Debian Bug report logs - #542599
rng-tools: Please add support for TPM RNG

version graph

Package: rng-tools; Maintainer for rng-tools is Henrique de Moraes Holschuh <hmh@debian.org>; Source for rng-tools is src:rng-tools.

Reported by: Jo Shields <directhex@apebox.org>

Date: Thu, 20 Aug 2009 11:06:06 UTC

Severity: wishlist

Tags: patch, wontfix

Found in version 2-unofficial-mt.12-1ubuntu1

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Thu, 20 Aug 2009 11:06:09 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jo Shields <directhex@apebox.org>:
New Bug report received and forwarded. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Thu, 20 Aug 2009 11:06:09 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Jo Shields <directhex@apebox.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: rng-tools: Please add support for TPM RNG
Date: Thu, 20 Aug 2009 11:50:48 +0100
Package: rng-tools
Version: 2-unofficial-mt.12-1ubuntu1
Severity: wishlist

The much maligned TPM chip found on modern machines (especially laptops) 
contains a hardware RNG, for use as an entropy source. A bug on the upstream 
tracker contains support for using the TPM chip as a random number generator, 
at http://sourceforge.net/tracker/index.php?func=detail&aid=2261605&group_id=3242&atid=303242

Unfortunately, the Debian rng-tools is so heavily forked, I've been unable to 
create a Debian-compatible patch from the above SF.net bug, as it's not clear 
to me where certain parts of the original upstream code now live.

Can we examine the possibility of adding support for this RNG, since it's
commonly available on modern machines?

-- System Information:
Debian Release: 5.0
  APT prefers jaunty-updates
  APT policy: (500, 'jaunty-updates'), (500, 'jaunty-security'), (500, 'jaunty-backports'), (500, 'jaunty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28-15-generic (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rng-tools depends on:
ii  libc6                       2.9-4ubuntu6 GNU C Library: Shared libraries
ii  makedev                     2.3.1-88     creates device files in /dev
ii  udev                        141-1.2      rule-based device node and kernel 

rng-tools recommends no packages.

rng-tools suggests no packages.

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#542599; Package rng-tools. (Sun, 23 Aug 2009 16:12:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Henrique de Moraes Holschuh <hmh@debian.org>:
Extra info received and forwarded to list. (Sun, 23 Aug 2009 16:12:04 GMT) Full text and rfc822 format available.

Message #10 received at 542599@bugs.debian.org (full text, mbox):

From: Henrique de Moraes Holschuh <hmh@debian.org>
To: Jo Shields <directhex@apebox.org>, 542599@bugs.debian.org
Subject: Re: Bug#542599: rng-tools: Please add support for TPM RNG
Date: Sun, 23 Aug 2009 13:00:16 -0300
On Thu, 20 Aug 2009, Jo Shields wrote:
> Can we examine the possibility of adding support for this RNG, since it's
> commonly available on modern machines?

Well, the TPM RNG is slow as all heck, and requires the entire TPM stack in
place to be accessed, anyway.  It is also unsafe (key stuff lives in
userspace and not locked against swapping, etc), it is always of unknown
quality, the TPM hardware has not been publically audited by anyone (ever
seen any of the joke TPM crap hardware audit documents?)... to me it looks
like a bad idea to trust it at all.

I can look at it, but to me it looks like a good reason to have a
tpm-rngtools (i.e. a separate package), and maybe to not use it at all.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh




Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Fri, 23 Oct 2009 22:06:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Fri, 23 Oct 2009 22:06:05 GMT) Full text and rfc822 format available.

Message #15 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: 542599@bugs.debian.org, Jo Shields <directhex@apebox.org>
Subject: implemented...
Date: Fri, 23 Oct 2009 14:56:05 -0700
[Message part 1 (text/plain, inline)]
I've rewritten my TPM RNG reader into a form that is useful to rng-tools.
Please see attached patch...

The entropy is not really known, so I took the default stream entropy
value.

This needs 'autoreconf' run to update the build files...

-Kees

-- 
Kees Cook                                            @debian.org
[tpm-rng.patch (text/x-diff, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Fri, 23 Apr 2010 19:54:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Fri, 23 Apr 2010 19:54:03 GMT) Full text and rfc822 format available.

