import grub2-2.02-142.el8

This commit is contained in:
CentOS Sources 2022-11-08 01:59:16 -05:00 committed by Stepan Oksanichenko
parent abeaaef1cf
commit 84c9965d53
64 changed files with 1045 additions and 110 deletions

View File

@ -0,0 +1,221 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Sun, 15 Mar 2020 12:37:10 -0400
Subject: [PATCH] ibmvtpm: Add support for trusted boot using a vTPM 2.0
Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
PowerPC platform. With this patch grub now measures text and binary data
into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform
does.
This patch requires Daniel Axtens's patches for claiming more memory.
For vTPM support to work on PowerVM, system driver levels 1010.30
or 1020.00 are required.
Note: Previous versions of firmware levels with the 2hash-ext-log
API call have a bug that, once this API call is invoked, has the
effect of disabling the vTPM driver under Linux causing an error
message to be displayed in the Linux kernel log. Those users will
have to update their machines to the firmware levels mentioned
above.
Cc: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
grub-core/Makefile.core.def | 7 ++
grub-core/commands/ieee1275/ibmvtpm.c | 152 ++++++++++++++++++++++++++++++++++
include/grub/ieee1275/ieee1275.h | 3 +
3 files changed, 162 insertions(+)
create mode 100644 grub-core/commands/ieee1275/ibmvtpm.c
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index ef06f8c95a..b11f74e6b2 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -1104,6 +1104,13 @@ module = {
enable = powerpc_ieee1275;
};
+module = {
+ name = tpm;
+ common = commands/tpm.c;
+ ieee1275 = commands/ieee1275/ibmvtpm.c;
+ enable = powerpc_ieee1275;
+};
+
module = {
name = terminal;
common = commands/terminal.c;
diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c
new file mode 100644
index 0000000000..e68b8448bc
--- /dev/null
+++ b/grub-core/commands/ieee1275/ibmvtpm.c
@@ -0,0 +1,152 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2021 Free Software Foundation, Inc.
+ * Copyright (C) 2021 IBM Corporation
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * IBM vTPM support code.
+ */
+
+#include <grub/err.h>
+#include <grub/types.h>
+#include <grub/tpm.h>
+#include <grub/ieee1275/ieee1275.h>
+#include <grub/mm.h>
+#include <grub/misc.h>
+
+static grub_ieee1275_ihandle_t tpm_ihandle;
+static grub_uint8_t tpm_version;
+
+#define IEEE1275_IHANDLE_INVALID ((grub_ieee1275_ihandle_t)0)
+
+static void
+tpm_get_tpm_version (void)
+{
+ grub_ieee1275_phandle_t vtpm;
+ char buffer[20];
+
+ if (!grub_ieee1275_finddevice ("/vdevice/vtpm", &vtpm) &&
+ !grub_ieee1275_get_property (vtpm, "compatible", buffer,
+ sizeof (buffer), NULL) &&
+ !grub_strcmp (buffer, "IBM,vtpm20"))
+ tpm_version = 2;
+}
+
+static grub_err_t
+tpm_init (void)
+{
+ static int init_success = 0;
+
+ if (!init_success)
+ {
+ if (grub_ieee1275_open ("/vdevice/vtpm", &tpm_ihandle) < 0) {
+ tpm_ihandle = IEEE1275_IHANDLE_INVALID;
+ return GRUB_ERR_UNKNOWN_DEVICE;
+ }
+
+ init_success = 1;
+
+ tpm_get_tpm_version ();
+ }
+
+ return GRUB_ERR_NONE;
+}
+
+static int
+ibmvtpm_2hash_ext_log (grub_uint8_t pcrindex,
+ grub_uint32_t eventtype,
+ const char *description,
+ grub_size_t description_size,
+ void *buf, grub_size_t size)
+{
+ struct tpm_2hash_ext_log
+ {
+ struct grub_ieee1275_common_hdr common;
+ grub_ieee1275_cell_t method;
+ grub_ieee1275_cell_t ihandle;
+ grub_ieee1275_cell_t size;
+ grub_ieee1275_cell_t buf;
+ grub_ieee1275_cell_t description_size;
+ grub_ieee1275_cell_t description;
+ grub_ieee1275_cell_t eventtype;
+ grub_ieee1275_cell_t pcrindex;
+ grub_ieee1275_cell_t catch_result;
+ grub_ieee1275_cell_t rc;
+ }
+ args;
+
+ INIT_IEEE1275_COMMON (&args.common, "call-method", 8, 2);
+ args.method = (grub_ieee1275_cell_t) "2hash-ext-log";
+ args.ihandle = tpm_ihandle;
+ args.pcrindex = pcrindex;
+ args.eventtype = eventtype;
+ args.description = (grub_ieee1275_cell_t) description;
+ args.description_size = description_size;
+ args.buf = (grub_ieee1275_cell_t) buf;
+ args.size = (grub_ieee1275_cell_t) size;
+
+ if (IEEE1275_CALL_ENTRY_FN (&args) == -1)
+ return -1;
+
+ /*
+ * catch_result is set if firmware does not support 2hash-ext-log
+ * rc is GRUB_IEEE1275_CELL_FALSE (0) on failure
+ */
+ if ((args.catch_result) || args.rc == GRUB_IEEE1275_CELL_FALSE)
+ return -1;
+
+ return 0;
+}
+
+static grub_err_t
+tpm2_log_event (unsigned char *buf,
+ grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ static int error_displayed = 0;
+ int err;
+
+ err = ibmvtpm_2hash_ext_log (pcr, EV_IPL,
+ description,
+ grub_strlen(description) + 1,
+ buf, size);
+ if (err && !error_displayed)
+ {
+ error_displayed++;
+ return grub_error (GRUB_ERR_BAD_DEVICE,
+ "2HASH-EXT-LOG failed: Firmware is likely too old.\n");
+ }
+
+ return GRUB_ERR_NONE;
+}
+
+grub_err_t
+grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ grub_err_t err = tpm_init();
+
+ /* Absence of a TPM isn't a failure. */
+ if (err != GRUB_ERR_NONE)
+ return GRUB_ERR_NONE;
+
+ grub_dprintf ("tpm", "log_event, pcr = %d, size = 0x%" PRIxGRUB_SIZE ", %s\n",
+ pcr, size, description);
+
+ if (tpm_version == 2)
+ return tpm2_log_event (buf, size, pcr, description);
+
+ return GRUB_ERR_NONE;
+}
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
index 131808d619..87b9f95d34 100644
--- a/include/grub/ieee1275/ieee1275.h
+++ b/include/grub/ieee1275/ieee1275.h
@@ -24,6 +24,9 @@
#include <grub/types.h>
#include <grub/machine/ieee1275.h>
+#define GRUB_IEEE1275_CELL_FALSE ((grub_ieee1275_cell_t) 0)
+#define GRUB_IEEE1275_CELL_TRUE ((grub_ieee1275_cell_t) -1)
+
struct grub_ieee1275_mem_region
{
unsigned int start;

