[v2] tpm: Move Linux RNG connection to hwrng

Commit Message

Jason Gunthorpe Oct. 31, 2017, 8:05 p.m. UTC

The tpm-rng.c approach is completely inconsistent with how the kernel
handles hotplug. Instead manage a hwrng device for each TPM. This will
cause the kernel to read entropy from the TPM when it is plugged in,
and allow access to the TPM rng via /dev/hwrng.

Signed-off-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
---
 drivers/char/hw_random/Kconfig   | 13 -----------
 drivers/char/hw_random/Makefile  |  1 -
 drivers/char/hw_random/tpm-rng.c | 50 ----------------------------------------
 drivers/char/tpm/Kconfig         | 11 +++++++++
 drivers/char/tpm/tpm-chip.c      | 41 ++++++++++++++++++++++++++++----
 drivers/char/tpm/tpm.h           |  4 ++++
 6 files changed, 52 insertions(+), 68 deletions(-)
 delete mode 100644 drivers/char/hw_random/tpm-rng.c

v2 applies against Jarkko's patch
"tpm: use struct tpm_chip for tpm_chip_find_get()"

Comments

Jarkko Sakkinen Nov. 5, 2017, 11:05 a.m. UTC | #1

On Tue, Oct 31, 2017 at 02:05:03PM -0600, Jason Gunthorpe wrote:
> The tpm-rng.c approach is completely inconsistent with how the kernel
> handles hotplug. Instead manage a hwrng device for each TPM. This will
> cause the kernel to read entropy from the TPM when it is plugged in,
> and allow access to the TPM rng via /dev/hwrng.
> 
> Signed-off-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
> Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
> ---
>  drivers/char/hw_random/Kconfig   | 13 -----------
>  drivers/char/hw_random/Makefile  |  1 -
>  drivers/char/hw_random/tpm-rng.c | 50 ----------------------------------------
>  drivers/char/tpm/Kconfig         | 11 +++++++++
>  drivers/char/tpm/tpm-chip.c      | 41 ++++++++++++++++++++++++++++----
>  drivers/char/tpm/tpm.h           |  4 ++++
>  6 files changed, 52 insertions(+), 68 deletions(-)
>  delete mode 100644 drivers/char/hw_random/tpm-rng.c
> 
> v2 applies against Jarkko's patch
> "tpm: use struct tpm_chip for tpm_chip_find_get()"
> 
> diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
> index 95a031e9eced07..a20fed182cbcce 100644
> --- a/drivers/char/hw_random/Kconfig
> +++ b/drivers/char/hw_random/Kconfig
> @@ -306,19 +306,6 @@ config HW_RANDOM_POWERNV
>  
>  	  If unsure, say Y.
>  
> -config HW_RANDOM_TPM
> -	tristate "TPM HW Random Number Generator support"
> -	depends on TCG_TPM
> -	default HW_RANDOM
> -	---help---
> -	  This driver provides kernel-side support for the Random Number
> -	  Generator in the Trusted Platform Module
> -
> -	  To compile this driver as a module, choose M here: the
> -	  module will be called tpm-rng.
> -
> -	  If unsure, say Y.
> -
>  config HW_RANDOM_HISI
>  	tristate "Hisilicon Random Number Generator support"
>  	depends on HW_RANDOM && ARCH_HISI
> diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
> index 39a67defac67cb..91cb8e8213e7c1 100644
> --- a/drivers/char/hw_random/Makefile
> +++ b/drivers/char/hw_random/Makefile
> @@ -26,7 +26,6 @@ obj-$(CONFIG_HW_RANDOM_NOMADIK) += nomadik-rng.o
>  obj-$(CONFIG_HW_RANDOM_PSERIES) += pseries-rng.o
>  obj-$(CONFIG_HW_RANDOM_POWERNV) += powernv-rng.o
>  obj-$(CONFIG_HW_RANDOM_HISI)	+= hisi-rng.o
> -obj-$(CONFIG_HW_RANDOM_TPM) += tpm-rng.o
>  obj-$(CONFIG_HW_RANDOM_BCM2835) += bcm2835-rng.o
>  obj-$(CONFIG_HW_RANDOM_IPROC_RNG200) += iproc-rng200.o
>  obj-$(CONFIG_HW_RANDOM_MSM) += msm-rng.o
> diff --git a/drivers/char/hw_random/tpm-rng.c b/drivers/char/hw_random/tpm-rng.c
> deleted file mode 100644
> index c5e363825af008..00000000000000
> --- a/drivers/char/hw_random/tpm-rng.c
> +++ /dev/null
> @@ -1,50 +0,0 @@
> -/*
> - * Copyright (C) 2012 Kent Yoder IBM Corporation
> - *
> - * HWRNG interfaces to pull RNG data from a TPM
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of the GNU General Public License version 2 as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful,
> - * but WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> - * GNU General Public License for more details.
> - *
> - * You should have received a copy of the GNU General Public License
> - * along with this program; if not, write to the Free Software
> - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
