On 7/28/2023 3:41 PM, Linus Torvalds wrote:
On Thu, 27 Jul 2023 at 10:05, Daniil Stas daniil.stas@posteo.net wrote:
Here is the bug report I created: https://bugzilla.kernel.org/show_bug.cgi?id=217719
Let's just disable the stupid fTPM hwrnd thing.
Maybe use it for the boot-time "gather entropy from different sources", but clearly it should *not* be used at runtime.
Why would anybody use that crud when any machine that has it supposedly fixed (which apparently didn't turn out to be true after all) would also have the CPU rdrand instruction that doesn't have the problem?
It /seems/ to be a separate problem, but yes I agree with your point.
If you don't trust the CPU rdrand implementation (and that has had bugs too - see clear_rdrand_cpuid_bit() and x86_init_rdrand()), why would you trust the fTPM version that has caused even *more* problems?
That's exactly why I was asking in the kernel bugzilla if something similar gets tripped up by RDRAND.
I've got a patch that tears it out entirely for AMD fTPMs in the bugzilla, but I would prefer to discuss this with BIOS people before going that direction.
So I don't see any downside to just saying "that fTPM thing is not working". Even if it ends up working in the future, there are alternatives that aren't any worse.
Linus