** Description changed: + [Impact] + + * loopback command uses too much ram, resulting in OOM on small + machines + + [Test Case] + + * Download & Copy kernel.snap from amd64 pc image onto ESP partitition + + * Boot VM with secureboot, uefi and tpm and drop into grub recovery + shell + + * observe ram usage of the machine (for example by using virt-manager + graphs) + + * execute "loopback loop0 /path/to/kernel.snap" + + * observe ram usage of the machine again. + + * The RAM usage should stay almost constant with the patched grub just + like it did in bionic. If it grows by the size of the kernel.snap + (~500MB+), it is booting using buggy grub as shipped in focal GA. + + [Regression Potential] + + * This patch changes UEFI secureboot verifier behaviour for the + loopback command. The whole loopback file is no longer read & stored + into memory. + + This changes the PCR values. However Ubuntu has not yet been using or + sealing against that PCR value. Also normally, on every kernel/grub + update, the same PCR value is changed. Thus normal resealing procedure + after a grub update would accommodate for this change of the PCR value. + + The loopback devices as a whole are no longer measured into TPM and + cannot be attested. The resurrect such behavior, there is upstream + design plan to allow storing hashes of all blocks and validate them with + reduced memory requirement. Currently this is deemed out of scope, and + of low interest/priority. + + [Other Info] + + [Original bug report] + Booting a uc20 system fails early currently. The image used was: http://cdimage.ubuntu.com/ubuntu-core/20/beta/20200513.2/ Attached is a screenshot of the debug output. This appears to be some sort of regression with grub in 20.04 or with UEFI grub - this used to work in uc18. Note that there is memory < 1500mb
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1878541 Title: Grub fails to load kernel from squashfs if mem < 1500mb To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1878541/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
