From ad4aff0c12370a6edc82478d8ca83627f6916e3d Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 17 Jul 2018 10:20:54 -0400 Subject: [PATCH] Rework SB patches and 10_linux.in changes even harder. Apparently working on two identical trees at once is not good for doing things right. Resolves: rhbz#1601578 Signed-off-by: Peter Jones --- ...d-support-for-Linux-EFI-stub-loading.patch | 935 +++++++++++ ...d.patch => 0158-Rework-linux-command.patch | 33 +- ...patch => 0159-Rework-linux16-command.patch | 14 +- ...ecureboot-support-on-efi-chainloader.patch | 1390 +++++++++++++++++ ...loaders-that-link-in-efi-mode-honor-.patch | 79 +- ...rch-64-on-32-boot-in-linuxefi-loader.patch | 101 +- ...re.patch => 0163-re-write-.gitignore.patch | 0 ...ient-architecture-CAS-reboot-support.patch | 0 ...nsole-display-attr-when-clear-screen.patch | 0 ...video-support-for-IBM-power-machines.patch | 0 ...when-generating-configuration-by-gru.patch | 0 ...8-Move-bash-completion-script-922997.patch | 0 ...patch => 0169-Update-to-minilzo-2.08.patch | 0 ...o-include-entries-by-title-not-just-.patch | 0 ....patch => 0171-Add-GRUB_DISABLE_UUID.patch | 0 ...=> 0172-Make-exit-take-a-return-code.patch | 0 ...pot-as-binary-so-git-won-t-try-to-di.patch | 0 ...es-load-an-env-block-from-a-variable.patch | 2 +- 0175-Add-support-for-linuxefi.patch | 479 ------ ...HCP-client-ID-and-UUID-options-added.patch | 0 ...xefi-and-initrdefi-where-appropriate.patch | 40 - ...-trim-arp-packets-with-abnormal-size.patch | 0 ...w-insmod-when-secure-boot-is-enabled.patch | 121 -- ...Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch | 0 ...UEFI-operating-systems-returned-by-o.patch | 0 ...179-Migrate-PPC-from-Yaboot-to-Grub2.patch | 0 ...=> 0180-Add-fw_path-variable-revised.patch | 0 ...-hex-hex-straight-through-unmolested.patch | 0 ...182-Add-X-option-to-printf-functions.patch | 0 ...for-specific-config-file-for-netboot.patch | 0 ...g-module-to-parse-Boot-Loader-Specif.patch | 4 +- 0185-Add-devicetree-loading.patch | 68 + ...6-Don-t-write-messages-to-the-screen.patch | 30 +- ... => 0187-Don-t-print-GNU-GRUB-header.patch | 0 ...=> 0188-Don-t-add-to-highlighted-row.patch | 0 ...atch => 0189-Message-string-cleanups.patch | 0 ...ing-now-that-we-aren-t-displaying-it.patch | 0 ...-Use-linux16-when-appropriate-880840.patch | 42 - ...t-indentation-for-the-term-help-text.patch | 0 ...es.patch => 0192-Indent-menu-entries.patch | 0 ...ix-margins.patch => 0193-Fix-margins.patch | 0 ...-1-for-our-right-hand-margin-so-line.patch | 0 ...0195-Enable-pager-by-default.-985860.patch | 0 ...-on-serial-so-don-t-tell-the-user-to.patch | 0 ...n-t-say-GNU-Linux-in-generated-menus.patch | 2 +- ...-Don-t-draw-a-border-around-the-menu.patch | 0 ...rk-with-our-changes-for-linux16-and-.patch | 79 - ...on-t-print-during-fdt-loading-method.patch | 24 - ...andard-margin-for-the-timeout-string.patch | 0 ...rame-to-list-of-relocations-stripped.patch | 0 ...spaces-when-we-re-doing-our-cmdline-.patch | 0 ...password-to-boot-entries-generated-b.patch | 2 +- ...=> 0203-Don-t-emit-Booting-.-message.patch | 0 ...f-man-pages-with-slightly-nicer-ones.patch | 0 ...ix-when-fallback-searching-for-grub-.patch | 0 ...-before-grub.cfg-on-tftp-config-file.patch | 0 ...ert-function-to-support-NVMe-devices.patch | 0 ...M-Mustang-device-tree-for-hardware-t.patch | 25 - ...device-tree-from-the-grub-default-fi.patch | 42 - ...P-protocol-for-exclusive-use-by-grub.patch | 0 ...P-protocol-for-exclusive-use-by-grub.patch | 0 ...patch => 0210-Add-grub_util_readlink.patch | 0 ...se-symlinks-including-those-across-d.patch | 0 ...CLASS-in-10_linux-from-etc-os-releas.patch | 2 +- ...t-ordering-for-.debug-and-rescue-ker.patch | 0 ...4-Try-prefix-if-fw_path-doesn-t-work.patch | 0 0215-Load-arm-with-SB-enabled.patch | 426 ----- ...-grub.cfg-netboot-selection-order-11.patch | 0 ...-Package-Sort-for-grub2-mkconfig-112.patch | 0 ... => 0217-Handle-rssd-storage-devices.patch | 0 ...fig-construct-titles-that-look-like-.patch | 4 +- ...ly-grub2-password-config-tool-985962.patch | 0 ...x16-initrd16-and-linuxefi-initrdefi-.patch | 74 - ...-configure.ac-and-grub-rpm-sort-play.patch | 0 ... 0221-tcp-add-window-scaling-support.patch | 0 ...net-retransmit-if-our-device-is-busy.patch | 0 ...out-actually-using-the-configured-ne.patch | 0 ...r-for-the-first-exclusive-reopen-of-.patch | 0 ...ue-when-reading-username-and-passwor.patch | 0 ...ub-password-will-not-be-read-1290803.patch | 0 ...ub-setpassword-documentation-1290799.patch | 0 ...le-issue-in-grub-setpassword-1294243.patch | 0 ...rsistent-RAM-and-unknown-possible-fu.patch | 0 ... 0230-efiemu-Fix-compilation-failure.patch | 0 ...P-protocol-for-exclusive-use-by-grub.patch | 0 ...arser.patch => 0232-Add-a-url-parser.patch | 4 +- ...net-and-bootp-add-support-for-dhcpv6.patch | 0 ...rnel-settings-and-use-it-in-10_linux.patch | 12 +- ...0235-Normalize-slashes-in-tftp-paths.patch | 0 ...h => 0236-Fix-malformed-tftp-packets.patch | 0 ...1374141-fix-incorrect-mask-for-ppc64.patch | 0 ... 0238-Make-grub_fatal-also-backtrace.patch | 2 +- ...> 0239-Make-grub-editenv-build-again.patch | 0 0240-Fix-race-in-EFI-validation.patch | 94 -- ...ix-up-some-man-pages-rpmdiff-noticed.patch | 0 ...=> 0241-Make-exit-take-a-return-code.patch | 0 ...art-of-chainloader-target-if-present.patch | 34 - ...fdt-has-address-cells-and-size-cells.patch | 0 ...ecureboot-support-on-efi-chainloader.patch | 797 ---------- ...fo-pages-say-grub2-where-appropriate.patch | 0 ...more-debug-info-in-our-module-loader.patch | 0 ...-chainloader-entries-don-t-try-any-x.patch | 4 +- ...-Add-ability-to-boot-from-subvolumes.patch | 0 ...port-btrfs_subvol-and-btrfs_subvolid.patch | 0 ...> 0248-grub2-btrfs-03-follow_default.patch | 0 ...=> 0249-grub2-btrfs-04-grub2-install.patch | 0 ...-work-some-intricacies-of-PE-loading.patch | 350 ----- ...> 0250-grub2-btrfs-05-grub2-mkconfig.patch | 2 +- ...-of-efi-chainload-so-non-sb-cases-wo.patch | 412 ----- ... => 0251-grub2-btrfs-06-subvol-mount.patch | 0 ...ootable-Snapshot-submenu-in-grub.cfg.patch | 0 ...-double-free-on-verification-failure.patch | 22 - ...subvol-name-scheme-to-support-old-sn.patch | 0 ...machine-type-test-in-30_os-prober.in.patch | 22 - ...-correctly-with-btrfs-snapshots-bsc-.patch | 0 ...fix-wrong-sanity-check-in-relocate_c.patch | 35 - ...ocate_pool-and-grub_efi_free_pool-wr.patch | 0 ...truncate-overlong-relocation-section.patch | 110 -- ...fi_.-memory-helpers-where-reasonable.patch | 2 +- 0256-linuxefi-minor-cleanups.patch | 86 - ...7-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch | 2 +- ...c-sized-arrays-since-we-don-t-build-.patch | 0 0258-Fix-up-linux-params-usage.patch | 63 - ...nst.patch => 0259-don-t-ignore-const.patch | 0 ...=> 0260-don-t-use-int-for-efi-status.patch | 0 ...rintf-in-the-secure-boot-verify-code.patch | 40 - ...INIT-declare-its-function-prototypes.patch | 0 ...262-editenv-handle-relative-symlinks.patch | 0 ...e-libgrub.pp-depend-on-config-util.h.patch | 0 ...-efi-as-HFS-on-ppc-machines-in-grub-.patch | 0 ...d-xen-or-multiboot-2-modules-as-need.patch | 0 ...-calibration-not-take-51-seconds-to-.patch | 0 ...267-align-struct-efi_variable-better.patch | 0 ...=> 0268-Add-quicksort-implementation.patch | 0 ...nd-support-to-parse-BootLoaderSpec-c.patch | 2 +- ...270-Add-BLS-support-to-grub-mkconfig.patch | 28 +- ...d-grub_exit-definition-for-grub-emu-.patch | 0 ...-backtrace-on-grub_abort-for-grub-em.patch | 0 ...-blscfg-command-for-the-emu-platform.patch | 2 +- ...nux-and-initrd-commands-for-grub-emu.patch | 18 +- ...5-Fix-the-efidir-in-grub-setpassword.patch | 0 ...h => 0276-Add-grub2-switch-to-blscfg.patch | 0 ...patch => 0277-Add-grub_debug_enabled.patch | 0 ...patch => 0278-make-better-backtraces.patch | 4 +- ...w-our-startup-message-if-debug-is-se.patch | 0 ...-some-minor-include-path-weirdnesses.patch | 0 ...p-some-errors-in-the-linuxefi-loader.patch | 66 - ...it-possible-to-enabled-build-id-sha1.patch | 0 ...f-grub_dprintf-without-the-file-line.patch | 0 ...dprintf-that-tells-us-load-addresses.patch | 0 ...scan-different-BLS-directories-on-EF.patch | 0 ...pport.patch => 0285-Core-TPM-support.patch | 2 +- ....patch => 0286-Measure-kernel-initrd.patch | 6 +- ...ch => 0287-Add-BIOS-boot-measurement.patch | 0 ...re-kernel-and-initrd-on-BIOS-systems.patch | 2 +- ... 0289-Measure-the-kernel-commandline.patch | 0 ...mands.patch => 0290-Measure-commands.patch | 0 ...Measure-multiboot-images-and-modules.patch | 0 ...=> 0292-Fix-boot-when-there-s-no-TPM.patch | 0 ...atch => 0293-Rework-TPM-measurements.patch | 8 +- ...x.patch => 0294-Fix-event-log-prefix.patch | 0 ...ot-menu-entry-as-default-when-using-.patch | 4 +- ...-when-compiling-for-platforms-other-.patch | 0 ...h => 0297-Make-TPM-errors-less-fatal.patch | 8 +- ...cfg-handle-multiple-initramfs-images.patch | 0 ...switch-to-blscfg-on-non-EFI-machines.patch | 0 ...LS-Use-etcdefaultgrub-instead-of-etc.patch | 0 ...ons-to-grub2-switch-to-blscfg-man-pa.patch | 0 ...h-to-blscfg-to-generate-debug-BLS-wh.patch | 0 ...h-to-blscfg-to-generate-BLS-fragment.patch | 0 ...query-dev-mounted-in-boot-efi-as-boo.patch | 4 +- ...ath-when-searching-kernels-images-if.patch | 4 +- ...field-to-compare-entries-if-id-field.patch | 0 ...d-to-BLS-generated-by-grub2-switch-t.patch | 0 ...tch => 0308-Fixup-for-newer-compiler.patch | 0 ...-export-the-start-and-_start-symbols.patch | 0 ...plify-BLS-entry-key-val-pairs-lookup.patch | 0 ...h-to-the-kernel-and-initrds-BLS-fiel.patch | 0 ...p-leading-spaces-on-BLS-field-values.patch | 0 ...tch => 0313-Fixup-for-newer-compiler.patch | 0 ..._log_extend_event-function-prototype.patch | 0 ...ch => 0315-TPM-Fix-compiler-warnings.patch | 0 ...lscfg.in-get-rid-of-a-bunch-of-bashi.patch | 0 ...lscfg.in-Better-boot-prefix-checking.patch | 0 ...entries-as-BLS-directory-path-also-o.patch | 0 ...-filename-as-menu-entry-id-and-for-c.patch | 0 ...witch-to-blscfg-boot-prefix-handling.patch | 0 ...-trim-arp-packets-with-abnormal-size.patch | 0 ...> 0322-Use-xid-to-match-DHCP-replies.patch | 0 ...pport-for-non-Ethernet-network-cards.patch | 0 ...lid-character-recongition-in-strto-l.patch | 0 ...racketed-ipv6-addrs-and-port-numbers.patch | 0 ...ed-ipv6-addrs-and-port-numbers-pjone.patch | 0 ...=> 0327-bootp-New-net_bootp6-command.patch | 0 ...t-back-our-code-to-add-a-local-route.patch | 0 ...=> 0329-efinet-UEFI-IPv6-PXE-support.patch | 0 ...330-grub.texi-Add-net_bootp6-doument.patch | 0 ...essing-DHCPACK-packet-from-HTTP-Boot.patch | 0 ...etting-network-from-UEFI-device-path.patch | 0 ...etting-DNS-server-from-UEFI-protocol.patch | 0 ...0334-Fix-one-more-coverity-complaint.patch | 0 ...h => 0335-Fix-grub_net_hwaddr_to_str.patch | 0 ...36-Support-UEFI-networking-protocols.patch | 6 +- ...> 0337-AUDIT-0-http-boot-tracker-bug.patch | 0 ...efi_gop.c-Add-support-for-BLT_ONLY-a.patch | 0 ... 0339-efi-uga-use-64-bit-for-fb_base.patch | 0 ...ot-set-text-mode-until-we-actually-n.patch | 0 ...grub_console_read_key_stroke-helper-.patch | 0 ...nsole-Implement-getkeystatus-support.patch | 0 ...status-helper-funtion-available-ever.patch | 0 ...d-holding-SHIFT-as-user-interrupt-ke.patch | 0 ...-incr-command-to-increment-integer-v.patch | 0 ...h => 0346-Add-auto-hide-menu-support.patch | 14 +- ...try-for-firmware-setup-on-UEFI-FastB.patch | 0 ...> 0348-Add-grub-set-bootflag-utility.patch | 0 ...Fix-grub-setpassword-o-s-output-path.patch | 0 ...ssword-be-named-like-all-the-other-g.patch | 0 ...b-boot-indeterminate.service-example.patch | 0 ...e-Use-a-timeout-of-60s-for-menu_show.patch | 0 ...hide-Reduce-number-of-save_env-calls.patch | 0 ...xes-to-make-armv7hl-build-as-arm-efi.patch | 4 +- ...-fix-use-with-sys-firmware-efi-efiva.patch | 0 ...h => 0356-gentpl-add-disable-support.patch | 0 ... => 0357-gentpl-add-pc-firmware-type.patch | 0 ...ot-module-on-EFI-builds-it-is-in-ker.patch | 2 +- ...t-multiboot2-and-linux16-modules-on-.patch | 19 +- ...fs-not-duplicate-symbols-from-efinet.patch | 4 +- ... => 0361-Don-t-build-the-fdt-command.patch | 12 +- ...=> 0362-blscfg-remove-unused-typedef.patch | 0 ...-dynamically-allocate-default_blsdir.patch | 0 ...fg-sort-BLS-entries-by-version-field.patch | 0 ...-remove-NULL-guards-around-grub_free.patch | 0 ...g-fix-filename-in-no-linux-key-error.patch | 0 ...blscfg-don-t-leak-bls_entry.filename.patch | 0 ...lscfg-fix-compilation-on-EFI-and-EMU.patch | 0 ...-blscfg-and-loadenv-source-file-list.patch | 2 +- ...f-the-linuxefi-linux16-linux-distinc.patch | 56 + ...i-module-just-be-the-x86-efi-version.patch | 56 - ...x-our-linuxefi-linux-command-reunion.patch | 62 - ...-linux16-linux-loader-make-linux16-p.patch | 75 - grub.patches | 450 +++--- grub2.spec | 6 +- 242 files changed, 2904 insertions(+), 4133 deletions(-) create mode 100644 0157-Add-support-for-Linux-EFI-stub-loading.patch rename 0246-Rework-linux-command.patch => 0158-Rework-linux-command.patch (72%) rename 0247-Rework-linux16-command.patch => 0159-Rework-linux16-command.patch (87%) create mode 100644 0160-Add-secureboot-support-on-efi-chainloader.patch rename 0244-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch => 0161-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch (87%) rename 0257-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch => 0162-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch (73%) rename 0157-re-write-.gitignore.patch => 0163-re-write-.gitignore.patch (100%) rename 0158-IBM-client-architecture-CAS-reboot-support.patch => 0164-IBM-client-architecture-CAS-reboot-support.patch (100%) rename 0159-for-ppc-reset-console-display-attr-when-clear-screen.patch => 0165-for-ppc-reset-console-display-attr-when-clear-screen.patch (100%) rename 0160-Disable-GRUB-video-support-for-IBM-power-machines.patch => 0166-Disable-GRUB-video-support-for-IBM-power-machines.patch (100%) rename 0161-Honor-a-symlink-when-generating-configuration-by-gru.patch => 0167-Honor-a-symlink-when-generating-configuration-by-gru.patch (100%) rename 0162-Move-bash-completion-script-922997.patch => 0168-Move-bash-completion-script-922997.patch (100%) rename 0163-Update-to-minilzo-2.08.patch => 0169-Update-to-minilzo-2.08.patch (100%) rename 0164-Allow-fallback-to-include-entries-by-title-not-just-.patch => 0170-Allow-fallback-to-include-entries-by-title-not-just-.patch (100%) rename 0165-Add-GRUB_DISABLE_UUID.patch => 0171-Add-GRUB_DISABLE_UUID.patch (100%) rename 0166-Make-exit-take-a-return-code.patch => 0172-Make-exit-take-a-return-code.patch (100%) rename 0167-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch => 0173-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch (100%) rename 0168-Make-efi-machines-load-an-env-block-from-a-variable.patch => 0174-Make-efi-machines-load-an-env-block-from-a-variable.patch (98%) delete mode 100644 0175-Add-support-for-linuxefi.patch rename 0169-DHCP-client-ID-and-UUID-options-added.patch => 0175-DHCP-client-ID-and-UUID-options-added.patch (100%) delete mode 100644 0176-Use-linuxefi-and-initrdefi-where-appropriate.patch rename 0170-trim-arp-packets-with-abnormal-size.patch => 0176-trim-arp-packets-with-abnormal-size.patch (100%) delete mode 100644 0177-Don-t-allow-insmod-when-secure-boot-is-enabled.patch rename 0171-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch => 0177-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch (100%) rename 0172-Add-support-for-UEFI-operating-systems-returned-by-o.patch => 0178-Add-support-for-UEFI-operating-systems-returned-by-o.patch (100%) rename 0173-Migrate-PPC-from-Yaboot-to-Grub2.patch => 0179-Migrate-PPC-from-Yaboot-to-Grub2.patch (100%) rename 0174-Add-fw_path-variable-revised.patch => 0180-Add-fw_path-variable-revised.patch (100%) rename 0178-Pass-x-hex-hex-straight-through-unmolested.patch => 0181-Pass-x-hex-hex-straight-through-unmolested.patch (100%) rename 0179-Add-X-option-to-printf-functions.patch => 0182-Add-X-option-to-printf-functions.patch (100%) rename 0180-Search-for-specific-config-file-for-netboot.patch => 0183-Search-for-specific-config-file-for-netboot.patch (100%) rename 0181-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch => 0184-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch (98%) create mode 100644 0185-Add-devicetree-loading.patch rename 0182-Don-t-write-messages-to-the-screen.patch => 0186-Don-t-write-messages-to-the-screen.patch (88%) rename 0183-Don-t-print-GNU-GRUB-header.patch => 0187-Don-t-print-GNU-GRUB-header.patch (100%) rename 0184-Don-t-add-to-highlighted-row.patch => 0188-Don-t-add-to-highlighted-row.patch (100%) rename 0185-Message-string-cleanups.patch => 0189-Message-string-cleanups.patch (100%) rename 0186-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch => 0190-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch (100%) delete mode 100644 0191-Use-linux16-when-appropriate-880840.patch rename 0187-Use-the-correct-indentation-for-the-term-help-text.patch => 0191-Use-the-correct-indentation-for-the-term-help-text.patch (100%) rename 0188-Indent-menu-entries.patch => 0192-Indent-menu-entries.patch (100%) rename 0189-Fix-margins.patch => 0193-Fix-margins.patch (100%) rename 0190-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch => 0194-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch (100%) rename 0192-Enable-pager-by-default.-985860.patch => 0195-Enable-pager-by-default.-985860.patch (100%) rename 0193-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch => 0196-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch (100%) rename 0194-Don-t-say-GNU-Linux-in-generated-menus.patch => 0197-Don-t-say-GNU-Linux-in-generated-menus.patch (97%) rename 0195-Don-t-draw-a-border-around-the-menu.patch => 0198-Don-t-draw-a-border-around-the-menu.patch (100%) delete mode 100644 0198-Make-10_linux-work-with-our-changes-for-linux16-and-.patch delete mode 100644 0199-Don-t-print-during-fdt-loading-method.patch rename 0196-Use-the-standard-margin-for-the-timeout-string.patch => 0199-Use-the-standard-margin-for-the-timeout-string.patch (100%) rename 0197-Add-.eh_frame-to-list-of-relocations-stripped.patch => 0200-Add-.eh_frame-to-list-of-relocations-stripped.patch (100%) rename 0200-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch => 0201-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch (100%) rename 0201-Don-t-require-a-password-to-boot-entries-generated-b.patch => 0202-Don-t-require-a-password-to-boot-entries-generated-b.patch (96%) rename 0202-Don-t-emit-Booting-.-message.patch => 0203-Don-t-emit-Booting-.-message.patch (100%) rename 0203-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch => 0204-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch (100%) rename 0204-use-fw_path-prefix-when-fallback-searching-for-grub-.patch => 0205-use-fw_path-prefix-when-fallback-searching-for-grub-.patch (100%) rename 0205-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch => 0206-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch (100%) rename 0206-Fix-convert-function-to-support-NVMe-devices.patch => 0207-Fix-convert-function-to-support-NVMe-devices.patch (100%) delete mode 100644 0207-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch delete mode 100644 0208-Use-the-default-device-tree-from-the-grub-default-fi.patch rename 0209-reopen-SNP-protocol-for-exclusive-use-by-grub.patch => 0208-reopen-SNP-protocol-for-exclusive-use-by-grub.patch (100%) rename 0210-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch => 0209-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch (100%) rename 0211-Add-grub_util_readlink.patch => 0210-Add-grub_util_readlink.patch (100%) rename 0212-Make-editenv-chase-symlinks-including-those-across-d.patch => 0211-Make-editenv-chase-symlinks-including-those-across-d.patch (100%) rename 0213-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch => 0212-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch (96%) rename 0214-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch => 0213-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch (100%) rename 0216-Try-prefix-if-fw_path-doesn-t-work.patch => 0214-Try-prefix-if-fw_path-doesn-t-work.patch (100%) delete mode 100644 0215-Load-arm-with-SB-enabled.patch rename 0217-Update-info-with-grub.cfg-netboot-selection-order-11.patch => 0215-Update-info-with-grub.cfg-netboot-selection-order-11.patch (100%) rename 0218-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch => 0216-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch (100%) rename 0219-Handle-rssd-storage-devices.patch => 0217-Handle-rssd-storage-devices.patch (100%) rename 0221-Make-grub2-mkconfig-construct-titles-that-look-like-.patch => 0218-Make-grub2-mkconfig-construct-titles-that-look-like-.patch (97%) rename 0222-Add-friendly-grub2-password-config-tool-985962.patch => 0219-Add-friendly-grub2-password-config-tool-985962.patch (100%) delete mode 100644 0220-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch rename 0223-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch => 0220-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch (100%) rename 0224-tcp-add-window-scaling-support.patch => 0221-tcp-add-window-scaling-support.patch (100%) rename 0225-efinet-retransmit-if-our-device-is-busy.patch => 0222-efinet-retransmit-if-our-device-is-busy.patch (100%) rename 0226-Be-more-aggro-about-actually-using-the-configured-ne.patch => 0223-Be-more-aggro-about-actually-using-the-configured-ne.patch (100%) rename 0227-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch => 0224-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch (100%) rename 0228-Fix-security-issue-when-reading-username-and-passwor.patch => 0225-Fix-security-issue-when-reading-username-and-passwor.patch (100%) rename 0229-Warn-if-grub-password-will-not-be-read-1290803.patch => 0226-Warn-if-grub-password-will-not-be-read-1290803.patch (100%) rename 0230-Clean-up-grub-setpassword-documentation-1290799.patch => 0227-Clean-up-grub-setpassword-documentation-1290799.patch (100%) rename 0231-Fix-locale-issue-in-grub-setpassword-1294243.patch => 0228-Fix-locale-issue-in-grub-setpassword-1294243.patch (100%) rename 0232-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch => 0229-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch (100%) rename 0233-efiemu-Fix-compilation-failure.patch => 0230-efiemu-Fix-compilation-failure.patch (100%) rename 0234-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch => 0231-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch (100%) rename 0235-Add-a-url-parser.patch => 0232-Add-a-url-parser.patch (99%) rename 0236-efinet-and-bootp-add-support-for-dhcpv6.patch => 0233-efinet-and-bootp-add-support-for-dhcpv6.patch (100%) rename 0237-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch => 0234-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch (97%) rename 0238-Normalize-slashes-in-tftp-paths.patch => 0235-Normalize-slashes-in-tftp-paths.patch (100%) rename 0239-Fix-malformed-tftp-packets.patch => 0236-Fix-malformed-tftp-packets.patch (100%) rename 0241-bz1374141-fix-incorrect-mask-for-ppc64.patch => 0237-bz1374141-fix-incorrect-mask-for-ppc64.patch (100%) rename 0245-Make-grub_fatal-also-backtrace.patch => 0238-Make-grub_fatal-also-backtrace.patch (99%) rename 0248-Make-grub-editenv-build-again.patch => 0239-Make-grub-editenv-build-again.patch (100%) delete mode 100644 0240-Fix-race-in-EFI-validation.patch rename 0249-Fix-up-some-man-pages-rpmdiff-noticed.patch => 0240-Fix-up-some-man-pages-rpmdiff-noticed.patch (100%) rename 0259-Make-exit-take-a-return-code.patch => 0241-Make-exit-take-a-return-code.patch (100%) delete mode 100644 0242-Use-device-part-of-chainloader-target-if-present.patch rename 0260-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch => 0242-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch (100%) delete mode 100644 0243-Add-secureboot-support-on-efi-chainloader.patch rename 0262-Make-our-info-pages-say-grub2-where-appropriate.patch => 0243-Make-our-info-pages-say-grub2-where-appropriate.patch (100%) rename 0263-print-more-debug-info-in-our-module-loader.patch => 0244-print-more-debug-info-in-our-module-loader.patch (100%) rename 0264-macos-just-build-chainloader-entries-don-t-try-any-x.patch => 0245-macos-just-build-chainloader-entries-don-t-try-any-x.patch (98%) rename 0265-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch => 0246-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch (100%) rename 0266-export-btrfs_subvol-and-btrfs_subvolid.patch => 0247-export-btrfs_subvol-and-btrfs_subvolid.patch (100%) rename 0267-grub2-btrfs-03-follow_default.patch => 0248-grub2-btrfs-03-follow_default.patch (100%) rename 0268-grub2-btrfs-04-grub2-install.patch => 0249-grub2-btrfs-04-grub2-install.patch (100%) delete mode 100644 0250-Re-work-some-intricacies-of-PE-loading.patch rename 0269-grub2-btrfs-05-grub2-mkconfig.patch => 0250-grub2-btrfs-05-grub2-mkconfig.patch (99%) delete mode 100644 0251-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch rename 0270-grub2-btrfs-06-subvol-mount.patch => 0251-grub2-btrfs-06-subvol-mount.patch (100%) rename 0271-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch => 0252-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch (100%) delete mode 100644 0252-linuxefi-fix-double-free-on-verification-failure.patch rename 0272-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch => 0253-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch (100%) delete mode 100644 0253-fix-machine-type-test-in-30_os-prober.in.patch rename 0273-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch => 0254-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch (100%) delete mode 100644 0254-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch rename 0274-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch => 0255-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch (100%) delete mode 100644 0255-efi-chainloader-truncate-overlong-relocation-section.patch rename 0275-Use-grub_efi_.-memory-helpers-where-reasonable.patch => 0256-Use-grub_efi_.