rpms
/
grub2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import grub2-2.02-106.el8

This commit is contained in:
CentOS Sources 2021-11-09 05:10:26 -05:00 committed by Stepan Oksanichenko
parent 3b06c03f9e
commit 2d479f20f3
14 changed files with 1310 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
SOURCES/0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch Normal file
View File

@ -0,0 +1,75 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Wed, 14 Apr 2021 20:10:23 +1000
Subject: [PATCH] ieee1275: drop HEAP_MAX_ADDR, HEAP_MIN_SIZE
HEAP_MAX_ADDR is confusing. Currently it is set to 32MB, except
on ieee1275 on x86, where it is 64MB.
There is a comment which purports to explain it:
/* If possible, we will avoid claiming heap above this address, because it
seems to cause relocation problems with OSes that link at 4 MiB */
This doesn't make a lot of sense when the constants are well above 4MB
already. It was not always this way. Prior to
commit 7b5d0fe4440c ("Increase heap limit") in 2010, HEAP_MAX_SIZE and
HEAP_MAX_ADDR were indeed 4MB. However, when the constants were increased
the comment was left unchanged.
It's been over a decade. It doesn't seem like we have problems with
claims over 4MB on powerpc or x86 ieee1275. (sparc does things completely
differently and never used the constant.)
Drop the constant and the check.
The only use of HEAP_MIN_SIZE was to potentially override the
HEAP_MAX_ADDR check. It is now unused. Remove it.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/kern/ieee1275/init.c | 17 -----------------
1 file changed, 17 deletions(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index 22dc3013d86..ee97d761d1e 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -42,9 +42,6 @@
#include <grub/machine/kernel.h>
#endif
-/* The minimal heap size we can live with. */
-#define HEAP_MIN_SIZE (unsigned long) (2 * 1024 * 1024)
-
/* The maximum heap size we're going to claim */
#ifdef __i386__
#define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024)
@@ -52,14 +49,6 @@
#define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024)
#endif
-/* If possible, we will avoid claiming heap above this address, because it
- seems to cause relocation problems with OSes that link at 4 MiB */
-#ifdef __i386__
-#define HEAP_MAX_ADDR (unsigned long) (64 * 1024 * 1024)
-#else
-#define HEAP_MAX_ADDR (unsigned long) (32 * 1024 * 1024)
-#endif
-
extern char _end[];
#ifdef __sparc__
@@ -181,12 +170,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
if (*total + len > HEAP_MAX_SIZE)
len = HEAP_MAX_SIZE - *total;
- /* Avoid claiming anything above HEAP_MAX_ADDR, if possible. */
- if ((addr < HEAP_MAX_ADDR) && /* if it's too late, don't bother */
- (addr + len > HEAP_MAX_ADDR) && /* if it wasn't available anyway, don't bother */
- (*total + (HEAP_MAX_ADDR - addr) > HEAP_MIN_SIZE)) /* only limit ourselves when we can afford to */
- len = HEAP_MAX_ADDR - addr;
-
/* In theory, firmware should already prevent this from happening by not
listing our own image in /memory/available. The check below is intended
as a safeguard in case that doesn't happen. However, it doesn't protect

252
SOURCES/0482-ieee1275-claim-more-memory.patch Normal file
View File

@ -0,0 +1,252 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Wed, 15 Apr 2020 23:28:29 +1000
Subject: [PATCH] ieee1275: claim more memory
On powerpc-ieee1275, we are running out of memory trying to verify
anything. This is because:
- we have to load an entire file into memory to verify it. This is
extremely difficult to change with appended signatures.
- We only have 32MB of heap.
- Distro kernels are now often around 30MB.
So we want to claim more memory from OpenFirmware for our heap.
There are some complications:
- The grub mm code isn't the only thing that will make claims on
memory from OpenFirmware:
* PFW/SLOF will have claimed some for their own use.
* The ieee1275 loader will try to find other bits of memory that we
haven't claimed to place the kernel and initrd when we go to boot.
* Once we load Linux, it will also try to claim memory. It claims
memory without any reference to /memory/available, it just starts
at min(top of RMO, 768MB) and works down. So we need to avoid this
area. See arch/powerpc/kernel/prom_init.c as of v5.11.
- The smallest amount of memory a ppc64 KVM guest can have is 256MB.
It doesn't work with distro kernels but can work with custom kernels.
We should maintain support for that. (ppc32 can boot with even less,
and we shouldn't break that either.)
- Even if a VM has more memory, the memory OpenFirmware makes available
as Real Memory Area can be restricted. A freshly created LPAR on a
PowerVM machine is likely to have only 256MB available to OpenFirmware
even if it has many gigabytes of memory allocated.
EFI systems will attempt to allocate 1/4th of the available memory,
clamped to between 1M and 1600M. That seems like a good sort of
approach, we just need to figure out if 1/4 is the right fraction
for us.
We don't know in advance how big the kernel and initrd are going to be,
which makes figuring out how much memory we can take a bit tricky.
To figure out how much memory we should leave unused, I looked at:
- an Ubuntu 20.04.1 ppc64le pseries KVM guest:
vmlinux: ~30MB
initrd: ~50MB
- a RHEL8.2 ppc64le pseries KVM guest:
vmlinux: ~30MB
initrd: ~30MB
Ubuntu VMs struggle to boot with just 256MB under SLOF.
RHEL likewise has a higher minimum supported memory figure.
So lets first consider a distro kernel and 512MB of addressible memory.
