The TPM has a hardware random number generator that could be used as a source of entropy in rng-tools.
I have a patch that achieves this but needs to be reviewed.
Patch for review.
File Added: rngd_tpm_support.patch
Patch that achieves this.
Please review this patch. This patch uses the random number generator inside the tpm as an entropy source in addition to the already existing sources.
The ID of the patch is 2261605
Sorry the URL to the patch is
temperatures extinctions stricter until variability
is my cleaned up and tested version of Sandeep's patch. Please use this one instead.
One major flaw: it should default to not using TPM, right now it's the opposite: it defaults to using it.
I disagree. If the hardware is present, enabled by BIOS, and capable of being used for this purpose, it should by default do so. People with specific concerns may disable this capability in a number of ways, but it should not be encumbant on the average user, those with no concerns about using the TPM, to recognize that it is present and take extra steps to enable it.
The previous comment was mine. -Matt
Which device? /dev/tpm0, /dev/tpm1, /dev/tpm2... ?? It requires configuration anyway.
currently it is /dev/tpm0, If /dev/tmp0 fails we dont use the tpm. There is no configuration required.
I think you've just made my point clear: it needs configuration.
How many systems have you seen with multiple TPMs present? Personally, I've seen none.
why do we still not have this cool functionality? Many systems ship with a TPM with a good fast RNG. These systems run out of entropy completely needlessly today.
I agree, we need accelerated crypto
Log in to post a comment.