From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4767C78003C for ; Thu, 9 May 2024 08:45:42 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=ih9HxDoi03y3FVDA3PIM/z/3Mx7cGiJLflTSW/1YsEU=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1715244340; v=1; b=XJ+aAKfKq4PGI2eNTTMYefj8xJ3t+6XakrC2Sew1pgx27nViSMPqxpHbcicy04mBvNSwjMyT Cu1J70npMvfxGYy8LqyzQPbYoceGPadOjbpcgWy6z7vh7J2F4qSfk7m+/JBJ7Kk95SytqKU1Uwj Ykz9gnP47y3BTK64EgatBbDFWz8d79DkaZxvtHYt7ur0WWunqf0oL6a8Byxr2ePredpXjhSPnIA WblAAldJbbQdzES7GgyyjkJdYDCACj0gyKCarg3CrheYbdfb/bggG9wJckBjOtjQxDuwybEeAvT NIbgv4HXcVTOdjdJk5LoneDdrP6k+nbfbVAOXdoy81G2A== X-Received: by 127.0.0.2 with SMTP id cj5uYY7687511xObaKbsyWUD; Thu, 09 May 2024 01:45:40 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.5586.1715244339845992746 for ; Thu, 09 May 2024 01:45:39 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 53F5F617E0 for ; Thu, 9 May 2024 08:45:39 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0B566C2BBFC for ; Thu, 9 May 2024 08:45:39 +0000 (UTC) X-Received: by mail-lj1-f169.google.com with SMTP id 38308e7fff4ca-2e1fa824504so8926301fa.0 for ; Thu, 09 May 2024 01:45:38 -0700 (PDT) X-Gm-Message-State: OftCofk0J61Nh9MwBmgDsiXex7686176AA= X-Google-Smtp-Source: AGHT+IHh8wasQk0pSsnmJ8KjJUlw87IJuFBRIXc12vFzswRtaq62i2puwMdgaf9+eFfetzm4YgQOJWdvUkBet17o+Cc= X-Received: by 2002:a2e:b054:0:b0:2de:3ec7:8887 with SMTP id 38308e7fff4ca-2e446f7c7d6mr35168081fa.18.1715244337368; Thu, 09 May 2024 01:45:37 -0700 (PDT) MIME-Version: 1.0 References: <20240509055633.828642-1-doug.edk2@gmail.com> <20240509055633.828642-4-doug.edk2@gmail.com> In-Reply-To: <20240509055633.828642-4-doug.edk2@gmail.com> From: "Ard Biesheuvel" Date: Thu, 9 May 2024 10:45:26 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH v2 03/13] OvmfPkg:PlatformCI: Support virtio-rng-pci To: Doug Flick Cc: devel@edk2.groups.io, Ard Biesheuvel , Jiewen Yao , Gerd Hoffmann Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 09 May 2024 01:45:40 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=XJ+aAKfK; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io So this patch is necessary as otherwise, QEMU fails to boot due to a missing source of randomness in the network drivers, right? Does this imply that all QEMU deployments that rely on the bundled firmware images (e.g., for micro-VMs and container use cases) will now fail to boot if the pre-existing QEMU launch script happens to omit the virtio-rng device? If so, we absolutely need a fallback here - RngDxe based on TRNG (for KVM use cases) as well as RNDR (for TCG with CPU max). This may still break some deployments, but the vast majority should be covered. RNDR raises another interesting problem, by the way - the ARM arch spec requires RNDR to be backed by an appropriate DRBG that complies with the NIST spec but it does not specify which one. IOW, it is backed by a DRBG not by a raw entropy source, but specifying which DRBG (by GUID) is not generally feasible, as the guest VM firmware cannot interrogate the host about which DRBG is behind RNDR. TL;DR there are a couple of loose ends here, and so rushing it through doesn't seem wise imho. I'd rather leave ARM behind with these CVE fixes than break many different use cases in different ways. On Thu, 9 May 2024 at 07:56, Doug Flick wrote: > > This patch adds "virtio-rng-pci" to the PlatformBuildLib.py > This adds Rng services to the guest VM > > Cc: Ard Biesheuvel > Cc: Jiewen Yao > Cc: Gerd Hoffmann > > Signed-off-by: Doug Flick [MSFT] > --- > OvmfPkg/PlatformCI/PlatformBuildLib.py | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/OvmfPkg/PlatformCI/PlatformBuildLib.py b/OvmfPkg/PlatformCI/PlatformBuildLib.py > index 00d454954bff..3fe80f5c1caa 100644 > --- a/OvmfPkg/PlatformCI/PlatformBuildLib.py > +++ b/OvmfPkg/PlatformCI/PlatformBuildLib.py > @@ -208,6 +208,8 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManager): > args += " -net none" # turn off network > args += " -smp 4" > args += f" -drive file=fat:rw:{VirtualDrive},format=raw,media=disk" # Mount disk with startup.nsh > + # Provides Rng services to the Guest VM > + args += " -device virtio-rng-pci" > > if (self.env.GetValue("QEMU_HEADLESS").upper() == "TRUE"): > args += " -display none" # no graphics > -- > 2.34.1 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118753): https://edk2.groups.io/g/devel/message/118753 Mute This Topic: https://groups.io/mt/105996580/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-