2023-08-03 02:58:50

by Mario Limonciello

[permalink] [raw]
Subject: [PATCH 3/3] tpm: Drop CONFIG_HW_RANDOM_TPM

As the behavior of whether a TPM is registered for hwrng can be controlled
by command line, drop the kernel configuration option.

Cc: Mateusz Schyboll <[email protected]>
Signed-off-by: Mario Limonciello <[email protected]>
---
drivers/char/tpm/Kconfig | 11 -----------
drivers/char/tpm/tpm-chip.c | 6 +++---
2 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 927088b2c3d3f..69aaa730dc208 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -27,17 +27,6 @@ menuconfig TCG_TPM

if TCG_TPM

-config HW_RANDOM_TPM
- bool "TPM HW Random Number Generator support"
- depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
- default y
- help
- This setting exposes the TPM's Random Number Generator as a hwrng
- device. This allows the kernel to collect randomness from the TPM at
- boot, and provides the TPM randomines in /dev/hwrng.
-
- If unsure, say Y.
-
config TCG_TIS_CORE
tristate
help
diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 8fb42232bd7a5..0d69335743469 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -533,7 +533,7 @@ static int tpm_add_hwrng(struct tpm_chip *chip)
if (!trust_tpm)
chip->flags |= TPM_CHIP_FLAG_HWRNG_DISABLED;

- if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM) || tpm_is_firmware_upgrade(chip) ||
+ if (tpm_is_firmware_upgrade(chip) ||
chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED)
return 0;

@@ -639,7 +639,7 @@ int tpm_chip_register(struct tpm_chip *chip)
return 0;

out_hwrng:
- if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
+ if (!tpm_is_firmware_upgrade(chip) &&
!(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
hwrng_unregister(&chip->hwrng);
out_ppi:
@@ -665,7 +665,7 @@ EXPORT_SYMBOL_GPL(tpm_chip_register);
void tpm_chip_unregister(struct tpm_chip *chip)
{
tpm_del_legacy_sysfs(chip);
- if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
+ if (!tpm_is_firmware_upgrade(chip) &&
!(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
hwrng_unregister(&chip->hwrng);
tpm_bios_log_teardown(chip);
--
2.34.1



2023-08-03 07:33:53

by Paul Menzel

[permalink] [raw]
Subject: Re: [PATCH 3/3] tpm: Drop CONFIG_HW_RANDOM_TPM

Dear Mario,


Thank you for the patch.

Am 03.08.23 um 03:50 schrieb Mario Limonciello:
> As the behavior of whether a TPM is registered for hwrng can be controlled
> by command line, drop the kernel configuration option.

Shouldn’t this be left in to be able to set the default without having
to change the Linux kernel command line?


Kind regards

Paul


> Cc: Mateusz Schyboll <[email protected]>
> Signed-off-by: Mario Limonciello <[email protected]>
> ---
> drivers/char/tpm/Kconfig | 11 -----------
> drivers/char/tpm/tpm-chip.c | 6 +++---
> 2 files changed, 3 insertions(+), 14 deletions(-)
>
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index 927088b2c3d3f..69aaa730dc208 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -27,17 +27,6 @@ menuconfig TCG_TPM
>
> if TCG_TPM
>
> -config HW_RANDOM_TPM
> - bool "TPM HW Random Number Generator support"
> - depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
> - default y
> - help
> - This setting exposes the TPM's Random Number Generator as a hwrng
> - device. This allows the kernel to collect randomness from the TPM at
> - boot, and provides the TPM randomines in /dev/hwrng.
> -
> - If unsure, say Y.
> -
> config TCG_TIS_CORE
> tristate
> help
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 8fb42232bd7a5..0d69335743469 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -533,7 +533,7 @@ static int tpm_add_hwrng(struct tpm_chip *chip)
> if (!trust_tpm)
> chip->flags |= TPM_CHIP_FLAG_HWRNG_DISABLED;
>
> - if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM) || tpm_is_firmware_upgrade(chip) ||
> + if (tpm_is_firmware_upgrade(chip) ||
> chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED)
> return 0;
>
> @@ -639,7 +639,7 @@ int tpm_chip_register(struct tpm_chip *chip)
> return 0;
>
> out_hwrng:
> - if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
> + if (!tpm_is_firmware_upgrade(chip) &&
> !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
> hwrng_unregister(&chip->hwrng);
> out_ppi:
> @@ -665,7 +665,7 @@ EXPORT_SYMBOL_GPL(tpm_chip_register);
> void tpm_chip_unregister(struct tpm_chip *chip)
> {
> tpm_del_legacy_sysfs(chip);
> - if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
> + if (!tpm_is_firmware_upgrade(chip) &&
> !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
> hwrng_unregister(&chip->hwrng);
> tpm_bios_log_teardown(chip);

