On Tue, Oct 24, 2017 at 10:02:00AM -0700, Dmitry Torokhov wrote: > On Tue, Oct 24, 2017 at 9:11 AM, Jason Gunthorpe > <jgunthorpe@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Tue, Oct 24, 2017 at 09:37:33PM +0530, PrasannaKumar Muralidharan wrote: > >> Hi Jason, > >> > >> On 24 October 2017 at 21:25, Jason Gunthorpe > >> <jgunthorpe@xxxxxxxxxxxxxxxxxxxx> wrote: > >> > On Tue, Oct 24, 2017 at 09:21:15PM +0530, PrasannaKumar Muralidharan wrote: > >> > > >> >> Please check the RFC [1]. It does use chip id. The rfc has issues and > >> >> has to be fixed but still there could be users of the API. > >> >> > >> >> 1. https://www.spinics.net/lists/linux-crypto/msg28282.html > >> > > >> > That patch isn't safe at all. You need to store a kref to th chip in > >> > the hwrng, not parse a string. > >> > >> The drivers/char/hw_random/tpm-rng.c module does not store the chip > >> reference so I guess the usage is safe. > > > > It is using the default TPM, it is always safe to use the default tpm. > > tpm-rng is abomination that should be kicked out as soon as possible. > It wrecks havoc with the power management (TPM chip drivers may go > into suspend state, but tpm_rng does not do any power management and > happily forwards requests to suspended hardware) and may be available > when there is no TPM at all yet (the drivers have not been probed yet, > or have gotten a deferral, etc). > > TPM core should register HWRNGs when chips are ready. > > Thanks. > > -- > Dmitry I'm fine to review a two patch set where: 1. Patch 1 removes the existing TPM rng driver 2. Patch 2 makes the TPM driver as rng producer Unrelate to patch that I'm proposing now but this sounds sensible. /Jarkko
