On Thu Nov 7, 2024 at 8:24 AM EET, Jarkko Sakkinen wrote:
> On Thu Nov 7, 2024 at 4:48 AM EET, Mimi Zohar wrote:
> > On Thu, 2024-11-07 at 02:51 +0200, Jarkko Sakkinen wrote:
> > > On Thu Nov 7, 2024 at 2:47 AM EET, Jarkko Sakkinen wrote:
> > > > From: Mimi Zohar
> > > >
> > > > The initial encry
On Thu Nov 7, 2024 at 4:48 AM EET, Mimi Zohar wrote:
> On Thu, 2024-11-07 at 02:51 +0200, Jarkko Sakkinen wrote:
> > On Thu Nov 7, 2024 at 2:47 AM EET, Jarkko Sakkinen wrote:
> > > From: Mimi Zohar
> > >
> > > The initial encrypted HMAC session feature added TPM bus encryption to
> > > various in
On Thu, 2024-11-07 at 02:51 +0200, Jarkko Sakkinen wrote:
> On Thu Nov 7, 2024 at 2:47 AM EET, Jarkko Sakkinen wrote:
> > From: Mimi Zohar
> >
> > The initial encrypted HMAC session feature added TPM bus encryption to
> > various in-kernel TPM operations. This can cause performance bottlenecks
>
On Thu Nov 7, 2024 at 2:51 AM EET, Jarkko Sakkinen wrote:
> On Thu Nov 7, 2024 at 2:47 AM EET, Jarkko Sakkinen wrote:
> > From: Mimi Zohar
> >
> > The initial encrypted HMAC session feature added TPM bus encryption to
> > various in-kernel TPM operations. This can cause performance bottlenecks
> >
On Thu Nov 7, 2024 at 2:47 AM EET, Jarkko Sakkinen wrote:
> From: Mimi Zohar
>
> The initial encrypted HMAC session feature added TPM bus encryption to
> various in-kernel TPM operations. This can cause performance bottlenecks
> with IMA, as it heavily utilizes PCR extend operations.
>
> In order
From: Mimi Zohar
The initial encrypted HMAC session feature added TPM bus encryption to
various in-kernel TPM operations. This can cause performance bottlenecks
with IMA, as it heavily utilizes PCR extend operations.
In order to address this performance issue, introduce disable_encrypt_pcrs
kern
