From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1j4rVD-0001Xv-VH for mharc-grub-devel@gnu.org; Thu, 20 Feb 2020 14:28:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:34340) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j4rVB-0001V8-78 for grub-devel@gnu.org; Thu, 20 Feb 2020 14:28:50 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j4rVA-0003XU-1T for grub-devel@gnu.org; Thu, 20 Feb 2020 14:28:49 -0500 Received: from wout4-smtp.messagingengine.com ([64.147.123.20]:35787) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1j4rV9-0003X2-Kn for grub-devel@gnu.org; Thu, 20 Feb 2020 14:28:47 -0500 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 031B455C; Thu, 20 Feb 2020 14:28:45 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 20 Feb 2020 14:28:46 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=fm3; bh=Tiy0QZDEAt6Pzt047Fpo4khterm /YTDbMqVV8BjhT/c=; b=fQ0wMdVITL4YxfsvFggRfIUx8/Gd/i+AVAqf3dj/866 Keay4uxmbXr7nuOrTe5XIPseLuJ37GZunjyTKcS5HpFaGoVa5dYQmUhnlJHbQ1wF RqHWMu34QV18Zi+yHxPsD/CNlzBR4u19BUw7OPvw4KOiwAjPZCJV9rKk2qpZM5Xn HUyuRke5jqv6rjqgZSI0ZjkCSeqaw2zasafWG0Z+FwAc4WYnBpj7IXlWvrsgAF/j II4YFYblG9E++8i/prUEJPuYnLn2U+OPvF+DHT+0GFvr3FLrQtC7w1fcS8lVpqj7 gxAIs/o+1Fdt7JTQR9lgTS8ZZeqiNZiS3hso9oX88Iw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Tiy0QZ DEAt6Pzt047Fpo4khterm/YTDbMqVV8BjhT/c=; b=zHyKbxu0H3iH/5OZNWqKYh /QG8CTSejHAvKy90nrTsx+iels516wTF2A5q7DQ8nF87ffNJI+z5vM15YiN8RXtx ELy2PKz33yoNGmTi0/6ZG7/P2U845KuIK21mUzkcZNIYy5Nch7iQsd94GoROxGlb kxilguxPPA4YU0FvmZ0Xr4TyCPYXbCxHk6NUIlQCo4z7VlxCYDGbU6LKWrkk1k59 Wa6tFYBpUWzlEH6hhJ9C+vloASpYz+UfqdzNpHmxhjx+mgu1RkWHSoDvvh0CgVIu lbe/tMoJuhRphzxDLnm3q3C3tkDLJFTdv0BTqueGa6Lh8v1gD6PCLD3UfrcTx0iA == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrkedvgdduvdejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrrghtrhhi tghkucfuthgvihhnhhgrrhguthcuoehpshesphhkshdrihhmqeenucfkphepjeekrdehhe drvddvrddujeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr ohhmpehpshesphhkshdrihhm X-ME-Proxy: Received: from vm-mail (x4e371611.dyn.telefonica.de [78.55.22.17]) by mail.messagingengine.com (Postfix) with ESMTPA id CCC823280062; Thu, 20 Feb 2020 14:28:44 -0500 (EST) Received: from localhost (xps [10.192.0.12]) by vm-mail (OpenSMTPD) with ESMTPSA id 81bb3df5 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Thu, 20 Feb 2020 19:28:41 +0000 (UTC) Date: Thu, 20 Feb 2020 20:29:42 +0100 From: Patrick Steinhardt To: Leif Lindholm Cc: The development of GNU GRUB , Daniel Kiper Subject: Re: [PATCH 1/5] efi: Allocate half of available memory by default Message-ID: <20200220192942.GA4235@xps> References: <53cdfdc2703c934d5f0c03130972eeae67fb4318.1580998938.git.ps@pks.im> <20200213114754.GK23627@bivouac.eciton.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="d6Gm4EdcadzBjdND" Content-Disposition: inline In-Reply-To: <20200213114754.GK23627@bivouac.eciton.net> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 64.147.123.20 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Feb 2020 19:28:50 -0000 --d6Gm4EdcadzBjdND Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 13, 2020 at 11:47:54AM +0000, Leif Lindholm wrote: > On Thu, Feb 06, 2020 at 15:27:29 +0100, Patrick Steinhardt wrote: > > By default, GRUB will allocate a quarter of the pages it got available > > in the EFI subsystem. On many current systems, this will amount to > > roughly 800MB of RAM assuming an address space of 32 bits. This is > > plenty for most use cases, but it doesn't suffice when using full disk > > encryption with a key derival function based on Argon2. > >=20 > > Besides the usual iteration count known from PBKDF2, Argon2 introduces > > two additional parameters "memory" and "parallelism". While the latter > > doesn't really matter to us, the memory parameter is quite interesting. > > If encrypting a partition with LUKS2 using Argon2 as KDF, then > > cryptsetup will default to a memory parameter of 1GB. Meaning we need to > > allocate a buffer of 1GB in size in order to be able to derive the key, > > which definitely won't squeeze into the limit of 800MB. > >=20 > > To prepare for Argon2, let's thus increase the default and make half of > > memory available, instead of a quarter only. This amounts to about > > 1600MB on above systems, which is sufficient for Argon2. >=20 > I was never a huge fan of the "grab a percentage of RAM" in the first > place, and I think "grab twice that" is not the best solution here. >=20 > (Real) corner cases that would be affected by this are: > 1) chainloading grub from grub > 2) OS loaders (loaded by GRUB) requiring large amounts of RAM before > ExitBootsevices(). >=20 > If you have a known minimum requirement, can we work towards that > instead? Quoting Milan from another mail in this thread: On Wed, Feb 12, 2020 at 08:18:32AM +0100, Milan Broz wrote: > Anyway, there are some limits in cryptsetup - we try to never use > more than half of physical memory and maximum is hard-compiled to 4GiB. >=20 > (But physical memory limit applies when formatting device, then > is stored in the LUKS2 keyslot header. So if you format it on device with > much larger RAM and it is later not available, it fails to open. > It is more complicated though - we have benchmark during format that prio= ritize > unlocking time, so PBKDF memory is usually decreased on low-memory system= s anyway.) As far as I can see, the default memory cost for Argon2 is 1,048,576kB, at least that is what "configure.ac" says for "luks2-memory-kb". That also matches my experience with cryptsetup 2.2.2. Patrick --d6Gm4EdcadzBjdND Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEtmscHsieVjl9VyNUEXxntp6r8SwFAl5O3iQACgkQEXxntp6r 8Sz1cw//Qtp3wNhM037wbkB7f6ricGl4sUvEmThHtBPWTA0k8Zl6Nxjw23h6xXD9 eH/Zbbdl/BqB6ruBCIpWAEa71jtmqdnqDE97IPIP7xkzh9C2ZJQ3gPSW3WCknW7Z /t6LRm+FFi6uI56Mhfrvv9EZw9nDB5DkvSM7tz3WW9QmbvNMpE8CZXW3kG0p+GfY 3DmN9lNO1r1AvvHRQPYqtqdNrkd/uic5yFog5kyNzL52xGNsfsdO6/yneb87KYGe DSmyh8BLRhlCvBQuUCGvSUMPcJ99jFGb/J1mhDWVpr+7zpUotov6aFKUMWK9SJXx hOYtNdwUFAqvZBf0t1Oi5bSxoOK7/yeiHo+ndSDq3rokqbeU7d26EQz5Xegs+H7i p1oP8ZjSNVU45N+Vxl8F7dYdxjrDzO93NZowMF0y35xHi4Eu8Wer9WIVoKwWKkC8 USMYPOUEH8IJrVNwEGqzDNreYvcmmMmHyvdVVV8glGwwkSFLwBERgf2eTR//Ytye EwzrP5sSgkFrVEDDBMrUX9rVTtYceEC/O/Q51CV7J0sSjY681N37fpkQ7z5dvot3 PTalnvAFGdXsOFsQuzxiEjT1IEPesERaYEePpg+fFpk+BznSAiHrgJysCp+8wMnb EQjyIdtYiztNgGJFgrqKZJqiZNiAJGQsrkdyw8C95wcMlNoYJXc= =kMWT -----END PGP SIGNATURE----- --d6Gm4EdcadzBjdND--