View File

@ -0,0 +1,94 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Fri, 11 Feb 2022 16:34:23 -0500
Subject: [PATCH] ibmvtpm: Backport ibmvtpm support to grub 2.02
Backport ibmvtpm support to grub 2.02 by making as few changes to the
source as possible and building it into the core.
Since ibmvtpm support is built into grub 2.02 do not print the error
message we would typically print if it was a module and the user had
a choice to not use vTPM support if there was no vTPM by avoiding
to use the module.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
grub-core/Makefile.core.def | 8 +-------
grub-core/commands/ieee1275/ibmvtpm.c | 13 ++++++++++---
include/grub/tpm.h | 2 +-
3 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index b11f74e6b2..637d7203e3 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -298,6 +298,7 @@ kernel = {
powerpc_ieee1275 = kern/powerpc/cache.S;
powerpc_ieee1275 = kern/powerpc/dl.c;
powerpc_ieee1275 = kern/powerpc/compiler-rt.S;
+ powerpc_ieee1275 = commands/ieee1275/ibmvtpm.c;
sparc64_ieee1275 = kern/sparc64/cache.S;
sparc64_ieee1275 = kern/sparc64/dl.c;
@@ -1104,13 +1105,6 @@ module = {
enable = powerpc_ieee1275;
};
-module = {
- name = tpm;
- common = commands/tpm.c;
- ieee1275 = commands/ieee1275/ibmvtpm.c;
- enable = powerpc_ieee1275;
-};
-
module = {
name = terminal;
common = commands/terminal.c;
diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c
index e68b8448bc..728b2cbdcd 100644
--- a/grub-core/commands/ieee1275/ibmvtpm.c
+++ b/grub-core/commands/ieee1275/ibmvtpm.c
@@ -115,7 +115,8 @@ tpm2_log_event (unsigned char *buf,
grub_size_t size, grub_uint8_t pcr,
const char *description)
{
- static int error_displayed = 0;
+ /* Do not print error since vTPM support is built-in */
+ static int error_displayed = 1;
int err;
err = ibmvtpm_2hash_ext_log (pcr, EV_IPL,
@@ -132,8 +133,8 @@ tpm2_log_event (unsigned char *buf,
return GRUB_ERR_NONE;
}
-grub_err_t
-grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+static grub_err_t
+_grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
const char *description)
{
grub_err_t err = tpm_init();
@@ -150,3 +151,9 @@ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
return GRUB_ERR_NONE;
}
+
+grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,
+ grub_uint8_t pcr, const char *description)
+{
+ return _grub_tpm_measure(buf, size, pcr, description);
+}
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
index ce52be4ff7..52af2b8448 100644
--- a/include/grub/tpm.h
+++ b/include/grub/tpm.h
@@ -69,7 +69,7 @@ typedef struct {
grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size,
grub_uint8_t pcr, const char *kind,
const char *description);
-#if defined (GRUB_MACHINE_EFI)
+#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_IEEE1275)
grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
PassThroughToTPM_OutputParamBlock *outbuf);
grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,

View File

@ -0,0 +1,112 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Fri, 8 Apr 2022 12:35:28 +1000
Subject: [PATCH] powerpc: do CAS in a more compatible way
I wrongly assumed that the most compatible way to perform CAS
negotiation was to only set the minimum number of vectors required
to ask for more memory. It turns out that this messes up booting
if the minimum VP capacity would be less than the default 10% in
vector 4.
Linux configures the minimum capacity to be 1%, so copy it for that
and for vector 3 which we now need to specify as well.
Signed-off-by: Daniel Axtens <dja@axtens.net>
(cherry picked from commit e6f02ad4e75cd995a8ee2954d28949c415b6cbfe)
(cherry picked from commit 9f825ebc319c56ca503741e6dc1a0f27ff36fe2d)
---
grub-core/kern/ieee1275/init.c | 54 ++++++++++++++++++++++++------------------
1 file changed, 31 insertions(+), 23 deletions(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index adf4bd5a88..1414695cc6 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -294,33 +294,37 @@ grub_ieee1275_total_mem (grub_uint64_t *total)
/* Based on linux - arch/powerpc/kernel/prom_init.c */
struct option_vector2 {
- grub_uint8_t byte1;
- grub_uint16_t reserved;
- grub_uint32_t real_base;
- grub_uint32_t real_size;
- grub_uint32_t virt_base;
- grub_uint32_t virt_size;
- grub_uint32_t load_base;
- grub_uint32_t min_rma;
- grub_uint32_t min_load;
- grub_uint8_t min_rma_percent;
- grub_uint8_t max_pft_size;
+ grub_uint8_t byte1;
+ grub_uint16_t reserved;
+ grub_uint32_t real_base;
+ grub_uint32_t real_size;
+ grub_uint32_t virt_base;
+ grub_uint32_t virt_size;
+ grub_uint32_t load_base;
+ grub_uint32_t min_rma;
+ grub_uint32_t min_load;
+ grub_uint8_t min_rma_percent;
+ grub_uint8_t max_pft_size;
} __attribute__((packed));
struct pvr_entry {
- grub_uint32_t mask;
- grub_uint32_t entry;
+ grub_uint32_t mask;
+ grub_uint32_t entry;
};
struct cas_vector {
- struct {
- struct pvr_entry terminal;
- } pvr_list;
- grub_uint8_t num_vecs;
- grub_uint8_t vec1_size;
- grub_uint8_t vec1;
- grub_uint8_t vec2_size;
- struct option_vector2 vec2;
+ struct {
+ struct pvr_entry terminal;
+ } pvr_list;
+ grub_uint8_t num_vecs;
+ grub_uint8_t vec1_size;
+ grub_uint8_t vec1;
+ grub_uint8_t vec2_size;
+ struct option_vector2 vec2;
+ grub_uint8_t vec3_size;
+ grub_uint16_t vec3;
+ grub_uint8_t vec4_size;
+ grub_uint16_t vec4;
} __attribute__((packed));
/* Call ibm,client-architecture-support to try to get more RMA.
@@ -341,13 +345,17 @@ grub_ieee1275_ibm_cas (void)
} args;
struct cas_vector vector = {
.pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */
- .num_vecs = 2 - 1,
+ .num_vecs = 4 - 1,
.vec1_size = 0,
.vec1 = 0x80, /* ignore */
.vec2_size = 1 + sizeof(struct option_vector2) - 2,
.vec2 = {
0, 0, -1, -1, -1, -1, -1, 512, -1, 0, 48
},
+ .vec3_size = 2 - 1,
+ .vec3 = 0x00e0, // ask for FP + VMX + DFP but don't halt if unsatisfied
+ .vec4_size = 2 - 1,
+ .vec4 = 0x0001, // set required minimum capacity % to the lowest value
};
INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2);
@@ -360,7 +368,7 @@ grub_ieee1275_ibm_cas (void)
args.ihandle = root;
args.cas_addr = (grub_ieee1275_cell_t)&vector;
- grub_printf("Calling ibm,client-architecture-support...");
+ grub_printf("Calling ibm,client-architecture-support from grub...");
IEEE1275_CALL_ENTRY_FN (&args);
grub_printf("done\n");

View File

@ -0,0 +1,73 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 24 Mar 2022 14:34:32 +1100
Subject: [PATCH] powerpc: prefix detection: support device names with commas
Frustratingly, the device name itself can contain an embedded comma:
e.g /pci@800000020000015/pci1014,034A@0/sas/disk@5000c50098a0ee8b
So my previous approach was wrong: we cannot rely upon the presence
of a comma to say that a partition has been specified!
It turns out for prefixes like (,gpt2)/grub2 we really want to make
up a full (device,partition)/patch prefix, because root discovery code
in 10_linux will reset the root variable and use search to fill it again.
If you have run grub-install, you probably don't have search built in,
and if you don't have prefix containing (device,partition), grub will
construct ($root)$prefix/powerpc-ieee1275/search.mod - but because $root
has just been changed, this will no longer work, and the boot will fail!
Retain the gist of the logic, but instead of looking for a comma, look for
a leading '('. This matches the earlier code better anyway.
There's certainly a better fix to be had. But any time you chose to build
with a bare prefix like '/grub2', you're almost certainly going to build in
search anyway, so this will do.
Signed-off-by: Daniel Axtens <dja@axtens.net>
(cherry picked from commit 80b6eb5e55e6d1a4c9896361e61de31c29e6939d)
(cherry picked from commit f3df9f1c2335df22d020e80583d932e254594f0e)
---
grub-core/kern/main.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
index 40a709117f..abbf8af9e6 100644
--- a/grub-core/kern/main.c
+++ b/grub-core/kern/main.c
@@ -241,14 +241,29 @@ grub_set_prefix_and_root (void)
what sorts of paths represent disks with partition tables and those
without partition tables.
- So we act unless there is a comma in the device, which would indicate
- a partition has already been specified.
+ - Frustratingly, the device name itself can contain an embedded comma:
+ /pci@800000020000015/pci1014,034A@0/sas/disk@5000c50098a0ee8b
+ So we cannot even rely upon the presence of a comma to say that a
+ partition has been specified!
- (If we only have a path, the code in normal to discover config files
- will try both without partitions and then with any partitions so we
- will cover both CDs and HDs.)
+ If we only have a path in $prefix, the code in normal to discover
+ config files will try all disks, both without partitions and then with
+ any partitions so we will cover both CDs and HDs.
+
+ However, it doesn't then set the prefix to be something like
+ (discovered partition)/path, and so it is fragile against runtime
+ changes to $root. For example some of the stuff done in 10_linux to
+ reload $root sets root differently and then uses search to find it
+ again. If the search module is not built in, when we change root, grub
+ will look in (new root)/path/powerpc-ieee1275, that won't work, and we
+ will not be able to load the search module and the boot will fail.
+
+ This is particularly likely to hit us in the grub-install
+ (,msdos2)/grub2 case, so we act unless the supplied prefix starts with
+ '(', which would likely indicate a partition has already been
+ specified.
*/
- if (grub_strchr (device, ',') == NULL)
+ if (prefix && prefix[0] != '(')
grub_env_set ("prefix", path);
else
#endif