-memory-helpers-where-reasonable.patch (98%) delete mode 100644 0256-linuxefi-minor-cleanups.patch rename 0276-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch => 0257-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch (97%) rename 0277-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch => 0258-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch (100%) delete mode 100644 0258-Fix-up-linux-params-usage.patch rename 0278-don-t-ignore-const.patch => 0259-don-t-ignore-const.patch (100%) rename 0279-don-t-use-int-for-efi-status.patch => 0260-don-t-use-int-for-efi-status.patch (100%) delete mode 100644 0261-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch rename 0280-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch => 0261-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch (100%) rename 0282-editenv-handle-relative-symlinks.patch => 0262-editenv-handle-relative-symlinks.patch (100%) rename 0283-Make-libgrub.pp-depend-on-config-util.h.patch => 0263-Make-libgrub.pp-depend-on-config-util.h.patch (100%) rename 0284-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch => 0264-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch (100%) rename 0285-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch => 0265-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch (100%) rename 0286-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch => 0266-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch (100%) rename 0287-align-struct-efi_variable-better.patch => 0267-align-struct-efi_variable-better.patch (100%) rename 0288-Add-quicksort-implementation.patch => 0268-Add-quicksort-implementation.patch (100%) rename 0289-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch => 0269-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch (99%) rename 0290-Add-BLS-support-to-grub-mkconfig.patch => 0270-Add-BLS-support-to-grub-mkconfig.patch (90%) rename 0291-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch => 0271-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch (100%) rename 0292-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch => 0272-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch (100%) rename 0293-Enable-blscfg-command-for-the-emu-platform.patch => 0273-Enable-blscfg-command-for-the-emu-platform.patch (99%) rename 0294-Add-linux-and-initrd-commands-for-grub-emu.patch => 0274-Add-linux-and-initrd-commands-for-grub-emu.patch (96%) rename 0295-Fix-the-efidir-in-grub-setpassword.patch => 0275-Fix-the-efidir-in-grub-setpassword.patch (100%) rename 0296-Add-grub2-switch-to-blscfg.patch => 0276-Add-grub2-switch-to-blscfg.patch (100%) rename 0297-Add-grub_debug_enabled.patch => 0277-Add-grub_debug_enabled.patch (100%) rename 0298-make-better-backtraces.patch => 0278-make-better-backtraces.patch (99%) rename 0299-normal-don-t-draw-our-startup-message-if-debug-is-se.patch => 0279-normal-don-t-draw-our-startup-message-if-debug-is-se.patch (100%) rename 0300-Work-around-some-minor-include-path-weirdnesses.patch => 0280-Work-around-some-minor-include-path-weirdnesses.patch (100%) delete mode 100644 0281-Clean-up-some-errors-in-the-linuxefi-loader.patch rename 0301-Make-it-possible-to-enabled-build-id-sha1.patch => 0281-Make-it-possible-to-enabled-build-id-sha1.patch (100%) rename 0302-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch => 0282-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch (100%) rename 0303-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch => 0283-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch (100%) rename 0304-Only-attempt-to-scan-different-BLS-directories-on-EF.patch => 0284-Only-attempt-to-scan-different-BLS-directories-on-EF.patch (100%) rename 0305-Core-TPM-support.patch => 0285-Core-TPM-support.patch (99%) rename 0306-Measure-kernel-initrd.patch => 0286-Measure-kernel-initrd.patch (87%) rename 0307-Add-BIOS-boot-measurement.patch => 0287-Add-BIOS-boot-measurement.patch (100%) rename 0308-Measure-kernel-and-initrd-on-BIOS-systems.patch => 0288-Measure-kernel-and-initrd-on-BIOS-systems.patch (98%) rename 0309-Measure-the-kernel-commandline.patch => 0289-Measure-the-kernel-commandline.patch (100%) rename 0310-Measure-commands.patch => 0290-Measure-commands.patch (100%) rename 0311-Measure-multiboot-images-and-modules.patch => 0291-Measure-multiboot-images-and-modules.patch (100%) rename 0312-Fix-boot-when-there-s-no-TPM.patch => 0292-Fix-boot-when-there-s-no-TPM.patch (100%) rename 0313-Rework-TPM-measurements.patch => 0293-Rework-TPM-measurements.patch (97%) rename 0314-Fix-event-log-prefix.patch => 0294-Fix-event-log-prefix.patch (100%) rename 0315-Set-the-first-boot-menu-entry-as-default-when-using-.patch => 0295-Set-the-first-boot-menu-entry-as-default-when-using-.patch (90%) rename 0316-tpm-fix-warnings-when-compiling-for-platforms-other-.patch => 0296-tpm-fix-warnings-when-compiling-for-platforms-other-.patch (100%) rename 0317-Make-TPM-errors-less-fatal.patch => 0297-Make-TPM-errors-less-fatal.patch (97%) rename 0318-blscfg-handle-multiple-initramfs-images.patch => 0298-blscfg-handle-multiple-initramfs-images.patch (100%) rename 0319-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch => 0299-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch (100%) rename 0320-BLS-Use-etcdefaultgrub-instead-of-etc.patch => 0300-BLS-Use-etcdefaultgrub-instead-of-etc.patch (100%) rename 0321-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch => 0301-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch (100%) rename 0322-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch => 0302-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch (100%) rename 0323-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch => 0303-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch (100%) rename 0324-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch => 0304-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch (95%) rename 0325-Include-OSTree-path-when-searching-kernels-images-if.patch => 0305-Include-OSTree-path-when-searching-kernels-images-if.patch (94%) rename 0326-Use-BLS-version-field-to-compare-entries-if-id-field.patch => 0306-Use-BLS-version-field-to-compare-entries-if-id-field.patch (100%) rename 0327-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch => 0307-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch (100%) rename 0328-Fixup-for-newer-compiler.patch => 0308-Fixup-for-newer-compiler.patch (100%) rename 0329-Don-t-attempt-to-export-the-start-and-_start-symbols.patch => 0309-Don-t-attempt-to-export-the-start-and-_start-symbols.patch (100%) rename 0330-Simplify-BLS-entry-key-val-pairs-lookup.patch => 0310-Simplify-BLS-entry-key-val-pairs-lookup.patch (100%) rename 0331-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch => 0311-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch (100%) rename 0332-Skip-leading-spaces-on-BLS-field-values.patch => 0312-Skip-leading-spaces-on-BLS-field-values.patch (100%) rename 0333-Fixup-for-newer-compiler.patch => 0313-Fixup-for-newer-compiler.patch (100%) rename 0334-TPM-Fix-hash_log_extend_event-function-prototype.patch => 0314-TPM-Fix-hash_log_extend_event-function-prototype.patch (100%) rename 0335-TPM-Fix-compiler-warnings.patch => 0315-TPM-Fix-compiler-warnings.patch (100%) rename 0336-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch => 0316-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch (100%) rename 0337-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch => 0317-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch (100%) rename 0338-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch => 0318-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch (100%) rename 0339-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch => 0319-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch (100%) rename 0340-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch => 0320-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch (100%) rename 0341-Revert-trim-arp-packets-with-abnormal-size.patch => 0321-Revert-trim-arp-packets-with-abnormal-size.patch (100%) rename 0342-Use-xid-to-match-DHCP-replies.patch => 0322-Use-xid-to-match-DHCP-replies.patch (100%) rename 0343-Add-support-for-non-Ethernet-network-cards.patch => 0323-Add-support-for-non-Ethernet-network-cards.patch (100%) rename 0344-misc-fix-invalid-character-recongition-in-strto-l.patch => 0324-misc-fix-invalid-character-recongition-in-strto-l.patch (100%) rename 0345-net-read-bracketed-ipv6-addrs-and-port-numbers.patch => 0325-net-read-bracketed-ipv6-addrs-and-port-numbers.patch (100%) rename 0346-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch => 0326-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch (100%) rename 0347-bootp-New-net_bootp6-command.patch => 0327-bootp-New-net_bootp6-command.patch (100%) rename 0348-Put-back-our-code-to-add-a-local-route.patch => 0328-Put-back-our-code-to-add-a-local-route.patch (100%) rename 0349-efinet-UEFI-IPv6-PXE-support.patch => 0329-efinet-UEFI-IPv6-PXE-support.patch (100%) rename 0350-grub.texi-Add-net_bootp6-doument.patch => 0330-grub.texi-Add-net_bootp6-doument.patch (100%) rename 0351-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch => 0331-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch (100%) rename 0352-efinet-Setting-network-from-UEFI-device-path.patch => 0332-efinet-Setting-network-from-UEFI-device-path.patch (100%) rename 0353-efinet-Setting-DNS-server-from-UEFI-protocol.patch => 0333-efinet-Setting-DNS-server-from-UEFI-protocol.patch (100%) rename 0354-Fix-one-more-coverity-complaint.patch => 0334-Fix-one-more-coverity-complaint.patch (100%) rename 0355-Fix-grub_net_hwaddr_to_str.patch => 0335-Fix-grub_net_hwaddr_to_str.patch (100%) rename 0356-Support-UEFI-networking-protocols.patch => 0336-Support-UEFI-networking-protocols.patch (99%) rename 0357-AUDIT-0-http-boot-tracker-bug.patch => 0337-AUDIT-0-http-boot-tracker-bug.patch (100%) rename 0358-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch => 0338-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch (100%) rename 0359-efi-uga-use-64-bit-for-fb_base.patch => 0339-efi-uga-use-64-bit-for-fb_base.patch (100%) rename 0360-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch => 0340-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch (100%) rename 0361-EFI-console-Add-grub_console_read_key_stroke-helper-.patch => 0341-EFI-console-Add-grub_console_read_key_stroke-helper-.patch (100%) rename 0362-EFI-console-Implement-getkeystatus-support.patch => 0342-EFI-console-Implement-getkeystatus-support.patch (100%) rename 0363-Make-grub_getkeystatus-helper-funtion-available-ever.patch => 0343-Make-grub_getkeystatus-helper-funtion-available-ever.patch (100%) rename 0364-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch => 0344-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch (100%) rename 0365-grub-editenv-Add-incr-command-to-increment-integer-v.patch => 0345-grub-editenv-Add-incr-command-to-increment-integer-v.patch (100%) rename 0366-Add-auto-hide-menu-support.patch => 0346-Add-auto-hide-menu-support.patch (96%) rename 0367-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch => 0347-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch (100%) rename 0368-Add-grub-set-bootflag-utility.patch => 0348-Add-grub-set-bootflag-utility.patch (100%) rename 0369-Fix-grub-setpassword-o-s-output-path.patch => 0349-Fix-grub-setpassword-o-s-output-path.patch (100%) rename 0370-Make-grub-set-password-be-named-like-all-the-other-g.patch => 0350-Make-grub-set-password-be-named-like-all-the-other-g.patch (100%) rename 0371-docs-Add-grub-boot-indeterminate.service-example.patch => 0351-docs-Add-grub-boot-indeterminate.service-example.patch (100%) rename 0372-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch => 0352-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch (100%) rename 0373-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch => 0353-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch (100%) rename 0374-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch => 0354-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch (96%) rename 0375-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch => 0355-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch (100%) rename 0376-gentpl-add-disable-support.patch => 0356-gentpl-add-disable-support.patch (100%) rename 0377-gentpl-add-pc-firmware-type.patch => 0357-gentpl-add-pc-firmware-type.patch (100%) rename 0378-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch => 0358-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch (97%) rename 0379-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch => 0359-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch (67%) rename 0381-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch => 0360-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch (91%) rename 0382-Don-t-build-the-fdt-command.patch => 0361-Don-t-build-the-fdt-command.patch (96%) rename 0383-blscfg-remove-unused-typedef.patch => 0362-blscfg-remove-unused-typedef.patch (100%) rename 0384-blscfg-don-t-dynamically-allocate-default_blsdir.patch => 0363-blscfg-don-t-dynamically-allocate-default_blsdir.patch (100%) rename 0385-blscfg-sort-BLS-entries-by-version-field.patch => 0364-blscfg-sort-BLS-entries-by-version-field.patch (100%) rename 0386-blscfg-remove-NULL-guards-around-grub_free.patch => 0365-blscfg-remove-NULL-guards-around-grub_free.patch (100%) rename 0387-blscfg-fix-filename-in-no-linux-key-error.patch => 0366-blscfg-fix-filename-in-no-linux-key-error.patch (100%) rename 0388-blscfg-don-t-leak-bls_entry.filename.patch => 0367-blscfg-don-t-leak-bls_entry.filename.patch (100%) rename 0389-blscfg-fix-compilation-on-EFI-and-EMU.patch => 0368-blscfg-fix-compilation-on-EFI-and-EMU.patch (100%) rename 0391-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch => 0369-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch (96%) create mode 100644 0370-blscfg-Get-rid-of-the-linuxefi-linux16-linux-distinc.patch delete mode 100644 0380-Make-the-linuxefi-module-just-be-the-x86-efi-version.patch delete mode 100644 0390-Fix-our-linuxefi-linux-command-reunion.patch delete mode 100644 0392-Jettison-the-non-linux16-linux-loader-make-linux16-p.patch diff --git a/0157-Add-support-for-Linux-EFI-stub-loading.patch b/0157-Add-support-for-Linux-EFI-stub-loading.patch new file mode 100644 index 00000000..b846e269 --- /dev/null +++ b/0157-Add-support-for-Linux-EFI-stub-loading.patch @@ -0,0 +1,935 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Tue, 10 Jul 2012 11:58:52 -0400 +Subject: [PATCH] Add support for Linux EFI stub loading. + +Also: + +commit 71c843745f22f81e16d259e2e19c99bf3c1855c1 +Author: Colin Watson +Date: Tue Oct 23 10:40:49 2012 -0400 + +Don't allow insmod when secure boot is enabled. + +Hi, + +Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine +as far as it goes. However, the insmod command is not the only way that +modules can be loaded. In particular, the 'normal' command, which +implements the usual GRUB menu and the fully-featured command prompt, +will implicitly load commands not currently loaded into memory. This +permits trivial Secure Boot violations by writing commands implementing +whatever you want to do and pointing $prefix at the malicious code. + +I'm currently test-building this patch (replacing your current +grub-2.00-no-insmod-on-sb.patch), but this should be more correct. It +moves the check into grub_dl_load_file. +--- + grub-core/Makefile.core.def | 17 +- + grub-core/kern/dl.c | 21 +++ + grub-core/kern/efi/efi.c | 28 ++++ + grub-core/kern/efi/mm.c | 32 ++++ + grub-core/loader/arm64/linux.c | 121 +++++++------- + grub-core/loader/efi/linux.c | 65 ++++++++ + grub-core/loader/i386/efi/linux.c | 335 ++++++++++++++++++++++++++++++++++++++ + grub-core/loader/i386/pc/linux.c | 10 +- + include/grub/arm64/linux.h | 7 + + include/grub/efi/efi.h | 4 + + include/grub/efi/linux.h | 31 ++++ + include/grub/i386/linux.h | 1 + + 12 files changed, 606 insertions(+), 66 deletions(-) + create mode 100644 grub-core/loader/efi/linux.c + create mode 100644 grub-core/loader/i386/efi/linux.c + create mode 100644 include/grub/efi/linux.h + +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index fc4767f1985..622381f5208 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -1627,13 +1627,6 @@ module = { + enable = i386_pc; + }; + +- +-module = { +- name = linux16; +- common = loader/i386/pc/linux.c; +- enable = x86; +-}; +- + module = { + name = ntldr; + i386_pc = loader/i386/pc/ntldr.c; +@@ -1686,7 +1679,9 @@ module = { + + module = { + name = linux; +- x86 = loader/i386/linux.c; ++ i386_pc = loader/i386/pc/linux.c; ++ x86_64_efi = loader/i386/efi/linux.c; ++ i386_efi = loader/i386/efi/linux.c; + xen = loader/i386/xen.c; + i386_pc = lib/i386/pc/vesa_modes_table.c; + mips = loader/mips/linux.c; +@@ -1695,9 +1690,15 @@ module = { + ia64_efi = loader/ia64/efi/linux.c; + arm = loader/arm/linux.c; + arm64 = loader/arm64/linux.c; ++ arm64 = loader/efi/linux.c; ++ emu = loader/emu/linux.c; ++ fdt = lib/fdt.c; ++ + common = loader/linux.c; + common = lib/cmdline.c; + enable = noemu; ++ ++ efi = loader/efi/linux.c; + }; + + module = { +diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c +index e394cd96f8c..04e804d1668 100644 +--- a/grub-core/kern/dl.c ++++ b/grub-core/kern/dl.c +@@ -38,6 +38,14 @@ + #define GRUB_MODULES_MACHINE_READONLY + #endif + ++#ifdef GRUB_MACHINE_EMU ++#include ++#endif ++ ++#ifdef GRUB_MACHINE_EFI ++#include ++#endif ++ + + + #pragma GCC diagnostic ignored "-Wcast-align" +@@ -686,6 +694,19 @@ grub_dl_load_file (const char *filename) + void *core = 0; + grub_dl_t mod = 0; + ++#ifdef GRUB_MACHINE_EFI ++ if (grub_efi_secure_boot ()) ++ { ++#if 0 ++ /* This is an error, but grub2-mkconfig still generates a pile of ++ * insmod commands, so emitting it would be mostly just obnoxious. */ ++ grub_error (GRUB_ERR_ACCESS_DENIED, ++ "Secure Boot forbids loading module from %s", filename); ++#endif ++ return 0; ++ } ++#endif ++ + grub_boot_time ("Loading module %s", filename); + + file = grub_file_open (filename); +diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c +index 708581fcbde..c8a9d8307c0 100644 +--- a/grub-core/kern/efi/efi.c ++++ b/grub-core/kern/efi/efi.c +@@ -273,6 +273,34 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, + return NULL; + } + ++grub_efi_boolean_t ++grub_efi_secure_boot (void) ++{ ++ grub_efi_guid_t efi_var_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID; ++ grub_size_t datasize; ++ char *secure_boot = NULL; ++ char *setup_mode = NULL; ++ grub_efi_boolean_t ret = 0; ++ ++ secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); ++ ++ if (datasize != 1 || !secure_boot) ++ goto out; ++ ++ setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); ++ ++ if (datasize != 1 || !setup_mode) ++ goto out; ++ ++ if (*secure_boot && !*setup_mode) ++ ret = 1; ++ ++ out: ++ grub_free (secure_boot); ++ grub_free (setup_mode); ++ return ret; ++} ++ + #pragma GCC diagnostic ignored "-Wcast-align" + + /* Search the mods section from the PE32/PE32+ image. This code uses +diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c +index c48e9b5c7c3..775daed16e6 100644 +--- a/grub-core/kern/efi/mm.c ++++ b/grub-core/kern/efi/mm.c +@@ -113,6 +113,38 @@ grub_efi_drop_alloc (grub_efi_physical_address_t address, + } + } + ++/* Allocate pages below a specified address */ ++void * ++grub_efi_allocate_pages_max (grub_efi_physical_address_t max, ++ grub_efi_uintn_t pages) ++{ ++ grub_efi_status_t status; ++ grub_efi_boot_services_t *b; ++ grub_efi_physical_address_t address = max; ++ ++ if (max > 0xffffffff) ++ return 0; ++ ++ b = grub_efi_system_table->boot_services; ++ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); ++ ++ if (status != GRUB_EFI_SUCCESS) ++ return 0; ++ ++ if (address == 0) ++ { ++ /* Uggh, the address 0 was allocated... This is too annoying, ++ so reallocate another one. */ ++ address = max; ++ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); ++ grub_efi_free_pages (0, pages); ++ if (status != GRUB_EFI_SUCCESS) ++ return 0; ++ } ++ ++ return (void *) ((grub_addr_t) address); ++} ++ + /* Allocate pages. Return the pointer to the first of allocated pages. */ + void * + grub_efi_allocate_pages_real (grub_efi_physical_address_t address, +diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c +index ebe1e730d63..ab0d27ee4df 100644 +--- a/grub-core/loader/arm64/linux.c ++++ b/grub-core/loader/arm64/linux.c +@@ -29,6 +29,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -40,6 +41,7 @@ static int loaded; + + static void *kernel_addr; + static grub_uint64_t kernel_size; ++static grub_uint32_t handover_offset; + + static char *linux_args; + static grub_uint32_t cmdline_size; +@@ -66,7 +68,8 @@ grub_arm64_uefi_check_image (struct linux_arm64_kernel_header * lh) + static grub_err_t + finalize_params_linux (void) + { +- int node, retval; ++ grub_efi_loaded_image_t *loaded_image = NULL; ++ int node, retval, len; + + void *fdt; + +@@ -101,79 +104,73 @@ finalize_params_linux (void) + if (grub_fdt_install() != GRUB_ERR_NONE) + goto failure; + +- return GRUB_ERR_NONE; +- +-failure: +- grub_fdt_unload(); +- return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); +-} +- +-grub_err_t +-grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, char *args) +-{ +- grub_efi_memory_mapped_device_path_t *mempath; +- grub_efi_handle_t image_handle; +- grub_efi_boot_services_t *b; +- grub_efi_status_t status; +- grub_efi_loaded_image_t *loaded_image; +- int len; +- +- mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t)); +- if (!mempath) +- return grub_errno; +- +- mempath[0].header.type = GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE; +- mempath[0].header.subtype = GRUB_EFI_MEMORY_MAPPED_DEVICE_PATH_SUBTYPE; +- mempath[0].header.length = grub_cpu_to_le16_compile_time (sizeof (*mempath)); +- mempath[0].memory_type = GRUB_EFI_LOADER_DATA; +- mempath[0].start_address = addr; +- mempath[0].end_address = addr + size; +- +- mempath[1].header.type = GRUB_EFI_END_DEVICE_PATH_TYPE; +- mempath[1].header.subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; +- mempath[1].header.length = sizeof (grub_efi_device_path_t); +- +- b = grub_efi_system_table->boot_services; +- status = b->load_image (0, grub_efi_image_handle, +- (grub_efi_device_path_t *) mempath, +- (void *) addr, size, &image_handle); +- if (status != GRUB_EFI_SUCCESS) +- return grub_error (GRUB_ERR_BAD_OS, "cannot load image"); +- +- grub_dprintf ("linux", "linux command line: '%s'\n", args); ++ grub_dprintf ("linux", "Installed/updated FDT configuration table @ %p\n", ++ fdt); + + /* Convert command line to UCS-2 */ +- loaded_image = grub_efi_get_loaded_image (image_handle); ++ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); ++ if (!loaded_image) ++ goto failure; ++ + loaded_image->load_options_size = len = +- (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t); ++ (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t); + loaded_image->load_options = + grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); + if (!loaded_image->load_options) +- return grub_errno; ++ return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters"); + + loaded_image->load_options_size = + 2 * grub_utf8_to_utf16 (loaded_image->load_options, len, +- (grub_uint8_t *) args, len, NULL); ++ (grub_uint8_t *) linux_args, len, NULL); + +- grub_dprintf ("linux", "starting image %p\n", image_handle); +- status = b->start_image (image_handle, 0, NULL); ++ return GRUB_ERR_NONE; + +- /* When successful, not reached */ +- b->unload_image (image_handle); +- grub_efi_free_pages ((grub_addr_t) loaded_image->load_options, +- GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); ++failure: ++ grub_fdt_unload(); ++ return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); ++} + +- return grub_errno; ++static void ++free_params (void) ++{ ++ grub_efi_loaded_image_t *loaded_image = NULL; ++ ++ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); ++ if (loaded_image) ++ { ++ if (loaded_image->load_options) ++ grub_efi_free_pages ((grub_efi_physical_address_t) ++ loaded_image->load_options, ++ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); ++ loaded_image->load_options = NULL; ++ loaded_image->load_options_size = 0; ++ } ++} ++ ++grub_err_t ++grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, char *args) ++{ ++ grub_err_t retval; ++ ++ retval = finalize_params_linux (); ++ if (retval != GRUB_ERR_NONE) ++ return grub_errno; ++ ++ grub_dprintf ("linux", "linux command line: '%s'\n", args); ++ ++ retval = grub_efi_linux_boot ((char *)kernel_addr, handover_offset, ++ kernel_addr); ++ ++ /* Never reached... */ ++ free_params(); ++ return retval; + } + + static grub_err_t + grub_linux_boot (void) + { +- if (finalize_params_linux () != GRUB_ERR_NONE) +- return grub_errno; +- +- return (grub_arm64_uefi_boot_image((grub_addr_t)kernel_addr, +- kernel_size, linux_args)); ++ return grub_arm64_uefi_boot_image ((grub_addr_t)kernel_addr, ++ kernel_size, linux_args); + } + + static grub_err_t +@@ -250,6 +247,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + { + grub_file_t file = 0; + struct linux_arm64_kernel_header lh; ++ struct grub_arm64_linux_pe_header *pe; + + grub_dl_ref (my_mod); + +@@ -294,6 +292,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + + grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); + ++ if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) ++ { ++ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); ++ goto fail; ++ } ++ ++ pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); ++ handover_offset = pe->opt.entry_addr; ++ + cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); + linux_args = grub_malloc (cmdline_size); + if (!linux_args) +diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c +new file mode 100644 +index 00000000000..aea378adf5c +--- /dev/null ++++ b/grub-core/loader/efi/linux.c +@@ -0,0 +1,65 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2014 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define SHIM_LOCK_GUID \ ++ { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } ++ ++struct grub_efi_shim_lock ++{ ++ grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); ++}; ++typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; ++ ++grub_efi_boolean_t ++grub_linuxefi_secure_validate (void *data, grub_uint32_t size) ++{ ++ grub_efi_guid_t guid = SHIM_LOCK_GUID; ++ grub_efi_shim_lock_t *shim_lock; ++ ++ shim_lock = grub_efi_locate_protocol(&guid, NULL); ++ ++ if (!shim_lock) ++ return 1; ++ ++ if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) ++ return 1; ++ ++ return 0; ++} ++ ++typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); ++ ++grub_err_t ++grub_efi_linux_boot (void *kernel_addr, grub_off_t offset, ++ void *kernel_params) ++{ ++ handover_func hf; ++ ++ hf = (handover_func)((char *)kernel_addr + offset); ++ hf (grub_efi_image_handle, grub_efi_system_table, kernel_params); ++ ++ return GRUB_ERR_BUG; ++} +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +new file mode 100644 +index 00000000000..3db82e782df +--- /dev/null ++++ b/grub-core/loader/i386/efi/linux.c +@@ -0,0 +1,335 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2012 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++GRUB_MOD_LICENSE ("GPLv3+"); ++ ++static grub_dl_t my_mod; ++static int loaded; ++static void *kernel_mem; ++static grub_uint64_t kernel_size; ++static grub_uint8_t *initrd_mem; ++static grub_uint32_t handover_offset; ++struct linux_kernel_params *params; ++static char *linux_cmdline; ++ ++#define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) ++ ++static grub_err_t ++grub_linuxefi_boot (void) ++{ ++ int offset = 0; ++ ++#ifdef __x86_64__ ++ offset = 512; ++#endif ++ asm volatile ("cli"); ++ ++ return grub_efi_linux_boot ((char *)kernel_mem, handover_offset + offset, ++ params); ++} ++ ++static grub_err_t ++grub_linuxefi_unload (void) ++{ ++ grub_dl_unref (my_mod); ++ loaded = 0; ++ if (initrd_mem) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, ++ BYTES_TO_PAGES(params->ramdisk_size)); ++ if (linux_cmdline) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) ++ linux_cmdline, ++ BYTES_TO_PAGES(params->cmdline_size + 1)); ++ if (kernel_mem) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, ++ BYTES_TO_PAGES(kernel_size)); ++ if (params) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, ++ BYTES_TO_PAGES(16384)); ++ return GRUB_ERR_NONE; ++} ++ ++static grub_err_t ++grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), ++ int argc, char *argv[]) ++{ ++ grub_file_t *files = 0; ++ int i, nfiles = 0; ++ grub_size_t size = 0; ++ grub_uint8_t *ptr; ++ ++ if (argc == 0) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); ++ goto fail; ++ } ++ ++ if (!loaded) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("you need to load the kernel first")); ++ goto fail; ++ } ++ ++ files = grub_zalloc (argc * sizeof (files[0])); ++ if (!files) ++ goto fail; ++ ++ for (i = 0; i < argc; i++) ++ { ++ grub_file_filter_disable_compression (); ++ files[i] = grub_file_open (argv[i]); ++ if (! files[i]) ++ goto fail; ++ nfiles++; ++ size += ALIGN_UP (grub_file_size (files[i]), 4); ++ } ++ ++ initrd_mem = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(size)); ++ if (!initrd_mem) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate initrd")); ++ goto fail; ++ } ++ ++ params->ramdisk_size = size; ++ params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; ++ ++ ptr = initrd_mem; ++ ++ for (i = 0; i < nfiles; i++) ++ { ++ grub_ssize_t cursize = grub_file_size (files[i]); ++ if (grub_file_read (files[i], ptr, cursize) != cursize) ++ { ++ if (!grub_errno) ++ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), ++ argv[i]); ++ goto fail; ++ } ++ ptr += cursize; ++ grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); ++ ptr += ALIGN_UP_OVERHEAD (cursize, 4); ++ } ++ ++ params->ramdisk_size = size; ++ ++ fail: ++ for (i = 0; i < nfiles; i++) ++ grub_file_close (files[i]); ++ grub_free (files); ++ ++ if (initrd_mem && grub_errno) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, ++ BYTES_TO_PAGES(size)); ++ ++ return grub_errno; ++} ++ ++static grub_err_t ++grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), ++ int argc, char *argv[]) ++{ ++ grub_file_t file = 0; ++ struct linux_kernel_header lh; ++ grub_ssize_t len, start, filelen; ++ void *kernel = NULL; ++ ++ grub_dl_ref (my_mod); ++ ++ if (argc == 0) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); ++ goto fail; ++ } ++ ++ file = grub_file_open (argv[0]); ++ if (! file) ++ goto fail; ++ ++ filelen = grub_file_size (file); ++ ++ kernel = grub_malloc(filelen); ++ ++ if (!kernel) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); ++ goto fail; ++ } ++ ++ if (grub_file_read (file, kernel, filelen) != filelen) ++ { ++ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); ++ goto fail; ++ } ++ ++ if (! grub_linuxefi_secure_validate (kernel, filelen)) ++ { ++ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), ++ argv[0]); ++ goto fail; ++ } ++ ++ params = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(16384)); ++ ++ if (! params) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); ++ goto fail; ++ } ++ ++ grub_memset (params, 0, 16384); ++ ++ grub_memcpy (&lh, kernel, sizeof (lh)); ++ ++ if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) ++ { ++ grub_error (GRUB_ERR_BAD_OS, N_("invalid magic number")); ++ goto fail; ++ } ++ ++ if (lh.setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) ++ { ++ grub_error (GRUB_ERR_BAD_OS, N_("too many setup sectors")); ++ goto fail; ++ } ++ ++ if (lh.version < grub_cpu_to_le16 (0x020b)) ++ { ++ grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); ++ goto fail; ++ } ++ ++ if (!lh.handover_offset) ++ { ++ grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support EFI handover")); ++ goto fail; ++ } ++ ++ grub_dprintf ("linux", "setting up cmdline\n"); ++ linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, ++ BYTES_TO_PAGES(lh.cmdline_size + 1)); ++ ++ if (!linux_cmdline) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); ++ goto fail; ++ } ++ ++ grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); ++ grub_create_loader_cmdline (argc, argv, ++ linux_cmdline + sizeof (LINUX_IMAGE) - 1, ++ lh.cmdline_size - (sizeof (LINUX_IMAGE) - 1)); ++ ++ lh.cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; ++ ++ handover_offset = lh.handover_offset; ++ ++ start = (lh.setup_sects + 1) * 512; ++ len = grub_file_size(file) - start; ++ ++ kernel_mem = grub_efi_allocate_pages_max(lh.pref_address, ++ BYTES_TO_PAGES(lh.init_size)); ++ ++ if (!kernel_mem) ++ kernel_mem = grub_efi_allocate_pages_max(0x3fffffff, ++ BYTES_TO_PAGES(lh.init_size)); ++ ++ if (!kernel_mem) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); ++ goto fail; ++ } ++ ++ grub_memcpy (kernel_mem, (char *)kernel + start, len); ++ grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); ++ loaded=1; ++ ++ lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; ++ grub_memcpy (params, &lh, 2 * 512); ++ ++ params->type_of_loader = 0x21; ++ ++ fail: ++ ++ if (file) ++ grub_file_close (file); ++ ++ if (kernel) ++ grub_free (kernel); ++ ++ if (grub_errno != GRUB_ERR_NONE) ++ { ++ grub_dl_unref (my_mod); ++ loaded = 0; ++ } ++ ++ if (linux_cmdline && !loaded) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) ++ linux_cmdline, ++ BYTES_TO_PAGES(lh.cmdline_size + 1)); ++ ++ if (kernel_mem && !loaded) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, ++ BYTES_TO_PAGES(kernel_size)); ++ ++ if (params && !loaded) ++ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, ++ BYTES_TO_PAGES(16384)); ++ ++ return grub_errno; ++} ++ ++static grub_command_t cmd_linux, cmd_initrd; ++static grub_command_t cmd_linuxefi, cmd_initrdefi; ++ ++GRUB_MOD_INIT(linux) ++{ ++ cmd_linux = ++ grub_register_command ("linux", grub_cmd_linux, ++ 0, N_("Load Linux.")); ++ cmd_linuxefi = ++ grub_register_command ("linuxefi", grub_cmd_linux, ++ 0, N_("Load Linux.")); ++ cmd_initrd = ++ grub_register_command ("initrd", grub_cmd_initrd, ++ 0, N_("Load initrd.")); ++ cmd_initrdefi = ++ grub_register_command ("initrdefi", grub_cmd_initrd, ++ 0, N_("Load initrd.")); ++ my_mod = mod; ++} ++ ++GRUB_MOD_FINI(linux) ++{ ++ grub_unregister_command (cmd_linux); ++ grub_unregister_command (cmd_linuxefi); ++ grub_unregister_command (cmd_initrd); ++ grub_unregister_command (cmd_initrdefi); ++} +diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c +index b69cb7a3a7f..a3c87cf2fc2 100644 +--- a/grub-core/loader/i386/pc/linux.c ++++ b/grub-core/loader/i386/pc/linux.c +@@ -468,14 +468,20 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), + return grub_errno; + } + +-static grub_command_t cmd_linux, cmd_initrd; ++static grub_command_t cmd_linux, cmd_linux16, cmd_initrd, cmd_initrd16; + + GRUB_MOD_INIT(linux16) + { + cmd_linux = ++ grub_register_command ("linux", grub_cmd_linux, ++ 0, N_("Load Linux.")); ++ cmd_linux16 = + grub_register_command ("linux16", grub_cmd_linux, + 0, N_("Load Linux.")); + cmd_initrd = ++ grub_register_command ("initrd", grub_cmd_initrd, ++ 0, N_("Load initrd.")); ++ cmd_initrd16 = + grub_register_command ("initrd16", grub_cmd_initrd, + 0, N_("Load initrd.")); + my_mod = mod; +@@ -484,5 +490,7 @@ GRUB_MOD_INIT(linux16) + GRUB_MOD_FINI(linux16) + { + grub_unregister_command (cmd_linux); ++ grub_unregister_command (cmd_linux16); + grub_unregister_command (cmd_initrd); ++ grub_unregister_command (cmd_initrd16); + } +diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h +index b0634762450..6ea38bd95ab 100644 +--- a/include/grub/arm64/linux.h ++++ b/include/grub/arm64/linux.h +@@ -20,6 +20,7 @@ + #define GRUB_ARM64_LINUX_HEADER 1 + + #include ++#include + + #define GRUB_LINUX_ARM64_MAGIC_SIGNATURE 0x644d5241 /* 'ARM\x64' */ + +@@ -41,5 +42,11 @@ struct linux_arm64_kernel_header + grub_err_t grub_arm64_uefi_check_image (struct linux_arm64_kernel_header *lh); + grub_err_t grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, + char *args); ++struct grub_arm64_linux_pe_header ++{ ++ grub_uint32_t magic; ++ struct grub_pe32_coff_header coff; ++ struct grub_pe64_optional_header opt; ++}; + + #endif /* ! GRUB_ARM64_LINUX_HEADER */ +diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h +index c996913e5bc..f68a19de442 100644 +--- a/include/grub/efi/efi.h ++++ b/include/grub/efi/efi.h +@@ -47,6 +47,9 @@ EXPORT_FUNC(grub_efi_allocate_fixed) (grub_efi_physical_address_t address, + grub_efi_uintn_t pages); + void * + EXPORT_FUNC(grub_efi_allocate_any_pages) (grub_efi_uintn_t pages); ++void * ++EXPORT_FUNC(grub_efi_allocate_pages_max) (grub_efi_physical_address_t max, ++ grub_efi_uintn_t pages); + void EXPORT_FUNC(grub_efi_free_pages) (grub_efi_physical_address_t address, + grub_efi_uintn_t pages); + int +@@ -81,6 +84,7 @@ EXPORT_FUNC (grub_efi_set_variable) (const char *var, + const grub_efi_guid_t *guid, + void *data, + grub_size_t datasize); ++grub_efi_boolean_t EXPORT_FUNC (grub_efi_secure_boot) (void); + int + EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1, + const grub_efi_device_path_t *dp2); +diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h +new file mode 100644 +index 00000000000..d9ede36773b +--- /dev/null ++++ b/include/grub/efi/linux.h +@@ -0,0 +1,31 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2014 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++#ifndef GRUB_EFI_LINUX_HEADER ++#define GRUB_EFI_LINUX_HEADER 1 ++ ++#include ++#include ++#include ++ ++grub_efi_boolean_t ++EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); ++grub_err_t ++EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, ++ void *kernel_param); ++ ++#endif /* ! GRUB_EFI_LINUX_HEADER */ +diff --git a/include/grub/i386/linux.h b/include/grub/i386/linux.h +index 0bd75881708..5d8282a7db6 100644 +--- a/include/grub/i386/linux.h ++++ b/include/grub/i386/linux.h +@@ -139,6 +139,7 @@ struct linux_i386_kernel_header + grub_uint64_t setup_data; + grub_uint64_t pref_address; + grub_uint32_t init_size; ++ grub_uint32_t handover_offset; + } GRUB_PACKED; + + /* Boot parameters for Linux based on 2.6.12. This is used by the setup diff --git a/0246-Rework-linux-command.patch b/0158-Rework-linux-command.patch similarity index 72% rename from 0246-Rework-linux-command.patch rename to 0158-Rework-linux-command.patch index 2128fe3e..4856fdb5 100644 --- a/0246-Rework-linux-command.patch +++ b/0158-Rework-linux-command.patch @@ -7,16 +7,18 @@ We want a single buffer that contains the entire kernel image in order to perform a TPM measurement. Allocate one and copy the entire kernel into it before pulling out the individual blocks later on. --- - grub-core/loader/i386/linux.c | 34 +++++++++++++++++++++------------- - 1 file changed, 21 insertions(+), 13 deletions(-) + grub-core/loader/i386/linux.c | 37 ++++++++++++++++++++++++------------- + 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index 930a90b1f32..626ec9fef0c 100644 +index 44301e12659..388c40abb8b 100644 --- a/grub-core/loader/i386/linux.c +++ b/grub-core/loader/i386/linux.c -@@ -681,12 +681,13 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -679,13 +679,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + { grub_file_t file = 0; struct linux_i386_kernel_header lh; ++ grub_uint8_t *linux_params_ptr; grub_uint8_t setup_sects; - grub_size_t real_size, prot_size, prot_file_size; + grub_size_t real_size, prot_size, prot_file_size, kernel_offset; @@ -29,7 +31,7 @@ index 930a90b1f32..626ec9fef0c 100644 grub_dl_ref (my_mod); -@@ -700,7 +701,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -699,7 +701,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), if (! file) goto fail; @@ -46,7 +48,7 @@ index 930a90b1f32..626ec9fef0c 100644 { if (!grub_errno) grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -708,6 +717,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -707,6 +717,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } @@ -56,7 +58,15 @@ index 930a90b1f32..626ec9fef0c 100644 if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55)) { grub_error (GRUB_ERR_BAD_OS, "invalid magic number"); -@@ -807,13 +819,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -798,6 +811,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + preferred_address)) + goto fail; + ++ + grub_memset (&linux_params, 0, sizeof (linux_params)); + grub_memcpy (&linux_params.setup_sects, &lh.setup_sects, sizeof (lh) - 0x1F1); + +@@ -806,13 +820,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), linux_params.ps_mouse = linux_params.padding10 = 0; len = sizeof (linux_params) - sizeof (lh); @@ -68,12 +78,13 @@ index 930a90b1f32..626ec9fef0c 100644 - goto fail; - } + -+ grub_memcpy (&linux_params + sizeof (lh), kernel + kernel_offset, len); ++ linux_params_ptr = (void *)&linux_params; ++ grub_memcpy (linux_params_ptr + sizeof (lh), kernel + kernel_offset, len); + kernel_offset += len; linux_params.type_of_loader = GRUB_LINUX_BOOT_LOADER_TYPE; -@@ -872,7 +880,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -871,7 +882,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), /* The other parameters are filled when booting. */ @@ -82,7 +93,7 @@ index 930a90b1f32..626ec9fef0c 100644 grub_dprintf ("linux", "bzImage, setup=0x%x, size=0x%x\n", (unsigned) real_size, (unsigned) prot_size); -@@ -1020,9 +1028,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -1019,9 +1030,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - (sizeof (LINUX_IMAGE) - 1)); len = prot_file_size; @@ -93,7 +104,7 @@ index 930a90b1f32..626ec9fef0c 100644 if (grub_errno == GRUB_ERR_NONE) { -@@ -1033,6 +1039,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -1032,6 +1041,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), fail: diff --git a/0247-Rework-linux16-command.patch b/0159-Rework-linux16-command.patch similarity index 87% rename from 0247-Rework-linux16-command.patch rename to 0159-Rework-linux16-command.patch index ec86d4ae..99d6e7c2 100644 --- a/0247-Rework-linux16-command.patch +++ b/0159-Rework-linux16-command.patch @@ -11,10 +11,10 @@ before pulling out the individual blocks later on. 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index ebe7630210b..e2bb1a99a74 100644 +index a3c87cf2fc2..caa76bee8af 100644 --- a/grub-core/loader/i386/pc/linux.c +++ b/grub-core/loader/i386/pc/linux.c -@@ -124,13 +124,14 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -123,13 +123,14 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), grub_file_t file = 0; struct linux_i386_kernel_header lh; grub_uint8_t setup_sects; @@ -30,7 +30,7 @@ index ebe7630210b..e2bb1a99a74 100644 grub_dl_ref (my_mod); -@@ -144,7 +145,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -143,7 +144,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), if (! file) goto fail; @@ -47,7 +47,7 @@ index ebe7630210b..e2bb1a99a74 100644 { if (!grub_errno) grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -152,6 +161,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -151,6 +160,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } @@ -57,7 +57,7 @@ index ebe7630210b..e2bb1a99a74 100644 if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55)) { grub_error (GRUB_ERR_BAD_OS, "invalid magic number"); -@@ -315,13 +327,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -314,13 +326,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), grub_memmove (grub_linux_real_chunk, &lh, sizeof (lh)); len = real_size + GRUB_DISK_SECTOR_SIZE - sizeof (lh); @@ -74,7 +74,7 @@ index ebe7630210b..e2bb1a99a74 100644 if (lh.header != grub_cpu_to_le32_compile_time (GRUB_LINUX_I386_MAGIC_SIGNATURE) || grub_le_to_cpu16 (lh.version) < 0x0200) -@@ -356,10 +364,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -355,10 +363,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), } len = grub_linux16_prot_size; @@ -87,7 +87,7 @@ index ebe7630210b..e2bb1a99a74 100644 if (grub_errno == GRUB_ERR_NONE) { -@@ -369,6 +375,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -368,6 +374,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), fail: diff --git a/0160-Add-secureboot-support-on-efi-chainloader.patch b/0160-Add-secureboot-support-on-efi-chainloader.patch new file mode 100644 index 00000000..051071d8 --- /dev/null +++ b/0160-Add-secureboot-support-on-efi-chainloader.patch @@ -0,0 +1,1390 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Raymund Will +Date: Fri, 10 Apr 2015 01:45:02 -0400 +Subject: [PATCH] Add secureboot support on efi chainloader + +Expand the chainloader to be able to verify the image by means of shim +lock protocol. The PE/COFF image is loaded and relocated by the +chainloader instead of calling LoadImage and StartImage UEFI boot +Service as they require positive verification result from keys enrolled +in KEK or DB. The shim will use MOK in addition to firmware enrolled +keys to verify the image. + +The chainloader module could be used to load other UEFI bootloaders, +such as xen.efi, and could be signed by any of MOK, KEK or DB. + +Based on https://build.opensuse.org/package/view_file/openSUSE:Factory/grub2/grub2-secureboot-chainloader.patch + +Signed-off-by: Peter Jones + +Also: + +commit cd7a8984d4fda905877b5bfe466339100156b3bc +Author: Raymund Will +Date: Fri Apr 10 01:45:02 2015 -0400 + +Use device part of chainloader target, if present. + +Otherwise chainloading is restricted to '$root', which might not even +be readable by EFI! + +v1. use grub_file_get_device_name() to get device name + +Signed-off-by: Michael Chang +Signed-off-by: Peter Jones + +Also: + +commit 0872a2310a0eeac4ecfe9e1b49dd2d72ab373039 +Author: Peter Jones +Date: Fri Jun 10 14:06:15 2016 -0400 + +Rework even more of efi chainload so non-sb cases work right. + +This ensures that if shim protocol is not loaded, or is loaded but shim +is disabled, we will fall back to a correct load method for the efi +chain loader. + +Here's what I tested with this version: + +results expected actual +------------------------------------------------------------ +sb + enabled + shim + fedora success success +sb + enabled + shim + win success success +sb + enabled + grub + fedora fail fail +sb + enabled + grub + win fail fail + +sb + mokdisabled + shim + fedora success success +sb + mokdisabled + shim + win success success +sb + mokdisabled + grub + fedora fail fail +sb + mokdisabled + grub + win fail fail + +sb disabled + shim + fedora success success* +sb disabled + shim + win success success* +sb disabled + grub + fedora success success +sb disabled + grub + win success success + +nosb + shim + fedora success success* +nosb + shim + win success success* +nosb + grub + fedora success success +nosb + grub + win success success + +* for some reason shim protocol is being installed in these cases, and I + can't see why, but I think it may be this firmware build returning an + erroneous value. But this effectively falls back to the mokdisabled + behavior, which works correctly, and the presence of the "grub" (i.e. + no shim) tests effectively tests the desired behavior here. + +Resolves: rhbz#1344512 + +Signed-off-by: Peter Jones + +Also: + +commit ff7b1cb7f69487870211aeb69ff4f54470fbcb58 +Author: Laszlo Ersek +Date: Mon Nov 21 15:34:00 2016 +0100 + +efi/chainloader: fix wrong sanity check in relocate_coff() + +In relocate_coff(), the relocation entries are parsed from the original +image (not the section-wise copied image). The original image is +pointed-to by the "orig" pointer. The current check + + (void *)reloc_end < data + +compares the addresses of independent memory allocations. "data" is a typo +here, it should be "orig". + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 +Signed-off-by: Laszlo Ersek +Tested-by: Bogdan Costescu +Tested-by: Juan Orti + +Also: + +commit ab4ba9997ad4832449e54d930fa2aac6a160d0e9 +Author: Laszlo Ersek +Date: Wed Nov 23 06:27:09 2016 +0100 + +efi/chainloader: truncate overlong relocation section + +The UEFI Windows 7 boot loader ("EFI/Microsoft/Boot/bootmgfw.efi", SHA1 +31b410e029bba87d2068c65a80b88882f9f8ea25) has inconsistent headers. + +Compare: + +> The Data Directory +> ... +> Entry 5 00000000000d9000 00000574 Base Relocation Directory [.reloc] + +Versus: + +> Sections: +> Idx Name Size VMA LMA File off ... +> ... +> 10 .reloc 00000e22 00000000100d9000 00000000100d9000 000a1800 ... + +That is, the size reported by the RelocDir entry (0x574) is smaller than +the virtual size of the .reloc section (0xe22). + +Quoting the grub2 debug log for the same: + +> chainloader.c:595: reloc_dir: 0xd9000 reloc_size: 0x00000574 +> chainloader.c:603: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 +> ... +> chainloader.c:620: Section 10 ".reloc" at 0x7d208000..0x7d208e21 +> chainloader.c:661: section is not reloc section? +> chainloader.c:663: rds: 0x00001000, vs: 00000e22 +> chainloader.c:664: base: 0x7d208000 end: 0x7d208e21 +> chainloader.c:666: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 +> chainloader.c:671: Section characteristics are 42000040 +> chainloader.c:673: Section virtual size: 00000e22 +> chainloader.c:675: Section raw_data size: 00001000 +> chainloader.c:678: Discarding section + +After hexdumping "bootmgfw.efi" and manually walking its relocation blocks +(yes, really), I determined that the (smaller) RelocDir value is correct. +The remaining area that extends up to the .reloc section size (== 0xe22 - +0x574 == 0x8ae bytes) exists as zero padding in the file. + +This zero padding shouldn't be passed to relocate_coff() for parsing. In +order to cope with it, split the handling of .reloc sections into the +following branches: + +- original case (equal size): original behavior (--> relocation + attempted), + +- overlong .reloc section (longer than reported by RelocDir): truncate the + section to the RelocDir size for the purposes of relocate_coff(), and + attempt relocation, + +- .reloc section is too short, or other checks fail: original behavior + (--> relocation not attempted). + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 +Signed-off-by: Laszlo Ersek +--- + grub-core/kern/efi/efi.c | 14 +- + grub-core/loader/arm64/linux.c | 4 +- + grub-core/loader/efi/chainloader.c | 817 +++++++++++++++++++++++++++++++++---- + grub-core/loader/efi/linux.c | 25 +- + grub-core/loader/i386/efi/linux.c | 17 +- + include/grub/efi/linux.h | 2 +- + include/grub/efi/pe32.h | 52 ++- + 7 files changed, 840 insertions(+), 91 deletions(-) + +diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c +index c8a9d8307c0..91129e33566 100644 +--- a/grub-core/kern/efi/efi.c ++++ b/grub-core/kern/efi/efi.c +@@ -283,14 +283,20 @@ grub_efi_secure_boot (void) + grub_efi_boolean_t ret = 0; + + secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); +- + if (datasize != 1 || !secure_boot) +- goto out; ++ { ++ grub_dprintf ("secureboot", "No SecureBoot variable\n"); ++ goto out; ++ } ++ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); + + setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); +- + if (datasize != 1 || !setup_mode) +- goto out; ++ { ++ grub_dprintf ("secureboot", "No SetupMode variable\n"); ++ goto out; ++ } ++ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); + + if (*secure_boot && !