Hi Jarkko, On Tue, May 17, 2022 at 09:10:57PM +0300, Jarkko Sakkinen wrote: > On Tue, 2022-05-17 at 19:27 +0200, Jason A. Donenfeld wrote: > > On Fri, May 13, 2022 at 04:57:00PM +0200, Ahmad Fatoum wrote: > > > + trusted.rng= [KEYS] > > > + Format: <string> > > > + The RNG used to generate key material for trusted keys. > > > + Can be one of: > > > + - "kernel" > > > + - the same value as trusted.source: "tpm" or "tee" > > > + - "default" > > > + If not specified, "default" is used. In this case, > > > + the RNG's choice is left to each individual trust source. > > > + > > > > As a general mechanism, I object to this. The kernel's RNG must be > > trusted in the first place for key material. That's the whole point of > > it. > > I would relax this a bit: kernel's RNG must be implicitly must be Sorry, I didn't mean to seem unrelaxed. What I meant was that as a general mechanism, it doesn't make sense, but it isn't a general mechanism, it's a particular one for trusted_keys, which led me to question why it seemed to have such a general name like "trusted.rng". Ahmad pointed out that the trusted prefix actually isn't general. It's what trusted_keys compiles its module as. So just a misunderstanding. It appears to be a module param after all. Sorry for the noise! Jason
