diff --git a/.gitignore b/.gitignore index 19364b8..9bde6f1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ grub-*.tar.?z *.rpm clog -/unifont-5.1.20080820.pcf.gz +/unifont-*.pcf.?z /theme.tar.bz2 kojilogs /grub-*/ diff --git a/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch b/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch new file mode 100644 index 0000000..fcc7825 --- /dev/null +++ b/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch @@ -0,0 +1,24 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Fri, 11 Jun 2021 12:10:45 +0200 +Subject: [PATCH] Revert "templates: Fix user-facing typo with an incorrect use + of "it's"" + +This reverts commit 722737630889607c3b5761f1f5a48f1674cd2821. +--- + util/grub.d/30_os-prober.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in +index 5984e92d291..94622481284 100644 +--- a/util/grub.d/30_os-prober.in ++++ b/util/grub.d/30_os-prober.in +@@ -36,7 +36,7 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n + exit 0 + fi + +-grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIts output will be used to detect bootable binaries on them and create new boot entries.")" ++grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")" + + OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`" + if [ -z "${OSPROBED}" ] ; then diff --git a/0195-Revert-templates-Properly-disable-the-os-prober-by-d.patch b/0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch similarity index 91% rename from 0195-Revert-templates-Properly-disable-the-os-prober-by-d.patch rename to 0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch index 6c2b8a4..4187765 100644 --- a/0195-Revert-templates-Properly-disable-the-os-prober-by-d.patch +++ b/0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch @@ -1,6 +1,6 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas -Date: Fri, 12 Mar 2021 23:25:01 +0100 +Date: Fri, 11 Jun 2021 12:10:54 +0200 Subject: [PATCH] Revert "templates: Properly disable the os-prober by default" This reverts commit 54e0a1bbf1e9106901a557195bb35e5e20fb3925. @@ -10,10 +10,10 @@ This reverts commit 54e0a1bbf1e9106901a557195bb35e5e20fb3925. 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 1a70b7ea056..f55339a3f64 100644 +index f8cbb8d7a2b..d3e879b8e5c 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in -@@ -147,9 +147,6 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2 +@@ -140,9 +140,6 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2 GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`" GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true @@ -23,7 +23,7 @@ index 1a70b7ea056..f55339a3f64 100644 # Filesystem for the device containing our userland. Used for stuff like # choosing Hurd filesystem module. GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`" -@@ -213,7 +210,6 @@ export GRUB_DEVICE \ +@@ -204,7 +201,6 @@ export GRUB_DEVICE \ GRUB_DEVICE_PARTUUID \ GRUB_DEVICE_BOOT \ GRUB_DEVICE_BOOT_UUID \ @@ -31,7 +31,7 @@ index 1a70b7ea056..f55339a3f64 100644 GRUB_FS \ GRUB_FONT \ GRUB_PRELOAD_MODULES \ -@@ -255,6 +251,7 @@ export GRUB_DEFAULT \ +@@ -246,6 +242,7 @@ export GRUB_DEFAULT \ GRUB_BACKGROUND \ GRUB_THEME \ GRUB_GFXPAYLOAD_LINUX \ @@ -40,7 +40,7 @@ index 1a70b7ea056..f55339a3f64 100644 GRUB_SAVEDEFAULT \ GRUB_ENABLE_CRYPTODISK \ diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 21bbace4647..7591edc58ed 100644 +index 94622481284..80685b15f4d 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in @@ -26,8 +26,8 @@ export TEXTDOMAINDIR="@localedir@" diff --git a/0196-Revert-templates-Disable-the-os-prober-by-default.patch b/0003-Revert-templates-Disable-the-os-prober-by-default.patch similarity index 88% rename from 0196-Revert-templates-Disable-the-os-prober-by-default.patch rename to 0003-Revert-templates-Disable-the-os-prober-by-default.patch index b97c4c7..68cacfc 100644 --- a/0196-Revert-templates-Disable-the-os-prober-by-default.patch +++ b/0003-Revert-templates-Disable-the-os-prober-by-default.patch @@ -1,6 +1,6 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas -Date: Fri, 12 Mar 2021 23:26:15 +0100 +Date: Fri, 11 Jun 2021 12:10:58 +0200 Subject: [PATCH] Revert "templates: Disable the os-prober by default" This reverts commit e346414725a70e5c74ee87ca14e580c66f517666. @@ -10,28 +10,28 @@ This reverts commit e346414725a70e5c74ee87ca14e580c66f517666. 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/docs/grub.texi b/docs/grub.texi -index cb5804fd6fe..d183575bc18 100644 +index f8b4b3b21a7..69f08d289f9 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -1526,13 +1526,10 @@ boot sequence. If you have problems, set this option to @samp{text} and +@@ -1519,13 +1519,10 @@ boot sequence. If you have problems, set this option to @samp{text} and GRUB will tell Linux to boot in normal text mode. @item GRUB_DISABLE_OS_PROBER --The @command{grub2-mkconfig} has a feature to use the external +-The @command{grub-mkconfig} has a feature to use the external -@command{os-prober} program to discover other operating systems installed on -the same machine and generate appropriate menu entries for them. It is disabled -by default since automatic and silent execution of @command{os-prober}, and -creating boot entries based on that data, is a potential attack vector. Set -this option to @samp{false} to enable this feature in the --@command{grub2-mkconfig} command. -+Normally, @command{grub2-mkconfig} will try to use the external +-@command{grub-mkconfig} command. ++Normally, @command{grub-mkconfig} will try to use the external +@command{os-prober} program, if installed, to discover other operating +systems installed on the same system and generate appropriate menu entries +for them. Set this option to @samp{true} to disable this. @item GRUB_OS_PROBER_SKIP_LIST List of space-separated FS UUIDs of filesystems to be ignored from os-prober -@@ -1860,9 +1857,10 @@ than zero; otherwise 0. +@@ -1853,9 +1850,10 @@ than zero; otherwise 0. @section Multi-boot manual config Currently autogenerating config files for multi-boot environments depends on @@ -46,7 +46,7 @@ index cb5804fd6fe..d183575bc18 100644 First create a separate GRUB partition, big enough to hold GRUB. Some of the following entries show how to load OS installer images from this same partition, diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 7591edc58ed..3c9431cfcfb 100644 +index 80685b15f4d..1b91c102f35 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in @@ -26,8 +26,7 @@ export TEXTDOMAINDIR="@localedir@" diff --git a/0001-Add-support-for-Linux-EFI-stub-loading.patch b/0004-Add-support-for-Linux-EFI-stub-loading.patch similarity index 99% rename from 0001-Add-support-for-Linux-EFI-stub-loading.patch rename to 0004-Add-support-for-Linux-EFI-stub-loading.patch index 74044b8..73d231a 100644 --- a/0001-Add-support-for-Linux-EFI-stub-loading.patch +++ b/0004-Add-support-for-Linux-EFI-stub-loading.patch @@ -166,7 +166,7 @@ index 8cff7be0289..35b8f670602 100644 /* Search the mods section from the PE32/PE32+ image. This code uses diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 0cdb063bb1b..74360542062 100644 +index 9838fb2f50d..f6aef0ef649 100644 --- a/grub-core/kern/efi/mm.c +++ b/grub-core/kern/efi/mm.c @@ -113,6 +113,38 @@ grub_efi_drop_alloc (grub_efi_physical_address_t address, diff --git a/0002-Rework-linux-command.patch b/0005-Rework-linux-command.patch similarity index 100% rename from 0002-Rework-linux-command.patch rename to 0005-Rework-linux-command.patch diff --git a/0003-Rework-linux16-command.patch b/0006-Rework-linux16-command.patch similarity index 100% rename from 0003-Rework-linux16-command.patch rename to 0006-Rework-linux16-command.patch diff --git a/0004-Add-secureboot-support-on-efi-chainloader.patch b/0007-Add-secureboot-support-on-efi-chainloader.patch similarity index 100% rename from 0004-Add-secureboot-support-on-efi-chainloader.patch rename to 0007-Add-secureboot-support-on-efi-chainloader.patch diff --git a/0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch b/0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch similarity index 100% rename from 0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch rename to 0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch diff --git a/0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch b/0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch similarity index 100% rename from 0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch rename to 0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch diff --git a/0007-re-write-.gitignore.patch b/0010-re-write-.gitignore.patch similarity index 100% rename from 0007-re-write-.gitignore.patch rename to 0010-re-write-.gitignore.patch diff --git a/0008-IBM-client-architecture-CAS-reboot-support.patch b/0011-IBM-client-architecture-CAS-reboot-support.patch similarity index 100% rename from 0008-IBM-client-architecture-CAS-reboot-support.patch rename to 0011-IBM-client-architecture-CAS-reboot-support.patch diff --git a/0009-for-ppc-reset-console-display-attr-when-clear-screen.patch b/0012-for-ppc-reset-console-display-attr-when-clear-screen.patch similarity index 97% rename from 0009-for-ppc-reset-console-display-attr-when-clear-screen.patch rename to 0012-for-ppc-reset-console-display-attr-when-clear-screen.patch index fd86ef1..c8bb9d3 100644 --- a/0009-for-ppc-reset-console-display-attr-when-clear-screen.patch +++ b/0012-for-ppc-reset-console-display-attr-when-clear-screen.patch @@ -15,7 +15,7 @@ Signed-off-by: Peter Jones 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c -index cd720080375..44d0b3b19fb 100644 +index 85ecf06b4df..05c88dcf49e 100644 --- a/grub-core/term/terminfo.c +++ b/grub-core/term/terminfo.c @@ -151,7 +151,7 @@ grub_terminfo_set_current (struct grub_term_output *term, diff --git a/0010-Disable-GRUB-video-support-for-IBM-power-machines.patch b/0013-Disable-GRUB-video-support-for-IBM-power-machines.patch similarity index 100% rename from 0010-Disable-GRUB-video-support-for-IBM-power-machines.patch rename to 0013-Disable-GRUB-video-support-for-IBM-power-machines.patch diff --git a/0011-Move-bash-completion-script-922997.patch b/0014-Move-bash-completion-script-922997.patch similarity index 97% rename from 0011-Move-bash-completion-script-922997.patch rename to 0014-Move-bash-completion-script-922997.patch index 606e39b..6bf0b4b 100644 --- a/0011-Move-bash-completion-script-922997.patch +++ b/0014-Move-bash-completion-script-922997.patch @@ -10,7 +10,7 @@ Apparently these go in a new place now. 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 74719416c4c..c0103b30d4e 100644 +index 7517fc49d98..8331f95b645 100644 --- a/configure.ac +++ b/configure.ac @@ -314,6 +314,14 @@ AC_SUBST(grubdirname) diff --git a/0012-Allow-fallback-to-include-entries-by-title-not-just-.patch b/0015-Allow-fallback-to-include-entries-by-title-not-just-.patch similarity index 100% rename from 0012-Allow-fallback-to-include-entries-by-title-not-just-.patch rename to 0015-Allow-fallback-to-include-entries-by-title-not-just-.patch diff --git a/0013-Make-exit-take-a-return-code.patch b/0016-Make-exit-take-a-return-code.patch similarity index 100% rename from 0013-Make-exit-take-a-return-code.patch rename to 0016-Make-exit-take-a-return-code.patch diff --git a/0014-Make-efi-machines-load-an-env-block-from-a-variable.patch b/0017-Make-efi-machines-load-an-env-block-from-a-variable.patch similarity index 100% rename from 0014-Make-efi-machines-load-an-env-block-from-a-variable.patch rename to 0017-Make-efi-machines-load-an-env-block-from-a-variable.patch diff --git a/0015-Migrate-PPC-from-Yaboot-to-Grub2.patch b/0018-Migrate-PPC-from-Yaboot-to-Grub2.patch similarity index 100% rename from 0015-Migrate-PPC-from-Yaboot-to-Grub2.patch rename to 0018-Migrate-PPC-from-Yaboot-to-Grub2.patch diff --git a/0016-Add-fw_path-variable-revised.patch b/0019-Add-fw_path-variable-revised.patch similarity index 100% rename from 0016-Add-fw_path-variable-revised.patch rename to 0019-Add-fw_path-variable-revised.patch diff --git a/0017-Pass-x-hex-hex-straight-through-unmolested.patch b/0020-Pass-x-hex-hex-straight-through-unmolested.patch similarity index 100% rename from 0017-Pass-x-hex-hex-straight-through-unmolested.patch rename to 0020-Pass-x-hex-hex-straight-through-unmolested.patch diff --git a/0018-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch b/0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch similarity index 100% rename from 0018-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch rename to 0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch diff --git a/0019-Add-devicetree-loading.patch b/0022-Add-devicetree-loading.patch similarity index 96% rename from 0019-Add-devicetree-loading.patch rename to 0022-Add-devicetree-loading.patch index e55047e..c0728a9 100644 --- a/0019-Add-devicetree-loading.patch +++ b/0022-Add-devicetree-loading.patch @@ -20,10 +20,10 @@ Signed-off-by: David A. Marlin 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index f8cbb8d7a2b..91d761bae80 100644 +index d3e879b8e5c..8ea2315ebc2 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in -@@ -251,7 +251,8 @@ export GRUB_DEFAULT \ +@@ -248,7 +248,8 @@ export GRUB_DEFAULT \ GRUB_ENABLE_CRYPTODISK \ GRUB_BADRAM \ GRUB_OS_PROBER_SKIP_LIST \ diff --git a/0020-Don-t-write-messages-to-the-screen.patch b/0023-Don-t-write-messages-to-the-screen.patch similarity index 100% rename from 0020-Don-t-write-messages-to-the-screen.patch rename to 0023-Don-t-write-messages-to-the-screen.patch diff --git a/0021-Don-t-print-GNU-GRUB-header.patch b/0024-Don-t-print-GNU-GRUB-header.patch similarity index 100% rename from 0021-Don-t-print-GNU-GRUB-header.patch rename to 0024-Don-t-print-GNU-GRUB-header.patch diff --git a/0022-Don-t-add-to-highlighted-row.patch b/0025-Don-t-add-to-highlighted-row.patch similarity index 100% rename from 0022-Don-t-add-to-highlighted-row.patch rename to 0025-Don-t-add-to-highlighted-row.patch diff --git a/0023-Message-string-cleanups.patch b/0026-Message-string-cleanups.patch similarity index 100% rename from 0023-Message-string-cleanups.patch rename to 0026-Message-string-cleanups.patch diff --git a/0024-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch b/0027-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch similarity index 100% rename from 0024-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch rename to 0027-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch diff --git a/0025-Use-the-correct-indentation-for-the-term-help-text.patch b/0028-Use-the-correct-indentation-for-the-term-help-text.patch similarity index 100% rename from 0025-Use-the-correct-indentation-for-the-term-help-text.patch rename to 0028-Use-the-correct-indentation-for-the-term-help-text.patch diff --git a/0026-Indent-menu-entries.patch b/0029-Indent-menu-entries.patch similarity index 100% rename from 0026-Indent-menu-entries.patch rename to 0029-Indent-menu-entries.patch diff --git a/0027-Fix-margins.patch b/0030-Fix-margins.patch similarity index 100% rename from 0027-Fix-margins.patch rename to 0030-Fix-margins.patch diff --git a/0028-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch b/0031-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch similarity index 100% rename from 0028-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch rename to 0031-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch diff --git a/0029-Enable-pager-by-default.-985860.patch b/0032-Enable-pager-by-default.-985860.patch similarity index 100% rename from 0029-Enable-pager-by-default.-985860.patch rename to 0032-Enable-pager-by-default.-985860.patch diff --git a/0030-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch b/0033-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch similarity index 100% rename from 0030-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch rename to 0033-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch diff --git a/0031-Don-t-say-GNU-Linux-in-generated-menus.patch b/0034-Don-t-say-GNU-Linux-in-generated-menus.patch similarity index 100% rename from 0031-Don-t-say-GNU-Linux-in-generated-menus.patch rename to 0034-Don-t-say-GNU-Linux-in-generated-menus.patch diff --git a/0032-Don-t-draw-a-border-around-the-menu.patch b/0035-Don-t-draw-a-border-around-the-menu.patch similarity index 100% rename from 0032-Don-t-draw-a-border-around-the-menu.patch rename to 0035-Don-t-draw-a-border-around-the-menu.patch diff --git a/0033-Use-the-standard-margin-for-the-timeout-string.patch b/0036-Use-the-standard-margin-for-the-timeout-string.patch similarity index 100% rename from 0033-Use-the-standard-margin-for-the-timeout-string.patch rename to 0036-Use-the-standard-margin-for-the-timeout-string.patch diff --git a/0034-Add-.eh_frame-to-list-of-relocations-stripped.patch b/0037-Add-.eh_frame-to-list-of-relocations-stripped.patch similarity index 100% rename from 0034-Add-.eh_frame-to-list-of-relocations-stripped.patch rename to 0037-Add-.eh_frame-to-list-of-relocations-stripped.patch diff --git a/0035-Don-t-require-a-password-to-boot-entries-generated-b.patch b/0038-Don-t-require-a-password-to-boot-entries-generated-b.patch similarity index 100% rename from 0035-Don-t-require-a-password-to-boot-entries-generated-b.patch rename to 0038-Don-t-require-a-password-to-boot-entries-generated-b.patch diff --git a/0036-Don-t-emit-Booting-.-message.patch b/0039-Don-t-emit-Booting-.-message.patch similarity index 100% rename from 0036-Don-t-emit-Booting-.-message.patch rename to 0039-Don-t-emit-Booting-.-message.patch diff --git a/0037-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch b/0040-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch similarity index 99% rename from 0037-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch rename to 0040-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch index 7939965..daa6fae 100644 --- a/0037-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +++ b/0040-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch @@ -122,7 +122,7 @@ Replace a bunch of machine generated ones with ones that look nicer. create mode 100644 util/grub-sparc64-setup.8 diff --git a/configure.ac b/configure.ac -index c0103b30d4e..b8c4d52dfd1 100644 +index 8331f95b645..bec8535af70 100644 --- a/configure.ac +++ b/configure.ac @@ -77,6 +77,29 @@ grub_TRANSFORM([grub-set-default]) diff --git a/0038-use-fw_path-prefix-when-fallback-searching-for-grub-.patch b/0041-use-fw_path-prefix-when-fallback-searching-for-grub-.patch similarity index 100% rename from 0038-use-fw_path-prefix-when-fallback-searching-for-grub-.patch rename to 0041-use-fw_path-prefix-when-fallback-searching-for-grub-.patch diff --git a/0039-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch b/0042-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch similarity index 100% rename from 0039-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch rename to 0042-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch diff --git a/0040-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch b/0043-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch similarity index 100% rename from 0040-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch rename to 0043-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch diff --git a/0041-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch b/0044-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch similarity index 100% rename from 0041-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch rename to 0044-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch diff --git a/0042-Try-prefix-if-fw_path-doesn-t-work.patch b/0045-Try-prefix-if-fw_path-doesn-t-work.patch similarity index 100% rename from 0042-Try-prefix-if-fw_path-doesn-t-work.patch rename to 0045-Try-prefix-if-fw_path-doesn-t-work.patch diff --git a/0043-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch b/0046-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch similarity index 99% rename from 0043-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch rename to 0046-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch index fce5478..78a6fa1 100644 --- a/0043-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch +++ b/0046-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch @@ -26,7 +26,7 @@ Signed-off-by: Thierry Vignaud create mode 100644 util/grub-rpm-sort.8 diff --git a/configure.ac b/configure.ac -index b8c4d52dfd1..ac84a8ccf69 100644 +index bec8535af70..fdcb452581c 100644 --- a/configure.ac +++ b/configure.ac @@ -72,6 +72,7 @@ grub_TRANSFORM([grub-mkrelpath]) diff --git a/0044-Make-grub2-mkconfig-construct-titles-that-look-like-.patch b/0047-Make-grub2-mkconfig-construct-titles-that-look-like-.patch similarity index 100% rename from 0044-Make-grub2-mkconfig-construct-titles-that-look-like-.patch rename to 0047-Make-grub2-mkconfig-construct-titles-that-look-like-.patch diff --git a/0045-Add-friendly-grub2-password-config-tool-985962.patch b/0048-Add-friendly-grub2-password-config-tool-985962.patch similarity index 98% rename from 0045-Add-friendly-grub2-password-config-tool-985962.patch rename to 0048-Add-friendly-grub2-password-config-tool-985962.patch index 5767794..9807d0e 100644 --- a/0045-Add-friendly-grub2-password-config-tool-985962.patch +++ b/0048-Add-friendly-grub2-password-config-tool-985962.patch @@ -27,7 +27,7 @@ Andy Lutomirski create mode 100644 util/grub.d/01_users.in diff --git a/configure.ac b/configure.ac -index ac84a8ccf69..9ecd3540bd6 100644 +index fdcb452581c..30fd84d8067 100644 --- a/configure.ac +++ b/configure.ac @@ -72,6 +72,7 @@ grub_TRANSFORM([grub-mkrelpath]) @@ -70,10 +70,10 @@ index ba4cf4b29b0..1a7dd433e33 100644 name = grub-mkconfig_lib; common = util/grub-mkconfig_lib.in; diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 91d761bae80..3e4c6c5240b 100644 +index 8ea2315ebc2..ba14cf6261c 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in -@@ -279,6 +279,8 @@ for i in "${grub_mkconfig_dir}"/* ; do +@@ -276,6 +276,8 @@ for i in "${grub_mkconfig_dir}"/* ; do *~) ;; # emacsen autosave files. FIXME: support other editors */\#*\#) ;; diff --git a/0046-tcp-add-window-scaling-support.patch b/0049-tcp-add-window-scaling-support.patch similarity index 100% rename from 0046-tcp-add-window-scaling-support.patch rename to 0049-tcp-add-window-scaling-support.patch diff --git a/0047-efinet-and-bootp-add-support-for-dhcpv6.patch b/0050-efinet-and-bootp-add-support-for-dhcpv6.patch similarity index 99% rename from 0047-efinet-and-bootp-add-support-for-dhcpv6.patch rename to 0050-efinet-and-bootp-add-support-for-dhcpv6.patch index 96182c2..a9844b8 100644 --- a/0047-efinet-and-bootp-add-support-for-dhcpv6.patch +++ b/0050-efinet-and-bootp-add-support-for-dhcpv6.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Jones 6 files changed, 477 insertions(+), 14 deletions(-) diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index e33be51f83b..8d9edaac447 100644 +index 6fb5627025d..e28fb6a09f9 100644 --- a/grub-core/net/bootp.c +++ b/grub-core/net/bootp.c @@ -902,6 +902,179 @@ grub_cmd_bootp (struct grub_command *cmd __attribute__ ((unused)), diff --git a/0048-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch b/0051-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch similarity index 98% rename from 0048-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch rename to 0051-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch index 3ffc50c..e799ac1 100644 --- a/0048-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +++ b/0051-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch @@ -23,7 +23,7 @@ Resolves: rhbz#1226325 create mode 100644 util/grub-get-kernel-settings.in diff --git a/configure.ac b/configure.ac -index 9ecd3540bd6..281201f671e 100644 +index 30fd84d8067..ed31ea457d2 100644 --- a/configure.ac +++ b/configure.ac @@ -65,6 +65,7 @@ grub_TRANSFORM([grub-install]) @@ -214,7 +214,7 @@ index 00000000000..7e87dfccc0e + echo export GRUB_UPDATE_DEFAULT_KERNEL +fi diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 3e4c6c5240b..60beaaa6962 100644 +index ba14cf6261c..005f093809b 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in @@ -45,6 +45,7 @@ grub_probe="${sbindir}/@grub_probe@" @@ -225,7 +225,7 @@ index 3e4c6c5240b..60beaaa6962 100644 export TEXTDOMAIN=@PACKAGE@ export TEXTDOMAINDIR="@localedir@" -@@ -161,6 +162,8 @@ if test -f ${sysconfdir}/default/grub ; then +@@ -158,6 +159,8 @@ if test -f ${sysconfdir}/default/grub ; then . ${sysconfdir}/default/grub fi diff --git a/0049-bz1374141-fix-incorrect-mask-for-ppc64.patch b/0052-bz1374141-fix-incorrect-mask-for-ppc64.patch similarity index 100% rename from 0049-bz1374141-fix-incorrect-mask-for-ppc64.patch rename to 0052-bz1374141-fix-incorrect-mask-for-ppc64.patch diff --git a/0050-Make-grub_fatal-also-backtrace.patch b/0053-Make-grub_fatal-also-backtrace.patch similarity index 100% rename from 0050-Make-grub_fatal-also-backtrace.patch rename to 0053-Make-grub_fatal-also-backtrace.patch diff --git a/0051-Fix-up-some-man-pages-rpmdiff-noticed.patch b/0054-Fix-up-some-man-pages-rpmdiff-noticed.patch similarity index 99% rename from 0051-Fix-up-some-man-pages-rpmdiff-noticed.patch rename to 0054-Fix-up-some-man-pages-rpmdiff-noticed.patch index f51b62f..8016a62 100644 --- a/0051-Fix-up-some-man-pages-rpmdiff-noticed.patch +++ b/0054-Fix-up-some-man-pages-rpmdiff-noticed.patch @@ -13,7 +13,7 @@ Subject: [PATCH] Fix up some man pages rpmdiff noticed. create mode 100644 util/grub-syslinux2cfg.1 diff --git a/configure.ac b/configure.ac -index 281201f671e..6c16968ad9c 100644 +index ed31ea457d2..537ed411469 100644 --- a/configure.ac +++ b/configure.ac @@ -87,6 +87,7 @@ grub_TRANSFORM([grub-get-kernel-settings.3]) diff --git a/0052-Make-our-info-pages-say-grub2-where-appropriate.patch b/0055-Make-our-info-pages-say-grub2-where-appropriate.patch similarity index 92% rename from 0052-Make-our-info-pages-say-grub2-where-appropriate.patch rename to 0055-Make-our-info-pages-say-grub2-where-appropriate.patch index e093067..be28efd 100644 --- a/0052-Make-our-info-pages-say-grub2-where-appropriate.patch +++ b/0055-Make-our-info-pages-say-grub2-where-appropriate.patch @@ -9,11 +9,11 @@ time. Signed-off-by: Peter Jones --- docs/grub-dev.texi | 4 +- - docs/grub.texi | 323 ++++++++++++++++++++++++++++------------------------- - 2 files changed, 172 insertions(+), 155 deletions(-) + docs/grub.texi | 321 ++++++++++++++++++++++++++++------------------------- + 2 files changed, 171 insertions(+), 154 deletions(-) diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi -index a834b3a9c32..a55af53fd45 100644 +index 6c629a23e2d..19f708ee662 100644 --- a/docs/grub-dev.texi +++ b/docs/grub-dev.texi @@ -1,7 +1,7 @@ @@ -35,7 +35,7 @@ index a834b3a9c32..a55af53fd45 100644 @setchapternewpage odd diff --git a/docs/grub.texi b/docs/grub.texi -index eeb3118ebde..aa3a7de9d4f 100644 +index 69f08d289f9..0615d0ed97e 100644 --- a/docs/grub.texi +++ b/docs/grub.texi @@ -1,7 +1,7 @@ @@ -366,22 +366,16 @@ index eeb3118ebde..aa3a7de9d4f 100644 @item GRUB_GFXMODE Set the resolution used on the @samp{gfxterm} graphical terminal. Note that -@@ -1519,20 +1526,20 @@ boot sequence. If you have problems, set this option to @samp{text} and +@@ -1519,7 +1526,7 @@ boot sequence. If you have problems, set this option to @samp{text} and GRUB will tell Linux to boot in normal text mode. @item GRUB_DISABLE_OS_PROBER --The @command{grub-mkconfig} has a feature to use the external -+The @command{grub2-mkconfig} has a feature to use the external - @command{os-prober} program to discover other operating systems installed on - the same machine and generate appropriate menu entries for them. It is disabled - by default since automatic and silent execution of @command{os-prober}, and - creating boot entries based on that data, is a potential attack vector. Set - this option to @samp{false} to enable this feature in the --@command{grub-mkconfig} command. -+@command{grub2-mkconfig} command. - - @item GRUB_OS_PROBER_SKIP_LIST - List of space-separated FS UUIDs of filesystems to be ignored from os-prober +-Normally, @command{grub-mkconfig} will try to use the external ++Normally, @command{grub2-mkconfig} will try to use the external + @command{os-prober} program, if installed, to discover other operating + systems installed on the same system and generate appropriate menu entries + for them. Set this option to @samp{true} to disable this. +@@ -1529,7 +1536,7 @@ List of space-separated FS UUIDs of filesystems to be ignored from os-prober output. For efi chainloaders it's @@ @item GRUB_DISABLE_SUBMENU @@ -390,7 +384,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 the kernel with highest version number and put all other found kernels or alternative menu entries for recovery mode in submenu. For entries returned by @command{os-prober} first entry will be put on top level and all others -@@ -1540,11 +1547,11 @@ in submenu. If this option is set to @samp{true}, flat menu with all entries +@@ -1537,11 +1544,11 @@ in submenu. If this option is set to @samp{true}, flat menu with all entries on top level will be generated instead. Changing this option will require changing existing values of @samp{GRUB_DEFAULT}, @samp{fallback} (@pxref{fallback}) and @samp{default} (@pxref{default}) environment variables as well as saved @@ -405,7 +399,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 check for encrypted disks and generate additional commands needed to access them during boot. Note that in this case unattended boot is not possible because GRUB will wait for passphrase to unlock encrypted container. -@@ -1603,7 +1610,7 @@ confusing @samp{GRUB_TIMEOUT_STYLE=countdown} or +@@ -1600,7 +1607,7 @@ confusing @samp{GRUB_TIMEOUT_STYLE=countdown} or @end table @@ -414,7 +408,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 edit the scripts in @file{/etc/grub.d} directly. @file{/etc/grub.d/40_custom} is particularly useful for adding entire custom menu entries; simply type the menu entries you want to add at the end of -@@ -1864,7 +1871,7 @@ images as well. +@@ -1862,7 +1869,7 @@ images as well. Mount this partition on/mnt/boot and disable GRUB in all OSes and manually install self-compiled latest GRUB with: @@ -423,7 +417,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 In all the OSes install GRUB tools but disable installing GRUB in bootsector, so you'll have menu.lst and grub.cfg available for use. Also disable os-prober -@@ -1874,20 +1881,20 @@ use by setting: +@@ -1872,20 +1879,20 @@ use by setting: in /etc/default/grub @@ -447,7 +441,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @} menuentry "Windows XP" @{ -@@ -1950,15 +1957,15 @@ GRUB supports embedding a configuration file directly into the core image, +@@ -1948,15 +1955,15 @@ GRUB supports embedding a configuration file directly into the core image, so that it is loaded before entering normal mode. This is useful, for example, when it is not straightforward to find the real configuration file, or when you need to debug problems with loading that file. @@ -466,7 +460,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 After the embedded configuration file (if any) is executed, GRUB will load the @samp{normal} module (@pxref{normal}), which will then read the real -@@ -1993,13 +2000,13 @@ included in the core image: +@@ -1991,13 +1998,13 @@ included in the core image: @example @group search.fs_label grub root @@ -484,7 +478,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 else echo "Could not find an example configuration file!" fi -@@ -2523,7 +2530,7 @@ grub-mknetdir --net-directory=/srv/tftp --subdir=/boot/grub -d /usr/lib/grub/i38 +@@ -2521,7 +2528,7 @@ grub-mknetdir --net-directory=/srv/tftp --subdir=/boot/grub -d /usr/lib/grub/i38 @end group @end example @@ -493,7 +487,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 server. The grub.cfg file is placed in the same directory as the path output by -@@ -2717,7 +2724,7 @@ team are: +@@ -2715,7 +2722,7 @@ team are: @end table To take full advantage of this function, install GRUB into the MBR @@ -502,7 +496,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 If you have a laptop which has a similar feature and not in the above list could you figure your address and contribute? -@@ -2778,7 +2785,7 @@ bytes. +@@ -2776,7 +2783,7 @@ bytes. The sole function of @file{boot.img} is to read the first sector of the core image from a local disk and jump to it. Because of the size restriction, @file{boot.img} cannot understand any file system structure, so @@ -511,7 +505,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 core image into @file{boot.img} when installing GRUB. @item diskboot.img -@@ -2808,7 +2815,7 @@ images. +@@ -2806,7 +2813,7 @@ images. @item core.img This is the core image of GRUB. It is built dynamically from the kernel @@ -520,7 +514,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 program. Usually, it contains enough modules to access @file{/boot/grub}, and loads everything else (including menu handling, the ability to load target operating systems, and so on) from the file system at run-time. The -@@ -2860,7 +2867,7 @@ GRUB 2 has no single Stage 2 image. Instead, it loads modules from +@@ -2858,7 +2865,7 @@ GRUB 2 has no single Stage 2 image. Instead, it loads modules from In GRUB 2, images for booting from CD-ROM drives are now constructed using @file{cdboot.img} and @file{core.img}, making sure that the core image contains the @samp{iso9660} module. It is usually best to use the @@ -529,7 +523,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @item nbgrub There is as yet no equivalent for @file{nbgrub} in GRUB 2; it was used by -@@ -3016,8 +3023,8 @@ There are two ways to specify files, by @dfn{absolute file name} and by +@@ -3014,8 +3021,8 @@ There are two ways to specify files, by @dfn{absolute file name} and by An absolute file name resembles a Unix absolute file name, using @samp{/} for the directory separator (not @samp{\} as in DOS). One @@ -540,7 +534,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 disk. If you omit the device name in an absolute file name, GRUB uses GRUB's @dfn{root device} implicitly. So if you set the root device to, say, @samp{(hd1,1)} by the command @samp{set root=(hd1,1)} (@pxref{set}), -@@ -3025,8 +3032,8 @@ then @code{/boot/kernel} is the same as @code{(hd1,1)/boot/kernel}. +@@ -3023,8 +3030,8 @@ then @code{/boot/kernel} is the same as @code{(hd1,1)/boot/kernel}. On ZFS filesystem the first path component must be @var{volume}@samp{@@}[@var{snapshot}]. @@ -551,7 +545,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @samp{snap-129}. Trailing @samp{@@} after volume name is mandatory even if snapshot name is omitted. -@@ -3429,7 +3436,7 @@ The more recent release of Minix would then be identified as +@@ -3427,7 +3434,7 @@ The more recent release of Minix would then be identified as @samp{other>minix>minix-3.4.0}. This variable is often set by @samp{GRUB_DEFAULT} (@pxref{Simple @@ -560,7 +554,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @node fallback -@@ -3519,7 +3526,7 @@ If this variable is set, it names the language code that the +@@ -3517,7 +3524,7 @@ If this variable is set, it names the language code that the example, French would be named as @samp{fr}, and Simplified Chinese as @samp{zh_CN}. @@ -569,7 +563,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 reasonable default for this variable based on the system locale. -@@ -3527,10 +3534,10 @@ reasonable default for this variable based on the system locale. +@@ -3525,10 +3532,10 @@ reasonable default for this variable based on the system locale. @subsection locale_dir If this variable is set, it names the directory where translation files may @@ -582,7 +576,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 default for this variable if internationalization is needed and any translation files are available. -@@ -3648,7 +3655,7 @@ input. The default is not to pause output. +@@ -3646,7 +3653,7 @@ input. The default is not to pause output. The location of the @samp{/boot/grub} directory as an absolute file name (@pxref{File name syntax}). This is normally set by GRUB at startup based @@ -591,7 +585,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 dynamically loaded from this directory, so it must be set correctly in order for many parts of GRUB to work. -@@ -3739,17 +3746,17 @@ GRUB provides an ``environment block'' which can be used to save a small +@@ -3737,17 +3744,17 @@ GRUB provides an ``environment block'' which can be used to save a small amount of state. The environment block is a preallocated 1024-byte file, which normally lives @@ -612,7 +606,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @samp{GRUB_SAVEDEFAULT} (@pxref{Simple configuration}). -@@ -4473,7 +4480,7 @@ Translate @var{string} into the current language. +@@ -4476,7 +4483,7 @@ Translate @var{string} into the current language. The current language code is stored in the @samp{lang} variable in GRUB's environment (@pxref{lang}). Translation files in MO format are read from @@ -621,7 +615,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @end deffn -@@ -4868,7 +4875,7 @@ Define a user named @var{user} with password @var{clear-password}. +@@ -4871,7 +4878,7 @@ Define a user named @var{user} with password @var{clear-password}. @deffn Command password_pbkdf2 user hashed-password Define a user named @var{user} with password hash @var{hashed-password}. @@ -630,7 +624,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 to generate password hashes. @xref{Security}. @end deffn -@@ -5811,8 +5818,8 @@ The @samp{password} (@pxref{password}) and @samp{password_pbkdf2} +@@ -5814,8 +5821,8 @@ The @samp{password} (@pxref{password}) and @samp{password_pbkdf2} which has an associated password. @samp{password} sets the password in plain text, requiring @file{grub.cfg} to be secure; @samp{password_pbkdf2} sets the password hashed using the Password-Based Key Derivation Function @@ -641,7 +635,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 In order to enable authentication support, the @samp{superusers} environment variable must be set to a list of usernames, separated by any of spaces, -@@ -5857,7 +5864,7 @@ menuentry "May be run by user1 or a superuser" --users user1 @{ +@@ -5860,7 +5867,7 @@ menuentry "May be run by user1 or a superuser" --users user1 @{ @end group @end example @@ -650,7 +644,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 generating configuration files with authentication. You can use @file{/etc/grub.d/40_custom} to add simple superuser authentication, by adding @kbd{set superusers=} and @kbd{password} or @kbd{password_pbkdf2} -@@ -5884,7 +5891,17 @@ may halt or otherwise impact the boot process. +@@ -5887,7 +5894,17 @@ may halt or otherwise impact the boot process. An initial trusted public key can be embedded within the GRUB @file{core.img} using the @code{--pubkey} option to @command{grub-install} @@ -669,7 +663,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 GRUB uses GPG-style detached signatures (meaning that a file @file{foo.sig} will be produced when file @file{foo} is signed), and -@@ -5904,8 +5921,8 @@ gpg --detach-sign /path/to/file +@@ -5907,8 +5924,8 @@ gpg --detach-sign /path/to/file For successful validation of all of GRUB's subcomponents and the loaded OS kernel, they must all be signed. One way to accomplish this is the following (after having already produced the desired @@ -680,7 +674,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @example @group -@@ -5927,7 +5944,7 @@ See also: @ref{check_signatures}, @ref{verify_detached}, @ref{trust}, +@@ -5930,7 +5947,7 @@ See also: @ref{check_signatures}, @ref{verify_detached}, @ref{trust}, Note that internally signature enforcement is controlled by setting the environment variable @code{check_signatures} equal to @code{enforce}. Passing one or more @code{--pubkey} options to @@ -689,7 +683,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 equal to @code{enforce} in @file{core.img} prior to processing any configuration files. -@@ -6385,10 +6402,10 @@ Required files are: +@@ -6388,10 +6405,10 @@ Required files are: GRUB's normal start-up procedure involves setting the @samp{prefix} environment variable to a value set in the core image by @@ -702,7 +696,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 things GRUB is supposed to do. If, instead, you only get a rescue shell, this usually means that GRUB -@@ -6414,8 +6431,8 @@ normal +@@ -6417,8 +6434,8 @@ normal However, any problem that leaves you in the rescue shell probably means that GRUB was not correctly installed. It may be more useful to try to reinstall @@ -713,7 +707,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @itemize @bullet{} @item -@@ -6427,7 +6444,7 @@ is usually better to use UUIDs or file system labels and avoid depending on +@@ -6430,7 +6447,7 @@ is usually better to use UUIDs or file system labels and avoid depending on drive ordering entirely. @item @@ -722,7 +716,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 to a partition but GRUB has already been installed in the master boot record, then the GRUB installation in the partition will be ignored. -@@ -6458,21 +6475,21 @@ entry which claims partition start at block 0. This change will not hamper +@@ -6461,21 +6478,21 @@ entry which claims partition start at block 0. This change will not hamper bootability on other machines. @@ -750,7 +744,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @table @option @item --help -@@ -6488,13 +6505,13 @@ separate partition or a removable disk. +@@ -6491,13 +6508,13 @@ separate partition or a removable disk. If this option is not specified then it defaults to @file{/boot}, so @example @@ -766,7 +760,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @end example Here is an example in which you have a separate @dfn{boot} partition which is -@@ -6502,16 +6519,16 @@ mounted on +@@ -6505,16 +6522,16 @@ mounted on @file{/mnt/boot}: @example @@ -786,7 +780,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 extra space in the bootloader embedding area for Reed-Solomon error-correcting codes. This enables GRUB to still boot successfully if some blocks are corrupted. The exact amount of protection offered -@@ -6524,17 +6541,17 @@ installation}) where GRUB does not reside in any unpartitioned space +@@ -6527,17 +6544,17 @@ installation}) where GRUB does not reside in any unpartitioned space outside of the MBR. Disable the Reed-Solomon codes with this option. @end table @@ -809,7 +803,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @table @option @item --help -@@ -6550,17 +6567,17 @@ it to standard output. +@@ -6553,17 +6570,17 @@ it to standard output. @end table @@ -831,7 +825,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @table @option @item -c @var{number} -@@ -6578,23 +6595,23 @@ Length of the salt. Defaults to 64. +@@ -6581,23 +6598,23 @@ Length of the salt. Defaults to 64. @end table @@ -861,7 +855,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @table @option @item --help -@@ -6605,17 +6622,17 @@ Print the version number of GRUB and exit. +@@ -6608,17 +6625,17 @@ Print the version number of GRUB and exit. @end table @@ -883,7 +877,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 passed on directly to @command{xorriso} in @command{mkisofs} emulation mode. Options passed to @command{xorriso} will normally be interpreted as @command{mkisofs} options; if the option @samp{--} is used, then anything -@@ -6630,7 +6647,7 @@ mkdir -p disk/boot/grub +@@ -6633,7 +6650,7 @@ mkdir -p disk/boot/grub grub-mkrescue -o grub.iso disk @end example @@ -892,7 +886,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @table @option @item --help -@@ -6658,15 +6675,15 @@ Use @var{file} as the @command{xorriso} program, rather than the built-in +@@ -6661,15 +6678,15 @@ Use @var{file} as the @command{xorriso} program, rather than the built-in default. @item --grub-mkimage=@var{file} @@ -912,7 +906,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 system or file system image that GRUB understands, using GRUB's file system drivers via FUSE. (It is only available if FUSE development files were present when GRUB was built.) This has a number of uses: -@@ -6698,13 +6715,13 @@ even if nobody has yet written a FUSE module specifically for that file +@@ -6701,13 +6718,13 @@ even if nobody has yet written a FUSE module specifically for that file system type. @end itemize @@ -928,7 +922,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 non-option arguments (if it is given more than one image, it will treat them as a RAID set), and also accepts the following options: -@@ -6726,13 +6743,13 @@ Show debugging output for conditions matching @var{string}. +@@ -6729,13 +6746,13 @@ Show debugging output for conditions matching @var{string}. @item -K prompt|@var{file} @itemx --zfs-key=prompt|@var{file} Load a ZFS encryption key. If you use @samp{prompt} as the argument, @@ -944,7 +938,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 root of the supplied file system. If @var{device} is just a number, then it will be treated as a partition -@@ -6750,10 +6767,10 @@ Print verbose messages. +@@ -6753,10 +6770,10 @@ Print verbose messages. @end table @@ -958,7 +952,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 or device. @example -@@ -6761,7 +6778,7 @@ grub-probe --target=fs /boot/grub +@@ -6764,7 +6781,7 @@ grub-probe --target=fs /boot/grub grub-probe --target=drive --device /dev/sda1 @end example @@ -967,7 +961,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 argument, and also accepts the following options: @table @option -@@ -6774,16 +6791,16 @@ Print the version number of GRUB and exit. +@@ -6777,16 +6794,16 @@ Print the version number of GRUB and exit. @item -d @itemx --device If this option is given, then the non-option argument is a system device @@ -987,7 +981,7 @@ index eeb3118ebde..aa3a7de9d4f 100644 @item -t @var{target} @itemx --target=@var{target} -@@ -6836,19 +6853,19 @@ Print verbose messages. +@@ -6839,19 +6856,19 @@ Print verbose messages. @end table diff --git a/0053-macos-just-build-chainloader-entries-don-t-try-any-x.patch b/0056-macos-just-build-chainloader-entries-don-t-try-any-x.patch similarity index 97% rename from 0053-macos-just-build-chainloader-entries-don-t-try-any-x.patch rename to 0056-macos-just-build-chainloader-entries-don-t-try-any-x.patch index 2f3fd13..574d117 100644 --- a/0053-macos-just-build-chainloader-entries-don-t-try-any-x.patch +++ b/0056-macos-just-build-chainloader-entries-don-t-try-any-x.patch @@ -20,10 +20,10 @@ Signed-off-by: Peter Jones 1 file changed, 18 insertions(+), 60 deletions(-) diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 94622481284..9d6ea55bdd3 100644 +index 1b91c102f35..4b27bd20153 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in -@@ -45,68 +45,25 @@ if [ -z "${OSPROBED}" ] ; then +@@ -42,68 +42,25 @@ if [ -z "${OSPROBED}" ] ; then fi osx_entry() { @@ -104,7 +104,7 @@ index 94622481284..9d6ea55bdd3 100644 } EOF } -@@ -295,11 +252,12 @@ EOF +@@ -292,11 +249,12 @@ EOF echo "$title_correction_code" ;; macosx) diff --git a/0054-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch b/0057-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch similarity index 100% rename from 0054-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch rename to 0057-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch diff --git a/0055-export-btrfs_subvol-and-btrfs_subvolid.patch b/0058-export-btrfs_subvol-and-btrfs_subvolid.patch similarity index 100% rename from 0055-export-btrfs_subvol-and-btrfs_subvolid.patch rename to 0058-export-btrfs_subvol-and-btrfs_subvolid.patch diff --git a/0056-grub2-btrfs-03-follow_default.patch b/0059-grub2-btrfs-03-follow_default.patch similarity index 100% rename from 0056-grub2-btrfs-03-follow_default.patch rename to 0059-grub2-btrfs-03-follow_default.patch diff --git a/0057-grub2-btrfs-04-grub2-install.patch b/0060-grub2-btrfs-04-grub2-install.patch similarity index 99% rename from 0057-grub2-btrfs-04-grub2-install.patch rename to 0060-grub2-btrfs-04-grub2-install.patch index 1a617c2..f91c31a 100644 --- a/0057-grub2-btrfs-04-grub2-install.patch +++ b/0060-grub2-btrfs-04-grub2-install.patch @@ -94,7 +94,7 @@ index ebcdd8f5e22..f044a880a76 100644 sizeof ("GRUB_DISTRIBUTOR=") - 1) == 0) { diff --git a/util/grub-install.c b/util/grub-install.c -index a0babe3eff9..427ae013701 100644 +index 0fbe7f78c6d..0f66f36d23a 100644 --- a/util/grub-install.c +++ b/util/grub-install.c @@ -827,6 +827,8 @@ fill_core_services (const char *core_services) diff --git a/0058-grub2-btrfs-05-grub2-mkconfig.patch b/0061-grub2-btrfs-05-grub2-mkconfig.patch similarity index 98% rename from 0058-grub2-btrfs-05-grub2-mkconfig.patch rename to 0061-grub2-btrfs-05-grub2-mkconfig.patch index 4cdf47b..8270505 100644 --- a/0058-grub2-btrfs-05-grub2-mkconfig.patch +++ b/0061-grub2-btrfs-05-grub2-mkconfig.patch @@ -13,10 +13,10 @@ Signed-off-by: Michael Chang 5 files changed, 38 insertions(+), 2 deletions(-) diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 60beaaa6962..e671ce68aec 100644 +index 005f093809b..535c0f02499 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in -@@ -255,7 +255,8 @@ export GRUB_DEFAULT \ +@@ -252,7 +252,8 @@ export GRUB_DEFAULT \ GRUB_BADRAM \ GRUB_OS_PROBER_SKIP_LIST \ GRUB_DISABLE_SUBMENU \ diff --git a/0059-grub2-btrfs-06-subvol-mount.patch b/0062-grub2-btrfs-06-subvol-mount.patch similarity index 99% rename from 0059-grub2-btrfs-06-subvol-mount.patch rename to 0062-grub2-btrfs-06-subvol-mount.patch index 5a92622..9a51175 100644 --- a/0059-grub2-btrfs-06-subvol-mount.patch +++ b/0062-grub2-btrfs-06-subvol-mount.patch @@ -460,7 +460,7 @@ index caf9b1ccd3f..28790307e00 100644 grub_make_system_path_relative_to_its_root_os (const char *path) { diff --git a/util/grub-install.c b/util/grub-install.c -index 427ae013701..c03214bdfcf 100644 +index 0f66f36d23a..84ed6e88ecb 100644 --- a/util/grub-install.c +++ b/util/grub-install.c @@ -1569,6 +1569,55 @@ main (int argc, char *argv[]) diff --git a/0060-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch b/0063-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch similarity index 100% rename from 0060-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch rename to 0063-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch diff --git a/0061-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch b/0064-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch similarity index 100% rename from 0061-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch rename to 0064-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch diff --git a/0062-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch b/0065-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch similarity index 100% rename from 0062-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch rename to 0065-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch diff --git a/0063-Use-grub_efi_.-memory-helpers-where-reasonable.patch b/0066-Use-grub_efi_.-memory-helpers-where-reasonable.patch similarity index 100% rename from 0063-Use-grub_efi_.-memory-helpers-where-reasonable.patch rename to 0066-Use-grub_efi_.-memory-helpers-where-reasonable.patch diff --git a/0064-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch b/0067-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch similarity index 100% rename from 0064-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch rename to 0067-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch diff --git a/0065-don-t-use-int-for-efi-status.patch b/0068-don-t-use-int-for-efi-status.patch similarity index 100% rename from 0065-don-t-use-int-for-efi-status.patch rename to 0068-don-t-use-int-for-efi-status.patch diff --git a/0066-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch b/0069-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch similarity index 100% rename from 0066-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch rename to 0069-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch diff --git a/0067-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch b/0070-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch similarity index 96% rename from 0067-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch rename to 0070-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch index 89a65db..890aa34 100644 --- a/0067-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +++ b/0070-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch @@ -16,7 +16,7 @@ Signed-off-by: Peter Jones 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/util/grub-install.c b/util/grub-install.c -index c03214bdfcf..1e47491bc21 100644 +index 84ed6e88ecb..a2bec7446cb 100644 --- a/util/grub-install.c +++ b/util/grub-install.c @@ -1190,18 +1190,8 @@ main (int argc, char *argv[]) diff --git a/0068-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch b/0071-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch similarity index 100% rename from 0068-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch rename to 0071-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch diff --git a/0069-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch b/0072-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch similarity index 100% rename from 0069-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch rename to 0072-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch diff --git a/0070-align-struct-efi_variable-better.patch b/0073-align-struct-efi_variable-better.patch similarity index 96% rename from 0070-align-struct-efi_variable-better.patch rename to 0073-align-struct-efi_variable-better.patch index 6d28e6d..ec26def 100644 --- a/0070-align-struct-efi_variable-better.patch +++ b/0073-align-struct-efi_variable-better.patch @@ -20,7 +20,7 @@ index 36d2dedf47e..9d93ba88bac 100644 +} GRUB_PACKED GRUB_ALIGNED(8); #endif /* ! GRUB_EFI_EMU_RUNTIME_HEADER */ diff --git a/include/grub/types.h b/include/grub/types.h -index b36b26a79d4..30e57254889 100644 +index 0a3ff159136..ba446d99040 100644 --- a/include/grub/types.h +++ b/include/grub/types.h @@ -29,6 +29,7 @@ diff --git a/0071-Add-BLS-support-to-grub-mkconfig.patch b/0074-Add-BLS-support-to-grub-mkconfig.patch similarity index 99% rename from 0071-Add-BLS-support-to-grub-mkconfig.patch rename to 0074-Add-BLS-support-to-grub-mkconfig.patch index 7bdb942..6c65440 100644 --- a/0071-Add-BLS-support-to-grub-mkconfig.patch +++ b/0074-Add-BLS-support-to-grub-mkconfig.patch @@ -43,7 +43,7 @@ index a2d1f577b9b..434fa4deda4 100644 .SH SEE ALSO .BR "info grub" diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index e671ce68aec..1a70b7ea056 100644 +index 535c0f02499..f55339a3f64 100644 --- a/util/grub-mkconfig.in +++ b/util/grub-mkconfig.in @@ -50,6 +50,8 @@ grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@" @@ -73,7 +73,7 @@ index e671ce68aec..1a70b7ea056 100644 -*) gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2 usage -@@ -256,7 +262,8 @@ export GRUB_DEFAULT \ +@@ -253,7 +259,8 @@ export GRUB_DEFAULT \ GRUB_OS_PROBER_SKIP_LIST \ GRUB_DISABLE_SUBMENU \ GRUB_DEFAULT_DTB \ diff --git a/0072-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch b/0075-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch similarity index 100% rename from 0072-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch rename to 0075-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch diff --git a/0073-Add-linux-and-initrd-commands-for-grub-emu.patch b/0076-Add-linux-and-initrd-commands-for-grub-emu.patch similarity index 100% rename from 0073-Add-linux-and-initrd-commands-for-grub-emu.patch rename to 0076-Add-linux-and-initrd-commands-for-grub-emu.patch diff --git a/0074-Add-grub2-switch-to-blscfg.patch b/0077-Add-grub2-switch-to-blscfg.patch similarity index 100% rename from 0074-Add-grub2-switch-to-blscfg.patch rename to 0077-Add-grub2-switch-to-blscfg.patch diff --git a/0075-make-better-backtraces.patch b/0078-make-better-backtraces.patch similarity index 100% rename from 0075-make-better-backtraces.patch rename to 0078-make-better-backtraces.patch diff --git a/0076-normal-don-t-draw-our-startup-message-if-debug-is-se.patch b/0079-normal-don-t-draw-our-startup-message-if-debug-is-se.patch similarity index 100% rename from 0076-normal-don-t-draw-our-startup-message-if-debug-is-se.patch rename to 0079-normal-don-t-draw-our-startup-message-if-debug-is-se.patch diff --git a/0077-Work-around-some-minor-include-path-weirdnesses.patch b/0080-Work-around-some-minor-include-path-weirdnesses.patch similarity index 100% rename from 0077-Work-around-some-minor-include-path-weirdnesses.patch rename to 0080-Work-around-some-minor-include-path-weirdnesses.patch diff --git a/0078-Make-it-possible-to-enabled-build-id-sha1.patch b/0081-Make-it-possible-to-enabled-build-id-sha1.patch similarity index 98% rename from 0078-Make-it-possible-to-enabled-build-id-sha1.patch rename to 0081-Make-it-possible-to-enabled-build-id-sha1.patch index c1aa516..356a4d8 100644 --- a/0078-Make-it-possible-to-enabled-build-id-sha1.patch +++ b/0081-Make-it-possible-to-enabled-build-id-sha1.patch @@ -10,7 +10,7 @@ Signed-off-by: Peter Jones 2 files changed, 27 insertions(+) diff --git a/configure.ac b/configure.ac -index 6c16968ad9c..f4cfd06cbe6 100644 +index 537ed411469..b4455e4732d 100644 --- a/configure.ac +++ b/configure.ac @@ -1470,7 +1470,15 @@ grub_PROG_TARGET_CC diff --git a/0079-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch b/0082-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch similarity index 100% rename from 0079-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch rename to 0082-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch diff --git a/0080-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch b/0083-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch similarity index 100% rename from 0080-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch rename to 0083-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch diff --git a/0081-Fixup-for-newer-compiler.patch b/0084-Fixup-for-newer-compiler.patch similarity index 100% rename from 0081-Fixup-for-newer-compiler.patch rename to 0084-Fixup-for-newer-compiler.patch diff --git a/0082-Don-t-attempt-to-export-the-start-and-_start-symbols.patch b/0085-Don-t-attempt-to-export-the-start-and-_start-symbols.patch similarity index 100% rename from 0082-Don-t-attempt-to-export-the-start-and-_start-symbols.patch rename to 0085-Don-t-attempt-to-export-the-start-and-_start-symbols.patch diff --git a/0083-Fixup-for-newer-compiler.patch b/0086-Fixup-for-newer-compiler.patch similarity index 100% rename from 0083-Fixup-for-newer-compiler.patch rename to 0086-Fixup-for-newer-compiler.patch diff --git a/0084-Add-support-for-non-Ethernet-network-cards.patch b/0087-Add-support-for-non-Ethernet-network-cards.patch similarity index 99% rename from 0084-Add-support-for-non-Ethernet-network-cards.patch rename to 0087-Add-support-for-non-Ethernet-network-cards.patch index 62f2a11..02fb951 100644 --- a/0084-Add-support-for-non-Ethernet-network-cards.patch +++ b/0087-Add-support-for-non-Ethernet-network-cards.patch @@ -271,7 +271,7 @@ index 54306e3b16d..67b409a8acc 100644 /* Change operation to REPLY and send packet */ send_ethernet_packet (inf, &nb_reply, target, GRUB_NET_ETHERTYPE_ARP); diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 8d9edaac447..dd5c8d04da9 100644 +index e28fb6a09f9..08b6b2b5d6c 100644 --- a/grub-core/net/bootp.c +++ b/grub-core/net/bootp.c @@ -233,7 +233,6 @@ grub_net_configure_by_dhcp_ack (const char *name, diff --git a/0085-net-read-bracketed-ipv6-addrs-and-port-numbers.patch b/0088-net-read-bracketed-ipv6-addrs-and-port-numbers.patch similarity index 100% rename from 0085-net-read-bracketed-ipv6-addrs-and-port-numbers.patch rename to 0088-net-read-bracketed-ipv6-addrs-and-port-numbers.patch diff --git a/0086-bootp-New-net_bootp6-command.patch b/0089-bootp-New-net_bootp6-command.patch similarity index 99% rename from 0086-bootp-New-net_bootp6-command.patch rename to 0089-bootp-New-net_bootp6-command.patch index b5f78f8..21b3871 100644 --- a/0086-bootp-New-net_bootp6-command.patch +++ b/0089-bootp-New-net_bootp6-command.patch @@ -19,7 +19,7 @@ Signed-off-by: Peter Jones 5 files changed, 1002 insertions(+), 209 deletions(-) diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index dd5c8d04da9..68c4df681b5 100644 +index 08b6b2b5d6c..fe93b80f1cf 100644 --- a/grub-core/net/bootp.c +++ b/grub-core/net/bootp.c @@ -24,6 +24,98 @@ diff --git a/0087-efinet-UEFI-IPv6-PXE-support.patch b/0090-efinet-UEFI-IPv6-PXE-support.patch similarity index 100% rename from 0087-efinet-UEFI-IPv6-PXE-support.patch rename to 0090-efinet-UEFI-IPv6-PXE-support.patch diff --git a/0088-grub.texi-Add-net_bootp6-doument.patch