2023-08-03 09:46:14

by Jarkko Sakkinen

[permalink] [raw]
Subject: Re: [PATCH 3/3] tpm: Drop CONFIG_HW_RANDOM_TPM

On Thu Aug 3, 2023 at 10:22 AM EEST, Paul Menzel wrote:
> Dear Mario,
>
>
> Thank you for the patch.
>
> Am 03.08.23 um 03:50 schrieb Mario Limonciello:
> > As the behavior of whether a TPM is registered for hwrng can be controlled
> > by command line, drop the kernel configuration option.
>
> Shouldn’t this be left in to be able to set the default without having
> to change the Linux kernel command line?

Even if it made sense it is completely urelated to the real-world
issues at hand.

BR, Jarkko

2023-08-03 09:53:33

by Jarkko Sakkinen

[permalink] [raw]
Subject: Re: [PATCH 3/3] tpm: Drop CONFIG_HW_RANDOM_TPM

On Thu Aug 3, 2023 at 4:50 AM EEST, Mario Limonciello wrote:
> As the behavior of whether a TPM is registered for hwrng can be controlled
> by command line, drop the kernel configuration option.
>
> Cc: Mateusz Schyboll <[email protected]>
> Signed-off-by: Mario Limonciello <[email protected]>
> ---
> drivers/char/tpm/Kconfig | 11 -----------
> drivers/char/tpm/tpm-chip.c | 6 +++---
> 2 files changed, 3 insertions(+), 14 deletions(-)
>
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index 927088b2c3d3f..69aaa730dc208 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -27,17 +27,6 @@ menuconfig TCG_TPM
>
> if TCG_TPM
>
> -config HW_RANDOM_TPM
> - bool "TPM HW Random Number Generator support"
> - depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
> - default y
> - help
> - This setting exposes the TPM's Random Number Generator as a hwrng
> - device. This allows the kernel to collect randomness from the TPM at
> - boot, and provides the TPM randomines in /dev/hwrng.
> -
> - If unsure, say Y.
> -
> config TCG_TIS_CORE
> tristate
> help
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 8fb42232bd7a5..0d69335743469 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -533,7 +533,7 @@ static int tpm_add_hwrng(struct tpm_chip *chip)
> if (!trust_tpm)
> chip->flags |= TPM_CHIP_FLAG_HWRNG_DISABLED;
>
> - if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM) || tpm_is_firmware_upgrade(chip) ||
> + if (tpm_is_firmware_upgrade(chip) ||
> chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED)
> return 0;
>
> @@ -639,7 +639,7 @@ int tpm_chip_register(struct tpm_chip *chip)
> return 0;
>
> out_hwrng:
> - if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
> + if (!tpm_is_firmware_upgrade(chip) &&
> !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
> hwrng_unregister(&chip->hwrng);
> out_ppi:
> @@ -665,7 +665,7 @@ EXPORT_SYMBOL_GPL(tpm_chip_register);
> void tpm_chip_unregister(struct tpm_chip *chip)
> {
> tpm_del_legacy_sysfs(chip);
> - if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) && !tpm_is_firmware_upgrade(chip) &&
> + if (!tpm_is_firmware_upgrade(chip) &&
> !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
> hwrng_unregister(&chip->hwrng);
> tpm_bios_log_teardown(chip);
> --
> 2.34.1

I don't understand this but please take it a way from patch set, which
should only contain critical fixes, which this definitely is not.

