From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1oySmo-0001v0-Mz
	for mharc-grub-devel@gnu.org; Fri, 25 Nov 2022 02:06:10 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <MChang@suse.com>) id 1oySmn-0001un-Cx
 for grub-devel@gnu.org; Fri, 25 Nov 2022 02:06:09 -0500
Received: from mail-dbaeur03on20605.outbound.protection.outlook.com
 ([2a01:111:f400:fe1a::605]
 helo=EUR03-DBA-obe.outbound.protection.outlook.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <MChang@suse.com>) id 1oySmi-0008Vc-1i
 for grub-devel@gnu.org; Fri, 25 Nov 2022 02:06:08 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=RlQqDNsB0TWjnSSaxTGLTS/YB8TLIZ47jlPfEUSBTemA8PSdZxSqSrpAT2sxxnqnYg9x80qQTafhfJApniOTmM9s8KR0k/1+jnxrZ5H74ZwGSnyI+EZLbIJOYbEJlQb0Q9mtWKzAvP99CTehoRaNxhMdJnn256VnlT069VJiBv4vA5KM88CJN8HguwPdI5VWQMJuKfGEspRW79iqTQnmFiCi7lVUft4kmrl52gVhGvEQ0ezHTUSGN6s3zyDwJoe5Z0lJOLh/QEzLmy4QsrX6Ov8RFUSQZcIFEAIaaxPa76CsKkg7fvPbXoE66JAwitZlOUJlbzSJRnYFFt6dZ7xiHw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=DnUcI+buCXGgwnh+nlVpZ6rQfoxvYdQ+WAS//QolK5o=;
 b=Xe8hINbZbaq6vOgrqEOl/7b2TWbU90pqP3YSd17xU7OCnYcwci1Yqc0ZLjqgtwlbl0QRyth8vY0Btz/x2z6bUux9Sv2N5ZKk5ui2I/TEM5S0MJ7icD7Ax349+k/7NstTIRKLAqseR2j4nLP1paFwAEEzVfnSLA1lG9T7tFXPhDD4xmv67/1KhkqYltK1oatoAfsCafnw9HvpGVdI7d2LsCjrGB45r2Giw45LjFfgQeFAkEFho4HQ6gHtrcyW3MO4Piy/mGXrFMS0Qk7OYbPWq1WBVBIOmwcmAqyoI0ns4ClufVqNTvdem8TFiCFctapdmmOeywIBsZobqIcLmAjDag==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com;
 dkim=pass header.d=suse.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; 
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=DnUcI+buCXGgwnh+nlVpZ6rQfoxvYdQ+WAS//QolK5o=;
 b=fvU/Ila14I8yjlEauuJxf5ioRa25giNKiarv3IM+GpO9gZV4Zwiby6tUCRICdbGDvXXly+cmg3H/WzmZzHrzZ16CWI6IzCAb3aeaYVqG7mCB+dNIJ7OsUlGc+YGvCLNM9phX4dMXpWXKaNOjsucu1Qvoq9/Q8DauYU5pKjm8HnNzt5jNTaX/G//0Y/YrjTkL+ZiHedFUMV6Xl+F26RwySA8w+FYQ0Envfxzn4V7PTyDszx54e5tkw7MuUxOW7jxXjK/u2eXLSzWfQU96DrsMz+KFlFO+JOnhQOJoZO+1GRH8Y7nKZSPCeA/7w9jL+7FsZUbGxBJIqXZLWmNl8qlfGw==
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=suse.com;
Received: from DU2PR04MB9081.eurprd04.prod.outlook.com (2603:10a6:10:2f0::13)
 by AM7PR04MB6807.eurprd04.prod.outlook.com (2603:10a6:20b:104::21)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5834.15; Fri, 25 Nov
 2022 07:00:57 +0000
Received: from DU2PR04MB9081.eurprd04.prod.outlook.com
 ([fe80::9a6f:92c3:35b3:67cf]) by DU2PR04MB9081.eurprd04.prod.outlook.com
 ([fe80::9a6f:92c3:35b3:67cf%7]) with mapi id 15.20.5834.015; Fri, 25 Nov 2022
 07:00:57 +0000
Date: Fri, 25 Nov 2022 15:00:48 +0800
From: Michael Chang <mchang@suse.com>
To: The development of GNU GRUB <grub-devel@gnu.org>
Subject: Re: [PATCH v2] tpm: Disable tpm verifier if tpm is not present
Message-ID: <20221125070048.GA5792@mazu>
References: <20221007053710.18345-1-mchang@suse.com>
 <20221014094001.dqoncqektby34etb@tomti.i.net-space.pl>
 <20221017051908.GA21185@mazu>
 <20221124160448.zzcuix5atyhggj7j@tomti.i.net-space.pl>
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20221124160448.zzcuix5atyhggj7j@tomti.i.net-space.pl>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-ClientProxiedBy: TYCPR01CA0004.jpnprd01.prod.outlook.com (2603:1096:405::16)
 To DU2PR04MB9081.eurprd04.prod.outlook.com
 (2603:10a6:10:2f0::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DU2PR04MB9081:EE_|AM7PR04MB6807:EE_
X-MS-Office365-Filtering-Correlation-Id: c88d2717-b6fc-43fc-0cf8-08daceb2cd79
