On Thu, Aug 15, 2024 at 03:56:26PM +0200, Diederik de Haas wrote:
> Found an article [1] which could be relevant and downloaded and ran the
> accompanying test program (written by Jason Donenfeld):
> # ./amd-rdrand-bug
> Your RDRAND() does not have the AMD bug.
> # ./test-rdrand
> RDRAND() = 0x47c993c0
> RDRAND() = 0xec7c697d
> ... (more seemingly random numbers)
> RDRAND() = 0xba858101
RDRAND isn't the same as CCP.
> # dmesg | grep ccp
> [ 5.399853] ccp 0000:07:00.2: ccp: unable to access the device: you might
> be running a broken BIOS.
> [ 5.401031] ccp 0000:07:00.2: tee enabled
> [ 5.401113] ccp 0000:07:00.2: psp enabled
Looks like the kernel reports CCP as broken. As the above RDRAND test
doesn't indicate anything about CCP, I don't see rationale for that
determination to be wrong.
Actual test code is in drivers/crypto/ccp/ccp-dev-v5.c:
/* Find available queues */
qmr = ioread32(ccp->io_regs + Q_MASK_REG);
/*
* Check for a access to the registers. If this read returns
* 0xffffffff, it's likely that the system is running a broken
* BIOS which disallows access to the device. Stop here and fail
* the initialization (but not the load, as the PSP could get * properly initialized). */
if (qmr == 0xffffffff) { dev_notice(dev, "ccp: unable to access the device: you might be running a broken BIOS.\n"); return 1; }