(This is the default case for anything booting under PFW.) Say we lose
131MB to PFW (based on some tests). This leaves us 381MB. 1/4 of 381MB
is ~95MB. That should be enough to verify a 30MB vmlinux and should
leave plenty of space to load Linux and the initrd.
If we consider 256MB of RMA under PFW, we have just 125MB remaining. 1/4
of that is a smidge under 32MB, which gives us very poor odds of verifying
a distro-sized kernel. However, if we need 80MB just to put the kernel
and initrd in memory, we can't claim any more than 45MB anyway. So 1/4
will do. We'll come back to this later.
grub is always built as a 32-bit binary, even if it's loading a ppc64
kernel. So we can't address memory beyond 4GB. This gives a natural cap
of 1GB for powerpc-ieee1275.
Also apply this 1/4 approach to i386-ieee1275, but keep the 32MB cap.
make check still works for both i386 and powerpc and I've booted
powerpc grub with this change under SLOF and PFW.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/kern/ieee1275/init.c | 81 +++++++++++++++++++++++++++++++++---------
docs/grub-dev.texi | 6 ++--
2 files changed, 69 insertions(+), 18 deletions(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index ee97d761d1e..a6e169bd003 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -42,11 +42,12 @@
#include <grub/machine/kernel.h>
#endif
-/* The maximum heap size we're going to claim */
+/* The maximum heap size we're going to claim. Not used by sparc.
+ We allocate 1/4 of the available memory under 4G, up to this limit. */
#ifdef __i386__
#define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024)
-#else
-#define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024)
+#else // __powerpc__
+#define HEAP_MAX_SIZE (unsigned long) (1 * 1024 * 1024 * 1024)
#endif
extern char _end[];
@@ -143,16 +144,45 @@ grub_claim_heap (void)
+ GRUB_KERNEL_MACHINE_STACK_SIZE), 0x200000);
}
#else
-/* Helper for grub_claim_heap. */
+/* Helper for grub_claim_heap on powerpc. */
+static int
+heap_size (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
+ void *data)
+{
+ grub_uint32_t total = *(grub_uint32_t *)data;
+
+ if (type != GRUB_MEMORY_AVAILABLE)
+ return 0;
+
+ /* Do not consider memory beyond 4GB */
+ if (addr > 0xffffffffUL)
+ return 0;
+
+ if (addr + len > 0xffffffffUL)
+ len = 0xffffffffUL - addr;
+
+ total += len;
+ *(grub_uint32_t *)data = total;
+
+ return 0;
+}
+
static int
heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
void *data)
{
- unsigned long *total = data;
+ grub_uint32_t total = *(grub_uint32_t *)data;
if (type != GRUB_MEMORY_AVAILABLE)
return 0;
+ /* Do not consider memory beyond 4GB */
+ if (addr > 0xffffffffUL)
+ return 0;
+
+ if (addr + len > 0xffffffffUL)
+ len = 0xffffffffUL - addr;
+
if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_NO_PRE1_5M_CLAIM))
{
if (addr + len <= 0x180000)
@@ -166,10 +196,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
}
len -= 1; /* Required for some firmware. */
- /* Never exceed HEAP_MAX_SIZE */
- if (*total + len > HEAP_MAX_SIZE)
- len = HEAP_MAX_SIZE - *total;
-
/* In theory, firmware should already prevent this from happening by not
listing our own image in /memory/available. The check below is intended
as a safeguard in case that doesn't happen. However, it doesn't protect
@@ -181,6 +207,18 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
len = 0;
}
+ /* If this block contains 0x30000000 (768MB), do not claim below that.
+ Linux likes to claim memory at min(RMO top, 768MB) and works down
+ without reference to /memory/available. */
+ if ((addr < 0x30000000) && ((addr + len) > 0x30000000))
+ {
+ len = len - (0x30000000 - addr);
+ addr = 0x30000000;
+ }
+
+ if (len > total)
+ len = total;
+
if (len)
{
grub_err_t err;
@@ -189,10 +227,12 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
if (err)
return err;
grub_mm_init_region ((void *) (grub_addr_t) addr, len);
+ total -= len;
}
- *total += len;
- if (*total >= HEAP_MAX_SIZE)
+ *(grub_uint32_t *)data = total;
+
+ if (total == 0)
return 1;
return 0;
@@ -201,13 +241,22 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
static void
grub_claim_heap (void)
{
- unsigned long total = 0;
+ grub_uint32_t total = 0;
if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM))
- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN,
- 1, &total);
- else
- grub_machine_mmap_iterate (heap_init, &total);
+ {
+ heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN,
+ 1, &total);
+ return;
+ }
+
+ grub_machine_mmap_iterate (heap_size, &total);
+
+ total = total / 4;
+ if (total > HEAP_MAX_SIZE)
+ total = HEAP_MAX_SIZE;
+
+ grub_machine_mmap_iterate (heap_init, &total);
}
#endif
diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi
index 421dd410e50..03d53498c51 100644
--- a/docs/grub-dev.texi
+++ b/docs/grub-dev.texi
@@ -930,7 +930,9 @@ space is limited to 4GiB. GRUB allocates pages from EFI for its heap, at most
1.6 GiB.
On i386-ieee1275 and powerpc-ieee1275 GRUB uses same stack as IEEE1275.
-It allocates at most 32MiB for its heap.
+
+On i386-ieee1275, GRUB allocates at most 32MiB for its heap. On
+powerpc-ieee1275, GRUB allocates up to 1GiB.
On sparc64-ieee1275 stack is 256KiB and heap is 2MiB.
@@ -958,7 +960,7 @@ In short:
@item i386-qemu @tab 60 KiB @tab < 4 GiB
@item *-efi @tab ? @tab < 1.6 GiB
@item i386-ieee1275 @tab ? @tab < 32 MiB
-@item powerpc-ieee1275 @tab ? @tab < 32 MiB
+@item powerpc-ieee1275 @tab ? @tab < 1 GiB
@item sparc64-ieee1275 @tab 256KiB @tab 2 MiB
@item arm-uboot @tab 256KiB @tab 2 MiB
@item mips(el)-qemu_mips @tab 2MiB @tab 253 MiB