> - */
> -
> -#include <linux/module.h>
> -#include <linux/hw_random.h>
> -#include <linux/tpm.h>
> -
> -#define MODULE_NAME "tpm-rng"
> -
> -static int tpm_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
> -{
> -	return tpm_get_random(NULL, data, max);
> -}
> -
> -static struct hwrng tpm_rng = {
> -	.name = MODULE_NAME,
> -	.read = tpm_rng_read,
> -};
> -
> -static int __init rng_init(void)
> -{
> -	return hwrng_register(&tpm_rng);
> -}
> -module_init(rng_init);
> -
> -static void __exit rng_exit(void)
> -{
> -	hwrng_unregister(&tpm_rng);
> -}
> -module_exit(rng_exit);
> -
> -MODULE_LICENSE("GPL v2");
> -MODULE_AUTHOR("Kent Yoder <key@linux.vnet.ibm.com>");
> -MODULE_DESCRIPTION("RNG driver for TPM devices");
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index a30352202f1fdc..18c81cbe4704ca 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -26,6 +26,17 @@ menuconfig TCG_TPM
>  
>  if TCG_TPM
>  
> +config HW_RANDOM_TPM
> +	bool "TPM HW Random Number Generator support"
> +	depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
> +	default y
> +	---help---
> +	  This setting exposes the TPM's Random Number Generator as a hwrng
> +	  device. This allows the kernel to collect randomness from the TPM at
> +	  boot, and provides the TPM randomines in /dev/hwrng.
> +
> +	  If unsure, say Y.
> +
>  config TCG_TIS_CORE
>  	tristate
>  	---help---
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 6faf4c3fa6dbbd..797ab962291333 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -26,6 +26,7 @@
>  #include <linux/spinlock.h>
>  #include <linux/freezer.h>
>  #include <linux/major.h>
> +#include <linux/hw_random.h>
>  #include "tpm.h"
>  #include "tpm_eventlog.h"
>  
> @@ -391,6 +392,26 @@ static int tpm_add_legacy_sysfs(struct tpm_chip *chip)
>  
>  	return 0;
>  }
> +
> +static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait)
> +{
> +	struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng);
> +
> +	return tpm_get_random(chip, data, max);
> +}
> +
> +static int tpm_add_hwrng(struct tpm_chip *chip)
> +{
> +	if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> +		return 0;
> +
> +	snprintf(chip->hwrng_name, sizeof(chip->hwrng_name),
> +		 "tpm-rng-%d", chip->dev_num);
> +	chip->hwrng.name = chip->hwrng_name;
> +	chip->hwrng.read = tpm_hwrng_read;
> +	return hwrng_register(&chip->hwrng);
> +}
> +
>  /*
>   * tpm_chip_register() - create a character device for the TPM chip
>   * @chip: TPM chip to use.
> @@ -423,11 +444,13 @@ int tpm_chip_register(struct tpm_chip *chip)
>  
>  	tpm_add_ppi(chip);
>  
> +	rc = tpm_add_hwrng(chip);
> +	if (rc)
> +		goto out_ppi;
> +
>  	rc = tpm_add_char_device(chip);
> -	if (rc) {
> -		tpm_bios_log_teardown(chip);
> -		return rc;
> -	}
> +	if (rc)
> +		goto out_hwrng;
>  
>  	rc = tpm_add_legacy_sysfs(chip);
>  	if (rc) {
> @@ -436,6 +459,14 @@ int tpm_chip_register(struct tpm_chip *chip)
>  	}
>  
>  	return 0;
> +
> +out_hwrng:
> +	if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> +		hwrng_unregister(&chip->hwrng);
> +out_ppi:
> +	tpm_bios_log_teardown(chip);
> +
> +	return rc;
>  }
>  EXPORT_SYMBOL_GPL(tpm_chip_register);
>  
> @@ -455,6 +486,8 @@ EXPORT_SYMBOL_GPL(tpm_chip_register);
>  void tpm_chip_unregister(struct tpm_chip *chip)
>  {
>  	tpm_del_legacy_sysfs(chip);
> +	if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> +		hwrng_unregister(&chip->hwrng);
>  	tpm_bios_log_teardown(chip);
>  	if (chip->flags & TPM_CHIP_FLAG_TPM2)
>  		cdev_device_del(&chip->cdevs, &chip->devs);
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 7424511241031a..efe8ad0d137f74 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -26,6 +26,7 @@
>  #include <linux/module.h>
>  #include <linux/delay.h>
>  #include <linux/fs.h>
> +#include <linux/hw_random.h>
>  #include <linux/mutex.h>
>  #include <linux/sched.h>
>  #include <linux/platform_device.h>
> @@ -210,6 +211,9 @@ struct tpm_chip {
>  	int dev_num;		/* /dev/tpm# */
>  	unsigned long is_open;	/* only one allowed */
>  
> +	char hwrng_name[64];
> +	struct hwrng hwrng;
> +
>  	struct mutex tpm_mutex;	/* tpm is processing */
>  
>  	unsigned long timeout_a; /* jiffies */
> -- 
> 2.7.4
> 

