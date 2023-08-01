Ongoing issues with Linux and AMD’s fTPM have caused frustration for Linus Torvalds, the overseer of the Linux kernel. Torvalds has proposed turning off the module’s random number generator altogether due to the problems it causes.

TPMs, whether firmware or hardware-based, are used to securely create and store cryptographic keys, certificates, and passwords. They also generate random numbers for software use.

AMD’s fTPM has been causing intermittent stuttering in certain Ryzen processors. When the fTPM accessed its flash storage via a serial interface, it would hold up system activity, resulting in poor performance. Although a kernel patch was developed to address the issue, the bug has resurfaced, leading Torvalds to suggest disabling the fTPM’s number generator completely.

Torvalds proposes using the rdrand instruction of the processor instead, as it offers random numbers without causing performance issues. He suggests using the fTPM during system startup to provide entropy to the kernel’s random number generation service, but not using it as a random number source during normal use.

The cause of the bug is unknown, but Torvalds speculates that it could be related to poorly written BIOS fTPM code. He also questions the scalability and parallelism of BIOS code.

Disabling the fTPM’s random number generator could limit the functionality of the system, particularly with regards to hardware encryption and security. AMD has previously recommended using a physical TPM module as an alternative to the firmware TPM, but this requires a compatible motherboard.