View File

@ -0,0 +1,43 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Diego Domingos <diegdo@br.ibm.com>
Date: Thu, 24 Mar 2022 13:14:42 -0400
Subject: [PATCH] make ofdisk_retries optional
The feature Retry on Fail added to GRUB can cause a LPM to take
longer if the SAN is slow.
When a LPM to external site occur, the path of the disk can change
and thus the disk search function on grub can take some time since
it is used as a hint. This can cause the Retry on Fail feature to
try to access the disk 20x times (since this is hardcoded number)
and, if the SAN is slow, the boot time can increase a lot.
In some situations not acceptable.
The following patch enables a configuration at user space of the
maximum number of retries we want for this feature.
The variable ofdisk_retries should be set using grub2-editenv
and will be checked by retry function. If the variable is not set,
so the default number of retries will be used instead.
---
include/grub/ieee1275/ofdisk.h | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h
index 7d2d540930..0074d55eee 100644
--- a/include/grub/ieee1275/ofdisk.h
+++ b/include/grub/ieee1275/ofdisk.h
@@ -25,7 +25,12 @@ extern void grub_ofdisk_fini (void);
#define MAX_RETRIES 20
-#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \
+#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) \
+ unsigned max_retries = MAX_RETRIES; \
+ if(grub_env_get("ofdisk_retries") != NULL) \
+ max_retries = grub_strtoul(grub_env_get("ofdisk_retries"), 0, 10)+1; \
+ grub_dprintf("ofdisk","MAX_RETRIES set to %u\n",max_retries); \
+ unsigned retry_i=0;for(retry_i=0; retry_i < max_retries; retry_i++){ \
if(!grub_ieee1275_open(device, last_ihandle)) \
break; \
grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); }

View File

@ -18,7 +18,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit b4d70820a65c00561045856b7b8355461a9545f6)
(cherry picked from commit 05b16a6be50b1910609740a66b561276fa490538)
(cherry picked from commit 16486a34f3aa41a94e334e86db1a1e21e9b0a45f)
(cherry picked from commit 4a23f40cb6400d94621de688a7e79dfe124f5a63)
---
grub-core/loader/efi/chainloader.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)

View File

@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit 6080ad5d91d6a80d5f67c592dd33b6dd413e9453)
[rharwood: double frees and unintialized, context fuzz - orig_dp]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit b44b88ae45008611ec0469fb47139f4c0d1ee233)
---
grub-core/loader/efi/chainloader.c | 160 +++++++++++++++++++++++--------------
1 file changed, 102 insertions(+), 58 deletions(-)

View File

@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit 4322a64dde7e8fedb58e50b79408667129d45dd3)
(cherry picked from commit 937ad0e2159b6b8cb0d2ce3515da3a8b797c7927)
(cherry picked from commit 873038ae7048f6cae8a3ebb2f97a8d361a080e13)
(cherry picked from commit 7eefe9ba7e8f1557705f0f854ab7a3014d6cb5e2)
---
grub-core/commands/boot.c | 66 +++++++++++++++++++++++++++++++++++++++++------
include/grub/loader.h | 5 ++++

View File

@ -11,7 +11,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit 4b7f0402b7cb0f67a93be736f2b75b818d7f44c9)
(cherry picked from commit fc1a79bf0e0bc019362ace46d908a92b48dcd55b)
(cherry picked from commit f5b653dfe00271384ff7fbd82db926ab95dbd80e)
(cherry picked from commit 535a9d787f71ed6eb43e7c3a136a149684ec62ea)
[rharwood: context sludge from previous commit]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---

View File

@ -14,7 +14,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit 8224f5a71af94bec8697de17e7e579792db9f9e2)
(cherry picked from commit 4744b62e20d07674017213ac54d7442d679f9d1a)
(cherry picked from commit 329633cb060957c3d2aca677ac733f07b213a63f)
(cherry picked from commit 47b839b0a801ee4852447a85fb5de91dc7d2c856)
---
grub-core/loader/i386/efi/linux.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

View File

@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
[rharwood: verifying twice]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit df804892f1a754d88a9779320f9429bf40d2a1b3)
(cherry picked from commit d1b506f6c910b96ad47a20247b438c6402a74948)
---
grub-core/loader/i386/efi/linux.c | 146 +++++++++++++++++++++++---------------
1 file changed, 87 insertions(+), 59 deletions(-)

View File

@ -11,7 +11,6 @@ Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
(cherry picked from commit d98af31ce1e31bb22163960d53f5eb28c66582a0)
(cherry picked from commit 62234d6a00e6d1dd8e017ff161d359feb5234082)
(cherry picked from commit bda5a10716dc9676400dce1374232452f46d0bc4)
(cherry picked from commit b862299a8502282a09af8e6c6189edd5b0a368b0)
---
grub-core/loader/i386/efi/linux.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)

View File

@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 1499a5068839fa37cb77ecef4b5bdacbd1ed12ea)
(cherry picked from commit 2ec50b289d8b24922433439533113087f111f110)
(cherry picked from commit 17c36ae88d7d6040cabc01cd4a21e71ff4731668)
(cherry picked from commit 723e7dbedb7669343e564d453d21b8ed2ab81216)
---
grub-core/kern/file.c | 2 ++
1 file changed, 2 insertions(+)

View File

@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 882be97d1df6449b9fd4d593f0cb70005fde3494)
(cherry picked from commit 3f6fc3ebfd58fcdb3fe6c2f7a5a4fa05772ae786)
(cherry picked from commit aac5b8257d4078c3f764216aeae3367bdc19043f)
(cherry picked from commit e9e58c9711de334fcf48a651ee20c21f2855a4bd)
---
grub-core/video/readers/png.c | 55 ++++++++++++++++++++++++++++++++++++-------
1 file changed, 47 insertions(+), 8 deletions(-)

View File

@ -10,7 +10,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 8ce433557adeadbc46429aabb9f850b02ad2bdfb)
(cherry picked from commit 6e10bba6a4cbfd6c7bf116f41fd4e037465e19d8)
(cherry picked from commit 812272d919ecfd368c008f15b677d369616ada54)
(cherry picked from commit c04569b35600aa29d5b4cd8990a8ee1dd1162c72)
---
grub-core/video/readers/png.c | 3 +++
1 file changed, 3 insertions(+)

View File

@ -37,7 +37,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 4c631c8119206b3178912df2905434d967661c3d)
(cherry picked from commit 6d5d5f51266b8113c6ba560835500e3c135f3722)
(cherry picked from commit b20fc5589561a8c57a2071b2ae93fcdcf51a10d4)
---
grub-core/video/readers/png.c | 85 +++----------------------------------------
1 file changed, 6 insertions(+), 79 deletions(-)

View File

@ -18,7 +18,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 1ae9a91d42cb40da8a6f11fac65541858e340afa)
(cherry picked from commit 132ccc681cf642ad748580f26b54c9259a7f43fd)
(cherry picked from commit 3a70e1f6e69af6e0d3c3cf526faa44dc0c80ac19)
(cherry picked from commit 809d25ffa6b89d390a66d2f3cf3090196f07e2aa)
---
grub-core/video/readers/png.c | 7 +++++++
1 file changed, 7 insertions(+)

View File

@ -12,7 +12,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit c3a8ab0cbd24153ec7b1f84a96ddfdd72ef8d117)
(cherry picked from commit 5d09addf58086aa11d5f9a91af5632ff87c2d2ee)
(cherry picked from commit ff12584f9376a472f37d4ec14213fd29bf3b233a)
(cherry picked from commit ac8b5464a076d2e38ecf7f761be9cd1f5bbeb784)
---
grub-core/video/readers/png.c | 6 ++++++
1 file changed, 6 insertions(+)