I asked to create a series for a reason. Now this doesn't apply because I
don't have an ancestor in my git history.

Please resend as series together with my patch. I can apply neither yet
because they have zero tested-by's.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jason Gunthorpe Nov. 6, 2017, 2:27 a.m. UTC | #2

On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:

> I asked to create a series for a reason. Now this doesn't apply because I
> don't have an ancestor in my git history.

It would be unusual for me to put your patch into a series unless I am
also adopting it. eg what happens if there are more comments on it?

Also, I wasn't sure what branch your patch was against since my tree
didn't have history for it either..

Sometimes the maintainer has to sort stuff like this out... :)

> Please resend as series together with my patch. I can apply neither yet
> because they have zero tested-by's.

Hopefully PrasannaKumar can test both patches.

Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

PrasannaKumar Muralidharan Nov. 7, 2017, 3:20 a.m. UTC | #3

Hi Jason,

On 6 November 2017 at 07:57, Jason Gunthorpe <jgg@ziepe.ca> wrote:
> On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:
>
>> I asked to create a series for a reason. Now this doesn't apply because I
>> don't have an ancestor in my git history.
>
> It would be unusual for me to put your patch into a series unless I am
> also adopting it. eg what happens if there are more comments on it?
>
> Also, I wasn't sure what branch your patch was against since my tree
> didn't have history for it either..
>
> Sometimes the maintainer has to sort stuff like this out... :)
>
>> Please resend as series together with my patch. I can apply neither yet
>> because they have zero tested-by's.
>
> Hopefully PrasannaKumar can test both patches.

I am assuming you are talking about the following patches - using
struct tpm_chip instead of chip number and this patch.

I won't be able to test if struct tpm_chip usage as I don't have
multiple tpm hw in one machine. In case of tpm rng changes I can test
only the lifecycle of tpm rng device. Is that enough? I feel my test
will be limited. Please provide your thoughts on this.

Regards,
PrasannaKumar
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jason Gunthorpe Nov. 7, 2017, 4:04 p.m. UTC | #4

On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:

> I am assuming you are talking about the following patches - using
> struct tpm_chip instead of chip number and this patch.

yes

> I won't be able to test if struct tpm_chip usage as I don't have
> multiple tpm hw in one machine. In case of tpm rng changes I can test
> only the lifecycle of tpm rng device. Is that enough? I feel my test
> will be limited. Please provide your thoughts on this.

