Fix the fallback mechanism when menu entries fail to boot

Resolves: RHEL-113024
Signed-off-by: Leo Sandoval <lsandova@redhat.com>

0371-script-execute-Don-t-let-trailing-blank-lines-determ.patch

@@ -0,0 +1,66 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: James Le Cuirot <jlecuirot@microsoft.com>
+Date: Thu, 24 Oct 2024 14:42:46 +0100
+Subject: [PATCH] script/execute: Don't let trailing blank lines determine the
+ return code
+
+grub_script_execute_sourcecode() parses and executes code one line at a
+time, updating the return code each time because only the last line
+determines the final status. However, trailing new lines were also
+executed, masking any failure on the previous line. Fix this by only
+trying to execute the command when there is actually one present.
+
+This has presumably never been noticed because this code is not used by
+regular functions, only in special cases like eval and menu entries. The
+latter generally don't return at all, having booted an OS. When failing
+to boot, upstream GRUB triggers the fallback mechanism regardless of the
+return code.
+
+We noticed the problem while using Red Hat's patches, which change this
+behaviour to take account of the return code. In that case, a failure
+takes you back to the menu rather than triggering a fallback.
+
+Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
+---
+ grub-core/script/execute.c |  5 ++++-
+ tests/grub_script_eval.in  | 10 +++++++++-
+ 2 files changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
+index 014132703..3d26a3fe4 100644
+--- a/grub-core/script/execute.c
++++ b/grub-core/script/execute.c
+@@ -952,7 +952,10 @@ grub_script_execute_sourcecode (const char *source)
+ 	  break;
+ 	}
+ 
+-      ret = grub_script_execute (parsed_script);
++      /* Don't let trailing blank lines determine the return code.  */
++      if (parsed_script->cmd)
++	ret = grub_script_execute (parsed_script);
++
+       grub_script_free (parsed_script);
+       grub_free (line);
+     }
+diff --git a/tests/grub_script_eval.in b/tests/grub_script_eval.in
+index c97b78d77..9c6211042 100644
+--- a/tests/grub_script_eval.in
++++ b/tests/grub_script_eval.in
+@@ -3,4 +3,12 @@
+ eval echo "Hello world"
+ valname=tst
+ eval $valname=hi
+-echo $tst
+\ No newline at end of file
++echo $tst
++
++if eval "
++false
++"; then
++  echo should have failed
++else
++  echo failed as expected
++fi
+-- 
+2.48.1
+

0372-normal-menu-Check-return-code-of-the-script-when-exe.patch

@@ -0,0 +1,45 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: James Le Cuirot <jlecuirot@microsoft.com>
+Date: Thu, 24 Oct 2024 15:00:26 +0100
+Subject: [PATCH] normal/menu: Check return code of the script when executing a
+ menu entry
+
+Don't rely on grub_errno here because grub_script_execute_new_scope()
+calls grub_print_error(), which always resets grub_errno back to
+GRUB_ERR_NONE. It may also get reset by grub_wait_after_message().
+
+This problem was observed when a "bad signature" error resulted in the
+menu being redisplayed rather than the fallback mechanism being
+triggered, although another change was also needed to fix it. This only
+happens with Red Hat's patches because upstream GRUB triggers the
+fallback mechanism regardless of the return code.
+
+Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
+---
+ grub-core/normal/menu.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
+index 97687013c..a2703dabb 100644
+--- a/grub-core/normal/menu.c
++++ b/grub-core/normal/menu.c
+@@ -377,14 +377,14 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
+   if (ptr && ptr[0] && ptr[1])
+     grub_env_set ("default", ptr + 1);
+ 
+-  grub_script_execute_new_scope (entry->sourcecode, entry->argc, entry->args);
++  err = grub_script_execute_new_scope (entry->sourcecode, entry->argc, entry->args);
+ 
+   if (errs_before != grub_err_printed_errors)
+     grub_wait_after_message ();
+ 
+   errs_before = grub_err_printed_errors;
+ 
+-  if (grub_errno == GRUB_ERR_NONE && grub_loader_is_loaded ())
++  if (err == GRUB_ERR_NONE && grub_loader_is_loaded ())
+     /* Implicit execution of boot, only if something is loaded.  */
+     err = grub_command_execute ("boot", 0, 0);
+ 
+-- 
+2.48.1
+

grub.patches

@@ -367,3 +367,5 @@ Patch0367: 0367-Use-medany-instead-of-large-model-for-RISCV.patch
 Patch0368: 0368-10_linux.in-escape-kernel-option-characters-properly.patch
 Patch0369: 0369-blscfg-check-if-variable-is-escaped-before-consideri.patch
 Patch0370: 0370-Set-correctly-the-memory-attributes-for-the-kernel-P.patch
+Patch0371: 0371-script-execute-Don-t-let-trailing-blank-lines-determ.patch
+Patch0372: 0372-normal-menu-Check-return-code-of-the-script-when-exe.patch

grub2.spec

@@ -17,7 +17,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.12
-Release:	28%{?dist}
+Release:	29%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPL-3.0-or-later
 URL:		http://www.gnu.org/software/grub/
@@ -574,6 +574,10 @@ fi
 %endif
 
 %changelog
+* Mon Sep 08 2025 Leo Sandoval <lsandova@redhat.com> 2.12-29
+- Fix the fallback mechanism when menu entries fail to boot
+- Resolves: RHEL-113024
+
 * Thu Aug 21 2025 Leo Sandoval <lsandova@redhat.com> 2.12-28
 - Remove strong stack protector on target CFLAGS
 - Related: #RHEL-89464