swtpm icon indicating copy to clipboard operation
swtpm copied to clipboard

Published 20 hours ago verified publisher icon stefanberger

Reenable fsync() on state file and directory

Open stefanberger opened this issue 2 years ago • 4 comments

Reenable fsync() on state file and directory. This depends on availability of packages of libtpms with the required fix.

stefanberger avatar Oct 18 '21 01:10 stefanberger

TODO:

  • [ ] Profile the fsync()'s to see how 'bad' they are

stefanberger avatar Oct 18 '21 14:10 stefanberger

fsync(2)s are generally painful on real HDDs, tolerable on SSDs, and unnoticeable on tmpfs.

For swtpm the pain will depend on what applications do. NV and PCR operations need fsync(2), but most key object operations don't. So actual pain will vary by application.

nicowilliams avatar Oct 26 '21 19:10 nicowilliams

PCR operations like extending and reading shouldn't require it but due to an issue with the clock it ended up doing writes. NV writes for sure will require it.

stefanberger avatar Oct 26 '21 19:10 stefanberger

Ah, right, PCR operations shouldn't require it. Clock operations shouldn't either, since restarting the swtpm should increment the resetCount.

nicowilliams avatar Oct 26 '21 20:10 nicowilliams