View File

@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit ab2e5d2e4bff488bbb557ed435a61ae102ef9f0c)
(cherry picked from commit 1ff8df0d2dea8ec7c8575241d5e7d6622c204ec3)
(cherry picked from commit b07767383b74a0ce7135c09ba8701510d4ad32f0)
(cherry picked from commit 5f097165152d61d4aea02f26dc789d840147d50e)
---
grub-core/video/readers/jpeg.c | 86 ++++++++++++++++++++++++++++++++++--------
1 file changed, 70 insertions(+), 16 deletions(-)

View File

@ -11,7 +11,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit bc06e12b4de55cc6f926af9f064170c82b1403e9)
(cherry picked from commit 5298bf758ea39a90537f9a1c76541ff2f21b970b)
(cherry picked from commit aae6bac7f26c6b848156ed7adcff83309b833664)
(cherry picked from commit bc58c0da3aed59486042759a03fe61a9782e36ce)
---
grub-core/video/readers/jpeg.c | 3 +++
1 file changed, 3 insertions(+)

View File

@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit f3a854def3e281b7ad4bbea730cd3046de1da52f)
(cherry picked from commit db0154828989a0a52ee59a4dda8c3803752bc827)
(cherry picked from commit 75afb375ef46bc99a7faf5879d0283934e34db97)
(cherry picked from commit 82f8de94e19be775cdabd05528dc7acf0cb485a7)
---
grub-core/video/readers/jpeg.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

View File

@ -34,7 +34,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 41aeb2004db9924fecd9f2dd64bc2a5a5594a4b5)
(cherry picked from commit 5f9582490792108306d047379fed2371bee286f8)
(cherry picked from commit 7e4bf25d9bb5219fbf11c523296dc3bd78b80698)
(cherry picked from commit 397ecffe404b892470c41f4d24340526d3d33666)
---
grub-core/video/readers/jpeg.c | 4 ++++
1 file changed, 4 insertions(+)

View File

@ -17,7 +17,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit fdf32abc7a3928852422c0f291d8cd1dd6b34a8d)
(cherry picked from commit f2c10aaf335b88a69885375c4d68ffab2429df77)
(cherry picked from commit 4c942e1ba8d1f1199a58d2eb139022ae22f75cb2)
(cherry picked from commit 83efea59ad671d043b3a48fe0581f11beb63303c)
---
grub-core/normal/charset.c | 2 ++
1 file changed, 2 insertions(+)

View File

@ -14,7 +14,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit ee9591103004cd13b4efadda671536090ca7fd57)
(cherry picked from commit acde668bb9d9fa862a1a63e3bbd5fa47fdfa9183)
(cherry picked from commit e47ad2eb4fe38ef2bdcab52245286f31170e73e3)
(cherry picked from commit 3517b6baf69ee77065f0216ff29190ad392a2c84)
---
grub-core/net/netbuff.c | 13 +++++++++++++
1 file changed, 13 insertions(+)

View File

@ -12,7 +12,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit eb74e5743ca7e18a5e75c392fe0b21d1549a1936)
(cherry picked from commit 552ad34583e788542e9ca08524a0d4bc8f98c297)
(cherry picked from commit 2c8cb7e3b8b48b136a950e5692fa6251b76df90e)
(cherry picked from commit 17bb2fe79e6b9688cf2008b840af9022804204ec)
---
grub-core/net/ip.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)

View File

@ -34,7 +34,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit eb2e69fcf51307757e43f55ee8c9354d1ee42dd1)
(cherry picked from commit d801a27e7acec6c1a83067fab0bb975877eaf704)
(cherry picked from commit 4d8b6e36ddfda4084e370b3b08c432e8a462e9be)
(cherry picked from commit ae133c18f304cb0a22c569c98abc62e15ccf56d0)
---
grub-core/net/dns.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

View File

@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 6a97b3f4b1d5173aa516edc6dedbc63de7306d21)
(cherry picked from commit e0589624e86bc96666cbdb62f6e55cafec2871b3)
(cherry picked from commit 95ecbc0b9aacfd43ba96cccc50daaf39eccd9f7f)
(cherry picked from commit 110eee925ecd9efeebb8d018b042fcf067a443c2)
---
grub-core/net/dns.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)

View File

@ -46,7 +46,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit dada1dda695439bb55b2848dddc2d89843552f81)
(cherry picked from commit 352c5ae8a9fc715712e6ecbd7ccb6218122c748f)
(cherry picked from commit 61a010085ab9f0ecf42677773a6fc212f1579b0a)
(cherry picked from commit 277d38531a47be78ac5062894e449726db2baf65)
---
grub-core/net/net.c | 11 +++++++++--
grub-core/net/tftp.c | 1 +

View File

@ -6,7 +6,6 @@ Subject: [PATCH] misc: Format string for grub_error() should be a literal
Signed-off-by: Glenn Washburn <development@efficientek.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry-picked from commit 60875f4e15d704b875969b415501802b531c4db3)
(cherry-picked from commit 6353cbd63cb3615a2b7aece183e3b177250d9415)
---
grub-core/loader/efi/chainloader.c | 2 +-
grub-core/net/tftp.c | 2 +-

View File

@ -16,7 +16,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 956f4329cec23e4375182030ca9b2be631a61ba5)
(cherry picked from commit dbe9abcdee6ce796811111b67e3f24eefe2135d1)
(cherry picked from commit 72ae9c5d389d2c0337c44edead6e00db0bb84039)
(cherry picked from commit 6a367d5b45cee3b452319cbaba1052f045c68081)
---
grub-core/net/tftp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

View File

@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit ec233d3ecf995293304de443579aab5c46c49e85)
(cherry picked from commit d39cf87ed701b9f0900daed7f672e07994d37ce8)
(cherry picked from commit e0aa5c3acec70eac3489d6df1893a93726cbce3a)
(cherry picked from commit d29000397693cae279291b75ff89e5b9a5e2ed97)
---
grub-core/net/http.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

View File

@ -27,7 +27,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit e9fb459638811c12b0989dbf64e3e124974ef617)
(cherry picked from commit b604916beb6c39e8ed27f72851eb16f3eaa293c5)
(cherry picked from commit c3c6b1167a43275991efd6847160a46ce3839fae)
(cherry picked from commit 9b4ef71ed4f6fce00e868e3223cdbfb734e840d6)
---
grub-core/net/http.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)

View File

@ -24,7 +24,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit d232ad41ac4979a9de4d746e5fdff9caf0e303de)
(cherry picked from commit 8960e6d6137090a7e8c6592077da6e387a4ef972)
(cherry picked from commit 9b6b9398c90dd76ce0b935d21c4ecb8954c4b2b7)
(cherry picked from commit 3eef2cc845f7ed34a89d8d0a7042d7768e43eaad)
---
grub-core/net/http.c | 8 ++++++++
1 file changed, 8 insertions(+)

View File

@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit a3988cb3f0a108dd67ac127a79a4c8479d23334e)
(cherry picked from commit 7125978aa7d6068812ef6da0ab38ce521ae7eba1)
(cherry picked from commit e488538cbf9fc63796c7047550b0598e1ef95c03)
(cherry picked from commit a2e520d7ced2ded854fb24f3718530e1e6d7dd5e)
---
grub-core/fs/f2fs.c | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)

View File

@ -23,7 +23,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 62d63d5e38c67a6e349148bf7cb87c560e935a7e)
(cherry picked from commit 92219e6d379b5b4d30b05361830b72ab1d95d281)
(cherry picked from commit c23d97e3b56594bf0f802d94062e14b221143115)
(cherry picked from commit e9536dd7fbdc632efbe3506386dbfb3bfc0465c8)
---
grub-core/fs/f2fs.c | 33 +++++++++++++++++++++++++++------
1 file changed, 27 insertions(+), 6 deletions(-)

View File

@ -19,7 +19,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 9a891f638509e031d322c94e3cbcf38d36f3993a)
(cherry picked from commit 13f9160ae0d2806baed459884999356817096cd7)
(cherry picked from commit a48ba4d48b3c66431e6bbeb386078efc6602110c)
(cherry picked from commit f0440b61cebbab807638b90eb2ae86265d6cf49f)
---
grub-core/fs/f2fs.c | 4 ++++
1 file changed, 4 insertions(+)

