Re: [PATCH v2] x86: Disable kernel stack offset randomization for !TSC

[Maciej W. Rozycki]

On Wed, 11 Jan 2023, H. Peter Anvin wrote:

> RDTSC isn't a super fast instruction either,

 As someone recently mostly involved with RISC architectures I find it 
interesting indeed, given that the TSC is just some kind of an integer 
register (or data latch).

 E.g. with the MIPS $c0_count register, which is a free-running counter 
similar to the TSC, the "MFC0 reg, $c0_count" instruction executes just 
about as any ordinary ALU operation, such as say ADD (there is no plain 
GPR move instruction in the MIPS ISA to compare this special register move 
to).  Yes, the latency may be two clocks rather than one, but that's still 
pretty damn fast and the extra latency can be dealt with even on scalar 
microarchitectures by reordering the data consumer farther away from the 
producer.

> but what is *way* more 
> significant is that this use of RDTSC is NOT safe: in certain power 
> states it may very well be that stone number of lower bits of TSC 
> contain no entropy at all.

 I wasn't aware of this limitation; certainly at its introduction TSC was 
just a free-running counter with no special states.

 I went after Jason's suggestion to use `get_random_u8' then, which is 
both portable and the single place to make sure proper entropy is 
maintained in.  Thank you for your input.

  Maciej