Message #20 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: 542599@bugs.debian.org
Subject: updated patch
Date: Fri, 23 Apr 2010 12:44:22 -0700
[Message part 1 (text/plain, inline)]
Hi,

Here is an updated patch that pauses for 5 seconds waiting to connect to
trousers, in the case that trousers is starting up at the same time as
rngd.

Thanks,

-Kees

-- 
Kees Cook                                            @debian.org
[tpm-rng.patch (text/x-diff, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Sat, 06 Nov 2010 01:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Sat, 06 Nov 2010 01:21:03 GMT) Full text and rfc822 format available.

Message #25 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: hmh@debian.org, 542599@bugs.debian.org
Subject: [PATCH 0/2] TPM entropy source for rng-tools
Date: Fri, 5 Nov 2010 18:16:08 -0700
Hi!

This implements the TPM entropy source for rng-tools. I've split it into
two patches, one for the core of the TPM engine, and the other for the
debian packaging bits. This is Debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542599

Thanks!

-Kees

-- 
Kees Cook                                            @debian.org




Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Sat, 06 Nov 2010 01:21:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Sat, 06 Nov 2010 01:21:04 GMT) Full text and rfc822 format available.

Message #30 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: hmh@debian.org, 542599@bugs.debian.org
Subject: [PATCH 1/2] implement TPM entropy source for rng-tools
Date: Fri, 5 Nov 2010 18:16:46 -0700
This uses the trousers daemon to gather entropy from a local TPM
RNG.

Signed-off-by: Kees Cook <kees@debian.org>
---
 Makefile.am      |    6 ++++--
 configure.ac     |    7 ++++++-
 rngd.c           |   10 ++++++++++
 rngd_entsource.c |   34 ++++++++++++++++++++++++++++++++++
 rngd_entsource.h |    3 ++-
 5 files changed, 56 insertions(+), 4 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 921f2a2..af6648a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -9,13 +9,14 @@ bin_PROGRAMS	 = rngtest
 man_MANS	 = rngd.8 rngtest.1
 noinst_LIBRARIES = librngd.a
 
-common_sources	= exits.h fips.h stats.h util.h viapadlock_engine.h
+common_sources	= exits.h fips.h stats.h util.h viapadlock_engine.h \
+		  tpm_engine.h
 rngd_SOURCES	= $(common_sources) rngd.h rngd.c \
 		  rngd_threads.h rngd_threads.c \
 		  rngd_signals.h rngd_signals.c \
 		  rngd_entsource.h rngd_entsource.c \
 		  rngd_linux.h rngd_linux.c
-rngd_LDADD	= librngd.a @LIB_PTHREAD@
+rngd_LDADD	= librngd.a @LIB_PTHREAD@ @LIB_TSPI@
 
 rngtest_SOURCES	= $(common_sources) rngtest.c
 rngtest_LDADD	= librngd.a
@@ -23,6 +24,7 @@ rngtest_LDADD	= librngd.a
 librngd_a_SOURCES = fips.h fips.c \
 		    stats.h stats.c \
 		    util.h util.c \
+		    tpm_engine.h tpm_engine.c \
 		    viapadlock_engine.h viapadlock_engine.c
 
 
diff --git a/configure.ac b/configure.ac
index 89af262..644d3d0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,12 +49,17 @@ dnl Checks for required libraries
 dnl -----------------------------
 AC_CHECK_LIB([pthread], [pthread_create],
 	     [LIB_PTHREAD="-lpthread"], 
-	     [AC_MSG_ERROR([Can't compile without pthreads])])
+	     [AC_MSG_ERROR([Can not compile without pthreads])])
 AC_SUBST(LIB_PTHREAD)
 
 dnl -------------------------------------
 dnl Checks for optional library functions
 dnl -------------------------------------
+AC_CHECK_LIB([tspi], [Tspi_Context_Create],
+	     [LIB_TSPI="-ltspi"
+	      AC_DEFINE(TPM_ENTSOURCE_DRIVER, 1,
+		[Include code for TPM RNG driver]) ], )
+AC_SUBST(LIB_TSPI)
 
 dnl -----------------
 dnl Configure options
diff --git a/rngd.c b/rngd.c
index 27781aa..96fe013 100644
--- a/rngd.c
+++ b/rngd.c
@@ -265,6 +265,13 @@ static struct trng_params trng_parameters[] = {
 	  .entropy	= 0.0,
 	  .driver	= RNGD_ENTSOURCE_VIAPADLOCK,
 	},
+	{ .name		= "TPM RNG",
+	  .tag		= "tpm",
+	  .width	= 256,
+	  .buffers	= 1,
+	  .entropy	= 0.75,
+	  .driver	= RNGD_ENTSOURCE_TPM,
+	},
 	{ NULL },
 };
 