BR, Jarkko

2023-08-03 14:07:15

by Mario Limonciello

[permalink] [raw]
Subject: Re: [PATCH 3/3] tpm: Drop CONFIG_HW_RANDOM_TPM

On 8/3/23 02:22, Paul Menzel wrote:
> Dear Mario,
>
>
> Thank you for the patch.
>
> Am 03.08.23 um 03:50 schrieb Mario Limonciello:
>> As the behavior of whether a TPM is registered for hwrng can be
>> controlled
>> by command line, drop the kernel configuration option.
>
> Shouldn’t this be left in to be able to set the default without having
> to change the Linux kernel command line?
>
It's the same thing as these commits:

b9b01a5625b5a ("random: use random.trust_{bootloader,cpu} command line
option only")

d97c68d178fbf ("random: treat bootloader trust toggle the same way as
cpu trust toggle")

So it matches the behavior of those.

>
> Kind regards
>
> Paul
>
>
>> Cc: Mateusz Schyboll <[email protected]>
>> Signed-off-by: Mario Limonciello <[email protected]>
>> ---
>>   drivers/char/tpm/Kconfig    | 11 -----------
>>   drivers/char/tpm/tpm-chip.c |  6 +++---
>>   2 files changed, 3 insertions(+), 14 deletions(-)
>>
>> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
>> index 927088b2c3d3f..69aaa730dc208 100644
>> --- a/drivers/char/tpm/Kconfig
>> +++ b/drivers/char/tpm/Kconfig
>> @@ -27,17 +27,6 @@ menuconfig TCG_TPM
>>   if TCG_TPM
>> -config HW_RANDOM_TPM
>> -    bool "TPM HW Random Number Generator support"
>> -    depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
>> -    default y
>> -    help
>> -      This setting exposes the TPM's Random Number Generator as a hwrng
>> -      device. This allows the kernel to collect randomness from the
>> TPM at
>> -      boot, and provides the TPM randomines in /dev/hwrng.
>> -
>> -      If unsure, say Y.
>> -
>>   config TCG_TIS_CORE
>>       tristate
>>       help
>> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
>> index 8fb42232bd7a5..0d69335743469 100644
>> --- a/drivers/char/tpm/tpm-chip.c
>> +++ b/drivers/char/tpm/tpm-chip.c
>> @@ -533,7 +533,7 @@ static int tpm_add_hwrng(struct tpm_chip *chip)
>>       if (!trust_tpm)
>>           chip->flags |= TPM_CHIP_FLAG_HWRNG_DISABLED;
>> -    if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM) ||
>> tpm_is_firmware_upgrade(chip) ||
>> +    if (tpm_is_firmware_upgrade(chip) ||
>>           chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED)
>>           return 0;
>> @@ -639,7 +639,7 @@ int tpm_chip_register(struct tpm_chip *chip)
>>       return 0;
>>   out_hwrng:
>> -    if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) &&
>> !tpm_is_firmware_upgrade(chip) &&
>> +    if (!tpm_is_firmware_upgrade(chip) &&
>>           !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
>>           hwrng_unregister(&chip->hwrng);
>>   out_ppi:
>> @@ -665,7 +665,7 @@ EXPORT_SYMBOL_GPL(tpm_chip_register);
>>   void tpm_chip_unregister(struct tpm_chip *chip)
>>   {
>>       tpm_del_legacy_sysfs(chip);
>> -    if (IS_ENABLED(CONFIG_HW_RANDOM_TPM) &&
>> !tpm_is_firmware_upgrade(chip) &&
>> +    if (!tpm_is_firmware_upgrade(chip) &&
>>           !(chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED))
>>           hwrng_unregister(&chip->hwrng);
>>       tpm_bios_log_teardown(chip);