268
SOURCES/0483-ieee1275-request-memory-with-ibm-client-architecture.patch Normal file
View File

@ -0,0 +1,268 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Fri, 16 Apr 2021 11:48:46 +1000
Subject: [PATCH] ieee1275: request memory with ibm,client-architecture-support
On PowerVM, the first time we boot a Linux partition, we may only get
256MB of real memory area, even if the partition has more memory.
This isn't really enough. Fortunately, the Power Architecture Platform
Reference (PAPR) defines a method we can call to ask for more memory.
This is part of the broad and powerful ibm,client-architecture-support
(CAS) method.
CAS can do an enormous amount of things on a PAPR platform: as well as
asking for memory, you can set the supported processor level, the interrupt
controller, hash vs radix mmu, and so on. We want to touch as little of
this as possible because we don't want to step on the toes of the future OS.
If:
- we are running under what we think is PowerVM (compatible property of /
begins with "IBM"), and
- the full amount of RMA is less than 512MB (as determined by the reg
property of /memory)
then call CAS as follows: (refer to the Linux on Power Architecture
Reference, LoPAR, which is public, at B.5.2.3):
- Use the "any" PVR value and supply 2 option vectors.
- Set option vector 1 (PowerPC Server Processor Architecture Level)
to "ignore".
- Set option vector 2 with default or Linux-like options, including a
min-rma-size of 512MB.
This will cause a CAS reboot and the partition will restart with 512MB
of RMA. Grub will notice the 512MB and not call CAS again.
(A partition can be configured with only 256MB of memory, which would
mean this request couldn't be satisfied, but PFW refuses to load with
only 256MB of memory, so it's a bit moot. SLOF will run fine with 256MB,
but we will never call CAS under qemu/SLOF because /compatible won't
begin with "IBM".)
One of the first things Linux does while still running under OpenFirmware
is to call CAS with a much fuller set of options (including asking for
512MB of memory). This includes a much more restrictive set of PVR values
and processor support levels, and this will induce another reboot. On this
reboot grub will again notice the higher RMA, and not call CAS. We will get
to Linux, Linux will call CAS but because the values are now set for Linux
this will not induce another CAS reboot and we will finally boot.
On all subsequent boots, everything will be configured with 512MB of RMA
and all the settings Linux likes, so there will be no further CAS reboots.
(phyp is super sticky with the RMA size - it persists even on cold boots.
So if you've ever booted Linux in a partition, you'll probably never have
grub call CAS. It'll only ever fire the first time a partition loads grub,
or if you deliberately lower the amount of memory your partition has below
512MB.)
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/kern/ieee1275/cmain.c | 3 +
grub-core/kern/ieee1275/init.c | 144 ++++++++++++++++++++++++++++++++++++++-
include/grub/ieee1275/ieee1275.h | 8 ++-
3 files changed, 152 insertions(+), 3 deletions(-)
diff --git a/grub-core/kern/ieee1275/cmain.c b/grub-core/kern/ieee1275/cmain.c
index 3e14f539368..9d5156462c1 100644
--- a/grub-core/kern/ieee1275/cmain.c
+++ b/grub-core/kern/ieee1275/cmain.c
@@ -124,6 +124,9 @@ grub_ieee1275_find_options (void)
break;
}
}
+
+ if (grub_strncmp (tmp, "IBM,", 4) == 0)
+ grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY);
}
if (is_smartfirmware)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index a6e169bd003..adf4bd5a88b 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -238,6 +238,135 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
return 0;
}
+/* How much memory does OF believe it has? (regardless of whether
+ it's accessible or not) */
+static grub_err_t
+grub_ieee1275_total_mem (grub_uint64_t *total)
+{
+ grub_ieee1275_phandle_t root;
+ grub_ieee1275_phandle_t memory;
+ grub_uint32_t reg[4];
+ grub_ssize_t reg_size;
+ grub_uint32_t address_cells = 1;
+ grub_uint32_t size_cells = 1;
+ grub_uint64_t size;
+
+ /* If we fail to get to the end, report 0. */
+ *total = 0;
+
+ /* Determine the format of each entry in `reg'. */
+ grub_ieee1275_finddevice ("/", &root);
+ grub_ieee1275_get_integer_property (root, "#address-cells", &address_cells,
+ sizeof address_cells, 0);
+ grub_ieee1275_get_integer_property (root, "#size-cells", &size_cells,
+ sizeof size_cells, 0);
+
+ if (size_cells > address_cells)
+ address_cells = size_cells;
+
+ /* Load `/memory/reg'. */
+ if (grub_ieee1275_finddevice ("/memory", &memory))
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE,
+ "couldn't find /memory node");
+ if (grub_ieee1275_get_integer_property (memory, "reg", reg,
+ sizeof reg, &reg_size))
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE,
+ "couldn't examine /memory/reg property");
+ if (reg_size < 0 || (grub_size_t) reg_size > sizeof (reg))
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE,
+ "/memory response buffer exceeded");
+
+ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_BROKEN_ADDRESS_CELLS))
+ {
+ address_cells = 1;
+ size_cells = 1;
+ }
+
+ /* Decode only the size */
+ size = reg[address_cells];
+ if (size_cells == 2)
+ size = (size << 32) | reg[address_cells + 1];
+
+ *total = size;
+
+ return grub_errno;
+}
+
+/* Based on linux - arch/powerpc/kernel/prom_init.c */
+struct option_vector2 {
+ grub_uint8_t byte1;
+ grub_uint16_t reserved;
+ grub_uint32_t real_base;
+ grub_uint32_t real_size;
+ grub_uint32_t virt_base;
+ grub_uint32_t virt_size;
+ grub_uint32_t load_base;
+ grub_uint32_t min_rma;
+ grub_uint32_t min_load;
+ grub_uint8_t min_rma_percent;
+ grub_uint8_t max_pft_size;
+} __attribute__((packed));
+
+struct pvr_entry {
+ grub_uint32_t mask;
+ grub_uint32_t entry;
+};
+
+struct cas_vector {
+ struct {
+ struct pvr_entry terminal;
+ } pvr_list;
+ grub_uint8_t num_vecs;
+ grub_uint8_t vec1_size;
+ grub_uint8_t vec1;
+ grub_uint8_t vec2_size;
+ struct option_vector2 vec2;
+} __attribute__((packed));
+
+/* Call ibm,client-architecture-support to try to get more RMA.
+ We ask for 512MB which should be enough to verify a distro kernel.
+ We ignore most errors: if we don't succeed we'll proceed with whatever
+ memory we have. */
+static void
+grub_ieee1275_ibm_cas (void)
+{
+ int rc;
+ grub_ieee1275_ihandle_t root;
+ struct cas_args {
+ struct grub_ieee1275_common_hdr common;
+ grub_ieee1275_cell_t method;
+ grub_ieee1275_ihandle_t ihandle;
+ grub_ieee1275_cell_t cas_addr;
+ grub_ieee1275_cell_t result;
+ } args;
+ struct cas_vector vector = {
+ .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */
+ .num_vecs = 2 - 1,
+ .vec1_size = 0,
+ .vec1 = 0x80, /* ignore */
+ .vec2_size = 1 + sizeof(struct option_vector2) - 2,
+ .vec2 = {
+ 0, 0, -1, -1, -1, -1, -1, 512, -1, 0, 48
+ },
+ };
+
+ INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2);
+ args.method = (grub_ieee1275_cell_t)"ibm,client-architecture-support";
+ rc = grub_ieee1275_open("/", &root);
+ if (rc) {
+ grub_error (GRUB_ERR_IO, "could not open root when trying to call CAS");
+ return;
+ }
+ args.ihandle = root;
+ args.cas_addr = (grub_ieee1275_cell_t)&vector;
+
+ grub_printf("Calling ibm,client-architecture-support...");
+ IEEE1275_CALL_ENTRY_FN (&args);
+ grub_printf("done\n");
+
+ grub_ieee1275_close(root);
+}
+
static void
grub_claim_heap (void)
{
@@ -245,11 +374,22 @@ grub_claim_heap (void)
if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM))
{
- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN,
- 1, &total);
+ heap_init (GRUB_IEEE1275_STATIC_HEAP_START,
+ GRUB_IEEE1275_STATIC_HEAP_LEN, 1, &total);
return;
}
+ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY))
+ {
+ grub_uint64_t rma_size;
+ grub_err_t err;
+
+ err = grub_ieee1275_total_mem (&rma_size);
+ /* if we have an error, don't call CAS, just hope for the best */
+ if (!err && rma_size < (512 * 1024 * 1024))
+ grub_ieee1275_ibm_cas();
+ }
+
grub_machine_mmap_iterate (heap_size, &total);
total = total / 4;
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
index ca08bd96681..131808d6197 100644
--- a/include/grub/ieee1275/ieee1275.h
+++ b/include/grub/ieee1275/ieee1275.h
@@ -147,7 +147,13 @@ enum grub_ieee1275_flag
GRUB_IEEE1275_FLAG_CURSORONOFF_ANSI_BROKEN,
- GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT
+ GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT,
+
+ /* On PFW, the first time we boot a Linux partition, we may only get 256MB
+ of real memory area, even if the partition has more memory. Set this flag
+ if we think we're running under PFW. Then, if this flag is set, and the
+ RMA is only 256MB in size, try asking for more with CAS. */
+ GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY,
};
extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag);

