It recently came to my attention that there are no standards whatsoever for random number generated by TPMs. In fact, there *are* TPMs where random numbers are generated by an encrypted nonvolatile counter (I do not know which ones); this is apparently considered acceptable for the uses of random numbers that TPMs produce.
There are two issues with this from a Linux point of view. One, we harvest supposed entropy from the TPM for /dev/*random use via /dev/hwrng and rngd. This was something I originally proposed because on a lot of platforms it is the only available entropy source with any significant bandwidth. However, in light of the above it is questionable at best, at least with entropy being credited. The other issue is that we use tpm_get_random() *directly* in security/keys/trusted.c. I don't know what the policy ought to be, but I suspect we should ask the question. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/