Re: [PATCH v5 0/5] Lazy flush for the auth session

From: Jarkko Sakkinen
Date: Tue Oct 15 2024 - 18:14:41 EST

Next message: Rob Herring: "Re: [PATCH v3 1/4] dt-bindings: rng: add st,stm32mp25-rng support"
Previous message: Ankur Arora: "Re: [PATCH 2/7] rcu: limit PREEMPT_RCU configurations"
In reply to: Mimi Zohar: "Re: [PATCH v5 0/5] Lazy flush for the auth session"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue Oct 15, 2024 at 11:08 PM EEST, Mimi Zohar wrote:
> > > > since the feature itself is useful objectively, and make sure
> > > > that those fixes bring the wanted results.
>
> The right thing would have been to listen to my concerns when this was initially
> being discussed. The right thing wasn't enabling TCG_TPM2_HMAC by default.

This is debatable as for laptops and desktops having hard drive
encryption do benefit with this. If systemd hadn't added
systemd-cryptenroll I would agree with this. I learned about this
feature two years after its inception in that project, so we needed to
address this as a priority (I did not and will not follow systemd
development proactively, as don't have time for that).

I feel more safe using my laptop with the feature in place at least.

Besides, it is complicated feature enough that it would have been
impossible ever "zero glitch" land it. I don't think there is any
rigid "data centers first" rule really, except maybe for those
businesses that run data centers (and I'm not one of those
businesses).

BR, Jarkko

Next message: Rob Herring: "Re: [PATCH v3 1/4] dt-bindings: rng: add st,stm32mp25-rng support"
Previous message: Ankur Arora: "Re: [PATCH 2/7] rcu: limit PREEMPT_RCU configurations"
In reply to: Mimi Zohar: "Re: [PATCH v5 0/5] Lazy flush for the auth session"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]