TPMs contain a DRBG. Use it.
On some but not all TPMs, this will also call add_drbg_randomness on
resume. As a future improvement, this could be tweaked to cover all
of them, but I'll leave that to someone more familiar with the
individual drivers.
Signed-off-by: Andy Lutomirski <l...@amacapital.net>
---
drivers/char/tpm/tpm-interface.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 62e10fd..20516e7 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -28,6 +28,7 @@
#include <linux/mutex.h>
#include <linux/spinlock.h>
#include <linux/freezer.h>
+#include <linux/random.h>
#include "tpm.h"
#include "tpm_eventlog.h"
@@ -780,10 +781,22 @@ int tpm_do_selftest(struct tpm_chip *chip)
return 0;
}
if (rc != TPM_WARN_DOING_SELFTEST)
- return rc;
+ break;
msleep(delay_msec);
} while (--loops > 0);
+ if (rc == 0) {
+ /* We're functional and/or we just resumed. */
+ u8 randomness[32];
+ int bytes = tpm_get_random(chip->dev_num,
+ randomness, sizeof(randomness));
+ if (bytes > 0) {
+ dev_info(chip->dev, "adding %d bits of DRBG data\n",
+ bytes * 8);
+ add_drbg_randomness(randomness, bytes);
+ }
+ }
+
return rc;
}
EXPORT_SYMBOL_GPL(tpm_do_selftest);
--
1.9.0
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
