Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs

From: Linus Torvalds
Date: Fri Jul 28 2023 - 16:41:45 EST

Next message: Linus Torvalds: "Re: [PATCH v1 0/4] smaps / mm/gup: fix gup_can_follow_protnone fallout"
Previous message: kernel test robot: "[tip:x86/core] BUILD SUCCESS d7114f83ee051dfeac82546d7ba03d74f8b92af3"
In reply to: Daniil Stas: "Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs"
Next in thread: Limonciello, Mario: "Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 27 Jul 2023 at 10:05, Daniil Stas <daniil.stas@xxxxxxxxxx> wrote:
>
> Here is the bug report I created:
> https://bugzilla.kernel.org/show_bug.cgi?id=217719

Let's just disable the stupid fTPM hwrnd thing.

Maybe use it for the boot-time "gather entropy from different
sources", but clearly it should *not* be used at runtime.

Why would anybody use that crud when any machine that has it
supposedly fixed (which apparently didn't turn out to be true after
all) would also have the CPU rdrand instruction that doesn't have the
problem?

If you don't trust the CPU rdrand implementation (and that has had
bugs too - see clear_rdrand_cpuid_bit() and x86_init_rdrand()), why
would you trust the fTPM version that has caused even *more* problems?

So I don't see any downside to just saying "that fTPM thing is not
working". Even if it ends up working in the future, there are
alternatives that aren't any worse.

Linus

Next message: Linus Torvalds: "Re: [PATCH v1 0/4] smaps / mm/gup: fix gup_can_follow_protnone fallout"
Previous message: kernel test robot: "[tip:x86/core] BUILD SUCCESS d7114f83ee051dfeac82546d7ba03d74f8b92af3"
In reply to: Daniil Stas: "Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs"
Next in thread: Limonciello, Mario: "Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]