45 lines
1.6 KiB
Diff
45 lines
1.6 KiB
Diff
From cda4b7a415eb45743ea54a7760b302c0cfe718cf Mon Sep 17 00:00:00 2001
|
|
From: Michael Chang <mchang@suse.com>
|
|
Date: Mon, 23 Sep 2024 10:32:18 +0800
|
|
Subject: [PATCH] tpm: Skip loopback image measurement
|
|
|
|
The loopback image is configured to function as a disk by being mapped
|
|
as a block device. Instead of measuring the entire block device, we
|
|
should focus on tracking the individual files accessed from it. For
|
|
example, we do not directly measure block devices like disk hd0, but the
|
|
files opened from it.
|
|
|
|
This method is important to avoid running out of memory, since loopback
|
|
images can be very large. Trying to read and measure the whole image at
|
|
once could cause out of memory errors and disrupt the boot process.
|
|
|
|
Signed-Off-by: Michael Chang <mchang@suse.com>
|
|
---
|
|
grub-core/commands/tpm.c | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/grub-core/commands/tpm.c b/grub-core/commands/tpm.c
|
|
index bb9aee210..ebbb4fef0 100644
|
|
--- a/grub-core/commands/tpm.c
|
|
+++ b/grub-core/commands/tpm.c
|
|
@@ -41,6 +41,16 @@ grub_tpm_verify_init (grub_file_t io,
|
|
{
|
|
*context = io->name;
|
|
*flags |= GRUB_VERIFY_FLAGS_SINGLE_CHUNK;
|
|
+
|
|
+ /*
|
|
+ * The loopback image is mapped as a disk, allowing it to function like a
|
|
+ * block device. However, we measure the files read from the block device,
|
|
+ * not the device itself. For example, we don't measure block devices like
|
|
+ * disk hd0 directly. This process is crucial to prevent out-of-memory
|
|
+ * errors, as loopback images are inherently large.
|
|
+ */
|
|
+ if ((type & GRUB_FILE_TYPE_MASK) == GRUB_FILE_TYPE_LOOPBACK)
|
|
+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
|
|
return GRUB_ERR_NONE;
|
|
}
|
|
|
|
--
|
|
2.46.1
|
|
|