On Mon, Feb 20, 2023 at 02:36:18PM +0800, Michael Chang via Grub-devel wrote:
> This helps to prevent out of memory error when reading large files via
> disabling tpm device as verifier has to read all content into memory in
> one chunk to measure the hash and extend to tpm.
>
> For ibmvtpm driver support this change here would be needed. It helps to
> prevent much memory consuming tpm subsystem from being activated when no
> vtpm device present.
I have taken a look at this patch once again with fresh mind. Now I think
the main advantage of having it is that we do not load files twice when
there is lack of TPM and there are no other verifiers present. Though it
is difficult to get it from the current commit message. So, I think it
has to be changed in the following way:
- the problem description,
- how the problem is solved by this patch and what are the other
advantages of having it in the GRUB,
- how the problem is mitigated by the recent mm changes on the
platforms with TPM enabled.
Daniel
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