315
SOURCES/0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch Normal file
View File

@ -0,0 +1,315 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Sat, 8 May 2021 02:27:58 +0200
Subject: [PATCH] appendedsig/x509: Also handle the Extended Key Usage
extension
Red Hat certificates have both Key Usage and Extended Key Usage extensions
present, but the appended signatures x509 parser doesn't handle the latter
and so buils due finding an unrecognised critical extension:
Error loading initial key:
../../grub-core/commands/appendedsig/x509.c:780:Unhandled critical x509 extension with OID 2.5.29.37
Fix this by also parsing the Extended Key Usage extension and handle it by
verifying that the certificate has a single purpose, that is code signing.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/commands/appendedsig/x509.c | 94 ++++++++++++++++++++++++++++++-
grub-core/tests/appended_signature_test.c | 29 +++++++++-
grub-core/tests/appended_signatures.h | 81 ++++++++++++++++++++++++++
3 files changed, 201 insertions(+), 3 deletions(-)
diff --git a/grub-core/commands/appendedsig/x509.c b/grub-core/commands/appendedsig/x509.c
index 652e4f16870..34a2070a7c9 100644
--- a/grub-core/commands/appendedsig/x509.c
+++ b/grub-core/commands/appendedsig/x509.c
@@ -47,6 +47,12 @@ const char *keyUsage_oid = "2.5.29.15";
*/
const char *basicConstraints_oid = "2.5.29.19";
+/*
+ * RFC 5280 4.2.1.12 Extended Key Usage
+ */
+const char *extendedKeyUsage_oid = "2.5.29.37";
+const char *codeSigningUsage_oid = "1.3.6.1.5.5.7.3.3";
+
/*
* RFC 3279 2.3.1
*
@@ -651,6 +657,77 @@ cleanup:
return err;
}
+/*
+ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ *
+ * KeyPurposeId ::= OBJECT IDENTIFIER
+ */
+static grub_err_t
+verify_extended_key_usage (grub_uint8_t * value, int value_size)
+{
+ asn1_node extendedasn;
+ int result, count;
+ grub_err_t err = GRUB_ERR_NONE;
+ char usage[MAX_OID_LEN];
+ int usage_size = sizeof (usage);
+
+ result =
+ asn1_create_element (_gnutls_pkix_asn, "PKIX1.ExtKeyUsageSyntax",
+ &extendedasn);
+ if (result != ASN1_SUCCESS)
+ {
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ "Could not create ASN.1 structure for Extended Key Usage");
+ }
+
+ result = asn1_der_decoding2 (&extendedasn, value, &value_size,
+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error);
+ if (result != ASN1_SUCCESS)
+ {
+ err =
+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "Error parsing DER for Extended Key Usage: %s",
+ asn1_error);
+ goto cleanup;
+ }
+
+ /*
+ * If EKUs are present, there must be exactly 1 and it must be a
+ * codeSigning usage.
+ */
+ result = asn1_number_of_elements(extendedasn, "", &count);
+ if (result != ASN1_SUCCESS)
+ {
+ err =
+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "Error counting number of Extended Key Usages: %s",
+ asn1_strerror (result));
+ goto cleanup;
+ }
+
+ result = asn1_read_value (extendedasn, "?1", usage, &usage_size);
+ if (result != ASN1_SUCCESS)
+ {
+ err =
+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "Error reading Extended Key Usage: %s",
+ asn1_strerror (result));
+ goto cleanup;
+ }
+
+ if (grub_strncmp (codeSigningUsage_oid, usage, usage_size) != 0)
+ {
+ err =
+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "Unexpected Extended Key Usage OID, got: %s",
+ usage);
+ goto cleanup;
+ }
+
+cleanup:
+ asn1_delete_structure (&extendedasn);
+ return err;
+}
/*
* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
@@ -674,7 +751,7 @@ verify_extensions (asn1_node cert)
{
int result;
int ext, num_extensions = 0;
- int usage_present = 0, constraints_present = 0;
+ int usage_present = 0, constraints_present = 0, extended_usage_present = 0;
char *oid_path, *critical_path, *value_path;
char extnID[MAX_OID_LEN];
int extnID_size;
@@ -768,6 +845,15 @@ verify_extensions (asn1_node cert)
}
constraints_present++;
}
+ else if (grub_strncmp (extendedKeyUsage_oid, extnID, extnID_size) == 0)
+ {
+ err = verify_extended_key_usage (value, value_size);
+ if (err != GRUB_ERR_NONE)
+ {
+ goto cleanup_value;
+ }
+ extended_usage_present++;
+ }
else if (grub_strncmp ("TRUE", critical, critical_size) == 0)
{
/*
@@ -799,6 +885,12 @@ verify_extensions (asn1_node cert)
"Unexpected number of basic constraints extensions - expected 1, got %d",
constraints_present);
}
+ if (extended_usage_present > 1)
+ {
+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "Unexpected number of Extended Key Usage extensions - expected 0 or 1, got %d",
+ extended_usage_present);
+ }
return GRUB_ERR_NONE;
cleanup_value:
diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c
index 88a485200d8..dbba0616621 100644
--- a/grub-core/tests/appended_signature_test.c
+++ b/grub-core/tests/appended_signature_test.c
@@ -111,6 +111,22 @@ static struct grub_procfs_entry certificate_printable_der_entry = {
.get_contents = get_certificate_printable_der
};
+static char *
+get_certificate_eku_der (grub_size_t * sz)
+{
+ char *ret;
+ *sz = certificate_eku_der_len;
+ ret = grub_malloc (*sz);
+ if (ret)
+ grub_memcpy (ret, certificate_eku_der, *sz);
+ return ret;
+}
+
+static struct grub_procfs_entry certificate_eku_der_entry = {
+ .name = "certificate_eku.der",
+ .get_contents = get_certificate_eku_der
+};
+
static void
do_verify (const char *f, int is_valid)
@@ -149,6 +165,7 @@ appended_signature_test (void)
char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL };
char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der",
NULL };
+ char *trust_args_eku[] = { (char *) "(proc)/certificate_eku.der", NULL };
char *distrust_args[] = { (char *) "1", NULL };
char *distrust2_args[] = { (char *) "2", NULL };
grub_err_t err;
@@ -157,6 +174,7 @@ appended_signature_test (void)
grub_procfs_register ("certificate2.der", &certificate2_der_entry);
grub_procfs_register ("certificate_printable.der",
&certificate_printable_der_entry);
+ grub_procfs_register ("certificate_eku.der", &certificate_eku_der_entry);
cmd_trust = grub_command_find ("trust_certificate");
if (!cmd_trust)
@@ -266,16 +284,23 @@ appended_signature_test (void)
/*
* Lastly, check a certificate that uses printableString rather than
- * utf8String loads properly.
+ * utf8String loads properly, and that a certificate with an appropriate
+ * extended key usage loads.
*/
err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable);
grub_test_assert (err == GRUB_ERR_NONE,
