On Thu, Apr 01, 2021 at 12:11:32PM +1100, Herbert Xu wrote:
> On Wed, Mar 31, 2021 at 04:34:29PM -0700, Eric Biggers wrote:
> > On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
> > > 
> > > It's a bummer but uapi is the god in the end. Since TPM does not do it
> > > today, that behaviour must be supported forever. That's why a boot option
> > > AND a warning would be the best compromise.
> > 
> > It's not UAPI if there is no way for userspace to tell if it changed.
> 
> Exactly.  UAPI is only an issue if something *breaks*.

If there's even one user that comes shouting that he has a user space
configuration, where e.g. rng entropy is consumed constantly and the
code assumes that trusted keys does not add to that, then something
would break.

It would be a crap user space yes, but I don't want to go on reverting
because of that. I think there is small but still existing chance that
something could break.

Why not just add a boot parameter instead of making brutal enforcing
changes, indirectly visible to the user space?

/Jarkko

Reply via email to