On Tue, Feb 28, 2023 at 02:37:59AM +0000, Limonciello, Mario wrote:
> [Public]
>
>
>
> > -----Original Message-----
> > From: Limonciello, Mario
> > Sent: Monday, February 27, 2023 08:53
> > To: Peter Huewe <peterhuewe@xxxxxx>; Jarkko Sakkinen
> > <jarkko@xxxxxxxxxx>; Jason Gunthorpe <jgg@xxxxxxxx>; Dominik Brodowski
> > <linux@xxxxxxxxxxxxxxxxxxxx>; Herbert Xu
> > <herbert@xxxxxxxxxxxxxxxxxxx>
> > Cc: stable@xxxxxxxxxxxxxxx; Thorsten Leemhuis
> > <regressions@xxxxxxxxxxxxx>; James Bottomley
> > <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>; Jason A . Donenfeld
> > <Jason@xxxxxxxxx>; linux-integrity@xxxxxxxxxxxxxxx; linux-
> > kernel@xxxxxxxxxxxxxxx
> > Subject: Re: [PATCH v2] tpm: disable hwrng for fTPM on some AMD designs
> >
> > On 2/20/23 12:07, Mario Limonciello wrote:
> > > AMD has issued an advisory indicating that having fTPM enabled in
> > > BIOS can cause "stuttering" in the OS. This issue has been fixed
> > > in newer versions of the fTPM firmware, but it's up to system
> > > designers to decide whether to distribute it.
> > >
> > > This issue has existed for a while, but is more prevalent starting
> > > with kernel 6.1 because commit b006c439d58db ("hwrng: core - start
> > > hwrng kthread also for untrusted sources") started to use the fTPM
> > > for hwrng by default. However, all uses of /dev/hwrng result in
> > > unacceptable stuttering.
> > >
> > > So, simply disable registration of the defective hwrng when detecting
> > > these faulty fTPM versions. As this is caused by faulty firmware, it
> > > is plausible that such a problem could also be reproduced by other TPM
> > > interactions, but this hasn't been shown by any user's testing or reports.
> > >
> > > It is hypothesized to be triggered more frequently by the use of the RNG
> > > because userspace software will fetch random numbers regularly.
> > >
> > > Intentionally continue to register other TPM functionality so that users
> > > that rely upon PCR measurements or any storage of data will still have
> > > access to it. If it's found later that another TPM functionality is
> > > exacerbating this problem a module parameter it can be turned off entirely
> > > and a module parameter can be introduced to allow users who rely upon
> > > fTPM functionality to turn it on even though this problem is present.
> > >
> > > Link: https://www.amd.com/en/support/kb/faq/pa-410
> > > Link: https://bugzilla.kernel.org/show_bug.cgi?id=216989
> > > Link: https://lore.kernel.org/all/20230209153120.261904-1-
> > Jason@xxxxxxxxx/
> > > Fixes: b006c439d58d ("hwrng: core - start hwrng kthread also for untrusted
> > sources")
> > > Cc: stable@xxxxxxxxxxxxxxx
> > > Cc: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
> > > Cc: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
> > > Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
> > > Co-developed-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
> > > Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
> > > Signed-off-by: Mario Limonciello <mario.limonciello@xxxxxxx>
> > > ---
> > > v1->v2:
> > > * Minor style from Jarkko's feedback
> > > * Move comment above function
> > > * Explain further in commit message
> >
> > One of the reporters on the kernel bugzilla did confirm the v2 patch,
> > forwarding their tag.
> >
> > Tested-by: Bell <1138267643@xxxxxx>
>
> Here's another tag.
>
> Tested-by: reach622@xxxxxxxxxxx
Thanks this tested-by can be in v3 because curly braces does not affect
semantics. I can ack that then and pick it up.
BR, Jarkko