- "distrusting printable certificate failed: %d: %s",
+ "trusting printable certificate failed: %d: %s",
+ grub_errno, grub_errmsg);
+
+ err = (cmd_trust->func) (cmd_trust, 1, trust_args_eku);
+ grub_test_assert (err == GRUB_ERR_NONE,
+ "trusting certificate with extended key usage failed: %d: %s",
grub_errno, grub_errmsg);
grub_procfs_unregister (&certificate_der_entry);
grub_procfs_unregister (&certificate2_der_entry);
grub_procfs_unregister (&certificate_printable_der_entry);
+ grub_procfs_unregister (&certificate_eku_der_entry);
}
GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test);
diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h
index aa3dc6278e3..2e5ebd7d8bd 100644
--- a/grub-core/tests/appended_signatures.h
+++ b/grub-core/tests/appended_signatures.h
@@ -555,3 +555,84 @@ unsigned char certificate_printable_der[] = {
0xd2
};
unsigned int certificate_printable_der_len = 829;
+
+unsigned char certificate_eku_der[] = {
+ 0x30, 0x82, 0x03, 0x90, 0x30, 0x82, 0x02, 0x78, 0xa0, 0x03, 0x02, 0x01,
+ 0x02, 0x02, 0x09, 0x00, 0xd3, 0x9c, 0x41, 0x33, 0xdd, 0x6b, 0x5f, 0x45,
+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ 0x0b, 0x05, 0x00, 0x30, 0x47, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55,
+ 0x04, 0x03, 0x0c, 0x18, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20,
+ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20,
+ 0x43, 0x41, 0x20, 0x36, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2a, 0x86,
+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x13, 0x73, 0x65, 0x63,
+ 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, 0x64, 0x68, 0x61, 0x74,
+ 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32,
+ 0x31, 0x35, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, 0x17, 0x0d, 0x33,
+ 0x38, 0x30, 0x31, 0x31, 0x37, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a,
+ 0x30, 0x4e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+ 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63,
+ 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67,
+ 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x36, 0x30, 0x32, 0x31, 0x22, 0x30, 0x20,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16,
+ 0x13, 0x73, 0x65, 0x63, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65,
+ 0x64, 0x68, 0x61, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22,
+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xaa, 0x6f, 0xbb, 0x92, 0x77, 0xd7, 0x15,
+ 0xef, 0x88, 0x80, 0x88, 0xc0, 0xe7, 0x89, 0xeb, 0x35, 0x76, 0xf4, 0x85,
+ 0x05, 0x0f, 0x19, 0xe4, 0x5f, 0x25, 0xdd, 0xc1, 0xa2, 0xe5, 0x5c, 0x06,
+ 0xfb, 0xf1, 0x06, 0xb5, 0x65, 0x45, 0xcb, 0xbd, 0x19, 0x33, 0x54, 0xb5,
+ 0x1a, 0xcd, 0xe4, 0xa8, 0x35, 0x2a, 0xfe, 0x9c, 0x53, 0xf4, 0xc6, 0x76,
+ 0xdb, 0x1f, 0x8a, 0xd4, 0x7b, 0x18, 0x11, 0xaf, 0xa3, 0x90, 0xd4, 0xdd,
+ 0x4d, 0xd5, 0x42, 0xcc, 0x14, 0x9a, 0x64, 0x6b, 0xc0, 0x7f, 0xaa, 0x1c,
+ 0x94, 0x47, 0x4d, 0x79, 0xbd, 0x57, 0x9a, 0xbf, 0x99, 0x4e, 0x96, 0xa9,
+ 0x31, 0x2c, 0xa9, 0xe7, 0x14, 0x65, 0x86, 0xc8, 0xac, 0x79, 0x5e, 0x78,
+ 0xa4, 0x3c, 0x00, 0x24, 0xd3, 0xf7, 0xe1, 0xf5, 0x12, 0xad, 0xa0, 0x29,
+ 0xe5, 0xfe, 0x80, 0xae, 0xf8, 0xaa, 0x60, 0x36, 0xe7, 0xe8, 0x94, 0xcb,
+ 0xe9, 0xd1, 0xcc, 0x0b, 0x4d, 0xf7, 0xde, 0xeb, 0x52, 0xd2, 0x73, 0x09,
+ 0x28, 0xdf, 0x48, 0x99, 0x53, 0x9f, 0xc5, 0x9a, 0xd4, 0x36, 0xa3, 0xc6,
+ 0x5e, 0x8d, 0xbe, 0xd5, 0xdc, 0x76, 0xb4, 0x74, 0xb8, 0x26, 0x18, 0x27,
+ 0xfb, 0xf2, 0xfb, 0xd0, 0x9b, 0x3d, 0x7f, 0x10, 0xe2, 0xab, 0x44, 0xc7,
+ 0x88, 0x7f, 0xb4, 0x3d, 0x3e, 0xa3, 0xff, 0x6d, 0x06, 0x4b, 0x3e, 0x55,
+ 0xb2, 0x84, 0xf4, 0xad, 0x54, 0x88, 0x81, 0xc3, 0x9c, 0xf8, 0xb6, 0x68,
+ 0x96, 0x38, 0x8b, 0xcd, 0x90, 0x6d, 0x25, 0x4b, 0xbf, 0x0c, 0x44, 0x90,
+ 0xa5, 0x5b, 0x98, 0xd0, 0x40, 0x2f, 0xbb, 0x0d, 0xa8, 0x4b, 0x8a, 0x62,
+ 0x82, 0x46, 0x46, 0x18, 0x38, 0xae, 0x82, 0x07, 0xd0, 0xb4, 0x2f, 0x16,
+ 0x79, 0x55, 0x9f, 0x1b, 0xc5, 0x08, 0x6d, 0x85, 0xdf, 0x3f, 0xa9, 0x9b,
+ 0x4b, 0xc6, 0x28, 0xd3, 0x58, 0x72, 0x3d, 0x37, 0x11, 0x02, 0x03, 0x01,
+ 0x00, 0x01, 0xa3, 0x78, 0x30, 0x76, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d,
+ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03,
+ 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80,
+ 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c,
+ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03,
+ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6c,
+ 0xe4, 0x6c, 0x27, 0xaa, 0xcd, 0x0d, 0x4b, 0x74, 0x21, 0xa4, 0xf6, 0x5f,
+ 0x87, 0xb5, 0x31, 0xfe, 0x10, 0xbb, 0xa7, 0x30, 0x1f, 0x06, 0x03, 0x55,
+ 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xe8, 0x6a, 0x1c, 0xab,
+ 0x2c, 0x48, 0xf9, 0x60, 0x36, 0xa2, 0xf0, 0x7b, 0x8e, 0xd2, 0x9d, 0xb4,
+ 0x2a, 0x28, 0x98, 0xc8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
+ 0x55, 0x34, 0xe2, 0xfa, 0xf6, 0x89, 0x86, 0xad, 0x92, 0x21, 0xec, 0xb9,
+ 0x54, 0x0e, 0x18, 0x47, 0x0d, 0x1b, 0xa7, 0x58, 0xad, 0x69, 0xe4, 0xef,
+ 0x3b, 0xe6, 0x8d, 0xdd, 0xda, 0x0c, 0x45, 0xf6, 0xe8, 0x96, 0xa4, 0x29,
+ 0x0f, 0xbb, 0xcf, 0x16, 0xae, 0x93, 0xd0, 0xcb, 0x2a, 0x26, 0x1a, 0x7b,
+ 0xfc, 0x51, 0x22, 0x76, 0x98, 0x31, 0xa7, 0x0f, 0x29, 0x35, 0x79, 0xbf,
+ 0xe2, 0x4f, 0x0f, 0x14, 0xf5, 0x1f, 0xcb, 0xbf, 0x87, 0x65, 0x13, 0x32,
+ 0xa3, 0x19, 0x4a, 0xd1, 0x3f, 0x45, 0xd4, 0x4b, 0xe2, 0x00, 0x26, 0xa9,
+ 0x3e, 0xd7, 0xa5, 0x37, 0x9f, 0xf5, 0xad, 0x61, 0xe2, 0x40, 0xa9, 0x74,
+ 0x24, 0x53, 0xf2, 0x78, 0xeb, 0x10, 0x9b, 0x2c, 0x27, 0x88, 0x46, 0xcb,
+ 0xe4, 0x60, 0xca, 0xf5, 0x06, 0x24, 0x40, 0x2a, 0x97, 0x3a, 0xcc, 0xd0,
+ 0x81, 0xb1, 0x15, 0xa3, 0x4f, 0xd0, 0x2b, 0x4f, 0xca, 0x6e, 0xaa, 0x24,
+ 0x31, 0xb3, 0xac, 0xa6, 0x75, 0x05, 0xfe, 0x8a, 0xf4, 0x41, 0xc4, 0x06,
+ 0x8a, 0xc7, 0x0a, 0x83, 0x4e, 0x49, 0xd4, 0x3f, 0x83, 0x50, 0xec, 0x57,
+ 0x04, 0x97, 0x14, 0x49, 0xf5, 0xe1, 0xb1, 0x7a, 0x9c, 0x09, 0x4f, 0x61,
+ 0x87, 0xc3, 0x97, 0x22, 0x17, 0xc2, 0xeb, 0xcc, 0x32, 0x81, 0x31, 0x21,
+ 0x3f, 0x10, 0x57, 0x5b, 0x43, 0xbe, 0xcd, 0x68, 0x82, 0xbe, 0xe5, 0xc1,
+ 0x65, 0x94, 0x7e, 0xc2, 0x34, 0x76, 0x2b, 0xcf, 0x89, 0x3c, 0x2b, 0x81,
+ 0x23, 0x72, 0x95, 0xcf, 0xc9, 0x67, 0x19, 0x2a, 0xd5, 0x5c, 0xca, 0xa3,
+ 0x46, 0xbd, 0x48, 0x06, 0x0b, 0xa6, 0xa3, 0x96, 0x50, 0x28, 0xc7, 0x7e,
+ 0xcf, 0x62, 0xf2, 0xfa, 0xc4, 0xf2, 0x53, 0xe3, 0xc9, 0xe8, 0x2e, 0xdd,
+ 0x29, 0x37, 0x07, 0x47, 0xff, 0xff, 0x8a, 0x32, 0xbd, 0xa2, 0xb7, 0x21,
+ 0x89, 0xa0, 0x55, 0xf7
+};
+unsigned int certificate_eku_der_len = 916;