View File

@ -24,7 +24,6 @@ Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit e3e21b9a81aea09dd43368cf097c1029a8380d82)
(cherry picked from commit ab14a39777edb60c99751d4fdf1cc254a4faebf5)
(cherry picked from commit 90a9fbd5969325993e069ee5a04a802b59657920)
---
grub-core/fs/btrfs.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)

View File

@ -12,7 +12,6 @@ Signed-off-by: Marco A Benatto <mbenatto@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 04ae030d0eea8668d4417702d88bf2cf04713d80)
(cherry picked from commit ed33b47f00bc0d728197357b8ae632028f91599b)
---
grub-core/commands/efi/efifwsetup.c | 8 ++++----
grub-core/kern/efi/efi.c | 16 +++++++++-------

View File

@ -12,7 +12,6 @@ Signed-off-by: Marco A Benatto <mbenatto@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit ac5c9367548750e75ed1e7fc4354a3d20186d733)
(cherry picked from commit 51b11f8b3ab96c38efb1636d9c53b5a86503f1f2)
---
grub-core/kern/efi/efi.c | 16 +++++++++++++---
include/grub/efi/efi.h | 5 +++++

View File

@ -9,7 +9,6 @@ lock protocol definition and some other guids we don't care about right
now.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit e44d6f8e801fae4716dd2528d7194f759c52aa12)
---
include/grub/efi/api.h | 5 +++++
1 file changed, 5 insertions(+)

View File

@ -20,7 +20,6 @@ create uniquely named internal variables.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 2d6800450fa731d7b3ef9893986806e88e819eb6)
(cherry picked from commit adaf6a5ae66fb8a23274e3030e9df2714d0fc396)
(cherry picked from commit 5282d19d1942d9c3470337a84aa4a92562ba1575)
---
grub-core/loader/multiboot_elfxx.c | 4 +---
include/grub/misc.h | 25 +++++++++++++++++++++++--

View File

@ -10,7 +10,6 @@ instead.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 5fc601574fce99b32fe4dfb55bd8f3ab0175fd6a)
(cherry picked from commit 31e581893c564582c729fd0c033d3ce021854be8)
(cherry picked from commit 2c46aae48eabcf91d7ed34a7bed2b59aa80c2c03)
---
grub-core/fs/reiserfs.c | 28 +++++++++-------------------
1 file changed, 9 insertions(+), 19 deletions(-)

View File

@ -14,7 +14,6 @@ in DEBUG, regardless of BOOT_TIME_STATS.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 4fd282de00df05ce289467861deb7a0e186cfbd7)
(cherry picked from commit cc7e60a9f3ad1fa74b9cd48a7e66b1976f9a554a)
(cherry picked from commit 9e78e5749d5c99a01c96c9c0d9ec3e98633a4cbd)
---
grub-core/kern/misc.c | 3 ++-
include/grub/misc.h | 2 +-

View File

@ -13,7 +13,6 @@ set.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 2eff3e2c9d9e6b75daa81b840c96f112ef7d5de6)
(cherry picked from commit 3c3c1858d1c056eee660d67888be80e7eae498ca)
(cherry picked from commit ebcce09e35ef6916a2d1ddbf0906e9f3f5c539ad)
---
include/grub/dl.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

View File

@ -18,7 +18,6 @@ failure is just reversion to the status quo, so that's not a big problem.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit e85d1c4d795f8135ad0acfa36d64760d12d6fed1)
(cherry picked from commit d3024204b2e2c69ecb91392eeb87c1e6835c3743)
(cherry picked from commit f729241a34394b1019d83d75ffe6bfe0986ab274)
---
grub-core/genmod.sh.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

View File

@ -17,7 +17,6 @@ loop does.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 03215e342f552396ab08125ea769b1e166417ec1)
(cherry picked from commit 91518751b9bcba078e3f4385f4b2f6c39cab49cd)
(cherry picked from commit ee945970425488bd5b72d837706764a6a0fde46c)
---
grub-core/kern/dl.c | 3 +++
1 file changed, 3 insertions(+)

View File

@ -17,7 +17,6 @@ define, and adds defines for the actual PE magic.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 955f47aa8300387eecf18b0866d21dde7720593d)
(cherry picked from commit 662744c2e986cb770fe49e71e019aaf33a66272d)
(cherry picked from commit 4b541b7e76b77d131ff534e537a622551e774a2b)
---
grub-core/loader/arm64/linux.c | 2 +-
include/grub/efi/pe32.h | 28 ++++++++++++++++++++++++++--

View File

@ -16,7 +16,6 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 8b31058a12d3e85f0f0180ac90b98d6465fccbb7)
(cherry picked from commit 460df66aab9b3a57fc0d14a21a595cd467c4b13e)
(cherry picked from commit 2380ad45c78ed12710f1186eda9f2ba38c20f6ba)
---
grub-core/loader/i386/efi/linux.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)

View File

@ -58,7 +58,6 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 04f1df6b665493e38de66018aebe377fdac4ceec)
[rharwood: not risc-v yet]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 62c48da3ef51fc4f98746fbc35791ec2beab0426)
---
grub-core/kern/arm/dl.c | 13 +++++++++++++
grub-core/kern/arm64/dl.c | 13 +++++++++++++

View File

@ -23,7 +23,6 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 46cb4f9557bdba1db0a17d012df705d94d81a9f6)
[rharwood: context fuzz, guids]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 7d8eea48e82c4ef572cc0f9d3252487c1d7e5729)
---
grub-core/kern/efi/efi.c | 36 +++++++++++++
grub-core/kern/efi/mm.c | 131 +++++++++++++++++++++++++++++++++++++++++++++++

View File

@ -17,7 +17,6 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry-picked from commit ca74904ede0406b594cbedc52ce8e38a6633d2ae)
(cherry picked from commit 2e2e72026f41cf7cffeb46a6a47f3c67d0b3be45)
(cherry picked from commit 736e5ccd9175d31ebea848f3b627f3e99988bb0a)
---
grub-core/kern/dl.c | 120 +++++++++++++++++++++++++++++++++++++++-------------
include/grub/dl.h | 44 +++++++++++++++++++

View File

@ -15,7 +15,6 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit daba852bd3e4d7b7784b19cf7acf107dc3c0dce4)
[rharwood: stack_attrs initialization, no risc-v, arm renames, arm age]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 3a402a2e54b3468b20eae182d98913600a6b68dd)
---
grub-core/kern/efi/mm.c | 78 ++++++++++++++++++
grub-core/loader/arm64/linux.c | 16 +++-

View File

@ -18,7 +18,8 @@ GRUB_PE32_NX_COMPAT, and changes grub-mkimage to set that flag.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 0c7f1aed5a87f75051b421903a900ccb4bbd795a)
(cherry picked from commit 2f9446d488da96de963f4ffe03b0a1c60a4664f5)
(cherry picked from commit f56671343622b0e0216340cd07e77dfc4e88a97a)
[rharwood: fix uninitialized use of stack_attrs]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
util/mkimage.c | 1 +
1 file changed, 1 insertion(+)

View File

@ -7,7 +7,6 @@ Has a new type now that we have 04ae030d0eea8668d4417702d88bf2cf04713d80
("efi: Return grub_efi_status_t from grub_efi_get_variable()").
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit d27cee05d31a9612f0b877d2de727b22cc3ec51a)
---
grub-core/kern/efi/init.c | 4 ++--
grub-core/kern/efi/sb.c | 4 ++--