*setup_mode) + ret = 1; +diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c +index ab0d27ee4df..fcab2ed37e7 100644 +--- a/grub-core/loader/arm64/linux.c ++++ b/grub-core/loader/arm64/linux.c +@@ -248,6 +248,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + grub_file_t file = 0; + struct linux_arm64_kernel_header lh; + struct grub_arm64_linux_pe_header *pe; ++ int rc; + + grub_dl_ref (my_mod); + +@@ -292,7 +293,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + + grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); + +- if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) ++ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); ++ if (rc < 0) + { + grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); + goto fail; +diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c +index adc85636633..af2189619a3 100644 +--- a/grub-core/loader/efi/chainloader.c ++++ b/grub-core/loader/efi/chainloader.c +@@ -32,6 +32,8 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include +@@ -46,9 +48,14 @@ static grub_dl_t my_mod; + + static grub_efi_physical_address_t address; + static grub_efi_uintn_t pages; ++static grub_ssize_t fsize; + static grub_efi_device_path_t *file_path; + static grub_efi_handle_t image_handle; + static grub_efi_char16_t *cmdline; ++static grub_ssize_t cmdline_len; ++static grub_efi_handle_t dev_handle; ++ ++static grub_efi_status_t (*entry_point) (grub_efi_handle_t image_handle, grub_efi_system_table_t *system_table); + + static grub_err_t + grub_chainloader_unload (void) +@@ -63,6 +70,7 @@ grub_chainloader_unload (void) + grub_free (cmdline); + cmdline = 0; + file_path = 0; ++ dev_handle = 0; + + grub_dl_unref (my_mod); + return GRUB_ERR_NONE; +@@ -173,7 +181,6 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) + /* Fill the file path for the directory. */ + d = (grub_efi_device_path_t *) ((char *) file_path + + ((char *) d - (char *) dp)); +- grub_efi_print_device_path (d); + copy_file_path ((grub_efi_file_path_device_path_t *) d, + dir_start, dir_end - dir_start); + +@@ -191,20 +198,690 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) + return file_path; + } + ++#define SHIM_LOCK_GUID \ ++ { 0x605dab50, 0xe046, 0x4300, { 0xab,0xb6,0x3d,0xd8,0x10,0xdd,0x8b,0x23 } } ++ ++typedef union ++{ ++ struct grub_pe32_header_32 pe32; ++ struct grub_pe32_header_64 pe32plus; ++} grub_pe_header_t; ++ ++struct pe_coff_loader_image_context ++{ ++ grub_efi_uint64_t image_address; ++ grub_efi_uint64_t image_size; ++ grub_efi_uint64_t entry_point; ++ grub_efi_uintn_t size_of_headers; ++ grub_efi_uint16_t image_type; ++ grub_efi_uint16_t number_of_sections; ++ grub_efi_uint32_t section_alignment; ++ struct grub_pe32_section_table *first_section; ++ struct grub_pe32_data_directory *reloc_dir; ++ struct grub_pe32_data_directory *sec_dir; ++ grub_efi_uint64_t number_of_rva_and_sizes; ++ grub_pe_header_t *pe_hdr; ++}; ++ ++typedef struct pe_coff_loader_image_context pe_coff_loader_image_context_t; ++ ++struct grub_efi_shim_lock ++{ ++ grub_efi_status_t (*verify)(void *buffer, ++ grub_efi_uint32_t size); ++ grub_efi_status_t (*hash)(void *data, ++ grub_efi_int32_t datasize, ++ pe_coff_loader_image_context_t *context, ++ grub_efi_uint8_t *sha256hash, ++ grub_efi_uint8_t *sha1hash); ++ grub_efi_status_t (*context)(void *data, ++ grub_efi_uint32_t size, ++ pe_coff_loader_image_context_t *context); ++}; ++ ++typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; ++ ++static grub_efi_boolean_t ++read_header (void *data, grub_efi_uint32_t size, ++ pe_coff_loader_image_context_t *context) ++{ ++ grub_efi_guid_t guid = SHIM_LOCK_GUID; ++ grub_efi_shim_lock_t *shim_lock; ++ grub_efi_status_t status; ++ ++ shim_lock = grub_efi_locate_protocol (&guid, NULL); ++ if (!shim_lock) ++ { ++ grub_dprintf ("chain", "no shim lock protocol"); ++ return 0; ++ } ++ ++ status = shim_lock->context (data, size, context); ++ ++ if (status == GRUB_EFI_SUCCESS) ++ { ++ grub_dprintf ("chain", "context success\n"); ++ return 1; ++ } ++ ++ switch (status) ++ { ++ case GRUB_EFI_UNSUPPORTED: ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error unsupported"); ++ break; ++ case GRUB_EFI_INVALID_PARAMETER: ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error invalid parameter"); ++ break; ++ default: ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error code"); ++ break; ++ } ++ ++ return -1; ++} ++ ++static void* ++image_address (void *image, grub_efi_uint64_t sz, grub_efi_uint64_t adr) ++{ ++ if (adr > sz) ++ return NULL; ++ ++ return ((grub_uint8_t*)image + adr); ++} ++ ++static int ++image_is_64_bit (grub_pe_header_t *pe_hdr) ++{ ++ /* .Magic is the same offset in all cases */ ++ if (pe_hdr->pe32plus.optional_header.magic == GRUB_PE32_PE64_MAGIC) ++ return 1; ++ return 0; ++} ++ ++static const grub_uint16_t machine_type __attribute__((__unused__)) = ++#if defined(__x86_64__) ++ GRUB_PE32_MACHINE_X86_64; ++#elif defined(__aarch64__) ++ GRUB_PE32_MACHINE_ARM64; ++#elif defined(__arm__) ++ GRUB_PE32_MACHINE_ARMTHUMB_MIXED; ++#elif defined(__i386__) || defined(__i486__) || defined(__i686__) ++ GRUB_PE32_MACHINE_I386; ++#elif defined(__ia64__) ++ GRUB_PE32_MACHINE_IA64; ++#else ++#error this architecture is not supported by grub2 ++#endif ++ ++static grub_efi_status_t ++relocate_coff (pe_coff_loader_image_context_t *context, ++ struct grub_pe32_section_table *section, ++ void *orig, void *data) ++{ ++ struct grub_pe32_data_directory *reloc_base, *reloc_base_end; ++ grub_efi_uint64_t adjust; ++ struct grub_pe32_fixup_block *reloc, *reloc_end; ++ char *fixup, *fixup_base, *fixup_data = NULL; ++ grub_efi_uint16_t *fixup_16; ++ grub_efi_uint32_t *fixup_32; ++ grub_efi_uint64_t *fixup_64; ++ grub_efi_uint64_t size = context->image_size; ++ void *image_end = (char *)orig + size; ++ int n = 0; ++ ++ if (image_is_64_bit (context->pe_hdr)) ++ context->pe_hdr->pe32plus.optional_header.image_base = ++ (grub_uint64_t)(unsigned long)data; ++ else ++ context->pe_hdr->pe32.optional_header.image_base = ++ (grub_uint32_t)(unsigned long)data; ++ ++ /* Alright, so here's how this works: ++ * ++ * context->reloc_dir gives us two things: ++ * - the VA the table of base relocation blocks are (maybe) to be ++ * mapped at (reloc_dir->rva) ++ * - the virtual size (reloc_dir->size) ++ * ++ * The .reloc section (section here) gives us some other things: ++ * - the name! kind of. (section->name) ++ * - the virtual size (section->virtual_size), which should be the same ++ * as RelocDir->Size ++ * - the virtual address (section->virtual_address) ++ * - the file section size (section->raw_data_size), which is ++ * a multiple of optional_header->file_alignment. Only useful for image ++ * validation, not really useful for iteration bounds. ++ * - the file address (section->raw_data_offset) ++ * - a bunch of stuff we don't use that's 0 in our binaries usually ++ * - Flags (section->characteristics) ++ * ++ * and then the thing that's actually at the file address is an array ++ * of struct grub_pe32_fixup_block structs with some values packed behind ++ * them. The block_size field of this structure includes the ++ * structure itself, and adding it to that structure's address will ++ * yield the next entry in the array. ++ */ ++ ++ reloc_base = image_address (orig, size, section->raw_data_offset); ++ reloc_base_end = image_address (orig, size, section->raw_data_offset ++ + section->virtual_size); ++ ++ grub_dprintf ("chain", "relocate_coff(): reloc_base %p reloc_base_end %p\n", ++ reloc_base, reloc_base_end); ++ ++ if (!reloc_base && !reloc_base_end) ++ return GRUB_EFI_SUCCESS; ++ ++ if (!reloc_base || !reloc_base_end) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc table overflows binary"); ++ return GRUB_EFI_UNSUPPORTED; ++ } ++ ++ adjust = (grub_uint64_t)(grub_efi_uintn_t)data - context->image_address; ++ if (adjust == 0) ++ return GRUB_EFI_SUCCESS; ++ ++ while (reloc_base < reloc_base_end) ++ { ++ grub_uint16_t *entry; ++ reloc = (struct grub_pe32_fixup_block *)((char*)reloc_base); ++ ++ if ((reloc_base->size == 0) || ++ (reloc_base->size > context->reloc_dir->size)) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, ++ "Reloc %d block size %d is invalid\n", n, ++ reloc_base->size); ++ return GRUB_EFI_UNSUPPORTED; ++ } ++ ++ entry = &reloc->entries[0]; ++ reloc_end = (struct grub_pe32_fixup_block *) ++ ((char *)reloc_base + reloc_base->size); ++ ++ if ((void *)reloc_end < orig || (void *)reloc_end > image_end) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc entry %d overflows binary", ++ n); ++ return GRUB_EFI_UNSUPPORTED; ++ } ++ ++ fixup_base = image_address(data, size, reloc_base->rva); ++ ++ if (!fixup_base) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc %d Invalid fixupbase", n); ++ return GRUB_EFI_UNSUPPORTED; ++ } ++ ++ while ((void *)entry < (void *)reloc_end) ++ { ++ fixup = fixup_base + (*entry & 0xFFF); ++ switch ((*entry) >> 12) ++ { ++ case GRUB_PE32_REL_BASED_ABSOLUTE: ++ break; ++ case GRUB_PE32_REL_BASED_HIGH: ++ fixup_16 = (grub_uint16_t *)fixup; ++ *fixup_16 = (grub_uint16_t) ++ (*fixup_16 + ((grub_uint16_t)((grub_uint32_t)adjust >> 16))); ++ if (fixup_data != NULL) ++ { ++ *(grub_uint16_t *) fixup_data = *fixup_16; ++ fixup_data = fixup_data + sizeof (grub_uint16_t); ++ } ++ break; ++ case GRUB_PE32_REL_BASED_LOW: ++ fixup_16 = (grub_uint16_t *)fixup; ++ *fixup_16 = (grub_uint16_t) (*fixup_16 + (grub_uint16_t)adjust); ++ if (fixup_data != NULL) ++ { ++ *(grub_uint16_t *) fixup_data = *fixup_16; ++ fixup_data = fixup_data + sizeof (grub_uint16_t); ++ } ++ break; ++ case GRUB_PE32_REL_BASED_HIGHLOW: ++ fixup_32 = (grub_uint32_t *)fixup; ++ *fixup_32 = *fixup_32 + (grub_uint32_t)adjust; ++ if (fixup_data != NULL) ++ { ++ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint32_t)); ++ *(grub_uint32_t *) fixup_data = *fixup_32; ++ fixup_data += sizeof (grub_uint32_t); ++ } ++ break; ++ case GRUB_PE32_REL_BASED_DIR64: ++ fixup_64 = (grub_uint64_t *)fixup; ++ *fixup_64 = *fixup_64 + (grub_uint64_t)adjust; ++ if (fixup_data != NULL) ++ { ++ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint64_t)); ++ *(grub_uint64_t *) fixup_data = *fixup_64; ++ fixup_data += sizeof (grub_uint64_t); ++ } ++ break; ++ default: ++ grub_error (GRUB_ERR_BAD_ARGUMENT, ++ "Reloc %d unknown relocation type %d", ++ n, (*entry) >> 12); ++ return GRUB_EFI_UNSUPPORTED; ++ } ++ entry += 1; ++ } ++ reloc_base = (struct grub_pe32_data_directory *)reloc_end; ++ n++; ++ } ++ ++ return GRUB_EFI_SUCCESS; ++} ++ ++static grub_efi_device_path_t * ++grub_efi_get_media_file_path (grub_efi_device_path_t *dp) ++{ ++ while (1) ++ { ++ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); ++ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); ++ ++ if (type == GRUB_EFI_END_DEVICE_PATH_TYPE) ++ break; ++ else if (type == GRUB_EFI_MEDIA_DEVICE_PATH_TYPE ++ && subtype == GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE) ++ return dp; ++ ++ dp = GRUB_EFI_NEXT_DEVICE_PATH (dp); ++ } ++ ++ return NULL; ++} ++ ++static grub_efi_boolean_t ++handle_image (void *data, grub_efi_uint32_t datasize) ++{ ++ grub_efi_boot_services_t *b; ++ grub_efi_loaded_image_t *li, li_bak; ++ grub_efi_status_t efi_status; ++ char *buffer = NULL; ++ char *buffer_aligned = NULL; ++ grub_efi_uint32_t i; ++ struct grub_pe32_section_table *section; ++ char *base, *end; ++ pe_coff_loader_image_context_t context; ++ grub_uint32_t section_alignment; ++ grub_uint32_t buffer_size; ++ int found_entry_point = 0; ++ int rc; ++ ++ b = grub_efi_system_table->boot_services; ++ ++ rc = read_header (data, datasize, &context); ++ if (rc < 0) ++ { ++ grub_dprintf ("chain", "Failed to read header\n"); ++ goto error_exit; ++ } ++ else if (rc == 0) ++ { ++ grub_dprintf ("chain", "Secure Boot is not enabled\n"); ++ return 0; ++ } ++ else ++ { ++ grub_dprintf ("chain", "Header read without error\n"); ++ } ++ ++ /* ++ * The spec says, uselessly, of SectionAlignment: ++ * ===== ++ * The alignment (in bytes) of sections when they are loaded into ++ * memory. It must be greater than or equal to FileAlignment. The ++ * default is the page size for the architecture. ++ * ===== ++ * Which doesn't tell you whose responsibility it is to enforce the ++ * "default", or when. It implies that the value in the field must ++ * be > FileAlignment (also poorly defined), but it appears visual ++ * studio will happily write 512 for FileAlignment (its default) and ++ * 0 for SectionAlignment, intending to imply PAGE_SIZE. ++ * ++ * We only support one page size, so if it's zero, nerf it to 4096. ++ */ ++ section_alignment = context.section_alignment; ++ if (section_alignment == 0) ++ section_alignment = 4096; ++ ++ buffer_size = context.image_size + section_alignment; ++ grub_dprintf ("chain", "image size is %08"PRIxGRUB_UINT64_T", datasize is %08x\n", ++ context.image_size, datasize); ++ ++ efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, ++ buffer_size, &buffer); ++ ++ if (efi_status != GRUB_EFI_SUCCESS) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); ++ goto error_exit; ++ } ++ ++ buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment); ++ if (!buffer_aligned) ++ { ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); ++ goto error_exit; ++ } ++ ++ grub_memcpy (buffer_aligned, data, context.size_of_headers); ++ ++ entry_point = image_address (buffer_aligned, context.image_size, ++ context.entry_point); ++ ++ grub_dprintf ("chain", "entry_point: %p\n", entry_point); ++ if (!entry_point) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point"); ++ goto error_exit; ++ } ++ ++ char *reloc_base, *reloc_base_end; ++ grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n", ++ (void *)(unsigned long)context.reloc_dir->rva, ++ context.reloc_dir->size); ++ reloc_base = image_address (buffer_aligned, context.image_size, ++ context.reloc_dir->rva); ++ /* RelocBaseEnd here is the address of the last byte of the table */ ++ reloc_base_end = image_address (buffer_aligned, context.image_size, ++ context.reloc_dir->rva ++ + context.reloc_dir->size - 1); ++ grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n", ++ reloc_base, reloc_base_end); ++ ++ struct grub_pe32_section_table *reloc_section = NULL, fake_reloc_section; ++ ++ section = context.first_section; ++ for (i = 0; i < context.number_of_sections; i++, section++) ++ { ++ char name[9]; ++ ++ base = image_address (buffer_aligned, context.image_size, ++ section->virtual_address); ++ end = image_address (buffer_aligned, context.image_size, ++ section->virtual_address + section->virtual_size -1); ++ ++ grub_strncpy(name, section->name, 9); ++ name[8] = '\0'; ++ grub_dprintf ("chain", "Section %d \"%s\" at %p..%p\n", i, ++ name, base, end); ++ ++ if (end < base) ++ { ++ grub_dprintf ("chain", " base is %p but end is %p... bad.\n", ++ base, end); ++ grub_error (GRUB_ERR_BAD_ARGUMENT, ++ "Image has invalid negative size"); ++ goto error_exit; ++ } ++ ++ if (section->virtual_address <= context.entry_point && ++ (section->virtual_address + section->raw_data_size - 1) ++ > context.entry_point) ++ { ++ found_entry_point++; ++ grub_dprintf ("chain", " section contains entry point\n"); ++ } ++ ++ /* We do want to process .reloc, but it's often marked ++ * discardable, so we don't want to memcpy it. */ ++ if (grub_memcmp (section->name, ".reloc\0\0", 8) == 0) ++ { ++ if (reloc_section) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, ++ "Image has multiple relocation sections"); ++ goto error_exit; ++ } ++ ++ /* If it has nonzero sizes, and our bounds check ++ * made sense, and the VA and size match RelocDir's ++ * versions, then we believe in this section table. */ ++ if (section->raw_data_size && section->virtual_size && ++ base && end && reloc_base == base) ++ { ++ if (reloc_base_end == end) ++ { ++ grub_dprintf ("chain", " section is relocation section\n"); ++ reloc_section = section; ++ } ++ else if (reloc_base_end && reloc_base_end < end) ++ { ++ /* Bogus virtual size in the reloc section -- RelocDir ++ * reported a smaller Base Relocation Directory. Decrease ++ * the section's virtual size so that it equal RelocDir's ++ * idea, but only for the purposes of relocate_coff(). */ ++ grub_dprintf ("chain", ++ " section is (overlong) relocation section\n"); ++ grub_memcpy (&fake_reloc_section, section, sizeof *section); ++ fake_reloc_section.virtual_size -= (end - reloc_base_end); ++ reloc_section = &fake_reloc_section; ++ } ++ } ++ ++ if (!reloc_section) ++ { ++ grub_dprintf ("chain", " section is not reloc section?\n"); ++ grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n", ++ section->raw_data_size, section->virtual_size); ++ grub_dprintf ("chain", " base: %p end: %p\n", base, end); ++ grub_dprintf ("chain", " reloc_base: %p reloc_base_end: %p\n", ++ reloc_base, reloc_base_end); ++ } ++ } ++ ++ grub_dprintf ("chain", " Section characteristics are %08x\n", ++ section->characteristics); ++ grub_dprintf ("chain", " Section virtual size: %08x\n", ++ section->virtual_size); ++ grub_dprintf ("chain", " Section raw_data size: %08x\n", ++ section->raw_data_size); ++ if (section->characteristics & GRUB_PE32_SCN_MEM_DISCARDABLE) ++ { ++ grub_dprintf ("chain", " Discarding section\n"); ++ continue; ++ } ++ ++ if (!base || !end) ++ { ++ grub_dprintf ("chain", " section is invalid\n"); ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size"); ++ goto error_exit; ++ } ++ ++ if (section->characteristics & GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA) ++ { ++ if (section->raw_data_size != 0) ++ grub_dprintf ("chain", " UNINITIALIZED_DATA section has data?\n"); ++ } ++ else if (section->virtual_address < context.size_of_headers || ++ section->raw_data_offset < context.size_of_headers) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, ++ "Section %d is inside image headers", i); ++ goto error_exit; ++ } ++ ++ if (section->raw_data_size > 0) ++ { ++ grub_dprintf ("chain", " copying 0x%08x bytes to %p\n", ++ section->raw_data_size, base); ++ grub_memcpy (base, ++ (grub_efi_uint8_t*)data + section->raw_data_offset, ++ section->raw_data_size); ++ } ++ ++ if (section->raw_data_size < section->virtual_size) ++ { ++ grub_dprintf ("chain", " padding with 0x%08x bytes at %p\n", ++ section->virtual_size - section->raw_data_size, ++ base + section->raw_data_size); ++ grub_memset (base + section->raw_data_size, 0, ++ section->virtual_size - section->raw_data_size); ++ } ++ ++ grub_dprintf ("chain", " finished section %s\n", name); ++ } ++ ++ /* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */ ++ if (context.number_of_rva_and_sizes <= 5) ++ { ++ grub_dprintf ("chain", "image has no relocation entry\n"); ++ goto error_exit; ++ } ++ ++ if (context.reloc_dir->size && reloc_section) ++ { ++ /* run the relocation fixups */ ++ efi_status = relocate_coff (&context, reloc_section, data, ++ buffer_aligned); ++ ++ if (efi_status != GRUB_EFI_SUCCESS) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "relocation failed"); ++ goto error_exit; ++ } ++ } ++ ++ if (!found_entry_point) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "entry point is not within sections"); ++ goto error_exit; ++ } ++ if (found_entry_point > 1) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "%d sections contain entry point", ++ found_entry_point); ++ goto error_exit; ++ } ++ ++ li = grub_efi_get_loaded_image (grub_efi_image_handle); ++ if (!li) ++ { ++ grub_error (GRUB_ERR_BAD_ARGUMENT, "no loaded image available"); ++ goto error_exit; ++ } ++ ++ grub_memcpy (&li_bak, li, sizeof (grub_efi_loaded_image_t)); ++ li->image_base = buffer_aligned; ++ li->image_size = context.image_size; ++ li->load_options = cmdline; ++ li->load_options_size = cmdline_len; ++ li->file_path = grub_efi_get_media_file_path (file_path); ++ li->device_handle = dev_handle; ++ if (!li->file_path) ++ { ++ grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found"); ++ goto error_exit; ++ } ++ ++ grub_dprintf ("chain", "booting via entry point\n"); ++ efi_status = efi_call_2 (entry_point, grub_efi_image_handle, ++ grub_efi_system_table); ++ ++ grub_dprintf ("chain", "entry_point returned %ld\n", efi_status); ++ grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); ++ efi_status = efi_call_1 (b->free_pool, buffer); ++ ++ return 1; ++ ++error_exit: ++ grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno); ++ if (buffer) ++ efi_call_1 (b->free_pool, buffer); ++ ++ return 0; ++} ++ ++static grub_err_t ++grub_secureboot_chainloader_unload (void) ++{ ++ grub_efi_boot_services_t *b; ++ ++ b = grub_efi_system_table->boot_services; ++ efi_call_2 (b->free_pages, address, pages); ++ grub_free (file_path); ++ grub_free (cmdline); ++ cmdline = 0; ++ file_path = 0; ++ dev_handle = 0; ++ ++ grub_dl_unref (my_mod); ++ return GRUB_ERR_NONE; ++} ++ ++static grub_err_t ++grub_load_and_start_image(void *boot_image) ++{ ++ grub_efi_boot_services_t *b; ++ grub_efi_status_t status; ++ grub_efi_loaded_image_t *loaded_image; ++ ++ b = grub_efi_system_table->boot_services; ++ ++ status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, ++ boot_image, fsize, &image_handle); ++ if (status != GRUB_EFI_SUCCESS) ++ { ++ if (status == GRUB_EFI_OUT_OF_RESOURCES) ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); ++ else ++ grub_error (GRUB_ERR_BAD_OS, "cannot load image"); ++ return -1; ++ } ++ ++ /* LoadImage does not set a device handler when the image is ++ loaded from memory, so it is necessary to set it explicitly here. ++ This is a mess. */ ++ loaded_image = grub_efi_get_loaded_image (image_handle); ++ if (! loaded_image) ++ { ++ grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); ++ return -1; ++ } ++ loaded_image->device_handle = dev_handle; ++ ++ if (cmdline) ++ { ++ loaded_image->load_options = cmdline; ++ loaded_image->load_options_size = cmdline_len; ++ } ++ ++ return 0; ++} ++ ++static grub_err_t ++grub_secureboot_chainloader_boot (void) ++{ ++ int rc; ++ rc = handle_image ((void *)(unsigned long)address, fsize); ++ if (rc == 0) ++ { ++ grub_load_and_start_image((void *)(unsigned long)address); ++ } ++ ++ grub_loader_unset (); ++ return grub_errno; ++} ++ + static grub_err_t + grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + int argc, char *argv[]) + { + grub_file_t file = 0; +- grub_ssize_t size; + grub_efi_status_t status; + grub_efi_boot_services_t *b; + grub_device_t dev = 0; + grub_efi_device_path_t *dp = 0; +- grub_efi_loaded_image_t *loaded_image; + char *filename; + void *boot_image = 0; +- grub_efi_handle_t dev_handle = 0; ++ int rc; + + if (argc == 0) + return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); +@@ -216,15 +893,45 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + address = 0; + image_handle = 0; + file_path = 0; ++ dev_handle = 0; + + b = grub_efi_system_table->boot_services; + ++ if (argc > 1) ++ { ++ int i; ++ grub_efi_char16_t *p16; ++ ++ for (i = 1, cmdline_len = 0; i < argc; i++) ++ cmdline_len += grub_strlen (argv[i]) + 1; ++ ++ cmdline_len *= sizeof (grub_efi_char16_t); ++ cmdline = p16 = grub_malloc (cmdline_len); ++ if (! cmdline) ++ goto fail; ++ ++ for (i = 1; i < argc; i++) ++ { ++ char *p8; ++ ++ p8 = argv[i]; ++ while (*p8) ++ *(p16++) = *(p8++); ++ ++ *(p16++) = ' '; ++ } ++ *(--p16) = 0; ++ } ++ + file = grub_file_open (filename); + if (! file) + goto fail; + +- /* Get the root device's device path. */ +- dev = grub_device_open (0); ++ /* Get the device path from filename. */ ++ char *devname = grub_file_get_device_name (filename); ++ dev = grub_device_open (devname); ++ if (devname) ++ grub_free (devname); + if (! dev) + goto fail; + +@@ -261,17 +968,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + if (! file_path) + goto fail; + +- grub_printf ("file path: "); +- grub_efi_print_device_path (file_path); +- +- size = grub_file_size (file); +- if (!size) ++ fsize = grub_file_size (file); ++ if (!fsize) + { + grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), + filename); + goto fail; + } +- pages = (((grub_efi_uintn_t) size + ((1 << 12) - 1)) >> 12); ++ pages = (((grub_efi_uintn_t) fsize + ((1 << 12) - 1)) >> 12); + + status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_ANY_PAGES, + GRUB_EFI_LOADER_CODE, +@@ -285,7 +989,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + } + + boot_image = (void *) ((grub_addr_t) address); +- if (grub_file_read (file, boot_image, size) != size) ++ if (grub_file_read (file, boot_image, fsize) != fsize) + { + if (grub_errno == GRUB_ERR_NONE) + grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), +@@ -295,7 +999,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + } + + #if defined (__i386__) || defined (__x86_64__) +- if (size >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) ++ if (fsize >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) + { + struct grub_macho_fat_header *head = boot_image; + if (head->magic +@@ -304,6 +1008,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + grub_uint32_t i; + struct grub_macho_fat_arch *archs + = (struct grub_macho_fat_arch *) (head + 1); ++ ++ if (grub_efi_secure_boot()) ++ { ++ grub_error (GRUB_ERR_BAD_OS, ++ "MACHO binaries are forbidden with Secure Boot"); ++ goto fail; ++ } ++ + for (i = 0; i < grub_cpu_to_le32 (head->nfat_arch); i++) + { + if (GRUB_MACHO_CPUTYPE_IS_HOST_CURRENT (archs[i].cputype)) +@@ -318,79 +1030,39 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + > ~grub_cpu_to_le32 (archs[i].size) + || grub_cpu_to_le32 (archs[i].offset) + + grub_cpu_to_le32 (archs[i].size) +- > (grub_size_t) size) ++ > (grub_size_t) fsize) + { + grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), + filename); + goto fail; + } + boot_image = (char *) boot_image + grub_cpu_to_le32 (archs[i].offset); +- size = grub_cpu_to_le32 (archs[i].size); ++ fsize = grub_cpu_to_le32 (archs[i].size); + } + } + #endif + +- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, +- boot_image, size, +- &image_handle); +- if (status != GRUB_EFI_SUCCESS) ++ rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); ++ grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); ++ if (rc > 0) + { +- if (status == GRUB_EFI_OUT_OF_RESOURCES) +- grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); +- else +- grub_error (GRUB_ERR_BAD_OS, "cannot load image"); +- +- goto fail; ++ grub_file_close (file); ++ grub_device_close (dev); ++ grub_loader_set (grub_secureboot_chainloader_boot, ++ grub_secureboot_chainloader_unload, 0); ++ return 0; + } +- +- /* LoadImage does not set a device handler when the image is +- loaded from memory, so it is necessary to set it explicitly here. +- This is a mess. */ +- loaded_image = grub_efi_get_loaded_image (image_handle); +- if (! loaded_image) ++ else if (rc == 0) + { +- grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); +- goto fail; +- } +- loaded_image->device_handle = dev_handle; +- +- if (argc > 1) +- { +- int i, len; +- grub_efi_char16_t *p16; +- +- for (i = 1, len = 0; i < argc; i++) +- len += grub_strlen (argv[i]) + 1; +- +- len *= sizeof (grub_efi_char16_t); +- cmdline = p16 = grub_malloc (len); +- if (! cmdline) +- goto fail; ++ grub_load_and_start_image(boot_image); ++ grub_file_close (file); ++ grub_device_close (dev); ++ grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); + +- for (i = 1; i < argc; i++) +- { +- char *p8; +- +- p8 = argv[i]; +- while (*p8) +- *(p16++) = *(p8++); +- +- *(p16++) = ' '; +- } +- *(--p16) = 0; +- +- loaded_image->load_options = cmdline; +- loaded_image->load_options_size = len; ++ return 0; + } + +- grub_file_close (file); +- grub_device_close (dev); +- +- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); +- return 0; +- +- fail: +- ++fail: + if (dev) + grub_device_close (dev); + +@@ -402,6 +1074,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + if (address) + efi_call_2 (b->free_pages, address, pages); + ++ if (cmdline) ++ grub_free (cmdline); ++ + grub_dl_unref (my_mod); + + return grub_errno; +diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c +index aea378adf5c..dbf63e20ed8 100644 +--- a/grub-core/loader/efi/linux.c ++++ b/grub-core/loader/efi/linux.c +@@ -33,21 +33,34 @@ struct grub_efi_shim_lock + }; + typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; + +-grub_efi_boolean_t ++int + grub_linuxefi_secure_validate (void *data, grub_uint32_t size) + { + grub_efi_guid_t guid = SHIM_LOCK_GUID; + grub_efi_shim_lock_t *shim_lock; ++ grub_efi_status_t status; + + shim_lock = grub_efi_locate_protocol(&guid, NULL); +- ++ grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock); + if (!shim_lock) +- return 1; ++ { ++ grub_dprintf ("secureboot", "shim not available\n"); ++ return 0; ++ } + +- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) +- return 1; ++ grub_dprintf ("secureboot", "Asking shim to verify kernel signature\n"); ++ status = shim_lock->verify (data, size); ++ grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", status); ++ if (status == GRUB_EFI_SUCCESS) ++ { ++ grub_dprintf ("secureboot", "Kernel signature verification passed\n"); ++ return 1; ++ } + +- return 0; ++ grub_dprintf ("secureboot", "Kernel signature verification failed (0x%lx)\n", ++ (unsigned long) status); ++ ++ return -1; + } + + typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 3db82e782df..8db228c5bf5 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -118,6 +118,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_dprintf ("linux", "initrd_mem = %lx\n", (unsigned long) initrd_mem); ++ + params->ramdisk_size = size; + params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; + +@@ -160,6 +162,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + struct linux_kernel_header lh; + grub_ssize_t len, start, filelen; + void *kernel = NULL; ++ int rc; + + grub_dl_ref (my_mod); + +@@ -185,11 +188,13 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + + if (grub_file_read (file, kernel, filelen) != filelen) + { +- grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); ++ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), ++ argv[0]); + goto fail; + } + +- if (! grub_linuxefi_secure_validate (kernel, filelen)) ++ rc = grub_linuxefi_secure_validate (kernel, filelen); ++ if (rc < 0) + { + grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), + argv[0]); +@@ -204,6 +209,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_dprintf ("linux", "params = %lx\n", (unsigned long) params); ++ + grub_memset (params, 0, 16384); + + grub_memcpy (&lh, kernel, sizeof (lh)); +@@ -242,6 +249,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_dprintf ("linux", "linux_cmdline = %lx\n", ++ (unsigned long)linux_cmdline); ++ + grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); + grub_create_loader_cmdline (argc, argv, + linux_cmdline + sizeof (LINUX_IMAGE) - 1, +@@ -275,9 +285,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + grub_memcpy (params, &lh, 2 * 512); + + params->type_of_loader = 0x21; ++ grub_dprintf("linux", "kernel_mem: %p handover_offset: %08x\n", ++ kernel_mem, handover_offset); + + fail: +- + if (file) + grub_file_close (file); + +diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h +index d9ede36773b..0033d9305a9 100644 +--- a/include/grub/efi/linux.h ++++ b/include/grub/efi/linux.h +@@ -22,7 +22,7 @@ + #include + #include + +-grub_efi_boolean_t ++int + EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); + grub_err_t + EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, +diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h +index 7d44732d2c3..c03cc599f63 100644 +--- a/include/grub/efi/pe32.h ++++ b/include/grub/efi/pe32.h +@@ -214,7 +214,11 @@ struct grub_pe64_optional_header + struct grub_pe32_section_table + { + char name[8]; +- grub_uint32_t virtual_size; ++ union ++ { ++ grub_uint32_t physical_address; ++ grub_uint32_t virtual_size; ++ }; + grub_uint32_t virtual_address; + grub_uint32_t raw_data_size; + grub_uint32_t raw_data_offset; +@@ -225,12 +229,18 @@ struct grub_pe32_section_table + grub_uint32_t characteristics; + }; + ++#define GRUB_PE32_SCN_TYPE_NO_PAD 0x00000008 + #define GRUB_PE32_SCN_CNT_CODE 0x00000020 + #define GRUB_PE32_SCN_CNT_INITIALIZED_DATA 0x00000040 +-#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 +-#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 +-#define GRUB_PE32_SCN_MEM_READ 0x40000000 +-#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 ++#define GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA 0x00000080 ++#define GRUB_PE32_SCN_LNK_OTHER 0x00000100 ++#define GRUB_PE32_SCN_LNK_INFO 0x00000200 ++#define GRUB_PE32_SCN_LNK_REMOVE 0x00000800 ++#define GRUB_PE32_SCN_LNK_COMDAT 0x00001000 ++#define GRUB_PE32_SCN_GPREL 0x00008000 ++#define GRUB_PE32_SCN_MEM_16BIT 0x00020000 ++#define GRUB_PE32_SCN_MEM_LOCKED 0x00040000 ++#define GRUB_PE32_SCN_MEM_PRELOAD 0x00080000 + + #define GRUB_PE32_SCN_ALIGN_1BYTES 0x00100000 + #define GRUB_PE32_SCN_ALIGN_2BYTES 0x00200000 +@@ -239,10 +249,28 @@ struct grub_pe32_section_table + #define GRUB_PE32_SCN_ALIGN_16BYTES 0x00500000 + #define GRUB_PE32_SCN_ALIGN_32BYTES 0x00600000 + #define GRUB_PE32_SCN_ALIGN_64BYTES 0x00700000 ++#define GRUB_PE32_SCN_ALIGN_128BYTES 0x00800000 ++#define GRUB_PE32_SCN_ALIGN_256BYTES 0x00900000 ++#define GRUB_PE32_SCN_ALIGN_512BYTES 0x00A00000 ++#define GRUB_PE32_SCN_ALIGN_1024BYTES 0x00B00000 ++#define GRUB_PE32_SCN_ALIGN_2048BYTES 0x00C00000 ++#define GRUB_PE32_SCN_ALIGN_4096BYTES 0x00D00000 ++#define GRUB_PE32_SCN_ALIGN_8192BYTES 0x00E00000 + + #define GRUB_PE32_SCN_ALIGN_SHIFT 20 + #define GRUB_PE32_SCN_ALIGN_MASK 7 + ++#define GRUB_PE32_SCN_LNK_NRELOC_OVFL 0x01000000 ++#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 ++#define GRUB_PE32_SCN_MEM_NOT_CACHED 0x04000000 ++#define GRUB_PE32_SCN_MEM_NOT_PAGED 0x08000000 ++#define GRUB_PE32_SCN_MEM_SHARED 0x10000000 ++#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 ++#define GRUB_PE32_SCN_MEM_READ 0x40000000 ++#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 ++ ++ ++ + #define GRUB_PE32_SIGNATURE_SIZE 4 + + struct grub_pe32_header +@@ -265,6 +293,20 @@ struct grub_pe32_header + #endif + }; + ++struct grub_pe32_header_32 ++{ ++ char signature[GRUB_PE32_SIGNATURE_SIZE]; ++ struct grub_pe32_coff_header coff_header; ++ struct grub_pe32_optional_header optional_header; ++}; ++ ++struct grub_pe32_header_64 ++{ ++ char signature[GRUB_PE32_SIGNATURE_SIZE]; ++ struct grub_pe32_coff_header coff_header; ++ struct grub_pe64_optional_header optional_header; ++}; ++ + struct grub_pe32_fixup_block + { + grub_uint32_t page_rva; diff --git a/0244-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch b/0161-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch similarity index 87% rename from 0244-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch rename to 0161-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch index b006067e..0399eedd 100644 --- a/0244-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +++ b/0161-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch @@ -12,8 +12,9 @@ Signed-off-by: Peter Jones grub-core/Makefile.core.def | 1 + grub-core/commands/iorw.c | 7 +++++ grub-core/commands/memrw.c | 7 +++++ - grub-core/kern/efi/efi.c | 28 ------------------ - grub-core/kern/efi/sb.c | 58 ++++++++++++++++++++++++++++++++++++++ + grub-core/kern/dl.c | 1 + + grub-core/kern/efi/efi.c | 34 -------------------- + grub-core/kern/efi/sb.c | 64 ++++++++++++++++++++++++++++++++++++++ grub-core/loader/efi/appleloader.c | 7 +++++ grub-core/loader/efi/chainloader.c | 1 + grub-core/loader/i386/bsd.c | 7 +++++ @@ -22,13 +23,13 @@ Signed-off-by: Peter Jones grub-core/loader/multiboot.c | 7 +++++ grub-core/loader/xnu.c | 7 +++++ include/grub/efi/efi.h | 1 - - include/grub/efi/sb.h | 29 +++++++++++++++++++ + include/grub/efi/sb.h | 29 +++++++++++++++++ include/grub/ia64/linux.h | 0 include/grub/mips/linux.h | 0 include/grub/powerpc/linux.h | 0 include/grub/sparc64/linux.h | 0 grub-core/Makefile.am | 1 + - 19 files changed, 146 insertions(+), 29 deletions(-) + 20 files changed, 153 insertions(+), 35 deletions(-) create mode 100644 grub-core/kern/efi/sb.c create mode 100644 include/grub/efi/sb.h create mode 100644 include/grub/ia64/linux.h @@ -37,10 +38,10 @@ Signed-off-by: Peter Jones create mode 100644 include/grub/sparc64/linux.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 338244f6b47..423def037c2 100644 +index 622381f5208..52911374be5 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -196,6 +196,7 @@ kernel = { +@@ -195,6 +195,7 @@ kernel = { i386_multiboot = kern/i386/pc/acpi.c; i386_coreboot = kern/acpi.c; i386_multiboot = kern/acpi.c; @@ -112,11 +113,23 @@ index 98769eadb34..088cbe9e2bc 100644 grub_unregister_extcmd (cmd_read_byte); grub_unregister_extcmd (cmd_read_word); grub_unregister_extcmd (cmd_read_dword); +diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c +index 04e804d1668..621070918d4 100644 +--- a/grub-core/kern/dl.c ++++ b/grub-core/kern/dl.c +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + + /* Platforms where modules are in a readonly area of memory. */ + #if defined(GRUB_MACHINE_QEMU) diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 92e1583b37d..e339f264b3a 100644 +index 91129e33566..708581fcbde 100644 --- a/grub-core/kern/efi/efi.c +++ b/grub-core/kern/efi/efi.c -@@ -278,34 +278,6 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, +@@ -273,40 +273,6 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, return NULL; } @@ -130,14 +143,20 @@ index 92e1583b37d..e339f264b3a 100644 - grub_efi_boolean_t ret = 0; - - secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -- - if (datasize != 1 || !secure_boot) -- goto out; +- { +- grub_dprintf ("secureboot", "No SecureBoot variable\n"); +- goto out; +- } +- grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); - - setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -- - if (datasize != 1 || !setup_mode) -- goto out; +- { +- grub_dprintf ("secureboot", "No SetupMode variable\n"); +- goto out; +- } +- grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); - - if (*secure_boot && !*setup_mode) - ret = 1; @@ -153,10 +172,10 @@ index 92e1583b37d..e339f264b3a 100644 /* Search the mods section from the PE32/PE32+ image. This code uses diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c new file mode 100644 -index 00000000000..a41b6c5b851 +index 00000000000..d74778b0cac --- /dev/null +++ b/grub-core/kern/efi/sb.c -@@ -0,0 +1,58 @@ +@@ -0,0 +1,64 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2014 Free Software Foundation, Inc. @@ -195,14 +214,20 @@ index 00000000000..a41b6c5b851 + grub_efi_boolean_t ret = 0; + + secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -+ + if (datasize != 1 || !secure_boot) -+ goto out; ++ { ++ grub_dprintf ("secureboot", "No SecureBoot variable\n"); ++ goto out; ++ } ++ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); + + setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -+ + if (datasize != 1 || !setup_mode) -+ goto out; ++ { ++ grub_dprintf ("secureboot", "No SetupMode variable\n"); ++ goto out; ++ } ++ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); + + if (*secure_boot && !*setup_mode) + ret = 1; @@ -247,7 +272,7 @@ index 74888c463ba..69c2a10d351 100644 grub_unregister_command (cmd); } diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 87a91e16f17..aee8e6becf6 100644 +index af2189619a3..5cd9b6e08a8 100644 --- a/grub-core/loader/efi/chainloader.c +++ b/grub-core/loader/efi/chainloader.c @@ -34,6 +34,7 @@ @@ -291,7 +316,7 @@ index 7f96515da65..87709aa23e8 100644 grub_unregister_extcmd (cmd_openbsd); grub_unregister_extcmd (cmd_netbsd); diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index 44301e12659..930a90b1f32 100644 +index 388c40abb8b..35055431247 100644 --- a/grub-core/loader/i386/linux.c +++ b/grub-core/loader/i386/linux.c @@ -35,6 +35,7 @@ @@ -302,7 +327,7 @@ index 44301e12659..930a90b1f32 100644 GRUB_MOD_LICENSE ("GPLv3+"); -@@ -1139,6 +1140,9 @@ static grub_command_t cmd_linux, cmd_initrd; +@@ -1150,6 +1151,9 @@ static grub_command_t cmd_linux, cmd_initrd; GRUB_MOD_INIT(linux) { @@ -312,7 +337,7 @@ index 44301e12659..930a90b1f32 100644 cmd_linux = grub_register_command ("linux", grub_cmd_linux, 0, N_("Load Linux.")); cmd_initrd = grub_register_command ("initrd", grub_cmd_initrd, -@@ -1148,6 +1152,9 @@ GRUB_MOD_INIT(linux) +@@ -1159,6 +1163,9 @@ GRUB_MOD_INIT(linux) GRUB_MOD_FINI(linux) { @@ -323,7 +348,7 @@ index 44301e12659..930a90b1f32 100644 grub_unregister_command (cmd_initrd); } diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index b69cb7a3a7f..ebe7630210b 100644 +index caa76bee8af..783a3cd93bc 100644 --- a/grub-core/loader/i386/pc/linux.c +++ b/grub-core/loader/i386/pc/linux.c @@ -35,6 +35,7 @@ @@ -334,7 +359,7 @@ index b69cb7a3a7f..ebe7630210b 100644 GRUB_MOD_LICENSE ("GPLv3+"); -@@ -472,6 +473,9 @@ static grub_command_t cmd_linux, cmd_initrd; +@@ -480,6 +481,9 @@ static grub_command_t cmd_linux, cmd_linux16, cmd_initrd, cmd_initrd16; GRUB_MOD_INIT(linux16) { @@ -342,9 +367,9 @@ index b69cb7a3a7f..ebe7630210b 100644 + return; + cmd_linux = - grub_register_command ("linux16", grub_cmd_linux, + grub_register_command ("linux", grub_cmd_linux, 0, N_("Load Linux.")); -@@ -483,6 +487,9 @@ GRUB_MOD_INIT(linux16) +@@ -497,6 +501,9 @@ GRUB_MOD_INIT(linux16) GRUB_MOD_FINI(linux16) { @@ -352,8 +377,8 @@ index b69cb7a3a7f..ebe7630210b 100644 + return; + grub_unregister_command (cmd_linux); + grub_unregister_command (cmd_linux16); grub_unregister_command (cmd_initrd); - } diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c index 40c67e82489..26df46a4161 100644 --- a/grub-core/loader/multiboot.c diff --git a/0257-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch b/0162-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch similarity index 73% rename from 0257-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch rename to 0162-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch index fe3a0464..07202e93 100644 --- a/0257-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +++ b/0162-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch @@ -8,15 +8,15 @@ Allow booting 64-bit kernels on 32-bit EFI on x86. Signed-off-by: Peter Jones --- grub-core/loader/efi/linux.c | 9 +++- - grub-core/loader/i386/efi/linux.c | 110 +++++++++++++++++++++++++++----------- + grub-core/loader/i386/efi/linux.c | 109 ++++++++++++++++++++++++++------------ include/grub/i386/linux.h | 7 ++- - 3 files changed, 93 insertions(+), 33 deletions(-) + 3 files changed, 88 insertions(+), 37 deletions(-) diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index 8890bdf059a..2a7024134da 100644 +index dbf63e20ed8..7fe7201a388 100644 --- a/grub-core/loader/efi/linux.c +++ b/grub-core/loader/efi/linux.c -@@ -56,12 +56,17 @@ grub_linuxefi_secure_validate (void *data, grub_uint32_t size) +@@ -66,12 +66,17 @@ grub_linuxefi_secure_validate (void *data, grub_uint32_t size) typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); grub_err_t @@ -37,7 +37,7 @@ index 8890bdf059a..2a7024134da 100644 return GRUB_ERR_BUG; diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 8b5a817b9d1..bed5919cab3 100644 +index 8db228c5bf5..1279f510a24 100644 --- a/grub-core/loader/i386/efi/linux.c +++ b/grub-core/loader/i386/efi/linux.c @@ -44,14 +44,10 @@ static char *linux_cmdline; @@ -57,16 +57,7 @@ index 8b5a817b9d1..bed5919cab3 100644 params); } -@@ -119,6 +115,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_dprintf ("linuxefi", "initrd_mem = %lx\n", (unsigned long) initrd_mem); -+ - params->ramdisk_size = size; - params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; - -@@ -153,14 +151,20 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), +@@ -154,14 +150,20 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), return grub_errno; } @@ -81,14 +72,15 @@ index 8b5a817b9d1..bed5919cab3 100644 { grub_file_t file = 0; - struct linux_kernel_header lh; -+ struct linux_kernel_header *lh; - grub_ssize_t len, start, filelen; +- grub_ssize_t len, start, filelen; ++ struct linux_i386_kernel_header *lh = NULL; ++ grub_ssize_t start, filelen; void *kernel = NULL; + int setup_header_end_offset; int rc; grub_dl_ref (my_mod); -@@ -200,69 +204,107 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -201,48 +203,79 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } @@ -102,24 +94,27 @@ index 8b5a817b9d1..bed5919cab3 100644 goto fail; } -- grub_memset (params, 0, 16384); -+ grub_dprintf ("linuxefi", "params = %p\n", (unsigned long) params); +- grub_dprintf ("linux", "params = %lx\n", (unsigned long) params); ++ grub_dprintf ("linux", "params = %p\n", params); -- grub_memcpy (&lh, kernel, sizeof (lh)); +- grub_memset (params, 0, 16384); + grub_memset (params, 0, sizeof(*params)); +- grub_memcpy (&lh, kernel, sizeof (lh)); +- - if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) + setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); -+ grub_dprintf ("linuxefi", "copying %d bytes from %p to %p\n", -+ MIN(0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1, ++ grub_dprintf ("linux", "copying %zu bytes from %p to %p\n", ++ MIN((grub_size_t)0x202+setup_header_end_offset, ++ sizeof (*params)) - 0x1f1, + (grub_uint8_t *)kernel + 0x1f1, + (grub_uint8_t *)params + 0x1f1); + grub_memcpy ((grub_uint8_t *)params + 0x1f1, + (grub_uint8_t *)kernel + 0x1f1, -+ MIN(0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -+ lh = (struct linux_kernel_header *)params; -+ grub_dprintf ("linuxefi", "lh is at %p\n", lh); -+ grub_dprintf ("linuxefi", "checking lh->boot_flag\n"); ++ MIN((grub_size_t)0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); ++ lh = (struct linux_i386_kernel_header *)params; ++ grub_dprintf ("linux", "lh is at %p\n", lh); ++ grub_dprintf ("linux", "checking lh->boot_flag\n"); + if (lh->boot_flag != grub_cpu_to_le16 (0xaa55)) { grub_error (GRUB_ERR_BAD_OS, N_("invalid magic number")); @@ -127,7 +122,7 @@ index 8b5a817b9d1..bed5919cab3 100644 } - if (lh.setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) -+ grub_dprintf ("linuxefi", "checking lh->setup_sects\n"); ++ grub_dprintf ("linux", "checking lh->setup_sects\n"); + if (lh->setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) { grub_error (GRUB_ERR_BAD_OS, N_("too many setup sectors")); @@ -135,7 +130,7 @@ index 8b5a817b9d1..bed5919cab3 100644 } - if (lh.version < grub_cpu_to_le16 (0x020b)) -+ grub_dprintf ("linuxefi", "checking lh->version\n"); ++ grub_dprintf ("linux", "checking lh->version\n"); + if (lh->version < grub_cpu_to_le16 (0x020b)) { grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); @@ -143,7 +138,7 @@ index 8b5a817b9d1..bed5919cab3 100644 } - if (!lh.handover_offset) -+ grub_dprintf ("linuxefi", "checking lh->handover_offset\n"); ++ grub_dprintf ("linux", "checking lh->handover_offset\n"); + if (!lh->handover_offset) { grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support EFI handover")); @@ -151,7 +146,7 @@ index 8b5a817b9d1..bed5919cab3 100644 } +#if defined(__x86_64__) || defined(__aarch64__) -+ grub_dprintf ("linuxefi", "checking lh->xloadflags\n"); ++ grub_dprintf ("linux", "checking lh->xloadflags\n"); + if (!(lh->xloadflags & LINUX_XLF_KERNEL_64)) + { + grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support 64-bit CPUs")); @@ -169,7 +164,7 @@ index 8b5a817b9d1..bed5919cab3 100644 + } +#endif + -+ grub_dprintf ("linuxefi", "setting up cmdline\n"); + grub_dprintf ("linux", "setting up cmdline\n"); linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, - BYTES_TO_PAGES(lh.cmdline_size + 1)); - @@ -177,12 +172,7 @@ index 8b5a817b9d1..bed5919cab3 100644 if (!linux_cmdline) { grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); - goto fail; - } - -+ grub_dprintf ("linuxefi", "linux_cmdline = %lx\n", -+ (unsigned long)linux_cmdline); -+ +@@ -255,21 +288,22 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); grub_create_loader_cmdline (argc, argv, linux_cmdline + sizeof (LINUX_IMAGE) - 1, @@ -190,19 +180,19 @@ index 8b5a817b9d1..bed5919cab3 100644 + lh->cmdline_size - (sizeof (LINUX_IMAGE) - 1)); - lh.cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; -+ grub_dprintf ("linuxefi", "setting lh->cmd_line_ptr\n"); ++ grub_dprintf ("linux", "setting lh->cmd_line_ptr\n"); + lh->cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; - handover_offset = lh.handover_offset; -+ grub_dprintf ("linuxefi", "computing handover offset\n"); ++ grub_dprintf ("linux", "computing handover offset\n"); + handover_offset = lh->handover_offset; - start = (lh.setup_sects + 1) * 512; +- len = grub_file_size(file) - start; + start = (lh->setup_sects + 1) * 512; - len = grub_file_size(file) - start; -- kernel_mem = grub_efi_allocate_pages(lh.pref_address, -- BYTES_TO_PAGES(lh.init_size)); +- kernel_mem = grub_efi_allocate_pages_max(lh.pref_address, +- BYTES_TO_PAGES(lh.init_size)); + kernel_mem = grub_efi_allocate_pages_max(lh->pref_address, + BYTES_TO_PAGES(lh->init_size)); @@ -213,16 +203,16 @@ index 8b5a817b9d1..bed5919cab3 100644 if (!kernel_mem) { -@@ -270,17 +312,25 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -277,14 +311,21 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } - grub_memcpy (kernel_mem, (char *)kernel + start, len); -+ grub_dprintf ("linuxefi", "kernel_mem = %lx\n", (unsigned long) kernel_mem); ++ grub_dprintf ("linux", "kernel_mem = %lx\n", (unsigned long) kernel_mem); + grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); loaded=1; -+ grub_dprintf ("linuxefi", "setting lh->code32_start to %p\n", kernel_mem); ++ grub_dprintf ("linux", "setting lh->code32_start to %p\n", kernel_mem); + lh->code32_start = (grub_uint32_t)(grub_addr_t) kernel_mem; - lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; @@ -230,22 +220,21 @@ index 8b5a817b9d1..bed5919cab3 100644 + grub_memcpy (kernel_mem, (char *)kernel + start, filelen - start); - params->type_of_loader = 0x21; -+ grub_dprintf ("linuxefi", "setting lh->type_of_loader\n"); ++ grub_dprintf ("linux", "setting lh->type_of_loader\n"); + lh->type_of_loader = 0x6; + -+ grub_dprintf ("linuxefi", "setting lh->ext_loader_{type,ver}\n"); ++ grub_dprintf ("linux", "setting lh->ext_loader_{type,ver}\n"); + params->ext_loader_type = 0; + params->ext_loader_ver = 2; -+ grub_dprintf("linuxefi", "kernel_mem: %p handover_offset: %08x\n", -+ kernel_mem, handover_offset); + grub_dprintf("linux", "kernel_mem: %p handover_offset: %08x\n", + kernel_mem, handover_offset); - fail: -- - if (file) - grub_file_close (file); +@@ -301,10 +342,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + loaded = 0; + } -@@ -296,7 +346,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (linux_cmdline && !loaded) +- if (linux_cmdline && !loaded) ++ if (linux_cmdline && lh && !loaded) grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) linux_cmdline, - BYTES_TO_PAGES(lh.cmdline_size + 1)); diff --git a/0157-re-write-.gitignore.patch b/0163-re-write-.gitignore.patch similarity index 100% rename from 0157-re-write-.gitignore.patch rename to 0163-re-write-.gitignore.patch diff --git a/0158-IBM-client-architecture-CAS-reboot-support.patch b/0164-IBM-client-architecture-CAS-reboot-support.patch similarity index 100% rename from 0158-IBM-client-architecture-CAS-reboot-support.patch rename to 0164-IBM-client-architecture-CAS-reboot-support.patch diff --git a/0159-for-ppc-reset-console-display-attr-when-clear-screen.patch b/0165-for-ppc-reset-console-display-attr-when-clear-screen.patch similarity index 100% rename from 0159-for-ppc-reset-console-display-attr-when-clear-screen.patch rename to 0165-for-ppc-reset-console-display-attr-when-clear-screen.patch diff --git a/0160-Disable-GRUB-video-support-for-IBM-power-machines.patch b/0166-Disable-GRUB-video-support-for-IBM-power-machines.patch similarity index 100% rename from 0160-Disable-GRUB-video-support-for-IBM-power-machines.patch rename to 0166-Disable-GRUB-video-support-for-IBM-power-machines.patch diff --git a/0161-Honor-a-symlink-when-generating-configuration-by-gru.patch b/0167-Honor-a-symlink-when-generating-configuration-by-gru.patch similarity index 100% rename from 0161-Honor-a-symlink-when-generating-configuration-by-gru.patch rename to 0167-Honor-a-symlink-when-generating-configuration-by-gru.patch diff --git a/0162-Move-bash-completion-script-922997.patch b/0168-Move-bash-completion-script-922997.patch similarity index 100% rename from 0162-Move-bash-completion-script-922997.patch rename to 0168-Move-bash-completion-script-922997.patch diff --git a/0163-Update-to-minilzo-2.08.patch b/0169-Update-to-minilzo-2.08.patch similarity index 100% rename from 0163-Update-to-minilzo-2.08.patch rename to 0169-Update-to-minilzo-2.08.patch diff --git a/0164-Allow-fallback-to-include-entries-by-title-not-just-.patch b/0170-Allow-fallback-to-include-entries-by-title-not-just-.patch similarity index 100% rename from 0164-Allow-fallback-to-include-entries-by-title-not-just-.patch rename to 0170-Allow-fallback-to-include-entries-by-title-not-just-.patch diff --git a/0165-Add-GRUB_DISABLE_UUID.patch b/0171-Add-GRUB_DISABLE_UUID.patch similarity index 100% rename from 0165-Add-GRUB_DISABLE_UUID.patch rename to 0171-Add-GRUB_DISABLE_UUID.patch diff --git a/0166-Make-exit-take-a-return-code.patch b/0172-Make-exit-take-a-return-code.patch similarity index 100% rename from 0166-Make-exit-take-a-return-code.patch rename to 0172-Make-exit-take-a-return-code.patch diff --git a/0167-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch b/0173-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch similarity index 100% rename from 0167-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch rename to 0173-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch diff --git a/0168-Make-efi-machines-load-an-env-block-from-a-variable.patch b/0174-Make-efi-machines-load-an-env-block-from-a-variable.patch similarity index 98% rename from 0168-Make-efi-machines-load-an-env-block-from-a-variable.patch rename to 0174-Make-efi-machines-load-an-env-block-from-a-variable.patch index 7e231669..7e149281 100644 --- a/0168-Make-efi-machines-load-an-env-block-from-a-variable.patch +++ b/0174-Make-efi-machines-load-an-env-block-from-a-variable.patch @@ -10,7 +10,7 @@ Signed-off-by: Peter Jones 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index fc4767f1985..a6e257f946a 100644 +index 52911374be5..6b652231ecc 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -191,6 +191,7 @@ kernel = { diff --git a/0175-Add-support-for-linuxefi.patch b/0175-Add-support-for-linuxefi.patch deleted file mode 100644 index a91df66f..00000000 --- a/0175-Add-support-for-linuxefi.patch +++ /dev/null @@ -1,479 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Tue, 10 Jul 2012 11:58:52 -0400 -Subject: [PATCH] Add support for linuxefi - ---- - grub-core/Makefile.core.def | 8 + - grub-core/kern/efi/mm.c | 32 ++++ - grub-core/loader/i386/efi/linux.c | 371 ++++++++++++++++++++++++++++++++++++++ - include/grub/efi/efi.h | 3 + - include/grub/i386/linux.h | 1 + - 5 files changed, 415 insertions(+) - create mode 100644 grub-core/loader/i386/efi/linux.