0
SOURCES/0481-ieee1275-ofdisk-retry-on-open-failure.patch → SOURCES/0485-ieee1275-ofdisk-retry-on-open-failure.patch
View File

123
SOURCES/0486-normal-main-Discover-the-device-to-read-the-config-f.patch Normal file
View File

@ -0,0 +1,123 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Thu, 8 Jul 2021 16:39:39 +0200
Subject: [PATCH] normal/main: Discover the device to read the config from as a
fallback
The GRUB core.img is generated locally, when this is done the grub2-probe
tool figures out the device and partition that needs to be read to parse
the GRUB configuration file.
But in some cases the core.img can't be generated on the host and instead
has to be done at package build time. For example, if needs to get signed
with a key that's only available on the package building infrastructure.
If that's the case, the prefix variable won't have a device and partition
but only a directory path. So there's no way for GRUB to know from which
device has to read the configuration file.
To allow GRUB to continue working on that scenario, fallback to iterating
over all the available devices, if reading the config failed when using
the prefix and fw_path variables.
Related: rhbz#1899864
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/normal/main.c | 58 +++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 51 insertions(+), 7 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 49141039f8f..93f33c16732 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -333,16 +333,11 @@ grub_enter_normal_mode (const char *config)
}
static grub_err_t
-grub_try_normal (const char *variable)
+grub_try_normal_prefix (const char *prefix)
{
char *config;
- const char *prefix;
grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
- prefix = grub_env_get (variable);
- if (!prefix)
- return GRUB_ERR_FILE_NOT_FOUND;
-
if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0)
{
grub_size_t config_len;
@@ -351,7 +346,7 @@ grub_try_normal (const char *variable)
config = grub_malloc (config_len);
if (! config)
- return GRUB_ERR_FILE_NOT_FOUND;
+ return err;
grub_snprintf (config, config_len, "%s/grub.cfg", prefix);
err = grub_net_search_configfile (config);
@@ -380,6 +375,53 @@ grub_try_normal (const char *variable)
return err;
}
+static int
+grub_try_normal_dev (const char *name, void *data)
+{
+ grub_err_t err;
+ const char *prefix = grub_xasprintf ("(%s)%s", name, (char *)data);
+
+ if (!prefix)
+ return 0;
+
+ err = grub_try_normal_prefix (prefix);
+ if (err == GRUB_ERR_NONE)
+ return 1;
+
+ return 0;
+}
+
+static grub_err_t
+grub_try_normal_discover (void)
+{
+ char *prefix = grub_env_get ("prefix");
+ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
+
+ if (!prefix)
+ return err;
+
+ if (grub_device_iterate (grub_try_normal_dev, (void *)prefix))
+ return GRUB_ERR_NONE;
+
+ return err;
+}
+
+static grub_err_t
+grub_try_normal (const char *variable)
+{
+ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
+ const char *prefix;
+
+ if (!variable)
+ return err;
+
+ prefix = grub_env_get (variable);
+ if (!prefix)
+ return err;
+
+ return grub_try_normal_prefix (prefix);
+}
+
/* Enter normal mode from rescue mode. */
static grub_err_t
grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
@@ -394,6 +436,8 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
err = grub_try_normal ("fw_path");
if (err == GRUB_ERR_FILE_NOT_FOUND)
err = grub_try_normal ("prefix");
+ if (err == GRUB_ERR_FILE_NOT_FOUND)
+ err = grub_try_normal_discover ();
if (err == GRUB_ERR_FILE_NOT_FOUND)
grub_enter_normal_mode (0);
}

75
SOURCES/0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch Normal file
View File

@ -0,0 +1,75 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Mon, 19 Jul 2021 14:35:55 +1000
Subject: [PATCH] powerpc: adjust setting of prefix for signed binary case
On RHEL-signed powerpc grub, we sign a grub with -p /grub2 and expect
that there's a boot partition.
Unfortunately grub_set_prefix_and_root tries to convert this to
($fwdevice)/grub2. This ends up being (ieee1275/disk)/grub2 and that
falls apart pretty quickly - there's no file-system on ieee1275/disk,
and it makes the search routine try things like
(ieee1275/disk,msdos2)(ieee1275/disk)/grub2 which also doesn't work.
Detect if we would be about to create (ieee1275/disk)/path and don't:
preserve a prefix of /path instead and hope the search later finds us.
Related: rhbz#1899864
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/kern/main.c | 38 +++++++++++++++++++++++++++++++++-----
1 file changed, 33 insertions(+), 5 deletions(-)
diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
index 9bf6a8b231a..25dbcfef1f6 100644
--- a/grub-core/kern/main.c
+++ b/grub-core/kern/main.c
@@ -215,13 +215,41 @@ grub_set_prefix_and_root (void)
if (device)
{
char *prefix_set;
-
- prefix_set = grub_xasprintf ("(%s)%s", device, path ? : "");
- if (prefix_set)
+
+#ifdef __powerpc__
+ /* We have to be careful here on powerpc-ieee1275 + signed grub. We
+ will have signed something with a prefix that doesn't have a device
+ because we cannot know in advance what partition we're on.
+
+ We will have had !device earlier, so we will have set device=fwdevice
+ However, we want to make sure we do not end up setting prefix to be
+ ($fwdevice)/path, because we will then end up trying to boot or search
+ based on a prefix of (ieee1275/disk)/path, which will not work because
+ it's missing a partition.
+
+ Also:
+ - You can end up with a device with an FS directly on it, without
+ a partition, e.g. ieee1275/cdrom.
+
+ - powerpc-ieee1275 + grub-install sets e.g. prefix=(,gpt2)/path,
+ which will have now been extended to device=$fwdisk,partition
+ and path=/path
+
+ So we only need to act if device = ieee1275/disk exactly.
+ */
+ if (grub_strncmp (device, "ieee1275/disk", 14) == 0)
+ grub_env_set ("prefix", path);
+ else
+#endif
{
- grub_env_set ("prefix", prefix_set);
- grub_free (prefix_set);
+ prefix_set = grub_xasprintf ("(%s)%s", device, path ? : "");
+ if (prefix_set)
+ {
+ grub_env_set ("prefix", prefix_set);
+ grub_free (prefix_set);
+ }
}
+
grub_env_set ("root", device);
}

43
SOURCES/0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch Normal file
View File

@ -0,0 +1,43 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Mon, 16 Aug 2021 16:01:47 +1000
Subject: [PATCH] powerpc: fix prefix + signed grub special case for PowerVM
Mea culpa: when testing the PowerPC special case for signed grub, I
assumed qemu and PowerVM would behave identically. This was wrong, and
with hindsight a pretty dumb error.
This fixes it. This time, I am actually testing on PowerVM.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/kern/main.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
index 25dbcfef1f6..40a709117f1 100644
--- a/grub-core/kern/main.c
+++ b/grub-core/kern/main.c
@@ -235,9 +235,20 @@ grub_set_prefix_and_root (void)
which will have now been extended to device=$fwdisk,partition
and path=/path
- So we only need to act if device = ieee1275/disk exactly.
+ - PowerVM will give us device names like
+ ieee1275//vdevice/v-scsi@3000006c/disk@8100000000000000
+ and we don't want to try to encode some sort of truth table about
+ what sorts of paths represent disks with partition tables and those
+ without partition tables.
+
+ So we act unless there is a comma in the device, which would indicate
+ a partition has already been specified.
+
+ (If we only have a path, the code in normal to discover config files
+ will try both without partitions and then with any partitions so we
+ will cover both CDs and HDs.)
*/
- if (grub_strncmp (device, "ieee1275/disk", 14) == 0)
+ if (grub_strchr (device, ',') == NULL)
grub_env_set ("prefix", path);
else
#endif

