Comments (6)
A RDSM can delegate access to seed
CSR to a supervisor domain. The seed
CSR is a per hart CSR. For the duration of the SD execution, the SD can consume entropy from the seed
CSR. There is no specific reason to disallow the delegation unless the entropy source is shared by multiple harts. Consuming entropy using seed
CSR from one hart should not affect the entropy availability on another hart unless they are shared. On an implementation where such sharing is present the RDSM may mediate and emulate access to seed
CSR - either through a SBI or by emulating the CSR access and in such cases implement the appropriate rate limits. Please elaborate more on the DOS attack concern if it is beyond the shared entropy source concern.
from riscv-smmtt.
Please elaborate more on the DOS attack concern if it is beyond the shared entropy source concern.
Let's say
- SD(a) is going to execute csrrw instruction to read
seed
. - Suddenly SD(b)'s interrupt asserted, causing CPU traps to RDSM.
- RDSM immediately performs context switch for this hart, saving SD(a)'s context and restoring SD(b).
- However, SD(b) reads
seed
in its interrupt handler. SD(b) may consume much of entropy. - SD(b) finishes its handler. RDSM performs context switch back to SD(a). SD(a) executes previous csrrw, but it might not get sufficient entropy.
Above case 1 to case 5 can be an infinite loop.
from riscv-smmtt.
Got it. When such a bad entropy source is implemented, the RDSM as a policy should not delegate seed
to SDs.
from riscv-smmtt.
So it depends on the quality of entropy source ?
from riscv-smmtt.
Depends on quality of entropy source and the SW policies. The ISA provides controls to support either policies than an RDSM may want to implement.
from riscv-smmtt.
Depends on quality of entropy source and the SW policies. The ISA provides controls to support either policies than an RDSM may want to implement.
It makes sense.
Seems we don't need any ISA changes for access control of seed
.
Thanks!
from riscv-smmtt.
Related Issues (20)
- Smsdia clarifications HOT 6
- Update supervisor domain diagram to show S-mode absent cases HOT 1
- Consider add a separate control bit in msdcfg for external trace HOT 27
- Moving the ISA part of external debug security to smmtt HOT 4
- TOCTOU mitigation of debug control check HOT 4
- Protections on external trigger HOT 3
- Trigger breakpoint exception action in debug mode HOT 27
- Document Supervisor domains interaction for RISC-V Capacity and Bandwidth Controller QoS Register Interface (CBQRI) HOT 1
- Debug access control for U-mode only domain HOT 6
- Selectively delegating some supervisor domain external interrupts HOT 24
- Does Smsdia have dependency on AIA for RV32 ? HOT 11
- Should mideleg[32] be hard-wired to 0 in Smsdia ? HOT 4
- Missing glossary HOT 4
- MTT implicit accesses should be treated as M-mode accesses for purposes of PMP checking HOT 3
- timedelta for supervisor domains HOT 6
- Why force SDID to zero in Bare mode? HOT 3
- A typo HOT 1
- A typo on page 17 HOT 1
- Question about siselect when SDICN is zero HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from riscv-smmtt.