@@ -391,6 +398,9 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state)
 			if (! (seen_opt & SEEN_OPT_RNGENTROPY))
 				arguments->rng_entropy = 0.0;
 			seen_opt |= SEEN_OPT_RNGDRIVER;
+		} else if (strcasecmp(arg, "tpm") == 0) {
+			arguments->rng_driver = RNGD_ENTSOURCE_TPM;
+			seen_opt |= SEEN_OPT_RNGDRIVER;
 		} else {
 			argp_usage(state);
 		}
diff --git a/rngd_entsource.c b/rngd_entsource.c
index ebe2a44..90a62fc 100644
--- a/rngd_entsource.c
+++ b/rngd_entsource.c
@@ -49,6 +49,7 @@
 #include "stats.h"
 #include "exits.h"
 #include "viapadlock_engine.h"
+#include "tpm_engine.h"
 #include "rngd_threads.h"
 #include "rngd_signals.h"
 #include "rngd_entsource.h"
@@ -87,6 +88,8 @@ const char *entropy_source_driver_name(entropy_source_driver_t driver)
 			return "UNIX stream";
 		case RNGD_ENTSOURCE_VIAPADLOCK:
 			return "VIA PadLock TRNG";
+		case RNGD_ENTSOURCE_TPM:
+			return "TPM RNG";
 		default:
 			return "(unknown)";
 	};
@@ -130,6 +133,12 @@ static int xread(void *buf, size_t size, unsigned int abortonsigalrm)
 				break;
 			  }
 #endif
+#ifdef TPM_ENTSOURCE_DRIVER
+			  case RNGD_ENTSOURCE_TPM: {
+				r = tpm_rng_read((unsigned char *)buf + off, size);
+				break;
+			  }
+#endif
 			  default:
 				errno = ENXIO;
 				return -1;
@@ -231,6 +240,31 @@ void init_entropy_source( void )
 			die(EXIT_USAGE);
 #endif /* VIA_ENTSOURCE_DRIVER */
 		}
+		case RNGD_ENTSOURCE_TPM: {
+#ifdef TPM_ENTSOURCE_DRIVER
+			switch (tpm_rng_init()) {
+				case 0:
+					message(LOG_ERR,
+						"Could not detect a TPM "
+						"RNG, check that TPM is "
+						"available and enabled.");
+					die(EXIT_OSERR);
+				case 1:
+					break;
+				default:
+					message_strerr(LOG_ERR, errno,
+						"Error initializing TPM "
+						"RNG");
+					die(EXIT_OSERR);
+			}
+			break;
+#else
+			message(LOG_ERR,
+				"Support for the TPM RNG entropy source "
+				"driver has not been compiled in.");
+			die(EXIT_USAGE);
+#endif /* TPM_ENTSOURCE_DRIVER */
+		}
 		default:
 			message(LOG_ERR,
 				"Unknown entropy source driver, internal program error!");
diff --git a/rngd_entsource.h b/rngd_entsource.h
index c51874d..ada4a58 100644
--- a/rngd_entsource.h
+++ b/rngd_entsource.h
@@ -31,7 +31,8 @@
 typedef enum {
 	RNGD_ENTSOURCE_NONE,
 	RNGD_ENTSOURCE_UNIXSTREAM,
-	RNGD_ENTSOURCE_VIAPADLOCK
+	RNGD_ENTSOURCE_VIAPADLOCK,
+	RNGD_ENTSOURCE_TPM,
 } entropy_source_driver_t;
 extern const char *entropy_source_driver_name(entropy_source_driver_t driver);
 
-- 
1.7.2.3


-- 
Kees Cook                                            @debian.org




Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Sat, 06 Nov 2010 01:21:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Sat, 06 Nov 2010 01:21:06 GMT) Full text and rfc822 format available.