b/0091-grub.texi-Add-net_bootp6-doument.patch similarity index 90% rename from 0088-grub.texi-Add-net_bootp6-doument.patch rename to 0091-grub.texi-Add-net_bootp6-doument.patch index d7fd91a..3f8ec97 100644 --- a/0088-grub.texi-Add-net_bootp6-doument.patch +++ b/0091-grub.texi-Add-net_bootp6-doument.patch @@ -12,10 +12,10 @@ Signed-off-by: Ken Lin 1 file changed, 17 insertions(+) diff --git a/docs/grub.texi b/docs/grub.texi -index aa3a7de9d4f..67bf8523ccb 100644 +index 0615d0ed97e..04ed6ac1f07 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -5484,6 +5484,7 @@ This command is only available on AArch64 systems. +@@ -5487,6 +5487,7 @@ This command is only available on AArch64 systems. * net_add_dns:: Add a DNS server * net_add_route:: Add routing entry * net_bootp:: Perform a bootp/DHCP autoconfiguration @@ -23,7 +23,7 @@ index aa3a7de9d4f..67bf8523ccb 100644 * net_del_addr:: Remove IP address from interface * net_del_dns:: Remove a DNS server * net_del_route:: Remove a route entry -@@ -5608,6 +5609,22 @@ Sets environment variable @samp{net_}@var{}@samp{_boot_file} +@@ -5611,6 +5612,22 @@ Sets environment variable @samp{net_}@var{}@samp{_boot_file} @end deffn diff --git a/0089-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch b/0092-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch similarity index 99% rename from 0089-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch rename to 0092-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch index 171bf82..e800dd2 100644 --- a/0089-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch +++ b/0092-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch @@ -22,7 +22,7 @@ Signed-off-by: Ken Lin 2 files changed, 56 insertions(+) diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 68c4df681b5..0b430489329 100644 +index fe93b80f1cf..8fb8918ae7e 100644 --- a/grub-core/net/bootp.c +++ b/grub-core/net/bootp.c @@ -20,6 +20,7 @@ diff --git a/0090-efinet-Setting-network-from-UEFI-device-path.patch b/0093-efinet-Setting-network-from-UEFI-device-path.patch similarity index 100% rename from 0090-efinet-Setting-network-from-UEFI-device-path.patch rename to 0093-efinet-Setting-network-from-UEFI-device-path.patch diff --git a/0091-efinet-Setting-DNS-server-from-UEFI-protocol.patch b/0094-efinet-Setting-DNS-server-from-UEFI-protocol.patch similarity index 100% rename from 0091-efinet-Setting-DNS-server-from-UEFI-protocol.patch rename to 0094-efinet-Setting-DNS-server-from-UEFI-protocol.patch diff --git a/0092-Support-UEFI-networking-protocols.patch b/0095-Support-UEFI-networking-protocols.patch similarity index 99% rename from 0092-Support-UEFI-networking-protocols.patch rename to 0095-Support-UEFI-networking-protocols.patch index e69054f..fb14386 100644 --- a/0092-Support-UEFI-networking-protocols.patch +++ b/0095-Support-UEFI-networking-protocols.patch @@ -4000,7 +4000,7 @@ index 0ce5e675ed7..55aed92722c 100644 +#endif } diff --git a/util/grub-mknetdir.c b/util/grub-mknetdir.c -index 602574d52e8..1a61e05c6ec 100644 +index a2461cda1c4..77958dd9dd5 100644 --- a/util/grub-mknetdir.c +++ b/util/grub-mknetdir.c @@ -32,13 +32,15 @@ @@ -4063,7 +4063,7 @@ index 602574d52e8..1a61e05c6ec 100644 grub_install_make_image_wrap (input_dir, prefix, output, 0, load_cfg, targets[platform].mkimage_target, 0); -@@ -192,7 +198,16 @@ main (int argc, char *argv[]) +@@ -195,7 +201,16 @@ main (int argc, char *argv[]) grub_install_mkdir_p (base); diff --git a/0093-AUDIT-0-http-boot-tracker-bug.patch b/0096-AUDIT-0-http-boot-tracker-bug.patch similarity index 100% rename from 0093-AUDIT-0-http-boot-tracker-bug.patch rename to 0096-AUDIT-0-http-boot-tracker-bug.patch diff --git a/0094-grub-editenv-Add-incr-command-to-increment-integer-v.patch b/0097-grub-editenv-Add-incr-command-to-increment-integer-v.patch similarity index 100% rename from 0094-grub-editenv-Add-incr-command-to-increment-integer-v.patch rename to 0097-grub-editenv-Add-incr-command-to-increment-integer-v.patch diff --git a/0095-Add-auto-hide-menu-support.patch b/0098-Add-auto-hide-menu-support.patch similarity index 95% rename from 0095-Add-auto-hide-menu-support.patch rename to 0098-Add-auto-hide-menu-support.patch index 6451115..efb76c4 100644 --- a/0095-Add-auto-hide-menu-support.patch +++ b/0098-Add-auto-hide-menu-support.patch @@ -120,10 +120,10 @@ index 00000000000..ad175870a54 +fi +EOF diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 9d6ea55bdd3..21bbace4647 100644 +index 4b27bd20153..3c9431cfcfb 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in -@@ -45,6 +45,7 @@ if [ -z "${OSPROBED}" ] ; then +@@ -42,6 +42,7 @@ if [ -z "${OSPROBED}" ] ; then fi osx_entry() { @@ -131,7 +131,7 @@ index 9d6ea55bdd3..21bbace4647 100644 # TRANSLATORS: it refers on the OS residing on device %s onstr="$(gettext_printf "(on %s)" "${DEVICE}")" hints="" -@@ -105,6 +106,7 @@ for OS in ${OSPROBED} ; do +@@ -102,6 +103,7 @@ for OS in ${OSPROBED} ; do case ${BOOT} in chain) @@ -139,7 +139,7 @@ index 9d6ea55bdd3..21bbace4647 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" cat << EOF -@@ -135,6 +137,7 @@ EOF +@@ -132,6 +134,7 @@ EOF EOF ;; efi) @@ -147,7 +147,7 @@ index 9d6ea55bdd3..21bbace4647 100644 EFIPATH=${DEVICE#*@} DEVICE=${DEVICE%@*} -@@ -179,6 +182,7 @@ EOF +@@ -176,6 +179,7 @@ EOF LINITRD="${LINITRD#/boot}" fi @@ -155,7 +155,7 @@ index 9d6ea55bdd3..21bbace4647 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" recovery_params="$(echo "${LPARAMS}" | grep single)" || true counter=1 -@@ -260,6 +264,7 @@ EOF +@@ -257,6 +261,7 @@ EOF done ;; hurd) @@ -163,7 +163,7 @@ index 9d6ea55bdd3..21bbace4647 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" cat << EOF menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class hurd --class gnu --class os \$menuentry_id_option 'osprober-gnuhurd-/boot/gnumach.gz-false-$(grub_get_device_id "${DEVICE}")' { -@@ -286,6 +291,7 @@ EOF +@@ -283,6 +288,7 @@ EOF EOF ;; minix) @@ -171,7 +171,7 @@ index 9d6ea55bdd3..21bbace4647 100644 cat << EOF menuentry "${LONGNAME} (on ${DEVICE}, Multiboot)" { EOF -@@ -302,3 +308,15 @@ EOF +@@ -299,3 +305,15 @@ EOF ;; esac done diff --git a/0096-Add-grub-set-bootflag-utility.patch b/0099-Add-grub-set-bootflag-utility.patch similarity index 100% rename from 0096-Add-grub-set-bootflag-utility.patch rename to 0099-Add-grub-set-bootflag-utility.patch diff --git a/0097-docs-Add-grub-boot-indeterminate.service-example.patch b/0100-docs-Add-grub-boot-indeterminate.service-example.patch similarity index 100% rename from 0097-docs-Add-grub-boot-indeterminate.service-example.patch rename to 0100-docs-Add-grub-boot-indeterminate.service-example.patch diff --git a/0098-gentpl-add-disable-support.patch b/0101-gentpl-add-disable-support.patch similarity index 100% rename from 0098-gentpl-add-disable-support.patch rename to 0101-gentpl-add-disable-support.patch diff --git a/0099-gentpl-add-pc-firmware-type.patch b/0102-gentpl-add-pc-firmware-type.patch similarity index 100% rename from 0099-gentpl-add-pc-firmware-type.patch rename to 0102-gentpl-add-pc-firmware-type.patch diff --git a/0100-efinet-also-use-the-firmware-acceleration-for-http.patch b/0103-efinet-also-use-the-firmware-acceleration-for-http.patch similarity index 100% rename from 0100-efinet-also-use-the-firmware-acceleration-for-http.patch rename to 0103-efinet-also-use-the-firmware-acceleration-for-http.patch diff --git a/0101-efi-http-Make-root_url-reflect-the-protocol-hostname.patch b/0104-efi-http-Make-root_url-reflect-the-protocol-hostname.patch similarity index 100% rename from 0101-efi-http-Make-root_url-reflect-the-protocol-hostname.patch rename to 0104-efi-http-Make-root_url-reflect-the-protocol-hostname.patch diff --git a/0102-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch b/0105-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch similarity index 99% rename from 0102-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch rename to 0105-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch index 6afb91c..b65eafc 100644 --- a/0102-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch +++ b/0105-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch @@ -17,7 +17,7 @@ Signed-off-by: Peter Jones 3 files changed, 64 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac -index f4cfd06cbe6..dbf97e703b4 100644 +index b4455e4732d..3405348178a 100644 --- a/configure.ac +++ b/configure.ac @@ -877,11 +877,23 @@ if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$p diff --git a/0103-module-verifier-make-it-possible-to-run-checkers-on-.patch b/0106-module-verifier-make-it-possible-to-run-checkers-on-.patch similarity index 100% rename from 0103-module-verifier-make-it-possible-to-run-checkers-on-.patch rename to 0106-module-verifier-make-it-possible-to-run-checkers-on-.patch diff --git a/0104-Rework-how-the-fdt-command-builds.patch b/0107-Rework-how-the-fdt-command-builds.patch similarity index 100% rename from 0104-Rework-how-the-fdt-command-builds.patch rename to 0107-Rework-how-the-fdt-command-builds.patch diff --git a/0105-Disable-non-wordsize-allocations-on-arm.patch b/0108-Disable-non-wordsize-allocations-on-arm.patch similarity index 97% rename from 0105-Disable-non-wordsize-allocations-on-arm.patch rename to 0108-Disable-non-wordsize-allocations-on-arm.patch index 3708cbe..f614c9e 100644 --- a/0105-Disable-non-wordsize-allocations-on-arm.patch +++ b/0108-Disable-non-wordsize-allocations-on-arm.patch @@ -9,7 +9,7 @@ Signed-off-by: Peter Jones 1 file changed, 20 insertions(+) diff --git a/configure.ac b/configure.ac -index dbf97e703b4..96b96973f26 100644 +index 3405348178a..152e7dba652 100644 --- a/configure.ac +++ b/configure.ac @@ -1288,6 +1288,26 @@ if test "x$target_cpu" = xarm; then diff --git a/0106-Prepend-prefix-when-HTTP-path-is-relative.patch b/0109-Prepend-prefix-when-HTTP-path-is-relative.patch similarity index 100% rename from 0106-Prepend-prefix-when-HTTP-path-is-relative.patch rename to 0109-Prepend-prefix-when-HTTP-path-is-relative.patch diff --git a/0107-Make-grub_error-more-verbose.patch b/0110-Make-grub_error-more-verbose.patch similarity index 100% rename from 0107-Make-grub_error-more-verbose.patch rename to 0110-Make-grub_error-more-verbose.patch diff --git a/0108-Make-reset-an-alias-for-the-reboot-command.patch b/0111-Make-reset-an-alias-for-the-reboot-command.patch similarity index 100% rename from 0108-Make-reset-an-alias-for-the-reboot-command.patch rename to 0111-Make-reset-an-alias-for-the-reboot-command.patch diff --git a/0109-Add-a-version-command.patch b/0112-Add-a-version-command.patch similarity index 99% rename from 0109-Add-a-version-command.patch rename to 0112-Add-a-version-command.patch index 749d319..30c8224 100644 --- a/0109-Add-a-version-command.patch +++ b/0112-Add-a-version-command.patch @@ -17,7 +17,7 @@ Signed-off-by: Peter Jones create mode 100644 grub-core/commands/version.c diff --git a/configure.ac b/configure.ac -index 96b96973f26..dabcbafc985 100644 +index 152e7dba652..cfdac6bed5a 100644 --- a/configure.ac +++ b/configure.ac @@ -312,6 +312,19 @@ AC_SUBST(target_cpu) diff --git a/0110-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch b/0113-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch similarity index 100% rename from 0110-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch rename to 0113-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch diff --git a/0111-arm-arm64-loader-Better-memory-allocation-and-error-.patch b/0114-arm-arm64-loader-Better-memory-allocation-and-error-.patch similarity index 97% rename from 0111-arm-arm64-loader-Better-memory-allocation-and-error-.patch rename to 0114-arm-arm64-loader-Better-memory-allocation-and-error-.patch index 5b18d9c..1fdc552 100644 --- a/0111-arm-arm64-loader-Better-memory-allocation-and-error-.patch +++ b/0114-arm-arm64-loader-Better-memory-allocation-and-error-.patch @@ -71,7 +71,7 @@ Signed-off-by: Peter Jones 2 files changed, 76 insertions(+), 25 deletions(-) diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 74360542062..e6abc923db2 100644 +index f6aef0ef649..85ad4b4494c 100644 --- a/grub-core/kern/efi/mm.c +++ b/grub-core/kern/efi/mm.c @@ -154,6 +154,7 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, @@ -82,7 +82,7 @@ index 74360542062..e6abc923db2 100644 /* Limit the memory access to less than 4GB for 32-bit platforms. */ if (address > GRUB_EFI_MAX_USABLE_ADDRESS) -@@ -166,19 +167,22 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, +@@ -170,19 +171,22 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, } b = grub_efi_system_table->boot_services; @@ -109,7 +109,7 @@ index 74360542062..e6abc923db2 100644 grub_efi_free_pages (0, pages); if (status != GRUB_EFI_SUCCESS) { -@@ -187,9 +191,9 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, +@@ -191,9 +195,9 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, } } @@ -121,7 +121,7 @@ index 74360542062..e6abc923db2 100644 } void * -@@ -709,8 +713,21 @@ grub_efi_get_ram_base(grub_addr_t *base_addr) +@@ -713,8 +717,21 @@ grub_efi_get_ram_base(grub_addr_t *base_addr) for (desc = memory_map, *base_addr = GRUB_EFI_MAX_USABLE_ADDRESS; (grub_addr_t) desc < ((grub_addr_t) memory_map + memory_map_size); desc = NEXT_MEMORY_DESCRIPTOR (desc, desc_size)) diff --git a/0112-Try-to-pick-better-locations-for-kernel-and-initrd.patch b/0115-Try-to-pick-better-locations-for-kernel-and-initrd.patch similarity index 97% rename from 0112-Try-to-pick-better-locations-for-kernel-and-initrd.patch rename to 0115-Try-to-pick-better-locations-for-kernel-and-initrd.patch index 0bceecb..ba918ed 100644 --- a/0112-Try-to-pick-better-locations-for-kernel-and-initrd.patch +++ b/0115-Try-to-pick-better-locations-for-kernel-and-initrd.patch @@ -34,7 +34,7 @@ Signed-off-by: Peter Jones 7 files changed, 28 insertions(+), 12 deletions(-) diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index e6abc923db2..83d7644222e 100644 +index 85ad4b4494c..e84961d078c 100644 --- a/grub-core/kern/efi/mm.c +++ b/grub-core/kern/efi/mm.c @@ -122,7 +122,7 @@ grub_efi_allocate_pages_max (grub_efi_physical_address_t max, @@ -46,7 +46,7 @@ index e6abc923db2..83d7644222e 100644 return 0; b = grub_efi_system_table->boot_services; -@@ -476,7 +476,7 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, +@@ -480,7 +480,7 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, { if (desc->type == GRUB_EFI_CONVENTIONAL_MEMORY #if 1 @@ -55,7 +55,7 @@ index e6abc923db2..83d7644222e 100644 #endif && desc->physical_start + PAGES_TO_BYTES (desc->num_pages) > 0x100000 && desc->num_pages != 0) -@@ -494,9 +494,9 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, +@@ -498,9 +498,9 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, #if 1 if (BYTES_TO_PAGES (filtered_desc->physical_start) + filtered_desc->num_pages diff --git a/0113-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch b/0116-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch similarity index 100% rename from 0113-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch rename to 0116-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch diff --git a/0114-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch b/0117-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch similarity index 98% rename from 0114-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch rename to 0117-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch index 668fb4c..de71484 100644 --- a/0114-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch +++ b/0117-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch @@ -11,7 +11,7 @@ Signed-off-by: Peter Jones 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac -index dabcbafc985..f691767a2c0 100644 +index cfdac6bed5a..bd28edf3141 100644 --- a/configure.ac +++ b/configure.ac @@ -1480,11 +1480,11 @@ fi diff --git a/0115-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch b/0118-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch similarity index 100% rename from 0115-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch rename to 0118-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch diff --git a/0116-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch b/0119-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch similarity index 100% rename from 0116-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch rename to 0119-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch diff --git a/0117-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch b/0120-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch similarity index 100% rename from 0117-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch rename to 0120-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch diff --git a/0118-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch b/0121-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch similarity index 100% rename from 0118-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch rename to 0121-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch diff --git a/0119-Fix-getroot.c-s-trampolines.patch b/0122-Fix-getroot.c-s-trampolines.patch similarity index 100% rename from 0119-Fix-getroot.c-s-trampolines.patch rename to 0122-Fix-getroot.c-s-trampolines.patch diff --git a/0120-Do-not-allow-stack-trampolines-anywhere.patch b/0123-Do-not-allow-stack-trampolines-anywhere.patch similarity index 97% rename from 0120-Do-not-allow-stack-trampolines-anywhere.patch rename to 0123-Do-not-allow-stack-trampolines-anywhere.patch index 46176d0..4ee639d 100644 --- a/0120-Do-not-allow-stack-trampolines-anywhere.patch +++ b/0123-Do-not-allow-stack-trampolines-anywhere.patch @@ -10,7 +10,7 @@ Signed-off-by: Peter Jones 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index f691767a2c0..2e4b12adad3 100644 +index bd28edf3141..907477a585c 100644 --- a/configure.ac +++ b/configure.ac @@ -2062,6 +2062,9 @@ if test x"$enable_wextra" != xno ; then diff --git a/0121-Reimplement-boot_counter.patch b/0124-Reimplement-boot_counter.patch similarity index 100% rename from 0121-Reimplement-boot_counter.patch rename to 0124-Reimplement-boot_counter.patch diff --git a/0122-Fix-menu-entry-selection-based-on-ID-and-title.patch b/0125-Fix-menu-entry-selection-based-on-ID-and-title.patch similarity index 100% rename from 0122-Fix-menu-entry-selection-based-on-ID-and-title.patch rename to 0125-Fix-menu-entry-selection-based-on-ID-and-title.patch diff --git a/0123-Make-the-menu-entry-users-option-argument-to-be-opti.patch b/0126-Make-the-menu-entry-users-option-argument-to-be-opti.patch similarity index 100% rename from 0123-Make-the-menu-entry-users-option-argument-to-be-opti.patch rename to 0126-Make-the-menu-entry-users-option-argument-to-be-opti.patch diff --git a/0124-Add-efi-export-env-and-efi-load-env-commands.patch b/0127-Add-efi-export-env-and-efi-load-env-commands.patch similarity index 100% rename from 0124-Add-efi-export-env-and-efi-load-env-commands.patch rename to 0127-Add-efi-export-env-and-efi-load-env-commands.patch diff --git a/0125-Make-it-possible-to-subtract-conditions-from-debug.patch b/0128-Make-it-possible-to-subtract-conditions-from-debug.patch similarity index 100% rename from 0125-Make-it-possible-to-subtract-conditions-from-debug.patch rename to 0128-Make-it-possible-to-subtract-conditions-from-debug.patch diff --git a/0126-Export-all-variables-from-the-initial-context-when-c.patch b/0129-Export-all-variables-from-the-initial-context-when-c.patch similarity index 100% rename from 0126-Export-all-variables-from-the-initial-context-when-c.patch rename to 0129-Export-all-variables-from-the-initial-context-when-c.patch diff --git a/0127-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch b/0130-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch similarity index 100% rename from 0127-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch rename to 0130-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch diff --git a/0128-Fix-systemctl-kexec-exit-status-check.patch b/0131-Fix-systemctl-kexec-exit-status-check.patch similarity index 100% rename from 0128-Fix-systemctl-kexec-exit-status-check.patch rename to 0131-Fix-systemctl-kexec-exit-status-check.patch diff --git a/0129-Print-grub-emu-linux-loader-messages-as-debug.patch b/0132-Print-grub-emu-linux-loader-messages-as-debug.patch similarity index 100% rename from 0129-Print-grub-emu-linux-loader-messages-as-debug.patch rename to 0132-Print-grub-emu-linux-loader-messages-as-debug.patch diff --git a/0130-Don-t-assume-that-boot-commands-will-only-return-on-.patch b/0133-Don-t-assume-that-boot-commands-will-only-return-on-.patch similarity index 100% rename from 0130-Don-t-assume-that-boot-commands-will-only-return-on-.patch rename to 0133-Don-t-assume-that-boot-commands-will-only-return-on-.patch diff --git a/0131-Fix-undefined-references-for-fdt-when-building-with-.patch b/0134-Fix-undefined-references-for-fdt-when-building-with-.patch similarity index 100% rename from 0131-Fix-undefined-references-for-fdt-when-building-with-.patch rename to 0134-Fix-undefined-references-for-fdt-when-building-with-.patch diff --git a/0132-Do-better-in-bootstrap.conf.patch b/0135-Do-better-in-bootstrap.conf.patch similarity index 100% rename from 0132-Do-better-in-bootstrap.conf.patch rename to 0135-Do-better-in-bootstrap.conf.patch diff --git a/0133-Use-git-to-apply-gnulib-patches.patch b/0136-Use-git-to-apply-gnulib-patches.patch similarity index 100% rename from 0133-Use-git-to-apply-gnulib-patches.patch rename to 0136-Use-git-to-apply-gnulib-patches.patch diff --git a/0134-Fix-build-error-with-the-fdt-module-on-risc-v.patch b/0137-Fix-build-error-with-the-fdt-module-on-risc-v.patch similarity index 100% rename from 0134-Fix-build-error-with-the-fdt-module-on-risc-v.patch rename to 0137-Fix-build-error-with-the-fdt-module-on-risc-v.patch diff --git a/0135-grub-set-bootflag-Update-comment-about-running-as-ro.patch b/0138-grub-set-bootflag-Update-comment-about-running-as-ro.patch similarity index 100% rename from 0135-grub-set-bootflag-Update-comment-about-running-as-ro.patch rename to 0138-grub-set-bootflag-Update-comment-about-running-as-ro.patch diff --git a/0136-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch b/0139-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch similarity index 100% rename from 0136-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch rename to 0139-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch diff --git a/0137-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch b/0140-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch similarity index 100% rename from 0137-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch rename to 0140-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch diff --git a/0138-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch b/0141-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch similarity index 100% rename from 0138-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch rename to 0141-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch diff --git a/0139-chainloader-Define-machine-types-for-RISC-V.patch b/0142-chainloader-Define-machine-types-for-RISC-V.patch similarity index 100% rename from 0139-chainloader-Define-machine-types-for-RISC-V.patch rename to 0142-chainloader-Define-machine-types-for-RISC-V.patch diff --git a/0140-Add-start-symbol-for-RISC-V.patch b/0143-Add-start-symbol-for-RISC-V.patch similarity index 100% rename from 0140-Add-start-symbol-for-RISC-V.patch rename to 0143-Add-start-symbol-for-RISC-V.patch diff --git a/0141-bootstrap.conf-Force-autogen.sh-to-use-python3.patch b/0144-bootstrap.conf-Force-autogen.sh-to-use-python3.patch similarity index 100% rename from 0141-bootstrap.conf-Force-autogen.sh-to-use-python3.patch rename to 0144-bootstrap.conf-Force-autogen.sh-to-use-python3.patch diff --git a/0142-efi-http-Export-fw-http-_path-variables-to-make-them.patch b/0145-efi-http-Export-fw-http-_path-variables-to-make-them.patch similarity index 100% rename from 0142-efi-http-Export-fw-http-_path-variables-to-make-them.patch rename to 0145-efi-http-Export-fw-http-_path-variables-to-make-them.patch diff --git a/0143-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch b/0146-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch similarity index 100% rename from 0143-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch rename to 0146-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch diff --git a/0144-efi-net-Allow-to-specify-a-port-number-in-addresses.patch b/0147-efi-net-Allow-to-specify-a-port-number-in-addresses.patch similarity index 100% rename from 0144-efi-net-Allow-to-specify-a-port-number-in-addresses.patch rename to 0147-efi-net-Allow-to-specify-a-port-number-in-addresses.patch diff --git a/0145-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch b/0148-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch similarity index 100% rename from 0145-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch rename to 0148-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch diff --git a/0146-efi-net-Print-a-debug-message-if-parsing-the-address.patch b/0149-efi-net-Print-a-debug-message-if-parsing-the-address.patch similarity index 100% rename from 0146-efi-net-Print-a-debug-message-if-parsing-the-address.patch rename to 0149-efi-net-Print-a-debug-message-if-parsing-the-address.patch diff --git a/0147-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch b/0150-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch similarity index 100% rename from 0147-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch rename to 0150-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch diff --git a/0148-efi-Set-image-base-address-before-jumping-to-the-PE-.patch b/0151-efi-Set-image-base-address-before-jumping-to-the-PE-.patch similarity index 100% rename from 0148-efi-Set-image-base-address-before-jumping-to-the-PE-.patch rename to 0151-efi-Set-image-base-address-before-jumping-to-the-PE-.patch diff --git a/0149-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch b/0152-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch similarity index 100% rename from 0149-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch rename to 0152-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch diff --git a/0150-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch b/0153-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch similarity index 100% rename from 0150-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch rename to 0153-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch diff --git a/0151-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch b/0154-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch similarity index 100% rename from 0151-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch rename to 0154-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch diff --git a/0152-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch b/0155-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch similarity index 100% rename from 0152-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch rename to 0155-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch diff --git a/0153-efi-dhcp-fix-some-allocation-error-checking.patch b/0156-efi-dhcp-fix-some-allocation-error-checking.patch similarity index 100% rename from 0153-efi-dhcp-fix-some-allocation-error-checking.patch rename to 0156-efi-dhcp-fix-some-allocation-error-checking.patch diff --git a/0154-efi-http-fix-some-allocation-error-checking.patch b/0157-efi-http-fix-some-allocation-error-checking.patch similarity index 100% rename from 0154-efi-http-fix-some-allocation-error-checking.patch rename to 0157-efi-http-fix-some-allocation-error-checking.patch diff --git a/0155-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch b/0158-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch similarity index 100% rename from 0155-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch rename to 0158-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch diff --git a/0156-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch b/0159-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch similarity index 100% rename from 0156-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch rename to 0159-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch diff --git a/0157-linuxefi-fail-kernel-validation-without-shim-protoco.patch b/0160-linuxefi-fail-kernel-validation-without-shim-protoco.patch similarity index 100% rename from 0157-linuxefi-fail-kernel-validation-without-shim-protoco.patch rename to 0160-linuxefi-fail-kernel-validation-without-shim-protoco.patch diff --git a/0158-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch b/0161-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch similarity index 97% rename from 0158-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch rename to 0161-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch index 0bd28c3..9b0db5f 100644 --- a/0158-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch +++ b/0161-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Jones 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 0b430489329..8f2f55c0079 100644 +index 8fb8918ae7e..7baf3540c81 100644 --- a/grub-core/net/bootp.c +++ b/grub-core/net/bootp.c @@ -329,7 +329,7 @@ grub_net_configure_by_dhcp_ack (const char *name, diff --git a/0159-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch b/0162-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch similarity index 100% rename from 0159-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch rename to 0162-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch diff --git a/0160-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch b/0163-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch similarity index 100% rename from 0160-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch rename to 0163-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch diff --git a/0161-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch b/0164-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch similarity index 100% rename from 0161-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch rename to 0164-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch diff --git a/0162-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch b/0165-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch similarity index 100% rename from 0162-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch rename to 0165-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch diff --git a/0163-Add-systemd-integration-scripts-to-make-systemctl-re.patch b/0166-Add-systemd-integration-scripts-to-make-systemctl-re.patch similarity index 100% rename from 0163-Add-systemd-integration-scripts-to-make-systemctl-re.patch rename to 0166-Add-systemd-integration-scripts-to-make-systemctl-re.patch diff --git a/0164-systemd-integration.sh-Also-set-old-menu_show_once-g.patch b/0167-systemd-integration.sh-Also-set-old-menu_show_once-g.patch similarity index 100% rename from 0164-systemd-integration.sh-Also-set-old-menu_show_once-g.patch rename to 0167-systemd-integration.sh-Also-set-old-menu_show_once-g.patch diff --git a/0165-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch b/0168-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch similarity index 100% rename from 0165-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch rename to 0168-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch diff --git a/0166-grub-install-disable-support-for-EFI-platforms.patch b/0169-grub-install-disable-support-for-EFI-platforms.patch similarity index 96% rename from 0166-grub-install-disable-support-for-EFI-platforms.patch rename to 0169-grub-install-disable-support-for-EFI-platforms.patch index e3cf2ec..41003e2 100644 --- a/0166-grub-install-disable-support-for-EFI-platforms.patch +++ b/0169-grub-install-disable-support-for-EFI-platforms.patch @@ -26,7 +26,7 @@ Signed-off-by: Jan Hlavac 3 files changed, 26 insertions(+), 22 deletions(-) diff --git a/util/grub-install.c b/util/grub-install.c -index 1e47491bc21..ffac91c9a24 100644 +index a2bec7446cb..5babc7af551 100644 --- a/util/grub-install.c +++ b/util/grub-install.c @@ -899,6 +899,22 @@ main (int argc, char *argv[]) @@ -82,10 +82,10 @@ index 1e47491bc21..ffac91c9a24 100644 { grub_fs_t fs; diff --git a/docs/grub.texi b/docs/grub.texi -index 67bf8523ccb..75b22231f35 100644 +index 04ed6ac1f07..4870faaa00a 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -6506,6 +6506,13 @@ grub2-install @var{install_device} +@@ -6509,6 +6509,13 @@ grub2-install @var{install_device} The device name @var{install_device} is an OS device name or a GRUB device name. diff --git a/0167-New-with-debug-timestamps-configure-flag-to-prepend-.patch b/0170-New-with-debug-timestamps-configure-flag-to-prepend-.patch similarity index 98% rename from 0167-New-with-debug-timestamps-configure-flag-to-prepend-.patch rename to 0170-New-with-debug-timestamps-configure-flag-to-prepend-.patch index ff2841e..3eb0d00 100644 --- a/0167-New-with-debug-timestamps-configure-flag-to-prepend-.patch +++ b/0170-New-with-debug-timestamps-configure-flag-to-prepend-.patch @@ -15,7 +15,7 @@ Signed-off-by: Renaud Métrich 3 files changed, 39 insertions(+) diff --git a/configure.ac b/configure.ac -index 2e4b12adad3..7b11fae0c3d 100644 +index 907477a585c..d5d2a28b4ef 100644 --- a/configure.ac +++ b/configure.ac @@ -1613,6 +1613,17 @@ else diff --git a/0168-Added-debug-statements-to-grub_disk_open-and-grub_di.patch b/0171-Added-debug-statements-to-grub_disk_open-and-grub_di.patch similarity index 100% rename from 0168-Added-debug-statements-to-grub_disk_open-and-grub_di.patch rename to 0171-Added-debug-statements-to-grub_disk_open-and-grub_di.patch diff --git a/0169-Introduce-function-grub_debug_is_enabled-void-return.patch b/0172-Introduce-function-grub_debug_is_enabled-void-return.patch similarity index 100% rename from 0169-Introduce-function-grub_debug_is_enabled-void-return.patch rename to 0172-Introduce-function-grub_debug_is_enabled-void-return.patch diff --git a/0170-Don-t-clear-screen-when-debugging-is-enabled.patch b/0173-Don-t-clear-screen-when-debugging-is-enabled.patch similarity index 100% rename from 0170-Don-t-clear-screen-when-debugging-is-enabled.patch rename to 0173-Don-t-clear-screen-when-debugging-is-enabled.patch diff --git a/0171-grub_file_-instrumentation-new-file-debug-tag.patch b/0174-grub_file_-instrumentation-new-file-debug-tag.patch similarity index 100% rename from 0171-grub_file_-instrumentation-new-file-debug-tag.patch rename to 0174-grub_file_-instrumentation-new-file-debug-tag.patch diff --git a/0172-ieee1275-Avoiding-many-unecessary-open-close.patch b/0175-ieee1275-Avoiding-many-unecessary-open-close.patch similarity index 100% rename from 0172-ieee1275-Avoiding-many-unecessary-open-close.patch rename to 0175-ieee1275-Avoiding-many-unecessary-open-close.patch diff --git a/0173-ieee1275-powerpc-implements-fibre-channel-discovery-.patch b/0176-ieee1275-powerpc-implements-fibre-channel-discovery-.patch similarity index 100% rename from 0173-ieee1275-powerpc-implements-fibre-channel-discovery-.patch rename to 0176-ieee1275-powerpc-implements-fibre-channel-discovery-.patch diff --git a/0174-ieee1275-powerpc-enables-device-mapper-discovery.patch b/0177-ieee1275-powerpc-enables-device-mapper-discovery.patch similarity index 100% rename from 0174-ieee1275-powerpc-enables-device-mapper-discovery.patch rename to 0177-ieee1275-powerpc-enables-device-mapper-discovery.patch diff --git a/0175-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch b/0178-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch similarity index 100% rename from 0175-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch rename to 0178-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch diff --git a/0176-Add-suport-for-signing-grub-with-an-appended-signatu.patch b/0179-Add-suport-for-signing-grub-with-an-appended-signatu.patch similarity index 97% rename from 0176-Add-suport-for-signing-grub-with-an-appended-signatu.patch rename to 0179-Add-suport-for-signing-grub-with-an-appended-signatu.patch index 75e8dda..a863298 100644 --- a/0176-Add-suport-for-signing-grub-with-an-appended-signatu.patch +++ b/0179-Add-suport-for-signing-grub-with-an-appended-signatu.patch @@ -52,10 +52,10 @@ Platform Reference (PAPR). 6 files changed, 83 insertions(+), 15 deletions(-) diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index b4f28840f10..a53f0a5c496 100644 +index 4e212e690c5..aab2a941f85 100644 --- a/util/grub-install-common.c +++ b/util/grub-install-common.c -@@ -335,10 +335,12 @@ static size_t npubkeys; +@@ -461,10 +461,12 @@ static size_t npubkeys; static char *sbat; static int disable_shim_lock; static grub_compression_t compression; @@ -68,7 +68,7 @@ index b4f28840f10..a53f0a5c496 100644 switch (key) { case 'C': -@@ -436,6 +438,12 @@ grub_install_parse (int key, char *arg) +@@ -562,6 +564,12 @@ grub_install_parse (int key, char *arg) grub_util_error (_("Unrecognized compression `%s'"), arg); case GRUB_INSTALL_OPTIONS_GRUB_MKIMAGE: return 1; @@ -81,7 +81,7 @@ index b4f28840f10..a53f0a5c496 100644 default: return 0; } -@@ -539,7 +547,13 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, +@@ -665,7 +673,13 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, dir, prefix, outname, dtb ? : "", sbat ? : "", mkimage_target, compnames[compression], note ? "--note" : "", @@ -96,7 +96,7 @@ index b4f28840f10..a53f0a5c496 100644 free (s); tgt = grub_install_get_image_target (mkimage_target); -@@ -549,7 +563,7 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, +@@ -675,7 +689,7 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, grub_install_generate_image (dir, prefix, fp, outname, modules.entries, memdisk_path, pubkeys, npubkeys, config_path, tgt, @@ -161,7 +161,7 @@ index c0d55993702..26d1ecbf74e 100644 if (grub_util_file_sync (fp) < 0) grub_util_error (_("cannot sync `%s': %s"), arguments.output ? : "stdout", diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c -index 00f49ccaaaf..ed422bd1781 100644 +index d78fa3e5330..393119486d3 100644 --- a/util/grub-mkimagexx.c +++ b/util/grub-mkimagexx.c @@ -84,6 +84,15 @@ struct grub_ieee1275_note @@ -264,7 +264,7 @@ index a26cf76f72f..bab12276010 100644 break; } diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index b93c73caac6..b3307fef9b4 100644 +index 7df3191f47e..cf4531e02b6 100644 --- a/include/grub/util/install.h +++ b/include/grub/util/install.h @@ -67,6 +67,9 @@ diff --git a/0177-docs-grub-Document-signing-grub-under-UEFI.patch b/0180-docs-grub-Document-signing-grub-under-UEFI.patch similarity index 92% rename from 0177-docs-grub-Document-signing-grub-under-UEFI.patch rename to 0180-docs-grub-Document-signing-grub-under-UEFI.patch index 2f53d52..9b9b19a 100644 --- a/0177-docs-grub-Document-signing-grub-under-UEFI.patch +++ b/0180-docs-grub-Document-signing-grub-under-UEFI.patch @@ -13,10 +13,10 @@ Signed-off-by: Daniel Axtens 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/docs/grub.texi b/docs/grub.texi -index 75b22231f35..ca36ad0b6b7 100644 +index 4870faaa00a..365d1d6931b 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -5814,6 +5814,7 @@ environment variables and commands are listed in the same order. +@@ -5817,6 +5817,7 @@ environment variables and commands are listed in the same order. * Secure Boot Advanced Targeting:: Embedded information for generation number based revocation * Measured Boot:: Measuring boot components * Lockdown:: Lockdown when booting on a secure setup @@ -24,7 +24,7 @@ index 75b22231f35..ca36ad0b6b7 100644 @end menu @node Authentication and authorisation -@@ -5892,7 +5893,7 @@ commands. +@@ -5895,7 +5896,7 @@ commands. GRUB's @file{core.img} can optionally provide enforcement that all files subsequently read from disk are covered by a valid digital signature. @@ -33,7 +33,7 @@ index 75b22231f35..ca36ad0b6b7 100644 platform's firmware (e.g., Coreboot) validates @file{core.img}. If environment variable @code{check_signatures} -@@ -6064,6 +6065,25 @@ be restricted and some operations/commands cannot be executed. +@@ -6067,6 +6068,25 @@ be restricted and some operations/commands cannot be executed. The @samp{lockdown} variable is set to @samp{y} when the GRUB is locked down. Otherwise it does not exit. diff --git a/0178-docs-grub-Document-signing-grub-with-an-appended-sig.patch b/0181-docs-grub-Document-signing-grub-with-an-appended-sig.patch similarity index 95% rename from 0178-docs-grub-Document-signing-grub-with-an-appended-sig.patch rename to 0181-docs-grub-Document-signing-grub-with-an-appended-sig.patch index 29db2bb..4d85d93 100644 --- a/0178-docs-grub-Document-signing-grub-with-an-appended-sig.patch +++ b/0181-docs-grub-Document-signing-grub-with-an-appended-sig.patch @@ -13,10 +13,10 @@ Signed-off-by: Daniel Axtens 1 file changed, 42 insertions(+) diff --git a/docs/grub.texi b/docs/grub.texi -index ca36ad0b6b7..691ffaa1861 100644 +index 365d1d6931b..afbde7c1f7b 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -6084,6 +6084,48 @@ image works under UEFI secure boot and can maintain the secure-boot chain. It +@@ -6087,6 +6087,48 @@ image works under UEFI secure boot and can maintain the secure-boot chain. It will also be necessary to enrol the public key used into a relevant firmware key database. diff --git a/0179-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch b/0182-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch similarity index 100% rename from 0179-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch rename to 0182-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch diff --git a/0180-pgp-factor-out-rsa_pad.patch b/0183-pgp-factor-out-rsa_pad.patch similarity index 100% rename from 0180-pgp-factor-out-rsa_pad.patch rename to 0183-pgp-factor-out-rsa_pad.patch diff --git a/0181-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch b/0184-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch similarity index 100% rename from 0181-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch rename to 0184-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch diff --git a/0182-posix_wrap-tweaks-in-preparation-for-libtasn1.patch b/0185-posix_wrap-tweaks-in-preparation-for-libtasn1.patch similarity index 100% rename from 0182-posix_wrap-tweaks-in-preparation-for-libtasn1.patch rename to 0185-posix_wrap-tweaks-in-preparation-for-libtasn1.patch diff --git a/0183-libtasn1-import-libtasn1-4.16.0.patch b/0186-libtasn1-import-libtasn1-4.16.0.patch similarity index 100% rename from 0183-libtasn1-import-libtasn1-4.16.0.patch rename to 0186-libtasn1-import-libtasn1-4.16.0.patch diff --git a/0184-libtasn1-disable-code-not-needed-in-grub.patch b/0187-libtasn1-disable-code-not-needed-in-grub.patch similarity index 100% rename from 0184-libtasn1-disable-code-not-needed-in-grub.patch rename to 0187-libtasn1-disable-code-not-needed-in-grub.patch diff --git a/0185-libtasn1-changes-for-grub-compatibility.patch b/0188-libtasn1-changes-for-grub-compatibility.patch similarity index 100% rename from 0185-libtasn1-changes-for-grub-compatibility.patch rename to 0188-libtasn1-changes-for-grub-compatibility.patch diff --git a/0186-libtasn1-compile-into-asn1-module.patch b/0189-libtasn1-compile-into-asn1-module.patch similarity index 100% rename from 0186-libtasn1-compile-into-asn1-module.patch rename to 0189-libtasn1-compile-into-asn1-module.patch diff --git a/0187-test_asn1-test-module-for-libtasn1.patch b/0190-test_asn1-test-module-for-libtasn1.patch similarity index 100% rename from 0187-test_asn1-test-module-for-libtasn1.patch rename to 0190-test_asn1-test-module-for-libtasn1.patch diff --git a/0188-grub-install-support-embedding-x509-certificates.patch b/0191-grub-install-support-embedding-x509-certificates.patch similarity index 96% rename from 0188-grub-install-support-embedding-x509-certificates.patch rename to 0191-grub-install-support-embedding-x509-certificates.patch index 4d13e3c..04722ad 100644 --- a/0188-grub-install-support-embedding-x509-certificates.patch +++ b/0191-grub-install-support-embedding-x509-certificates.patch @@ -33,10 +33,10 @@ index 355a43844ac..b81ac0ae46c 100644 pseudo_file.fs = &pseudo_fs; diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index a53f0a5c496..917904ee73d 100644 +index aab2a941f85..422f82362c7 100644 --- a/util/grub-install-common.c +++ b/util/grub-install-common.c -@@ -334,6 +334,8 @@ static char **pubkeys; +@@ -460,6 +460,8 @@ static char **pubkeys; static size_t npubkeys; static char *sbat; static int disable_shim_lock; @@ -45,7 +45,7 @@ index a53f0a5c496..917904ee73d 100644 static grub_compression_t compression; static size_t appsig_size; -@@ -374,6 +376,11 @@ grub_install_parse (int key, char *arg) +@@ -500,6 +502,11 @@ grub_install_parse (int key, char *arg) return 1; case GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK: disable_shim_lock = 1; @@ -57,7 +57,7 @@ index a53f0a5c496..917904ee73d 100644 return 1; case GRUB_INSTALL_OPTIONS_VERBOSITY: -@@ -501,6 +508,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, +@@ -627,6 +634,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, for (pk = pubkeys; pk < pubkeys + npubkeys; pk++) slen += 20 + grub_strlen (*pk); @@ -67,7 +67,7 @@ index a53f0a5c496..917904ee73d 100644 for (md = modules.entries; *md; md++) { slen += 10 + grub_strlen (*md); -@@ -529,6 +539,14 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, +@@ -655,6 +665,14 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, *p++ = ' '; } @@ -82,7 +82,7 @@ index a53f0a5c496..917904ee73d 100644 for (md = modules.entries; *md; md++) { *p++ = '\''; -@@ -562,7 +580,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, +@@ -688,7 +706,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, grub_install_generate_image (dir, prefix, fp, outname, modules.entries, memdisk_path, @@ -226,7 +226,7 @@ index 55849777eaa..98edc0863f6 100644 /* The module header. */ diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index b3307fef9b4..faecf7b26e2 100644 +index cf4531e02b6..51f3b13ac13 100644 --- a/include/grub/util/install.h +++ b/include/grub/util/install.h @@ -67,6 +67,8 @@ diff --git a/0189-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch b/0192-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch similarity index 100% rename from 0189-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch rename to 0192-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch diff --git a/0190-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch b/0193-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch similarity index 100% rename from 0190-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch rename to 0193-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch diff --git a/0191-appended-signatures-support-verifying-appended-signa.patch b/0194-appended-signatures-support-verifying-appended-signa.patch similarity index 100% rename from 0191-appended-signatures-support-verifying-appended-signa.patch rename to 0194-appended-signatures-support-verifying-appended-signa.patch diff --git a/0192-appended-signatures-verification-tests.patch b/0195-appended-signatures-verification-tests.patch similarity index 86% rename from 0192-appended-signatures-verification-tests.patch rename to 0195-appended-signatures-verification-tests.patch index 8364a90..9f6c3c6 100644 --- a/0192-appended-signatures-verification-tests.patch +++ b/0195-appended-signatures-verification-tests.patch @@ -9,10 +9,10 @@ of commands and behaviours. Signed-off-by: Daniel Axtens --- grub-core/Makefile.core.def | 6 + - grub-core/tests/appended_signature_test.c | 250 ++++++++++++++++ + grub-core/tests/appended_signature_test.c | 281 +++++++++++++++ grub-core/tests/lib/functional_test.c | 1 + - grub-core/tests/appended_signatures.h | 483 ++++++++++++++++++++++++++++++ - 4 files changed, 740 insertions(+) + grub-core/tests/appended_signatures.h | 557 ++++++++++++++++++++++++++++++ + 4 files changed, 845 insertions(+) create mode 100644 grub-core/tests/appended_signature_test.c create mode 100644 grub-core/tests/appended_signatures.h @@ -35,10 +35,10 @@ index 77321d218c8..6bddc841b85 100644 common = tests/signature_test.c; diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c new file mode 100644 -index 00000000000..bb29a85c9bb +index 00000000000..88a485200d8 --- /dev/null +++ b/grub-core/tests/appended_signature_test.c -@@ -0,0 +1,250 @@ +@@ -0,0 +1,281 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2020 IBM Corporation. @@ -136,6 +136,23 @@ index 00000000000..bb29a85c9bb + .get_contents = get_certificate2_der +}; + ++static char * ++get_certificate_printable_der (grub_size_t * sz) ++{ ++ char *ret; ++ *sz = certificate_printable_der_len; ++ ret = grub_malloc (*sz); ++ if (ret) ++ grub_memcpy (ret, certificate_printable_der, *sz); ++ return ret; ++} ++ ++static struct grub_procfs_entry certificate_printable_der_entry = { ++ .name = "certificate_printable.der", ++ .get_contents = get_certificate_printable_der ++}; ++ ++ +static void +do_verify (const char *f, int is_valid) +{ @@ -171,12 +188,16 @@ index 00000000000..bb29a85c9bb + grub_command_t cmd_trust, cmd_distrust; + char *trust_args[] = { (char *) "(proc)/certificate.der", NULL }; + char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL }; ++ char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der", ++ NULL }; + char *distrust_args[] = { (char *) "1", NULL }; + char *distrust2_args[] = { (char *) "2", NULL }; + grub_err_t err; + + grub_procfs_register ("certificate.der", &certificate_der_entry); + grub_procfs_register ("certificate2.der", &certificate2_der_entry); ++ grub_procfs_register ("certificate_printable.der", ++ &certificate_printable_der_entry); + + cmd_trust = grub_command_find ("trust_certificate"); + if (!cmd_trust) @@ -284,8 +305,18 @@ index 00000000000..bb29a85c9bb + grub_errno, grub_errmsg); + DO_TEST (hi_signed_2nd, 0); + ++ /* ++ * Lastly, check a certificate that uses printableString rather than ++ * utf8String loads properly. ++ */ ++ err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable); ++ grub_test_assert (err == GRUB_ERR_NONE, ++ "distrusting printable certificate failed: %d: %s", ++ grub_errno, grub_errmsg); ++ + grub_procfs_unregister (&certificate_der_entry); + grub_procfs_unregister (&certificate2_der_entry); ++ grub_procfs_unregister (&certificate_printable_der_entry); +} + +GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test); @@ -303,10 +334,10 @@ index 96781fb39b5..403fa5c789a 100644 grub_dl_load ("ctz_test"); diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h new file mode 100644 -index 00000000000..d5b56f74ad9 +index 00000000000..aa3dc6278e3 --- /dev/null +++ b/grub-core/tests/appended_signatures.h -@@ -0,0 +1,483 @@ +@@ -0,0 +1,557 @@ +unsigned char certificate_der[] = { + 0x30, 0x82, 0x03, 0x88, 0x30, 0x82, 0x02, 0x70, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x14, 0x25, 0x2e, 0xb8, 0xfd, 0x12, 0x62, 0x2e, 0xcd, 0x5d, @@ -790,3 +821,77 @@ index 00000000000..d5b56f74ad9 + 0x65, 0x64, 0x7e, 0x0a +}; +unsigned int hi_signed_2nd_len = 736; ++ ++unsigned char certificate_printable_der[] = { ++ 0x30, 0x82, 0x03, 0x39, 0x30, 0x82, 0x02, 0x21, 0xa0, 0x03, 0x02, 0x01, ++ 0x02, 0x02, 0x09, 0x00, 0xde, 0xf6, 0x22, 0xc4, 0xf2, 0xf1, 0x86, 0x02, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x0b, 0x05, 0x00, 0x30, 0x2a, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x13, 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, ++ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, ++ 0x43, 0x41, 0x20, 0x32, 0x20, 0x28, 0x62, 0x65, 0x74, 0x61, 0x29, 0x30, ++ 0x1e, 0x17, 0x0d, 0x31, 0x34, 0x31, 0x30, 0x33, 0x31, 0x31, 0x34, 0x31, ++ 0x39, 0x32, 0x33, 0x5a, 0x17, 0x0d, 0x33, 0x37, 0x31, 0x30, 0x32, 0x35, ++ 0x31, 0x34, 0x31, 0x39, 0x32, 0x33, 0x5a, 0x30, 0x2f, 0x31, 0x2d, 0x30, ++ 0x2b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x52, 0x65, 0x64, 0x20, ++ 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, ++ 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, ++ 0x33, 0x20, 0x28, 0x62, 0x65, 0x74, 0x61, 0x29, 0x30, 0x82, 0x01, 0x22, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, ++ 0x02, 0x82, 0x01, 0x01, 0x00, 0xbd, 0xda, 0xa1, 0xed, 0x8d, 0x8e, 0x15, ++ 0x5c, 0xf8, 0x01, 0x77, 0x48, 0x4a, 0x60, 0x96, 0xf9, 0x27, 0xfa, 0xe2, ++ 0xb1, 0x69, 0x0f, 0x51, 0x19, 0x52, 0x7e, 0xc4, 0x34, 0x8e, 0xe1, 0x9b, ++ 0x9c, 0xa4, 0xb1, 0x5c, 0xd6, 0x81, 0x98, 0x78, 0xfe, 0xa9, 0xe5, 0x0b, ++ 0x00, 0xba, 0x9c, 0x64, 0x7e, 0xc7, 0xcc, 0x72, 0xb1, 0x73, 0x4b, 0x11, ++ 0x07, 0x52, 0xf0, 0x20, 0x96, 0x8b, 0x99, 0x39, 0xde, 0xdb, 0xfa, 0x3d, ++ 0x45, 0xe2, 0x98, 0x7b, 0x0c, 0x41, 0xe4, 0x0c, 0xb5, 0x5d, 0x92, 0x74, ++ 0x39, 0x96, 0xe1, 0x97, 0x97, 0xa1, 0xad, 0x2e, 0xcc, 0xd0, 0x1b, 0x4d, ++ 0x9d, 0xbd, 0x3e, 0xa9, 0x36, 0x8e, 0xcc, 0xc7, 0x5f, 0x6a, 0x7d, 0x39, ++ 0x5e, 0x0b, 0x8d, 0xca, 0xe4, 0x83, 0xe9, 0x3b, 0x5c, 0x86, 0x47, 0xd4, ++ 0xba, 0x7d, 0x98, 0x26, 0xa1, 0xf4, 0xe8, 0x90, 0x6b, 0x0f, 0xf1, 0x6b, ++ 0x8c, 0xe3, 0xa2, 0x80, 0x3c, 0x96, 0xf1, 0x0a, 0xb6, 0x66, 0xc0, 0x4b, ++ 0x61, 0xf7, 0x74, 0xcd, 0xd3, 0x7b, 0x8e, 0x5e, 0x39, 0xda, 0x99, 0x20, ++ 0x33, 0x93, 0xd3, 0xf0, 0x7f, 0xad, 0x35, 0xe9, 0x88, 0x8d, 0x9c, 0xbf, ++ 0x65, 0xf1, 0x47, 0x02, 0xf9, 0x7c, 0xed, 0x27, 0x5f, 0x4a, 0x65, 0x3c, ++ 0xcf, 0x5f, 0x0e, 0x88, 0x95, 0x74, 0xde, 0xfb, 0x9e, 0x2e, 0x91, 0x9b, ++ 0x45, 0x37, 0xc8, 0x85, 0xff, 0xe3, 0x41, 0x70, 0xfe, 0xd5, 0xef, 0x0e, ++ 0x82, 0x22, 0x08, 0xb7, 0x3b, 0x44, 0x3e, 0xdc, 0x5b, 0x7f, 0xba, 0xbf, ++ 0xe6, 0x58, 0x9d, 0x02, 0x6e, 0x75, 0xbf, 0x50, 0xec, 0xcf, 0x3f, 0xa5, ++ 0x91, 0x0a, 0xe2, 0x59, 0x2c, 0xc3, 0xe7, 0x05, 0x03, 0xe8, 0xf2, 0x6f, ++ 0x2a, 0x04, 0x68, 0x9a, 0x31, 0x32, 0x8f, 0x04, 0x35, 0xcd, 0x1f, 0x34, ++ 0xcc, 0x4f, 0x79, 0x5a, 0x99, 0x8d, 0x9d, 0x5c, 0xf5, 0x02, 0x03, 0x01, ++ 0x00, 0x01, 0xa3, 0x5d, 0x30, 0x5b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, ++ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0b, 0x06, 0x03, ++ 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, ++ 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x65, 0xc5, 0xbe, 0xca, ++ 0xe6, 0x59, 0x6a, 0xfd, 0x6c, 0x71, 0xc4, 0xa7, 0x98, 0xc6, 0x25, 0x8d, ++ 0x7b, 0x67, 0x05, 0xd0, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, ++ 0x18, 0x30, 0x16, 0x80, 0x14, 0x81, 0xf8, 0xee, 0x47, 0x5c, 0x3e, 0xed, ++ 0xfb, 0xce, 0xa5, 0x84, 0xbe, 0xd7, 0xae, 0xdb, 0xd3, 0x7d, 0x64, 0xb3, ++ 0x2a, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, ++ 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x66, 0x1e, 0x3d, ++ 0x1d, 0x53, 0x33, 0xde, 0x4e, 0xc7, 0xc4, 0xf4, 0xdf, 0xda, 0x18, 0x19, ++ 0x8a, 0xa9, 0xff, 0xe2, 0x63, 0x2b, 0xbe, 0xf2, 0x61, 0x63, 0xe2, 0xf6, ++ 0xed, 0x47, 0x1a, 0x71, 0x02, 0xec, 0x2a, 0xef, 0x89, 0x77, 0xe3, 0xfd, ++ 0x86, 0x69, 0xf1, 0x3f, 0x0d, 0xf9, 0x6e, 0xf9, 0x3b, 0xad, 0x26, 0x47, ++ 0xb7, 0xf2, 0x0d, 0xad, 0x23, 0xa3, 0x67, 0x3b, 0xcb, 0x6d, 0x9e, 0x03, ++ 0x0f, 0xbc, 0x69, 0x73, 0x9f, 0xd4, 0xa5, 0x0f, 0x6f, 0xf8, 0xab, 0x4d, ++ 0x36, 0xd1, 0xe0, 0xe0, 0x5d, 0x20, 0x43, 0x90, 0xc4, 0x65, 0x61, 0x93, ++ 0xe2, 0x0f, 0x51, 0x59, 0x0a, 0xf7, 0x88, 0x70, 0x57, 0xb9, 0x04, 0xa9, ++ 0x32, 0x57, 0x9c, 0xb3, 0x57, 0x38, 0x8b, 0x8e, 0x46, 0xc8, 0x32, 0x6c, ++ 0xb4, 0xf3, 0x96, 0x7f, 0x4b, 0xf0, 0x88, 0xf9, 0x7f, 0xe2, 0x71, 0xe1, ++ 0x8b, 0xe2, 0x14, 0xf1, 0x4b, 0x25, 0x00, 0x48, 0x1c, 0x7e, 0xe5, 0x8d, ++ 0x65, 0x2d, 0xeb, 0x72, 0x4f, 0x92, 0x44, 0xf3, 0xe6, 0xe0, 0xd0, 0xdf, ++ 0x85, 0xa8, 0x13, 0x4a, 0xfb, 0x99, 0xca, 0x14, 0x2c, 0x97, 0x80, 0x93, ++ 0x27, 0xd3, 0x20, 0xf8, 0x6d, 0x29, 0x28, 0x2c, 0xb9, 0x77, 0xea, 0xb1, ++ 0x63, 0xbd, 0x7d, 0x53, 0xfd, 0x4a, 0x62, 0x64, 0x0b, 0x98, 0xa8, 0xae, ++ 0x11, 0xfc, 0x6e, 0x8d, 0x63, 0xd4, 0x15, 0x55, 0xc6, 0x4c, 0x74, 0xf5, ++ 0x5f, 0xa0, 0xb9, 0x2c, 0x2d, 0x9a, 0x7a, 0x87, 0x6e, 0xf0, 0x5e, 0x25, ++ 0xed, 0xfc, 0xd8, 0xc4, 0x34, 0x33, 0x32, 0xad, 0x01, 0xd4, 0x4b, 0x49, ++ 0x51, 0xc2, 0x07, 0x7f, 0x90, 0x6d, 0xea, 0xf5, 0x4c, 0x41, 0x71, 0x64, ++ 0xeb, 0x1f, 0x29, 0xa3, 0x1f, 0x64, 0xa2, 0x1e, 0x0e, 0x6f, 0xa1, 0x67, ++ 0x99, 0x8d, 0x98, 0x1c, 0xb8, 0x53, 0x9d, 0x30, 0x1d, 0xae, 0x32, 0x56, ++ 0xd2 ++}; ++unsigned int certificate_printable_der_len = 829; diff --git a/0193-appended-signatures-documentation.patch b/0196-appended-signatures-documentation.patch similarity index 94% rename from 0193-appended-signatures-documentation.patch rename to 0196-appended-signatures-documentation.patch index c907633..864cfa3 100644 --- a/0193-appended-signatures-documentation.patch +++ b/0196-appended-signatures-documentation.patch @@ -13,10 +13,10 @@ Signed-off-by: Daniel Axtens 1 file changed, 182 insertions(+), 17 deletions(-) diff --git a/docs/grub.texi b/docs/grub.texi -index 691ffaa1861..7b5d7800418 100644 +index afbde7c1f7b..4816be85611 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -3216,6 +3216,7 @@ These variables have special meaning to GRUB. +@@ -3214,6 +3214,7 @@ These variables have special meaning to GRUB. @menu * biosnum:: @@ -24,7 +24,7 @@ index 691ffaa1861..7b5d7800418 100644 * check_signatures:: * chosen:: * cmdpath:: -@@ -3275,11 +3276,18 @@ For an alternative approach which also changes BIOS drive mappings for the +@@ -3273,11 +3274,18 @@ For an alternative approach which also changes BIOS drive mappings for the chain-loaded system, @pxref{drivemap}. @@ -72,7 +72,7 @@ index 691ffaa1861..7b5d7800418 100644 * verify_detached:: Verify detached digital signature * videoinfo:: List available video modes @comment * xen_*:: Xen boot commands for AArch64 -@@ -4373,9 +4385,28 @@ These keys are used to validate signatures when environment variable +@@ -4376,9 +4388,28 @@ These keys are used to validate signatures when environment variable @code{check_signatures} is set to @code{enforce} (@pxref{check_signatures}), and by some invocations of @command{verify_detached} (@pxref{verify_detached}). @xref{Using @@ -102,7 +102,7 @@ index 691ffaa1861..7b5d7800418 100644 @node drivemap @subsection drivemap -@@ -4633,6 +4664,21 @@ This command is only available on x86 systems. +@@ -4636,6 +4667,21 @@ This command is only available on x86 systems. @end deffn @@ -124,7 +124,7 @@ index 691ffaa1861..7b5d7800418 100644 @node list_env @subsection list_env -@@ -4652,7 +4698,7 @@ The output is in GPG's v4 key fingerprint format (i.e., the output of +@@ -4655,7 +4701,7 @@ The output is in GPG's v4 key fingerprint format (i.e., the output of @code{gpg --fingerprint}). The least significant four bytes (last eight hexadecimal digits) can be used as an argument to @command{distrust} (@pxref{distrust}). @@ -133,7 +133,7 @@ index 691ffaa1861..7b5d7800418 100644 these keys. @end deffn -@@ -4687,8 +4733,13 @@ When used with care, @option{--skip-sig} and the whitelist enable an +@@ -4690,8 +4736,13 @@ When used with care, @option{--skip-sig} and the whitelist enable an administrator to configure a system to boot only signed configurations, but to allow the user to select from among multiple configurations, and to enable ``one-shot'' boot attempts and @@ -148,7 +148,7 @@ index 691ffaa1861..7b5d7800418 100644 @end deffn -@@ -4984,7 +5035,7 @@ read. It is possible to modify a digitally signed environment block +@@ -4987,7 +5038,7 @@ read. It is possible to modify a digitally signed environment block file from within GRUB using this command, such that its signature will no longer be valid on subsequent boots. Care should be taken in such advanced configurations to avoid rendering the system @@ -157,7 +157,7 @@ index 691ffaa1861..7b5d7800418 100644 @end deffn -@@ -5384,11 +5435,32 @@ signatures when environment variable @code{check_signatures} is set to +@@ -5387,11 +5438,32 @@ signatures when environment variable @code{check_signatures} is set to must itself be properly signed. The @option{--skip-sig} option can be used to disable signature-checking when reading @var{pubkey_file} itself. It is expected that @option{--skip-sig} is useful for testing @@ -191,7 +191,7 @@ index 691ffaa1861..7b5d7800418 100644 @node unset @subsection unset -@@ -5407,6 +5479,18 @@ only on PC BIOS platforms. +@@ -5410,6 +5482,18 @@ only on PC BIOS platforms. @end deffn @end ignore @@ -210,7 +210,7 @@ index 691ffaa1861..7b5d7800418 100644 @node verify_detached @subsection verify_detached -@@ -5425,7 +5509,7 @@ tried. +@@ -5428,7 +5512,7 @@ tried. Exit code @code{$?