10
SOURCES/20-grub.install
View File

@ -75,6 +75,14 @@ case "$COMMAND" in
command -v restorecon &>/dev/null && \
restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
fi
# symvers is symvers-<version>.gz symlink, needs a special treatment
i="$KERNEL_DIR/symvers.gz"
if [[ -e "$i" ]]; then
rm -f "/boot/symvers-${KERNEL_VERSION}.gz"
ln -s "$i" "/boot/symvers-${KERNEL_VERSION}.gz"
command -v restorecon &>/dev/null && \
restorecon "/boot/symvers-${KERNEL_VERSION}.gz"
fi
fi
if [[ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]] || [[ ! -f /sbin/new-kernel-pkg ]]; then
@ -154,6 +162,8 @@ case "$COMMAND" in
done
# hmac is .vmlinuz-<version>.hmac so needs a special treatment
rm -f "/boot/.vmlinuz-${KERNEL_VERSION}.hmac"
# symvers is symvers-<version>.gz symlink, needs a special treatment
rm -f "/boot/symvers-${KERNEL_VERSION}.gz"
exit 0
fi

117
SOURCES/grub.macros
View File

@ -71,6 +71,7 @@
%global with_legacy_arch 0
%global grubefiarch %{nil}
%global grublegacyarch %{nil}
%global grubelfname %{nil}
# sparc is always compiled 64 bit
%ifarch %{sparc}
@ -108,13 +109,24 @@
%{!?with_efi_only:%global without_efi_only 0}
%{?with_efi_only:%global without_efi_only 1}
### fixme
%ifarch aarch64 %{arm}
%global platform_modules " "
%else
%ifarch %{efi_arch}
%global efi_modules " efi_netfs efifwsetup efinet lsefi lsefimmap "
%endif
%ifarch x86_64 %{ix86}
%global platform_modules " backtrace chain usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard "
%endif
%ifarch ppc64le
%global platform_modules " appendedsig "
%endif
%ifarch aarch64 %{arm}
%global platform_modules " "
%endif
%ifarch aarch64 %{arm}
%global legacy_provides -l
%endif
@ -203,6 +215,7 @@
%global with_legacy_arch 1
%global grublegacyarch %{legacy_target_cpu_name}-%{platform}
%global moduledir %{legacy_target_cpu_name}-%{platform}
%global grubelfname core.elf
%endif
%global evr %{epoch}:%{version}-%{release}
@ -366,45 +379,85 @@ for x in grub-mkimage ; do \\\
done \
%{nil}
%global grub_modules " all_video boot blscfg btrfs \\\
cat configfile cryptodisk echo ext2 \\\
fat font gcry_rijndael gcry_rsa gcry_serpent \\\
gcry_sha256 gcry_twofish gcry_whirlpool \\\
gfxmenu gfxterm gzio halt hfsplus http \\\
increment iso9660 jpeg loadenv loopback linux \\\
lvm luks mdraid09 mdraid1x minicmd net \\\
normal part_apple part_msdos part_gpt \\\
password_pbkdf2 png reboot regexp search \\\
search_fs_uuid search_fs_file search_label \\\
serial sleep syslinuxcfg test tftp video xfs" \
%ifarch x86_64 aarch64 %{arm}
%define mkimage() \
%define efi_mkimage() \
%{4}./grub-mkimage -O %{1} -o %{2}.orig \\\
-p /EFI/%{efi_vendor} -d grub-core ${GRUB_MODULES} \\\
--sbat %{4}./sbat.csv \
-p /EFI/%{efi_vendor} -d grub-core \\\
--sbat %{4}./sbat.csv \\\
${GRUB_MODULES} \
%{4}./grub-mkimage -O %{1} -o %{3}.orig \\\
-p /EFI/BOOT -d grub-core ${GRUB_MODULES} \\\
--sbat %{4}./sbat.csv \
-p /EFI/BOOT -d grub-core \\\
--sbat %{4}./sbat.csv \\\
${GRUB_MODULES} \
%{expand:%%{pesign -s -i %%{2}.orig -o %%{2}.one -a %%{5} -c %%{6} -n %%{7}}} \
%{expand:%%{pesign -s -i %%{3}.orig -o %%{3}.one -a %%{5} -c %%{6} -n %%{7}}} \
%{expand:%%{pesign -s -i %%{2}.one -o %%{2} -a %%{8} -c %%{9} -n %%{10}}} \
%{expand:%%{pesign -s -i %%{3}.one -o %%{3} -a %%{8} -c %%{9} -n %%{10}}} \
%{nil}
%else
%define mkimage() \
%define efi_mkimage() \
%{4}./grub-mkimage -O %{1} -o %{2} \\\
-p /EFI/%{efi_vendor} -d grub-core ${GRUB_MODULES} \
-p /EFI/%{efi_vendor} -d grub-core \\\
${GRUB_MODULES} \
%{4}./grub-mkimage -O %{1} -o %{3} \\\
-p /EFI/BOOT -d grub-core ${GRUB_MODULES} \
-p /EFI/BOOT -d grub-core \\\
${GRUB_MODULES} \
%{nil}
%endif
%ifarch ppc64le
%define ieee1275_mkimage() \
APPENDED_SIG_SIZE=0 \
if [ -x /usr/bin/rpm-sign ]; then \
touch empty.unsigned \
rpm-sign --key %{5} \\\
--lkmsign empty.unsigned \\\
--output empty.signed \
APPENDED_SIG_SIZE="$(stat -c '%s' empty.signed)" \
rm empty.{un,}signed \
fi \
# FIXME: using this prefix is fragile, must be done properly \
./grub-mkimage -O %{1} -o %{2}.orig \\\
-p '/grub2' -d grub-core \\\
-x %{3} -x %{4} \\\
--appended-signature-size ${APPENDED_SIG_SIZE} \\\
${GRUB_MODULES} \
if [ -x /usr/bin/rpm-sign ]; then \
truncate -s -${APPENDED_SIG_SIZE} %{2}.orig \
rpm-sign --key %{5} \\\
--lkmsign %{2}.orig \\\
--output %{2} \
else \
mv %{2}.orig %{2} \
fi \
%{nil}
%endif
%define do_efi_build_images() \
GRUB_MODULES=" all_video boot blscfg btrfs \\\
cat configfile cryptodisk \\\
echo efi_netfs efifwsetup efinet ext2 \\\
fat font gcry_rijndael gcry_rsa gcry_serpent \\\
gcry_sha256 gcry_twofish gcry_whirlpool \\\
gfxmenu gfxterm gzio \\\
halt hfsplus http increment iso9660 jpeg \\\
loadenv loopback linux lvm lsefi lsefimmap luks \\\
mdraid09 mdraid1x minicmd net \\\
normal part_apple part_msdos part_gpt \\\
password_pbkdf2 png reboot \\\
regexp search search_fs_uuid search_fs_file \\\
search_label serial sleep syslinuxcfg test tftp \\\
video xfs" \
GRUB_MODULES+=%{grub_modules} \
GRUB_MODULES+=%{efi_modules} \
GRUB_MODULES+=%{platform_modules} \
%{expand:%%{mkimage %{1} %{2} %{3} %{4} %{5} %{6} %{7} %{8} %{9} %{10}}} \
%{expand:%%{efi_mkimage %{1} %{2} %{3} %{4} %{5} %{6} %{7} %{8} %{9} %{10}}} \
%{nil}
%define do_ieee1275_build_images() \
GRUB_MODULES+=%{grub_modules} \
GRUB_MODULES+=%{platform_modules} \
cd grub-%{1}-%{tarversion} \
%{expand:%%ieee1275_mkimage %%{1} %%{2} %%{3} %%{4} %%{5}} \
cd .. \
%{nil}
%define do_primary_efi_build() \
@ -501,6 +554,9 @@ fi \
if [ -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info ]; then \
rm -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info \
fi \
%{expand:%ifarch ppc64le \
install -m 700 %{grubelfname} $RPM_BUILD_ROOT/%{_libdir}/grub/%{1} \
%endif} \
ln -s ../boot/%{name}/grub.cfg \\\
${RPM_BUILD_ROOT}%{_sysconfdir}/grub2.cfg \
if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp ]; then \
@ -542,12 +598,19 @@ touch ${RPM_BUILD_ROOT}/boot/%{name}/grub.cfg \
%config(noreplace) %{_sysconfdir}/%{name}.cfg \
%ghost %config(noreplace) /boot/%{name}/grub.cfg \
%dir %attr(0700,root,root)/boot/loader/entries \
%ifarch ppc64le \
%dir %{_libdir}/grub/%{2}/ \
%{_libdir}/grub/%{2}/%{grubelfname} \
%endif \
\
%{expand:%if 0%{?with_legacy_modules} \
%{expand:%%files %{1}-modules} \
%defattr(-,root,root) \
%dir %{_libdir}/grub/%{2}/ \
%{_libdir}/grub/%{2}/* \
%ifarch ppc64le \
%exclude %{_libdir}/grub/%{2}/%{grubelfname} \
%endif \
%exclude %{_libdir}/grub/%{2}/*.module \
%exclude %{_libdir}/grub/%{2}/{boot,boot_hybrid,cdboot,diskboot,lzma_decompress,pxeboot}.image \
%exclude %{_libdir}/grub/%{2}/*.o \