Message #35 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: hmh@debian.org, 542599@bugs.debian.org
Subject: [PATCH 2/2] adjust packaging to interact well with TPM service
Date: Fri, 5 Nov 2010 18:17:20 -0700
This adjusts packaging to start after Trousers, and adds and example
to the configuration showing a TPM device.

Signed-off-by: Kees Cook <kees@debian.org>
---
 debian/control            |    2 +-
 debian/rng-tools.default  |    3 ++-
 debian/rng-tools.postinst |    4 ++++
 debian/rules              |    2 +-
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/debian/control b/debian/control
index 2a74ad4..f069b5a 100644
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: rng-tools
 Section: utils
 Priority: optional
 Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
-Build-Depends: debhelper (>> 7), autoconf, automake
+Build-Depends: debhelper (>> 7), autoconf, automake, libtspi-dev
 Standards-Version: 3.8.4.0
 Vcs-Browser: http://git.debian.org/?p=users/hmh/rng-tools.git;a=summary
 Vcs-git: git://git.debian.org/users/hmh/rng-tools.git
diff --git a/debian/rng-tools.default b/debian/rng-tools.default
index 5a75642..9b118f0 100644
--- a/debian/rng-tools.default
+++ b/debian/rng-tools.default
@@ -5,7 +5,7 @@
 
 # Set to the input source for random data, leave undefined
 # for the initscript to attempt auto-detection.  Set to /dev/null
-# for the viapadlock driver.
+# for the viapadlock and tpm drivers.
 #HRNGDEVICE=/dev/hwrng
 #HRNGDEVICE=/dev/null
 
@@ -15,3 +15,4 @@
 #RNGDOPTIONS="--hrng=intelfwh --fill-watermark=90% --feed-interval=1"
 #RNGDOPTIONS="--hrng=viakernel --fill-watermark=90% --feed-interval=1"
 #RNGDOPTIONS="--hrng=viapadlock --fill-watermark=90% --feed-interval=1"
+#RNGDOPTIONS="--hrng=tpm --fill-watermark=90% --feed-interval=1"
diff --git a/debian/rng-tools.postinst b/debian/rng-tools.postinst
index 2f2a651..6457f40 100644
--- a/debian/rng-tools.postinst
+++ b/debian/rng-tools.postinst
@@ -32,6 +32,10 @@ case "$1" in
 		echo "Trying to create /dev/hwrng device inode..."
 		(cd /dev && /sbin/MAKEDEV hwrng || true)
 	fi
+	# Update start/stop symlinks
+	if dpkg --compare-versions "$2" lt-nl "2-unofficial-mt.12-1ubuntu3"; then
+		rm -f /etc/rc?.d/[SK]20rng-tools
+	fi
 	true
    ;;
 esac
diff --git a/debian/rules b/debian/rules
index 78aa274..e51e59a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -107,7 +107,7 @@ binary-arch: build install
 #	dh_installpam
 #	dh_installmime
 	dh_installmodules
-	dh_installinit --error-handler=true
+	dh_installinit --error-handler=true -- defaults 21 19
 #	dh_installcron
 	dh_installman
 #	dh_installinfo
-- 
1.7.2.3

-- 
Kees Cook                                            @debian.org




Added tag(s) patch. Request was from Kees Cook <kees@ubuntu.com> to control@bugs.debian.org. (Sat, 06 Nov 2010 01:21:08 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Mon, 08 Nov 2010 18:57:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Mon, 08 Nov 2010 18:57:05 GMT) Full text and rfc822 format available.

Message #42 received at 542599@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@debian.org>
To: Henrique de Moraes Holschuh <hmh@debian.org>
Subject: [PATCH 1/2] implement TPM entropy source for rng-tools
Date: Sat, 6 Nov 2010 18:33:58 -0700
This uses the trousers daemon to gather entropy from a local TPM
RNG.

