Developers of the Linux kernel have disabled TPM bus encryption by default in recent updates to address performance issues. This change, introduced after features in Linux 6.10, prioritizes efficiency over security in many use cases. The decision reflects community feedback on balancing protection against slowdowns in TPM-dependent operations.
The Linux kernel's handling of Trusted Platform Module (TPM) technology saw a key adjustment with the disablement of default TPM bus encryption. This shift occurred following the introduction of TPM2 HMAC encryption and integrity features in Linux 6.10, aimed at protecting against attacks like TPM sniffing or interposer-based compromises that could intercept sensitive data such as recovery keys.
Benchmarking showed that these protections caused significant overhead, leading to up to a 10% performance drop in operations like disk encryption and secure boot, particularly on hardware without optimized TPM implementations. Kernel contributor James Bottomley noted that while the feature remains available via kernel parameters, its default disablement prioritizes efficiency for most users who may not face high-risk threats.
This move highlights ongoing debates in the Linux community. Security advocates argue it could introduce vulnerabilities in enterprise settings reliant on TPMs for zero-trust architectures. However, for common deployments such as cloud servers or embedded devices, the performance impact was seen as unacceptable without evidence of widespread exploits on unencrypted TPM buses.
The TPM2 specification from the Trusted Computing Group stresses encryption to counter man-in-the-middle attacks on buses like SPI or I2C. Yet, compatibility issues arose with older hardware, including some Intel PTT modules that failed initialization in AES-128-CFB mode, as documented in the ArchWiki. Disabling the default resolves these problems, with users able to enable it using parameters like tpm_security=1.
Community feedback drove the change, starting with non-x86 architectures before a full revert. Distributions including Fedora and Ubuntu are updating their guides to advise on opt-in usage. Looking forward, maintainers are considering hybrid approaches, such as hardware-accelerated HMAC or per-device toggles, with potential improvements in Linux 6.13. Critics in sectors like finance and government caution against risks where encrypted communications are essential, emphasizing the need for user education on threat models.