Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2018-01-30 Thread Jarkko Sakkinen 
On Tue, Jan 30, 2018 at 10:52:13PM +1100, James Morris wrote:
> On Tue, 30 Jan 2018, Jarkko Sakkinen wrote:
> 
> > On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> > > Hi Jarkko,
> > > 
> > > On 17 November 2017 at 19:27, Jarkko Sakkinen
> > >  wrote:
> > > > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> > > >
> > > > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > > > commit. I'll add it.
> > > 
> > > I had the impression that my signed-off-by will be present in this
> > > change. But it is missing in [1]. Is it supposed to be that way?
> > > 
> > > 1. 
> > > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> > > 
> > > Thanks,
> > > PrasannaKumar
> > 
> > Yes, it would be senseful.
> > 
> > James, would it still be possible to amend this tag to security tree?
> 
> Nope, it's been pushed to Linus.

Damn. Well, good that Tested-by is there. I'm sorry about this.

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2018-01-30 Thread James Morris 
On Tue, 30 Jan 2018, Jarkko Sakkinen wrote:

> On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> > Hi Jarkko,
> > 
> > On 17 November 2017 at 19:27, Jarkko Sakkinen
> >  wrote:
> > > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> > >
> > > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > > commit. I'll add it.
> > 
> > I had the impression that my signed-off-by will be present in this
> > change. But it is missing in [1]. Is it supposed to be that way?
> > 
> > 1. 
> > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> > 
> > Thanks,
> > PrasannaKumar
> 
> Yes, it would be senseful.
> 
> James, would it still be possible to amend this tag to security tree?

Nope, it's been pushed to Linus.


-- 
James Morris

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2018-01-29 Thread Jarkko Sakkinen 
On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jarkko,
> 
> On 17 November 2017 at 19:27, Jarkko Sakkinen
>  wrote:
> > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> >
> > At least signed-off-by from PrassanaKumar is missing from the 2nd
> > commit. I'll add it.
> 
> I had the impression that my signed-off-by will be present in this
> change. But it is missing in [1]. Is it supposed to be that way?
> 
> 1. 
> https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4
> 
> Thanks,
> PrasannaKumar

Yes, it would be senseful.

James, would it still be possible to amend this tag to security tree?

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2018-01-26 Thread PrasannaKumar Muralidharan 
Hi Jarkko,

On 17 November 2017 at 19:27, Jarkko Sakkinen
 wrote:
> On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
>
> At least signed-off-by from PrassanaKumar is missing from the 2nd
> commit. I'll add it.

I had the impression that my signed-off-by will be present in this
change. But it is missing in [1]. Is it supposed to be that way?

1. 
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6e592a065d51d26f9d62b8b7501a5114076af8b4

Thanks,
PrasannaKumar

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-17 Thread Jarkko Sakkinen 
On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan 
> > > wrote:
> > > 
> > > > I am assuming you are talking about the following patches - using
> > > > struct tpm_chip instead of chip number and this patch.
> > > 
> > > yes
> > > 
> > > > I won't be able to test if struct tpm_chip usage as I don't have
> > > > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > > > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > > > will be limited. Please provide your thoughts on this.
> > > 
> > > That is certainly better than no testing.
> > > 
> > > Jason
> > 
> > WFM too.
> > 
> > Tested-by: Jarkko Sakkinen 
> > Reviewed-by: Jarkko Sakkinen 
> > 
> > /Jarkko
> 
> I applied these commits. Please check that everything is correct as
> I had to do manual work with the 2nd commit.
> 
> /Jarkko

At least signed-off-by from PrassanaKumar is missing from the 2nd
commit. I'll add it.

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-17 Thread Jarkko Sakkinen 
On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> > 
> > > I am assuming you are talking about the following patches - using
> > > struct tpm_chip instead of chip number and this patch.
> > 
> > yes
> > 
> > > I won't be able to test if struct tpm_chip usage as I don't have
> > > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > > will be limited. Please provide your thoughts on this.
> > 
> > That is certainly better than no testing.
> > 
> > Jason
> 
> WFM too.
> 
> Tested-by: Jarkko Sakkinen 
> Reviewed-by: Jarkko Sakkinen 
> 
> /Jarkko

I applied these commits. Please check that everything is correct as
I had to do manual work with the 2nd commit.

