On Sun, Aug 13, 2023 at 5:13 AM Björn Persson <Bjorn@rombobjörn.se> wrote: > > Hello, I upgraded from Debian 11 to Debian 12, and my random number > generator disappeared. > > When I boot vmlinuz-5.10.0-23-amd64, there are two hardware random > number generators available: > > # cat /sys/class/misc/hw_random/rng_available > ccp-1-rng tpm-rng-0 > > ccp-1-rng is nonfunctional because AMD's "Cryptographic Coprocessor" is > too secretive to work with Coreboot, so I've been using tpm-rng-0. > > When I boot vmlinuz-6.1.0-11-amd64, there is no tpm-rng-0. Only the > nonfunctional ccp-1-rng is available: > > # cat /sys/class/misc/hw_random/rng_available > ccp-1-rng > > The hardware is an APU2 from PC Engines with this TPM board: > https://www.pcengines.ch/tpm1a.htm > The actual TPM seems to be SLB 9665TT2.0 from Infineon, (although the > writing on the actual chip differs from Infineon's rendering): > https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-tpm/slb-9665tt2.0/ > > The TPM seems to still exist as /dev/tpm0, but its random number > generator is somehow unavailable. > > Rebooting to Linux 5.10 makes tpm-rng-0 reappear and provide seemingly > random numbers like it always did. That rules out a hardware problem. > It's some difference between the two kernels, but so far I haven't found > anything obvious in the Linux source code. > > Is there anything that can be done, or is support for this random number > generator just gone from Linux 6.1?
Maybe related to https://www.phoronix.com/news/Linux-Disables-RNG-AMD-fTPMs Jeff
