest
userspace?

Christopher

-- 
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
hosted by the Linux Foundation.

On 09/22/2014 06:31 AM, Christopher Covington wrote:
> On 09/19/2014 05:46 PM, H. Peter Anvin wrote:
>> On 09/19/2014 01:46 PM, Andy Lutomirski wrote:
>>>>
>>>> However, it sounds to me that at least for KVM, it is very easy
just to emulate the RDRAND instruction. The hypervisor would report to the guest
that RDRAND is supported in CPUID and the emulate the instruction when guest
executes it. KVM already traps guest #UD (which would occur if RDRAND executed
while it is not supported) - so this scheme wouldn?t introduce additional
overhead over RDMSR.
>>>
>>> Because then guest user code will think that rdrand is there and
will
>>> try to use it, resulting in abysmal performance.
>>>
>>
>> Yes, the presence of RDRAND implies a cheap and inexhaustible entropy
>> source.
> 
> A guest kernel couldn't make it look like RDRAND is not present to
guest
> userspace?
> 
It could, but how would you enumerate that?  A new "RDRAND-CPL-0"
CPUID
bit pretty much would be required.

	-hpa

On 09/22/2014 07:17 AM, H. Peter Anvin wrote:
> 
> It could, but how would you enumerate that?  A new "RDRAND-CPL-0"
CPUID
> bit pretty much would be required.
> 
Note that there are two things that differ: the CPL 0-ness and the
performance/exhaustibility attributes.

	-hpa

Not really, no.

Sent from my tablet, pardon any formatting problems.
> On Sep 22, 2014, at 06:31, Christopher Covington <cov at
codeaurora.org> wrote:
> 
>> On 09/19/2014 05:46 PM, H. Peter Anvin wrote:
>> On 09/19/2014 01:46 PM, Andy Lutomirski wrote:
>>>> 
>>>> However, it sounds to me that at least for KVM, it is very easy
just to emulate the RDRAND instruction. The hypervisor would report to the guest
that RDRAND is supported in CPUID and the emulate the instruction when guest
executes it. KVM already traps guest #UD (which would occur if RDRAND executed
while it is not supported) - so this scheme wouldn?t introduce additional
overhead over RDMSR.
>>> 
>>> Because then guest user code will think that rdrand is there and
will
>>> try to use it, resulting in abysmal performance.
>> 
>> Yes, the presence of RDRAND implies a cheap and inexhaustible entropy
>> source.
> 
> A guest kernel couldn't make it look like RDRAND is not present to
guest
> userspace?
> 
> Christopher
> 
> -- 
> Employee of Qualcomm Innovation Center, Inc.
> Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
> hosted by the Linux Foundation.