Received: by 2002:a05:6358:700f:b0:131:369:b2a3 with SMTP id 15csp2269365rwo;
        Thu, 3 Aug 2023 07:11:13 -0700 (PDT)
X-Google-Smtp-Source: APBJJlFm/xaMD2zcv48rldLGm09x2cF7KBA3b6X9ySz6sGjxDX/iWHS2oTmTgduL3ftCA9NEsqtj
X-Received: by 2002:a05:6830:138f:b0:6b9:62f5:ac62 with SMTP id d15-20020a056830138f00b006b962f5ac62mr15992865otq.35.1691071873085;
        Thu, 03 Aug 2023 07:11:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1691071873; cv=none;
        d=google.com; s=arc-20160816;
        b=EPtl9SyGuu89Dh9ZKxkXTi1QxE/ydgy5CdIi16KALWBjJGJFjABha7mdOr093vMAgW
         m8mLf1ZsvptdxFkUxI/emW7/n0SDdC8kMWVAMd5A4q93yQE80oqpqVOrLckU49ihcseO
         YuKVoxji02maLiqADLvVC2r6Hft8Eg7cue9/G0ZxpmW2NGQPJHxkW6Pr95v3QGcsLX0M
         nQDAEMjaDpPcPaOYPJYrKpZgYFNo3SAodMAB4TqMCZAzRuMYOngm9ZbYw6EO2nlCP90F
         cHtacXS74879+UbEW2BovkXFRhr9CfE/zFMsHjpGavY2Y1SngJQE53OEOj2GOSEi9jOq
         U36g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=xCU98+BgwiTKpHLQhh9e4UzgsAB86GLhVoIzJKGYlgo=;
        fh=k4QLd9HDf2ItdrFN3fuRZVFYIidqFR/Ur0Y3qr4zjWI=;
        b=Q121tyPDPy1c5K0OERtrVKu4WOlWCdkY5flyA47EbfUMwrZ/WV/+4gTiCwQBj8v+Wo
         hPZawzVGfQ+uf6flF3Swyc2R74OPIcQCzwdf/yxUMRk0PWj/LD9qQETHP8aF9izILP3L
         80NRFMvHVZctFdKlLAlAWZtBz5KUvNa2GqzHrKGZNCRh/t2e3MTuRk1XFkRR6Rp/cMLy
         4HMRPaJxUzx/3m0lCiOh036JCRQL2hjcZKrl/rqsjsp8z2vmRg8N5odX4ytNzVNo0EsQ
         R7MCVFYQUm6rJ1VBvBZCfVYwR8F5hdhFn6BoO/qLyEaNm7UJBrXLUy2Bd62RlGu4lv/I
         +kwA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=SUsln0++;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id be3-20020a656e43000000b00563f6a66fbdsi10597991pgb.53.2023.08.03.07.10.59;
        Thu, 03 Aug 2023 07:11:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=SUsln0++;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234033AbjHCNpp (ORCPT <rfc822;anuragsharmaalwar@gmail.com>
        + 99 others); Thu, 3 Aug 2023 09:45:45 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34258 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232544AbjHCNpU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 3 Aug 2023 09:45:20 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B2F2C46B7;
        Thu,  3 Aug 2023 06:43:48 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 48AF761DA0;
        Thu,  3 Aug 2023 13:43:48 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id DC810C433C7;
        Thu,  3 Aug 2023 13:43:46 +0000 (UTC)
Authentication-Results: smtp.kernel.org;
        dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="SUsln0++"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105;
        t=1691070224;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=xCU98+BgwiTKpHLQhh9e4UzgsAB86GLhVoIzJKGYlgo=;
        b=SUsln0++WZ5AA8asjvTLVN+BS2ZUwXUM3ZEM8kz2K/5siBTfIvhIUOHhzt0Ula/B5WaNaY
        XAP253sX2JOtIMtNlWQ0OQ7+E/RBQyLaojKtY84TER2Q7mEuvSoCqacvCFLSlLbRktATGu
        E80mhwPMdj9okVXXE0AkTtMMaZwm1/U=
Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id eac8e714 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO);
        Thu, 3 Aug 2023 13:43:42 +0000 (UTC)
Date:   Thu, 3 Aug 2023 15:42:31 +0200
From:   "Jason A. Donenfeld" <Jason@zx2c4.com>
To:     Mario Limonciello <mario.limonciello@amd.com>
Cc:     jarkko@kernel.org, peterhuewe@gmx.de, linux-kernel@vger.kernel.org,
        linux-integrity@vger.kernel.org, dragonn@op.pl
Subject: Re: [PATCH 2/3] tpm: Add command line for not trusting tpm for RNG
Message-ID: <ZMuux5CE1xIR7Mc3@zx2c4.com>
References: <20230803015015.915-1-mario.limonciello@amd.com>
 <20230803015015.915-3-mario.limonciello@amd.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20230803015015.915-3-mario.limonciello@amd.com>
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
        RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Aug 02, 2023 at 08:50:14PM -0500, Mario Limonciello wrote:
> The kernel supports random.cpu=off and random.bootloader=off.
> As TPM RNG is also registered as a hwrng, add the ability to
> prevent registering the TPM RNG.

Please do *not* do this. I agree with Jarkko that this doesn't belong.

Firstly, you're proposing a flag for the tpm driver, so the `random.`
namespace is inappropriate. Do not use the `random.` namespace if you're
not dealing with random.c specifically. Rather, this is very much a
`tpm.register_hwrng=1/0` flag, which describes better what this is about.

Secondly, I think you're making a mountain out of a molehill. You first
wanted to also disable Intel devices too, even though they aren't
affected by this bug. Now you're proposing a way for users to disable
everything. But so far there's no evidence that this matter goes any
further than AMD's fTPM. So let's calm a bit and not make too big deal
of this. If we suddenly get lots of reports that there's broken behavior
across the board, then maybe we should consider something like this. But
insofar as this is just an AMD derp, let's keep it simple and not over
complicate everything with more knobs. Fewer knobs, please!

Finally, with regards to AMD, my hope is that eventually the fTPM
becomes useful as a hwrng, and then we can relax the disabling to
re-enable it for whatever new revision might come to exist in the
future.

Thanks,
Jason