On Wed Sep 25, 2024 at 10:46 AM EEST, Jarkko Sakkinen wrote:
On Wed Sep 25, 2024 at 10:42 AM EEST, Jarkko Sakkinen wrote:
Fair enough. I can buy this.
I'll phrase it that (since it was mentioned in the bugzilla comment) in the bug in question the root is in PCR extend but since in my own tests I got overhead from trusted keys I also mention that it overally affects also that and tpm2_get_random().
I do not want to take null key flushing away although I got the reasoning given the small amount of time is saved (maybe 25-50 ms in my QEMU setup if I recall correctly) but it would make sense to squash it auth session patch.
I'll also check 1/2 and 2/2 if I'm doing too much in them. Not adding any tags to v6 and it really makes sense to develop benchmarks and not rush with the new version now that I got also your feedback, since it is past rc1 timeline.
Good target rcX would be around rc3.
I have to admit this: I had blind spot on that PCR extend comment because I did not get hits on that when testing this so it definitely needs to be documented. I spotted it only yesterday.
BR, Jarkko