Signed-off-by: Kees Cook <kees@debian.org>
---
 Makefile.am      |    6 ++-
 configure.ac     |    7 +++-
 rngd.c           |   10 ++++
 rngd_entsource.c |   34 ++++++++++++++
 rngd_entsource.h |    3 +-
 tpm_engine.c     |  132 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 tpm_engine.h     |   53 ++++++++++++++++++++++
 7 files changed, 241 insertions(+), 4 deletions(-)
 create mode 100644 tpm_engine.c
 create mode 100644 tpm_engine.h

diff --git a/Makefile.am b/Makefile.am
index 921f2a2..af6648a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -9,13 +9,14 @@ bin_PROGRAMS	 = rngtest
 man_MANS	 = rngd.8 rngtest.1
 noinst_LIBRARIES = librngd.a
 
-common_sources	= exits.h fips.h stats.h util.h viapadlock_engine.h
+common_sources	= exits.h fips.h stats.h util.h viapadlock_engine.h \
+		  tpm_engine.h
 rngd_SOURCES	= $(common_sources) rngd.h rngd.c \
 		  rngd_threads.h rngd_threads.c \
 		  rngd_signals.h rngd_signals.c \
 		  rngd_entsource.h rngd_entsource.c \
 		  rngd_linux.h rngd_linux.c
-rngd_LDADD	= librngd.a @LIB_PTHREAD@
+rngd_LDADD	= librngd.a @LIB_PTHREAD@ @LIB_TSPI@
 
 rngtest_SOURCES	= $(common_sources) rngtest.c
 rngtest_LDADD	= librngd.a
@@ -23,6 +24,7 @@ rngtest_LDADD	= librngd.a
 librngd_a_SOURCES = fips.h fips.c \
 		    stats.h stats.c \
 		    util.h util.c \
+		    tpm_engine.h tpm_engine.c \
 		    viapadlock_engine.h viapadlock_engine.c
 
 
diff --git a/configure.ac b/configure.ac
index 89af262..644d3d0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,12 +49,17 @@ dnl Checks for required libraries
 dnl -----------------------------
 AC_CHECK_LIB([pthread], [pthread_create],
 	     [LIB_PTHREAD="-lpthread"], 
-	     [AC_MSG_ERROR([Can't compile without pthreads])])
+	     [AC_MSG_ERROR([Can not compile without pthreads])])
 AC_SUBST(LIB_PTHREAD)
 
 dnl -------------------------------------
 dnl Checks for optional library functions
 dnl -------------------------------------
+AC_CHECK_LIB([tspi], [Tspi_Context_Create],
+	     [LIB_TSPI="-ltspi"
+	      AC_DEFINE(TPM_ENTSOURCE_DRIVER, 1,
+		[Include code for TPM RNG driver]) ], )
+AC_SUBST(LIB_TSPI)
 
 dnl -----------------
 dnl Configure options
diff --git a/rngd.c b/rngd.c
index 27781aa..96fe013 100644
--- a/rngd.c
+++ b/rngd.c
@@ -265,6 +265,13 @@ static struct trng_params trng_parameters[] = {
 	  .entropy	= 0.0,
 	  .driver	= RNGD_ENTSOURCE_VIAPADLOCK,
 	},
+	{ .name		= "TPM RNG",
+	  .tag		= "tpm",
+	  .width	= 256,
+	  .buffers	= 1,
+	  .entropy	= 0.75,
+	  .driver	= RNGD_ENTSOURCE_TPM,
+	},
 	{ NULL },
 };
 