} is set to 0 if the signature validates successfully. If validation fails, it is set to a non-zero value. @@ -219,7 +219,7 @@ index 691ffaa1861..7b5d7800418 100644 @end deffn @node videoinfo -@@ -5808,13 +5892,14 @@ environment variables and commands are listed in the same order. +@@ -5811,13 +5895,14 @@ environment variables and commands are listed in the same order. @chapter Security @menu @@ -241,7 +241,7 @@ index 691ffaa1861..7b5d7800418 100644 @end menu @node Authentication and authorisation -@@ -5888,8 +5973,8 @@ generating configuration files with authentication. You can use +@@ -5891,8 +5976,8 @@ generating configuration files with authentication. You can use adding @kbd{set superusers=} and @kbd{password} or @kbd{password_pbkdf2} commands. @@ -252,7 +252,7 @@ index 691ffaa1861..7b5d7800418 100644 GRUB's @file{core.img} can optionally provide enforcement that all files subsequently read from disk are covered by a valid digital signature. -@@ -5982,6 +6067,86 @@ or BIOS) configuration to cause the machine to boot from a different +@@ -5985,6 +6070,86 @@ or BIOS) configuration to cause the machine to boot from a different (attacker-controlled) device. GRUB is at best only one link in a secure boot chain. diff --git a/0197-fs-xfs-Add-bigtime-support-for-xfs-driver.patch b/0197-fs-xfs-Add-bigtime-support-for-xfs-driver.patch deleted file mode 100644 index 7758c0c..0000000 --- a/0197-fs-xfs-Add-bigtime-support-for-xfs-driver.patch +++ /dev/null @@ -1,167 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Carlos Maiolino -Date: Wed, 14 Apr 2021 11:07:20 +0200 -Subject: [PATCH] fs/xfs: Add bigtime support for xfs driver - -XFS filesystem now supports bigtime feature, to overcome y2038 problem. -This patch makes grub able to support xfs filesystems with this feature -enabled. - -xfs counter for bigtime enable timestamps starts on 0, which translates -to INT32_MIN (Dec 31 20:45:52 UTC 1901) in the legacy timestamps. The -conversion to unix timestamps is made before passing the value to -grub-core. - -For this to work properly, grub requires to access flags2 field in the -xfs ondisk inode, so, the grub_xfs_inode structure has been updated to -the full ondisk inode size. - -This patch is enough to make grub work properly with files with -timestamps up to INT32_MAX (y2038), any file with timestamps bigger than -this will overflow the counter, causing grub to show wrong timestamps -(not really much difference on current situation). - -Reviewed-by: Javier Martinez Canillas -Signed-off-by: Carlos Maiolino ---- - grub-core/fs/xfs.c | 69 ++++++++++++++++++++++++++++++++++++++++++------------ - 1 file changed, 54 insertions(+), 15 deletions(-) - -diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c -index 43023e03fb3..2ce76ec70f9 100644 ---- a/grub-core/fs/xfs.c -+++ b/grub-core/fs/xfs.c -@@ -75,10 +75,15 @@ GRUB_MOD_LICENSE ("GPLv3+"); - XFS_SB_VERSION2_PROJID32BIT | \ - XFS_SB_VERSION2_FTYPE) - -+/* Inode flags2 flags */ -+#define XFS_DIFLAG2_BIGTIME_BIT 3 -+#define XFS_DIFLAG2_BIGTIME (1 << XFS_DIFLAG2_BIGTIME_BIT) -+ - /* incompat feature flags */ --#define XFS_SB_FEAT_INCOMPAT_FTYPE (1 << 0) /* filetype in dirent */ --#define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chunks */ --#define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */ -+#define XFS_SB_FEAT_INCOMPAT_FTYPE (1 << 0) /* filetype in dirent */ -+#define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chunks */ -+#define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */ -+#define XFS_SB_FEAT_INCOMPAT_BIGTIME (1 << 3) /* large timestamps */ - - /* - * Directory entries with ftype are explicitly handled by GRUB code. -@@ -92,7 +97,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define XFS_SB_FEAT_INCOMPAT_SUPPORTED \ - (XFS_SB_FEAT_INCOMPAT_FTYPE | \ - XFS_SB_FEAT_INCOMPAT_SPINODES | \ -- XFS_SB_FEAT_INCOMPAT_META_UUID) -+ XFS_SB_FEAT_INCOMPAT_META_UUID | \ -+ XFS_SB_FEAT_INCOMPAT_BIGTIME) - - struct grub_xfs_sblock - { -@@ -177,7 +183,7 @@ struct grub_xfs_btree_root - grub_uint64_t keys[1]; - } GRUB_PACKED; - --struct grub_xfs_time -+struct grub_xfs_time_legacy - { - grub_uint32_t sec; - grub_uint32_t nanosec; -@@ -190,20 +196,23 @@ struct grub_xfs_inode - grub_uint8_t version; - grub_uint8_t format; - grub_uint8_t unused2[26]; -- struct grub_xfs_time atime; -- struct grub_xfs_time mtime; -- struct grub_xfs_time ctime; -+ grub_uint64_t atime; -+ grub_uint64_t mtime; -+ grub_uint64_t ctime; - grub_uint64_t size; - grub_uint64_t nblocks; - grub_uint32_t extsize; - grub_uint32_t nextents; - grub_uint16_t unused3; - grub_uint8_t fork_offset; -- grub_uint8_t unused4[17]; -+ grub_uint8_t unused4[37]; -+ grub_uint64_t flags2; -+ grub_uint8_t unused5[48]; - } GRUB_PACKED; - --#define XFS_V2_INODE_SIZE sizeof(struct grub_xfs_inode) --#define XFS_V3_INODE_SIZE (XFS_V2_INODE_SIZE + 76) -+#define XFS_V3_INODE_SIZE sizeof(struct grub_xfs_inode) -+/* Size of struct grub_xfs_inode until fork_offset (included)*/ -+#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 92) - - struct grub_xfs_dirblock_tail - { -@@ -233,8 +242,6 @@ struct grub_xfs_data - - static grub_dl_t my_mod; - -- -- - static int grub_xfs_sb_hascrc(struct grub_xfs_data *data) - { - return (data->sblock.version & grub_cpu_to_be16_compile_time(XFS_SB_VERSION_NUMBITS)) == -@@ -950,7 +957,6 @@ grub_xfs_mount (grub_disk_t disk) - return 0; - } - -- - /* Context for grub_xfs_dir. */ - struct grub_xfs_dir_ctx - { -@@ -958,6 +964,39 @@ struct grub_xfs_dir_ctx - void *hook_data; - }; - -+/* Bigtime inodes helpers */ -+ -+#define NSEC_PER_SEC 1000000000L -+#define XFS_BIGTIME_EPOCH_OFFSET (-(grub_int64_t)GRUB_INT32_MIN) -+ -+static int grub_xfs_inode_has_bigtime(const struct grub_xfs_inode *inode) -+{ -+ return inode->version >= 3 && -+ (inode->flags2 & grub_cpu_to_be64_compile_time(XFS_DIFLAG2_BIGTIME)); -+} -+ -+static grub_int64_t -+grub_xfs_bigtime_to_unix(grub_uint64_t time) -+{ -+ grub_uint64_t rem; -+ grub_int64_t nsec = NSEC_PER_SEC; -+ grub_int64_t seconds = grub_divmod64((grub_int64_t)time, nsec, &rem); -+ -+ return seconds - XFS_BIGTIME_EPOCH_OFFSET; -+} -+ -+static grub_int64_t -+grub_xfs_get_inode_time(struct grub_xfs_inode *inode) -+{ -+ struct grub_xfs_time_legacy *lts; -+ -+ if (grub_xfs_inode_has_bigtime(inode)) -+ return grub_xfs_bigtime_to_unix(grub_be_to_cpu64(inode->mtime)); -+ -+ lts = (struct grub_xfs_time_legacy *)&inode->mtime; -+ return grub_be_to_cpu32(lts->sec); -+} -+ - /* Helper for grub_xfs_dir. */ - static int - grub_xfs_dir_iter (const char *filename, enum grub_fshelp_filetype filetype, -@@ -970,7 +1009,7 @@ grub_xfs_dir_iter (const char *filename, enum grub_fshelp_filetype filetype, - if (node->inode_read) - { - info.mtimeset = 1; -- info.mtime = grub_be_to_cpu32 (node->inode.mtime.sec); -+ info.mtime = grub_xfs_get_inode_time(&node->inode); - } - info.dir = ((filetype & GRUB_FSHELP_TYPE_MASK) == GRUB_FSHELP_DIR); - grub_free (node); diff --git a/0194-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch b/0197-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch similarity index 97% rename from 0194-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch rename to 0197-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch index cce1d07..40c3b3e 100644 --- a/0194-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch +++ b/0197-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch @@ -93,10 +93,10 @@ index 40531fa823b..ebfee4bf06e 100644 EXPORT_FUNC (grub_lockdown) (void); extern int diff --git a/docs/grub.texi b/docs/grub.texi -index 7b5d7800418..cb5804fd6fe 100644 +index 4816be85611..a4da9c2a1b9 100644 --- a/docs/grub.texi +++ b/docs/grub.texi -@@ -6224,8 +6224,8 @@ Measured boot is currently only supported on EFI platforms. +@@ -6227,8 +6227,8 @@ Measured boot is currently only supported on EFI platforms. @section Lockdown when booting on a secure setup The GRUB can be locked down when booted on a secure boot environment, for example diff --git a/0198-fs-Use-64bit-type-for-filesystem-timestamp.patch b/0198-fs-Use-64bit-type-for-filesystem-timestamp.patch deleted file mode 100644 index 5938deb..0000000 --- a/0198-fs-Use-64bit-type-for-filesystem-timestamp.patch +++ /dev/null @@ -1,327 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Carlos Maiolino -Date: Wed, 14 Apr 2021 11:07:21 +0200 -Subject: [PATCH] fs: Use 64bit type for filesystem timestamp - -Some filesystems nowadays uses 64bit types for timestamps, so, update -grub_dirhook_info struct to use an int64 type to store mtime. This also -updates grub_unixtime2datetime() to receive a 64-bit timestamp -argument and do 64bit-safe divisions. - -All the remaining conversion from 32 to 64 should be safe, as 32 to 64 -attributions will be implicitly casted. The most crictical part in the -32 to 64bits conversion is on grub_unixtime2datetime() where it needs -to deal with the 64bit type, specially with division in x86_architectures, -so, for that, the grub_divmod64() helper has been used. - -These changes enables grub to support dates beyond y2038. - -Reviewed-by: Javier Martinez Canillas -Signed-off-by: Carlos Maiolino ---- - grub-core/fs/affs.c | 2 +- - grub-core/fs/ext2.c | 2 +- - grub-core/fs/fat.c | 4 ++-- - grub-core/fs/hfs.c | 2 +- - grub-core/fs/hfsplus.c | 2 +- - grub-core/fs/iso9660.c | 6 +++--- - grub-core/fs/nilfs2.c | 2 +- - grub-core/fs/squash4.c | 2 +- - grub-core/fs/ufs.c | 2 +- - grub-core/fs/zfs/zfs.c | 2 +- - grub-core/lib/datetime.c | 15 ++++++++++++--- - grub-core/net/bootp.c | 2 +- - grub-core/normal/misc.c | 2 +- - grub-core/tests/sleep_test.c | 4 ++-- - include/grub/datetime.h | 4 ++-- - include/grub/fs.h | 4 ++-- - 16 files changed, 33 insertions(+), 24 deletions(-) - -diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c -index 230e26af0f8..cafcd0fba91 100644 ---- a/grub-core/fs/affs.c -+++ b/grub-core/fs/affs.c -@@ -641,7 +641,7 @@ grub_affs_label (grub_device_t device, char **label) - } - - static grub_err_t --grub_affs_mtime (grub_device_t device, grub_int32_t *t) -+grub_affs_mtime (grub_device_t device, grub_int64_t *t) - { - struct grub_affs_data *data; - grub_disk_t disk = device->disk; -diff --git a/grub-core/fs/ext2.c b/grub-core/fs/ext2.c -index 848bf939dba..e7dd78e6635 100644 ---- a/grub-core/fs/ext2.c -+++ b/grub-core/fs/ext2.c -@@ -1055,7 +1055,7 @@ grub_ext2_uuid (grub_device_t device, char **uuid) - - /* Get mtime. */ - static grub_err_t --grub_ext2_mtime (grub_device_t device, grub_int32_t *tm) -+grub_ext2_mtime (grub_device_t device, grub_int64_t *tm) - { - struct grub_ext2_data *data; - grub_disk_t disk = device->disk; -diff --git a/grub-core/fs/fat.c b/grub-core/fs/fat.c -index 7f775a17038..dd82e4ee35d 100644 ---- a/grub-core/fs/fat.c -+++ b/grub-core/fs/fat.c -@@ -737,7 +737,7 @@ grub_fat_iterate_dir_next (grub_fshelp_node_t node, - * https://docs.microsoft.com/en-us/windows/win32/fileio/exfat-specification - */ - static int --grub_exfat_timestamp (grub_uint32_t field, grub_uint8_t msec, grub_int32_t *nix) { -+grub_exfat_timestamp (grub_uint32_t field, grub_uint8_t msec, grub_int64_t *nix) { - struct grub_datetime datetime = { - .year = (field >> 25) + 1980, - .month = (field & 0x01E00000) >> 21, -@@ -891,7 +891,7 @@ grub_fat_iterate_dir_next (grub_fshelp_node_t node, - * https://www.ecma-international.org/publications/files/ECMA-ST/Ecma-107.pdf - */ - static int --grub_fat_timestamp (grub_uint16_t time, grub_uint16_t date, grub_int32_t *nix) { -+grub_fat_timestamp (grub_uint16_t time, grub_uint16_t date, grub_int64_t *nix) { - struct grub_datetime datetime = { - .year = (date >> 9) + 1980, - .month = (date & 0x01E0) >> 5, -diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c -index 9a5b7bbe906..f419965d154 100644 ---- a/grub-core/fs/hfs.c -+++ b/grub-core/fs/hfs.c -@@ -1374,7 +1374,7 @@ grub_hfs_label (grub_device_t device, char **label) - } - - static grub_err_t --grub_hfs_mtime (grub_device_t device, grub_int32_t *tm) -+grub_hfs_mtime (grub_device_t device, grub_int64_t *tm) - { - struct grub_hfs_data *data; - -diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c -index 2a69055c7ec..19c7b336798 100644 ---- a/grub-core/fs/hfsplus.c -+++ b/grub-core/fs/hfsplus.c -@@ -1083,7 +1083,7 @@ grub_hfsplus_label (grub_device_t device, char **label) - - /* Get mtime. */ - static grub_err_t --grub_hfsplus_mtime (grub_device_t device, grub_int32_t *tm) -+grub_hfsplus_mtime (grub_device_t device, grub_int64_t *tm) - { - struct grub_hfsplus_data *data; - grub_disk_t disk = device->disk; -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index 5ec4433b8f8..ac011950a64 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -178,7 +178,7 @@ static grub_dl_t my_mod; - - - static grub_err_t --iso9660_to_unixtime (const struct grub_iso9660_date *i, grub_int32_t *nix) -+iso9660_to_unixtime (const struct grub_iso9660_date *i, grub_int64_t *nix) - { - struct grub_datetime datetime; - -@@ -206,7 +206,7 @@ iso9660_to_unixtime (const struct grub_iso9660_date *i, grub_int32_t *nix) - } - - static int --iso9660_to_unixtime2 (const struct grub_iso9660_date2 *i, grub_int32_t *nix) -+iso9660_to_unixtime2 (const struct grub_iso9660_date2 *i, grub_int64_t *nix) - { - struct grub_datetime datetime; - -@@ -1107,7 +1107,7 @@ grub_iso9660_uuid (grub_device_t device, char **uuid) - - /* Get writing time of filesystem. */ - static grub_err_t --grub_iso9660_mtime (grub_device_t device, grub_int32_t *timebuf) -+grub_iso9660_mtime (grub_device_t device, grub_int64_t *timebuf) - { - struct grub_iso9660_data *data; - grub_disk_t disk = device->disk; -diff --git a/grub-core/fs/nilfs2.c b/grub-core/fs/nilfs2.c -index 9b76982b3b0..3c248a910b4 100644 ---- a/grub-core/fs/nilfs2.c -+++ b/grub-core/fs/nilfs2.c -@@ -1186,7 +1186,7 @@ grub_nilfs2_uuid (grub_device_t device, char **uuid) - - /* Get mtime. */ - static grub_err_t --grub_nilfs2_mtime (grub_device_t device, grub_int32_t * tm) -+grub_nilfs2_mtime (grub_device_t device, grub_int64_t * tm) - { - struct grub_nilfs2_data *data; - grub_disk_t disk = device->disk; -diff --git a/grub-core/fs/squash4.c b/grub-core/fs/squash4.c -index a5f35c10e2f..6dd731e231e 100644 ---- a/grub-core/fs/squash4.c -+++ b/grub-core/fs/squash4.c -@@ -1003,7 +1003,7 @@ grub_squash_close (grub_file_t file) - } - - static grub_err_t --grub_squash_mtime (grub_device_t dev, grub_int32_t *tm) -+grub_squash_mtime (grub_device_t dev, grub_int64_t *tm) - { - struct grub_squash_data *data = 0; - -diff --git a/grub-core/fs/ufs.c b/grub-core/fs/ufs.c -index fca46baa19d..34a698b71b8 100644 ---- a/grub-core/fs/ufs.c -+++ b/grub-core/fs/ufs.c -@@ -837,7 +837,7 @@ grub_ufs_uuid (grub_device_t device, char **uuid) - - /* Get mtime. */ - static grub_err_t --grub_ufs_mtime (grub_device_t device, grub_int32_t *tm) -+grub_ufs_mtime (grub_device_t device, grub_int64_t *tm) - { - struct grub_ufs_data *data = 0; - -diff --git a/grub-core/fs/zfs/zfs.c b/grub-core/fs/zfs/zfs.c -index f9e755197c5..cf4d2ab189a 100644 ---- a/grub-core/fs/zfs/zfs.c -+++ b/grub-core/fs/zfs/zfs.c -@@ -3771,7 +3771,7 @@ zfs_uuid (grub_device_t device, char **uuid) - } - - static grub_err_t --zfs_mtime (grub_device_t device, grub_int32_t *mt) -+zfs_mtime (grub_device_t device, grub_int64_t *mt) - { - struct grub_zfs_data *data; - grub_zfs_endian_t ub_endian = GRUB_ZFS_UNKNOWN_ENDIAN; -diff --git a/grub-core/lib/datetime.c b/grub-core/lib/datetime.c -index 95b8c9ff5e3..3e84fa1dbc4 100644 ---- a/grub-core/lib/datetime.c -+++ b/grub-core/lib/datetime.c -@@ -19,6 +19,7 @@ - - #include - #include -+#include - - static const char *const grub_weekday_names[] = - { -@@ -60,9 +61,10 @@ grub_get_weekday_name (struct grub_datetime *datetime) - - - void --grub_unixtime2datetime (grub_int32_t nix, struct grub_datetime *datetime) -+grub_unixtime2datetime (grub_int64_t nix, struct grub_datetime *datetime) - { - int i; -+ grub_uint64_t rem; - grub_uint8_t months[12] = {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}; - /* In the period of validity of unixtime all years divisible by 4 - are bissextile*/ -@@ -75,9 +77,16 @@ grub_unixtime2datetime (grub_int32_t nix, struct grub_datetime *datetime) - unsigned secs_in_day; - /* Transform C divisions and modulos to mathematical ones */ - if (nix < 0) -- days_epoch = -(((unsigned) (SECPERDAY-nix-1)) / SECPERDAY); -+ /* -+ * the division here shouldn't be larger than INT_MAX, -+ * so, it's safe to store the result back in an int -+ */ -+ days_epoch = -(grub_divmod64(((grub_int64_t)(SECPERDAY) - nix - 1), -+ SECPERDAY, -+ &rem)); - else -- days_epoch = ((unsigned) nix) / SECPERDAY; -+ days_epoch = grub_divmod64(nix, SECPERDAY, &rem); -+ - secs_in_day = nix - days_epoch * SECPERDAY; - days = days_epoch + 69 * DAYSPERYEAR + 17; - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 8f2f55c0079..7baf3540c81 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -610,7 +610,7 @@ send_dhcp_packet (struct grub_net_network_level_interface *iface) - grub_err_t err; - struct grub_net_bootp_packet *pack; - struct grub_datetime date; -- grub_int32_t t = 0; -+ grub_int64_t t = 0; - struct grub_net_buff *nb; - struct udphdr *udph; - grub_net_network_level_address_t target; -diff --git a/grub-core/normal/misc.c b/grub-core/normal/misc.c -index 8bb6da31fb3..f7e9e3ac4a1 100644 ---- a/grub-core/normal/misc.c -+++ b/grub-core/normal/misc.c -@@ -136,7 +136,7 @@ grub_normal_print_device_info (const char *name) - } - if (fs->fs_mtime) - { -- grub_int32_t tm; -+ grub_int64_t tm; - struct grub_datetime datetime; - (fs->fs_mtime) (dev, &tm); - if (grub_errno == GRUB_ERR_NONE) -diff --git a/grub-core/tests/sleep_test.c b/grub-core/tests/sleep_test.c -index 3d11c717cb7..63f6713165f 100644 ---- a/grub-core/tests/sleep_test.c -+++ b/grub-core/tests/sleep_test.c -@@ -32,7 +32,7 @@ static void - sleep_test (void) - { - struct grub_datetime st, en; -- grub_int32_t stu = 0, enu = 0; -+ grub_int64_t stu = 0, enu = 0; - int is_delayok; - grub_test_assert (!grub_get_datetime (&st), "Couldn't retrieve start time"); - grub_millisleep (10000); -@@ -45,7 +45,7 @@ sleep_test (void) - if (enu - stu >= 15 && enu - stu <= 17) - is_delayok = 1; - #endif -- grub_test_assert (is_delayok, "Interval out of range: %d", enu-stu); -+ grub_test_assert (is_delayok, "Interval out of range: %lld", enu-stu); - - } - -diff --git a/include/grub/datetime.h b/include/grub/datetime.h -index fef281404d7..23ae0791ced 100644 ---- a/include/grub/datetime.h -+++ b/include/grub/datetime.h -@@ -48,11 +48,11 @@ grub_err_t grub_set_datetime (struct grub_datetime *datetime); - int grub_get_weekday (struct grub_datetime *datetime); - const char *grub_get_weekday_name (struct grub_datetime *datetime); - --void grub_unixtime2datetime (grub_int32_t nix, -+void grub_unixtime2datetime (grub_int64_t nix, - struct grub_datetime *datetime); - - static inline int --grub_datetime2unixtime (const struct grub_datetime *datetime, grub_int32_t *nix) -+grub_datetime2unixtime (const struct grub_datetime *datetime, grub_int64_t *nix) - { - grub_int32_t ret; - int y4, ay; -diff --git a/include/grub/fs.h b/include/grub/fs.h -index 302e48d4b50..026bc3bb861 100644 ---- a/include/grub/fs.h -+++ b/include/grub/fs.h -@@ -39,7 +39,7 @@ struct grub_dirhook_info - unsigned mtimeset:1; - unsigned case_insensitive:1; - unsigned inodeset:1; -- grub_int32_t mtime; -+ grub_int64_t mtime; - grub_uint64_t inode; - }; - -@@ -81,7 +81,7 @@ struct grub_fs - grub_err_t (*fs_uuid) (grub_device_t device, char **uuid); - - /* Get writing time of filesystem. */ -- grub_err_t (*fs_mtime) (grub_device_t device, grub_int32_t *timebuf); -+ grub_err_t (*fs_mtime) (grub_device_t device, grub_int64_t *timebuf); - - #ifdef GRUB_UTIL - /* Determine sectors available for embedding. */ diff --git a/0199-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch b/0198-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch similarity index 100% rename from 0199-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch rename to 0198-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch diff --git a/0200-ieee1275-claim-more-memory.patch b/0199-ieee1275-claim-more-memory.patch similarity index 99% rename from 0200-ieee1275-claim-more-memory.patch rename to 0199-ieee1275-claim-more-memory.patch index d1156ca..001a9df 100644 --- a/0200-ieee1275-claim-more-memory.patch +++ b/0199-ieee1275-claim-more-memory.patch @@ -227,7 +227,7 @@ index 0dcd114ce54..c61d91a0285 100644 #endif diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi -index a55af53fd45..008bd7a3c34 100644 +index 19f708ee662..90083772c8a 100644 --- a/docs/grub-dev.texi +++ b/docs/grub-dev.texi @@ -1047,7 +1047,9 @@ space is limited to 4GiB. GRUB allocates pages from EFI for its heap, at most diff --git a/0201-ieee1275-request-memory-with-ibm-client-architecture.patch b/0200-ieee1275-request-memory-with-ibm-client-architecture.patch similarity index 100% rename from 0201-ieee1275-request-memory-with-ibm-client-architecture.patch rename to 0200-ieee1275-request-memory-with-ibm-client-architecture.patch diff --git a/0201-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch b/0201-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch new file mode 100644 index 0000000..a237a21 --- /dev/null +++ b/0201-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch @@ -0,0 +1,315 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Sat, 8 May 2021 02:27:58 +0200 +Subject: [PATCH] appendedsig/x509: Also handle the Extended Key Usage + extension + +Red Hat certificates have both Key Usage and Extended Key Usage extensions +present, but the appended signatures x509 parser doesn't handle the latter +and so buils due finding an unrecognised critical extension: + +Error loading initial key: +../../grub-core/commands/appendedsig/x509.c:780:Unhandled critical x509 extension with OID 2.5.29.37 + +Fix this by also parsing the Extended Key Usage extension and handle it by +verifying that the certificate has a single purpose, that is code signing. + +Signed-off-by: Javier Martinez Canillas +Signed-off-by: Daniel Axtens +--- + grub-core/commands/appendedsig/x509.c | 94 ++++++++++++++++++++++++++++++- + grub-core/tests/appended_signature_test.c | 29 +++++++++- + grub-core/tests/appended_signatures.h | 81 ++++++++++++++++++++++++++ + 3 files changed, 201 insertions(+), 3 deletions(-) + +diff --git a/grub-core/commands/appendedsig/x509.c b/grub-core/commands/appendedsig/x509.c +index 2b38b3670a2..42ec65c54aa 100644 +--- a/grub-core/commands/appendedsig/x509.c ++++ b/grub-core/commands/appendedsig/x509.c +@@ -47,6 +47,12 @@ const char *keyUsage_oid = "2.5.29.15"; + */ + const char *basicConstraints_oid = "2.5.29.19"; + ++/* ++ * RFC 5280 4.2.1.12 Extended Key Usage ++ */ ++const char *extendedKeyUsage_oid = "2.5.29.37"; ++const char *codeSigningUsage_oid = "1.3.6.1.5.5.7.3.3"; ++ + /* + * RFC 3279 2.3.1 + * +@@ -637,6 +643,77 @@ cleanup: + return err; + } + ++/* ++ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId ++ * ++ * KeyPurposeId ::= OBJECT IDENTIFIER ++ */ ++static grub_err_t ++verify_extended_key_usage (grub_uint8_t * value, int value_size) ++{ ++ asn1_node extendedasn; ++ int result, count; ++ grub_err_t err = GRUB_ERR_NONE; ++ char usage[MAX_OID_LEN]; ++ int usage_size = sizeof (usage); ++ ++ result = ++ asn1_create_element (_gnutls_pkix_asn, "PKIX1.ExtKeyUsageSyntax", ++ &extendedasn); ++ if (result != ASN1_SUCCESS) ++ { ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ "Could not create ASN.1 structure for Extended Key Usage"); ++ } ++ ++ result = asn1_der_decoding2 (&extendedasn, value, &value_size, ++ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error parsing DER for Extended Key Usage: %s", ++ asn1_error); ++ goto cleanup; ++ } ++ ++ /* ++ * If EKUs are present, there must be exactly 1 and it must be a ++ * codeSigning usage. ++ */ ++ result = asn1_number_of_elements(extendedasn, "", &count); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error counting number of Extended Key Usages: %s", ++ asn1_strerror (result)); ++ goto cleanup; ++ } ++ ++ result = asn1_read_value (extendedasn, "?1", usage, &usage_size); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error reading Extended Key Usage: %s", ++ asn1_strerror (result)); ++ goto cleanup; ++ } ++ ++ if (grub_strncmp (codeSigningUsage_oid, usage, usage_size) != 0) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Unexpected Extended Key Usage OID, got: %s", ++ usage); ++ goto cleanup; ++ } ++ ++cleanup: ++ asn1_delete_structure (&extendedasn); ++ return err; ++} + + /* + * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension +@@ -660,7 +737,7 @@ verify_extensions (asn1_node cert) + { + int result; + int ext, num_extensions = 0; +- int usage_present = 0, constraints_present = 0; ++ int usage_present = 0, constraints_present = 0, extended_usage_present = 0; + char *oid_path, *critical_path, *value_path; + char extnID[MAX_OID_LEN]; + int extnID_size; +@@ -754,6 +831,15 @@ verify_extensions (asn1_node cert) + } + constraints_present++; + } ++ else if (grub_strncmp (extendedKeyUsage_oid, extnID, extnID_size) == 0) ++ { ++ err = verify_extended_key_usage (value, value_size); ++ if (err != GRUB_ERR_NONE) ++ { ++ goto cleanup_value; ++ } ++ extended_usage_present++; ++ } + else if (grub_strncmp ("TRUE", critical, critical_size) == 0) + { + /* +@@ -785,6 +871,12 @@ verify_extensions (asn1_node cert) + "Unexpected number of basic constraints extensions - expected 1, got %d", + constraints_present); + } ++ if (extended_usage_present > 1) ++ { ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Unexpected number of Extended Key Usage extensions - expected 0 or 1, got %d", ++ extended_usage_present); ++ } + return GRUB_ERR_NONE; + + cleanup_value: +diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c +index 88a485200d8..dbba0616621 100644 +--- a/grub-core/tests/appended_signature_test.c ++++ b/grub-core/tests/appended_signature_test.c +@@ -111,6 +111,22 @@ static struct grub_procfs_entry certificate_printable_der_entry = { + .get_contents = get_certificate_printable_der + }; + ++static char * ++get_certificate_eku_der (grub_size_t * sz) ++{ ++ char *ret; ++ *sz = certificate_eku_der_len; ++ ret = grub_malloc (*sz); ++ if (ret) ++ grub_memcpy (ret, certificate_eku_der, *sz); ++ return ret; ++} ++ ++static struct grub_procfs_entry certificate_eku_der_entry = { ++ .name = "certificate_eku.der", ++ .get_contents = get_certificate_eku_der ++}; ++ + + static void + do_verify (const char *f, int is_valid) +@@ -149,6 +165,7 @@ appended_signature_test (void) + char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL }; + char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der", + NULL }; ++ char *trust_args_eku[] = { (char *) "(proc)/certificate_eku.der", NULL }; + char *distrust_args[] = { (char *) "1", NULL }; + char *distrust2_args[] = { (char *) "2", NULL }; + grub_err_t err; +@@ -157,6 +174,7 @@ appended_signature_test (void) + grub_procfs_register ("certificate2.der", &certificate2_der_entry); + grub_procfs_register ("certificate_printable.der", + &certificate_printable_der_entry); ++ grub_procfs_register ("certificate_eku.der", &certificate_eku_der_entry); + + cmd_trust = grub_command_find ("trust_certificate"); + if (!cmd_trust) +@@ -266,16 +284,23 @@ appended_signature_test (void) + + /* + * Lastly, check a certificate that uses printableString rather than +- * utf8String loads properly. ++ * utf8String loads properly, and that a certificate with an appropriate ++ * extended key usage loads. + */ + err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable); + grub_test_assert (err == GRUB_ERR_NONE, +- "distrusting printable certificate failed: %d: %s", ++ "trusting printable certificate failed: %d: %s", ++ grub_errno, grub_errmsg); ++ ++ err = (cmd_trust->func) (cmd_trust, 1, trust_args_eku); ++ grub_test_assert (err == GRUB_ERR_NONE, ++ "trusting certificate with extended key usage failed: %d: %s", + grub_errno, grub_errmsg); + + grub_procfs_unregister (&certificate_der_entry); + grub_procfs_unregister (&certificate2_der_entry); + grub_procfs_unregister (&certificate_printable_der_entry); ++ grub_procfs_unregister (&certificate_eku_der_entry); + } + + GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test); +diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h +index aa3dc6278e3..2e5ebd7d8bd 100644 +--- a/grub-core/tests/appended_signatures.h ++++ b/grub-core/tests/appended_signatures.h +@@ -555,3 +555,84 @@ unsigned char certificate_printable_der[] = { + 0xd2 + }; + unsigned int certificate_printable_der_len = 829; ++ ++unsigned char certificate_eku_der[] = { ++ 0x30, 0x82, 0x03, 0x90, 0x30, 0x82, 0x02, 0x78, 0xa0, 0x03, 0x02, 0x01, ++ 0x02, 0x02, 0x09, 0x00, 0xd3, 0x9c, 0x41, 0x33, 0xdd, 0x6b, 0x5f, 0x45, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x0b, 0x05, 0x00, 0x30, 0x47, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x18, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, ++ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, ++ 0x43, 0x41, 0x20, 0x36, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2a, 0x86, ++ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x13, 0x73, 0x65, 0x63, ++ 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, 0x64, 0x68, 0x61, 0x74, ++ 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, ++ 0x31, 0x35, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, 0x17, 0x0d, 0x33, ++ 0x38, 0x30, 0x31, 0x31, 0x37, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, ++ 0x30, 0x4e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, ++ 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63, ++ 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67, ++ 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x36, 0x30, 0x32, 0x31, 0x22, 0x30, 0x20, ++ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, ++ 0x13, 0x73, 0x65, 0x63, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, ++ 0x64, 0x68, 0x61, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, ++ 0x02, 0x82, 0x01, 0x01, 0x00, 0xaa, 0x6f, 0xbb, 0x92, 0x77, 0xd7, 0x15, ++ 0xef, 0x88, 0x80, 0x88, 0xc0, 0xe7, 0x89, 0xeb, 0x35, 0x76, 0xf4, 0x85, ++ 0x05, 0x0f, 0x19, 0xe4, 0x5f, 0x25, 0xdd, 0xc1, 0xa2, 0xe5, 0x5c, 0x06, ++ 0xfb, 0xf1, 0x06, 0xb5, 0x65, 0x45, 0xcb, 0xbd, 0x19, 0x33, 0x54, 0xb5, ++ 0x1a, 0xcd, 0xe4, 0xa8, 0x35, 0x2a, 0xfe, 0x9c, 0x53, 0xf4, 0xc6, 0x76, ++ 0xdb, 0x1f, 0x8a, 0xd4, 0x7b, 0x18, 0x11, 0xaf, 0xa3, 0x90, 0xd4, 0xdd, ++ 0x4d, 0xd5, 0x42, 0xcc, 0x14, 0x9a, 0x64, 0x6b, 0xc0, 0x7f, 0xaa, 0x1c, ++ 0x94, 0x47, 0x4d, 0x79, 0xbd, 0x57, 0x9a, 0xbf, 0x99, 0x4e, 0x96, 0xa9, ++ 0x31, 0x2c, 0xa9, 0xe7, 0x14, 0x65, 0x86, 0xc8, 0xac, 0x79, 0x5e, 0x78, ++ 0xa4, 0x3c, 0x00, 0x24, 0xd3, 0xf7, 0xe1, 0xf5, 0x12, 0xad, 0xa0, 0x29, ++ 0xe5, 0xfe, 0x80, 0xae, 0xf8, 0xaa, 0x60, 0x36, 0xe7, 0xe8, 0x94, 0xcb, ++ 0xe9, 0xd1, 0xcc, 0x0b, 0x4d, 0xf7, 0xde, 0xeb, 0x52, 0xd2, 0x73, 0x09, ++ 0x28, 0xdf, 0x48, 0x99, 0x53, 0x9f, 0xc5, 0x9a, 0xd4, 0x36, 0xa3, 0xc6, ++ 0x5e, 0x8d, 0xbe, 0xd5, 0xdc, 0x76, 0xb4, 0x74, 0xb8, 0x26, 0x18, 0x27, ++ 0xfb, 0xf2, 0xfb, 0xd0, 0x9b, 0x3d, 0x7f, 0x10, 0xe2, 0xab, 0x44, 0xc7, ++ 0x88, 0x7f, 0xb4, 0x3d, 0x3e, 0xa3, 0xff, 0x6d, 0x06, 0x4b, 0x3e, 0x55, ++ 0xb2, 0x84, 0xf4, 0xad, 0x54, 0x88, 0x81, 0xc3, 0x9c, 0xf8, 0xb6, 0x68, ++ 0x96, 0x38, 0x8b, 0xcd, 0x90, 0x6d, 0x25, 0x4b, 0xbf, 0x0c, 0x44, 0x90, ++ 0xa5, 0x5b, 0x98, 0xd0, 0x40, 0x2f, 0xbb, 0x0d, 0xa8, 0x4b, 0x8a, 0x62, ++ 0x82, 0x46, 0x46, 0x18, 0x38, 0xae, 0x82, 0x07, 0xd0, 0xb4, 0x2f, 0x16, ++ 0x79, 0x55, 0x9f, 0x1b, 0xc5, 0x08, 0x6d, 0x85, 0xdf, 0x3f, 0xa9, 0x9b, ++ 0x4b, 0xc6, 0x28, 0xd3, 0x58, 0x72, 0x3d, 0x37, 0x11, 0x02, 0x03, 0x01, ++ 0x00, 0x01, 0xa3, 0x78, 0x30, 0x76, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, ++ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, ++ 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, ++ 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, ++ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03, ++ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6c, ++ 0xe4, 0x6c, 0x27, 0xaa, 0xcd, 0x0d, 0x4b, 0x74, 0x21, 0xa4, 0xf6, 0x5f, ++ 0x87, 0xb5, 0x31, 0xfe, 0x10, 0xbb, 0xa7, 0x30, 0x1f, 0x06, 0x03, 0x55, ++ 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xe8, 0x6a, 0x1c, 0xab, ++ 0x2c, 0x48, 0xf9, 0x60, 0x36, 0xa2, 0xf0, 0x7b, 0x8e, 0xd2, 0x9d, 0xb4, ++ 0x2a, 0x28, 0x98, 0xc8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, ++ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, ++ 0x55, 0x34, 0xe2, 0xfa, 0xf6, 0x89, 0x86, 0xad, 0x92, 0x21, 0xec, 0xb9, ++ 0x54, 0x0e, 0x18, 0x47, 0x0d, 0x1b, 0xa7, 0x58, 0xad, 0x69, 0xe4, 0xef, ++ 0x3b, 0xe6, 0x8d, 0xdd, 0xda, 0x0c, 0x45, 0xf6, 0xe8, 0x96, 0xa4, 0x29, ++ 0x0f, 0xbb, 0xcf, 0x16, 0xae, 0x93, 0xd0, 0xcb, 0x2a, 0x26, 0x1a, 0x7b, ++ 0xfc, 0x51, 0x22, 0x76, 0x98, 0x31, 0xa7, 0x0f, 0x29, 0x35, 0x79, 0xbf, ++ 0xe2, 0x4f, 0x0f, 0x14, 0xf5, 0x1f, 0xcb, 0xbf, 0x87, 0x65, 0x13, 0x32, ++ 0xa3, 0x19, 0x4a, 0xd1, 0x3f, 0x45, 0xd4, 0x4b, 0xe2, 0x00, 0x26, 0xa9, ++ 0x3e, 0xd7, 0xa5, 0x37, 0x9f, 0xf5, 0xad, 0x61, 0xe2, 0x40, 0xa9, 0x74, ++ 0x24, 0x53, 0xf2, 0x78, 0xeb, 0x10, 0x9b, 0x2c, 0x27, 0x88, 0x46, 0xcb, ++ 0xe4, 0x60, 0xca, 0xf5, 0x06, 0x24, 0x40, 0x2a, 0x97, 0x3a, 0xcc, 0xd0, ++ 0x81, 0xb1, 0x15, 0xa3, 0x4f, 0xd0, 0x2b, 0x4f, 0xca, 0x6e, 0xaa, 0x24, ++ 0x31, 0xb3, 0xac, 0xa6, 0x75, 0x05, 0xfe, 0x8a, 0xf4, 0x41, 0xc4, 0x06, ++ 0x8a, 0xc7, 0x0a, 0x83, 0x4e, 0x49, 0xd4, 0x3f, 0x83, 0x50, 0xec, 0x57, ++ 0x04, 0x97, 0x14, 0x49, 0xf5, 0xe1, 0xb1, 0x7a, 0x9c, 0x09, 0x4f, 0x61, ++ 0x87, 0xc3, 0x97, 0x22, 0x17, 0xc2, 0xeb, 0xcc, 0x32, 0x81, 0x31, 0x21, ++ 0x3f, 0x10, 0x57, 0x5b, 0x43, 0xbe, 0xcd, 0x68, 0x82, 0xbe, 0xe5, 0xc1, ++ 0x65, 0x94, 0x7e, 0xc2, 0x34, 0x76, 0x2b, 0xcf, 0x89, 0x3c, 0x2b, 0x81, ++ 0x23, 0x72, 0x95, 0xcf, 0xc9, 0x67, 0x19, 0x2a, 0xd5, 0x5c, 0xca, 0xa3, ++ 0x46, 0xbd, 0x48, 0x06, 0x0b, 0xa6, 0xa3, 0x96, 0x50, 0x28, 0xc7, 0x7e, ++ 0xcf, 0x62, 0xf2, 0xfa, 0xc4, 0xf2, 0x53, 0xe3, 0xc9, 0xe8, 0x2e, 0xdd, ++ 0x29, 0x37, 0x07, 0x47, 0xff, 0xff, 0x8a, 0x32, 0xbd, 0xa2, 0xb7, 0x21, ++ 0x89, 0xa0, 0x55, 0xf7 ++}; ++unsigned int certificate_eku_der_len = 916; diff --git a/0202-ieee1275-ofdisk-retry-on-open-failure.patch b/0202-ieee1275-ofdisk-retry-on-open-failure.patch new file mode 100644 index 0000000..275d14f --- /dev/null +++ b/0202-ieee1275-ofdisk-retry-on-open-failure.patch @@ -0,0 +1,103 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Diego Domingos +Date: Wed, 10 Mar 2021 14:17:52 -0500 +Subject: [PATCH] ieee1275/ofdisk: retry on open failure + +This patch aims to make grub more robust when booting from SAN/Multipath disks. + +If a path is failing intermittently so grub will retry the OPEN and READ the +disk (grub_ieee1275_open and grub_ieee1275_read) until the total amount of times +specified in MAX_RETRIES. + +Signed-off-by: Diego Domingos +--- + grub-core/disk/ieee1275/ofdisk.c | 25 ++++++++++++++++++++----- + include/grub/ieee1275/ofdisk.h | 8 ++++++++ + 2 files changed, 28 insertions(+), 5 deletions(-) + +diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c +index ea7f78ac7d8..55346849d35 100644 +--- a/grub-core/disk/ieee1275/ofdisk.c ++++ b/grub-core/disk/ieee1275/ofdisk.c +@@ -225,7 +225,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) + char *buf, *bufptr; + unsigned i; + +- if (grub_ieee1275_open (alias->path, &ihandle)) ++ ++ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle) ++ if (! ihandle) + return; + + /* This method doesn't need memory allocation for the table. Open +@@ -305,7 +307,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) + return; + } + +- if (grub_ieee1275_open (alias->path, &ihandle)) ++ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle); ++ ++ if (! ihandle) + { + grub_free (buf); + grub_free (table); +@@ -495,7 +499,7 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) + last_ihandle = 0; + last_devpath = NULL; + +- grub_ieee1275_open (op->open_path, &last_ihandle); ++ RETRY_IEEE1275_OFDISK_OPEN(op->open_path, &last_ihandle); + if (! last_ihandle) + return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); + last_devpath = op->open_path; +@@ -571,7 +575,7 @@ grub_ofdisk_prepare (grub_disk_t disk, grub_disk_addr_t sector) + last_ihandle = 0; + last_devpath = NULL; + +- grub_ieee1275_open (disk->data, &last_ihandle); ++ RETRY_IEEE1275_OFDISK_OPEN(disk->data, &last_ihandle); + if (! last_ihandle) + return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); + last_devpath = disk->data; +@@ -598,12 +602,23 @@ grub_ofdisk_read (grub_disk_t disk, grub_disk_addr_t sector, + return err; + grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, + &actual); +- if (actual != (grub_ssize_t) (size << disk->log_sector_size)) ++ int i = 0; ++ while(actual != (grub_ssize_t) (size << disk->log_sector_size)){ ++ if (i>MAX_RETRIES){ + return grub_error (GRUB_ERR_READ_ERROR, N_("failure reading sector 0x%llx " + "from `%s'"), + (unsigned long long) sector, + disk->name); ++ } ++ last_devpath = NULL; ++ err = grub_ofdisk_prepare (disk, sector); ++ if (err) ++ return err; + ++ grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, ++ &actual); ++ i++; ++ } + return 0; + } + +diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h +index 2f69e3f191d..7d2d5409305 100644 +--- a/include/grub/ieee1275/ofdisk.h ++++ b/include/grub/ieee1275/ofdisk.h +@@ -22,4 +22,12 @@ + extern void grub_ofdisk_init (void); + extern void grub_ofdisk_fini (void); + ++#define MAX_RETRIES 20 ++ ++ ++#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \ ++ if(!grub_ieee1275_open(device, last_ihandle)) \ ++ break; \ ++ grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); } ++ + #endif /* ! GRUB_INIT_HEADER */ diff --git a/0202-xfs-Include-needsrepair-in-the-supported-incompat-fe.patch b/0202-xfs-Include-needsrepair-in-the-supported-incompat-fe.patch deleted file mode 100644 index fbffc3c..0000000 --- a/0202-xfs-Include-needsrepair-in-the-supported-incompat-fe.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Mon, 3 May 2021 16:57:17 +0200 -Subject: [PATCH] xfs: Include needsrepair in the supported incompat features - list - -XFS now has an incompat feature flag to indicate that the filesystem needs -to be repaired. The Linux kernel refuses to mount a filesystem that has it -set and only the xfs_repair tool is able to clear that flag. - -The GRUB doesn't have the concept of mounting filesystems and just attempt -to read the files. But it does some sanity checking, before attempting to -read from a filesystem. - -Among the things that are tested, is if the super block only has set the -incompatible features flags that are supported by GRUB. If it contains any -flags that are not listed as supported, reading the XFS filesystem fails. - -Since GRUB doesn't attempt to detect if the filesystem is inconsistent nor -replays the journal, just ignore if a filesystem needs to be repaired too. - -But print a message if grub_xfs_mount() fails, to give more information to -the user about why that could had been the case. - -Suggested-by: Eric Sandeen -Signed-off-by: Javier Martinez Canillas ---- - grub-core/fs/xfs.c | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c -index 2ce76ec70f9..c4c1bca39a8 100644 ---- a/grub-core/fs/xfs.c -+++ b/grub-core/fs/xfs.c -@@ -84,6 +84,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chunks */ - #define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */ - #define XFS_SB_FEAT_INCOMPAT_BIGTIME (1 << 3) /* large timestamps */ -+#define XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR (1 << 4) /* needs xfs_repair */ - - /* - * Directory entries with ftype are explicitly handled by GRUB code. -@@ -98,7 +99,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - (XFS_SB_FEAT_INCOMPAT_FTYPE | \ - XFS_SB_FEAT_INCOMPAT_SPINODES | \ - XFS_SB_FEAT_INCOMPAT_META_UUID | \ -- XFS_SB_FEAT_INCOMPAT_BIGTIME) -+ XFS_SB_FEAT_INCOMPAT_BIGTIME | \ -+ XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR) - - struct grub_xfs_sblock - { -@@ -307,6 +309,16 @@ static int grub_xfs_sb_valid(struct grub_xfs_data *data) - return 0; - } - -+static int -+grub_xfs_sb_needs_repair(struct grub_xfs_data *data) -+{ -+ return ((data->sblock.version & -+ grub_cpu_to_be16_compile_time (XFS_SB_VERSION_NUMBITS)) == -+ grub_cpu_to_be16_compile_time (XFS_SB_VERSION_5) && -+ (data->sblock.sb_features_incompat & -+ grub_cpu_to_be32_compile_time (XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR))); -+} -+ - /* Filetype information as used in inodes. */ - #define FILETYPE_INO_MASK 0170000 - #define FILETYPE_INO_REG 0100000 -@@ -949,6 +961,9 @@ grub_xfs_mount (grub_disk_t disk) - return data; - fail: - -+ if (grub_xfs_sb_needs_repair(data)) -+ grub_dprintf("xfs", "Filesystem needs repair\n"); -+ - if (grub_errno == GRUB_ERR_OUT_OF_RANGE) - grub_error (GRUB_ERR_BAD_FS, "not an XFS filesystem"); - diff --git a/0203-01_menu_auto_hide.in-fix-a-then-than-typo.patch b/0203-01_menu_auto_hide.in-fix-a-then-than-typo.patch new file mode 100644 index 0000000..4847ef9 --- /dev/null +++ b/0203-01_menu_auto_hide.in-fix-a-then-than-typo.patch @@ -0,0 +1,26 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Pokorn=C3=BD?= +Date: Fri, 11 Jun 2021 12:57:56 +0200 +Subject: [PATCH] 01_menu_auto_hide.in: fix a then/than typo +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Jan Pokorný +--- + util/grub.d/10_reset_boot_success.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util/grub.d/10_reset_boot_success.in b/util/grub.d/10_reset_boot_success.in +index 737e1ae5b68..e73f4137b36 100644 +--- a/util/grub.d/10_reset_boot_success.in ++++ b/util/grub.d/10_reset_boot_success.in +@@ -15,7 +15,7 @@ fi + # Reset boot_indeterminate after a successful boot + if [ "\${boot_success}" = "1" ] ; then + set boot_indeterminate=0 +-# Avoid boot_indeterminate causing the menu to be hidden more then once ++# Avoid boot_indeterminate causing the menu to be hidden more than once + elif [ "\${boot_indeterminate}" = "1" ]; then + set boot_indeterminate=2 + fi diff --git a/0204-Fix-disabling-grub-rpm-sort.patch b/0204-Fix-disabling-grub-rpm-sort.patch new file mode 100644 index 0000000..dccde3c --- /dev/null +++ b/0204-Fix-disabling-grub-rpm-sort.patch @@ -0,0 +1,59 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tim Landscheidt +Date: Fri, 11 Jun 2021 13:02:37 +0200 +Subject: [PATCH] Fix disabling grub-rpm-sort + +Currently, grub-rpm-sort is unconditionally compiled whether +./configure has been called with --disable-rpm-sort or not. This adds +the necessary logic to configure.ac and Makefile.util.def and some +debug output to ./configure and fixes #44. +--- + configure.ac | 8 ++++++++ + Makefile.util.def | 1 + + 2 files changed, 9 insertions(+) + +diff --git a/configure.ac b/configure.ac +index d5d2a28b4ef..c7842ec29d8 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1936,6 +1936,8 @@ AC_ARG_ENABLE([rpm-sort], + [enable native rpm sorting of kernels in grub (default=guessed)])]) + if test x"$enable_rpm_sort" = xno ; then + rpm_sort_excuse="explicitly disabled" ++else ++ enable_rpm_sort=yes + fi + + if test x"$rpm_sort_excuse" = x ; then +@@ -2200,6 +2202,7 @@ AM_CONDITIONAL([COND_GRUB_EMU_SDL], [test x$enable_grub_emu_sdl = xyes]) + AM_CONDITIONAL([COND_GRUB_EMU_PCI], [test x$enable_grub_emu_pci = xyes]) + AM_CONDITIONAL([COND_GRUB_MKFONT], [test x$enable_grub_mkfont = xyes]) + AM_CONDITIONAL([COND_GRUB_MOUNT], [test x$enable_grub_mount = xyes]) ++AM_CONDITIONAL([COND_GRUB_RPM_SORT], [test x$enable_rpm_sort = xyes]) + AM_CONDITIONAL([COND_HAVE_FONT_SOURCE], [test x$FONT_SOURCE != x]) + if test x$FONT_SOURCE != x ; then + HAVE_FONT_SOURCE=1 +@@ -2328,6 +2331,11 @@ echo grub-mount: Yes + else + echo grub-mount: No "($grub_mount_excuse)" + fi ++if [ x"$rpm_sort_excuse" = x ]; then ++echo grub-rpm-sort: Yes ++else ++echo grub-rpm-sort: No "($rpm_sort_excuse)" ++fi + if [ x"$starfield_excuse" = x ]; then + echo starfield theme: Yes + echo With DejaVuSans font from $DJVU_FONT_SOURCE +diff --git a/Makefile.util.def b/Makefile.util.def +index 8cfbe69a76e..3f191aa8095 100644 +--- a/Makefile.util.def ++++ b/Makefile.util.def +@@ -774,6 +774,7 @@ program = { + ldadd = libgrubkern.a; + ldadd = grub-core/lib/gnulib/libgnu.a; + ldadd = '$(LIBDEVMAPPER) $(LIBRPM)'; ++ condition = COND_GRUB_RPM_SORT; + }; + + script = { diff --git a/0205-Don-t-check-for-rpmvercmp-in-librpm.patch b/0205-Don-t-check-for-rpmvercmp-in-librpm.patch new file mode 100644 index 0000000..c21dca4 --- /dev/null +++ b/0205-Don-t-check-for-rpmvercmp-in-librpm.patch @@ -0,0 +1,57 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Fri, 11 Jun 2021 13:13:27 +0200 +Subject: [PATCH] Don't check for rpmvercmp in librpm + +The rpmvercmp() function was moved from librpm to librpmio. The configure +option had some logic to first check if the symbol is in librpm and then +librpmio if this check didn't succeed. + +But the logic wasn't working and rpm sorting was always disabled. Instead +of trying to fix this logic, let's just remove since the function already +moved and there's no need to check librpm anymore. Now it's enabled again: + + GRUB2 will be compiled with following components: + ... + grub-rpm-sort: Yes + ... + +Signed-off-by: Javier Martinez Canillas +--- + configure.ac | 19 +++++-------------- + 1 file changed, 5 insertions(+), 14 deletions(-) + +diff --git a/configure.ac b/configure.ac +index c7842ec29d8..3c808a72230 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1947,24 +1947,15 @@ if test x"$rpm_sort_excuse" = x ; then + fi + + if test x"$rpm_sort_excuse" = x ; then +- # Check for rpm library. +- AC_CHECK_LIB([rpm], [rpmvercmp], [], +- [rpm_sort_excuse="rpmlib missing rpmvercmp"]) +-fi +- +-if test x"$rpm_sort_excuse" = x ; then +- LIBRPM="-lrpm"; +- AC_DEFINE([HAVE_RPM], [1], +- [Define to 1 if you have the rpm library.]) +-fi +- +-if test x"$LIBRPM" = x ; then +- # Check for rpm library. ++ # Check for rpmio library. + AC_CHECK_LIB([rpmio], [rpmvercmp], [], + [rpm_sort_excuse="rpmio missing rpmvercmp"]) ++fi ++ ++if test x"$rpm_sort_excuse" = x ; then + LIBRPM="-lrpmio"; + AC_DEFINE([HAVE_RPMIO], [1], +- [Define to 1 if you have the rpm library.]) ++ [Define to 1 if you have the rpmio library.]) + fi + + AC_SUBST([LIBRPM]) diff --git a/0206-Allow-chainloading-EFI-apps-from-loop-mounts.patch b/0206-Allow-chainloading-EFI-apps-from-loop-mounts.patch new file mode 100644 index 0000000..e48f102 --- /dev/null +++ b/0206-Allow-chainloading-EFI-apps-from-loop-mounts.patch @@ -0,0 +1,136 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dimitri John Ledkov +Date: Fri, 11 Jun 2021 13:51:20 +0200 +Subject: [PATCH] Allow chainloading EFI apps from loop mounts. + +--- + grub-core/disk/loopback.c | 9 +-------- + grub-core/loader/efi/chainloader.c | 23 +++++++++++++++++++++++ + include/grub/loopback.h | 30 ++++++++++++++++++++++++++++++ + 3 files changed, 54 insertions(+), 8 deletions(-) + create mode 100644 include/grub/loopback.h + +diff --git a/grub-core/disk/loopback.c b/grub-core/disk/loopback.c +index 41bebd14fe3..99f47924ec2 100644 +--- a/grub-core/disk/loopback.c ++++ b/grub-core/disk/loopback.c +@@ -21,20 +21,13 @@ + #include + #include + #include ++#include + #include + #include + #include + + GRUB_MOD_LICENSE ("GPLv3+"); + +-struct grub_loopback +-{ +- char *devname; +- grub_file_t file; +- struct grub_loopback *next; +- unsigned long id; +-}; +- + static struct grub_loopback *loopback_list; + static unsigned long last_id = 0; + +diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c +index d41e8ea14a8..3af6b122926 100644 +--- a/grub-core/loader/efi/chainloader.c ++++ b/grub-core/loader/efi/chainloader.c +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -901,6 +902,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + grub_efi_status_t status; + grub_efi_boot_services_t *b; + grub_device_t dev = 0; ++ grub_device_t orig_dev = 0; + grub_efi_device_path_t *dp = 0; + char *filename; + void *boot_image = 0; +@@ -958,6 +960,15 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + if (! dev) + goto fail; + ++ /* if device is loopback, use underlying dev */ ++ if (dev->disk->dev->id == GRUB_DISK_DEVICE_LOOPBACK_ID) ++ { ++ struct grub_loopback *d; ++ orig_dev = dev; ++ d = dev->disk->data; ++ dev = d->file->device; ++ } ++ + if (dev->disk) + dev_handle = grub_efidisk_get_device_handle (dev->disk); + else if (dev->net && dev->net->server) +@@ -1065,6 +1076,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + } + #endif + ++ if (orig_dev) ++ { ++ dev = orig_dev; ++ orig_dev = 0; ++ } ++ + rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); + grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); + if (rc > 0) +@@ -1087,6 +1104,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + // -1 fall-through to fail + + fail: ++ if (orig_dev) ++ { ++ dev = orig_dev; ++ orig_dev = 0; ++ } ++ + if (dev) + grub_device_close (dev); + +diff --git a/include/grub/loopback.h b/include/grub/loopback.h +new file mode 100644 +index 00000000000..3b9a9e32e80 +--- /dev/null ++++ b/include/grub/loopback.h +@@ -0,0 +1,30 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2019 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#ifndef GRUB_LOOPBACK_HEADER ++#define GRUB_LOOPBACK_HEADER 1 ++ ++struct grub_loopback ++{ ++ char *devname; ++ grub_file_t file; ++ struct grub_loopback *next; ++ unsigned long id; ++}; ++ ++#endif /* ! GRUB_LOOPBACK_HEADER */ diff --git a/0207-efinet-Add-DHCP-proxy-support.patch b/0207-efinet-Add-DHCP-proxy-support.patch new file mode 100644 index 0000000..a8755a3 --- /dev/null +++ b/0207-efinet-Add-DHCP-proxy-support.patch @@ -0,0 +1,50 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Ian Page Hands +Date: Tue, 8 Jun 2021 13:48:56 -0400 +Subject: [PATCH] efinet: Add DHCP proxy support + +If a proxyDHCP configuration is used, the server name, server IP and boot +file values should be taken from the DHCP proxy offer instead of the DHCP +server ack packet. Currently that case is not handled, add support for it. +--- + grub-core/net/drivers/efi/efinet.c | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c +index e11d759f19a..1a24f38a21a 100644 +--- a/grub-core/net/drivers/efi/efinet.c ++++ b/grub-core/net/drivers/efi/efinet.c +@@ -850,10 +850,31 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, + else + { + grub_dprintf ("efinet", "using ipv4 and dhcp\n"); ++ ++ struct grub_net_bootp_packet *dhcp_ack = &pxe_mode->dhcp_ack; ++ ++ if (pxe_mode->proxy_offer_received) ++ { ++ grub_dprintf ("efinet", "proxy offer receive"); ++ struct grub_net_bootp_packet *proxy_offer = &pxe_mode->proxy_offer; ++ ++ if (proxy_offer && dhcp_ack->boot_file[0] == '\0') ++ { ++ grub_dprintf ("efinet", "setting values from proxy offer"); ++ /* Here we got a proxy offer and the dhcp_ack has a nil boot_file ++ * Copy the proxy DHCP offer details into the bootp_packet we are ++ * sending forward as they are the deatils we need. ++ */ ++ *dhcp_ack->server_name = *proxy_offer->server_name; ++ *dhcp_ack->boot_file = *proxy_offer->boot_file; ++ dhcp_ack->server_ip = proxy_offer->server_ip; ++ } ++ } ++ + grub_net_configure_by_dhcp_ack (card->name, card, 0, + (struct grub_net_bootp_packet *) +- packet_buf, +- packet_bufsz, ++ &pxe_mode->dhcp_ack, ++ sizeof (pxe_mode->dhcp_ack), + 1, device, path); + grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); + } diff --git a/0208-fs-ext2-Ignore-checksum-seed-incompat-feature.patch b/0208-fs-ext2-Ignore-checksum-seed-incompat-feature.patch new file mode 100644 index 0000000..b4a5fd4 --- /dev/null +++ b/0208-fs-ext2-Ignore-checksum-seed-incompat-feature.patch @@ -0,0 +1,54 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Fri, 11 Jun 2021 00:01:29 +0200 +Subject: [PATCH] fs/ext2: Ignore checksum seed incompat feature + +This incompat feature is used to denote that the filesystem stored its +metadata checksum seed in the superblock. This is used to allow tune2fs +to change the UUID on a mounted metadata_csum filesystem without having +to rewrite all the disk metadata. + +But GRUB doesn't use the metadata checksum in anyway, so can just ignore +this feature if is enabled. This is consistent with GRUB filesystem code +in general which just does a best effort to access the filesystem's data. + +It may be removed from the ignored list in the future if supports to do +metadata checksumming verification is added to the read-only FS driver. + +Suggested-by: Eric Sandeen +Suggested-by: Lukas Czerner +Signed-off-by: Javier Martinez Canillas +--- + grub-core/fs/ext2.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/grub-core/fs/ext2.c b/grub-core/fs/ext2.c +index e7dd78e6635..731d346f886 100644 +--- a/grub-core/fs/ext2.c ++++ b/grub-core/fs/ext2.c +@@ -103,6 +103,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); + #define EXT4_FEATURE_INCOMPAT_64BIT 0x0080 + #define EXT4_FEATURE_INCOMPAT_MMP 0x0100 + #define EXT4_FEATURE_INCOMPAT_FLEX_BG 0x0200 ++#define EXT4_FEATURE_INCOMPAT_CSUM_SEED 0x2000 + #define EXT4_FEATURE_INCOMPAT_ENCRYPT 0x10000 + + /* The set of back-incompatible features this driver DOES support. Add (OR) +@@ -123,9 +124,16 @@ GRUB_MOD_LICENSE ("GPLv3+"); + * mmp: Not really back-incompatible - was added as such to + * avoid multiple read-write mounts. Safe to ignore for this + * RO driver. ++ * checksum seed: Not really back-incompatible - was added to allow tools ++ * such as tune2fs to change the UUID on a mounted metadata ++ * checksummed filesystem. Safe to ignore for now since the ++ * driver doesn't support checksum verification. But it must ++ * be removed from this list if that support is added later. ++ * + */ + #define EXT2_DRIVER_IGNORED_INCOMPAT ( EXT3_FEATURE_INCOMPAT_RECOVER \ +- | EXT4_FEATURE_INCOMPAT_MMP) ++ | EXT4_FEATURE_INCOMPAT_MMP \ ++ | EXT4_FEATURE_INCOMPAT_CSUM_SEED) + + + #define EXT3_JOURNAL_MAGIC_NUMBER 0xc03b3998U diff --git a/0203-Don-t-update-the-cmdline-when-generating-legacy-menu.patch b/0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch similarity index 100% rename from 0203-Don-t-update-the-cmdline-when-generating-legacy-menu.patch rename to 0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch diff --git a/0210-Suppress-gettext-error-message.patch b/0210-Suppress-gettext-error-message.patch new file mode 100644 index 0000000..c57e7ff --- /dev/null +++ b/0210-Suppress-gettext-error-message.patch @@ -0,0 +1,33 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Paulo Flabiano Smorigo +Date: Tue, 29 Jun 2021 13:17:42 +0200 +Subject: [PATCH] Suppress gettext error message + +Colin Watson's patch from comment #11 on the upstream bug: +https://savannah.gnu.org/bugs/?35880#comment11 + +Resolves: rhbz#1592124 + +Signed-off-by: Paulo Flabiano Smorigo +--- + grub-core/gettext/gettext.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c +index 84d520cd494..87a912ac6e5 100644 +--- a/grub-core/gettext/gettext.c ++++ b/grub-core/gettext/gettext.c +@@ -424,6 +424,13 @@ grub_gettext_init_ext (struct grub_gettext_context *ctx, + grub_free (lang); + } + ++ /* If no translations are available, fall back to untranslated text. */ ++ if (err == GRUB_ERR_FILE_NOT_FOUND) ++ { ++ grub_errno = GRUB_ERR_NONE; ++ return 0; ++ } ++ + if (locale[0] == 'e' && locale[1] == 'n' + && (locale[2] == '\0' || locale[2] == '_')) + grub_errno = err = GRUB_ERR_NONE; diff --git a/0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch b/0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch new file mode 100644 index 0000000..61d0f6d --- /dev/null +++ b/0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch @@ -0,0 +1,32 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Gena Makhomed +Date: Thu, 1 Jul 2021 01:07:46 +0200 +Subject: [PATCH] grub-boot-success.timer: Only run if not in a container + +The grub-boot-success.timer should be disabled inside a container since it +leads to the following error: + +Jan 09 22:56:38 test sshd[8786]: pam_unix(sshd:session): session opened for user www(uid=1000) by (uid=0) +Jan 09 22:58:39 test systemd[8857]: Starting Mark boot as successful... +Jan 09 22:58:39 test systemd[8857]: grub-boot-success.service: Main process exited, code=exited, status=1/FAILURE +Jan 09 22:58:39 test systemd[8857]: grub-boot-success.service: Failed with result 'exit-code'. +Jan 09 22:58:39 test systemd[8857]: Failed to start Mark boot as successful. +Jan 09 22:58:39 test grub2-set-bootflag[10034]: Error canonicalizing /boot/grub2/grubenv filename: No such file or directory + +Resolves: rhbz#1914571 +--- + docs/grub-boot-success.timer | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/docs/grub-boot-success.timer b/docs/grub-boot-success.timer +index 5d8fcba21aa..406f1720056 100644 +--- a/docs/grub-boot-success.timer ++++ b/docs/grub-boot-success.timer +@@ -1,6 +1,7 @@ + [Unit] + Description=Mark boot as successful after the user session has run 2 minutes + ConditionUser=!@system ++ConditionVirtualization=!container + + [Timer] + OnActiveSec=2min diff --git a/0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch b/0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch new file mode 100644 index 0000000..7ecea22 --- /dev/null +++ b/0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch @@ -0,0 +1,42 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 5 Jul 2021 18:24:22 +0200 +Subject: [PATCH] grub-set-password: Always use /boot/grub2/user.cfg as + password default + +The GRUB configuration file is always placed in /boot/grub2/ now, even for +EFI. But the tool is still creating the user.cfg in the ESP and not there. + +Resolves: rhbz#1955294 + +Signed-off-by: Javier Martinez Canillas +--- + util/grub-set-password.in | 9 +-------- + 1 file changed, 1 insertion(+), 8 deletions(-) + +diff --git a/util/grub-set-password.in b/util/grub-set-password.in +index c0b5ebbfdc5..d8005e5a142 100644 +--- a/util/grub-set-password.in ++++ b/util/grub-set-password.in +@@ -1,11 +1,6 @@ + #!/bin/sh -e + +-EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/' -e 's/\"//g') +-if [ -d /sys/firmware/efi/efivars/ ]; then +- grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'` +-else +- grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'` +-fi ++grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'` + + PACKAGE_VERSION="@PACKAGE_VERSION@" + PACKAGE_NAME="@PACKAGE_NAME@" +@@ -116,8 +111,6 @@ if [ -z "${MYPASS}" ]; then + exit 1 + fi + +-# on the ESP, these will fail to set the permissions, but it's okay because +-# the directory is protected. + install -m 0600 /dev/null "${OUTPUT_PATH}/user.cfg" 2>/dev/null || : + chmod 0600 "${OUTPUT_PATH}/user.cfg" 2>/dev/null || : + echo "GRUB2_PASSWORD=${MYPASS}" > "${OUTPUT_PATH}/user.cfg" diff --git a/0213-Remove-outdated-URL-for-BLS-document.patch b/0213-Remove-outdated-URL-for-BLS-document.patch new file mode 100644 index 0000000..d380fe8 --- /dev/null +++ b/0213-Remove-outdated-URL-for-BLS-document.patch @@ -0,0 +1,28 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 5 Jul 2021 19:00:25 +0200 +Subject: [PATCH] Remove outdated URL for BLS document + +The document was moved to https://systemd.io/BOOT_LOADER_SPECIFICATION/, +update the URL accordingly to point to the current location. + +Resolves: rhbz#1926453 + +Signed-off-by: Javier Martinez Canillas +--- + util/grub.d/10_linux.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index c9296154f51..6ee0a2cf3d0 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -96,7 +96,7 @@ cat < +Date: Tue, 6 Jul 2021 00:38:40 +0200 +Subject: [PATCH] templates: Check for EFI at runtime instead of config + generation time + +The 30_uefi-firmware template checks if an OsIndicationsSupported UEFI var +exists and EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, to decide whether +a "fwsetup" menu entry would be added or not to the GRUB menu. + +But this has the problem that it will only work if the configuration file +was created on an UEFI machine that supports booting to a firmware UI. + +This for example doesn't support creating GRUB config files when executing +on systems that support both UEFI and legacy BIOS booting. Since creating +the config file from legacy BIOS wouldn't allow to access the firmware UI. + +To prevent this, make the template to unconditionally create the grub.cfg +snippet but check at runtime if was booted through UEFI to decide if this +entry should be added. That way it won't be added when booting with BIOS. + +There's no need to check if EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, +since that's already done by the "fwsetup" command when is executed. + +Resolves: rhbz#1823864 + +Signed-off-by: Javier Martinez Canillas +--- + util/grub.d/30_uefi-firmware.in | 21 ++++++++------------- + 1 file changed, 8 insertions(+), 13 deletions(-) + +diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in +index d344d3883d7..b6041b55e2a 100644 +--- a/util/grub.d/30_uefi-firmware.in ++++ b/util/grub.d/30_uefi-firmware.in +@@ -26,19 +26,14 @@ export TEXTDOMAINDIR="@localedir@" + + . "$pkgdatadir/grub-mkconfig_lib" + +-EFI_VARS_DIR=/sys/firmware/efi/efivars +-EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c +-OS_INDICATIONS="$EFI_VARS_DIR/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE" ++LABEL="UEFI Firmware Settings" + +-if [ -e "$OS_INDICATIONS" ] && \ +- [ "$(( $(printf 0x%x \'"$(cat $OS_INDICATIONS | cut -b5)"\') & 1 ))" = 1 ]; then +- LABEL="UEFI Firmware Settings" ++gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2 + +- gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2 +- +- cat << EOF +-menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { +- fwsetup +-} +-EOF ++cat << EOF ++if [ "\$grub_platform" = "efi" ]; then ++ menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { ++ fwsetup ++ } + fi ++EOF diff --git a/0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch b/0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch new file mode 100644 index 0000000..65b4aec --- /dev/null +++ b/0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch @@ -0,0 +1,92 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Tue, 6 Jul 2021 01:10:18 +0200 +Subject: [PATCH] efi: Print an error if boot to firmware setup is not + supported + +The "fwsetup" command is only registered if the firmware supports booting +to the firmware setup UI. But it could be possible that the GRUB config +already contains a "fwsetup" entry, because it was generated in a machine +that has support for this feature. + +To prevent users getting a "can't find command `fwsetup`" error if it is +not supported by the firmware, let's just always register the command but +print a more accurate message if the firmware doesn't support this option. + +Resolves: rhbz#1823864 + +Signed-off-by: Javier Martinez Canillas +--- + grub-core/commands/efi/efifwsetup.c | 43 ++++++++++++++++++++----------------- + 1 file changed, 23 insertions(+), 20 deletions(-) + +diff --git a/grub-core/commands/efi/efifwsetup.c b/grub-core/commands/efi/efifwsetup.c +index eaca0328388..328c45e82e0 100644 +--- a/grub-core/commands/efi/efifwsetup.c ++++ b/grub-core/commands/efi/efifwsetup.c +@@ -27,6 +27,25 @@ + + GRUB_MOD_LICENSE ("GPLv3+"); + ++static grub_efi_boolean_t ++efifwsetup_is_supported (void) ++{ ++ grub_efi_uint64_t *os_indications_supported = NULL; ++ grub_size_t oi_size = 0; ++ grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; ++ ++ grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size, ++ (void **) &os_indications_supported); ++ ++ if (!os_indications_supported) ++ return 0; ++ ++ if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI) ++ return 1; ++ ++ return 0; ++} ++ + static grub_err_t + grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), + int argc __attribute__ ((unused)), +@@ -38,6 +57,10 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), + grub_size_t oi_size; + grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; + ++ if (!efifwsetup_is_supported ()) ++ return grub_error (GRUB_ERR_INVALID_COMMAND, ++ N_("Reboot to firmware setup is not supported")); ++ + grub_efi_get_variable ("OsIndications", &global, &oi_size, + (void **) &old_os_indications); + +@@ -56,28 +79,8 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), + + static grub_command_t cmd = NULL; + +-static grub_efi_boolean_t +-efifwsetup_is_supported (void) +-{ +- grub_efi_uint64_t *os_indications_supported = NULL; +- grub_size_t oi_size = 0; +- grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; +- +- grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size, +- (void **) &os_indications_supported); +- +- if (!os_indications_supported) +- return 0; +- +- if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI) +- return 1; +- +- return 0; +-} +- + GRUB_MOD_INIT (efifwsetup) + { +- if (efifwsetup_is_supported ()) + cmd = grub_register_command ("fwsetup", grub_cmd_fwsetup, NULL, + N_("Reboot into firmware setup menu.")); + diff --git a/0216-arm64-Fix-EFI-loader-kernel-image-allocation.patch b/0216-arm64-Fix-EFI-loader-kernel-image-allocation.patch new file mode 100644 index 0000000..600b461 --- /dev/null +++ b/0216-arm64-Fix-EFI-loader-kernel-image-allocation.patch @@ -0,0 +1,189 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Benjamin Herrenschmidt +Date: Mon, 2 Aug 2021 23:10:01 +1000 +Subject: [PATCH] arm64: Fix EFI loader kernel image allocation + +We are currently allocating just enough memory for the file size, +which means that the kernel BSS is in limbo (and not even zeroed). + +We are also not honoring the alignment specified in the image +PE header. + +This makes us use the PE optional header in which the kernel puts the +actual size it needs, including BSS, and make sure we clear it, and +honors the specified alignment for the image. + +Signed-off-by: Benjamin Herrenschmidt +--- + grub-core/loader/arm64/linux.c | 100 +++++++++++++++++++++++++++-------------- + 1 file changed, 66 insertions(+), 34 deletions(-) + +diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c +index 47f8cf0d84b..4a252d5e7e9 100644 +--- a/grub-core/loader/arm64/linux.c ++++ b/grub-core/loader/arm64/linux.c +@@ -41,6 +41,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); + static grub_dl_t my_mod; + static int loaded; + ++static void *kernel_alloc_addr; ++static grub_uint32_t kernel_alloc_pages; + static void *kernel_addr; + static grub_uint64_t kernel_size; + static grub_uint32_t handover_offset; +@@ -204,9 +206,8 @@ grub_linux_unload (void) + GRUB_EFI_BYTES_TO_PAGES (initrd_end - initrd_start)); + initrd_start = initrd_end = 0; + grub_free (linux_args); +- if (kernel_addr) +- grub_efi_free_pages ((grub_addr_t) kernel_addr, +- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); ++ if (kernel_alloc_addr) ++ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); + grub_fdt_unload (); + return GRUB_ERR_NONE; + } +@@ -311,14 +312,35 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), + return grub_errno; + } + ++static grub_err_t ++parse_pe_header (void *kernel, grub_uint64_t *total_size, ++ grub_uint32_t *entry_offset, ++ grub_uint32_t *alignment) ++{ ++ struct linux_arch_kernel_header *lh = kernel; ++ struct grub_armxx_linux_pe_header *pe; ++ ++ pe = (void *)((unsigned long)kernel + lh->hdr_offset); ++ ++ if (pe->opt.magic != GRUB_PE32_PE64_MAGIC) ++ return grub_error(GRUB_ERR_BAD_OS, "Invalid PE optional header magic"); ++ ++ *total_size = pe->opt.image_size; ++ *entry_offset = pe->opt.entry_addr; ++ *alignment = pe->opt.section_alignment; ++ ++ return GRUB_ERR_NONE; ++} ++ + static grub_err_t + grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + int argc, char *argv[]) + { + grub_file_t file = 0; +- struct linux_arch_kernel_header lh; +- struct grub_armxx_linux_pe_header *pe; + grub_err_t err; ++ grub_off_t filelen; ++ grub_uint32_t align; ++ void *kernel = NULL; + int rc; + + grub_dl_ref (my_mod); +@@ -333,40 +355,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + if (!file) + goto fail; + +- kernel_size = grub_file_size (file); +- +- if (grub_file_read (file, &lh, sizeof (lh)) < (long) sizeof (lh)) +- return grub_errno; +- +- if (grub_arch_efi_linux_check_image (&lh) != GRUB_ERR_NONE) +- goto fail; +- +- grub_loader_unset(); +- +- grub_dprintf ("linux", "kernel file size: %lld\n", (long long) kernel_size); +- kernel_addr = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (kernel_size)); +- grub_dprintf ("linux", "kernel numpages: %lld\n", +- (long long) GRUB_EFI_BYTES_TO_PAGES (kernel_size)); +- if (!kernel_addr) ++ filelen = grub_file_size (file); ++ kernel = grub_malloc(filelen); ++ if (!kernel) + { +- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel load buffer")); + goto fail; + } + +- grub_file_seek (file, 0); +- if (grub_file_read (file, kernel_addr, kernel_size) +- < (grub_int64_t) kernel_size) ++ if (grub_file_read (file, kernel, filelen) < (grub_ssize_t)filelen) + { +- if (!grub_errno) +- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), argv[0]); ++ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), ++ argv[0]); + goto fail; + } + +- grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); +- + if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) + { +- rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); ++ rc = grub_linuxefi_secure_validate (kernel, filelen); + if (rc <= 0) + { + grub_error (GRUB_ERR_INVALID_COMMAND, +@@ -375,8 +381,32 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + } + } + +- pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); +- handover_offset = pe->opt.entry_addr; ++ if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE) ++ goto fail; ++ if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE) ++ goto fail; ++ grub_dprintf ("linux", "kernel mem size : %lld\n", (long long) kernel_size); ++ grub_dprintf ("linux", "kernel entry offset : %d\n", handover_offset); ++ grub_dprintf ("linux", "kernel alignment : 0x%x\n", align); ++ ++ grub_loader_unset(); ++ ++ kernel_alloc_pages = GRUB_EFI_BYTES_TO_PAGES (kernel_size + align - 1); ++ kernel_alloc_addr = grub_efi_allocate_any_pages (kernel_alloc_pages); ++ grub_dprintf ("linux", "kernel numpages: %d\n", kernel_alloc_pages); ++ if (!kernel_alloc_addr) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); ++ goto fail; ++ } ++ kernel_addr = (void *)ALIGN_UP((grub_uint64_t)kernel_alloc_addr, align); ++ ++ grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); ++ grub_memcpy (kernel_addr, kernel, grub_min(filelen, kernel_size)); ++ if (kernel_size > filelen) ++ grub_memset ((char *)kernel_addr + filelen, 0, kernel_size - filelen); ++ grub_free(kernel); ++ kernel = NULL; + + cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); + linux_args = grub_malloc (cmdline_size); +@@ -400,6 +430,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + } + + fail: ++ if (kernel) ++ grub_free (kernel); ++ + if (file) + grub_file_close (file); + +@@ -412,9 +445,8 @@ fail: + if (linux_args && !loaded) + grub_free (linux_args); + +- if (kernel_addr && !loaded) +- grub_efi_free_pages ((grub_addr_t) kernel_addr, +- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); ++ if (kernel_alloc_addr && !loaded) ++ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); + + return grub_errno; + } diff --git a/0217-normal-main-Discover-the-device-to-read-the-config-f.patch b/0217-normal-main-Discover-the-device-to-read-the-config-f.patch new file mode 100644 index 0000000..cf12fd6 --- /dev/null +++ b/0217-normal-main-Discover-the-device-to-read-the-config-f.patch @@ -0,0 +1,123 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 30 Aug 2021 12:31:18 +0200 +Subject: [PATCH] normal/main: Discover the device to read the config from as a + fallback + +The GRUB core.img is generated locally, when this is done the grub2-probe +tool figures out the device and partition that needs to be read to parse +the GRUB configuration file. + +But in some cases the core.img can't be generated on the host and instead +has to be done at package build time. For example, if needs to get signed +with a key that's only available on the package building infrastructure. + +If that's the case, the prefix variable won't have a device and partition +but only a directory path. So there's no way for GRUB to know from which +device has to read the configuration file. + +To allow GRUB to continue working on that scenario, fallback to iterating +over all the available devices, if reading the config failed when using +the prefix and fw_path variables. + +Signed-off-by: Javier Martinez Canillas +--- + grub-core/normal/main.c | 58 +++++++++++++++++++++++++++++++++++++++++++------ + 1 file changed, 51 insertions(+), 7 deletions(-) + +diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c +index 155bf366da2..f9ccca502ee 100644 +--- a/grub-core/normal/main.c ++++ b/grub-core/normal/main.c +@@ -339,18 +339,13 @@ grub_enter_normal_mode (const char *config) + } + + static grub_err_t +-grub_try_normal (const char *variable) ++grub_try_normal_prefix (const char *prefix) + { + char *config; +- const char *prefix; + grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; + const char *net_search_cfg; + int disable_net_search = 0; + +- prefix = grub_env_get (variable); +- if (!prefix) +- return GRUB_ERR_FILE_NOT_FOUND; +- + net_search_cfg = grub_env_get ("feature_net_search_cfg"); + if (net_search_cfg && net_search_cfg[0] == 'n') + disable_net_search = 1; +@@ -364,7 +359,7 @@ grub_try_normal (const char *variable) + config = grub_malloc (config_len); + + if (! config) +- return GRUB_ERR_FILE_NOT_FOUND; ++ return err; + + grub_snprintf (config, config_len, "%s/grub.cfg", prefix); + err = grub_net_search_config_file (config); +@@ -393,6 +388,53 @@ grub_try_normal (const char *variable) + return err; + } + ++static int ++grub_try_normal_dev (const char *name, void *data) ++{ ++ grub_err_t err; ++ const char *prefix = grub_xasprintf ("(%s)%s", name, (char *)data); ++ ++ if (!prefix) ++ return 0; ++ ++ err = grub_try_normal_prefix (prefix); ++ if (err == GRUB_ERR_NONE) ++ return 1; ++ ++ return 0; ++} ++ ++static grub_err_t ++grub_try_normal_discover (void) ++{ ++ char *prefix = grub_env_get ("prefix"); ++ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; ++ ++ if (!prefix) ++ return err; ++ ++ if (grub_device_iterate (grub_try_normal_dev, (void *)prefix)) ++ return GRUB_ERR_NONE; ++ ++ return err; ++} ++ ++static grub_err_t ++grub_try_normal (const char *variable) ++{ ++ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; ++ const char *prefix; ++ ++ if (!variable) ++ return err; ++ ++ prefix = grub_env_get (variable); ++ if (!prefix) ++ return err; ++ ++ return grub_try_normal_prefix (prefix); ++} ++ + /* Enter normal mode from rescue mode. */ + static grub_err_t + grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), +@@ -407,6 +449,8 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), + err = grub_try_normal ("fw_path"); + if (err == GRUB_ERR_FILE_NOT_FOUND) + err = grub_try_normal ("prefix"); ++ if (err == GRUB_ERR_FILE_NOT_FOUND) ++ err = grub_try_normal_discover (); + if (err == GRUB_ERR_FILE_NOT_FOUND) + grub_enter_normal_mode (0); + } diff --git a/0218-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch b/0218-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch new file mode 100644 index 0000000..70b021d --- /dev/null +++ b/0218-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch @@ -0,0 +1,75 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Mon, 19 Jul 2021 14:35:55 +1000 +Subject: [PATCH] powerpc: adjust setting of prefix for signed binary case + +On RHEL-signed powerpc grub, we sign a grub with -p /grub2 and expect +that there's a boot partition. + +Unfortunately grub_set_prefix_and_root tries to convert this to +($fwdevice)/grub2. This ends up being (ieee1275/disk)/grub2 and that +falls apart pretty quickly - there's no file-system on ieee1275/disk, +and it makes the search routine try things like +(ieee1275/disk,msdos2)(ieee1275/disk)/grub2 which also doesn't work. + +Detect if we would be about to create (ieee1275/disk)/path and don't: +preserve a prefix of /path instead and hope the search later finds us. + +Related: rhbz#1899864 + +Signed-off-by: Daniel Axtens +--- + grub-core/kern/main.c | 38 +++++++++++++++++++++++++++++++++----- + 1 file changed, 33 insertions(+), 5 deletions(-) + +diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c +index 0285e95a2bb..e809a5edec1 100644 +--- a/grub-core/kern/main.c ++++ b/grub-core/kern/main.c +@@ -216,13 +216,41 @@ grub_set_prefix_and_root (void) + if (device) + { + char *prefix_set; +- +- prefix_set = grub_xasprintf ("(%s)%s", device, path ? : ""); +- if (prefix_set) ++ ++#ifdef __powerpc__ ++ /* We have to be careful here on powerpc-ieee1275 + signed grub. We ++ will have signed something with a prefix that doesn't have a device ++ because we cannot know in advance what partition we're on. ++ ++ We will have had !device earlier, so we will have set device=fwdevice ++ However, we want to make sure we do not end up setting prefix to be ++ ($fwdevice)/path, because we will then end up trying to boot or search ++ based on a prefix of (ieee1275/disk)/path, which will not work because ++ it's missing a partition. ++ ++ Also: ++ - You can end up with a device with an FS directly on it, without ++ a partition, e.g. ieee1275/cdrom. ++ ++ - powerpc-ieee1275 + grub-install sets e.g. prefix=(,gpt2)/path, ++ which will have now been extended to device=$fwdisk,partition ++ and path=/path ++ ++ So we only need to act if device = ieee1275/disk exactly. ++ */ ++ if (grub_strncmp (device, "ieee1275/disk", 14) == 0) ++ grub_env_set ("prefix", path); ++ else ++#endif + { +- grub_env_set ("prefix", prefix_set); +- grub_free (prefix_set); ++ prefix_set = grub_xasprintf ("(%s)%s", device, path ? : ""); ++ if (prefix_set) ++ { ++ grub_env_set ("prefix", prefix_set); ++ grub_free (prefix_set); ++ } + } ++ + grub_env_set ("root", device); + } + diff --git a/0219-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch b/0219-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch new file mode 100644 index 0000000..1cb21ef --- /dev/null +++ b/0219-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch @@ -0,0 +1,43 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Mon, 16 Aug 2021 16:01:47 +1000 +Subject: [PATCH] powerpc: fix prefix + signed grub special case for PowerVM + +Mea culpa: when testing the PowerPC special case for signed grub, I +assumed qemu and PowerVM would behave identically. This was wrong, and +with hindsight a pretty dumb error. + +This fixes it. This time, I am actually testing on PowerVM. + +Signed-off-by: Daniel Axtens +--- + grub-core/kern/main.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c +index e809a5edec1..2d0d2bbd4cf 100644 +--- a/grub-core/kern/main.c ++++ b/grub-core/kern/main.c +@@ -236,9 +236,20 @@ grub_set_prefix_and_root (void) + which will have now been extended to device=$fwdisk,partition + and path=/path + +- So we only need to act if device = ieee1275/disk exactly. ++ - PowerVM will give us device names like ++ ieee1275//vdevice/v-scsi@3000006c/disk@8100000000000000 ++ and we don't want to try to encode some sort of truth table about ++ what sorts of paths represent disks with partition tables and those ++ without partition tables. ++ ++ So we act unless there is a comma in the device, which would indicate ++ a partition has already been specified. ++ ++ (If we only have a path, the code in normal to discover config files ++ will try both without partitions and then with any partitions so we ++ will cover both CDs and HDs.) + */ +- if (grub_strncmp (device, "ieee1275/disk", 14) == 0) ++ if (grub_strchr (device, ',') == NULL) + grub_env_set ("prefix", path); + else + #endif diff --git a/20-grub.install b/20-grub.install index 8ae3885..2a0ac32 100755 --- a/20-grub.install +++ b/20-grub.install @@ -46,7 +46,7 @@ initrd /initramfs-${kernelver}.img options ${kernelopts} grub_users \$grub_users grub_arg --unrestricted -grub_class kernel${flavor} +grub_class ${ID} EOF } @@ -75,6 +75,14 @@ case "$COMMAND" in command -v restorecon &>/dev/null && \ restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" fi + # symvers is symvers-.gz symlink, needs a special treatment + i="$KERNEL_DIR/symvers.gz" + if [[ -e "$i" ]]; then + rm -f "/boot/symvers-${KERNEL_VERSION}.gz" + ln -s "$i" "/boot/symvers-${KERNEL_VERSION}.gz" + command -v restorecon &>/dev/null && \ + restorecon "/boot/symvers-${KERNEL_VERSION}.gz" + fi fi if [[ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]] || [[ ! -f /sbin/new-kernel-pkg ]]; then @@ -104,7 +112,12 @@ case "$COMMAND" in LINUX="$(grep '^linux[ \t]' "${BLS_TARGET}" | sed -e 's,^linux[ \t]*,,')" INITRD="$(grep '^initrd[ \t]' "${BLS_TARGET}" | sed -e 's,^initrd[ \t]*,,')" - LINUX_RELPATH="$(grub2-mkrelpath /boot${LINUX})" + if [[ "$(grub2-probe --device $(grub2-probe --target=device /) --target=fs)" == "btrfs" && + "${SUSE_BTRFS_SNAPSHOT_BOOTING}" == "true" ]]; then + LINUX_RELPATH="$(grub2-mkrelpath -r /boot${LINUX})" + else + LINUX_RELPATH="$(grub2-mkrelpath /boot${LINUX})" + fi BOOTPREFIX="$(dirname ${LINUX_RELPATH})" ROOTPREFIX="$(dirname "/boot${LINUX}")" @@ -163,6 +176,8 @@ case "$COMMAND" in done # hmac is .vmlinuz-.hmac so needs a special treatment rm -f "/boot/.vmlinuz-${KERNEL_VERSION}.hmac" + # symvers is symvers-.gz symlink, needs a special treatment + rm -f "/boot/symvers-${KERNEL_VERSION}.gz" exit 0 fi diff --git a/grub.macros b/grub.macros index 576e8a4..5863037 100644 --- a/grub.macros +++ b/grub.macros @@ -18,7 +18,7 @@ sed \\\ -e 's/-O. //g' \\\ -e 's/-fplugin=annobin //g' \\\ - -e 's,-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 ,,g' \\\ + -e 's,-specs=[[:alnum:]/_-]*annobin[[:alnum:]_-]* ,,g' \\\ -e 's/-fstack-protector[[:alpha:]-]\\+//g' \\\ -e 's/-Wp,-D_FORTIFY_SOURCE=[[:digit:]]\\+//g' \\\ -e 's/--param=ssp-buffer-size=4//g' \\\ @@ -49,6 +49,7 @@ %global ldflags_sed \\\ sed \\\ + -e 's,-specs=[[:alnum:]/_-]*annobin[[:alnum:]_-]* ,,g' \\\ -e 's/^$//' \\\ %{nil} @@ -389,7 +390,7 @@ rm -f %{1}.conf \ %{?__pesign_client_cert:%{expand:%%define __pesign_client_cert %{___pesign_client_cert}}} \ %{expand:%%{pesign -s -i %%{2}.orig -o %%{2}.onesig -a %%{5} -c %%{6} -n %%{7}}} \ %{expand:%%{pesign -s -i %%{3}.orig -o %%{3}.onesig -a %%{5} -c %%{6} -n %%{7}}} \ -%{expand:%%define __pesign_client_cert grub2-signer} \ +%{expand:%%define __pesign_client_cert %{name}-signer} \ %{expand:%%{pesign -s -i %%{2}.onesig -o %%{2} -a %%{5} -c %%{6} -n %%{7}}} \ %{expand:%%{pesign -s -i %%{3}.onesig -o %%{3} -a %%{5} -c %%{6} -n %%{7}}} \ %{nil} @@ -405,13 +406,13 @@ rm -f %{1}.conf \ %define do_efi_build_images() \ GRUB_MODULES=" all_video boot blscfg btrfs \\\ cat configfile cryptodisk \\\ - echo efi_netfs efifwsetup efinet ext2 \\\ + echo efi_netfs efifwsetup efinet ext2 f2fs \\\ fat font gcry_rijndael gcry_rsa gcry_serpent \\\ gcry_sha256 gcry_twofish gcry_whirlpool \\\ gfxmenu gfxterm gzio \\\ halt hfsplus http increment iso9660 jpeg \\\ loadenv loopback linux lvm lsefi lsefimmap luks \\\ - mdraid09 mdraid1x minicmd net \\\ + luks2 mdraid09 mdraid1x minicmd net \\\ normal part_apple part_msdos part_gpt \\\ password_pbkdf2 pgp png reboot \\\ regexp search search_fs_uuid search_fs_file \\\ @@ -517,7 +518,7 @@ install -m 700 %{3} $RPM_BUILD_ROOT%{efi_esp_dir}/%{3} \ install -D -m 700 %{2} $RPM_BUILD_ROOT%{efi_esp_boot}/BOOTARM.EFI \ %endif \ install -D -m 700 unicode.pf2 \\\ - $RPM_BUILD_ROOT%{efi_esp_dir}/fonts/unicode.pf2 \ + ${RPM_BUILD_ROOT}/boot/%{name}/fonts/unicode.pf2 \ ${RPM_BUILD_ROOT}/%{_bindir}/%{name}-editenv \\\ ${RPM_BUILD_ROOT}/boot/%{name}/grubenv create \ %{expand:%%do_install_protected_file %{name}-%{package_arch}} \ @@ -533,9 +534,9 @@ fi \ if [ -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info ]; then \ rm -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info \ fi \ -if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp ]; then \ - mv $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp \\\ - $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub.chrp \ +if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/%{name}.chrp ]; then \ + mv $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/%{name}.chrp \\\ + $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/%{name}.chrp \ fi \ if [ %{3} -eq 0 ]; then \ ${RPM_BUILD_ROOT}/%{_bindir}/%{name}-editenv \\\ @@ -554,8 +555,8 @@ fi \ if [ -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info ]; then \ rm -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info \ fi \ -if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp ]; then \ - mv $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp \\\ +if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/%{name}.chrp ]; then \ + mv $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/%{name}.chrp \\\ $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub.chrp \ fi \ cd .. \ @@ -572,7 +573,7 @@ cp docs/grub.info $RPM_BUILD_ROOT%{_infodir}/%{name}.info \ cp docs/grub-dev.info \\\ $RPM_BUILD_ROOT%{_infodir}/%{name}-dev.info \ install -d -m 0700 ${RPM_BUILD_ROOT}%{efi_esp_dir}/ \ -install -d -m 0700 ${RPM_BUILD_ROOT}/boot/grub2/ \ +install -d -m 0700 ${RPM_BUILD_ROOT}/boot/%{name}/ \ install -d -m 0700 ${RPM_BUILD_ROOT}/boot/loader/entries \ install -d -m 0700 ${RPM_BUILD_ROOT}/boot/%{name}/themes/system \ install -d -m 0700 ${RPM_BUILD_ROOT}%{_sysconfdir}/default \ @@ -582,7 +583,7 @@ ln -sf ../default/grub \\\ ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/grub \ touch ${RPM_BUILD_ROOT}/boot/%{name}/grub.cfg \ ln -s ../boot/%{name}/grub.cfg \\\ - ${RPM_BUILD_ROOT}%{_sysconfdir}/grub2.cfg \ + ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.cfg \ %{nil} %define define_legacy_variant_files() \ @@ -608,18 +609,18 @@ ln -s ../boot/%{name}/grub.cfg \\\ %define define_efi_variant_files() \ %{expand:%%files %{1}} \ -%defattr(0700,root,root,-) \ +%defattr(-,root,root,-) \ %config(noreplace) %{_sysconfdir}/%{name}.cfg \ %config(noreplace) %{_sysconfdir}/%{name}-efi.cfg \ %attr(0700,root,root)%{efi_esp_dir}/%{2} \ %ifarch %{arm} \ %attr(0700,root,root)%{efi_esp_boot}/BOOTARM.EFI \ %endif \ -%dir %attr(0700,root,root)%{efi_esp_dir}/fonts \ +%attr(0700,root,root)/boot/%{name}/fonts \ %dir %attr(0700,root,root)/boot/loader/entries \ %ghost %config(noreplace) /boot/%{name}/grub.cfg \ %ghost %config(noreplace) %attr(0700,root,root)%{efi_esp_dir}/grub.cfg \ -%config(noreplace) %verify(not size mode md5 mtime) /boot/grub2/grubenv \ +%config(noreplace) %verify(not size mode md5 mtime) /boot/%{name}/grubenv \ %attr(0644,root,root) %config(noreplace) /etc/dnf/protected.d/%{name}-%{1}.conf \ %{expand:%if 0%{?without_efi_modules} \ %exclude %{_libdir}/grub/%{6} \ @@ -635,7 +636,7 @@ ln -s ../boot/%{name}/grub.cfg \\\ %endif} \ \ %{expand:%%files %{1}-cdboot} \ -%defattr(0700,root,root,-) \ +%defattr(-,root,root,-) \ %attr(0700,root,root)%{efi_esp_dir}/%{3} \ -%attr(0700,root,root)%{efi_esp_dir}/fonts \ +%attr(0700,root,root)/boot/%{name}/fonts \ %{nil} diff --git a/grub.patches b/grub.patches index f225220..5365f4a 100644 --- a/grub.patches +++ b/grub.patches @@ -1,203 +1,219 @@ -Patch0001: 0001-Add-support-for-Linux-EFI-stub-loading.patch -Patch0002: 0002-Rework-linux-command.patch -Patch0003: 0003-Rework-linux16-command.patch -Patch0004: 0004-Add-secureboot-support-on-efi-chainloader.patch -Patch0005: 0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch -Patch0006: 0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch -Patch0007: 0007-re-write-.gitignore.patch -Patch0008: 0008-IBM-client-architecture-CAS-reboot-support.patch -Patch0009: 0009-for-ppc-reset-console-display-attr-when-clear-screen.patch -Patch0010: 0010-Disable-GRUB-video-support-for-IBM-power-machines.patch -Patch0011: 0011-Move-bash-completion-script-922997.patch -Patch0012: 0012-Allow-fallback-to-include-entries-by-title-not-just-.patch -Patch0013: 0013-Make-exit-take-a-return-code.patch -Patch0014: 0014-Make-efi-machines-load-an-env-block-from-a-variable.patch -Patch0015: 0015-Migrate-PPC-from-Yaboot-to-Grub2.patch -Patch0016: 0016-Add-fw_path-variable-revised.patch -Patch0017: 0017-Pass-x-hex-hex-straight-through-unmolested.patch -Patch0018: 0018-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch -Patch0019: 0019-Add-devicetree-loading.patch -Patch0020: 0020-Don-t-write-messages-to-the-screen.patch -Patch0021: 0021-Don-t-print-GNU-GRUB-header.patch -Patch0022: 0022-Don-t-add-to-highlighted-row.patch -Patch0023: 0023-Message-string-cleanups.patch -Patch0024: 0024-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch -Patch0025: 0025-Use-the-correct-indentation-for-the-term-help-text.patch -Patch0026: 0026-Indent-menu-entries.patch -Patch0027: 0027-Fix-margins.patch -Patch0028: 0028-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch -Patch0029: 0029-Enable-pager-by-default.-985860.patch -Patch0030: 0030-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch -Patch0031: 0031-Don-t-say-GNU-Linux-in-generated-menus.patch -Patch0032: 0032-Don-t-draw-a-border-around-the-menu.patch -Patch0033: 0033-Use-the-standard-margin-for-the-timeout-string.patch -Patch0034: 0034-Add-.eh_frame-to-list-of-relocations-stripped.patch -Patch0035: 0035-Don-t-require-a-password-to-boot-entries-generated-b.patch -Patch0036: 0036-Don-t-emit-Booting-.-message.patch -Patch0037: 0037-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch -Patch0038: 0038-use-fw_path-prefix-when-fallback-searching-for-grub-.patch -Patch0039: 0039-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch -Patch0040: 0040-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch -Patch0041: 0041-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch -Patch0042: 0042-Try-prefix-if-fw_path-doesn-t-work.patch -Patch0043: 0043-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch -Patch0044: 0044-Make-grub2-mkconfig-construct-titles-that-look-like-.patch -Patch0045: 0045-Add-friendly-grub2-password-config-tool-985962.patch -Patch0046: 0046-tcp-add-window-scaling-support.patch -Patch0047: 0047-efinet-and-bootp-add-support-for-dhcpv6.patch -Patch0048: 0048-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch -Patch0049: 0049-bz1374141-fix-incorrect-mask-for-ppc64.patch -Patch0050: 0050-Make-grub_fatal-also-backtrace.patch -Patch0051: 0051-Fix-up-some-man-pages-rpmdiff-noticed.patch -Patch0052: 0052-Make-our-info-pages-say-grub2-where-appropriate.patch -Patch0053: 0053-macos-just-build-chainloader-entries-don-t-try-any-x.patch -Patch0054: 0054-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch -Patch0055: 0055-export-btrfs_subvol-and-btrfs_subvolid.patch -Patch0056: 0056-grub2-btrfs-03-follow_default.patch -Patch0057: 0057-grub2-btrfs-04-grub2-install.patch -Patch0058: 0058-grub2-btrfs-05-grub2-mkconfig.patch -Patch0059: 0059-grub2-btrfs-06-subvol-mount.patch -Patch0060: 0060-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch -Patch0061: 0061-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch -Patch0062: 0062-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch -Patch0063: 0063-Use-grub_efi_.-memory-helpers-where-reasonable.patch -Patch0064: 0064-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch -Patch0065: 0065-don-t-use-int-for-efi-status.patch -Patch0066: 0066-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch -Patch0067: 0067-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch -Patch0068: 0068-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch -Patch0069: 0069-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch -Patch0070: 0070-align-struct-efi_variable-better.patch -Patch0071: 0071-Add-BLS-support-to-grub-mkconfig.patch -Patch0072: 0072-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch -Patch0073: 0073-Add-linux-and-initrd-commands-for-grub-emu.patch -Patch0074: 0074-Add-grub2-switch-to-blscfg.patch -Patch0075: 0075-make-better-backtraces.patch -Patch0076: 0076-normal-don-t-draw-our-startup-message-if-debug-is-se.patch -Patch0077: 0077-Work-around-some-minor-include-path-weirdnesses.patch -Patch0078: 0078-Make-it-possible-to-enabled-build-id-sha1.patch -Patch0079: 0079-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch -Patch0080: 0080-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch -Patch0081: 0081-Fixup-for-newer-compiler.patch -Patch0082: 0082-Don-t-attempt-to-export-the-start-and-_start-symbols.patch -Patch0083: 0083-Fixup-for-newer-compiler.patch -Patch0084: 0084-Add-support-for-non-Ethernet-network-cards.patch -Patch0085: 0085-net-read-bracketed-ipv6-addrs-and-port-numbers.patch -Patch0086: 0086-bootp-New-net_bootp6-command.patch -Patch0087: 0087-efinet-UEFI-IPv6-PXE-support.patch -Patch0088: 0088-grub.texi-Add-net_bootp6-doument.patch -Patch0089: 0089-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch -Patch0090: 0090-efinet-Setting-network-from-UEFI-device-path.patch -Patch0091: 0091-efinet-Setting-DNS-server-from-UEFI-protocol.patch -Patch0092: 0092-Support-UEFI-networking-protocols.patch -Patch0093: 0093-AUDIT-0-http-boot-tracker-bug.patch -Patch0094: 0094-grub-editenv-Add-incr-command-to-increment-integer-v.patch -Patch0095: 0095-Add-auto-hide-menu-support.patch -Patch0096: 0096-Add-grub-set-bootflag-utility.patch -Patch0097: 0097-docs-Add-grub-boot-indeterminate.service-example.patch -Patch0098: 0098-gentpl-add-disable-support.patch -Patch0099: 0099-gentpl-add-pc-firmware-type.patch -Patch0100: 0100-efinet-also-use-the-firmware-acceleration-for-http.patch -Patch0101: 0101-efi-http-Make-root_url-reflect-the-protocol-hostname.patch -Patch0102: 0102-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch -Patch0103: 0103-module-verifier-make-it-possible-to-run-checkers-on-.patch -Patch0104: 0104-Rework-how-the-fdt-command-builds.patch -Patch0105: 0105-Disable-non-wordsize-allocations-on-arm.patch -Patch0106: 0106-Prepend-prefix-when-HTTP-path-is-relative.patch -Patch0107: 0107-Make-grub_error-more-verbose.patch -Patch0108: 0108-Make-reset-an-alias-for-the-reboot-command.patch -Patch0109: 0109-Add-a-version-command.patch -Patch0110: 0110-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch -Patch0111: 0111-arm-arm64-loader-Better-memory-allocation-and-error-.patch -Patch0112: 0112-Try-to-pick-better-locations-for-kernel-and-initrd.patch -Patch0113: 0113-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch -Patch0114: 0114-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch -Patch0115: 0115-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch -Patch0116: 0116-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch -Patch0117: 0117-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch -Patch0118: 0118-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch -Patch0119: 0119-Fix-getroot.c-s-trampolines.patch -Patch0120: 0120-Do-not-allow-stack-trampolines-anywhere.patch -Patch0121: 0121-Reimplement-boot_counter.patch -Patch0122: 0122-Fix-menu-entry-selection-based-on-ID-and-title.patch -Patch0123: 0123-Make-the-menu-entry-users-option-argument-to-be-opti.patch -Patch0124: 0124-Add-efi-export-env-and-efi-load-env-commands.patch -Patch0125: 0125-Make-it-possible-to-subtract-conditions-from-debug.patch -Patch0126: 0126-Export-all-variables-from-the-initial-context-when-c.patch -Patch0127: 0127-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch -Patch0128: 0128-Fix-systemctl-kexec-exit-status-check.patch -Patch0129: 0129-Print-grub-emu-linux-loader-messages-as-debug.patch -Patch0130: 0130-Don-t-assume-that-boot-commands-will-only-return-on-.patch -Patch0131: 0131-Fix-undefined-references-for-fdt-when-building-with-.patch -Patch0132: 0132-Do-better-in-bootstrap.conf.patch -Patch0133: 0133-Use-git-to-apply-gnulib-patches.patch -Patch0134: 0134-Fix-build-error-with-the-fdt-module-on-risc-v.patch -Patch0135: 0135-grub-set-bootflag-Update-comment-about-running-as-ro.patch -Patch0136: 0136-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch -Patch0137: 0137-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch -Patch0138: 0138-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch -Patch0139: 0139-chainloader-Define-machine-types-for-RISC-V.patch -Patch0140: 0140-Add-start-symbol-for-RISC-V.patch -Patch0141: 0141-bootstrap.conf-Force-autogen.sh-to-use-python3.patch -Patch0142: 0142-efi-http-Export-fw-http-_path-variables-to-make-them.patch -Patch0143: 0143-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch -Patch0144: 0144-efi-net-Allow-to-specify-a-port-number-in-addresses.patch -Patch0145: 0145-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch -Patch0146: 0146-efi-net-Print-a-debug-message-if-parsing-the-address.patch -Patch0147: 0147-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch -Patch0148: 0148-efi-Set-image-base-address-before-jumping-to-the-PE-.patch -Patch0149: 0149-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch -Patch0150: 0150-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch -Patch0151: 0151-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch -Patch0152: 0152-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch -Patch0153: 0153-efi-dhcp-fix-some-allocation-error-checking.patch -Patch0154: 0154-efi-http-fix-some-allocation-error-checking.patch -Patch0155: 0155-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch -Patch0156: 0156-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch -Patch0157: 0157-linuxefi-fail-kernel-validation-without-shim-protoco.patch -Patch0158: 0158-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch -Patch0159: 0159-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch -Patch0160: 0160-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch -Patch0161: 0161-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch -Patch0162: 0162-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch -Patch0163: 0163-Add-systemd-integration-scripts-to-make-systemctl-re.patch -Patch0164: 0164-systemd-integration.sh-Also-set-old-menu_show_once-g.patch -Patch0165: 0165-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch -Patch0166: 0166-grub-install-disable-support-for-EFI-platforms.patch -Patch0167: 0167-New-with-debug-timestamps-configure-flag-to-prepend-.patch -Patch0168: 0168-Added-debug-statements-to-grub_disk_open-and-grub_di.patch -Patch0169: 0169-Introduce-function-grub_debug_is_enabled-void-return.patch -Patch0170: 0170-Don-t-clear-screen-when-debugging-is-enabled.patch -Patch0171: 0171-grub_file_-instrumentation-new-file-debug-tag.patch -Patch0172: 0172-ieee1275-Avoiding-many-unecessary-open-close.patch -Patch0173: 0173-ieee1275-powerpc-implements-fibre-channel-discovery-.patch -Patch0174: 0174-ieee1275-powerpc-enables-device-mapper-discovery.patch -Patch0175: 0175-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch -Patch0176: 0176-Add-suport-for-signing-grub-with-an-appended-signatu.patch -Patch0177: 0177-docs-grub-Document-signing-grub-under-UEFI.patch -Patch0178: 0178-docs-grub-Document-signing-grub-with-an-appended-sig.patch -Patch0179: 0179-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch -Patch0180: 0180-pgp-factor-out-rsa_pad.patch -Patch0181: 0181-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch -Patch0182: 0182-posix_wrap-tweaks-in-preparation-for-libtasn1.patch -Patch0183: 0183-libtasn1-import-libtasn1-4.16.0.patch -Patch0184: 0184-libtasn1-disable-code-not-needed-in-grub.patch -Patch0185: 0185-libtasn1-changes-for-grub-compatibility.patch -Patch0186: 0186-libtasn1-compile-into-asn1-module.patch -Patch0187: 0187-test_asn1-test-module-for-libtasn1.patch -Patch0188: 0188-grub-install-support-embedding-x509-certificates.patch -Patch0189: 0189-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch -Patch0190: 0190-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch -Patch0191: 0191-appended-signatures-support-verifying-appended-signa.patch -Patch0192: 0192-appended-signatures-verification-tests.patch -Patch0193: 0193-appended-signatures-documentation.patch -Patch0194: 0194-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch -Patch0195: 0195-Revert-templates-Properly-disable-the-os-prober-by-d.patch -Patch0196: 0196-Revert-templates-Disable-the-os-prober-by-default.patch -Patch0197: 0197-fs-xfs-Add-bigtime-support-for-xfs-driver.patch -Patch0198: 0198-fs-Use-64bit-type-for-filesystem-timestamp.patch -Patch0199: 0199-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch -Patch0200: 0200-ieee1275-claim-more-memory.patch -Patch0201: 0201-ieee1275-request-memory-with-ibm-client-architecture.patch -Patch0202: 0202-xfs-Include-needsrepair-in-the-supported-incompat-fe.patch -Patch0203: 0203-Don-t-update-the-cmdline-when-generating-legacy-menu.patch +Patch0001: 0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch +Patch0002: 0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch +Patch0003: 0003-Revert-templates-Disable-the-os-prober-by-default.patch +Patch0004: 0004-Add-support-for-Linux-EFI-stub-loading.patch +Patch0005: 0005-Rework-linux-command.patch +Patch0006: 0006-Rework-linux16-command.patch +Patch0007: 0007-Add-secureboot-support-on-efi-chainloader.patch +Patch0008: 0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +Patch0009: 0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +Patch0010: 0010-re-write-.gitignore.patch +Patch0011: 0011-IBM-client-architecture-CAS-reboot-support.patch +Patch0012: 0012-for-ppc-reset-console-display-attr-when-clear-screen.patch +Patch0013: 0013-Disable-GRUB-video-support-for-IBM-power-machines.patch +Patch0014: 0014-Move-bash-completion-script-922997.patch +Patch0015: 0015-Allow-fallback-to-include-entries-by-title-not-just-.patch +Patch0016: 0016-Make-exit-take-a-return-code.patch +Patch0017: 0017-Make-efi-machines-load-an-env-block-from-a-variable.patch +Patch0018: 0018-Migrate-PPC-from-Yaboot-to-Grub2.patch +Patch0019: 0019-Add-fw_path-variable-revised.patch +Patch0020: 0020-Pass-x-hex-hex-straight-through-unmolested.patch +Patch0021: 0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +Patch0022: 0022-Add-devicetree-loading.patch +Patch0023: 0023-Don-t-write-messages-to-the-screen.patch +Patch0024: 0024-Don-t-print-GNU-GRUB-header.patch +Patch0025: 0025-Don-t-add-to-highlighted-row.patch +Patch0026: 0026-Message-string-cleanups.patch +Patch0027: 0027-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch +Patch0028: 0028-Use-the-correct-indentation-for-the-term-help-text.patch +Patch0029: 0029-Indent-menu-entries.patch +Patch0030: 0030-Fix-margins.patch +Patch0031: 0031-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch +Patch0032: 0032-Enable-pager-by-default.-985860.patch +Patch0033: 0033-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch +Patch0034: 0034-Don-t-say-GNU-Linux-in-generated-menus.patch +Patch0035: 0035-Don-t-draw-a-border-around-the-menu.patch +Patch0036: 0036-Use-the-standard-margin-for-the-timeout-string.patch +Patch0037: 0037-Add-.eh_frame-to-list-of-relocations-stripped.patch +Patch0038: 0038-Don-t-require-a-password-to-boot-entries-generated-b.patch +Patch0039: 0039-Don-t-emit-Booting-.-message.patch +Patch0040: 0040-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +Patch0041: 0041-use-fw_path-prefix-when-fallback-searching-for-grub-.patch +Patch0042: 0042-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch +Patch0043: 0043-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +Patch0044: 0044-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch +Patch0045: 0045-Try-prefix-if-fw_path-doesn-t-work.patch +Patch0046: 0046-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch +Patch0047: 0047-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +Patch0048: 0048-Add-friendly-grub2-password-config-tool-985962.patch +Patch0049: 0049-tcp-add-window-scaling-support.patch +Patch0050: 0050-efinet-and-bootp-add-support-for-dhcpv6.patch +Patch0051: 0051-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +Patch0052: 0052-bz1374141-fix-incorrect-mask-for-ppc64.patch +Patch0053: 0053-Make-grub_fatal-also-backtrace.patch +Patch0054: 0054-Fix-up-some-man-pages-rpmdiff-noticed.patch +Patch0055: 0055-Make-our-info-pages-say-grub2-where-appropriate.patch +Patch0056: 0056-macos-just-build-chainloader-entries-don-t-try-any-x.patch +Patch0057: 0057-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch +Patch0058: 0058-export-btrfs_subvol-and-btrfs_subvolid.patch +Patch0059: 0059-grub2-btrfs-03-follow_default.patch +Patch0060: 0060-grub2-btrfs-04-grub2-install.patch +Patch0061: 0061-grub2-btrfs-05-grub2-mkconfig.patch +Patch0062: 0062-grub2-btrfs-06-subvol-mount.patch +Patch0063: 0063-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch +Patch0064: 0064-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch +Patch0065: 0065-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch +Patch0066: 0066-Use-grub_efi_.-memory-helpers-where-reasonable.patch +Patch0067: 0067-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +Patch0068: 0068-don-t-use-int-for-efi-status.patch +Patch0069: 0069-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch +Patch0070: 0070-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +Patch0071: 0071-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch +Patch0072: 0072-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch +Patch0073: 0073-align-struct-efi_variable-better.patch +Patch0074: 0074-Add-BLS-support-to-grub-mkconfig.patch +Patch0075: 0075-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch +Patch0076: 0076-Add-linux-and-initrd-commands-for-grub-emu.patch +Patch0077: 0077-Add-grub2-switch-to-blscfg.patch +Patch0078: 0078-make-better-backtraces.patch +Patch0079: 0079-normal-don-t-draw-our-startup-message-if-debug-is-se.patch +Patch0080: 0080-Work-around-some-minor-include-path-weirdnesses.patch +Patch0081: 0081-Make-it-possible-to-enabled-build-id-sha1.patch +Patch0082: 0082-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch +Patch0083: 0083-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch +Patch0084: 0084-Fixup-for-newer-compiler.patch +Patch0085: 0085-Don-t-attempt-to-export-the-start-and-_start-symbols.patch +Patch0086: 0086-Fixup-for-newer-compiler.patch +Patch0087: 0087-Add-support-for-non-Ethernet-network-cards.patch +Patch0088: 0088-net-read-bracketed-ipv6-addrs-and-port-numbers.patch +Patch0089: 0089-bootp-New-net_bootp6-command.patch +Patch0090: 0090-efinet-UEFI-IPv6-PXE-support.patch +Patch0091: 0091-grub.texi-Add-net_bootp6-doument.patch +Patch0092: 0092-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch +Patch0093: 0093-efinet-Setting-network-from-UEFI-device-path.patch +Patch0094: 0094-efinet-Setting-DNS-server-from-UEFI-protocol.patch +Patch0095: 0095-Support-UEFI-networking-protocols.patch +Patch0096: 0096-AUDIT-0-http-boot-tracker-bug.patch +Patch0097: 0097-grub-editenv-Add-incr-command-to-increment-integer-v.patch +Patch0098: 0098-Add-auto-hide-menu-support.patch +Patch0099: 0099-Add-grub-set-bootflag-utility.patch +Patch0100: 0100-docs-Add-grub-boot-indeterminate.service-example.patch +Patch0101: 0101-gentpl-add-disable-support.patch +Patch0102: 0102-gentpl-add-pc-firmware-type.patch +Patch0103: 0103-efinet-also-use-the-firmware-acceleration-for-http.patch +Patch0104: 0104-efi-http-Make-root_url-reflect-the-protocol-hostname.patch +Patch0105: 0105-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch +Patch0106: 0106-module-verifier-make-it-possible-to-run-checkers-on-.patch +Patch0107: 0107-Rework-how-the-fdt-command-builds.patch +Patch0108: 0108-Disable-non-wordsize-allocations-on-arm.patch +Patch0109: 0109-Prepend-prefix-when-HTTP-path-is-relative.patch +Patch0110: 0110-Make-grub_error-more-verbose.patch +Patch0111: 0111-Make-reset-an-alias-for-the-reboot-command.patch +Patch0112: 0112-Add-a-version-command.patch +Patch0113: 0113-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch +Patch0114: 0114-arm-arm64-loader-Better-memory-allocation-and-error-.patch +Patch0115: 0115-Try-to-pick-better-locations-for-kernel-and-initrd.patch +Patch0116: 0116-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch +Patch0117: 0117-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch +Patch0118: 0118-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch +Patch0119: 0119-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch +Patch0120: 0120-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch +Patch0121: 0121-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch +Patch0122: 0122-Fix-getroot.c-s-trampolines.patch +Patch0123: 0123-Do-not-allow-stack-trampolines-anywhere.patch +Patch0124: 0124-Reimplement-boot_counter.patch +Patch0125: 0125-Fix-menu-entry-selection-based-on-ID-and-title.patch +Patch0126: 0126-Make-the-menu-entry-users-option-argument-to-be-opti.patch +Patch0127: 0127-Add-efi-export-env-and-efi-load-env-commands.patch +Patch0128: 0128-Make-it-possible-to-subtract-conditions-from-debug.patch +Patch0129: 0129-Export-all-variables-from-the-initial-context-when-c.patch +Patch0130: 0130-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch +Patch0131: 0131-Fix-systemctl-kexec-exit-status-check.patch +Patch0132: 0132-Print-grub-emu-linux-loader-messages-as-debug.patch +Patch0133: 0133-Don-t-assume-that-boot-commands-will-only-return-on-.patch +Patch0134: 0134-Fix-undefined-references-for-fdt-when-building-with-.patch +Patch0135: 0135-Do-better-in-bootstrap.conf.patch +Patch0136: 0136-Use-git-to-apply-gnulib-patches.patch +Patch0137: 0137-Fix-build-error-with-the-fdt-module-on-risc-v.patch +Patch0138: 0138-grub-set-bootflag-Update-comment-about-running-as-ro.patch +Patch0139: 0139-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch +Patch0140: 0140-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch +Patch0141: 0141-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch +Patch0142: 0142-chainloader-Define-machine-types-for-RISC-V.patch +Patch0143: 0143-Add-start-symbol-for-RISC-V.patch +Patch0144: 0144-bootstrap.conf-Force-autogen.sh-to-use-python3.patch +Patch0145: 0145-efi-http-Export-fw-http-_path-variables-to-make-them.patch +Patch0146: 0146-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch +Patch0147: 0147-efi-net-Allow-to-specify-a-port-number-in-addresses.patch +Patch0148: 0148-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch +Patch0149: 0149-efi-net-Print-a-debug-message-if-parsing-the-address.patch +Patch0150: 0150-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch +Patch0151: 0151-efi-Set-image-base-address-before-jumping-to-the-PE-.patch +Patch0152: 0152-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch +Patch0153: 0153-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch +Patch0154: 0154-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch +Patch0155: 0155-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch +Patch0156: 0156-efi-dhcp-fix-some-allocation-error-checking.patch +Patch0157: 0157-efi-http-fix-some-allocation-error-checking.patch +Patch0158: 0158-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch +Patch0159: 0159-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch +Patch0160: 0160-linuxefi-fail-kernel-validation-without-shim-protoco.patch +Patch0161: 0161-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch +Patch0162: 0162-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch +Patch0163: 0163-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch +Patch0164: 0164-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch +Patch0165: 0165-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch +Patch0166: 0166-Add-systemd-integration-scripts-to-make-systemctl-re.patch +Patch0167: 0167-systemd-integration.sh-Also-set-old-menu_show_once-g.patch +Patch0168: 0168-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch +Patch0169: 0169-grub-install-disable-support-for-EFI-platforms.patch +Patch0170: 0170-New-with-debug-timestamps-configure-flag-to-prepend-.patch +Patch0171: 0171-Added-debug-statements-to-grub_disk_open-and-grub_di.patch +Patch0172: 0172-Introduce-function-grub_debug_is_enabled-void-return.patch +Patch0173: 0173-Don-t-clear-screen-when-debugging-is-enabled.patch +Patch0174: 0174-grub_file_-instrumentation-new-file-debug-tag.patch +Patch0175: 0175-ieee1275-Avoiding-many-unecessary-open-close.patch +Patch0176: 0176-ieee1275-powerpc-implements-fibre-channel-discovery-.patch +Patch0177: 0177-ieee1275-powerpc-enables-device-mapper-discovery.patch +Patch0178: 0178-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch +Patch0179: 0179-Add-suport-for-signing-grub-with-an-appended-signatu.patch +Patch0180: 0180-docs-grub-Document-signing-grub-under-UEFI.patch +Patch0181: 0181-docs-grub-Document-signing-grub-with-an-appended-sig.patch +Patch0182: 0182-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch +Patch0183: 0183-pgp-factor-out-rsa_pad.patch +Patch0184: 0184-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch +Patch0185: 0185-posix_wrap-tweaks-in-preparation-for-libtasn1.patch +Patch0186: 0186-libtasn1-import-libtasn1-4.16.0.patch +Patch0187: 0187-libtasn1-disable-code-not-needed-in-grub.patch +Patch0188: 0188-libtasn1-changes-for-grub-compatibility.patch +Patch0189: 0189-libtasn1-compile-into-asn1-module.patch +Patch0190: 0190-test_asn1-test-module-for-libtasn1.patch +Patch0191: 0191-grub-install-support-embedding-x509-certificates.patch +Patch0192: 0192-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch +Patch0193: 0193-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch +Patch0194: 0194-appended-signatures-support-verifying-appended-signa.patch +Patch0195: 0195-appended-signatures-verification-tests.patch +Patch0196: 0196-appended-signatures-documentation.patch +Patch0197: 0197-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch +Patch0198: 0198-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch +Patch0199: 0199-ieee1275-claim-more-memory.patch +Patch0200: 0200-ieee1275-request-memory-with-ibm-client-architecture.patch +Patch0201: 0201-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch +Patch0202: 0202-ieee1275-ofdisk-retry-on-open-failure.patch +Patch0203: 0203-01_menu_auto_hide.in-fix-a-then-than-typo.patch +Patch0204: 0204-Fix-disabling-grub-rpm-sort.patch +Patch0205: 0205-Don-t-check-for-rpmvercmp-in-librpm.patch +Patch0206: 0206-Allow-chainloading-EFI-apps-from-loop-mounts.patch +Patch0207: 0207-efinet-Add-DHCP-proxy-support.patch +Patch0208: 0208-fs-ext2-Ignore-checksum-seed-incompat-feature.patch +Patch0209: 0209-Don-t-update-the-cmdline-when-generating-legacy-menu.patch +Patch0210: 0210-Suppress-gettext-error-message.patch +Patch0211: 0211-grub-boot-success.timer-Only-run-if-not-in-a-contain.patch +Patch0212: 0212-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch +Patch0213: 0213-Remove-outdated-URL-for-BLS-document.patch +Patch0214: 0214-templates-Check-for-EFI-at-runtime-instead-of-config.patch +Patch0215: 0215-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch +Patch0216: 0216-arm64-Fix-EFI-loader-kernel-image-allocation.patch +Patch0217: 0217-normal-main-Discover-the-device-to-read-the-config-f.patch +Patch0218: 0218-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch +Patch0219: 0219-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch diff --git a/grub2.spec b/grub2.spec index f70318d..331730b 100644 --- a/grub2.spec +++ b/grub2.spec @@ -5,7 +5,7 @@ %undefine _hardened_build -%global tarversion 2.06~rc1 +%global tarversion 2.06 %undefine _missing_build_ids_terminate_build %global _configure_gnuconfig_hack 0 @@ -13,8 +13,8 @@ Name: grub2 Epoch: 1 -Version: 2.06~rc1 -Release: 9%{?dist} +Version: 2.06 +Release: 1%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -23,7 +23,7 @@ Source0: https://ftp.gnu.org/gnu/grub/grub-%{tarversion}.tar.xz Source1: grub.macros Source2: gnulib-%{gnulibversion}.tar.gz Source3: 99-grub-mkconfig.install -Source4: http://unifoundry.com/unifont-5.1.20080820.pcf.gz +Source4: http://unifoundry.com/pub/unifont/unifont-13.0.06/font-builds/unifont-13.0.06.pcf.gz Source5: theme.tar.bz2 Source6: gitignore Source7: bootstrap @@ -81,6 +81,7 @@ hardware devices.\ Summary: grub2 common layout BuildArch: noarch Conflicts: grubby < 8.40-18 +Requires(post): util-linux %description common This package provides some directories which are required by various grub2 @@ -240,19 +241,6 @@ rm -vf ${RPM_BUILD_ROOT}/%{_sbindir}/%{name}-macbless %find_lang grub -# Make selinux happy with exec stack binaries. -mkdir ${RPM_BUILD_ROOT}%{_sysconfdir}/prelink.conf.d/ -cat << EOF > ${RPM_BUILD_ROOT}%{_sysconfdir}/prelink.conf.d/grub2.conf -# these have execstack, and break under selinux --b /usr/bin/grub2-script-check --b /usr/bin/grub2-mkrelpath --b /usr/bin/grub2-mount --b /usr/bin/grub2-fstest --b /usr/sbin/grub2-bios-setup --b /usr/sbin/grub2-probe --b /usr/sbin/grub2-sparc64-setup -EOF - # Install kernel-install scripts install -d -m 0755 %{buildroot}%{_prefix}/lib/kernel/install.d/ install -D -m 0755 -t %{buildroot}%{_prefix}/lib/kernel/install.d/ %{SOURCE10} @@ -270,7 +258,7 @@ install -d -m 0755 %{buildroot}%{_unitdir}/system-update.target.wants install -d -m 0755 %{buildroot}%{_unitdir}/reboot.target.wants ln -s ../grub-boot-indeterminate.service \ %{buildroot}%{_unitdir}/system-update.target.wants -ln -s ../grub2-systemd-integration.service \ +ln -s ../%{name}-systemd-integration.service \ %{buildroot}%{_unitdir}/reboot.target.wants # Don't run debuginfo on all the grub modules and whatnot; it just @@ -295,9 +283,9 @@ ln -s ../grub2-systemd-integration.service \ %undefine buildsubdir %pre tools -if [ -f /boot/grub2/user.cfg ]; then - if grep -q '^GRUB_PASSWORD=' /boot/grub2/user.cfg ; then - sed -i 's/^GRUB_PASSWORD=/GRUB2_PASSWORD=/' /boot/grub2/user.cfg +if [ -f /boot/%{name}/user.cfg ]; then + if grep -q '^GRUB_PASSWORD=' /boot/%{name}/user.cfg ; then + sed -i 's/^GRUB_PASSWORD=/GRUB2_PASSWORD=/' /boot/%{name}/user.cfg fi elif [ -f %{efi_esp_dir}/user.cfg ]; then if grep -q '^GRUB_PASSWORD=' %{efi_esp_dir}/user.cfg ; then @@ -313,48 +301,29 @@ elif [ -f /etc/grub.d/01_users ] && \ sed 's/^password_pbkdf2 root \(.*\)$/GRUB2_PASSWORD=\1/' \ > %{efi_esp_dir}/user.cfg fi - if [ -f /boot/grub2/grub.cfg ]; then - install -m 0600 /dev/null /boot/grub2/user.cfg - chmod 0600 /boot/grub2/user.cfg + if [ -f /boot/%{name}/grub.cfg ]; then + install -m 0600 /dev/null /boot/%{name}/user.cfg + chmod 0600 /boot/%{name}/user.cfg grep '^password_pbkdf2 root' /etc/grub.d/01_users | \ sed 's/^password_pbkdf2 root \(.*\)$/GRUB2_PASSWORD=\1/' \ - > /boot/grub2/user.cfg + > /boot/%{name}/user.cfg fi fi -%triggerun -- grub2 < 1:1.99-4 -# grub2 < 1.99-4 removed a number of essential files in postun. To fix upgrades -# from the affected grub2 packages, we first back up the files in triggerun and -# later restore them in triggerpostun. -# https://bugzilla.redhat.com/show_bug.cgi?id=735259 - -# Back up the files before uninstalling old grub2 -mkdir -p /boot/grub2.tmp && -mv -f /boot/grub2/*.mod \ - /boot/grub2/*.img \ - /boot/grub2/*.lst \ - /boot/grub2/device.map \ - /boot/grub2.tmp/ || : - -%triggerpostun -- grub2 < 1:1.99-4 -# ... and restore the files. -test ! -f /boot/grub2/device.map && -test -d /boot/grub2.tmp && -mv -f /boot/grub2.tmp/*.mod \ - /boot/grub2.tmp/*.img \ - /boot/grub2.tmp/*.lst \ - /boot/grub2.tmp/device.map \ - /boot/grub2/ && -rm -r /boot/grub2.tmp/ || : - %posttrans common set -eu -EFI_HOME=/boot/efi/EFI/fedora -GRUB_HOME=/boot/grub2 +EFI_HOME=%{efi_esp_dir} +GRUB_HOME=/boot/%{name} +ESP_PATH=/boot/efi + +if ! mountpoint -q ${ESP_PATH}; then + exit 0 # no ESP mounted, nothing to do +fi if test ! -f ${EFI_HOME}/grub.cfg; then - exit 0 # nothing to unify, nothing to do + # there's no config in ESP, create one + grub2-mkconfig -o ${EFI_HOME}/grub.cfg fi if grep -q "configfile" ${EFI_HOME}/grub.cfg; then @@ -362,8 +331,8 @@ if grep -q "configfile" ${EFI_HOME}/grub.cfg; then fi # create a stub grub2 config in EFI -BOOT_UUID=$(grub2-probe --target=fs_uuid ${GRUB_HOME}) -GRUB_DIR=$(grub2-mkrelpath ${GRUB_HOME}) +BOOT_UUID=$(%{name}-probe --target=fs_uuid ${GRUB_HOME}) +GRUB_DIR=$(%{name}-mkrelpath ${GRUB_HOME}) cat << EOF > ${EFI_HOME}/grub.cfg.stb search --no-floppy --fs-uuid --set=dev ${BOOT_UUID} @@ -392,11 +361,11 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %dir /boot/%{name} %dir /boot/%{name}/themes/ %dir /boot/%{name}/themes/system -%attr(0700,root,root) %dir /boot/grub2 -%exclude /boot/grub2/* +%attr(0700,root,root) %dir /boot/%{name} +%exclude /boot/%{name}/* %dir %attr(0700,root,root) %{efi_esp_dir} %exclude %{efi_esp_dir}/* -%ghost %config(noreplace) %verify(not size mode md5 mtime) /boot/grub2/grubenv +%ghost %config(noreplace) %verify(not size mode md5 mtime) /boot/%{name}/grubenv %license COPYING %doc THANKS %doc docs/grub.html @@ -404,7 +373,6 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %doc docs/font_char_metrics.png %files tools-minimal -%{_sysconfdir}/prelink.conf.d/grub2.conf %{_sbindir}/%{name}-get-kernel-settings %{_sbindir}/%{name}-probe %attr(4755, root, root) %{_sbindir}/%{name}-set-bootflag @@ -555,6 +523,10 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Tue Aug 31 2021 Javier Martinez Canillas - 2.06-1 +- Update to 2.06 final release and ton of fixes + Resolves: rhbz#1976771 + * Wed Jun 23 2021 Javier Martinez Canillas - 2.06~rc1-9 - Fix kernel cmdline params getting overwritten on ppc64le Resolves: rhbz#1973564 diff --git a/sources b/sources index 5251e5d..9a24a53 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (unifont-5.1.20080820.pcf.gz) = 8939e2bc82ca97b60e6678f3ff079a2be7ba9b702f2e8ee289e853af5823695f7baafbf14b674fc5e41071f2a6de4f2dadd56bf8b4653849dd756d59622f1649 +SHA512 (unifont-13.0.06.pcf.gz) = 25f1ea4e316cd77b65cf4f60aa10ed054db6df2195be7344216673dee6628ab055ebcdeea186996d931fd1e9e4f519f4a2e4b4544b8a9ad2fe410aadc4eecd2d SHA512 (theme.tar.bz2) = 0f6f914d5f801509403094b28b8cfe5169cb56ae9bdd808ae21a6780a8236b434161a068351508dd78729c25ee2fed066c124c1eef9e15102750b409b4576a5c -SHA512 (grub-2.06~rc1.tar.xz) = 093890b0af71b0d346afb415dec106681fd9e3f2f5bda14093c060b861d55ee1b50c8fb24afd072d24968ebebedde290f8220b0374cbd2b2e4508dfb00924122 +SHA512 (grub-2.06.tar.xz) = 4f11c648f3078567e53fc0c74d5026fdc6da4be27d188975e79d9a4df817ade0fe5ad2ddd694238a07edc45adfa02943d83c57767dd51548102b375e529e8efe SHA512 (gnulib-fixes.tar.gz) = 7aa933812de10f54196c7ed02079d7edeb92672a528baf83201ca4c62aa3e6b119f61c45469d2c4623c4efc5d4a08d20b029403f1f2c6e35fb7cb15789ff54b2