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index a6e257f946a..aacad137b36 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1759,6 +1759,14 @@ module = { - enable = x86_64_efi; - }; - -+module = { -+ name = linuxefi; -+ efi = loader/i386/efi/linux.c; -+ efi = lib/cmdline.c; -+ enable = i386_efi; -+ enable = x86_64_efi; -+}; -+ - module = { - name = chain; - efi = loader/efi/chainloader.c; -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index c48e9b5c7c3..775daed16e6 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -113,6 +113,38 @@ grub_efi_drop_alloc (grub_efi_physical_address_t address, - } - } - -+/* Allocate pages below a specified address */ -+void * -+grub_efi_allocate_pages_max (grub_efi_physical_address_t max, -+ grub_efi_uintn_t pages) -+{ -+ grub_efi_status_t status; -+ grub_efi_boot_services_t *b; -+ grub_efi_physical_address_t address = max; -+ -+ if (max > 0xffffffff) -+ return 0; -+ -+ b = grub_efi_system_table->boot_services; -+ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ if (address == 0) -+ { -+ /* Uggh, the address 0 was allocated... This is too annoying, -+ so reallocate another one. */ -+ address = max; -+ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); -+ grub_efi_free_pages (0, pages); -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ } -+ -+ return (void *) ((grub_addr_t) address); -+} -+ - /* Allocate pages. Return the pointer to the first of allocated pages. */ - void * - grub_efi_allocate_pages_real (grub_efi_physical_address_t address, -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -new file mode 100644 -index 00000000000..b79e6320ba9 ---- /dev/null -+++ b/grub-core/loader/i386/efi/linux.c -@@ -0,0 +1,371 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2012 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_dl_t my_mod; -+static int loaded; -+static void *kernel_mem; -+static grub_uint64_t kernel_size; -+static grub_uint8_t *initrd_mem; -+static grub_uint32_t handover_offset; -+struct linux_kernel_params *params; -+static char *linux_cmdline; -+ -+#define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) -+ -+#define SHIM_LOCK_GUID \ -+ { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } -+ -+struct grub_efi_shim_lock -+{ -+ grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); -+}; -+typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -+ -+static grub_efi_boolean_t -+grub_linuxefi_secure_validate (void *data, grub_uint32_t size) -+{ -+ grub_efi_guid_t guid = SHIM_LOCK_GUID; -+ grub_efi_shim_lock_t *shim_lock; -+ -+ shim_lock = grub_efi_locate_protocol(&guid, NULL); -+ -+ if (!shim_lock) -+ return 1; -+ -+ if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -+ return 1; -+ -+ return 0; -+} -+ -+typedef void(*handover_func)(void *, grub_efi_system_table_t *, struct linux_kernel_params *); -+ -+static grub_err_t -+grub_linuxefi_boot (void) -+{ -+ handover_func hf; -+ int offset = 0; -+ -+#ifdef __x86_64__ -+ offset = 512; -+#endif -+ -+ hf = (handover_func)((char *)kernel_mem + handover_offset + offset); -+ -+ asm volatile ("cli"); -+ -+ hf (grub_efi_image_handle, grub_efi_system_table, params); -+ -+ /* Not reached */ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_linuxefi_unload (void) -+{ -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ if (initrd_mem) -+ grub_efi_free_pages((grub_efi_physical_address_t)initrd_mem, BYTES_TO_PAGES(params->ramdisk_size)); -+ if (linux_cmdline) -+ grub_efi_free_pages((grub_efi_physical_address_t)linux_cmdline, BYTES_TO_PAGES(params->cmdline_size + 1)); -+ if (kernel_mem) -+ grub_efi_free_pages((grub_efi_physical_address_t)kernel_mem, BYTES_TO_PAGES(kernel_size)); -+ if (params) -+ grub_efi_free_pages((grub_efi_physical_address_t)params, BYTES_TO_PAGES(16384)); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ grub_file_t *files = 0; -+ int i, nfiles = 0; -+ grub_size_t size = 0; -+ grub_uint8_t *ptr; -+ -+ if (argc == 0) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ if (!loaded) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("you need to load the kernel first")); -+ goto fail; -+ } -+ -+ files = grub_zalloc (argc * sizeof (files[0])); -+ if (!files) -+ goto fail; -+ -+ for (i = 0; i < argc; i++) -+ { -+ grub_file_filter_disable_compression (); -+ files[i] = grub_file_open (argv[i]); -+ if (! files[i]) -+ goto fail; -+ nfiles++; -+ size += ALIGN_UP (grub_file_size (files[i]), 4); -+ } -+ -+ initrd_mem = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(size)); -+ -+ if (!initrd_mem) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate initrd")); -+ goto fail; -+ } -+ -+ params->ramdisk_size = size; -+ params->ramdisk_image = (grub_uint32_t)(grub_uint64_t) initrd_mem; -+ -+ ptr = initrd_mem; -+ -+ for (i = 0; i < nfiles; i++) -+ { -+ grub_ssize_t cursize = grub_file_size (files[i]); -+ if (grub_file_read (files[i], ptr, cursize) != cursize) -+ { -+ if (!grub_errno) -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), -+ argv[i]); -+ goto fail; -+ } -+ ptr += cursize; -+ grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); -+ ptr += ALIGN_UP_OVERHEAD (cursize, 4); -+ } -+ -+ params->ramdisk_size = size; -+ -+ fail: -+ for (i = 0; i < nfiles; i++) -+ grub_file_close (files[i]); -+ grub_free (files); -+ -+ if (initrd_mem && grub_errno) -+ grub_efi_free_pages((grub_efi_physical_address_t)initrd_mem, BYTES_TO_PAGES(size)); -+ -+ return grub_errno; -+} -+ -+static grub_err_t -+grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ grub_file_t file = 0; -+ struct linux_kernel_header lh; -+ grub_ssize_t len, start, filelen; -+ void *kernel; -+ -+ grub_dl_ref (my_mod); -+ -+ if (argc == 0) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ file = grub_file_open (argv[0]); -+ if (! file) -+ goto fail; -+ -+ filelen = grub_file_size (file); -+ -+ kernel = grub_malloc(filelen); -+ -+ if (!kernel) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); -+ goto fail; -+ } -+ -+ if (grub_file_read (file, kernel, filelen) != filelen) -+ { -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); -+ goto fail; -+ } -+ -+ if (! grub_linuxefi_secure_validate (kernel, filelen)) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); -+ grub_free (kernel); -+ goto fail; -+ } -+ -+ grub_file_seek (file, 0); -+ -+ grub_free(kernel); -+ -+ params = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(16384)); -+ -+ if (! params) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -+ goto fail; -+ } -+ -+ memset (params, 0, 16384); -+ -+ if (grub_file_read (file, &lh, sizeof (lh)) != sizeof (lh)) -+ { -+ if (!grub_errno) -+ grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -+ argv[0]); -+ goto fail; -+ } -+ -+ if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("invalid magic number")); -+ goto fail; -+ } -+ -+ if (lh.setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("too many setup sectors")); -+ goto fail; -+ } -+ -+ if (lh.version < grub_cpu_to_le16 (0x020b)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); -+ goto fail; -+ } -+ -+ if (!lh.handover_offset) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support EFI handover")); -+ goto fail; -+ } -+ -+ linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, -+ BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ -+ if (!linux_cmdline) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); -+ goto fail; -+ } -+ -+ grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); -+ grub_create_loader_cmdline (argc, argv, -+ linux_cmdline + sizeof (LINUX_IMAGE) - 1, -+ lh.cmdline_size - (sizeof (LINUX_IMAGE) - 1)); -+ -+ lh.cmd_line_ptr = (grub_uint32_t)(grub_uint64_t)linux_cmdline; -+ -+ handover_offset = lh.handover_offset; -+ -+ start = (lh.setup_sects + 1) * 512; -+ len = grub_file_size(file) - start; -+ -+ kernel_mem = grub_efi_allocate_pages(lh.pref_address, -+ BYTES_TO_PAGES(lh.init_size)); -+ -+ if (!kernel_mem) -+ kernel_mem = grub_efi_allocate_pages_max(0x3fffffff, -+ BYTES_TO_PAGES(lh.init_size)); -+ -+ if (!kernel_mem) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); -+ goto fail; -+ } -+ -+ if (grub_file_seek (file, start) == (grub_off_t) -1) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -+ argv[0]); -+ goto fail; -+ } -+ -+ if (grub_file_read (file, kernel_mem, len) != len && !grub_errno) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -+ argv[0]); -+ } -+ -+ if (grub_errno == GRUB_ERR_NONE) -+ { -+ grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -+ loaded = 1; -+ lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; -+ } -+ -+ memcpy(params, &lh, 2 * 512); -+ -+ params->type_of_loader = 0x21; -+ -+ fail: -+ -+ if (file) -+ grub_file_close (file); -+ -+ if (grub_errno != GRUB_ERR_NONE) -+ { -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ } -+ -+ if (linux_cmdline && !loaded) -+ grub_efi_free_pages((grub_efi_physical_address_t)linux_cmdline, BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ -+ if (kernel_mem && !loaded) -+ grub_efi_free_pages((grub_efi_physical_address_t)kernel_mem, BYTES_TO_PAGES(kernel_size)); -+ -+ if (params && !loaded) -+ grub_efi_free_pages((grub_efi_physical_address_t)params, BYTES_TO_PAGES(16384)); -+ -+ return grub_errno; -+} -+ -+static grub_command_t cmd_linux, cmd_initrd; -+ -+GRUB_MOD_INIT(linuxefi) -+{ -+ cmd_linux = -+ grub_register_command ("linuxefi", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_initrd = -+ grub_register_command ("initrdefi", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ my_mod = mod; -+} -+ -+GRUB_MOD_FINI(linuxefi) -+{ -+ grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_initrd); -+} -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index c996913e5bc..3efbafbb418 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -47,6 +47,9 @@ EXPORT_FUNC(grub_efi_allocate_fixed) (grub_efi_physical_address_t address, - grub_efi_uintn_t pages); - void * - EXPORT_FUNC(grub_efi_allocate_any_pages) (grub_efi_uintn_t pages); -+void * -+EXPORT_FUNC(grub_efi_allocate_pages_max) (grub_efi_physical_address_t max, -+ grub_efi_uintn_t pages); - void EXPORT_FUNC(grub_efi_free_pages) (grub_efi_physical_address_t address, - grub_efi_uintn_t pages); - int -diff --git a/include/grub/i386/linux.h b/include/grub/i386/linux.h -index 0bd75881708..5d8282a7db6 100644 ---- a/include/grub/i386/linux.h -+++ b/include/grub/i386/linux.h -@@ -139,6 +139,7 @@ struct linux_i386_kernel_header - grub_uint64_t setup_data; - grub_uint64_t pref_address; - grub_uint32_t init_size; -+ grub_uint32_t handover_offset; - } GRUB_PACKED; - - /* Boot parameters for Linux based on 2.6.12. This is used by the setup diff --git a/0169-DHCP-client-ID-and-UUID-options-added.patch b/0175-DHCP-client-ID-and-UUID-options-added.patch similarity index 100% rename from 0169-DHCP-client-ID-and-UUID-options-added.patch rename to 0175-DHCP-client-ID-and-UUID-options-added.patch diff --git a/0176-Use-linuxefi-and-initrdefi-where-appropriate.patch b/0176-Use-linuxefi-and-initrdefi-where-appropriate.patch deleted file mode 100644 index 21969117..00000000 --- a/0176-Use-linuxefi-and-initrdefi-where-appropriate.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 16 Jul 2012 18:57:11 -0400 -Subject: [PATCH] Use "linuxefi" and "initrdefi" where appropriate. - ---- - util/grub.d/10_linux.in | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 87a7da34982..37d539fcf93 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -139,9 +139,16 @@ linux_entry () - printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/" - fi - message="$(gettext_printf "Loading Linux %s ..." ${version})" -+ if [ -d /sys/firmware/efi ]; then -+ linuxcmd=linuxefi -+ initrdcmd=initrdefi -+ else -+ linuxcmd=linux -+ initrdcmd=initrd -+ fi - sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' -- linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} -+ ${linuxcmd} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} - EOF - if test -n "${initrd}" ; then - # TRANSLATORS: ramdisk isn't identifier. Should be translated. -@@ -152,7 +159,7 @@ EOF - done - sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' -- initrd $(echo $initrd_path) -+ ${initrdcmd} $(echo $initrd_path) - EOF - fi - sed "s/^/$submenu_indentation/" << EOF diff --git a/0170-trim-arp-packets-with-abnormal-size.patch b/0176-trim-arp-packets-with-abnormal-size.patch similarity index 100% rename from 0170-trim-arp-packets-with-abnormal-size.patch rename to 0176-trim-arp-packets-with-abnormal-size.patch diff --git a/0177-Don-t-allow-insmod-when-secure-boot-is-enabled.patch b/0177-Don-t-allow-insmod-when-secure-boot-is-enabled.patch deleted file mode 100644 index 5bd99743..00000000 --- a/0177-Don-t-allow-insmod-when-secure-boot-is-enabled.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Colin Watson -Date: Tue, 23 Oct 2012 10:40:49 -0400 -Subject: [PATCH] Don't allow insmod when secure boot is enabled. - -Hi, - -Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine -as far as it goes. However, the insmod command is not the only way that -modules can be loaded. In particular, the 'normal' command, which -implements the usual GRUB menu and the fully-featured command prompt, -will implicitly load commands not currently loaded into memory. This -permits trivial Secure Boot violations by writing commands implementing -whatever you want to do and pointing $prefix at the malicious code. - -I'm currently test-building this patch (replacing your current -grub-2.00-no-insmod-on-sb.patch), but this should be more correct. It -moves the check into grub_dl_load_file. ---- - grub-core/kern/dl.c | 22 ++++++++++++++++++++++ - grub-core/kern/efi/efi.c | 28 ++++++++++++++++++++++++++++ - include/grub/efi/efi.h | 1 + - 3 files changed, 51 insertions(+) - -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index e394cd96f8c..621070918d4 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -32,12 +32,21 @@ - #include - #include - #include -+#include - - /* Platforms where modules are in a readonly area of memory. */ - #if defined(GRUB_MACHINE_QEMU) - #define GRUB_MODULES_MACHINE_READONLY - #endif - -+#ifdef GRUB_MACHINE_EMU -+#include -+#endif -+ -+#ifdef GRUB_MACHINE_EFI -+#include -+#endif -+ - - - #pragma GCC diagnostic ignored "-Wcast-align" -@@ -686,6 +695,19 @@ grub_dl_load_file (const char *filename) - void *core = 0; - grub_dl_t mod = 0; - -+#ifdef GRUB_MACHINE_EFI -+ if (grub_efi_secure_boot ()) -+ { -+#if 0 -+ /* This is an error, but grub2-mkconfig still generates a pile of -+ * insmod commands, so emitting it would be mostly just obnoxious. */ -+ grub_error (GRUB_ERR_ACCESS_DENIED, -+ "Secure Boot forbids loading module from %s", filename); -+#endif -+ return 0; -+ } -+#endif -+ - grub_boot_time ("Loading module %s", filename); - - file = grub_file_open (filename); -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index e339f264b3a..92e1583b37d 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -278,6 +278,34 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, - return NULL; - } - -+grub_efi_boolean_t -+grub_efi_secure_boot (void) -+{ -+ grub_efi_guid_t efi_var_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID; -+ grub_size_t datasize; -+ char *secure_boot = NULL; -+ char *setup_mode = NULL; -+ grub_efi_boolean_t ret = 0; -+ -+ secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -+ -+ if (datasize != 1 || !secure_boot) -+ goto out; -+ -+ setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -+ -+ if (datasize != 1 || !setup_mode) -+ goto out; -+ -+ if (*secure_boot && !*setup_mode) -+ ret = 1; -+ -+ out: -+ grub_free (secure_boot); -+ grub_free (setup_mode); -+ return ret; -+} -+ - #pragma GCC diagnostic ignored "-Wcast-align" - - /* Search the mods section from the PE32/PE32+ image. This code uses -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 3efbafbb418..f68a19de442 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -84,6 +84,7 @@ EXPORT_FUNC (grub_efi_set_variable) (const char *var, - const grub_efi_guid_t *guid, - void *data, - grub_size_t datasize); -+grub_efi_boolean_t EXPORT_FUNC (grub_efi_secure_boot) (void); - int - EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1, - const grub_efi_device_path_t *dp2); diff --git a/0171-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch b/0177-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch similarity index 100% rename from 0171-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch rename to 0177-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch diff --git a/0172-Add-support-for-UEFI-operating-systems-returned-by-o.patch b/0178-Add-support-for-UEFI-operating-systems-returned-by-o.patch similarity index 100% rename from 0172-Add-support-for-UEFI-operating-systems-returned-by-o.patch rename to 0178-Add-support-for-UEFI-operating-systems-returned-by-o.patch diff --git a/0173-Migrate-PPC-from-Yaboot-to-Grub2.patch b/0179-Migrate-PPC-from-Yaboot-to-Grub2.patch similarity index 100% rename from 0173-Migrate-PPC-from-Yaboot-to-Grub2.patch rename to 0179-Migrate-PPC-from-Yaboot-to-Grub2.patch diff --git a/0174-Add-fw_path-variable-revised.patch b/0180-Add-fw_path-variable-revised.patch similarity index 100% rename from 0174-Add-fw_path-variable-revised.patch rename to 0180-Add-fw_path-variable-revised.patch diff --git a/0178-Pass-x-hex-hex-straight-through-unmolested.patch b/0181-Pass-x-hex-hex-straight-through-unmolested.patch similarity index 100% rename from 0178-Pass-x-hex-hex-straight-through-unmolested.patch rename to 0181-Pass-x-hex-hex-straight-through-unmolested.patch diff --git a/0179-Add-X-option-to-printf-functions.patch b/0182-Add-X-option-to-printf-functions.patch similarity index 100% rename from 0179-Add-X-option-to-printf-functions.patch rename to 0182-Add-X-option-to-printf-functions.patch diff --git a/0180-Search-for-specific-config-file-for-netboot.patch b/0183-Search-for-specific-config-file-for-netboot.patch similarity index 100% rename from 0180-Search-for-specific-config-file-for-netboot.patch rename to 0183-Search-for-specific-config-file-for-netboot.patch diff --git a/0181-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch b/0184-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch similarity index 98% rename from 0181-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch rename to 0184-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch index 2e57d445..c15a8be6 100644 --- a/0181-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +++ b/0184-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch @@ -21,10 +21,10 @@ Signed-off-by: Peter Jones create mode 100644 grub-core/commands/blscfg.c diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index aacad137b36..3f42ce16fad 100644 +index 6b652231ecc..7ed07b3e2fd 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -768,6 +768,14 @@ module = { +@@ -769,6 +769,14 @@ module = { common = commands/blocklist.c; }; diff --git a/0185-Add-devicetree-loading.patch b/0185-Add-devicetree-loading.patch new file mode 100644 index 00000000..4cb1a2a7 --- /dev/null +++ b/0185-Add-devicetree-loading.patch @@ -0,0 +1,68 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Tue, 14 Jan 2014 13:12:23 -0500 +Subject: [PATCH] Add devicetree loading + +Signed-off-by: Peter Jones + +Switch to use APM Mustang device tree, for hardware testing. + +Signed-off-by: David A. Marlin + +Use the default device tree from the grub default file + +instead of hardcoding a value. + +Signed-off-by: David A. Marlin +--- + util/grub-mkconfig.in | 3 ++- + util/grub.d/10_linux.in | 15 +++++++++++++++ + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index b0a8626dd1c..f68d4925ee6 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -254,7 +254,8 @@ export GRUB_DEFAULT \ + GRUB_ENABLE_CRYPTODISK \ + GRUB_BADRAM \ + GRUB_OS_PROBER_SKIP_LIST \ +- GRUB_DISABLE_SUBMENU ++ GRUB_DISABLE_SUBMENU \ ++ GRUB_DEFAULT_DTB + + if test "x${grub_cfg}" != "x"; then + rm -f "${grub_cfg}.new" +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index 87a7da34982..233754ff296 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -153,6 +153,13 @@ EOF + sed "s/^/$submenu_indentation/" << EOF + echo '$(echo "$message" | grub_quote)' + initrd $(echo $initrd_path) ++EOF ++ fi ++ if test -n "${fdt}" ; then ++ message="$(gettext_printf "Loading fdt ...")" ++ sed "s/^/$submenu_indentation/" << EOF ++ echo '$(echo "$message" | grub_quote)' ++ devicetree ${rel_dirname}/${fdt} + EOF + fi + sed "s/^/$submenu_indentation/" << EOF +@@ -236,6 +243,14 @@ while [ "x$list" != "x" ] ; do + gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 + fi + ++ fdt= ++ for i in "dtb-${version}" "dtb-${alt_version}"; do ++ if test -f "${dirname}/${i}/${GRUB_DEFAULT_DTB}" ; then ++ fdt="${i}/${GRUB_DEFAULT_DTB}" ++ break ++ fi ++ done ++ + config= + for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do + if test -e "${i}" ; then diff --git a/0182-Don-t-write-messages-to-the-screen.patch b/0186-Don-t-write-messages-to-the-screen.patch similarity index 88% rename from 0182-Don-t-write-messages-to-the-screen.patch rename to 0186-Don-t-write-messages-to-the-screen.patch index 64a5c8de..e96a2340 100644 --- a/0182-Don-t-write-messages-to-the-screen.patch +++ b/0186-Don-t-write-messages-to-the-screen.patch @@ -11,8 +11,8 @@ very appealing. grub-core/kern/main.c | 5 ----- grub-core/boot/i386/pc/boot.S | 3 --- grub-core/boot/i386/pc/diskboot.S | 5 ----- - util/grub.d/10_linux.in | 3 --- - 5 files changed, 5 insertions(+), 36 deletions(-) + util/grub.d/10_linux.in | 7 ------- + 5 files changed, 5 insertions(+), 40 deletions(-) diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c index 4880cefe3f8..b22e1bcc94b 100644 @@ -143,30 +143,34 @@ index c1addc0df29..68d31de0c4c 100644 movw $LOCAL(firstlist), %di diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 37d539fcf93..3c290f65403 100644 +index 233754ff296..3a5aa0f8dc9 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -138,7 +138,6 @@ linux_entry () +@@ -138,27 +138,20 @@ linux_entry () fi printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/" fi - message="$(gettext_printf "Loading Linux %s ..." ${version})" - if [ -d /sys/firmware/efi ]; then - linuxcmd=linuxefi - initrdcmd=initrdefi -@@ -147,7 +146,6 @@ linux_entry () - initrdcmd=initrd - fi sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' - ${linuxcmd} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} + linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} EOF if test -n "${initrd}" ; then -@@ -158,7 +156,6 @@ EOF +- # TRANSLATORS: ramdisk isn't identifier. Should be translated. +- message="$(gettext_printf "Loading initial ramdisk ...")" + initrd_path= + for i in ${initrd}; do initrd_path="${initrd_path} ${rel_dirname}/${i}" done sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' - ${initrdcmd} $(echo $initrd_path) + initrd $(echo $initrd_path) + EOF + fi + if test -n "${fdt}" ; then +- message="$(gettext_printf "Loading fdt ...")" + sed "s/^/$submenu_indentation/" << EOF +- echo '$(echo "$message" | grub_quote)' + devicetree ${rel_dirname}/${fdt} EOF fi diff --git a/0183-Don-t-print-GNU-GRUB-header.patch b/0187-Don-t-print-GNU-GRUB-header.patch similarity index 100% rename from 0183-Don-t-print-GNU-GRUB-header.patch rename to 0187-Don-t-print-GNU-GRUB-header.patch diff --git a/0184-Don-t-add-to-highlighted-row.patch b/0188-Don-t-add-to-highlighted-row.patch similarity index 100% rename from 0184-Don-t-add-to-highlighted-row.patch rename to 0188-Don-t-add-to-highlighted-row.patch diff --git a/0185-Message-string-cleanups.patch b/0189-Message-string-cleanups.patch similarity index 100% rename from 0185-Message-string-cleanups.patch rename to 0189-Message-string-cleanups.patch diff --git a/0186-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch b/0190-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch similarity index 100% rename from 0186-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch rename to 0190-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch diff --git a/0191-Use-linux16-when-appropriate-880840.patch b/0191-Use-linux16-when-appropriate-880840.patch deleted file mode 100644 index 9e810d7f..00000000 --- a/0191-Use-linux16-when-appropriate-880840.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 28 Oct 2013 10:05:07 -0400 -Subject: [PATCH] Use linux16 when appropriate (#880840) - -The kernel group really would prefer that we use the 16 bit entry point -on x86 bios machines. - -Resolves: rhbz#880840 - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 3c290f65403..c8376a5189c 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -86,6 +86,11 @@ linux_entry () - type="$3" - args="$4" - -+ sixteenbit="" -+ case "$machine" in -+ i?86|x86_64) sixteenbit="16" ;; -+ esac -+ - if [ -z "$boot_device_id" ]; then - boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" - fi -@@ -142,8 +147,8 @@ linux_entry () - linuxcmd=linuxefi - initrdcmd=initrdefi - else -- linuxcmd=linux -- initrdcmd=initrd -+ linuxcmd=linux${sixteenbit} -+ initrdcmd=initrd${sixteenbit} - fi - sed "s/^/$submenu_indentation/" << EOF - ${linuxcmd} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} diff --git a/0187-Use-the-correct-indentation-for-the-term-help-text.patch b/0191-Use-the-correct-indentation-for-the-term-help-text.patch similarity index 100% rename from 0187-Use-the-correct-indentation-for-the-term-help-text.patch rename to 0191-Use-the-correct-indentation-for-the-term-help-text.patch diff --git a/0188-Indent-menu-entries.patch b/0192-Indent-menu-entries.patch similarity index 100% rename from 0188-Indent-menu-entries.patch rename to 0192-Indent-menu-entries.patch diff --git a/0189-Fix-margins.patch b/0193-Fix-margins.patch similarity index 100% rename from 0189-Fix-margins.patch rename to 0193-Fix-margins.patch diff --git a/0190-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch b/0194-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch similarity index 100% rename from 0190-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch rename to 0194-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch diff --git a/0192-Enable-pager-by-default.-985860.patch b/0195-Enable-pager-by-default.-985860.patch similarity index 100% rename from 0192-Enable-pager-by-default.-985860.patch rename to 0195-Enable-pager-by-default.-985860.patch diff --git a/0193-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch b/0196-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch similarity index 100% rename from 0193-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch rename to 0196-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch diff --git a/0194-Don-t-say-GNU-Linux-in-generated-menus.patch b/0197-Don-t-say-GNU-Linux-in-generated-menus.patch similarity index 97% rename from 0194-Don-t-say-GNU-Linux-in-generated-menus.patch rename to 0197-Don-t-say-GNU-Linux-in-generated-menus.patch index d64a0b40..85b0cde7 100644 --- a/0194-Don-t-say-GNU-Linux-in-generated-menus.patch +++ b/0197-Don-t-say-GNU-Linux-in-generated-menus.patch @@ -9,7 +9,7 @@ Subject: [PATCH] Don't say "GNU/Linux" in generated menus. 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index c8376a5189c..11f50d5730b 100644 +index 3a5aa0f8dc9..6299836b5cd 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@" diff --git a/0195-Don-t-draw-a-border-around-the-menu.patch b/0198-Don-t-draw-a-border-around-the-menu.patch similarity index 100% rename from 0195-Don-t-draw-a-border-around-the-menu.patch rename to 0198-Don-t-draw-a-border-around-the-menu.patch diff --git a/0198-Make-10_linux-work-with-our-changes-for-linux16-and-.patch b/0198-Make-10_linux-work-with-our-changes-for-linux16-and-.patch deleted file mode 100644 index 0d53eadf..00000000 --- a/0198-Make-10_linux-work-with-our-changes-for-linux16-and-.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 14 Jan 2014 13:12:23 -0500 -Subject: [PATCH] Make 10_linux work with our changes for linux16 and linuxefi - on aarch64 - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 35 ++++++++++++++++++++++++++--------- - 1 file changed, 26 insertions(+), 9 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 11f50d5730b..c889b47db59 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -86,9 +86,18 @@ linux_entry () - type="$3" - args="$4" - -- sixteenbit="" -+ linuxcmd=linux -+ initrdcmd=initrd - case "$machine" in -- i?86|x86_64) sixteenbit="16" ;; -+ i?86|x86_64) -+ if [ -d /sys/firmware/efi ]; then -+ linuxcmd=linuxefi -+ initrdcmd=initrdefi -+ else -+ linuxcmd=linux16 -+ initrdcmd=linux16 -+ fi -+ ;; - esac - - if [ -z "$boot_device_id" ]; then -@@ -143,13 +152,6 @@ linux_entry () - fi - printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/" - fi -- if [ -d /sys/firmware/efi ]; then -- linuxcmd=linuxefi -- initrdcmd=initrdefi -- else -- linuxcmd=linux${sixteenbit} -- initrdcmd=initrd${sixteenbit} -- fi - sed "s/^/$submenu_indentation/" << EOF - ${linuxcmd} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} - EOF -@@ -162,6 +164,13 @@ EOF - done - sed "s/^/$submenu_indentation/" << EOF - ${initrdcmd} $(echo $initrd_path) -+EOF -+ fi -+ if test -n "${fdt}" ; then -+ message="$(gettext_printf "Loading fdt ...")" -+ sed "s/^/$submenu_indentation/" << EOF -+ echo '$(echo "$message" | grub_quote)' -+ devicetree ${rel_dirname}/${fdt} - EOF - fi - sed "s/^/$submenu_indentation/" << EOF -@@ -245,6 +254,14 @@ while [ "x$list" != "x" ] ; do - gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 - fi - -+ fdt= -+ for i in "dtb-${version}" "dtb-${alt_version}"; do -+ if test -e "${dirname}/${i}/foundation-v8.dtb" ; then -+ fdt="${i}/foundation-v8.dtb" -+ break -+ fi -+ done -+ - config= - for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do - if test -e "${i}" ; then diff --git a/0199-Don-t-print-during-fdt-loading-method.patch b/0199-Don-t-print-during-fdt-loading-method.patch deleted file mode 100644 index cc6572fb..00000000 --- a/0199-Don-t-print-during-fdt-loading-method.