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-14 Thread Jarkko Sakkinen 
On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> 
> > I am assuming you are talking about the following patches - using
> > struct tpm_chip instead of chip number and this patch.
> 
> yes
> 
> > I won't be able to test if struct tpm_chip usage as I don't have
> > multiple tpm hw in one machine. In case of tpm rng changes I can test
> > only the lifecycle of tpm rng device. Is that enough? I feel my test
> > will be limited. Please provide your thoughts on this.
> 
> That is certainly better than no testing.
> 
> Jason

WFM too.

Tested-by: Jarkko Sakkinen 
Reviewed-by: Jarkko Sakkinen 

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-11 Thread PrasannaKumar Muralidharan 
Hi Jason,

On 9 November 2017 at 21:59, Jason Gunthorpe  wrote:
> On Thu, Nov 09, 2017 at 09:49:33PM +0530, PrasannaKumar Muralidharan wrote:
>> Hi Jason,
>>
>> On 7 November 2017 at 21:34, Jason Gunthorpe  wrote:
>> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
>> >
>> >> I am assuming you are talking about the following patches - using
>> >> struct tpm_chip instead of chip number and this patch.
>> >
>> > yes
>> >
>> >> I won't be able to test if struct tpm_chip usage as I don't have
>> >> multiple tpm hw in one machine. In case of tpm rng changes I can test
>> >> only the lifecycle of tpm rng device. Is that enough? I feel my test
>> >> will be limited. Please provide your thoughts on this.
>> >
>> > That is certainly better than no testing.
>>
>> The struct tpm_chip patch partially applied on linux next. I had to
>> manually change the code. In qemu tpm rng device did not show up on
>> loading tpm module. My laptop has tpm hw but Linux next did not work
>> properly in that. All my console were getting spammed with some USB
>> log message and I could not do anything. X did not start either. I
>> could not debug the issue as the logs were printing infinitely. Will
>> get little more time this weekend. Will do a proper test and provide
>> you the result.
>
> Test against 4.15-rc, here are the two patches
>
> https://github.com/jgunthorpe/linux/tree/tpm
>
> Pull from here and merge the latest rc and you will probably have a
> bootable system.
>
> Jason

Applied this patch on v4.14-rc4. Able to get data from tpm rng
(/dev/hwrng with tpm as the chosen rng). This patch works fine. Its
just a basic test though.

Tested-by: PrasannaKumar Muralidharan 

Regards,
PrasannaKumar

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-09 Thread Jason Gunthorpe 
On Thu, Nov 09, 2017 at 09:49:33PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jason,
> 
> On 7 November 2017 at 21:34, Jason Gunthorpe  wrote:
> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> >
> >> I am assuming you are talking about the following patches - using
> >> struct tpm_chip instead of chip number and this patch.
> >
> > yes
> >
> >> I won't be able to test if struct tpm_chip usage as I don't have
> >> multiple tpm hw in one machine. In case of tpm rng changes I can test
> >> only the lifecycle of tpm rng device. Is that enough? I feel my test
> >> will be limited. Please provide your thoughts on this.
> >
> > That is certainly better than no testing.
> 
> The struct tpm_chip patch partially applied on linux next. I had to
> manually change the code. In qemu tpm rng device did not show up on
> loading tpm module. My laptop has tpm hw but Linux next did not work
> properly in that. All my console were getting spammed with some USB
> log message and I could not do anything. X did not start either. I
> could not debug the issue as the logs were printing infinitely. Will
> get little more time this weekend. Will do a proper test and provide
> you the result.

Test against 4.15-rc, here are the two patches

https://github.com/jgunthorpe/linux/tree/tpm

Pull from here and merge the latest rc and you will probably have a
bootable system.

Jason

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-09 Thread PrasannaKumar Muralidharan 
Hi Jason,

On 7 November 2017 at 21:34, Jason Gunthorpe  wrote:
> On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
>
>> I am assuming you are talking about the following patches - using
>> struct tpm_chip instead of chip number and this patch.
>
> yes
>
>> I won't be able to test if struct tpm_chip usage as I don't have
>> multiple tpm hw in one machine. In case of tpm rng changes I can test
>> only the lifecycle of tpm rng device. Is that enough? I feel my test
>> will be limited. Please provide your thoughts on this.
>
> That is certainly better than no testing.