@@ -391,6 +398,9 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state)
 			if (! (seen_opt & SEEN_OPT_RNGENTROPY))
 				arguments->rng_entropy = 0.0;
 			seen_opt |= SEEN_OPT_RNGDRIVER;
+		} else if (strcasecmp(arg, "tpm") == 0) {
+			arguments->rng_driver = RNGD_ENTSOURCE_TPM;
+			seen_opt |= SEEN_OPT_RNGDRIVER;
 		} else {
 			argp_usage(state);
 		}
diff --git a/rngd_entsource.c b/rngd_entsource.c
index ebe2a44..90a62fc 100644
--- a/rngd_entsource.c
+++ b/rngd_entsource.c
@@ -49,6 +49,7 @@
 #include "stats.h"
 #include "exits.h"
 #include "viapadlock_engine.h"
+#include "tpm_engine.h"
 #include "rngd_threads.h"
 #include "rngd_signals.h"
 #include "rngd_entsource.h"
@@ -87,6 +88,8 @@ const char *entropy_source_driver_name(entropy_source_driver_t driver)
 			return "UNIX stream";
 		case RNGD_ENTSOURCE_VIAPADLOCK:
 			return "VIA PadLock TRNG";
+		case RNGD_ENTSOURCE_TPM:
+			return "TPM RNG";
 		default:
 			return "(unknown)";
 	};
@@ -130,6 +133,12 @@ static int xread(void *buf, size_t size, unsigned int abortonsigalrm)
 				break;
 			  }
 #endif
+#ifdef TPM_ENTSOURCE_DRIVER
+			  case RNGD_ENTSOURCE_TPM: {
+				r = tpm_rng_read((unsigned char *)buf + off, size);
+				break;
+			  }
+#endif
 			  default:
 				errno = ENXIO;
 				return -1;
@@ -231,6 +240,31 @@ void init_entropy_source( void )
 			die(EXIT_USAGE);
 #endif /* VIA_ENTSOURCE_DRIVER */
 		}
+		case RNGD_ENTSOURCE_TPM: {
+#ifdef TPM_ENTSOURCE_DRIVER
+			switch (tpm_rng_init()) {
+				case 0:
+					message(LOG_ERR,
+						"Could not detect a TPM "
+						"RNG, check that TPM is "
+						"available and enabled.");
+					die(EXIT_OSERR);
+				case 1:
+					break;
+				default:
+					message_strerr(LOG_ERR, errno,
+						"Error initializing TPM "
+						"RNG");
+					die(EXIT_OSERR);
+			}
+			break;
+#else
+			message(LOG_ERR,
+				"Support for the TPM RNG entropy source "
+				"driver has not been compiled in.");
+			die(EXIT_USAGE);
+#endif /* TPM_ENTSOURCE_DRIVER */
+		}
 		default:
 			message(LOG_ERR,
 				"Unknown entropy source driver, internal program error!");
diff --git a/rngd_entsource.h b/rngd_entsource.h
index c51874d..ada4a58 100644
--- a/rngd_entsource.h
+++ b/rngd_entsource.h
@@ -31,7 +31,8 @@
 typedef enum {
 	RNGD_ENTSOURCE_NONE,
 	RNGD_ENTSOURCE_UNIXSTREAM,
-	RNGD_ENTSOURCE_VIAPADLOCK
+	RNGD_ENTSOURCE_VIAPADLOCK,
+	RNGD_ENTSOURCE_TPM,
 } entropy_source_driver_t;
 extern const char *entropy_source_driver_name(entropy_source_driver_t driver);
 
diff --git a/tpm_engine.c b/tpm_engine.c
new file mode 100644
index 0000000..c118838
--- /dev/null
+++ b/tpm_engine.c
@@ -0,0 +1,132 @@
+/*
+ * tpm_engine.c -- TPM RNG interface
+ *
+ * Copyright (C) 2009 Kees Cook <kees@outflux.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#define _GNU_SOURCE
+
+#include "rng-tools-config.h"
+#ifdef TPM_ENTSOURCE_DRIVER
+
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+#include <trousers/tss.h>
+#include <trousers/trousers.h>
+
+#include "tpm_engine.h"
+
+static TSS_HCONTEXT hContext;
+static TSS_HTPM hTPM;
+static int tpm_rng_ready;
+
+int tpm_rng_init_attempt(void)
+{
+    TSS_RESULT rc;
+
+    if (tpm_rng_ready) return 1;
+
+    if ((rc=Tspi_Context_Create(&hContext)) != TSS_SUCCESS) {
+        //fprintf(stderr,"Tspi_Context_Create: %s\n", Trspi_Error_String(rc));
+        return 0;
+    }
+
+    if ((rc=Tspi_Context_Connect(hContext, NULL)) != TSS_SUCCESS) {
+        //fprintf(stderr,"Tspi_Context_Connect: %s\n", Trspi_Error_String(rc));
+        Tspi_Context_Close(hContext);
+        return 0;
+    }
+
+    if ((rc=Tspi_Context_GetTpmObject(hContext, &hTPM)) != TSS_SUCCESS) {
+        //fprintf(stderr,"Tspi_Context_GetTpmObject: %s\n", Trspi_Error_String(rc));
+        Tspi_Context_Close(hContext);
+        return 0;
+    }
+
+    tpm_rng_ready = 1;
+
+	return tpm_rng_ready;
+}
+
+/*
+ * Initialize TPM RNG
+ *
+ * Returns:
+ *   0 if no working TPM RNG was detected
+ *   1 if a TPM RNG has been detected
+ *  -1 if an error happened (errno will be set)
+ */
+int tpm_rng_init(void)
+{
+    int count, rc = 0;
+
+    /* wait 5 seconds for TPM to become available */
+    for (count = 0; count < 5; count++) {
+        if ( (rc = tpm_rng_init_attempt()) ) break;
+        sleep(1);
+    }
+
+    return rc;
+}
+
+/*
+ * Free up any resources used by the TPM RNG.
+ * It is legal to call tpm_rng_init() after this.
+ */
+void tpm_rng_free(void)
+{
+    if (tpm_rng_ready) {
+        Tspi_Context_Close(hContext);
+        tpm_rng_ready = 0;
+    }
+}
+
+/*
+ * Read data from a TPM RNG
+ *
+ * Returns the number of bytes read if no errors happen
+ *         -1 if an error happened, with errno set.
+ */
+ssize_t tpm_rng_read(void* buf, size_t size)
+{
+    TSS_RESULT rc;
+    BYTE *bytes;
+
+    if (!tpm_rng_ready) {
+        errno = ENXIO;
+        return -1;
+    }
+
+    if (!buf) {
+        errno = EOVERFLOW;
+        return -1;
+    }
+
+    if (size > 32) size = 32;
+    if ((rc=Tspi_TPM_GetRandom(hTPM, size, &bytes)) != TSS_SUCCESS) {
+            //fprintf(stderr,"Tspi_TPM_GetRandom: %s\n", Trspi_Error_String(rc));
+            errno = EIO;
+            return -1;
+    }
+    memcpy(buf, bytes, size);
+    Tspi_Context_FreeMemory(hContext, bytes);
+
+	return size;
+}
+
+#endif /* TPM_ENTSOURCE_DRIVER */
diff --git a/tpm_engine.h b/tpm_engine.h
new file mode 100644
index 0000000..f5148e8
--- /dev/null
+++ b/tpm_engine.h
@@ -0,0 +1,53 @@
+/*
+ * tpm_engine.h -- TPM RNG interface
+ *
+ * Copyright (C) 2009 Kees Cook <kees@outflux.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef TPM_RNG__H
+#define TPM_RNG__H
+
+#define _GNU_SOURCE
+#include "rng-tools-config.h"
+
+#ifdef TPM_ENTSOURCE_DRIVER
+
+/*
+ * Initialize TPM RNG
+ *
+ * Returns:
+ *   0 if no functional TPM RNG was detected
+ *   1 if a functional TPM RNG set was detected
+ *  -1 if an error happened (errno will be set)
+ */
+extern int tpm_rng_init(void);
+
+/*
+ * Free up resources used by the TPM RNG
+ */
+extern void tpm_rng_free(void);
+
+/*
+ * Read data from TPM RNG
+ *
+ * Returns the number of bytes read if no errors happen
+ *         -1 if an error happened, with errno set.
+ */
+extern ssize_t tpm_rng_read(void* buf, size_t size);
+
+#endif /* TPM_ENTSOURCE_DRIVER */
+#endif /* TPM_RNG__H */
-- 
1.7.2.3


-- 
Kees Cook                                            @debian.org




Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Thu, 22 Dec 2011 23:06:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Thu, 22 Dec 2011 23:06:03 GMT) Full text and rfc822 format available.

Message #47 received at 542599@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: 542599@bugs.debian.org
Cc: kees@debian.org, hmh@debian.org
Subject: News?
Date: Fri, 23 Dec 2011 00:02:04 +0100
[Message part 1 (text/plain, inline)]
Hey,

any news on this? It seems that Kees provided quite some patches to
this.

It's not like if that would force rng-tools users to use TPM if they
don't want.

About Henrique concerns about audit documents, well some of them /are/
indeed available:
http://www.infineon.com/cms/en/product/chip-card-and-security-ics/embedded-security/trusted-computing/trusted-platform-module-tpm1.2-pc/channel.html?channel=ff80808112ab681d0112ab6921ae011f has some links for Infineons TPMs. commoncriteriaportal.org has some more links if you search there.

