Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Thu, 2016-01-14 at 03:00 +0300, Anatoly Pugachev wrote: > On Mon, Jan 11, 2016 at 3:08 AM, Ben Hutchings wrote: > > On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: > > > Can you please suggest, what to do next? Close this bugreport as > > > invalid, and fill new one against n2_rng module in debian, or report > > > first to lkml? Thanks. > > [...] > > > > You should send this patch upstream (linux-cry...@vger.kernel.org and > > sparcli...@vger.kernel.org mailing lists). > > Ben, > submitted to both mentioned mailing lists, it got to DaveM processing > queue, see > http://patchwork.ozlabs.org/project/sparclinux/list/?submitter=68078 > As I told earlier, I'm not a kernel developer in any form, not even > C/C++ programmer. I'm not sure I would be able to answer to any > objections on this patch. > But thanks anyway, probably someone else (oracle guys, with their > linux for sparc [L4S] project) would be able to make this patch to > kernel. I think those will be fine except the two of them should have different subjects. DaveM will tell you what if anything he wants you to change. Ben. -- Ben Hutchings Anthony's Law of Force: Don't force it, get a larger hammer. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Mon, Jan 11, 2016 at 3:08 AM, Ben Hutchings wrote: > On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: >> Can you please suggest, what to do next? Close this bugreport as >> invalid, and fill new one against n2_rng module in debian, or report >> first to lkml? Thanks. > [...] > > You should send this patch upstream (linux-cry...@vger.kernel.org and > sparcli...@vger.kernel.org mailing lists). Ben, submitted to both mentioned mailing lists, it got to DaveM processing queue, see http://patchwork.ozlabs.org/project/sparclinux/list/?submitter=68078 As I told earlier, I'm not a kernel developer in any form, not even C/C++ programmer. I'm not sure I would be able to answer to any objections on this patch. But thanks anyway, probably someone else (oracle guys, with their linux for sparc [L4S] project) would be able to make this patch to kernel.
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Thu, 2016-01-07 at 20:30 +0300, Anatoly Pugachev wrote: > On Thu, Jan 7, 2016 at 5:49 AM, Ben Hutchings wrote: > > On Wed, 2016-01-06 at 23:13 +0300, Anatoly Pugachev wrote: > > [...] > > > Sorry for wrong feature request, please close this bug as non-valid. > > > Thanks. > > > > I don't mind keeping it open if you're still hoping to get more > > information. > > Ben, > > below is a long description of how I made (dirty hack to n2_rng) > hardware random number generator to work in linux sparc64 LDOM. > > Can you please suggest, what to do next? Close this bugreport as > invalid, and fill new one against n2_rng module in debian, or report > first to lkml? Thanks. [...] You should send this patch upstream (linux-cry...@vger.kernel.org and sparcli...@vger.kernel.org mailing lists). But first, read Documentation/SubmittingPatches and make sure the patch is in the right format with a clear commit message and Developer's Certificate of Origin. Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Wed, 2016-01-06 at 23:13 +0300, Anatoly Pugachev wrote: [...] > Sorry for wrong feature request, please close this bug as non-valid. Thanks. I don't mind keeping it open if you're still hoping to get more information. Ben. -- Ben Hutchings Life would be so much easier if we could look at the source code. signature.asc Description: This is a digitally signed message part
Re: Bug#809815: [feature request] linux-image-4.3.0-1-sparc64-smp: tpm random module for linux LDOMs
On Wed, Jan 6, 2016 at 5:21 PM, Anatoly Pugachev wrote: > On Wed, Jan 6, 2016 at 5:24 AM, Ben Hutchings wrote: >> Control: tag -1 moreinfo >> >> On Mon, 2016-01-04 at 13:48 +0300, Anatoly Pugachev wrote: >>> Package: src:linux >>> Version: 4.3.3-2 >>> Severity: wishlist >>> >>> Dear Maintainer, >>> >>> Can you please enable CONFIG_TCG_TPM (TPM security chip) and >>> CONFIG_HW_RANDOM_TPM linux kernel config options (as modules), to >>> enable hardware RNG device for use in LDOM (containers) of debian >>> sparc64. >>> >>> Right now, there's no hardware RNG provider is available : >> [...] >> >> Both of those are generic TPM code and won't help you without a driver >> for the specific TPM that's present in LDOMs. >> >> I can't find any hint in the kernel source of which driver is needed >> for an LDOM, even in the UEK patched source, so perhaps it is out-of- >> tree? > > Ben, well, > > I'm going to build a generic (vanilla) kernel with this CONFIGs and > test how it would work. Going to report back soon. Thanks. Ben, you was right, this modules does not help. root@deb4g:/home/mator# lsmod | grep rng tpm_rng 1020 0 n2_rng 6878 0 rng_core8172 2 n2_rng,tpm_rng root@deb4g:/home/mator# cat /sys/class/misc/hw_random/rng_available tpm-rng rngd still gives error: root@deb4g:/home/mator# rngd -f -r /dev/hwrng error reading from entropy source:: No such device I don't know, but I probably should report to upstream kernel bugzilla, about n2_rng, that it does not work. Openbsd says [1] it does support it (starting from T1 and T2 processors), Solaris says [2] it does support it (from T2 till M6 processors, including this machine T5 cpu) running show-devs from openboot console for this LDOM, i can see random-number-generator device is being present: {0} ok show-devs /cpu@3 /cpu@2 /cpu@1 /cpu@0 /virtual-devices@100 /reboot-memory@0 /iscsi-hba /virtual-memory /memory@m0,3000 /aliases /options /openprom /chosen /packages /virtual-devices@100/channel-devices@200 /virtual-devices@100/console@1 /virtual-devices@100/random-number-generator@e /virtual-devices@100/flashprom@0 /virtual-devices@100/channel-devices@200/virtual-domain-service@0 /virtual-devices@100/channel-devices@200/pciv-communication@0 /virtual-devices@100/channel-devices@200/disk@1 /virtual-devices@100/channel-devices@200/disk@0 /virtual-devices@100/channel-devices@200/network@0 /iscsi-hba/disk /openprom/client-services /packages/vnet-helper-pkg /packages/vdisk-helper-pkg /packages/obp-tftp /packages/kbd-translator /packages/SUNW,asr /packages/dropins /packages/terminal-emulator /packages/disk-label /packages/deblocker /packages/SUNW,builtin-drivers {0} ok but n2_rng does not see it. I'm going to test a more recent kernel, instead of 4.1.15. The choice of old 4.1.15 kernel to test, was because oracle sparc linux is using 4.1.8, and i wanted to test it first. Compiling 4.4rc8 right now... Searching on the web, found [3], where cpu is T4 and 4.3.0 kernel, but n2rng gives more messages on boot. Sorry for wrong feature request, please close this bug as non-valid. Thanks. 1. http://undeadly.org/cgi?action=article&sid=20090201164147 2. http://prsync.com/oracle/solaris-random-number-generation-570469/ 3. https://lkml.org/lkml/2015/10/30/678