Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp1926757rwb; Fri, 28 Jul 2023 18:20:16 -0700 (PDT) X-Google-Smtp-Source: APBJJlEoDxHxQHb0l2Edw01RGb1qaLbTcIQJPKD0E+KTSunUno2pq7nRLQhNLHhyBtOlvUlzhZt+ X-Received: by 2002:a17:902:d487:b0:1b6:68bb:6ad0 with SMTP id c7-20020a170902d48700b001b668bb6ad0mr4009873plg.55.1690593616022; Fri, 28 Jul 2023 18:20:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690593616; cv=none; d=google.com; s=arc-20160816; b=rboWEuxHJh+J4G48lOu08+PPghxywPAXhStXKTz6HsVvHlk/qHlnqL3G3wVrTAEe9K vNUYDj9AHQgIIZvJjtrZeVMh+SVB0Dq2hxaA/BRX2Mfn69CICc+v+bcI3VoGKzT7iN9D 10Ja4IgksEQT4uNkW2WoFyAYT7uvjaEwOE4SKglqZnkndxkE4I9T1FaCt1FS64Qbd1dK qLR1EG94nk/JcGXsNC9/uZAVadlcqAMUeFbxnsQglfs+7LveePC4Rr517saAv2XowVw/ cZPgf3vjfJSozu8QpoSVQzixWR/j5rEJ7fVPAdt4tyWCf3XMUypIAy3NPRPSQHyvgT96 /VyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=eFPGXH3D8khdfq+8tdL19Fd9zkktz+opxN/g+ekYzaY=; fh=WxZYcDKh+t3QGE4eloAQn52tNJJdc2YnVLtJMNd/yQw=; b=qWaUdlj4qnmURHG+YIcS9VDchEiWMdrQXL6wE6HP3AGmuU3VP9X4GKEmC37M7dLw4Q 8wx3A2H4IIgejG4zdK5+dljcHIfKVn0sHACirRF0rshDMRr48omfZamxDCRNXFDGX+t2 /8BaWwrtca/9vW8lzAETmBJFfAltvZbjlLKlOJeh74VadE1w4FeYW3Us7ipFBhbYF6N7 xG8sTOJt//MgEwU6XObXal1bNTSA4O63kvwIxe3cSZbScAO2TWW5xrz1T29yDO5jv4U0 OY+2oql3ev9FnuxLMNzIh8SEAiRdzbROEtHxVIIeuS7ssdyvmSOxmuhUTvtACeOR/Gj/ /kWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=eA4neX5y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x12-20020a170902ec8c00b001bbb39ffe06si4009875plg.69.2023.07.28.18.20.04; Fri, 28 Jul 2023 18:20:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=eA4neX5y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233044AbjG1Viu (ORCPT + 99 others); Fri, 28 Jul 2023 17:38:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34226 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231244AbjG1Vis (ORCPT ); Fri, 28 Jul 2023 17:38:48 -0400 Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7958D4209 for ; Fri, 28 Jul 2023 14:38:41 -0700 (PDT) Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-99bdeae1d0aso278031166b.1 for ; Fri, 28 Jul 2023 14:38:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1690580319; x=1691185119; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eFPGXH3D8khdfq+8tdL19Fd9zkktz+opxN/g+ekYzaY=; b=eA4neX5ym7izMDxaOBwaFaRk7fvsuE7hZ84z1G6vBUtxlXGcNPs90YWT4WWs19tnaC tIRhBOEGn6OPCzYRHHH9rqAqb4BDdlSP/3BAPbkZH1lu3xe6jqHnnpwHlH5A3UDAMIjh wiFqABw+Eh0TmoLIaE4bWUS5rmv+/M1tyfuAo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690580319; x=1691185119; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eFPGXH3D8khdfq+8tdL19Fd9zkktz+opxN/g+ekYzaY=; b=SdPgLNkHQtsA6FykmbBU/xQGO06jFBuq0O8DmU+cHLLso6CXApopedmQEi6YpP7twt C3HlP7J7v0DaEVupfdIgVaOGmHUcWicaptHA5qwZ0KRkDc3KfE8h4PAqYqtD4ku8Rizl XNKtg0DpFpRuYy6zcm0lIqyhy8OVtPZPBP/uegni3LCNSp3nAZQdMdIB+sf61qO/GYXT xY7qgMWphsskz21wGJ3NzkkxJ9uArmADXEs95oNlAlVWO0GRRv5sJ83d1ukzSyayYTYN Ci0idGZkys4o3DkKDTq6DPcw/j2TksJ3uhhMZjt8Vb5dbKvHOyIx9aCAhefim8/E7eR3 IaxA== X-Gm-Message-State: ABy/qLYGtezMvTti/Pg2k9yT7Wtl9AtisFA8p8ANqk290GjN8lk3g5F/ zlOOmmwUQmiRhAv8DBRrDMfO2/653P74Z5s6W2hyYTKG X-Received: by 2002:a17:906:100e:b0:99b:cf0c:2cb1 with SMTP id 14-20020a170906100e00b0099bcf0c2cb1mr387878ejm.66.1690580319407; Fri, 28 Jul 2023 14:38:39 -0700 (PDT) Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com. [209.85.221.43]) by smtp.gmail.com with ESMTPSA id lu44-20020a170906faec00b00992f309cfe8sm2499646ejb.178.2023.07.28.14.38.38 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 28 Jul 2023 14:38:39 -0700 (PDT) Received: by mail-wr1-f43.google.com with SMTP id ffacd0b85a97d-3172144c084so2633349f8f.1 for ; Fri, 28 Jul 2023 14:38:38 -0700 (PDT) X-Received: by 2002:a05:6000:120a:b0:317:54e2:26ca with SMTP id e10-20020a056000120a00b0031754e226camr3139809wrx.50.1690580318550; Fri, 28 Jul 2023 14:38:38 -0700 (PDT) MIME-Version: 1.0 References: <20230727183805.69c36d6e@g14> <20230727193949.55c18805@g14> <65a1c307-826d-4ca3-0336-07a185684e5d@amd.com> <20230727195019.41abb48d@g14> <67eefe98-e6df-e152-3169-44329e22478d@amd.com> <20230727200527.4080c595@g14> <5235ab4c-a49b-0679-1bef-c3f02346168c@amd.com> In-Reply-To: <5235ab4c-a49b-0679-1bef-c3f02346168c@amd.com> From: Linus Torvalds Date: Fri, 28 Jul 2023 14:38:21 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs To: "Limonciello, Mario" Cc: Daniil Stas , James.Bottomley@hansenpartnership.com, Jason@zx2c4.com, jarkko@kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, regressions@leemhuis.info, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 28 Jul 2023 at 14:01, Limonciello, Mario wrote: > > That's exactly why I was asking in the kernel bugzilla if something > similar gets tripped up by RDRAND. So that would sound very unlikely, but who knows... Microcode can obviously do pretty much anything at all, but at least the original fTPM issues _seemed_ to be about BIOS doing truly crazy things like SPI flash accesses. I can easily imagine a BIOS fTPM code using some absolutely horrid global "EFI synchronization" lock or whatever, which could then cause random problems just based on some entirely unrelated activity. I would not be surprised, for example, if wasn't the fTPM hwrnd code itself that decided to read some random number from SPI, but that it simply got serialized with something else that the BIOS was involved with. It's not like BIOS people are famous for their scalable code that is entirely parallel... And I'd be _very_ surprised if CPU microcode does anything even remotely like that. Not impossible - HP famously screwed with the time stamp counter with SMIs, and I could imagine them - or others - doing the same with rdrand. But it does sound pretty damn unlikely, compared to "EFI BIOS uses a one big lock approach". So rdrand (and rdseed in particular) can be rather slow, but I think we're talking hundreds of CPU cycles (maybe low thousands). Nothing like the stuttering reports we've seen from fTPM. Linus