That is certainly better than no testing.

Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jarkko Sakkinen Nov. 7, 2017, 7:24 p.m. UTC | #5

On Sun, Nov 05, 2017 at 07:27:04PM -0700, Jason Gunthorpe wrote:
> On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:
> 
> > I asked to create a series for a reason. Now this doesn't apply because I
> > don't have an ancestor in my git history.
> 
> It would be unusual for me to put your patch into a series unless I am
> also adopting it. eg what happens if there are more comments on it?
> 
> Also, I wasn't sure what branch your patch was against since my tree
> didn't have history for it either..
> 
> Sometimes the maintainer has to sort stuff like this out... :)
> 
> > Please resend as series together with my patch. I can apply neither yet
> > because they have zero tested-by's.
> 
> Hopefully PrasannaKumar can test both patches.
> 
> Jason

Fair enough. I'll look at it.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

PrasannaKumar Muralidharan Nov. 9, 2017, 4:19 p.m. UTC | #6

Hi Jason,

On 7 November 2017 at 21:34, Jason Gunthorpe <jgg@ziepe.ca> wrote:
> On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
>
>> I am assuming you are talking about the following patches - using
>> struct tpm_chip instead of chip number and this patch.
>
> yes
>
>> I won't be able to test if struct tpm_chip usage as I don't have
>> multiple tpm hw in one machine. In case of tpm rng changes I can test
>> only the lifecycle of tpm rng device. Is that enough? I feel my test
>> will be limited. Please provide your thoughts on this.
>
> That is certainly better than no testing.

The struct tpm_chip patch partially applied on linux next. I had to
manually change the code. In qemu tpm rng device did not show up on
loading tpm module. My laptop has tpm hw but Linux next did not work
properly in that. All my console were getting spammed with some USB
log message and I could not do anything. X did not start either. I
could not debug the issue as the logs were printing infinitely. Will
get little more time this weekend. Will do a proper test and provide
you the result.

Regards,
PrasannaKumar
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jason Gunthorpe Nov. 9, 2017, 4:29 p.m. UTC | #7

On Thu, Nov 09, 2017 at 09:49:33PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jason,
> 
> On 7 November 2017 at 21:34, Jason Gunthorpe <jgg@ziepe.ca> wrote:
> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> >
> >> I am assuming you are talking about the following patches - using
> >> struct tpm_chip instead of chip number and this patch.
> >
> > yes
> >
> >> I won't be able to test if struct tpm_chip usage as I don't have
> >> multiple tpm hw in one machine. In case of tpm rng changes I can test
> >> only the lifecycle of tpm rng device. Is that enough? I feel my test
> >> will be limited. Please provide your thoughts on this.
> >
> > That is certainly better than no testing.
> 
> The struct tpm_chip patch partially applied on linux next. I had to
> manually change the code. In qemu tpm rng device did not show up on
> loading tpm module. My laptop has tpm hw but Linux next did not work
> properly in that. All my console were getting spammed with some USB
> log message and I could not do anything. X did not start either. I
> could not debug the issue as the logs were printing infinitely. Will
> get little more time this weekend. Will do a proper test and provide
> you the result.

Test against 4.15-rc, here are the two patches

https://github.com/jgunthorpe/linux/tree/tpm

Pull from here and merge the latest rc and you will probably have a
bootable system.

Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

PrasannaKumar Muralidharan Nov. 12, 2017, 5:27 a.m. UTC | #8

Hi Jason,

On 9 November 2017 at 21:59, Jason Gunthorpe <jgg@ziepe.ca> wrote:
> On Thu, Nov 09, 2017 at 09:49:33PM +0530, PrasannaKumar Muralidharan wrote:
>> Hi Jason,
>>
>> On 7 November 2017 at 21:34, Jason Gunthorpe <jgg@ziepe.ca> wrote:
>> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
>> >
>> >> I am assuming you are talking about the following patches - using
>> >> struct tpm_chip instead of chip number and this patch.
>> >
>> > yes
>> >
>> >> I won't be able to test if struct tpm_chip usage as I don't have
>> >> multiple tpm hw in one machine. In case of tpm rng changes I can test
>> >> only the lifecycle of tpm rng device. Is that enough? I feel my test
>> >> will be limited. Please provide your thoughts on this.
>> >
>> > That is certainly better than no testing.
>>
>> The struct tpm_chip patch partially applied on linux next. I had to
>> manually change the code. In qemu tpm rng device did not show up on
>> loading tpm module. My laptop has tpm hw but Linux next did not work
>> properly in that. All my console were getting spammed with some USB
>> log message and I could not do anything. X did not start either. I
>> could not debug the issue as the logs were printing infinitely. Will
>> get little more time this weekend. Will do a proper test and provide
>> you the result.
>
> Test against 4.15-rc, here are the two patches
>
> https://github.com/jgunthorpe/linux/tree/tpm
>
> Pull from here and merge the latest rc and you will probably have a
> bootable system.
>
> Jason

Applied this patch on v4.14-rc4. Able to get data from tpm rng
(/dev/hwrng with tpm as the chosen rng). This patch works fine. Its
just a basic test though.

Tested-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>

Regards,
PrasannaKumar
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jarkko Sakkinen Nov. 14, 2017, 2:34 p.m. UTC | #9

On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> 
> > I am assuming you are talking about the following patches - using
> > struct tpm_chip instead of chip number and this patch.
> 
> yes
> 
> > I won't be able to test if struct tpm_chip usage as I don't have
> > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > will be limited. Please provide your thoughts on this.
> 
> That is certainly better than no testing.
> 
> Jason

WFM too.

Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jarkko Sakkinen Nov. 17, 2017, 1:28 p.m. UTC | #10

On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> > 
> > > I am assuming you are talking about the following patches - using
> > > struct tpm_chip instead of chip number and this patch.
> > 
> > yes
> > 
> > > I won't be able to test if struct tpm_chip usage as I don't have
> > > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > > will be limited. Please provide your thoughts on this.
> > 
> > That is certainly better than no testing.
> > 
> > Jason
> 
> WFM too.
> 
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> /Jarkko

I applied these commits. Please check that everything is correct as
I had to do manual work with the 2nd commit.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jarkko Sakkinen Nov. 17, 2017, 1:57 p.m. UTC | #11

On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> > > 
> > > > I am assuming you are talking about the following patches - using
> > > > struct tpm_chip instead of chip number and this patch.
> > > 
> > > yes
> > > 
> > > > I won't be able to test if struct tpm_chip usage as I don't have
> > > > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > > > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > > > will be limited. Please provide your thoughts on this.
> > > 
> > > That is certainly better than no testing.
> > > 
> > > Jason
> > 
> > WFM too.
> > 
> > Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > 
> > /Jarkko
> 
> I applied these commits. Please check that everything is correct as
> I had to do manual work with the 2nd commit.
> 
> /Jarkko

At least signed-off-by from PrassanaKumar is missing from the 2nd
commit. I'll add it.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

PrasannaKumar Muralidharan Jan. 27, 2018, 6:50 a.m. UTC | #12

Hi Jarkko,

On 17 November 2017 at 19:27, Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
> On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
>
> At least signed-off-by from PrassanaKumar is missing from the 2nd
> commit. I'll add it.

I had the impression that my signed-off-by will be present in this
change. But it is missing in [1]. Is it supposed to be that way?

1. https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4

Thanks,
PrasannaKumar
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Jarkko Sakkinen Jan. 29, 2018, 10:06 p.m. UTC | #13

On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jarkko,
> 
> On 17 November 2017 at 19:27, Jarkko Sakkinen
> <jarkko.sakkinen@linux.intel.com> wrote:
> > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> >
> > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > commit. I'll add it.
> 
> I had the impression that my signed-off-by will be present in this
> change. But it is missing in [1]. Is it supposed to be that way?
> 
> 1. https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> 
> Thanks,
> PrasannaKumar

Yes, it would be senseful.

James, would it still be possible to amend this tag to security tree?