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 3cbP0zUYzlyx00czemUoFhmwGloXwauUJt3an3gk+LXlEZ+pxta61mPN2Gm6v0e9DBqnE40dUxlAvkx5z0k0naoYZAiDGwy3W2Z5MvNnH+n8G7ygCiKgAteFxHayS/9RpQqQzvTZUFJOWIVwlBWuluLUV2aH7qhfezxSpKcSlduD0qJTmluxD1ltQgycVWU286rYUXMcfVX1aPuCnLb0HZZ26gvKB2wRbgx51Yd7tl90+CAV1ZpbN9IJ6cuI5h0ujaNsjhjJDFlUx2MChAISzk5QKwaOU3LffeNv0pfWt4md3vB98FS284jjTZDdtVqw1BQCEXbs6YesPOR+Esl6IZ7MrSG4onvyn3seOd8n9T+X27slmetNCXV1/tFGHmj4Iwgtfk+wpQRhrMLt81kYij1Hh+DhRmnGe4gC7fuP/WEArhscfS84Q6gTKbHflDtNTbXruqKMb7AXb0wLNluAs8pXcAfDViLaZEeGxKefQJN1U58iIXRMsPlliMadLZTvdmIukfEjvh+Kx1usrVCu0lIZV7aWtmXp4lzvz0PN0Wl7NFBmcZ1nwKvGr7SwWkLf2bULxZex1WOwqiPpt87r6iyUD9/4OvRvFmhZSsshKIhEnqxtvFySwr28fCYqpIj21wVyIDGcz5jXEwlb23iXZv09KIFXBqO6GsA5S5IXVwxzA3ReuuV4zbf9ikmHlhpSOmhPlGsrdZ7ySjjuGCmowg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:DU2PR04MB9081.eurprd04.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230022)(7916004)(396003)(136003)(346002)(39850400004)(366004)(376002)(451199015)(8936002)(2906002)(41300700001)(86362001)(316002)(66946007)(66556008)(66476007)(8676002)(6666004)(478600001)(6512007)(33716001)(9686003)(33656002)(1076003)(83380400001)(186003)(6486002)(966005)(6506007)(38100700002)(5660300002)(66899015)(6916009);
 DIR:OUT; SFP:1101; 
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?xRsomfLSUV5KqJ/77BbJz3GErjy/ThEQZFFXG/DbYJcKo1aDCsf0Ow6e8X7R?=
 =?us-ascii?Q?XXBeX4PkBpA3rNzqOIiG23a97Va94qP4UzrvCcEwIwaEC7LtWHgh1eP5F9pm?=
 =?us-ascii?Q?rHEYvkIuOOm8xQf73Vprf6v5hewJuaaYoxZxpS8E7A7n4JTLD76KXD1+0eXT?=
 =?us-ascii?Q?UK91/K1sKU+X8ltteTT1/15E1E8AlCWS/8G1z+8M7cS17zFHQVHDpIOs/xEb?=
 =?us-ascii?Q?Ky0jOerFTPzURSUfhScGc0EQzTAzsTc00s9FHdmojtLghmV3sPwaaKlswUZl?=
 =?us-ascii?Q?3ZatxBCszETWwzTDnVYCrRhRrojYGerIu4wRqIY1mnAjIHm8q/Nur+2PBoLa?=
 =?us-ascii?Q?ZYeunMAxW4LW6rb4yVLuEuDMTe82xll7w/P66sSuadKx0UxJiQkJE5NYor2h?=
 =?us-ascii?Q?1pvMNB7jlMBCsotuNhSsrEie4a7yr4Tci72RjZiJCq4GJZ8p81GXfYKvu6y4?=
 =?us-ascii?Q?qVB8NDZlb/C9HGKWWZRFmn+/fg2OkuqFkfH3QpVHNBCpRYNyaTQWZ306cpKk?=
 =?us-ascii?Q?Mh67cuZZujwV7oxj+lRwFEQh3Hc29g5NzsTS2h1BMtevG3izj/8CF/vE9Ws2?=
 =?us-ascii?Q?h0+0BTngASu7gAMmrIegCMDTUTRC190f1Mc2pyXWlxrct178BV7Du15AldpB?=
 =?us-ascii?Q?YBGgkHLfno7Qc0o1nSq91aDmrvj1cjRLXoaLF/Vmyt2Rx1xsemD0koEa6ovB?=
 =?us-ascii?Q?K4swQm8SNj8X+7FpzAoYRyu6Jcb8AaZ0gH6BIU8ohtVm2etnXXjk9v64J9SU?=
 =?us-ascii?Q?PtxlCZJUVr5gtdV1jSmIfSkrtE4qVprsh7RwdXXJ7vEeLWQbC6VUaKTciSrf?=
 =?us-ascii?Q?JFOJcxmijo6UMz4Gb14U/XEc7d8Zw2ZRuWqmnQ15sROIxzvInGEjBSDQ7yjO?=
 =?us-ascii?Q?enxygPMkRRFllm4aZjKtzSMgcR58QffgmxTqYdNo8jy+QNIO1GfXVlfquTIg?=
 =?us-ascii?Q?ia8hQXCDTU4c+QbRPYZGPvk4NMp43xRSWks2Qc4U6QdxT3cvRWsgKMAM8V5X?=
 =?us-ascii?Q?mFdmLDcjHaZqw2TYVgUEK8ZBT/mFn7/k9B4CAQfNt4UEfpsgG+28N8NtopRR?=
 =?us-ascii?Q?bAvNaTnci/Kk+bC7qeIo/mIN+bB68sZQMWMgKbou11sPKtXmXuAaVaCFB59n?=
 =?us-ascii?Q?8OFv88yNmoO0FWbwUdb7T400ZVb/Z0QtCnjqGg2T4Kkoqh56Oe/xI2bRvLtq?=
 =?us-ascii?Q?9+w90K219Dfg2dyc9nCgPCo1XHkHjviQ6kcZTJFZVv+1ANtU/VriSSBfvwva?=
 =?us-ascii?Q?J/WpGs/SLkbeZhkzQ2ZFoGnxM6mMLxEgt44c3e316QmT4GSGSbnvJMmxM0WZ?=
 =?us-ascii?Q?Uv07j0P7GXtSF8gvFwB05pGbER9TvZCV4rasl808fT5+jvK57c1l5H+dwH2J?=
 =?us-ascii?Q?rpDT+P3SJasw61IX6KP52C7/kNpYNVFd0qLM5K942x8uovKYDFOq+tIQRIbW?=
 =?us-ascii?Q?vGrnmO8iXv3eJ0nqn3YPl1lhYCHKy2ThM+d9a3TvIq3xKTG+rHQsBCbR2vMU?=
 =?us-ascii?Q?zRnhKO+mJCZENEoLifFBcuyL5dyh5Dzzb1JNiirpnDJY9A/Z0pKyKCcPzan8?=
 =?us-ascii?Q?63qTOEsyVk0uTqwX+YfAf6ElWxXCzG8EH/na86BUbM+g5nNqbCikYtN2n2Th?=
 =?us-ascii?Q?815J1PWOAb0QAWlYWwu4MQKKiuKEGMxLqcdHHgqbjag6?=
X-OriginatorOrg: suse.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c88d2717-b6fc-43fc-0cf8-08daceb2cd79
X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB9081.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Nov 2022 07:00:57.6093 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: tkil7i82+vD8f93R0BJptiQpXWPd5QC2REFvDN5ogU3UU6hp7/3vsdPXyrR6X0yH
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR04MB6807
Received-SPF: pass client-ip=2a01:111:f400:fe1a::605;
 envelope-from=MChang@suse.com;
 helo=EUR03-DBA-obe.outbound.protection.outlook.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Nov 2022 07:06:09 -0000