Regards,
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#542599; Package rng-tools. (Thu, 03 May 2012 15:33:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Laurent Bigonville <bigon@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrique de Moraes Holschuh <hmh@debian.org>. (Thu, 03 May 2012 15:33:06 GMT) Full text and rfc822 format available.

Message #52 received at 542599@bugs.debian.org (full text, mbox):

From: Laurent Bigonville <bigon@debian.org>
To: Debian Bug Tracking System <542599@bugs.debian.org>
Subject: Re: rng-tools: Please add support for TPM RNG
Date: Thu, 03 May 2012 17:29:28 +0200
Package: rng-tools
Followup-For: Bug #542599

Hi,

Any news about this?

It seems that the version 3 on the upstream website is also supporting
TPM chips.

Cheers

Laurent Bigonville

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rng-tools depends on:
ii  libc6  2.13-32
ii  udev   175-3.1

rng-tools recommends no packages.

rng-tools suggests no packages.

-- Configuration Files:
/etc/default/rng-tools changed [not included]

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#542599; Package rng-tools. (Sat, 05 May 2012 14:00:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Henrique de Moraes Holschuh <hmh@debian.org>:
Extra info received and forwarded to list. (Sat, 05 May 2012 14:00:13 GMT) Full text and rfc822 format available.

Message #57 received at 542599@bugs.debian.org (full text, mbox):

From: Henrique de Moraes Holschuh <hmh@debian.org>
To: Laurent Bigonville <bigon@debian.org>, 542599@bugs.debian.org
Subject: Re: Bug#542599: rng-tools: Please add support for TPM RNG
Date: Sat, 5 May 2012 10:57:31 -0300
On Thu, 03 May 2012, Laurent Bigonville wrote:
> Package: rng-tools
> Followup-For: Bug #542599
> 
> Any news about this?
> 
> It seems that the version 3 on the upstream website is also supporting
> TPM chips.

I've been quite short on time to work on rng-tools, it would need
someone to help co-maintain the debian version.  If I just merge this
code, since I can't even test it, I won't be able to guarantee it will
keep working...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#542599; Package rng-tools. (Fri, 27 Jul 2012 23:03:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Henrique de Moraes Holschuh <hmh@debian.org>:
Extra info received and forwarded to list. (Fri, 27 Jul 2012 23:03:03 GMT) Full text and rfc822 format available.

Message #62 received at 542599@bugs.debian.org (full text, mbox):

From: Henrique de Moraes Holschuh <hmh@debian.org>
To: 542599@bugs.debian.org, 542599-submitter@bugs.debian.org
Subject: Better fix being done in the kernel upstream
Date: Fri, 27 Jul 2012 19:59:05 -0300
tags 542599 + wontfix
thanks

This is currently being properly addressed upstream, by adding TPM support
to the kernel hw_random device.

The kernel fix avoids any conflicts with the userspace TPM stack.
Therefore, I will not accept this patch to rng-tools.

References:
http://lkml.kernel.org/r/1339094567.21398.2.camel@key-ThinkPad-W510

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh



Added tag(s) wontfix. Request was from Henrique de Moraes Holschuh <hmh@debian.org> to control@bugs.debian.org. (Fri, 27 Jul 2012 23:03:11 GMT) Full text and rfc822 format available.

Message sent on to Jo Shields <directhex@apebox.org>:
Bug#542599. (Fri, 27 Jul 2012 23:03:13 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#542599; Package rng-tools. (Tue, 15 Oct 2013 17:51:13 GMT) Full text and rfc822 format available.

Acknowledgement sent to Henrique de Moraes Holschuh <hmh@debian.org>:
Extra info received and forwarded to list. (Tue, 15 Oct 2013 17:51:13 GMT) Full text and rfc822 format available.

Message #72 received at 542599@bugs.debian.org (full text, mbox):

From: Henrique de Moraes Holschuh <hmh@debian.org>
To: 542599@bugs.debian.org
Subject: tpm-rng landed on Linux v3.7
Date: Tue, 15 Oct 2013 14:48:53 -0300
For my future reference, the tpm-rng driver (which exports the TPM RNG
through /dev/hw_random, which rng-tools can use out-of-the-box) landed on
Linux v3.7.

It is worth a note that usually these will be PRNGs with whitening by a
stream cypher or hash (so you cannot really know how good they are, not even
by piping their output through dieharder, etc)... 

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh



Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 20:00:32 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.