The struct tpm_chip patch partially applied on linux next. I had to
manually change the code. In qemu tpm rng device did not show up on
loading tpm module. My laptop has tpm hw but Linux next did not work
properly in that. All my console were getting spammed with some USB
log message and I could not do anything. X did not start either. I
could not debug the issue as the logs were printing infinitely. Will
get little more time this weekend. Will do a proper test and provide
you the result.

Regards,
PrasannaKumar

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-07 Thread Jarkko Sakkinen 
On Sun, Nov 05, 2017 at 07:27:04PM -0700, Jason Gunthorpe wrote:
> On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:
> 
> > I asked to create a series for a reason. Now this doesn't apply because I
> > don't have an ancestor in my git history.
> 
> It would be unusual for me to put your patch into a series unless I am
> also adopting it. eg what happens if there are more comments on it?
> 
> Also, I wasn't sure what branch your patch was against since my tree
> didn't have history for it either..
> 
> Sometimes the maintainer has to sort stuff like this out... :)
> 
> > Please resend as series together with my patch. I can apply neither yet
> > because they have zero tested-by's.
> 
> Hopefully PrasannaKumar can test both patches.
> 
> Jason

Fair enough. I'll look at it.

/Jarkko

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-07 Thread Jason Gunthorpe 
On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:

> I am assuming you are talking about the following patches - using
> struct tpm_chip instead of chip number and this patch.

yes

> I won't be able to test if struct tpm_chip usage as I don't have
> multiple tpm hw in one machine. In case of tpm rng changes I can test
> only the lifecycle of tpm rng device. Is that enough? I feel my test
> will be limited. Please provide your thoughts on this.

That is certainly better than no testing.

Jason

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-06 Thread PrasannaKumar Muralidharan 
Hi Jason,

On 6 November 2017 at 07:57, Jason Gunthorpe  wrote:
> On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:
>
>> I asked to create a series for a reason. Now this doesn't apply because I
>> don't have an ancestor in my git history.
>
> It would be unusual for me to put your patch into a series unless I am
> also adopting it. eg what happens if there are more comments on it?
>
> Also, I wasn't sure what branch your patch was against since my tree
> didn't have history for it either..
>
> Sometimes the maintainer has to sort stuff like this out... :)
>
>> Please resend as series together with my patch. I can apply neither yet
>> because they have zero tested-by's.
>
> Hopefully PrasannaKumar can test both patches.

I am assuming you are talking about the following patches - using
struct tpm_chip instead of chip number and this patch.

I won't be able to test if struct tpm_chip usage as I don't have
multiple tpm hw in one machine. In case of tpm rng changes I can test
only the lifecycle of tpm rng device. Is that enough? I feel my test
will be limited. Please provide your thoughts on this.

Regards,
PrasannaKumar

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-05 Thread Jason Gunthorpe 
On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:

> I asked to create a series for a reason. Now this doesn't apply because I
> don't have an ancestor in my git history.

It would be unusual for me to put your patch into a series unless I am
also adopting it. eg what happens if there are more comments on it?

Also, I wasn't sure what branch your patch was against since my tree
didn't have history for it either..

Sometimes the maintainer has to sort stuff like this out... :)

> Please resend as series together with my patch. I can apply neither yet
> because they have zero tested-by's.

Hopefully PrasannaKumar can test both patches.