View File

@ -0,0 +1,47 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 29 Jul 2022 15:56:00 -0400
Subject: [PATCH] Make debug=file show which file filters get run.
If one of the file filters breaks things, it's hard to figure out where
it has happened.
This makes grub log which filter is being run, which makes it easier to
figure out where you are in the sequence of events.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit d3d6518a13b5440a3be6c66b0ae47447182f2891)
(cherry picked from commit d197e70761b1383827e9008e21ee41c6c7015776)
---
grub-core/kern/file.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c
index f062fc21e7..5e1f29d0dd 100644
--- a/grub-core/kern/file.c
+++ b/grub-core/kern/file.c
@@ -30,6 +30,14 @@ void (*EXPORT_VAR (grub_grubnet_fini)) (void);
grub_file_filter_t grub_file_filters[GRUB_FILE_FILTER_MAX];
+static char *filter_names[] = {
+ [GRUB_FILE_FILTER_VERIFY] = "GRUB_FILE_FILTER_VERIFY",
+ [GRUB_FILE_FILTER_GZIO] = "GRUB_FILE_FILTER_GZIO",
+ [GRUB_FILE_FILTER_XZIO] = "GRUB_FILE_FILTER_XZIO",
+ [GRUB_FILE_FILTER_LZOPIO] = "GRUB_FILE_FILTER_LZOPIO",
+ [GRUB_FILE_FILTER_MAX] = "GRUB_FILE_FILTER_MAX"
+};
+
/* Get the device part of the filename NAME. It is enclosed by parentheses. */
char *
grub_file_get_device_name (const char *name)
@@ -121,6 +129,9 @@ grub_file_open (const char *name, enum grub_file_type type)
if (grub_file_filters[filter])
{
last_file = file;
+ if (filter < GRUB_FILE_FILTER_MAX)
+ grub_dprintf ("file", "Running %s file filter\n",
+ filter_names[filter]);
file = grub_file_filters[filter] (file, type);
if (file && file != last_file)
{

View File

@ -0,0 +1,83 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 1 Aug 2022 14:06:30 -0400
Subject: [PATCH] efi: use enumerated array positions for our allocation
choices
In our kernel allocator on EFI systems, we currently have a growing
amount of code that references the various allocation policies by
position in the array, and of course maintenance of this code scales
very poorly.
This patch changes them to be enumerated, so they're easier to refer to
farther along in the code without confusion.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 6768026270cca015d7fef0ecc8a4119e9b3d3923)
(cherry picked from commit 50b2ca3274b6950393a4ffc7edde04a1a3de594e)
---
grub-core/loader/i386/efi/linux.c | 31 ++++++++++++++++++++-----------
1 file changed, 20 insertions(+), 11 deletions(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index d80d6ec312..23b27f6507 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -60,17 +60,26 @@ struct allocation_choice {
grub_efi_allocate_type_t alloc_type;
};
-static struct allocation_choice max_addresses[4] =
+enum {
+ KERNEL_PREF_ADDRESS,
+ KERNEL_4G_LIMIT,
+ KERNEL_NO_LIMIT,
+};
+
+static struct allocation_choice max_addresses[] =
{
/* the kernel overrides this one with pref_address and
* GRUB_EFI_ALLOCATE_ADDRESS */
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ [KERNEL_PREF_ADDRESS] =
+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ /* If the flag in params is set, this one gets changed to be above 4GB. */
+ [KERNEL_4G_LIMIT] =
+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
/* this one is always below 4GB, which we still *prefer* even if the flag
* is set. */
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
- /* If the flag in params is set, this one gets changed to be above 4GB. */
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
- { 0, 0 }
+ [KERNEL_NO_LIMIT] =
+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ { NO_MEM, 0, 0 }
};
static struct allocation_choice saved_addresses[4];
@@ -423,7 +432,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
if (lh->xloadflags & LINUX_XLF_CAN_BE_LOADED_ABOVE_4G)
{
grub_dprintf ("linux", "Loading kernel above 4GB is supported; enabling.\n");
- max_addresses[2].addr = GRUB_EFI_MAX_USABLE_ADDRESS;
+ max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_USABLE_ADDRESS;
}
else
{
@@ -495,11 +504,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_dprintf ("linux", "lh->pref_address: %p\n", (void *)(grub_addr_t)lh->pref_address);
if (lh->pref_address < (grub_uint64_t)GRUB_EFI_MAX_ALLOCATION_ADDRESS)
{
- max_addresses[0].addr = lh->pref_address;
- max_addresses[0].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS;
+ max_addresses[KERNEL_PREF_ADDRESS].addr = lh->pref_address;
+ max_addresses[KERNEL_PREF_ADDRESS].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS;
}
- max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
- max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
+ max_addresses[KERNEL_4G_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
+ max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
kernel_size = lh->init_size;
kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE,
N_("can't allocate kernel"));

View File

@ -0,0 +1,129 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 1 Aug 2022 14:24:39 -0400
Subject: [PATCH] efi: split allocation policy for kernel vs initrd memories.
Currently in our kernel allocator, we use the same set of choices for
all of our various kernel and initramfs allocations, though they do not
have exactly the same constraints.
This patch adds the concept of an allocation purpose, which currently
can be KERNEL_MEM or INITRD_MEM, and updates kernel_alloc() calls
appropriately, but does not change any current policy decision. It
also adds a few debug prints.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 36307bed28cd838116fc4af26a30719660d62d4c)
(cherry picked from commit dc1196350b0cbe89582832f44df0fce67e0c9fb2)
---
grub-core/loader/i386/efi/linux.c | 35 +++++++++++++++++++++++++++--------
1 file changed, 27 insertions(+), 8 deletions(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 23b27f6507..09e7596064 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -55,7 +55,14 @@ struct grub_linuxefi_context {
#define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12)
+typedef enum {
+ NO_MEM,
+ KERNEL_MEM,
+ INITRD_MEM,
+} kernel_alloc_purpose_t;
+
struct allocation_choice {
+ kernel_alloc_purpose_t purpose;
grub_efi_physical_address_t addr;
grub_efi_allocate_type_t alloc_type;
};
@@ -64,6 +71,7 @@ enum {
KERNEL_PREF_ADDRESS,
KERNEL_4G_LIMIT,
KERNEL_NO_LIMIT,
+ INITRD_MAX_ADDRESS,
};
static struct allocation_choice max_addresses[] =
@@ -71,14 +79,17 @@ static struct allocation_choice max_addresses[] =
/* the kernel overrides this one with pref_address and
* GRUB_EFI_ALLOCATE_ADDRESS */
[KERNEL_PREF_ADDRESS] =
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
/* If the flag in params is set, this one gets changed to be above 4GB. */
[KERNEL_4G_LIMIT] =
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
/* this one is always below 4GB, which we still *prefer* even if the flag
* is set. */
[KERNEL_NO_LIMIT] =
- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
+ /* this is for the initrd */
+ [INITRD_MAX_ADDRESS] =
+ { INITRD_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS },
{ NO_MEM, 0, 0 }
};
static struct allocation_choice saved_addresses[4];
@@ -95,7 +106,8 @@ kernel_free(void *addr, grub_efi_uintn_t size)
}
static void *
-kernel_alloc(grub_efi_uintn_t size,
+kernel_alloc(kernel_alloc_purpose_t purpose,
+ grub_efi_uintn_t size,
grub_efi_memory_type_t memtype,
const char * const errmsg)
{
@@ -108,6 +120,9 @@ kernel_alloc(grub_efi_uintn_t size,
grub_uint64_t max = max_addresses[i].addr;
grub_efi_uintn_t pages;
+ if (purpose != max_addresses[i].purpose)
+ continue;
+
/*
* When we're *not* loading the kernel, or >4GB allocations aren't
* supported, these entries are basically all the same, so don't re-try
@@ -262,7 +277,8 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[])
}
}
- initrd_mem = kernel_alloc(size, GRUB_EFI_RUNTIME_SERVICES_DATA,
+ grub_dprintf ("linux", "Trying to allocate initrd mem\n");
+ initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_RUNTIME_SERVICES_DATA,
N_("can't allocate initrd"));
if (initrd_mem == NULL)
goto fail;
@@ -440,7 +456,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
}
#endif
- params = kernel_alloc (sizeof(*params), GRUB_EFI_RUNTIME_SERVICES_DATA,
+ params = kernel_alloc (KERNEL_MEM, sizeof(*params),
+ GRUB_EFI_RUNTIME_SERVICES_DATA,
"cannot allocate kernel parameters");
if (!params)
goto fail;
@@ -462,7 +479,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_dprintf ("linux", "new lh is at %p\n", lh);
grub_dprintf ("linux", "setting up cmdline\n");
- cmdline = kernel_alloc (lh->cmdline_size + 1,
+ cmdline = kernel_alloc (KERNEL_MEM, lh->cmdline_size + 1,
GRUB_EFI_RUNTIME_SERVICES_DATA,
N_("can't allocate cmdline"));
if (!cmdline)
@@ -510,7 +527,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
max_addresses[KERNEL_4G_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
kernel_size = lh->init_size;
- kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE,
+ grub_dprintf ("linux", "Trying to allocate kernel mem\n");
+ kernel_mem = kernel_alloc (KERNEL_MEM, kernel_size,
+ GRUB_EFI_RUNTIME_SERVICES_CODE,
N_("can't allocate kernel"));
restore_addresses();
if (!kernel_mem)

