On Fri, Oct 14, 2022 at 11:40:01AM +0200, Daniel Kiper wrote: > On Fri, Oct 07, 2022 at 01:37:10PM +0800, Michael Chang via Grub-devel wrote: > > This helps to prevent out of memory error when reading large files via > > disabling > > tpm device as verifier has to read all content into memory in one chunk to > > measure the hash and extend to tpm. > > How does this patch help when the TPM is present in the system?
If the firmware menu offers option to disable TPM device, then this patch can be useful to get around 'out of memory error' through disabling TPM device from firmware in order to make tpm verifier won't be in the way of reading huge files. This is essentially a compromised solution as long as tpm module can be a built-in module in signed image and at the same time user may come across the need to open huge files, for eg, loopback mount in grub for the rescue image. In this case they could be opted in to disable tpm device from firmware to proceed if they run into out of memory or other (slow) reading issues. Thanks, Michael > > Daniel > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