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 14 Jan 2014 16:15:46 -0500 -Subject: [PATCH] Don't print during fdt loading method. - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index c889b47db59..c0c822c7147 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -167,9 +167,7 @@ EOF - EOF - fi - if test -n "${fdt}" ; then -- message="$(gettext_printf "Loading fdt ...")" - sed "s/^/$submenu_indentation/" << EOF -- echo '$(echo "$message" | grub_quote)' - devicetree ${rel_dirname}/${fdt} - EOF - fi diff --git a/0196-Use-the-standard-margin-for-the-timeout-string.patch b/0199-Use-the-standard-margin-for-the-timeout-string.patch similarity index 100% rename from 0196-Use-the-standard-margin-for-the-timeout-string.patch rename to 0199-Use-the-standard-margin-for-the-timeout-string.patch diff --git a/0197-Add-.eh_frame-to-list-of-relocations-stripped.patch b/0200-Add-.eh_frame-to-list-of-relocations-stripped.patch similarity index 100% rename from 0197-Add-.eh_frame-to-list-of-relocations-stripped.patch rename to 0200-Add-.eh_frame-to-list-of-relocations-stripped.patch diff --git a/0200-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch b/0201-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch similarity index 100% rename from 0200-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch rename to 0201-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch diff --git a/0201-Don-t-require-a-password-to-boot-entries-generated-b.patch b/0202-Don-t-require-a-password-to-boot-entries-generated-b.patch similarity index 96% rename from 0201-Don-t-require-a-password-to-boot-entries-generated-b.patch rename to 0202-Don-t-require-a-password-to-boot-entries-generated-b.patch index 194e20c7..b0b2b0ef 100644 --- a/0201-Don-t-require-a-password-to-boot-entries-generated-b.patch +++ b/0202-Don-t-require-a-password-to-boot-entries-generated-b.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Jones 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index c0c822c7147..2e533ffd8aa 100644 +index 6299836b5cd..b744438e04a 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -26,7 +26,7 @@ datarootdir="@datarootdir@" diff --git a/0202-Don-t-emit-Booting-.-message.patch b/0203-Don-t-emit-Booting-.-message.patch similarity index 100% rename from 0202-Don-t-emit-Booting-.-message.patch rename to 0203-Don-t-emit-Booting-.-message.patch diff --git a/0203-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch b/0204-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch similarity index 100% rename from 0203-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch rename to 0204-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch diff --git a/0204-use-fw_path-prefix-when-fallback-searching-for-grub-.patch b/0205-use-fw_path-prefix-when-fallback-searching-for-grub-.patch similarity index 100% rename from 0204-use-fw_path-prefix-when-fallback-searching-for-grub-.patch rename to 0205-use-fw_path-prefix-when-fallback-searching-for-grub-.patch diff --git a/0205-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch b/0206-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch similarity index 100% rename from 0205-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch rename to 0206-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch diff --git a/0206-Fix-convert-function-to-support-NVMe-devices.patch b/0207-Fix-convert-function-to-support-NVMe-devices.patch similarity index 100% rename from 0206-Fix-convert-function-to-support-NVMe-devices.patch rename to 0207-Fix-convert-function-to-support-NVMe-devices.patch diff --git a/0207-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch b/0207-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch deleted file mode 100644 index 5063449d..00000000 --- a/0207-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Fedora Ninjas -Date: Mon, 10 Feb 2014 16:13:10 -0500 -Subject: [PATCH] Switch to use APM Mustang device tree, for hardware testing. - -Signed-off-by: David A. Marlin ---- - util/grub.d/10_linux.in | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 2e533ffd8aa..4e9a6308b3c 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -254,8 +254,8 @@ while [ "x$list" != "x" ] ; do - - fdt= - for i in "dtb-${version}" "dtb-${alt_version}"; do -- if test -e "${dirname}/${i}/foundation-v8.dtb" ; then -- fdt="${i}/foundation-v8.dtb" -+ if test -e "${dirname}/${i}/apm-mustang.dtb" ; then -+ fdt="${i}/apm-mustang.dtb" - break - fi - done diff --git a/0208-Use-the-default-device-tree-from-the-grub-default-fi.patch b/0208-Use-the-default-device-tree-from-the-grub-default-fi.patch deleted file mode 100644 index 9b14a545..00000000 --- a/0208-Use-the-default-device-tree-from-the-grub-default-fi.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Fedora Ninjas -Date: Wed, 12 Feb 2014 14:54:04 -0500 -Subject: [PATCH] Use the default device tree from the grub default file - -instead of hardcoding a value. - -Signed-off-by: David A. Marlin ---- - util/grub-mkconfig.in | 3 ++- - util/grub.d/10_linux.in | 4 ++-- - 2 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index b0a8626dd1c..f68d4925ee6 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -254,7 +254,8 @@ export GRUB_DEFAULT \ - GRUB_ENABLE_CRYPTODISK \ - GRUB_BADRAM \ - GRUB_OS_PROBER_SKIP_LIST \ -- GRUB_DISABLE_SUBMENU -+ GRUB_DISABLE_SUBMENU \ -+ GRUB_DEFAULT_DTB - - if test "x${grub_cfg}" != "x"; then - rm -f "${grub_cfg}.new" -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 4e9a6308b3c..c548d989b2e 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -254,8 +254,8 @@ while [ "x$list" != "x" ] ; do - - fdt= - for i in "dtb-${version}" "dtb-${alt_version}"; do -- if test -e "${dirname}/${i}/apm-mustang.dtb" ; then -- fdt="${i}/apm-mustang.dtb" -+ if test -f "${dirname}/${i}/${GRUB_DEFAULT_DTB}" ; then -+ fdt="${i}/${GRUB_DEFAULT_DTB}" - break - fi - done diff --git a/0209-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0208-reopen-SNP-protocol-for-exclusive-use-by-grub.patch similarity index 100% rename from 0209-reopen-SNP-protocol-for-exclusive-use-by-grub.patch rename to 0208-reopen-SNP-protocol-for-exclusive-use-by-grub.patch diff --git a/0210-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0209-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch similarity index 100% rename from 0210-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch rename to 0209-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch diff --git a/0211-Add-grub_util_readlink.patch b/0210-Add-grub_util_readlink.patch similarity index 100% rename from 0211-Add-grub_util_readlink.patch rename to 0210-Add-grub_util_readlink.patch diff --git a/0212-Make-editenv-chase-symlinks-including-those-across-d.patch b/0211-Make-editenv-chase-symlinks-including-those-across-d.patch similarity index 100% rename from 0212-Make-editenv-chase-symlinks-including-those-across-d.patch rename to 0211-Make-editenv-chase-symlinks-including-those-across-d.patch diff --git a/0213-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch b/0212-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch similarity index 96% rename from 0213-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch rename to 0212-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch index bbe37b88..81e0e527 100644 --- a/0213-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +++ b/0212-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Jones 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index c548d989b2e..03ea8460bfd 100644 +index b744438e04a..43d98476b88 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -29,7 +29,8 @@ export TEXTDOMAINDIR="@localedir@" diff --git a/0214-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch b/0213-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch similarity index 100% rename from 0214-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch rename to 0213-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch diff --git a/0216-Try-prefix-if-fw_path-doesn-t-work.patch b/0214-Try-prefix-if-fw_path-doesn-t-work.patch similarity index 100% rename from 0216-Try-prefix-if-fw_path-doesn-t-work.patch rename to 0214-Try-prefix-if-fw_path-doesn-t-work.patch diff --git a/0215-Load-arm-with-SB-enabled.patch b/0215-Load-arm-with-SB-enabled.patch deleted file mode 100644 index 7edea378..00000000 --- a/0215-Load-arm-with-SB-enabled.patch +++ /dev/null @@ -1,426 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Sep 2014 11:26:14 -0400 -Subject: [PATCH] Load arm with SB enabled. - -Make sure we actually try to validate secure boot on this platform (even -though we're not shipping it enabled by default.) - -This means giving the kernel grub's loaded image as the vehicle for the -kernel command line, because we can't call systab->bs->LoadImage() if SB -is enabled. ---- - grub-core/Makefile.core.def | 3 + - grub-core/loader/arm64/linux.c | 121 ++++++++++++++++++++------------------ - grub-core/loader/efi/linux.c | 65 ++++++++++++++++++++ - grub-core/loader/i386/efi/linux.c | 39 +----------- - include/grub/arm64/linux.h | 7 +++ - include/grub/efi/linux.h | 31 ++++++++++ - 6 files changed, 173 insertions(+), 93 deletions(-) - create mode 100644 grub-core/loader/efi/linux.c - create mode 100644 include/grub/efi/linux.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 3f42ce16fad..e675ab2da01 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1704,6 +1704,8 @@ module = { - ia64_efi = loader/ia64/efi/linux.c; - arm = loader/arm/linux.c; - arm64 = loader/arm64/linux.c; -+ arm64 = loader/efi/linux.c; -+ fdt = lib/fdt.c; - common = loader/linux.c; - common = lib/cmdline.c; - enable = noemu; -@@ -1771,6 +1773,7 @@ module = { - name = linuxefi; - efi = loader/i386/efi/linux.c; - efi = lib/cmdline.c; -+ efi = loader/efi/linux.c; - enable = i386_efi; - enable = x86_64_efi; - }; -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index ebe1e730d63..ab0d27ee4df 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -29,6 +29,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -40,6 +41,7 @@ static int loaded; - - static void *kernel_addr; - static grub_uint64_t kernel_size; -+static grub_uint32_t handover_offset; - - static char *linux_args; - static grub_uint32_t cmdline_size; -@@ -66,7 +68,8 @@ grub_arm64_uefi_check_image (struct linux_arm64_kernel_header * lh) - static grub_err_t - finalize_params_linux (void) - { -- int node, retval; -+ grub_efi_loaded_image_t *loaded_image = NULL; -+ int node, retval, len; - - void *fdt; - -@@ -101,79 +104,73 @@ finalize_params_linux (void) - if (grub_fdt_install() != GRUB_ERR_NONE) - goto failure; - -- return GRUB_ERR_NONE; -- --failure: -- grub_fdt_unload(); -- return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); --} -- --grub_err_t --grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, char *args) --{ -- grub_efi_memory_mapped_device_path_t *mempath; -- grub_efi_handle_t image_handle; -- grub_efi_boot_services_t *b; -- grub_efi_status_t status; -- grub_efi_loaded_image_t *loaded_image; -- int len; -- -- mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t)); -- if (!mempath) -- return grub_errno; -- -- mempath[0].header.type = GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE; -- mempath[0].header.subtype = GRUB_EFI_MEMORY_MAPPED_DEVICE_PATH_SUBTYPE; -- mempath[0].header.length = grub_cpu_to_le16_compile_time (sizeof (*mempath)); -- mempath[0].memory_type = GRUB_EFI_LOADER_DATA; -- mempath[0].start_address = addr; -- mempath[0].end_address = addr + size; -- -- mempath[1].header.type = GRUB_EFI_END_DEVICE_PATH_TYPE; -- mempath[1].header.subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -- mempath[1].header.length = sizeof (grub_efi_device_path_t); -- -- b = grub_efi_system_table->boot_services; -- status = b->load_image (0, grub_efi_image_handle, -- (grub_efi_device_path_t *) mempath, -- (void *) addr, size, &image_handle); -- if (status != GRUB_EFI_SUCCESS) -- return grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -- -- grub_dprintf ("linux", "linux command line: '%s'\n", args); -+ grub_dprintf ("linux", "Installed/updated FDT configuration table @ %p\n", -+ fdt); - - /* Convert command line to UCS-2 */ -- loaded_image = grub_efi_get_loaded_image (image_handle); -+ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!loaded_image) -+ goto failure; -+ - loaded_image->load_options_size = len = -- (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t); -+ (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t); - loaded_image->load_options = - grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); - if (!loaded_image->load_options) -- return grub_errno; -+ return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters"); - - loaded_image->load_options_size = - 2 * grub_utf8_to_utf16 (loaded_image->load_options, len, -- (grub_uint8_t *) args, len, NULL); -+ (grub_uint8_t *) linux_args, len, NULL); - -- grub_dprintf ("linux", "starting image %p\n", image_handle); -- status = b->start_image (image_handle, 0, NULL); -+ return GRUB_ERR_NONE; - -- /* When successful, not reached */ -- b->unload_image (image_handle); -- grub_efi_free_pages ((grub_addr_t) loaded_image->load_options, -- GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+failure: -+ grub_fdt_unload(); -+ return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+} - -- return grub_errno; -+static void -+free_params (void) -+{ -+ grub_efi_loaded_image_t *loaded_image = NULL; -+ -+ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (loaded_image) -+ { -+ if (loaded_image->load_options) -+ grub_efi_free_pages ((grub_efi_physical_address_t) -+ loaded_image->load_options, -+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+ loaded_image->load_options = NULL; -+ loaded_image->load_options_size = 0; -+ } -+} -+ -+grub_err_t -+grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, char *args) -+{ -+ grub_err_t retval; -+ -+ retval = finalize_params_linux (); -+ if (retval != GRUB_ERR_NONE) -+ return grub_errno; -+ -+ grub_dprintf ("linux", "linux command line: '%s'\n", args); -+ -+ retval = grub_efi_linux_boot ((char *)kernel_addr, handover_offset, -+ kernel_addr); -+ -+ /* Never reached... */ -+ free_params(); -+ return retval; - } - - static grub_err_t - grub_linux_boot (void) - { -- if (finalize_params_linux () != GRUB_ERR_NONE) -- return grub_errno; -- -- return (grub_arm64_uefi_boot_image((grub_addr_t)kernel_addr, -- kernel_size, linux_args)); -+ return grub_arm64_uefi_boot_image ((grub_addr_t)kernel_addr, -+ kernel_size, linux_args); - } - - static grub_err_t -@@ -250,6 +247,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - grub_file_t file = 0; - struct linux_arm64_kernel_header lh; -+ struct grub_arm64_linux_pe_header *pe; - - grub_dl_ref (my_mod); - -@@ -294,6 +292,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - -+ if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); -+ goto fail; -+ } -+ -+ pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); -+ handover_offset = pe->opt.entry_addr; -+ - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); - linux_args = grub_malloc (cmdline_size); - if (!linux_args) -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -new file mode 100644 -index 00000000000..aea378adf5c ---- /dev/null -+++ b/grub-core/loader/efi/linux.c -@@ -0,0 +1,65 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2014 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define SHIM_LOCK_GUID \ -+ { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } -+ -+struct grub_efi_shim_lock -+{ -+ grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); -+}; -+typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -+ -+grub_efi_boolean_t -+grub_linuxefi_secure_validate (void *data, grub_uint32_t size) -+{ -+ grub_efi_guid_t guid = SHIM_LOCK_GUID; -+ grub_efi_shim_lock_t *shim_lock; -+ -+ shim_lock = grub_efi_locate_protocol(&guid, NULL); -+ -+ if (!shim_lock) -+ return 1; -+ -+ if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -+ return 1; -+ -+ return 0; -+} -+ -+typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); -+ -+grub_err_t -+grub_efi_linux_boot (void *kernel_addr, grub_off_t offset, -+ void *kernel_params) -+{ -+ handover_func hf; -+ -+ hf = (handover_func)((char *)kernel_addr + offset); -+ hf (grub_efi_image_handle, grub_efi_system_table, kernel_params); -+ -+ return GRUB_ERR_BUG; -+} -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index b79e6320ba9..e5b778577f9 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -26,6 +26,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -40,52 +41,18 @@ static char *linux_cmdline; - - #define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) - --#define SHIM_LOCK_GUID \ -- { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } -- --struct grub_efi_shim_lock --{ -- grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); --}; --typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -- --static grub_efi_boolean_t --grub_linuxefi_secure_validate (void *data, grub_uint32_t size) --{ -- grub_efi_guid_t guid = SHIM_LOCK_GUID; -- grub_efi_shim_lock_t *shim_lock; -- -- shim_lock = grub_efi_locate_protocol(&guid, NULL); -- -- if (!shim_lock) -- return 1; -- -- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -- return 1; -- -- return 0; --} -- --typedef void(*handover_func)(void *, grub_efi_system_table_t *, struct linux_kernel_params *); -- - static grub_err_t - grub_linuxefi_boot (void) - { -- handover_func hf; - int offset = 0; - - #ifdef __x86_64__ - offset = 512; - #endif -- -- hf = (handover_func)((char *)kernel_mem + handover_offset + offset); -- - asm volatile ("cli"); - -- hf (grub_efi_image_handle, grub_efi_system_table, params); -- -- /* Not reached */ -- return GRUB_ERR_NONE; -+ return grub_efi_linux_boot ((char *)kernel_mem, handover_offset + offset, -+ params); - } - - static grub_err_t -diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h -index b0634762450..6ea38bd95ab 100644 ---- a/include/grub/arm64/linux.h -+++ b/include/grub/arm64/linux.h -@@ -20,6 +20,7 @@ - #define GRUB_ARM64_LINUX_HEADER 1 - - #include -+#include - - #define GRUB_LINUX_ARM64_MAGIC_SIGNATURE 0x644d5241 /* 'ARM\x64' */ - -@@ -41,5 +42,11 @@ struct linux_arm64_kernel_header - grub_err_t grub_arm64_uefi_check_image (struct linux_arm64_kernel_header *lh); - grub_err_t grub_arm64_uefi_boot_image (grub_addr_t addr, grub_size_t size, - char *args); -+struct grub_arm64_linux_pe_header -+{ -+ grub_uint32_t magic; -+ struct grub_pe32_coff_header coff; -+ struct grub_pe64_optional_header opt; -+}; - - #endif /* ! GRUB_ARM64_LINUX_HEADER */ -diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h -new file mode 100644 -index 00000000000..d9ede36773b ---- /dev/null -+++ b/include/grub/efi/linux.h -@@ -0,0 +1,31 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2014 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+#ifndef GRUB_EFI_LINUX_HEADER -+#define GRUB_EFI_LINUX_HEADER 1 -+ -+#include -+#include -+#include -+ -+grub_efi_boolean_t -+EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); -+grub_err_t -+EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, -+ void *kernel_param); -+ -+#endif /* ! GRUB_EFI_LINUX_HEADER */ diff --git a/0217-Update-info-with-grub.cfg-netboot-selection-order-11.patch b/0215-Update-info-with-grub.cfg-netboot-selection-order-11.patch similarity index 100% rename from 0217-Update-info-with-grub.cfg-netboot-selection-order-11.patch rename to 0215-Update-info-with-grub.cfg-netboot-selection-order-11.patch diff --git a/0218-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch b/0216-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch similarity index 100% rename from 0218-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch rename to 0216-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch diff --git a/0219-Handle-rssd-storage-devices.patch b/0217-Handle-rssd-storage-devices.patch similarity index 100% rename from 0219-Handle-rssd-storage-devices.patch rename to 0217-Handle-rssd-storage-devices.patch diff --git a/0221-Make-grub2-mkconfig-construct-titles-that-look-like-.patch b/0218-Make-grub2-mkconfig-construct-titles-that-look-like-.patch similarity index 97% rename from 0221-Make-grub2-mkconfig-construct-titles-that-look-like-.patch rename to 0218-Make-grub2-mkconfig-construct-titles-that-look-like-.patch index 5b2a2510..3bbaa1d9 100644 --- a/0221-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +++ b/0218-Make-grub2-mkconfig-construct-titles-that-look-like-.patch @@ -12,7 +12,7 @@ Signed-off-by: Peter Jones 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 03ea8460bfd..4ad98fbd767 100644 +index 43d98476b88..a8a8e2cf325 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -78,6 +78,32 @@ case x"$GRUB_FS" in @@ -48,7 +48,7 @@ index 03ea8460bfd..4ad98fbd767 100644 title_correction_code= linux_entry () -@@ -105,17 +131,11 @@ linux_entry () +@@ -91,17 +117,11 @@ linux_entry () boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" fi if [ x$type != xsimple ] ; then diff --git a/0222-Add-friendly-grub2-password-config-tool-985962.patch b/0219-Add-friendly-grub2-password-config-tool-985962.patch similarity index 100% rename from 0222-Add-friendly-grub2-password-config-tool-985962.patch rename to 0219-Add-friendly-grub2-password-config-tool-985962.patch diff --git a/0220-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch b/0220-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch deleted file mode 100644 index 6faf353c..00000000 --- a/0220-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 27 Oct 2014 09:22:55 -0400 -Subject: [PATCH] Try to emit linux16/initrd16 and linuxefi/initrdefi in - 30-os_prober. - -Resolves: rhbz#1108296 - -Signed-off-by: Peter Jones ---- - util/grub.d/30_os-prober.in | 30 ++++++++++++++++++++++++++---- - 1 file changed, 26 insertions(+), 4 deletions(-) - -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 9b8f5968e2d..dc98eace934 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -141,6 +141,28 @@ for OS in ${OSPROBED} ; do - # os-prober returns text string followed by optional counter - CLASS="--class $(echo "${LABEL}" | LC_ALL=C sed 's,[[:digit:]]*$,,' | cut -d' ' -f1 | tr 'A-Z' 'a-z' | LC_ALL=C sed 's,[^[:alnum:]_],_,g')" - -+ sixteenbit="" -+ linuxefi="linux" -+ initrdefi="initrd" -+ case "$machine" in -+ i?86|x86_64) -+ sixteenbit="16" -+ linuxefi="linuxefi" -+ initrdefi="initrdefi" -+ ;; -+ aarch64) -+ linuxefi="linux" -+ initrdefi="initrd" -+ esac -+ linux="linux${sixteenbit}" -+ initrd="initrd${sixteenbit}" -+ # there's no way to tell that the /other/ os is booting through UEFI, -+ # but if we are it's an okay bet... -+ if [ -d /sys/firmware/efi ]; then -+ linux=$linuxefi -+ initrd=$initrdefi -+ fi -+ - gettext_printf "Found %s on %s\n" "${LONGNAME}" "${DEVICE}" >&2 - - case ${BOOT} in -@@ -241,11 +263,11 @@ EOF - save_default_entry | grub_add_tab - printf '%s\n' "${prepare_boot_cache}" - cat << EOF -- linux ${LKERNEL} ${LPARAMS} -+ ${linux} ${LKERNEL} ${LPARAMS} - EOF - if [ -n "${LINITRD}" ] ; then - cat << EOF -- initrd ${LINITRD} -+ ${initrd} ${LINITRD} - EOF - fi - cat << EOF -@@ -261,11 +283,11 @@ EOF - save_default_entry | sed -e "s/^/$grub_tab$grub_tab/" - printf '%s\n' "${prepare_boot_cache}" | grub_add_tab - cat << EOF -- linux ${LKERNEL} ${LPARAMS} -+ ${linux} ${LKERNEL} ${LPARAMS} - EOF - if [ -n "${LINITRD}" ] ; then - cat << EOF -- initrd ${LINITRD} -+ ${initrd} ${LINITRD} - EOF - fi - cat << EOF diff --git a/0223-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch b/0220-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch similarity index 100% rename from 0223-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch rename to 0220-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch diff --git a/0224-tcp-add-window-scaling-support.patch b/0221-tcp-add-window-scaling-support.patch similarity index 100% rename from 0224-tcp-add-window-scaling-support.patch rename to 0221-tcp-add-window-scaling-support.patch diff --git a/0225-efinet-retransmit-if-our-device-is-busy.patch b/0222-efinet-retransmit-if-our-device-is-busy.patch similarity index 100% rename from 0225-efinet-retransmit-if-our-device-is-busy.patch rename to 0222-efinet-retransmit-if-our-device-is-busy.patch diff --git a/0226-Be-more-aggro-about-actually-using-the-configured-ne.patch b/0223-Be-more-aggro-about-actually-using-the-configured-ne.patch similarity index 100% rename from 0226-Be-more-aggro-about-actually-using-the-configured-ne.patch rename to 0223-Be-more-aggro-about-actually-using-the-configured-ne.patch diff --git a/0227-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch b/0224-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch similarity index 100% rename from 0227-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch rename to 0224-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch diff --git a/0228-Fix-security-issue-when-reading-username-and-passwor.patch b/0225-Fix-security-issue-when-reading-username-and-passwor.patch similarity index 100% rename from 0228-Fix-security-issue-when-reading-username-and-passwor.patch rename to 0225-Fix-security-issue-when-reading-username-and-passwor.patch diff --git a/0229-Warn-if-grub-password-will-not-be-read-1290803.patch b/0226-Warn-if-grub-password-will-not-be-read-1290803.patch similarity index 100% rename from 0229-Warn-if-grub-password-will-not-be-read-1290803.patch rename to 0226-Warn-if-grub-password-will-not-be-read-1290803.patch diff --git a/0230-Clean-up-grub-setpassword-documentation-1290799.patch b/0227-Clean-up-grub-setpassword-documentation-1290799.patch similarity index 100% rename from 0230-Clean-up-grub-setpassword-documentation-1290799.patch rename to 0227-Clean-up-grub-setpassword-documentation-1290799.patch diff --git a/0231-Fix-locale-issue-in-grub-setpassword-1294243.patch b/0228-Fix-locale-issue-in-grub-setpassword-1294243.patch similarity index 100% rename from 0231-Fix-locale-issue-in-grub-setpassword-1294243.patch rename to 0228-Fix-locale-issue-in-grub-setpassword-1294243.patch diff --git a/0232-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch b/0229-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch similarity index 100% rename from 0232-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch rename to 0229-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch diff --git a/0233-efiemu-Fix-compilation-failure.patch b/0230-efiemu-Fix-compilation-failure.patch similarity index 100% rename from 0233-efiemu-Fix-compilation-failure.patch rename to 0230-efiemu-Fix-compilation-failure.patch diff --git a/0234-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0231-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch similarity index 100% rename from 0234-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch rename to 0231-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch diff --git a/0235-Add-a-url-parser.patch b/0232-Add-a-url-parser.patch similarity index 99% rename from 0235-Add-a-url-parser.patch rename to 0232-Add-a-url-parser.patch index cc7200d7..a15f20d5 100644 --- a/0235-Add-a-url-parser.patch +++ b/0232-Add-a-url-parser.patch @@ -20,10 +20,10 @@ Signed-off-by: Peter Jones create mode 100644 include/grub/net/url.