From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: linux-integrity@vger.kernel.org,
David Howells <dhowells@redhat.com>,
Paul Moore <paul@paul-moore.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Mimi Zohar <zohar@linux.ibm.com>,
"open list:KEYS/KEYRINGS" <keyrings@vger.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@vger.kernel.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] KEYS: trusted: Use get_random-fallback for TPM
Date: Mon, 15 Dec 2025 21:01:49 +0100 [thread overview]
Message-ID: <5446f517848338b4ccac8d7bbedf4cc1ed315cb4.camel@HansenPartnership.com> (raw)
In-Reply-To: <aUBk2nUpd2V8p9qc@kernel.org>
On Mon, 2025-12-15 at 21:43 +0200, Jarkko Sakkinen wrote:
[...]
> I think there is misunderstanding with FIPS.
>
> Having FIPS certificated RNG in TPM matters but it only matters only
> in the sense that callers can be FIPS certified as they use that RNG
> as a source.
>
> Using FIPS certified RNG does not magically make callers be FIPS
> ceritified actors. The data is contaminated in that sense at the
> point when kernel acquires it.
I think FIPS certification is a red herring. The point being made in
the original thread is about RNG quality. The argument essentially
being that the quality of the TPM RNG is known at all points in time
but the quality of the kernel RNG (particularly at start of day when
the entropy pool is new) is less certain.
Regards,
James
next prev parent reply other threads:[~2025-12-15 20:01 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-14 21:32 [PATCH] KEYS: trusted: Use get_random-fallback for TPM Jarkko Sakkinen
2025-12-14 21:35 ` Jarkko Sakkinen
2025-12-14 22:18 ` James Bottomley
2025-12-15 6:43 ` Jarkko Sakkinen
2025-12-15 7:55 ` James Bottomley
2025-12-15 8:49 ` Jarkko Sakkinen
2025-12-15 19:43 ` Jarkko Sakkinen
2025-12-15 20:01 ` James Bottomley [this message]
2025-12-15 20:25 ` Jarkko Sakkinen
2025-12-15 20:09 ` Eric Biggers
2025-12-15 20:35 ` Jarkko Sakkinen
2025-12-15 21:09 ` Jarkko Sakkinen
2025-12-16 6:48 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5446f517848338b4ccac8d7bbedf4cc1ed315cb4.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=dhowells@redhat.com \
--cc=jarkko@kernel.org \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox