diff --git a/sys/amd64/conf/DEFAULTS b/sys/amd64/conf/DEFAULTS --- a/sys/amd64/conf/DEFAULTS +++ b/sys/amd64/conf/DEFAULTS @@ -26,3 +26,6 @@ options CC_CUBIC # include CUBIC congestion control options NETLINK # netlink(4) support + +# random(4) +options RANDOM_ENABLE_TPM # enable entropy from TPM 2.0 diff --git a/sys/arm/conf/DEFAULTS b/sys/arm/conf/DEFAULTS --- a/sys/arm/conf/DEFAULTS +++ b/sys/arm/conf/DEFAULTS @@ -8,3 +8,6 @@ options CC_CUBIC # include CUBIC congestion control options INTRNG # All arm systems use INTRNG these days + +# random(4) +options RANDOM_ENABLE_TPM # enable entropy from TPM 2.0 diff --git a/sys/arm64/conf/DEFAULTS b/sys/arm64/conf/DEFAULTS --- a/sys/arm64/conf/DEFAULTS +++ b/sys/arm64/conf/DEFAULTS @@ -18,3 +18,6 @@ options INTRNG options NETLINK # netlink(4) support + +# random(4) +options RANDOM_ENABLE_TPM # enable entropy from TPM 2.0 diff --git a/sys/conf/NOTES b/sys/conf/NOTES --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -2829,6 +2829,8 @@ # environment. options RANDOM_ENABLE_ETHER # ether_input +options RANDOM_ENABLE_TPM # implies TPM_HARVEST + # Module to enable execution of application via emulators like QEMU options IMGACT_BINMISC diff --git a/sys/conf/options b/sys/conf/options --- a/sys/conf/options +++ b/sys/conf/options @@ -960,6 +960,7 @@ # the uma slab allocator. RANDOM_ENABLE_UMA opt_global.h RANDOM_ENABLE_ETHER opt_global.h +RANDOM_ENABLE_TPM opt_global.h # This options turns TPM into entropy source. TPM_HARVEST opt_tpm.h diff --git a/sys/dev/tpm/tpm20.c b/sys/dev/tpm/tpm20.c --- a/sys/dev/tpm/tpm20.c +++ b/sys/dev/tpm/tpm20.c @@ -42,7 +42,7 @@ MALLOC_DEFINE(M_TPM20, "tpm_buffer", "buffer for tpm 2.0 driver"); static void tpm20_discard_buffer(void *arg); -#ifdef TPM_HARVEST +#if defined TPM_HARVEST || defined RANDOM_ENABLE_TPM static void tpm20_harvest(void *arg, int unused); #endif static int tpm20_save_state(device_t dev, bool suspend); @@ -184,7 +184,7 @@ return (ENOTTY); } -#ifdef TPM_HARVEST +#if defined TPM_HARVEST || defined RANDOM_ENABLE_TPM static const struct random_source random_tpm = { .rs_ident = "TPM", .rs_source = RANDOM_PURE_TPM, @@ -212,7 +212,7 @@ if (result != 0) tpm20_release(sc); -#ifdef TPM_HARVEST +#if defined TPM_HARVEST || defined RANDOM_ENABLE_TPM random_source_register(&random_tpm); TIMEOUT_TASK_INIT(taskqueue_thread, &sc->harvest_task, 0, tpm20_harvest, sc); @@ -227,7 +227,7 @@ tpm20_release(struct tpm_sc *sc) { -#ifdef TPM_HARVEST +#if defined TPM_HARVEST || defined RANDOM_ENABLE_TPM if (device_is_attached(sc->dev)) taskqueue_drain_timeout(taskqueue_thread, &sc->harvest_task); random_source_deregister(&random_tpm); @@ -254,7 +254,7 @@ return (tpm20_save_state(dev, false)); } -#ifdef TPM_HARVEST +#if defined TPM_HARVEST || defined RANDOM_ENABLE_TPM /* * Get TPM_HARVEST_SIZE random bytes and add them * into system entropy pool. diff --git a/sys/riscv/conf/DEFAULTS b/sys/riscv/conf/DEFAULTS --- a/sys/riscv/conf/DEFAULTS +++ b/sys/riscv/conf/DEFAULTS @@ -18,3 +18,6 @@ options INTRNG options NETLINK # netlink(4) support + +# random(4) +options RANDOM_ENABLE_TPM # enable entropy from TPM 2.0