On Tue, Mar 30, 2021 at 02:47:18PM -0700, Eric Biggers wrote:
> On Sun, Mar 28, 2021 at 11:37:23PM +0300, Jarkko Sakkinen wrote:
> > 
> > Unfortunately, TPM trusted keys started this bad security practice, and
> > obviously it cannot be fixed without breaking uapi backwards compatibility.
> > 
> 
> The whole point of a randomness source is that it is random.  So userspace 
> can't
> be depending on any particular output, and the randomness source can be 
> changed
> without breaking backwards compatibility.
> 
> So IMO, trusted keys should simply be fixed to use get_random_bytes().
> 
> - Eric

It's a bummer but uapi is the god in the end. Since TPM does not do it
today, that behaviour must be supported forever. That's why a boot option
AND a warning would be the best compromise.

/Jarkko

Reply via email to