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

James Morris Jan. 30, 2018, 11:52 a.m. UTC | #14

On Tue, 30 Jan 2018, Jarkko Sakkinen wrote:

> On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> > Hi Jarkko,
> > 
> > On 17 November 2017 at 19:27, Jarkko Sakkinen
> > <jarkko.sakkinen@linux.intel.com> wrote:
> > > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> > >
> > > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > > commit. I'll add it.
> > 
> > I had the impression that my signed-off-by will be present in this
> > change. But it is missing in [1]. Is it supposed to be that way?
> > 
> > 1. https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> > 
> > Thanks,
> > PrasannaKumar
> 
> Yes, it would be senseful.
> 
> James, would it still be possible to amend this tag to security tree?

Nope, it's been pushed to Linus.

Jarkko Sakkinen Jan. 30, 2018, 3:28 p.m. UTC | #15

On Tue, Jan 30, 2018 at 10:52:13PM +1100, James Morris wrote:
> On Tue, 30 Jan 2018, Jarkko Sakkinen wrote:
> 
> > On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> > > Hi Jarkko,
> > > 
> > > On 17 November 2017 at 19:27, Jarkko Sakkinen
> > > <jarkko.sakkinen@linux.intel.com> wrote:
> > > > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> > > >
> > > > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > > > commit. I'll add it.
> > > 
> > > I had the impression that my signed-off-by will be present in this
> > > change. But it is missing in [1]. Is it supposed to be that way?
> > > 
> > > 1. https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> > > 
> > > Thanks,
> > > PrasannaKumar
> > 
> > Yes, it would be senseful.
> > 
> > James, would it still be possible to amend this tag to security tree?
> 
> Nope, it's been pushed to Linus.

Damn. Well, good that Tested-by is there. I'm sorry about this.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index 95a031e9eced07..a20fed182cbcce 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -306,19 +306,6 @@  config HW_RANDOM_POWERNV
 
 	  If unsure, say Y.
 
-config HW_RANDOM_TPM
-	tristate "TPM HW Random Number Generator support"
-	depends on TCG_TPM
-	default HW_RANDOM
-	---help---
-	  This driver provides kernel-side support for the Random Number
-	  Generator in the Trusted Platform Module
-
-	  To compile this driver as a module, choose M here: the
-	  module will be called tpm-rng.
-
-	  If unsure, say Y.
-
 config HW_RANDOM_HISI
 	tristate "Hisilicon Random Number Generator support"
 	depends on HW_RANDOM && ARCH_HISI
diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
index 39a67defac67cb..91cb8e8213e7c1 100644
--- a/drivers/char/hw_random/Makefile
+++ b/drivers/char/hw_random/Makefile
@@ -26,7 +26,6 @@  obj-$(CONFIG_HW_RANDOM_NOMADIK) += nomadik-rng.o
 obj-$(CONFIG_HW_RANDOM_PSERIES) += pseries-rng.o
 obj-$(CONFIG_HW_RANDOM_POWERNV) += powernv-rng.o
 obj-$(CONFIG_HW_RANDOM_HISI)	+= hisi-rng.o
-obj-$(CONFIG_HW_RANDOM_TPM) += tpm-rng.o
 obj-$(CONFIG_HW_RANDOM_BCM2835) += bcm2835-rng.o
 obj-$(CONFIG_HW_RANDOM_IPROC_RNG200) += iproc-rng200.o
 obj-$(CONFIG_HW_RANDOM_MSM) += msm-rng.o
diff --git a/drivers/char/hw_random/tpm-rng.c b/drivers/char/hw_random/tpm-rng.c
deleted file mode 100644
index c5e363825af008..00000000000000
--- a/drivers/char/hw_random/tpm-rng.c
+++ /dev/null
@@ -1,50 +0,0 @@ 
-/*
- * Copyright (C) 2012 Kent Yoder IBM Corporation
- *
- * HWRNG interfaces to pull RNG data from a TPM
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
- */
-
-#include <linux/module.h>
-#include <linux/hw_random.h>
-#include <linux/tpm.h>
-
-#define MODULE_NAME "tpm-rng"
-
-static int tpm_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
-{
-	return tpm_get_random(NULL, data, max);
-}
-
-static struct hwrng tpm_rng = {
-	.name = MODULE_NAME,
-	.read = tpm_rng_read,
-};
-
-static int __init rng_init(void)
-{
-	return hwrng_register(&tpm_rng);
-}
-module_init(rng_init);
-
-static void __exit rng_exit(void)
-{
-	hwrng_unregister(&tpm_rng);
-}
-module_exit(rng_exit);
-
-MODULE_LICENSE("GPL v2");
-MODULE_AUTHOR("Kent Yoder <key@linux.vnet.ibm.com>");
-MODULE_DESCRIPTION("RNG driver for TPM devices");
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index a30352202f1fdc..18c81cbe4704ca 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -26,6 +26,17 @@  menuconfig TCG_TPM
 