View File

@ -0,0 +1,63 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 1 Aug 2022 13:04:43 -0400
Subject: [PATCH] efi: use EFI_LOADER_(CODE|DATA) for kernel and initrd
allocations
At some point due to an erroneous kernel warning, we switched kernel and
initramfs to being loaded in EFI_RUNTIME_SERVICES_CODE and
EFI_RUNTIME_SERVICES_DATA memory pools. This doesn't appear to be
correct according to the spec, and that kernel warning has gone away.
This patch puts them back in EFI_LOADER_CODE and EFI_LOADER_DATA
allocations, respectively.
Resolves: rhbz#2108456
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 35b5d5fa47bc394c76022e6595b173e68f53225e)
(cherry picked from commit 66e1c922b40957fca488435e06a2f875a219844b)
---
grub-core/loader/i386/efi/linux.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 09e7596064..4d39023792 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -278,7 +278,7 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[])
}
grub_dprintf ("linux", "Trying to allocate initrd mem\n");
- initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_RUNTIME_SERVICES_DATA,
+ initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_LOADER_DATA,
N_("can't allocate initrd"));
if (initrd_mem == NULL)
goto fail;
@@ -457,7 +457,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
#endif
params = kernel_alloc (KERNEL_MEM, sizeof(*params),
- GRUB_EFI_RUNTIME_SERVICES_DATA,
+ GRUB_EFI_LOADER_DATA,
"cannot allocate kernel parameters");
if (!params)
goto fail;
@@ -480,7 +480,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_dprintf ("linux", "setting up cmdline\n");
cmdline = kernel_alloc (KERNEL_MEM, lh->cmdline_size + 1,
- GRUB_EFI_RUNTIME_SERVICES_DATA,
+ GRUB_EFI_LOADER_DATA,
N_("can't allocate cmdline"));
if (!cmdline)
goto fail;
@@ -529,7 +529,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
kernel_size = lh->init_size;
grub_dprintf ("linux", "Trying to allocate kernel mem\n");
kernel_mem = kernel_alloc (KERNEL_MEM, kernel_size,
- GRUB_EFI_RUNTIME_SERVICES_CODE,
+ GRUB_EFI_LOADER_CODE,
N_("can't allocate kernel"));
restore_addresses();
if (!kernel_mem)

View File

@ -0,0 +1,72 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Diego Domingos <diegodo@linux.vnet.ibm.com>
Date: Thu, 25 Aug 2022 11:37:56 -0400
Subject: [PATCH] ieee1275: implement vec5 for cas negotiation
As a legacy support, if the vector 5 is not implemented, Power
Hypervisor will consider the max CPUs as 64 instead 256 currently
supported during client-architecture-support negotiation.
This patch implements the vector 5 and set the MAX CPUs to 256 while
setting the others values to 0 (default).
Signed-off-by: Diego Domingos <diegodo@linux.vnet.ibm.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit f735c65b6da8a9d4251242b37774e1a517511253)
(cherry picked from commit 1639f43b2db4ac405ac2a92e50ed4cff351c3baa)
---
grub-core/kern/ieee1275/init.c | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index 1414695cc6..37f3098c39 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -307,6 +307,18 @@ struct option_vector2 {
grub_uint8_t max_pft_size;
} __attribute__((packed));
+struct option_vector5 {
+ grub_uint8_t byte1;
+ grub_uint8_t byte2;
+ grub_uint8_t byte3;
+ grub_uint8_t cmo;
+ grub_uint8_t associativity;
+ grub_uint8_t bin_opts;
+ grub_uint8_t micro_checkpoint;
+ grub_uint8_t reserved0;
+ grub_uint32_t max_cpus;
+} __attribute__((packed));
+
struct pvr_entry {
grub_uint32_t mask;
grub_uint32_t entry;
@@ -325,6 +337,8 @@ struct cas_vector {
grub_uint16_t vec3;
grub_uint8_t vec4_size;
grub_uint16_t vec4;
+ grub_uint8_t vec5_size;
+ struct option_vector5 vec5;
} __attribute__((packed));
/* Call ibm,client-architecture-support to try to get more RMA.
@@ -345,7 +359,7 @@ grub_ieee1275_ibm_cas (void)
} args;
struct cas_vector vector = {
.pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */
- .num_vecs = 4 - 1,
+ .num_vecs = 5 - 1,
.vec1_size = 0,
.vec1 = 0x80, /* ignore */
.vec2_size = 1 + sizeof(struct option_vector2) - 2,
@@ -356,6 +370,10 @@ grub_ieee1275_ibm_cas (void)
.vec3 = 0x00e0, // ask for FP + VMX + DFP but don't halt if unsatisfied
.vec4_size = 2 - 1,
.vec4 = 0x0001, // set required minimum capacity % to the lowest value
+ .vec5_size = 1 + sizeof(struct option_vector5) - 2,
+ .vec5 = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 256
+ }
};
INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2);

View File

@ -379,11 +379,11 @@ for x in grub-mkimage ; do \\\
done \
%{nil}
%global grub_modules " all_video boot blscfg \\\
%global grub_modules " all_video boot blscfg \\\
cat configfile cryptodisk echo ext2 \\\
fat font gcry_rijndael gcry_rsa gcry_serpent \\\
gcry_sha256 gcry_twofish gcry_whirlpool \\\
gfxmenu gfxterm gzio halt http \\\
gfxmenu gfxterm gzio halt http \\\
increment iso9660 jpeg loadenv loopback linux \\\
lvm luks mdraid09 mdraid1x minicmd net \\\
normal part_apple part_msdos part_gpt \\\
@ -596,7 +596,7 @@ touch ${RPM_BUILD_ROOT}/boot/%{name}/grub.cfg \
%{expand:%%files %{1}} \
%defattr(-,root,root,-) \
%config(noreplace) %{_sysconfdir}/%{name}.cfg \
%ghost %config(noreplace) /boot/%{name}/grub.cfg \
%ghost %config(noreplace) %attr(0700,root,root)/boot/%{name}/grub.cfg \
%dir %attr(0700,root,root)/boot/loader/entries \
%ifarch ppc64le \
%dir %{_libdir}/grub/%{2}/ \

