Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Thu, 2016-01-14 at 03:00 +0300, Anatoly Pugachev wrote: > On Mon, Jan 11, 2016 at 3:08 AM, Ben Hutchings wrote: > > On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: > > > Can you please suggest, what to do next? Close this bugreport as > > > invalid, and fill new one against n2_rng module in debian, or report > > > first to lkml? Thanks. > > [...] > > > > You should send this patch upstream (linux-cry...@vger.kernel.org and > > sparcli...@vger.kernel.org mailing lists). > > Ben, > submitted to both mentioned mailing lists, it got to DaveM processing > queue, see > http://patchwork.ozlabs.org/project/sparclinux/list/?submitter=68078 > As I told earlier, I'm not a kernel developer in any form, not even > C/C++ programmer. I'm not sure I would be able to answer to any > objections on this patch. > But thanks anyway, probably someone else (oracle guys, with their > linux for sparc [L4S] project) would be able to make this patch to > kernel. I think those will be fine except the two of them should have different subjects. DaveM will tell you what if anything he wants you to change. Ben. -- Ben Hutchings Anthony's Law of Force: Don't force it, get a larger hammer. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Mon, Jan 11, 2016 at 3:08 AM, Ben Hutchings wrote: > On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: >> Can you please suggest, what to do next? Close this bugreport as >> invalid, and fill new one against n2_rng module in debian, or report >> first to lkml? Thanks. > [...] > > You should send this patch upstream (linux-cry...@vger.kernel.org and > sparcli...@vger.kernel.org mailing lists). Ben, submitted to both mentioned mailing lists, it got to DaveM processing queue, see http://patchwork.ozlabs.org/project/sparclinux/list/?submitter=68078 As I told earlier, I'm not a kernel developer in any form, not even C/C++ programmer. I'm not sure I would be able to answer to any objections on this patch. But thanks anyway, probably someone else (oracle guys, with their linux for sparc [L4S] project) would be able to make this patch to kernel.
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: > On Thu, Jan 7, 2016 at 5:49 AM, Ben Hutchings wrote: > > On Wed, 2016-01-06 at 23:13 +0300, Anatoly Pugachev wrote: > > [...] > > > Sorry for wrong feature request, please close this bug as non-valid. > > > Thanks. > > > > I don't mind keeping it open if you're still hoping to get more > > information. > > Ben, > > below is a long description of how I made (dirty hack to n2_rng) > hardware random number generator to work in linux sparc64 LDOM. > > Can you please suggest, what to do next? Close this bugreport as > invalid, and fill new one against n2_rng module in debian, or report > first to lkml? Thanks. [...] You should send this patch upstream (linux-cry...@vger.kernel.org and sparcli...@vger.kernel.org mailing lists). But first, read Documentation/SubmittingPatches and make sure the patch is in the right format with a clear commit message and Developer's Certificate of Origin. Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Wed, 2016-01-06 at 23:13 +0300, Anatoly Pugachev wrote: [...] > Sorry for wrong feature request, please close this bug as non-valid. Thanks. I don't mind keeping it open if you're still hoping to get more information. Ben. -- Ben Hutchings Life would be so much easier if we could look at the source code. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Wed, Jan 6, 2016 at 5:21 PM, Anatoly Pugachev wrote:
> On Wed, Jan 6, 2016 at 5:24 AM, Ben Hutchings wrote:
>> Control: tag -1 moreinfo
>>
>> On Mon, 2016-01-04 at 13:48 +0300, Anatoly Pugachev wrote:
>>> Package: src:linux
>>> Version: 4.3.3-2
>>> Severity: wishlist
>>>
>>> Dear Maintainer,
>>>
>>> Can you please enable CONFIG_TCG_TPM (TPM security chip) and
>>> CONFIG_HW_RANDOM_TPM linux kernel config options (as modules), to
>>> enable hardware RNG device for use in LDOM (containers) of debian
>>> sparc64.
>>>
>>> Right now, there's no hardware RNG provider is available :
>> [...]
>>
>> Both of those are generic TPM code and won't help you without a driver
>> for the specific TPM that's present in LDOMs.
>>
>> I can't find any hint in the kernel source of which driver is needed
>> for an LDOM, even in the UEK patched source, so perhaps it is out-of-
>> tree?
>
> Ben, well,
>
> I'm going to build a generic (vanilla) kernel with this CONFIGs and
> test how it would work. Going to report back soon. Thanks.
Ben,
you was right, this modules does not help.
root@deb4g:/home/mator# lsmod | grep rng
tpm_rng 1020 0
n2_rng 6878 0
rng_core8172 2 n2_rng,tpm_rng
root@deb4g:/home/mator# cat /sys/class/misc/hw_random/rng_available
tpm-rng
rngd still gives error:
root@deb4g:/home/mator# rngd -f -r /dev/hwrng
error reading from entropy source:: No such device
I don't know, but I probably should report to upstream kernel
bugzilla, about n2_rng, that it does not work.
Openbsd says [1] it does support it (starting from T1 and T2 processors),
Solaris says [2] it does support it (from T2 till M6 processors,
including this machine T5 cpu)
running show-devs from openboot console for this LDOM, i can see
random-number-generator device is being present:
{0} ok show-devs
/cpu@3
/cpu@2
/cpu@1
/cpu@0
/virtual-devices@100
/reboot-memory@0
/iscsi-hba
/virtual-memory
/memory@m0,3000
/aliases
/options
/openprom
/chosen
/packages
/virtual-devices@100/channel-devices@200
/virtual-devices@100/console@1
/virtual-devices@100/random-number-generator@e
/virtual-devices@100/flashprom@0
/virtual-devices@100/channel-devices@200/virtual-domain-service@0
/virtual-devices@100/channel-devices@200/pciv-communication@0
/virtual-devices@100/channel-devices@200/disk@1
/virtual-devices@100/channel-devices@200/disk@0
/virtual-devices@100/channel-devices@200/network@0
/iscsi-hba/disk
/openprom/client-services
/packages/vnet-helper-pkg
/packages/vdisk-helper-pkg
/packages/obp-tftp
/packages/kbd-translator
/packages/SUNW,asr
/packages/dropins
/packages/terminal-emulator
/packages/disk-label
/packages/deblocker
/packages/SUNW,builtin-drivers
{0} ok
but n2_rng does not see it. I'm going to test a more recent kernel,
instead of 4.1.15. The choice of old 4.1.15 kernel to test, was
because oracle sparc linux is using 4.1.8, and i wanted to test it
first. Compiling 4.4rc8 right now...
Searching on the web, found [3], where cpu is T4 and 4.3.0 kernel, but
n2rng gives more messages on boot.
Sorry for wrong feature request, please close this bug as non-valid. Thanks.
1. http://undeadly.org/cgi?action=article&sid=20090201164147
2. http://prsync.com/oracle/solaris-random-number-generation-570469/
3. https://lkml.org/lkml/2015/10/30/678