On Thu, Nov 24, 2022 at 05:04:48PM +0100, Daniel Kiper wrote:
> On Mon, Oct 17, 2022 at 01:19:08PM +0800, Michael Chang via Grub-devel wrote:
> > On Fri, Oct 14, 2022 at 11:40:01AM +0200, Daniel Kiper wrote:
> > > On Fri, Oct 07, 2022 at 01:37:10PM +0800, Michael Chang via Grub-devel wrote:
> > > > This helps to prevent out of memory error when reading large files via disabling
> > > > tpm device as verifier has to read all content into memory in one chunk to
> > > > measure the hash and extend to tpm.
> > >
> > > How does this patch help when the TPM is present in the system?
> >
> > If the firmware menu offers option to disable TPM device, then this
> > patch can be useful to get around 'out of memory error' through
> > disabling TPM device from firmware in order to make tpm verifier won't
> > be in the way of reading huge files.
> >
> > This is essentially a compromised solution as long as tpm module can be
> > a built-in module in signed image and at the same time user may come
> > across the need to open huge files, for eg, loopback mount in grub for
> > the rescue image. In this case they could be opted in to disable tpm
> > device from firmware to proceed if they run into out of memory or other
> > (slow) reading issues.
> 
> I think I would prefer something similar to this [1] patch. Of course
> if [1] is not enough...

The tpm verifier attempts to set GRUB_VERIFY_FLAGS_SINGLE_CHUNK for all
incoming files, which gets loaded into memory in its entirety as an
duplicated copy to disk files. The overhead is too huge to some low
profile hardwares with smaller memory or when the boot path has to cover
very large files, hence the out of memory error.

I think it inevitable to use GRUB_VERIFY_FLAGS_SINGLE_CHUNK as tpm
measures and extends file intergrity. But we ought to avoid the overhead
when TPM device is not present or disabled by the user.

The patch [1] seems to deal with the tpm error which prevents a file
from being opened, which is orthogonal to the memory allocation issue in
the common verifier before tpm doing measurement.

Thanks,
Michael

> 
> Daniel
> 
> [1] http://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=a4356538d03c5a5350790b6453b523fb9214c2e9
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel