| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aUHXPWG72CsNhgpd@kernel.org>
Date: Wed, 17 Dec 2025 00:03:41 +0200
From: Jarkko Sakkinen <jarkko@...nel.org>
To: linux-integrity@...r.kernel.org
Cc: "David S . Miller" <davem@...emloft.net>,
Herbert Xu <herbert@...dor.apana.org.au>,
Eric Biggers <ebiggers@...nel.org>, Peter Huewe <peterhuewe@....de>,
Jason Gunthorpe <jgg@...pe.ca>, David Howells <dhowells@...hat.com>,
Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
open list <linux-kernel@...r.kernel.org>,
"open list:KEYS/KEYRINGS" <keyrings@...r.kernel.org>,
"open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org>
Subject: Re: [PATCH v8 04/12] tpm: Change tpm_get_random() opportunistic
On Tue, Dec 16, 2025 at 11:21:38AM +0200, Jarkko Sakkinen wrote:
> hwrng framework does not have a requirement that the all bytes requested
> need to be provided. By enforcing such a requirement internally, TPM driver
> can cause unpredictability in latency, as a single tpm_get_random() call
> can result multiple TPM commands.
>
> Especially, when TCG_TPM2_HMAC is enabled, extra roundtrips could have
> significant effect to the system latency.
>
> Thus, send TPM command only once and return bytes received instead of
> committing to the number of requested bytes.
>
> Cc: David S. Miller <davem@...emloft.net>
> Cc: Herbert Xu <herbert@...dor.apana.org.au>
> Cc: Eric Biggers <ebiggers@...nel.org>
> Signed-off-by: Jarkko Sakkinen <jarkko@...nel.org>
> ---
> v7:
> - Given that hwrng is now only caller for tpm_get_random(), remove the
> wait parameter.
> v4:
> - Fixed grammar mistakes.
> ---
IMHO, these first four patches that add sanity to tpm_get_random() usage
ought to be somewhat "dead obvious" category.
Once these are merged it is much easier to further reduce the frequency
of tpm_get_random() calls made, and test their effect on e.g. call
frequency (as tpm_get_random() is now much more tighly bound to hwrng
requirements).
> drivers/char/tpm/tpm-interface.c | 28 +++++-----------------------
> 1 file changed, 5 insertions(+), 23 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index d157be738612..677dcef05dfb 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -626,10 +626,6 @@ static int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max)
> */
> int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
> {
> - u32 num_bytes = max;
> - u8 *out_ptr = out;
> - int retries = 5;
> - int total = 0;
> int rc;
>
> if (!out || !max || max > TPM_MAX_RNG_DATA)
> @@ -646,28 +642,14 @@ int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
> rc = tpm2_start_auth_session(chip);
> if (rc)
> return rc;
> - }
> -
> - do {
> - if (chip->flags & TPM_CHIP_FLAG_TPM2)
> - rc = tpm2_get_random(chip, out_ptr, num_bytes);
> - else
> - rc = tpm1_get_random(chip, out_ptr, num_bytes);
> -
> - if (rc < 0)
> - goto err;
> -
> - out_ptr += rc;
> - total += rc;
> - num_bytes -= rc;
> - } while (retries-- && total < max);
>
> - tpm_put_ops(chip);
> - return total ? total : -EIO;
> + rc = tpm2_get_random(chip, out, max);
> + } else {
> + rc = tpm1_get_random(chip, out, max);
> + }
>
> -err:
> tpm_put_ops(chip);
> - return rc;
> + return rc != 0 ? rc : -EIO;
> }
> EXPORT_SYMBOL_GPL(tpm_get_random);
>
> --
> 2.39.5
>
BR, Jarkko
Powered by blists - more mailing lists