From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1jBk50-0004yA-Az for mharc-grub-devel@gnu.org; Tue, 10 Mar 2020 14:58:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55367) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jBk4x-0004xa-LN for grub-devel@gnu.org; Tue, 10 Mar 2020 14:58:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jBk4w-0006Gx-7h for grub-devel@gnu.org; Tue, 10 Mar 2020 14:58:11 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:41481) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jBk4v-0005y0-Ta for grub-devel@gnu.org; Tue, 10 Mar 2020 14:58:10 -0400 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 6BB0E221B6; Tue, 10 Mar 2020 14:58:08 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Tue, 10 Mar 2020 14:58:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=from :to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=IBUmQFn3NFbv8 fZGuTYfAwnT1pb0Ox+PpMFEEfsmFNQ=; b=J7z1ld468bqi2Ux4cmyATpDyDzTte H7Kt34kxsZHAOucnuQwW9TR0eH74EljZ8DVw8f49wi87eJGyrtUh2mECvVJ3zlWj o+0gqPR092WbqnxX7jdRpvGK103XFA4cFiTVrdDFWpgWR/PlFJdZNZfOkerWJDtc Z1B2CgcFisvOIef+AR/tWIZvbm6h8bxy1MYovD3eUbxacS1jf/ax4oHoy+OE0VDJ V1+gZuMLZGI3naress3DOFLckvd3JNxpetkXDugLXx9zomc1lwHS3GSbpv3zI58R 1gFomtLdq9DsrNL5Q+SheFxuT6jHVsQSePQkA3ltt2Qp7TnrYHvwh2RHw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=IBUmQFn3NFbv8fZGuTYfAwnT1pb0Ox+PpMFEEfsmFNQ=; b=BdtV8g9D 9B1d1U7iy9TVyonvlnx4AvPtH5K3/tOiWqvfozD2ZF6qHeQ2Th0r43PVlEZEv4b8 LSAxy3sSJ7JmariY3+3ucPcLj+XRxYpDyQ0SD2S3+si4I7pGSi2LW+WPKDfig6EC 2Wh/WSERPCuyVP3mSAqcJBUJBG4YRR1FEc5rHB4qaeLEtD/zucXzCK2wwJyBjATt /CC7mTbBnsg02BXXY6D2VaHTi/AapRL5IS8VuaHE5RJmT8zofbCVegX49Qa4TXWm v+IoqEWArc0rpuJzErKHvTWMQiPffcBrWElYHRCBafqxzLLaWM21rOsCiUxXaP5F twPKpRzBxlHtBA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedruddvtddgudduudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffufffkofgjfhgggfestdekredtredttdenucfhrhhomheprfgrthhr ihgtkhcuufhtvghinhhhrghrughtuceophhssehpkhhsrdhimheqnecukfhppeekledrud dvrddvheegrddvheenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhl fhhrohhmpehpshesphhkshdrihhm X-ME-Proxy: Received: from vm-mail (x590cfe19.dyn.telefonica.de [89.12.254.25]) by mail.messagingengine.com (Postfix) with ESMTPA id 2F1543060F09; Tue, 10 Mar 2020 14:58:07 -0400 (EDT) Received: from localhost (xps [10.192.0.12]) by vm-mail (OpenSMTPD) with ESMTPSA id 3ef9a6f1 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Tue, 10 Mar 2020 18:58:03 +0000 (UTC) From: Patrick Steinhardt To: grub-devel@gnu.org Cc: Patrick Steinhardt , Daniel Kiper , Leif Lindholm , agraf@csgraf.de, pjones@redhat.com, mjg59@google.com, phcoder@gmail.com, Milan Broz Subject: [PATCH v3 1/5] efi: Always try to allocate heap size of 1.6GB Date: Tue, 10 Mar 2020 19:58:28 +0100 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.27 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Mar 2020 18:58:13 -0000 By default, GRUB will allocate a quarter of the pages it got available in the EFI subsystem. On many current systems, this will amount to roughly 800MB of RAM assuming an address space of 32 bits. This is plenty for most use cases, but it doesn't suffice when using full disk encryption with a key derival function based on Argon2. Besides the usual iteration count known from PBKDF2, Argon2 introduces two additional parameters "memory" and "parallelism". While the latter doesn't really matter to us, the memory parameter is quite interesting. If encrypting a partition with LUKS2 using Argon2 as KDF, then cryptsetup will default to a memory parameter of 1GB. Meaning we need to allocate a buffer of 1GB in size in order to be able to derive the key, which definitely won't squeeze into the limit of 800MB. To prepare for Argon2, this commit reworks the memory allocation algorithm for EFI platforms. Instead of trying to allocate a quarter of memory available, let's instead introduce a constant target amount of bytes that we try to allocate. The target is set to the previous value of MAX_HEAP_SIZE, which amounts to 1.6GB and thus sufficiently high to accomodate for both Argon2 as well as other functionality. The value is then clamped to at most half of available memory but at least 100MB. Signed-off-by: Patrick Steinhardt --- grub-core/kern/efi/mm.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c index b02fab1b1..367a726c6 100644 --- a/grub-core/kern/efi/mm.c +++ b/grub-core/kern/efi/mm.c @@ -39,8 +39,8 @@ #define MEMORY_MAP_SIZE 0x3000 /* The minimum and maximum heap size for GRUB itself. */ -#define MIN_HEAP_SIZE 0x100000 -#define MAX_HEAP_SIZE (1600 * 0x100000) +#define MIN_HEAP_PAGES BYTES_TO_PAGES( 0x100000) +#define TARGET_HEAP_PAGES BYTES_TO_PAGES(1600 * 0x100000) static void *finish_mmap_buf = 0; static grub_efi_uintn_t finish_mmap_size = 0; @@ -559,7 +559,7 @@ grub_efi_mm_init (void) grub_efi_uintn_t map_size; grub_efi_uintn_t desc_size; grub_efi_uint64_t total_pages; - grub_efi_uint64_t required_pages; + grub_efi_uint64_t target_heap_pages; int mm_status; /* Prepare a memory region to store two memory maps. */ @@ -599,14 +599,15 @@ grub_efi_mm_init (void) filtered_memory_map_end = filter_memory_map (memory_map, filtered_memory_map, desc_size, memory_map_end); - /* By default, request a quarter of the available memory. */ + /* By default, request TARGET_HEAP_PAGES pages. If that exceeds half of meory + * available, clamp it, but request at least MIN_HEAP_PAGES. */ total_pages = get_total_pages (filtered_memory_map, desc_size, filtered_memory_map_end); - required_pages = (total_pages >> 2); - if (required_pages < BYTES_TO_PAGES (MIN_HEAP_SIZE)) - required_pages = BYTES_TO_PAGES (MIN_HEAP_SIZE); - else if (required_pages > BYTES_TO_PAGES (MAX_HEAP_SIZE)) - required_pages = BYTES_TO_PAGES (MAX_HEAP_SIZE); + target_heap_pages = TARGET_HEAP_PAGES; + if (target_heap_pages > (total_pages / 2)) + target_heap_pages = total_pages / 2; + if (target_heap_pages < MIN_HEAP_PAGES) + target_heap_pages = MIN_HEAP_PAGES; /* Sort the filtered descriptors, so that GRUB can allocate pages from smaller regions. */ @@ -614,7 +615,7 @@ grub_efi_mm_init (void) /* Allocate memory regions for GRUB's memory management. */ add_memory_regions (filtered_memory_map, desc_size, - filtered_memory_map_end, required_pages); + filtered_memory_map_end, target_heap_pages); #if 0 /* For debug. */ -- 2.25.1