[PATCH v8 04/12] tpm: Change tpm_get_random() opportunistic
Jarkko Sakkinen
jarkko at kernel.org
Fri Jan 2 16:37:43 UTC 2026
On Fri, Dec 19, 2025 at 09:42:07AM +0000, Jonathan McDowell wrote:
> On Tue, Dec 16, 2025 at 11:21:38AM +0200, Jarkko Sakkinen wrote:
> > hwrng framework does not have a requirement that the all bytes requested
> > need to be provided. By enforcing such a requirement internally, TPM driver
> > can cause unpredictability in latency, as a single tpm_get_random() call
> > can result multiple TPM commands.
> >
> > Especially, when TCG_TPM2_HMAC is enabled, extra roundtrips could have
> > significant effect to the system latency.
> >
> > Thus, send TPM command only once and return bytes received instead of
> > committing to the number of requested bytes.
>
> Function comment for tpm_get_random needs updated as well, as it currently
> says "until all of the @max bytes have been received", which is no longer
> true with this patch. With that:
>
> Reviewed-by: Jonathan McDowell <noodles at meta.com>
Thank you and definitely can refine that comment. After holidays it is
probably to go through this patch set with time and send +1 iteration
:-)
BR, Jarkko
More information about the Linux-security-module-archive
mailing list