[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/5] efi: Allocate half of available memory by default
From: |
Patrick Steinhardt |
Subject: |
Re: [PATCH 1/5] efi: Allocate half of available memory by default |
Date: |
Thu, 20 Feb 2020 20:29:42 +0100 |
On Thu, Feb 13, 2020 at 11:47:54AM +0000, Leif Lindholm wrote:
> On Thu, Feb 06, 2020 at 15:27:29 +0100, Patrick Steinhardt wrote:
> > By default, GRUB will allocate a quarter of the pages it got available
> > in the EFI subsystem. On many current systems, this will amount to
> > roughly 800MB of RAM assuming an address space of 32 bits. This is
> > plenty for most use cases, but it doesn't suffice when using full disk
> > encryption with a key derival function based on Argon2.
> >
> > Besides the usual iteration count known from PBKDF2, Argon2 introduces
> > two additional parameters "memory" and "parallelism". While the latter
> > doesn't really matter to us, the memory parameter is quite interesting.
> > If encrypting a partition with LUKS2 using Argon2 as KDF, then
> > cryptsetup will default to a memory parameter of 1GB. Meaning we need to
> > allocate a buffer of 1GB in size in order to be able to derive the key,
> > which definitely won't squeeze into the limit of 800MB.
> >
> > To prepare for Argon2, let's thus increase the default and make half of
> > memory available, instead of a quarter only. This amounts to about
> > 1600MB on above systems, which is sufficient for Argon2.
>
> I was never a huge fan of the "grab a percentage of RAM" in the first
> place, and I think "grab twice that" is not the best solution here.
>
> (Real) corner cases that would be affected by this are:
> 1) chainloading grub from grub
> 2) OS loaders (loaded by GRUB) requiring large amounts of RAM before
> ExitBootsevices().
>
> If you have a known minimum requirement, can we work towards that
> instead?
Quoting Milan from another mail in this thread:
On Wed, Feb 12, 2020 at 08:18:32AM +0100, Milan Broz wrote:
> Anyway, there are some limits in cryptsetup - we try to never use
> more than half of physical memory and maximum is hard-compiled to 4GiB.
>
> (But physical memory limit applies when formatting device, then
> is stored in the LUKS2 keyslot header. So if you format it on device with
> much larger RAM and it is later not available, it fails to open.
> It is more complicated though - we have benchmark during format that
> prioritize
> unlocking time, so PBKDF memory is usually decreased on low-memory systems
> anyway.)
As far as I can see, the default memory cost for Argon2 is 1,048,576kB,
at least that is what "configure.ac" says for "luks2-memory-kb". That
also matches my experience with cryptsetup 2.2.2.
Patrick
signature.asc
Description: PGP signature
- [PATCH 0/5] Support Argon2 KDF in LUKS2, Patrick Steinhardt, 2020/02/06
- [PATCH 3/5] disk: luks2: Add missing newline to debug message, Patrick Steinhardt, 2020/02/06
- [PATCH 1/5] efi: Allocate half of available memory by default, Patrick Steinhardt, 2020/02/06
- [PATCH 4/5] disk: luks2: Discern Argon2i and Argon2id, Patrick Steinhardt, 2020/02/06
- [PATCH 2/5] argon2: Import Argon2 from cryptsetup, Patrick Steinhardt, 2020/02/06
- [PATCH 5/5] disk: luks2: Support key derival via Argon2, Patrick Steinhardt, 2020/02/06
- Re: [PATCH 0/5] Support Argon2 KDF in LUKS2, Daniel Kiper, 2020/02/11