On Mon, Jun 1, 2020, 15:21 Chris Coulson <chris.coul...@canonical.com>
wrote:
> When a file is verified, the entire contents of the verified file are
> loaded in to memory and retained until the file handle is closed. A
> consequence of this is that opening a loopback image can incur a
> significant memory cost.
>
> As loopback devices are just another disk implementation, don't treat
> loopback images any differently to physical disk images, and skip
> verification of them. Files opened from the filesystem within a loopback
> image will still be passed to verifier modules where required.
>
> Signed-off-by: Chris Coulson <chris.coul...@canonical.com>
> ---
> grub-core/disk/loopback.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/grub-core/disk/loopback.c b/grub-core/disk/loopback.c
> index cdf9123fa..01267e577 100644
> --- a/grub-core/disk/loopback.c
> +++ b/grub-core/disk/loopback.c
> @@ -93,7 +93,8 @@ grub_cmd_loopback (grub_extcmd_context_t ctxt, int argc,
> char **args)
> return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
>
> file = grub_file_open (args[1], GRUB_FILE_TYPE_LOOPBACK
> - | GRUB_FILE_TYPE_NO_DECOMPRESS);
> + | GRUB_FILE_TYPE_NO_DECOMPRESS |
> + GRUB_FILE_TYPE_SKIP_SIGNATURE);
>
Maybe the verifier should rather decide to skip verification if fuller type
is loopback?
> if (! file)
> return grub_errno;
>
> --
> 2.25.1
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
>
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
