[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080515235838.GB23721@khazad-dum.debian.net>
Date: Thu, 15 May 2008 20:58:38 -0300
From: Henrique de Moraes Holschuh <hmh@....eng.br>
To: Theodore Tso <tytso@....edu>, Jeff Garzik <jeff@...zik.org>,
Chris Peterson <cpeterso@...terso.com>,
"Kok, Auke" <auke-jan.h.kok@...el.com>,
Rick Jones <rick.jones2@...com>,
"Brandeburg, Jesse" <jesse.brandeburg@...el.com>,
Alan Cox <alan@...rguk.ukuu.org.uk>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] drivers/net: remove network drivers' last few uses of
IRQF_SAMPLE_RANDOM
On Thu, 15 May 2008, Theodore Tso wrote:
> On Thu, May 15, 2008 at 06:44:22PM -0400, Jeff Garzik wrote:
> > I just sorta assumed a buffering, interrupt-driver TPM RNG driver would be
> > better than doing it from userspace, but maybe that was a bad assumption to
> > make on my part. It should be quite doable to support TPM RNG entirely via
> > userspace, at any rate.
>
> If I recall correctly, you need access to a magic TPM key just to
> *talk* to the TPM. Normally that key is stored in a file, and of
The TPM has some sort of idea of restricted operations. It will depend
whether one can get random numbers as an anonymous party (and frankly, I
don't care for looking at the TCG docs right now to find out).
I certaily can ask the TPM "are you there?" even when it is disabled(!),
so I would not be too surprised to find out that, as long as it is
enabled, it will return random numbers to anyone.
But access to the TPM requires a control layer which must have excusive
access to the chip. That layer would have to move into the kernel...
IMHO, it is just not worth even bothering with the idea, and just do it
all in userspace.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists