Sync with beta changes

Resolves: rhbz#2006784
Signed-off-by: Robbie Harwood <rharwood@redhat.com>

0179-Add-suport-for-signing-grub-with-an-appended-signatu.patch

@@ -44,12 +44,12 @@ I will be proposing this for inclusion in a future Power Architecture
 Platform Reference (PAPR).
 ---
  util/grub-install-common.c  | 18 ++++++++++++++++--
- util/grub-mkimage.c         | 16 ++++++++++++++--
+ util/grub-mkimage.c         | 15 +++++++++++++--
  util/grub-mkimagexx.c       | 39 ++++++++++++++++++++++++++++++++++++++-
  util/mkimage.c              | 13 +++++++------
  include/grub/util/install.h |  8 ++++++--
  include/grub/util/mkimage.h |  4 ++--
- 6 files changed, 83 insertions(+), 15 deletions(-)
+ 6 files changed, 82 insertions(+), 15 deletions(-)
 
 diff --git a/util/grub-install-common.c b/util/grub-install-common.c
 index 4e212e690c5..aab2a941f85 100644
@@ -106,14 +106,14 @@ index 4e212e690c5..aab2a941f85 100644
    while (dc--)
      grub_install_pop_module ();
 diff --git a/util/grub-mkimage.c b/util/grub-mkimage.c
-index c0d55993702..26d1ecbf74e 100644
+index c0d55993702..8a53310548b 100644
 --- a/util/grub-mkimage.c
 +++ b/util/grub-mkimage.c
 @@ -84,6 +84,7 @@ static struct argp_option options[] = {
    {"sbat", 's', N_("FILE"), 0, N_("SBAT metadata"), 0},
    {"disable-shim-lock", GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK, 0, 0, N_("disable shim_lock verifier"), 0},
    {"verbose",     'v', 0,      0, N_("print verbose messages."), 0},
-+  {"appended-signature-size", 's', N_("SIZE"), 0, N_("Add a note segment reserving SIZE bytes for an appended signature"), 0},
++  {"appended-signature-size", 'S', N_("SIZE"), 0, N_("Add a note segment reserving SIZE bytes for an appended signature"), 0},
    { 0, 0, 0, 0, 0, 0 }
  };
  
@@ -147,14 +147,13 @@ index c0d55993702..26d1ecbf74e 100644
      case 'm':
        if (arguments->memdisk)
  	free (arguments->memdisk);
-@@ -324,8 +334,10 @@ main (int argc, char *argv[])
+@@ -324,8 +334,9 @@ main (int argc, char *argv[])
  			       arguments.memdisk, arguments.pubkeys,
  			       arguments.npubkeys, arguments.config,
  			       arguments.image_target, arguments.note,
 -			       arguments.comp, arguments.dtb,
 -			       arguments.sbat, arguments.disable_shim_lock);
-+
-+			       arguments.comp, arguments.appsig_size,
++			       arguments.appsig_size, arguments.comp,
 +			       arguments.dtb, arguments.sbat,
 +			       arguments.disable_shim_lock);
  

0191-grub-install-support-embedding-x509-certificates.patch

@@ -94,7 +94,7 @@ index aab2a941f85..422f82362c7 100644
  			       disable_shim_lock);
    while (dc--)
 diff --git a/util/grub-mkimage.c b/util/grub-mkimage.c
-index 26d1ecbf74e..c5cdda498eb 100644
+index 8a53310548b..e1f1112784a 100644
 --- a/util/grub-mkimage.c
 +++ b/util/grub-mkimage.c
 @@ -75,7 +75,8 @@ static struct argp_option options[] = {
@@ -138,8 +138,8 @@ index 26d1ecbf74e..c5cdda498eb 100644
 +			       arguments.npubkeys, arguments.x509keys,
 +			       arguments.nx509keys, arguments.config,
  			       arguments.image_target, arguments.note,
- 
- 			       arguments.comp, arguments.appsig_size,
+ 			       arguments.appsig_size, arguments.comp,
+ 			       arguments.dtb, arguments.sbat,
 diff --git a/util/mkimage.c b/util/mkimage.c
 index bab12276010..8319e8dfbde 100644
 --- a/util/mkimage.c

0220-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch

@@ -0,0 +1,63 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Thu, 9 Sep 2021 10:59:28 -0400
+Subject: [PATCH] Arm: check for the PE magic for the compiled arch
+
+In "arm64: Fix EFI loader kernel image allocation", Ben fixed the kernel
+alignment to match the alignment given in the PE header.  In doing so, a
+check for valid PE magic was added, which was hard-coded to the value
+seen on Aarch64 (GRUB_PE32_PE64_MAGIC).
+
+Unfortunately, this code is shared between 64-bit and 32-bit, and so
+that value broke 32-bit Arm systems.
+
+This patch adds a constant definition for GRUB_PE32_PEXX_MAGIC, which is
+either GRUB_PE32_PE64_MAGIC or GRUB_PE32_PE32_MAGIC, depending on which
+platform is being built, and uses it in the header magic check.
+
+Resolves: rhbz#2000756
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ grub-core/loader/arm64/linux.c | 2 +-
+ include/grub/arm/linux.h       | 1 +
+ include/grub/arm64/linux.h     | 1 +
+ 3 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
+index 4a252d5e7e9..f18d90bd749 100644
+--- a/grub-core/loader/arm64/linux.c
++++ b/grub-core/loader/arm64/linux.c
+@@ -322,7 +322,7 @@ parse_pe_header (void *kernel, grub_uint64_t *total_size,
+ 
+   pe = (void *)((unsigned long)kernel + lh->hdr_offset);
+ 
+-  if (pe->opt.magic != GRUB_PE32_PE64_MAGIC)
++  if (pe->opt.magic != GRUB_PE32_PEXX_MAGIC)
+     return grub_error(GRUB_ERR_BAD_OS, "Invalid PE optional header magic");
+ 
+   *total_size   = pe->opt.image_size;
+diff --git a/include/grub/arm/linux.h b/include/grub/arm/linux.h
+index b582f67f661..966a5074f53 100644
+--- a/include/grub/arm/linux.h
++++ b/include/grub/arm/linux.h
+@@ -44,6 +44,7 @@ struct grub_arm_linux_pe_header
+ 
+ #if defined(__arm__)
+ # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM_MAGIC_SIGNATURE
++# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE32_MAGIC
+ # define linux_arch_kernel_header linux_arm_kernel_header
+ # define grub_armxx_linux_pe_header grub_arm_linux_pe_header
+ #endif
+diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h
+index ea030312df3..422bf2bf24b 100644
+--- a/include/grub/arm64/linux.h
++++ b/include/grub/arm64/linux.h
+@@ -48,6 +48,7 @@ struct grub_arm64_linux_pe_header
+ 
+ #if defined(__aarch64__)
+ # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM64_MAGIC_SIGNATURE
++# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE64_MAGIC
+ # define linux_arch_kernel_header linux_arm64_kernel_header
+ # define grub_armxx_linux_pe_header grub_arm64_linux_pe_header
+ #endif

0221-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch

@@ -0,0 +1,118 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Erwan Velu <erwanaliasr1@gmail.com>
+Date: Wed, 25 Aug 2021 15:31:52 +0200
+Subject: [PATCH] fs/xfs: Fix unreadable filesystem with v4 superblock
+
+The commit 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
+introduced the bigtime support by adding some features in v3 inodes.
+This change extended grub_xfs_inode struct by 76 bytes but also changed
+the computation of XFS_V2_INODE_SIZE and XFS_V3_INODE_SIZE. Prior this
+commit, XFS_V2_INODE_SIZE was 100 bytes. After the commit it's 84 bytes
+XFS_V2_INODE_SIZE becomes 16 bytes too small.
+
+As a result, the data structures aren't properly aligned and the GRUB
+generates "attempt to read or write outside of partition" errors when
+trying to read the XFS filesystem:
+
+                             GNU GRUB  version 2.11
+	....
+	grub> set debug=efi,gpt,xfs
+	grub> insmod part_gpt
+	grub> ls (hd0,gpt1)/
+	partmap/gpt.c:93: Read a valid GPT header
+	partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (739521961424144223) - 344365866970255880, 3840
+	error: attempt to read or write outside of partition.
+
+This commit change the XFS_V2_INODE_SIZE computation by subtracting 76
+bytes instead of 92 bytes from the actual size of grub_xfs_inode struct.
+This 76 bytes value comes from added members:
+	20 grub_uint8_t   unused5
+	 1 grub_uint64_t  flags2
+        48 grub_uint8_t   unused6
+
+This patch explicitly splits the v2 and v3 parts of the structure.
+The unused4 is still ending of the v2 structures and the v3 starts
+at unused5. Thanks to this we will avoid future corruptions of v2
+or v3 inodes.
+
+The XFS_V2_INODE_SIZE is returning to its expected size and the
+filesystem is back to a readable state:
+
+                      GNU GRUB  version 2.11
+	....
+	grub> set debug=efi,gpt,xfs
+	grub> insmod part_gpt
+	grub> ls (hd0,gpt1)/
+	partmap/gpt.c:93: Read a valid GPT header
+	partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (131) - 64, 768
+	efi/ fs/xfs.c:515: Reading inode (3145856) - 1464904, 0
+	grub2/ fs/xfs.c:515: Reading inode (132) - 64, 1024
+	grub/ fs/xfs.c:515: Reading inode (139) - 64, 2816
+	grub>
+
+Fixes: 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
+
+Signed-off-by: Erwan Velu <e.velu@criteo.com>
+Tested-by: Carlos Maiolino <cmaiolino@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+(cherry picked from commit a4b495520e4dc41a896a8b916a64eda9970c50ea)
+---
+ grub-core/fs/xfs.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 0f524c3a8a6..e3816d1ec4a 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -192,6 +192,11 @@ struct grub_xfs_time_legacy
+   grub_uint32_t nanosec;
+ } GRUB_PACKED;
+ 
++/*
++ * The struct grub_xfs_inode layout was taken from the
++ * struct xfs_dinode_core which is described here:
++ * https://mirrors.edge.kernel.org/pub/linux/utils/fs/xfs/docs/xfs_filesystem_structure.pdf
++ */
+ struct grub_xfs_inode
+ {
+   grub_uint8_t magic[2];
+@@ -208,14 +213,15 @@ struct grub_xfs_inode
+   grub_uint32_t nextents;
+   grub_uint16_t unused3;
+   grub_uint8_t fork_offset;
+-  grub_uint8_t unused4[37];
++  grub_uint8_t unused4[17]; /* Last member of inode v2. */
++  grub_uint8_t unused5[20]; /* First member of inode v3. */
+   grub_uint64_t flags2;
+-  grub_uint8_t unused5[48];
++  grub_uint8_t unused6[48]; /* Last member of inode v3. */
+ } GRUB_PACKED;
+ 
+ #define XFS_V3_INODE_SIZE	sizeof(struct grub_xfs_inode)
+-/* Size of struct grub_xfs_inode until fork_offset (included). */
+-#define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 92)
++/* Size of struct grub_xfs_inode v2, up to unused4 member included. */
++#define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 76)
+ 
+ struct grub_xfs_dirblock_tail
+ {

0222-Print-module-name-on-license-check-failure.patch

@@ -0,0 +1,48 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 12 Oct 2021 12:34:23 -0400
+Subject: [PATCH] Print module name on license check failure
+
+At the very least, this will make it easier to track down the problem
+module - or, if something else has gone wrong, provide more information
+for debugging.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+---
+ grub-core/kern/dl.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
+index 9557254035e..f3044945742 100644
+--- a/grub-core/kern/dl.c
++++ b/grub-core/kern/dl.c
+@@ -528,14 +528,16 @@ grub_dl_find_section_index (Elf_Ehdr *e, const char *name)
+    Be sure to understand your license obligations.
+ */
+ static grub_err_t
+-grub_dl_check_license (Elf_Ehdr *e)
++grub_dl_check_license (grub_dl_t mod, Elf_Ehdr *e)
+ {
+   Elf_Shdr *s = grub_dl_find_section (e, ".module_license");
+   if (s && (grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3") == 0
+ 	    || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3+") == 0
+ 	    || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv2+") == 0))
+     return GRUB_ERR_NONE;
+-  return grub_error (GRUB_ERR_BAD_MODULE, "incompatible license");
++  return grub_error (GRUB_ERR_BAD_MODULE,
++		     "incompatible license in module %s: %s", mod->name,
++		     (char *) e + s->sh_offset);
+ }
+ 
+ static grub_err_t
+@@ -743,8 +745,8 @@ grub_dl_load_core_noinit (void *addr, grub_size_t size)
+      constitutes linking) and GRUB core being licensed under GPLv3+.
+      Be sure to understand your license obligations.
+   */
+-  if (grub_dl_check_license (e)
+-      || grub_dl_resolve_name (mod, e)
++  if (grub_dl_resolve_name (mod, e)
++      || grub_dl_check_license (mod, e)
+       || grub_dl_resolve_dependencies (mod, e)
+       || grub_dl_load_segments (mod, e)
+       || grub_dl_resolve_symbols (mod, e)

0223-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch

@@ -0,0 +1,106 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Fri, 22 Oct 2021 09:53:15 +1100
+Subject: [PATCH] powerpc-ieee1275: load grub at 4MB, not 2MB
+
+This was first reported under PFW but reproduces under SLOF.
+
+ - The core.elf was 2126152 = 0x207148 bytes in size with the following
+   program headers (per readelf):
+
+Entry point 0x200000
+There are 4 program headers, starting at offset 52
+
+Program Headers:
+  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
+  LOAD           0x000160 0x00200000 0x00200000 0x21f98 0x2971c RWE 0x8
+  GNU_STACK      0x0220f8 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
+  LOAD           0x0220f8 0x00232000 0x00232000 0x1e4e50 0x1e4e50 RWE 0x4
+  NOTE           0x206f48 0x00000000 0x00000000 0x00200 0x00000 R   0x4
+
+ - SLOF places the ELF file at 0x4000 (after the reserved space for
+   interrupt handlers etc.) upwards. The image was 2126152 = 0x207148
+   bytes in size, so it runs from 0x4000 - 0x20b148. We'll call 0x4000 the
+   load address.
+
+0x0        0x4000         0x20b148
+ |----------|--------------|
+ | reserved | ELF contents |
+
+ - SLOF then copies the first LOAD program header (for .text). That runs
+   for 0x21f98 bytes. It runs from
+      (load addr + 0x160) to (load addr + 0x160 + 0x21f98)
+    = 0x4160 to 0x260f8
+   and we copy it to 0x200000 to 0x221f98. This overwrites the end of the
+   image:
+
+0x0       0x4000     0x200000        0x221f98
+ |----------|------------|---------------|
+ | reserved | ELF cont.. | .text section |
+
+ - SLOF zeros the bss up to PhysAddr + MemSize = 0x22971c
+
+0x0       0x4000      0x200000       0x221f98 0x22971c
+ |----------|------------|---------------|--------|
+ | reserved | ELF cont.. | .text section | bss 0s |
+
+ - SLOF then goes to fulfil the next LOAD header (for mods), which is
+   for 0x1e4e50 bytes. We copy from
+      (load addr + 0x220f8) to (load addr + 0x220f8 + 0x1e4e50)
+    = 0x260f8 to 0x20af48
+   and we copy it to 0x232000 to 0x416e50:
+
+0x0       0x4000      0x200000       0x221f98 0x22971c
+ |----------|------------|---------------|--------|
+ | reserved | ELF cont.. | .text section | bss 0s |
+               |-------------|
+               | copied area |
+            0x260f8      0x20af48
+
+   This goes poorly:
+
+0x0       0x4000      0x200000       0x221f98 0x22971c 0x232000 0x40bf08      0x416e50
+ |----------|------------|---------------|--------|-----|-----------|-------------|
+ | reserved | ELF cont.. | .text section | bss 0s | pad | some mods | .text start |
+
+This matches the observations on the running system - 0x40bf08 was where
+the contents of memory no longer matched the contents of the ELF file.
+
+This was reported as a license verification failure on SLOF as the
+last module's .module_license section fell past where the corruption
+began.
+
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+[rharwood@redhat.com: trim very detailed commit message]
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+---
+ grub-core/Makefile.core.def | 2 +-
+ include/grub/offsets.h      | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
+index 3f3459b2c70..6b00eb55575 100644
+--- a/grub-core/Makefile.core.def
++++ b/grub-core/Makefile.core.def
+@@ -89,7 +89,7 @@ kernel = {
+   i386_xen_pvh_ldflags     = '$(TARGET_IMG_BASE_LDOPT),0x100000';
+ 
+   mips_loongson_ldflags    = '-Wl,-Ttext,0x80200000';
+-  powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x200000';
++  powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x400000';
+   sparc64_ieee1275_ldflags = '-Wl,-Ttext,0x4400';
+   mips_arc_ldflags    = '-Wl,-Ttext,$(TARGET_LINK_ADDR)';
+   mips_qemu_mips_ldflags    = '-Wl,-Ttext,0x80200000';
+diff --git a/include/grub/offsets.h b/include/grub/offsets.h
+index 871e1cd4c38..69211aa798b 100644
+--- a/include/grub/offsets.h
++++ b/include/grub/offsets.h
+@@ -63,7 +63,7 @@
+ #define GRUB_KERNEL_SPARC64_IEEE1275_LINK_ADDR 0x4400
+ 
+ #define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ALIGN 4
+-#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x200000
++#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x400000
+ 
+ #define GRUB_KERNEL_MIPS_LOONGSON_LINK_ADDR         0x80200000
+ 

grub.patches

@@ -217,3 +217,7 @@ Patch0216: 0216-arm64-Fix-EFI-loader-kernel-image-allocation.patch
 Patch0217: 0217-normal-main-Discover-the-device-to-read-the-config-f.patch
 Patch0218: 0218-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch
 Patch0219: 0219-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch
+Patch0220: 0220-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch
+Patch0221: 0221-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch
+Patch0222: 0222-Print-module-name-on-license-check-failure.patch
+Patch0223: 0223-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch

grub2.spec

@@ -14,7 +14,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.06
-Release:	3%{?dist}
+Release:	11%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@@ -523,6 +523,10 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif
 
 %changelog
+* Tue Oct 26 2021 Robbie Harwood <rharwood@redhat.com> - 2.06-11
+- Sync with beta changes
+  Resolves: rhbz#2006784
+
 * Mon Sep 27 2021 Robbie Harwood <rharwood@redhat.com> - 2.06-3
 - Rebuild for gating + rpminspect
   Resolves: rhbz#2006784