View File

@ -498,52 +498,62 @@ Patch0497: 0497-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
Patch0498: 0498-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
Patch0499: 0499-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
Patch0500: 0500-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
Patch0501: 0501-loader-efi-chainloader-grub_load_and_start_image-doe.patch
Patch0502: 0502-loader-efi-chainloader-simplify-the-loader-state.patch
Patch0503: 0503-commands-boot-Add-API-to-pass-context-to-loader.patch
Patch0504: 0504-loader-efi-chainloader-Use-grub_loader_set_ex.patch
Patch0505: 0505-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch
Patch0506: 0506-loader-i386-efi-linux-Use-grub_loader_set_ex.patch
Patch0507: 0507-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch
Patch0508: 0508-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch
Patch0509: 0509-video-readers-png-Abort-sooner-if-a-read-operation-f.patch
Patch0510: 0510-video-readers-png-Refuse-to-handle-multiple-image-he.patch
Patch0511: 0511-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
Patch0512: 0512-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch
Patch0513: 0513-video-readers-png-Sanity-check-some-huffman-codes.patch
Patch0514: 0514-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
Patch0515: 0515-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch
Patch0516: 0516-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
Patch0517: 0517-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch
Patch0518: 0518-normal-charset-Fix-array-out-of-bounds-formatting-un.patch
Patch0519: 0519-net-netbuff-Block-overly-large-netbuff-allocs.patch
Patch0520: 0520-net-ip-Do-IP-fragment-maths-safely.patch
Patch0521: 0521-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch
Patch0522: 0522-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch
Patch0523: 0523-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch
Patch0524: 0524-misc-Format-string-for-grub_error-should-be-a-litera.patch
Patch0525: 0525-net-tftp-Avoid-a-trivial-UAF.patch
Patch0526: 0526-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch
Patch0527: 0527-net-http-Fix-OOB-write-for-split-http-headers.patch
Patch0528: 0528-net-http-Error-out-on-headers-with-LF-without-CR.patch
Patch0529: 0529-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch
Patch0530: 0530-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch
Patch0531: 0531-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch
Patch0532: 0532-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch
Patch0533: 0533-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch
Patch0534: 0534-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch
Patch0535: 0535-Define-GRUB_EFI_SHIM_LOCK_GUID.patch
Patch0536: 0536-misc-Make-grub_min-and-grub_max-more-resilient.patch
Patch0537: 0537-ReiserFS-switch-to-using-grub_min-grub_max.patch
Patch0538: 0538-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch
Patch0539: 0539-modules-make-.module_license-read-only.patch
Patch0540: 0540-modules-strip-.llvm_addrsig-sections-and-similar.patch
Patch0541: 0541-modules-Don-t-allocate-space-for-non-allocable-secti.patch
Patch0542: 0542-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch
Patch0543: 0543-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch
Patch0544: 0544-modules-load-module-sections-at-page-aligned-address.patch
Patch0545: 0545-nx-add-memory-attribute-get-set-API.patch
Patch0546: 0546-nx-set-page-permissions-for-loaded-modules.patch
Patch0547: 0547-nx-set-attrs-in-our-kernel-loaders.patch
Patch0548: 0548-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch
Patch0549: 0549-Fixup-grub_efi_get_variable-type-in-our-loaders.patch
Patch0501: 0501-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch
Patch0502: 0502-ibmvtpm-Backport-ibmvtpm-support-to-grub-2.02.patch
Patch0503: 0503-powerpc-do-CAS-in-a-more-compatible-way.patch
Patch0504: 0504-powerpc-prefix-detection-support-device-names-with-c.patch
Patch0505: 0505-make-ofdisk_retries-optional.patch
Patch0506: 0506-loader-efi-chainloader-grub_load_and_start_image-doe.patch
Patch0507: 0507-loader-efi-chainloader-simplify-the-loader-state.patch
Patch0508: 0508-commands-boot-Add-API-to-pass-context-to-loader.patch
Patch0509: 0509-loader-efi-chainloader-Use-grub_loader_set_ex.patch
Patch0510: 0510-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch
Patch0511: 0511-loader-i386-efi-linux-Use-grub_loader_set_ex.patch
Patch0512: 0512-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch
Patch0513: 0513-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch
Patch0514: 0514-video-readers-png-Abort-sooner-if-a-read-operation-f.patch
Patch0515: 0515-video-readers-png-Refuse-to-handle-multiple-image-he.patch
Patch0516: 0516-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
Patch0517: 0517-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch
Patch0518: 0518-video-readers-png-Sanity-check-some-huffman-codes.patch
Patch0519: 0519-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
Patch0520: 0520-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch
Patch0521: 0521-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
Patch0522: 0522-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch
Patch0523: 0523-normal-charset-Fix-array-out-of-bounds-formatting-un.patch
Patch0524: 0524-net-netbuff-Block-overly-large-netbuff-allocs.patch
Patch0525: 0525-net-ip-Do-IP-fragment-maths-safely.patch
Patch0526: 0526-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch
Patch0527: 0527-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch
Patch0528: 0528-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch
Patch0529: 0529-misc-Format-string-for-grub_error-should-be-a-litera.patch
Patch0530: 0530-net-tftp-Avoid-a-trivial-UAF.patch
Patch0531: 0531-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch
Patch0532: 0532-net-http-Fix-OOB-write-for-split-http-headers.patch
Patch0533: 0533-net-http-Error-out-on-headers-with-LF-without-CR.patch
Patch0534: 0534-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch
Patch0535: 0535-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch
Patch0536: 0536-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch
Patch0537: 0537-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch
Patch0538: 0538-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch
Patch0539: 0539-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch
Patch0540: 0540-Define-GRUB_EFI_SHIM_LOCK_GUID.patch
Patch0541: 0541-misc-Make-grub_min-and-grub_max-more-resilient.patch
Patch0542: 0542-ReiserFS-switch-to-using-grub_min-grub_max.patch
Patch0543: 0543-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch
Patch0544: 0544-modules-make-.module_license-read-only.patch
Patch0545: 0545-modules-strip-.llvm_addrsig-sections-and-similar.patch
Patch0546: 0546-modules-Don-t-allocate-space-for-non-allocable-secti.patch
Patch0547: 0547-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch
Patch0548: 0548-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch
Patch0549: 0549-modules-load-module-sections-at-page-aligned-address.patch
Patch0550: 0550-nx-add-memory-attribute-get-set-API.patch
Patch0551: 0551-nx-set-page-permissions-for-loaded-modules.patch
Patch0552: 0552-nx-set-attrs-in-our-kernel-loaders.patch
Patch0553: 0553-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch
Patch0554: 0554-Fixup-grub_efi_get_variable-type-in-our-loaders.patch
Patch0555: 0555-Make-debug-file-show-which-file-filters-get-run.patch
Patch0556: 0556-efi-use-enumerated-array-positions-for-our-allocatio.patch
Patch0557: 0557-efi-split-allocation-policy-for-kernel-vs-initrd-mem.patch
Patch0558: 0558-efi-use-EFI_LOADER_-CODE-DATA-for-kernel-and-initrd-.patch
Patch0559: 0559-ieee1275-implement-vec5-for-cas-negotiation.patch

Binary file not shown.

Binary file not shown.

View File

@ -7,7 +7,7 @@
Name: grub2
Epoch: 1
Version: 2.02
Release: 123%{?dist}.8
Release: 142%{?dist}
Summary: Bootloader with support for Linux, Multiboot and more
Group: System Environment/Base
License: GPLv3+
@ -28,8 +28,8 @@ Source13: redhatsecurebootca3.cer
Source14: redhatsecureboot301.cer
Source15: redhatsecurebootca5.cer
Source16: redhatsecureboot502.cer
Source17: redhatsecureboot303.cer
Source18: redhatsecureboot601.cer
Source17: redhatsecureboot601.cer
Source18: redhatsecureboot701.cer
Source19: sbat.csv.in
%include %{SOURCE1}
@ -46,7 +46,7 @@ Source19: sbat.csv.in
%ifarch ppc64le
%define old_sb_cer %{SOURCE17}
%define sb_cer %{SOURCE18}
%define sb_key redhatsecureboot602
%define sb_key redhatsecureboot702
%endif
# generate with do-rebase
@ -510,23 +510,58 @@ fi
%endif
%changelog
* Fri Jun 03 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-123.el8_6.8
* Thu Sep 08 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-142
- Drop the arena size changes
- Resolves: #2118896
* Thu Aug 25 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-141
- Implement vec5 for cas negotiation
- Resolves: #2117914
* Wed Aug 24 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-140
- Or two, because I forgot the debug patch
- Resolves: #2118896
* Thu Aug 18 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-139
- Kernel allocator fixups (in one pass)
- Resolves: #2118896
* Wed Jul 20 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-138
- Rotate signing keys on ppc64le
- Resolves: #2074762
* Fri Jun 03 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-137
- CVE fixes for 2022-06-07
- CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733
- CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
- Resolves: #2031899
- Resolves: #2070687
* Mon May 16 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-129
- ppc64le: Slow boot after LPM
- Resolves: #2070347
* Wed May 04 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-127
- ppc64le: CAS improvements, prefix detection, and vTPM support
- Resolves: #2076795
- Resolves: #2026568
- Resolves: #2051331
* Wed May 04 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-126
- Fix rpm verification error on grub.cfg permissions
- Resolves: #2071643
* Wed Apr 20 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-125
- RHEL 8.6.0 import; no code changes
- Resolves: #2062892
* Mon Mar 28 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-123
- Bump for signing
- Resolves: #2061252
* Wed Mar 09 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-122
- Fix initialization on efidisk patch
- Resolves: #2061252
* Tue Mar 08 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-121
- Backport support for loading initrd above 4GB
- Resolves: #2048433
* Mon Feb 28 2022 Robbie Harwood <rharwood@redhat.com> - 2.06-120
- Bump signing