9
SOURCES/grub.patches
View File

@ -478,4 +478,11 @@ Patch0477: 0477-kern-misc-Add-function-to-check-printf-format-agains.patch
Patch0478: 0478-gfxmenu-gui-Check-printf-format-in-the-gui_progress_.patch
Patch0479: 0479-kern-mm-Fix-grub_debug_calloc-compilation-error.patch
Patch0480: 0480-efi-net-Fix-malformed-device-path-arithmetic-errors-.patch
Patch0481: 0481-ieee1275-ofdisk-retry-on-open-failure.patch
Patch0481: 0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch
Patch0482: 0482-ieee1275-claim-more-memory.patch
Patch0483: 0483-ieee1275-request-memory-with-ibm-client-architecture.patch
Patch0484: 0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch
Patch0485: 0485-ieee1275-ofdisk-retry-on-open-failure.patch
Patch0486: 0486-normal-main-Discover-the-device-to-read-the-config-f.patch
Patch0487: 0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch
Patch0488: 0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch

BIN
SOURCES/redhatsecureboot303.cer Normal file
View File

Binary file not shown.

BIN
SOURCES/redhatsecureboot601.cer Normal file
View File

Binary file not shown.

61
SPECS/grub2.spec
View File

@ -7,7 +7,7 @@
Name: grub2
Epoch: 1
Version: 2.02
Release: 99%{?dist}.1
Release: 106%{?dist}
Summary: Bootloader with support for Linux, Multiboot and more
Group: System Environment/Base
License: GPLv3+
@ -28,10 +28,27 @@ Source13: redhatsecurebootca3.cer
Source14: redhatsecureboot301.cer
Source15: redhatsecurebootca5.cer
Source16: redhatsecureboot502.cer
Source17: sbat.csv.in
Source17: redhatsecureboot303.cer
Source18: redhatsecureboot601.cer
Source19: sbat.csv.in
%include %{SOURCE1}
%if 0%{with_efi_arch}
%define old_sb_ca %{SOURCE13}
%define old_sb_cer %{SOURCE14}
%define old_sb_key redhatsecureboot301
%define sb_ca %{SOURCE15}
%define sb_cer %{SOURCE16}
%define sb_key redhatsecureboot502
%endif
%ifarch ppc64le
%define old_sb_cer %{SOURCE17}
%define sb_cer %{SOURCE18}
%define sb_key redhatsecureboot602
%endif
# generate with do-rebase
%include %{SOURCE2}
@ -149,7 +166,7 @@ This subpackage provides tools for support of all platforms.
mkdir grub-%{grubefiarch}-%{tarversion}
grep -A100000 '# stuff "make" creates' .gitignore > grub-%{grubefiarch}-%{tarversion}/.gitignore
cp %{SOURCE4} grub-%{grubefiarch}-%{tarversion}/unifont.pcf.gz
sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE17} \
sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE19} \
> grub-%{grubefiarch}-%{tarversion}/sbat.csv
git add grub-%{grubefiarch}-%{tarversion}
%endif
@ -169,14 +186,17 @@ git commit -m "After making subdirs"
%build
%if 0%{with_efi_arch}
%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{SOURCE13} %{SOURCE14} redhatsecureboot301 %{SOURCE15} %{SOURCE16} redhatsecureboot502}
%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{old_sb_ca} %{old_sb_cer} %{old_sb_key} %{sb_ca} %{sb_cer} %{sb_key}}
%endif
%if 0%{with_alt_efi_arch}
%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{SOURCE13} %{SOURCE14} redhatsecureboot301 %{SOURCE15} %{SOURCE16} redhatsecureboot502}
%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{old_sb_ca} %{old_sb_cer} %{old_sb_key} %{sb_ca} %{sb_cer} %{sb_key}}
%endif
%if 0%{with_legacy_arch}
%{expand:%do_legacy_build %%{grublegacyarch}}
%endif
%ifarch ppc64le
%{expand:%do_ieee1275_build_images %%{grublegacyarch} %{grubelfname} %{old_sb_cer} %{sb_cer} %{sb_key}}
%endif
makeinfo --info --no-split -I docs -o docs/grub-dev.info \
docs/grub-dev.texi
makeinfo --info --no-split -I docs -o docs/grub.info \
@ -503,9 +523,33 @@ fi
%endif
%changelog
* Mon May 17 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-99.el8_4.1
* Thu Aug 19 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-106
- Fix device discoverability on PowerVM when the prefix is not set (dja)
Related: rhbz#1899864
* Thu Jul 22 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-105
- Discover the device to read the config from as a fallback
Related: rhbz#1899864
* Mon Jun 21 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-104
- 20-grub-install: Create a symvers.gz symbolic link
Resolves: rhbz#1919125
* Mon May 17 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-103
- Fix boot failures in ppc64le caused by storage race condition (diegodo)
Resolves: rhbz#1961265
Resolves: rhbz#1942152
* Tue May 11 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-102
- Build and sign powerpc-ieee1275 images
Related: rhbz#1899864
* Fri Apr 23 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-101
- Find and claim more memory for ieee1275 (dja)
Related: rhbz#1853410
* Fri Apr 23 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-100
- Sync with the latest content of the rhel-8.4.0 branch
Resolves: rhbz#1952840
* Thu Feb 25 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-99
- Fix bug of grub2-install not checking for the SBAT option
@ -529,13 +573,10 @@ fi
* Tue Feb 23 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-97
- Fix keylayouts module listed twice in GRUB_MODULES variable
Related: rhbz#1897587
* Tue Feb 23 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-96
- Fix "Add 'at_keyboard_fallback_set' var to force the set manually"
Related: rhbz#1897587
- Fix a boot failure due patch "ieee1275: claim up to 256MB memory"
Resolves: rhbz#1929111
* Tue Jan 26 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-95
- Add appended signatures support for ppc64le LPAR Secure Boot (daxtens)