You are not logged in.

#1 2018-10-27 16:21:22

MS1
Member
Registered: 2018-02-02
Posts: 84

No more kernel entropy due to hardware error on TPM

Something changed on my system within the past few months regarding my kernel entropy. It is very low now for some reason.

# cat /proc/sys/kernel/random/entropy_avail
35

I can use haveged to fake it but I want to know what is wrong and if it can be fixed.

dmesg | grep -i tpm
[    3.595737] tpm_tis 00:03: 1.2 TPM (device-id 0xB, rev-id 16)
[    3.599899] tpm tpm0: [Hardware Error]: Adjusting reported timeouts: A 750->750000us B 2000->2000000us C 750->750000us D 750->750000us
[    3.750026] tpm tpm0: Operation Timed out
[    3.750336] tpm tpm0: A TPM error (83) occurred continue selftest
[    3.750732] tpm tpm0: TPM self test failed
[    3.761058] tpm_inf_pnp 00:03: Found TPM with ID IFX0102
[    3.761096] tpm_inf_pnp 00:03: TPM found: config base 0x4e, data base 0x4700, chip version 0x000b, vendor id 0x15d1 (Infineon), product id 0x000b (SLB 9635 TT 1.2)

And

# rngd -o /dev/random -r /dev/tpm0

Initalizing available sources

Initalizing entropy source hwrng

Failed to init entropy source rdrand

Not sure from searching it up on google what could be wrong.

Last edited by MS1 (2018-10-27 16:22:02)

Offline

#2 2018-10-27 20:34:50

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: No more kernel entropy due to hardware error on TPM

I my experience, when the kernel say, "Hardware Error," it isn't lying.  How old is your board?  Anything in the BIOS about it?


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#3 2018-10-27 21:39:50

loqs
Member
Registered: 2014-03-06
Posts: 17,192

Re: No more kernel entropy due to hardware error on TPM

If you check the journal for kernel messages from the oldest recorded boot was the TPM successfully being used in that boot?

Last edited by loqs (2018-10-27 21:39:59)

Offline

#4 2018-10-27 21:50:00

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,442
Website

Re: No more kernel entropy due to hardware error on TPM

I doubt this is (just) a hardware issue as there have been a large number of threads lately with the same root cause of low available entropy without haveged running.  It seems more likely that there was a kernel change that is triggering this on some hardware.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#5 2018-10-27 22:14:48

loqs
Member
Registered: 2014-03-06
Posts: 17,192

Re: No more kernel entropy due to hardware error on TPM

@Trilby https://bugs.archlinux.org/task/58355 4.16.5 and 4.14.36

Offline

#6 2018-10-28 10:11:14

MS1
Member
Registered: 2018-02-02
Posts: 84

Re: No more kernel entropy due to hardware error on TPM

loqs wrote:

@Trilby https://bugs.archlinux.org/task/58355 4.16.5 and 4.14.36

I did not understand all of that but I put the random.trust_cpu=on in my grub.cfg

linux /boot/vmlinuz-linux root=UUID=a244011-aa60-11bb-b321-310bb12fb186 rw  random.trust_cpu=on

When it rebooted I face the same problem.

Next I enabled the testing repo and got 4.19.0-arch1-1-ARCH but I face the same problem when it rebooted.

> uname -r
4.19.0-arch1-1-ARCH

> dmesg | grep -i error
[    0.685914] RAS: Correctable Errors collector initialized.
[    3.301762] tpm tpm0: [Hardware Error]: Adjusting reported timeouts: A 750->750000us B 2000->2000000us C 750->750000us D 750->750000us

> cat /proc/sys/kernel/random/entropy_avail
103

Offline

#7 2018-10-28 12:43:36

loqs
Member
Registered: 2014-03-06
Posts: 17,192

Re: No more kernel entropy due to hardware error on TPM

MS1 with linux 4.19 and without haveged enabled after a reboot can you connect using ssh?

Offline

#8 2018-10-28 12:58:10

MS1
Member
Registered: 2018-02-02
Posts: 84

Re: No more kernel entropy due to hardware error on TPM

loqs wrote:

MS1 with linux 4.19 and without haveged enabled after a reboot can you connect using ssh?

Do not work. That is the code I posted above,
[x] 4.19
[x] no haveged
[x] random.trust_cpu=on

Offline

#9 2018-10-28 13:25:08

loqs
Member
Registered: 2014-03-06
Posts: 17,192

Re: No more kernel entropy due to hardware error on TPM

The CPU in the system does not have RDRAND support?

Offline

#10 2018-11-03 12:50:48

MS1
Member
Registered: 2018-02-02
Posts: 84

Re: No more kernel entropy due to hardware error on TPM

loqs - I don't think it does but this problem is pretty new. I haven't experienced it before using the same hardware.

Offline

#11 2018-11-03 12:55:20

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: No more kernel entropy due to hardware error on TPM

@MS1 -

lscpu | grep -i rdrand

CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

Board footer

Powered by FluxBB