Jason

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

2017-11-05 Thread Jarkko Sakkinen 
On Tue, Oct 31, 2017 at 02:05:03PM -0600, Jason Gunthorpe wrote:
> The tpm-rng.c approach is completely inconsistent with how the kernel
> handles hotplug. Instead manage a hwrng device for each TPM. This will
> cause the kernel to read entropy from the TPM when it is plugged in,
> and allow access to the TPM rng via /dev/hwrng.
> 
> Signed-off-by: PrasannaKumar Muralidharan 
> Signed-off-by: Jason Gunthorpe 
> ---
>  drivers/char/hw_random/Kconfig   | 13 ---
>  drivers/char/hw_random/Makefile  |  1 -
>  drivers/char/hw_random/tpm-rng.c | 50 
> 
>  drivers/char/tpm/Kconfig | 11 +
>  drivers/char/tpm/tpm-chip.c  | 41 
>  drivers/char/tpm/tpm.h   |  4 
>  6 files changed, 52 insertions(+), 68 deletions(-)
>  delete mode 100644 drivers/char/hw_random/tpm-rng.c
> 
> v2 applies against Jarkko's patch
> "tpm: use struct tpm_chip for tpm_chip_find_get()"
> 
> diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
> index 95a031e9eced07..a20fed182cbcce 100644
> --- a/drivers/char/hw_random/Kconfig
> +++ b/drivers/char/hw_random/Kconfig
> @@ -306,19 +306,6 @@ config HW_RANDOM_POWERNV
>  
> If unsure, say Y.
>  
> -config HW_RANDOM_TPM
> - tristate "TPM HW Random Number Generator support"
> - depends on TCG_TPM
> - default HW_RANDOM
> - ---help---
> -   This driver provides kernel-side support for the Random Number
> -   Generator in the Trusted Platform Module
> -
> -   To compile this driver as a module, choose M here: the
> -   module will be called tpm-rng.
> -
> -   If unsure, say Y.
> -
>  config HW_RANDOM_HISI
>   tristate "Hisilicon Random Number Generator support"
>   depends on HW_RANDOM && ARCH_HISI
> diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
> index 39a67defac67cb..91cb8e8213e7c1 100644
> --- a/drivers/char/hw_random/Makefile
> +++ b/drivers/char/hw_random/Makefile
> @@ -26,7 +26,6 @@ obj-$(CONFIG_HW_RANDOM_NOMADIK) += nomadik-rng.o
>  obj-$(CONFIG_HW_RANDOM_PSERIES) += pseries-rng.o
>  obj-$(CONFIG_HW_RANDOM_POWERNV) += powernv-rng.o
>  obj-$(CONFIG_HW_RANDOM_HISI) += hisi-rng.o
> -obj-$(CONFIG_HW_RANDOM_TPM) += tpm-rng.o
>  obj-$(CONFIG_HW_RANDOM_BCM2835) += bcm2835-rng.o
>  obj-$(CONFIG_HW_RANDOM_IPROC_RNG200) += iproc-rng200.o
>  obj-$(CONFIG_HW_RANDOM_MSM) += msm-rng.o
> diff --git a/drivers/char/hw_random/tpm-rng.c 
> b/drivers/char/hw_random/tpm-rng.c
> deleted file mode 100644
> index c5e363825af008..00
> --- a/drivers/char/hw_random/tpm-rng.c
> +++ /dev/null
> @@ -1,50 +0,0 @@
> -/*
> - * Copyright (C) 2012 Kent Yoder IBM Corporation
> - *
> - * HWRNG interfaces to pull RNG data from a TPM
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of the GNU General Public License version 2 as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful,
> - * but WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> - * GNU General Public License for more details.
> - *
> - * You should have received a copy of the GNU General Public License
> - * along with this program; if not, write to the Free Software
> - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
> - */
> -
> -#include 
> -#include 
> -#include 
> -
> -#define MODULE_NAME "tpm-rng"
> -
> -static int tpm_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
> -{
> - return tpm_get_random(NULL, data, max);
> -}
> -
> -static struct hwrng tpm_rng = {
> - .name = MODULE_NAME,
> - .read = tpm_rng_read,
> -};
> -
> -static int __init rng_init(void)
> -{
> - return hwrng_register(_rng);
> -}
> -module_init(rng_init);
> -
> -static void __exit rng_exit(void)
> -{
> - hwrng_unregister(_rng);
> -}
> -module_exit(rng_exit);
> -
> -MODULE_LICENSE("GPL v2");
> -MODULE_AUTHOR("Kent Yoder ");
> -MODULE_DESCRIPTION("RNG driver for TPM devices");
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index a30352202f1fdc..18c81cbe4704ca 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -26,6 +26,17 @@ menuconfig TCG_TPM
>  
>  if TCG_TPM
>  
> +config HW_RANDOM_TPM
> + bool "TPM HW Random Number Generator support"
> + depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
> + default y
> + ---help---
> +   This setting exposes the TPM's Random Number Generator as a hwrng
> +   device. This allows the kernel to collect randomness from the TPM at
> +   boot, and provides the TPM randomines in /dev/hwrng.
> +
> +   If unsure, say Y.
> +
>  config TCG_TIS_CORE
>   tristate
>   ---help---
> diff --git