 if TCG_TPM
 
+config HW_RANDOM_TPM
+	bool "TPM HW Random Number Generator support"
+	depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
+	default y
+	---help---
+	  This setting exposes the TPM's Random Number Generator as a hwrng
+	  device. This allows the kernel to collect randomness from the TPM at
+	  boot, and provides the TPM randomines in /dev/hwrng.
+
+	  If unsure, say Y.
+
 config TCG_TIS_CORE
 	tristate
 	---help---
diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 6faf4c3fa6dbbd..797ab962291333 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -26,6 +26,7 @@ 
 #include <linux/spinlock.h>
 #include <linux/freezer.h>
 #include <linux/major.h>
+#include <linux/hw_random.h>
 #include "tpm.h"
 #include "tpm_eventlog.h"
 
@@ -391,6 +392,26 @@  static int tpm_add_legacy_sysfs(struct tpm_chip *chip)
 
 	return 0;
 }
+
+static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait)
+{
+	struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng);
+
+	return tpm_get_random(chip, data, max);
+}
+
+static int tpm_add_hwrng(struct tpm_chip *chip)
+{
+	if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM))
+		return 0;
+
+	snprintf(chip->hwrng_name, sizeof(chip->hwrng_name),
+		 "tpm-rng-%d", chip->dev_num);
+	chip->hwrng.name = chip->hwrng_name;
+	chip->hwrng.read = tpm_hwrng_read;
+	return hwrng_register(&chip->hwrng);
+}
+
 /*
  * tpm_chip_register() - create a character device for the TPM chip
  * @chip: TPM chip to use.
@@ -423,11 +444,13 @@  int tpm_chip_register(struct tpm_chip *chip)
 
 	tpm_add_ppi(chip);
 
+	rc = tpm_add_hwrng(chip);
+	if (rc)
+		goto out_ppi;
+
 	rc = tpm_add_char_device(chip);
-	if (rc) {
-		tpm_bios_log_teardown(chip);
-		return rc;
-	}
+	if (rc)
+		goto out_hwrng;
 
 	rc = tpm_add_legacy_sysfs(chip);
 	if (rc) {
@@ -436,6 +459,14 @@  int tpm_chip_register(struct tpm_chip *chip)
 	}
 
 	return 0;
+
+out_hwrng:
+	if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
+		hwrng_unregister(&chip->hwrng);
+out_ppi:
+	tpm_bios_log_teardown(chip);
+
+	return rc;
 }
 EXPORT_SYMBOL_GPL(tpm_chip_register);
 
@@ -455,6 +486,8 @@  EXPORT_SYMBOL_GPL(tpm_chip_register);
 void tpm_chip_unregister(struct tpm_chip *chip)
 {
 	tpm_del_legacy_sysfs(chip);
+	if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
+		hwrng_unregister(&chip->hwrng);
 	tpm_bios_log_teardown(chip);
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		cdev_device_del(&chip->cdevs, &chip->devs);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 7424511241031a..efe8ad0d137f74 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -26,6 +26,7 @@ 
 #include <linux/module.h>
 #include <linux/delay.h>
 #include <linux/fs.h>
+#include <linux/hw_random.h>
 #include <linux/mutex.h>
 #include <linux/sched.h>
 #include <linux/platform_device.h>
@@ -210,6 +211,9 @@  struct tpm_chip {
 	int dev_num;		/* /dev/tpm# */
 	unsigned long is_open;	/* only one allowed */
 
+	char hwrng_name[64];
+	struct hwrng hwrng;
+
 	struct mutex tpm_mutex;	/* tpm is processing */
 
 	unsigned long timeout_a; /* jiffies */