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index e675ab2da01..338244f6b47 100644 +index 7ed07b3e2fd..8a0193fa5e3 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -2194,6 +2194,7 @@ module = { +@@ -2185,6 +2185,7 @@ module = { common = net/ethernet.c; common = net/arp.c; common = net/netbuff.c; diff --git a/0236-efinet-and-bootp-add-support-for-dhcpv6.patch b/0233-efinet-and-bootp-add-support-for-dhcpv6.patch similarity index 100% rename from 0236-efinet-and-bootp-add-support-for-dhcpv6.patch rename to 0233-efinet-and-bootp-add-support-for-dhcpv6.patch diff --git a/0237-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch b/0234-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch similarity index 97% rename from 0237-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch rename to 0234-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch index ad549320..d29654cb 100644 --- a/0237-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +++ b/0234-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch @@ -239,7 +239,7 @@ index bdb9982aefb..8218f3d477f 100644 if [ -z "$GRUB_DEVICE_UUID" ]; then GRUB_DEVICE_UUID="$GRUB_DEVICE_UUID_GENERATED" diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 4ad98fbd767..24a10f95d2c 100644 +index a8a8e2cf325..4e49ccdf742 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -111,7 +111,8 @@ linux_entry () @@ -250,9 +250,9 @@ index 4ad98fbd767..24a10f95d2c 100644 + isdebug="$4" + args="$5" - linuxcmd=linux - initrdcmd=initrd -@@ -137,6 +138,9 @@ linux_entry () + if [ -z "$boot_device_id" ]; then + boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" +@@ -123,6 +124,9 @@ linux_entry () quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)" title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;" fi @@ -262,7 +262,7 @@ index 4ad98fbd767..24a10f95d2c 100644 echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/" else echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/" -@@ -311,11 +315,15 @@ while [ "x$list" != "x" ] ; do +@@ -295,11 +299,15 @@ while [ "x$list" != "x" ] ; do fi if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xtrue ]; then @@ -280,7 +280,7 @@ index 4ad98fbd767..24a10f95d2c 100644 if [ -z "$boot_device_id" ]; then boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" fi -@@ -324,10 +332,15 @@ while [ "x$list" != "x" ] ; do +@@ -308,10 +316,15 @@ while [ "x$list" != "x" ] ; do is_top_level=false fi diff --git a/0238-Normalize-slashes-in-tftp-paths.patch b/0235-Normalize-slashes-in-tftp-paths.patch similarity index 100% rename from 0238-Normalize-slashes-in-tftp-paths.patch rename to 0235-Normalize-slashes-in-tftp-paths.patch diff --git a/0239-Fix-malformed-tftp-packets.patch b/0236-Fix-malformed-tftp-packets.patch similarity index 100% rename from 0239-Fix-malformed-tftp-packets.patch rename to 0236-Fix-malformed-tftp-packets.patch diff --git a/0241-bz1374141-fix-incorrect-mask-for-ppc64.patch b/0237-bz1374141-fix-incorrect-mask-for-ppc64.patch similarity index 100% rename from 0241-bz1374141-fix-incorrect-mask-for-ppc64.patch rename to 0237-bz1374141-fix-incorrect-mask-for-ppc64.patch diff --git a/0245-Make-grub_fatal-also-backtrace.patch b/0238-Make-grub_fatal-also-backtrace.patch similarity index 99% rename from 0245-Make-grub_fatal-also-backtrace.patch rename to 0238-Make-grub_fatal-also-backtrace.patch index 520c413e..f35e288b 100644 --- a/0245-Make-grub_fatal-also-backtrace.patch +++ b/0238-Make-grub_fatal-also-backtrace.patch @@ -13,7 +13,7 @@ Subject: [PATCH] Make grub_fatal() also backtrace. create mode 100644 grub-core/lib/arm64/backtrace.c diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 423def037c2..edf249f0002 100644 +index 8a0193fa5e3..9983d5fa6ad 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -175,6 +175,9 @@ kernel = { diff --git a/0248-Make-grub-editenv-build-again.patch b/0239-Make-grub-editenv-build-again.patch similarity index 100% rename from 0248-Make-grub-editenv-build-again.patch rename to 0239-Make-grub-editenv-build-again.patch diff --git a/0240-Fix-race-in-EFI-validation.patch b/0240-Fix-race-in-EFI-validation.patch deleted file mode 100644 index ce42a835..00000000 --- a/0240-Fix-race-in-EFI-validation.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Tue, 14 Jul 2015 16:58:51 -0700 -Subject: [PATCH] Fix race in EFI validation - ---- - grub-core/loader/i386/efi/linux.c | 44 ++++++++++----------------------------- - 1 file changed, 11 insertions(+), 33 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index e5b778577f9..7ccf32d9d45 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -154,7 +154,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_file_t file = 0; - struct linux_kernel_header lh; - grub_ssize_t len, start, filelen; -- void *kernel; -+ void *kernel = NULL; - - grub_dl_ref (my_mod); - -@@ -191,10 +191,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- grub_file_seek (file, 0); -- -- grub_free(kernel); -- - params = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(16384)); - - if (! params) -@@ -203,15 +199,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- memset (params, 0, 16384); -+ grub_memset (params, 0, 16384); - -- if (grub_file_read (file, &lh, sizeof (lh)) != sizeof (lh)) -- { -- if (!grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -- goto fail; -- } -+ grub_memcpy (&lh, kernel, sizeof (lh)); - - if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) - { -@@ -271,27 +261,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- if (grub_file_seek (file, start) == (grub_off_t) -1) -- { -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -- goto fail; -- } -+ grub_memcpy (kernel_mem, (char *)kernel + start, len); -+ grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -+ loaded=1; - -- if (grub_file_read (file, kernel_mem, len) != len && !grub_errno) -- { -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -- } -- -- if (grub_errno == GRUB_ERR_NONE) -- { -- grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -- loaded = 1; -- lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; -- } -- -- memcpy(params, &lh, 2 * 512); -+ lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; -+ grub_memcpy (params, &lh, 2 * 512); - - params->type_of_loader = 0x21; - -@@ -300,6 +275,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (file) - grub_file_close (file); - -+ if (kernel) -+ grub_free (kernel); -+ - if (grub_errno != GRUB_ERR_NONE) - { - grub_dl_unref (my_mod); diff --git a/0249-Fix-up-some-man-pages-rpmdiff-noticed.patch b/0240-Fix-up-some-man-pages-rpmdiff-noticed.patch similarity index 100% rename from 0249-Fix-up-some-man-pages-rpmdiff-noticed.patch rename to 0240-Fix-up-some-man-pages-rpmdiff-noticed.patch diff --git a/0259-Make-exit-take-a-return-code.patch b/0241-Make-exit-take-a-return-code.patch similarity index 100% rename from 0259-Make-exit-take-a-return-code.patch rename to 0241-Make-exit-take-a-return-code.patch diff --git a/0242-Use-device-part-of-chainloader-target-if-present.patch b/0242-Use-device-part-of-chainloader-target-if-present.patch deleted file mode 100644 index 28efeb03..00000000 --- a/0242-Use-device-part-of-chainloader-target-if-present.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Raymund Will -Date: Fri, 10 Apr 2015 01:45:02 -0400 -Subject: [PATCH] Use device part of chainloader target, if present. - -Otherwise chainloading is restricted to '$root', which might not even -be readable by EFI! - -v1. use grub_file_get_device_name() to get device name - -Signed-off-by: Michael Chang -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/chainloader.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index adc85636633..14ce6ddd7ad 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -223,8 +223,11 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (! file) - goto fail; - -- /* Get the root device's device path. */ -- dev = grub_device_open (0); -+ /* Get the device path from filename. */ -+ char *devname = grub_file_get_device_name (filename); -+ dev = grub_device_open (devname); -+ if (devname) -+ grub_free (devname); - if (! dev) - goto fail; - diff --git a/0260-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch b/0242-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch similarity index 100% rename from 0260-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch rename to 0242-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch diff --git a/0243-Add-secureboot-support-on-efi-chainloader.patch b/0243-Add-secureboot-support-on-efi-chainloader.patch deleted file mode 100644 index 538ff344..00000000 --- a/0243-Add-secureboot-support-on-efi-chainloader.patch +++ /dev/null @@ -1,797 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 6 Oct 2015 13:04:37 -0400 -Subject: [PATCH] Add secureboot support on efi chainloader - -Expand the chainloader to be able to verify the image by means of shim -lock protocol. The PE/COFF image is loaded and relocated by the -chainloader instead of calling LoadImage and StartImage UEFI boot -Service as they require positive verification result from keys enrolled -in KEK or DB. The shim will use MOK in addition to firmware enrolled -keys to verify the image. - -The chainloader module could be used to load other UEFI bootloaders, -such as xen.efi, and could be signed by any of MOK, KEK or DB. - -Based on https://build.opensuse.org/package/view_file/openSUSE:Factory/grub2/grub2-secureboot-chainloader.patch - -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/chainloader.c | 612 ++++++++++++++++++++++++++++++++++--- - include/grub/efi/pe32.h | 20 +- - 2 files changed, 595 insertions(+), 37 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 14ce6ddd7ad..87a91e16f17 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -32,6 +32,8 @@ - #include - #include - #include -+#include -+#include - #include - #include - #include -@@ -46,9 +48,14 @@ static grub_dl_t my_mod; - - static grub_efi_physical_address_t address; - static grub_efi_uintn_t pages; -+static grub_ssize_t fsize; - static grub_efi_device_path_t *file_path; - static grub_efi_handle_t image_handle; - static grub_efi_char16_t *cmdline; -+static grub_ssize_t cmdline_len; -+static grub_efi_handle_t dev_handle; -+ -+static grub_efi_status_t (*entry_point) (grub_efi_handle_t image_handle, grub_efi_system_table_t *system_table); - - static grub_err_t - grub_chainloader_unload (void) -@@ -63,6 +70,7 @@ grub_chainloader_unload (void) - grub_free (cmdline); - cmdline = 0; - file_path = 0; -+ dev_handle = 0; - - grub_dl_unref (my_mod); - return GRUB_ERR_NONE; -@@ -191,12 +199,523 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) - return file_path; - } - -+#define SHIM_LOCK_GUID \ -+ { 0x605dab50, 0xe046, 0x4300, { 0xab,0xb6,0x3d,0xd8,0x10,0xdd,0x8b,0x23 } } -+ -+typedef union -+{ -+ struct grub_pe32_header_32 pe32; -+ struct grub_pe32_header_64 pe32plus; -+} grub_pe_header_t; -+ -+struct pe_coff_loader_image_context -+{ -+ grub_efi_uint64_t image_address; -+ grub_efi_uint64_t image_size; -+ grub_efi_uint64_t entry_point; -+ grub_efi_uintn_t size_of_headers; -+ grub_efi_uint16_t image_type; -+ grub_efi_uint16_t number_of_sections; -+ grub_efi_uint32_t section_alignment; -+ struct grub_pe32_section_table *first_section; -+ struct grub_pe32_data_directory *reloc_dir; -+ struct grub_pe32_data_directory *sec_dir; -+ grub_efi_uint64_t number_of_rva_and_sizes; -+ grub_pe_header_t *pe_hdr; -+}; -+ -+typedef struct pe_coff_loader_image_context pe_coff_loader_image_context_t; -+ -+struct grub_efi_shim_lock -+{ -+ grub_efi_status_t (*verify)(void *buffer, -+ grub_efi_uint32_t size); -+ grub_efi_status_t (*hash)(void *data, -+ grub_efi_int32_t datasize, -+ pe_coff_loader_image_context_t *context, -+ grub_efi_uint8_t *sha256hash, -+ grub_efi_uint8_t *sha1hash); -+ grub_efi_status_t (*context)(void *data, -+ grub_efi_uint32_t size, -+ pe_coff_loader_image_context_t *context); -+}; -+ -+typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -+ -+static grub_efi_boolean_t -+read_header (void *data, grub_efi_uint32_t size, -+ pe_coff_loader_image_context_t *context) -+{ -+ grub_efi_guid_t guid = SHIM_LOCK_GUID; -+ grub_efi_shim_lock_t *shim_lock; -+ grub_efi_status_t status; -+ -+ shim_lock = grub_efi_locate_protocol (&guid, NULL); -+ -+ if (!shim_lock) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "no shim lock protocol"); -+ return 0; -+ } -+ -+ status = shim_lock->context (data, size, context); -+ -+ if (status == GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf ("chain", "context success\n"); -+ return 1; -+ } -+ -+ switch (status) -+ { -+ case GRUB_EFI_UNSUPPORTED: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error unsupported"); -+ break; -+ case GRUB_EFI_INVALID_PARAMETER: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error invalid parameter"); -+ break; -+ default: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error code"); -+ break; -+ } -+ -+ return 0; -+} -+ -+static void* -+image_address (void *image, grub_efi_uint64_t sz, grub_efi_uint64_t adr) -+{ -+ if (adr > sz) -+ return NULL; -+ -+ return ((grub_uint8_t*)image + adr); -+} -+ -+static int -+image_is_64_bit (grub_pe_header_t *pe_hdr) -+{ -+ /* .Magic is the same offset in all cases */ -+ if (pe_hdr->pe32plus.optional_header.magic == GRUB_PE32_PE64_MAGIC) -+ return 1; -+ return 0; -+} -+ -+static const grub_uint16_t machine_type = -+#if defined(__x86_64__) -+ GRUB_PE32_MACHINE_X86_64; -+#elif defined(__aarch64__) -+ GRUB_PE32_MACHINE_ARM64; -+#elif defined(__arm__) -+ GRUB_PE32_MACHINE_ARMTHUMB_MIXED; -+#elif defined(__i386__) || defined(__i486__) || defined(__i686__) -+ GRUB_PE32_MACHINE_I386; -+#elif defined(__ia64__) -+ GRUB_PE32_MACHINE_IA64; -+#else -+#error this architecture is not supported by grub2 -+#endif -+ -+static grub_efi_status_t -+relocate_coff (pe_coff_loader_image_context_t *context, -+ struct grub_pe32_section_table *section, -+ void *orig, void *data) -+{ -+ struct grub_pe32_data_directory *reloc_base, *reloc_base_end; -+ grub_efi_uint64_t adjust; -+ struct grub_pe32_fixup_block *reloc, *reloc_end; -+ char *fixup, *fixup_base, *fixup_data = NULL; -+ grub_efi_uint16_t *fixup_16; -+ grub_efi_uint32_t *fixup_32; -+ grub_efi_uint64_t *fixup_64; -+ grub_efi_uint64_t size = context->image_size; -+ void *image_end = (char *)orig + size; -+ int n = 0; -+ -+ if (image_is_64_bit (context->pe_hdr)) -+ context->pe_hdr->pe32plus.optional_header.image_base = -+ (grub_uint64_t)(unsigned long)data; -+ else -+ context->pe_hdr->pe32.optional_header.image_base = -+ (grub_uint32_t)(unsigned long)data; -+ -+ /* Alright, so here's how this works: -+ * -+ * context->reloc_dir gives us two things: -+ * - the VA the table of base relocation blocks are (maybe) to be -+ * mapped at (reloc_dir->rva) -+ * - the virtual size (reloc_dir->size) -+ * -+ * The .reloc section (section here) gives us some other things: -+ * - the name! kind of. (section->name) -+ * - the virtual size (section->virtual_size), which should be the same -+ * as RelocDir->Size -+ * - the virtual address (section->virtual_address) -+ * - the file section size (section->raw_data_size), which is -+ * a multiple of optional_header->file_alignment. Only useful for image -+ * validation, not really useful for iteration bounds. -+ * - the file address (section->raw_data_offset) -+ * - a bunch of stuff we don't use that's 0 in our binaries usually -+ * - Flags (section->characteristics) -+ * -+ * and then the thing that's actually at the file address is an array -+ * of struct grub_pe32_fixup_block structs with some values packed behind -+ * them. The block_size field of this structure includes the -+ * structure itself, and adding it to that structure's address will -+ * yield the next entry in the array. -+ */ -+ -+ reloc_base = image_address (orig, size, section->raw_data_offset); -+ reloc_base_end = image_address (orig, size, section->raw_data_offset -+ + section->virtual_size - 1); -+ -+ grub_dprintf ("chain", "reloc_base %p reloc_base_end %p\n", reloc_base, -+ reloc_base_end); -+ -+ if (!reloc_base && !reloc_base_end) -+ return GRUB_EFI_SUCCESS; -+ -+ if (!reloc_base || !reloc_base_end) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc table overflows binary"); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ adjust = (grub_uint64_t)data - context->image_address; -+ if (adjust == 0) -+ return GRUB_EFI_SUCCESS; -+ -+ while (reloc_base < reloc_base_end) -+ { -+ grub_uint16_t *entry; -+ reloc = (struct grub_pe32_fixup_block *)((char*)reloc_base); -+ -+ if ((reloc_base->size == 0) || -+ (reloc_base->size > context->reloc_dir->size)) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Reloc %d block size %d is invalid\n", n, -+ reloc_base->size); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ entry = &reloc->entries[0]; -+ reloc_end = (struct grub_pe32_fixup_block *) -+ ((char *)reloc_base + reloc_base->size); -+ -+ if ((void *)reloc_end < data || (void *)reloc_end > image_end) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc entry %d overflows binary", -+ n); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ fixup_base = image_address(data, size, reloc_base->rva); -+ -+ if (!fixup_base) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc %d Invalid fixupbase", n); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ while ((void *)entry < (void *)reloc_end) -+ { -+ fixup = fixup_base + (*entry & 0xFFF); -+ switch ((*entry) >> 12) -+ { -+ case GRUB_PE32_REL_BASED_ABSOLUTE: -+ break; -+ case GRUB_PE32_REL_BASED_HIGH: -+ fixup_16 = (grub_uint16_t *)fixup; -+ *fixup_16 = (grub_uint16_t) -+ (*fixup_16 + ((grub_uint16_t)((grub_uint32_t)adjust >> 16))); -+ if (fixup_data != NULL) -+ { -+ *(grub_uint16_t *) fixup_data = *fixup_16; -+ fixup_data = fixup_data + sizeof (grub_uint16_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_LOW: -+ fixup_16 = (grub_uint16_t *)fixup; -+ *fixup_16 = (grub_uint16_t) (*fixup_16 + (grub_uint16_t)adjust); -+ if (fixup_data != NULL) -+ { -+ *(grub_uint16_t *) fixup_data = *fixup_16; -+ fixup_data = fixup_data + sizeof (grub_uint16_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_HIGHLOW: -+ fixup_32 = (grub_uint32_t *)fixup; -+ *fixup_32 = *fixup_32 + (grub_uint32_t)adjust; -+ if (fixup_data != NULL) -+ { -+ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint32_t)); -+ *(grub_uint32_t *) fixup_data = *fixup_32; -+ fixup_data += sizeof (grub_uint32_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_DIR64: -+ fixup_64 = (grub_uint64_t *)fixup; -+ *fixup_64 = *fixup_64 + (grub_uint64_t)adjust; -+ if (fixup_data != NULL) -+ { -+ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint64_t)); -+ *(grub_uint64_t *) fixup_data = *fixup_64; -+ fixup_data += sizeof (grub_uint64_t); -+ } -+ break; -+ default: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Reloc %d unknown relocation type %d", -+ n, (*entry) >> 12); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ entry += 1; -+ } -+ reloc_base = (struct grub_pe32_data_directory *)reloc_end; -+ n++; -+ } -+ -+ return GRUB_EFI_SUCCESS; -+} -+ -+static grub_efi_device_path_t * -+grub_efi_get_media_file_path (grub_efi_device_path_t *dp) -+{ -+ while (1) -+ { -+ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); -+ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); -+ -+ if (type == GRUB_EFI_END_DEVICE_PATH_TYPE) -+ break; -+ else if (type == GRUB_EFI_MEDIA_DEVICE_PATH_TYPE -+ && subtype == GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE) -+ return dp; -+ -+ dp = GRUB_EFI_NEXT_DEVICE_PATH (dp); -+ } -+ -+ return NULL; -+} -+ -+static grub_efi_boolean_t -+handle_image (void *data, grub_efi_uint32_t datasize) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_loaded_image_t *li, li_bak; -+ grub_efi_status_t efi_status; -+ char *buffer = NULL; -+ char *buffer_aligned = NULL; -+ grub_efi_uint32_t i, size; -+ struct grub_pe32_section_table *section; -+ char *base, *end; -+ pe_coff_loader_image_context_t context; -+ grub_uint32_t section_alignment; -+ grub_uint32_t buffer_size; -+ -+ b = grub_efi_system_table->boot_services; -+ -+ if (read_header (data, datasize, &context)) -+ { -+ grub_dprintf ("chain", "Succeed to read header\n"); -+ } -+ else -+ { -+ grub_dprintf ("chain", "Failed to read header\n"); -+ goto error_exit; -+ } -+ -+ section_alignment = context.section_alignment; -+ buffer_size = context.image_size + section_alignment; -+ -+ efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, -+ buffer_size, &buffer); -+ -+ if (efi_status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto error_exit; -+ } -+ -+ buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment); -+ -+ if (!buffer_aligned) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto error_exit; -+ } -+ -+ grub_memcpy (buffer_aligned, data, context.size_of_headers); -+ -+ char *reloc_base, *reloc_base_end; -+ reloc_base = image_address (buffer_aligned, datasize, -+ context.reloc_dir->rva); -+ /* RelocBaseEnd here is the address of the last byte of the table */ -+ reloc_base_end = image_address (buffer_aligned, datasize, -+ context.reloc_dir->rva -+ + context.reloc_dir->size - 1); -+ struct grub_pe32_section_table *reloc_section = NULL; -+ -+ section = context.first_section; -+ for (i = 0; i < context.number_of_sections; i++, section++) -+ { -+ size = section->virtual_size; -+ if (size > section->raw_data_size) -+ size = section->raw_data_size; -+ -+ base = image_address (buffer_aligned, context.image_size, -+ section->virtual_address); -+ end = image_address (buffer_aligned, context.image_size, -+ section->virtual_address + size - 1); -+ -+ -+ /* We do want to process .reloc, but it's often marked -+ * discardable, so we don't want to memcpy it. */ -+ if (grub_memcmp (section->name, ".reloc\0\0", 8) == 0) -+ { -+ if (reloc_section) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Image has multiple relocation sections"); -+ goto error_exit; -+ } -+ -+ /* If it has nonzero sizes, and our bounds check -+ * made sense, and the VA and size match RelocDir's -+ * versions, then we believe in this section table. */ -+ if (section->raw_data_size && section->virtual_size && -+ base && end && reloc_base == base && reloc_base_end == end) -+ { -+ reloc_section = section; -+ } -+ } -+ -+ if (section->characteristics && GRUB_PE32_SCN_MEM_DISCARDABLE) -+ continue; -+ -+ if (!base || !end) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size"); -+ goto error_exit; -+ } -+ -+ if (section->virtual_address < context.size_of_headers || -+ section->raw_data_offset < context.size_of_headers) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Section %d is inside image headers", i); -+ goto error_exit; -+ } -+ -+ if (section->raw_data_size > 0) -+ grub_memcpy (base, (grub_efi_uint8_t*)data + section->raw_data_offset, -+ size); -+ -+ if (size < section->virtual_size) -+ grub_memset (base + size, 0, section->virtual_size - size); -+ -+ grub_dprintf ("chain", "copied section %s\n", section->name); -+ } -+ -+ /* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */ -+ if (context.number_of_rva_and_sizes <= 5) -+ { -+ grub_dprintf ("chain", "image has no relocation entry\n"); -+ goto error_exit; -+ } -+ -+ if (context.reloc_dir->size && reloc_section) -+ { -+ /* run the relocation fixups */ -+ efi_status = relocate_coff (&context, reloc_section, data, -+ buffer_aligned); -+ -+ if (efi_status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "relocation failed"); -+ goto error_exit; -+ } -+ } -+ -+ entry_point = image_address (buffer_aligned, context.image_size, -+ context.entry_point); -+ -+ if (!entry_point) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point"); -+ goto error_exit; -+ } -+ -+ li = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!li) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "no loaded image available"); -+ goto error_exit; -+ } -+ -+ grub_memcpy (&li_bak, li, sizeof (grub_efi_loaded_image_t)); -+ li->image_base = buffer_aligned; -+ li->image_size = context.image_size; -+ li->load_options = cmdline; -+ li->load_options_size = cmdline_len; -+ li->file_path = grub_efi_get_media_file_path (file_path); -+ li->device_handle = dev_handle; -+ if (li->file_path) -+ { -+ grub_printf ("file path: "); -+ grub_efi_print_device_path (li->file_path); -+ } -+ else -+ { -+ grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found"); -+ goto error_exit; -+ } -+ -+ efi_status = efi_call_2 (entry_point, grub_efi_image_handle, -+ grub_efi_system_table); -+ -+ grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); -+ efi_status = efi_call_1 (b->free_pool, buffer); -+ -+ return 1; -+ -+error_exit: -+ if (buffer) -+ efi_call_1 (b->free_pool, buffer); -+ -+ return 0; -+} -+ -+static grub_err_t -+grub_secureboot_chainloader_unload (void) -+{ -+ grub_efi_boot_services_t *b; -+ -+ b = grub_efi_system_table->boot_services; -+ efi_call_2 (b->free_pages, address, pages); -+ grub_free (file_path); -+ grub_free (cmdline); -+ cmdline = 0; -+ file_path = 0; -+ dev_handle = 0; -+ -+ grub_dl_unref (my_mod); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_secureboot_chainloader_boot (void) -+{ -+ handle_image ((void *)address, fsize); -+ grub_loader_unset (); -+ return grub_errno; -+} -+ - static grub_err_t - grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- grub_ssize_t size; - grub_efi_status_t status; - grub_efi_boot_services_t *b; - grub_device_t dev = 0; -@@ -204,7 +723,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_loaded_image_t *loaded_image; - char *filename; - void *boot_image = 0; -- grub_efi_handle_t dev_handle = 0; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -216,9 +734,36 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - address = 0; - image_handle = 0; - file_path = 0; -+ dev_handle = 0; - - b = grub_efi_system_table->boot_services; - -+ if (argc > 1) -+ { -+ int i; -+ grub_efi_char16_t *p16; -+ -+ for (i = 1, cmdline_len = 0; i < argc; i++) -+ cmdline_len += grub_strlen (argv[i]) + 1; -+ -+ cmdline_len *= sizeof (grub_efi_char16_t); -+ cmdline = p16 = grub_malloc (cmdline_len); -+ if (! cmdline) -+ goto fail; -+ -+ for (i = 1; i < argc; i++) -+ { -+ char *p8; -+ -+ p8 = argv[i]; -+ while (*p8) -+ *(p16++) = *(p8++); -+ -+ *(p16++) = ' '; -+ } -+ *(--p16) = 0; -+ } -+ - file = grub_file_open (filename); - if (! file) - goto fail; -@@ -267,14 +812,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_printf ("file path: "); - grub_efi_print_device_path (file_path); - -- size = grub_file_size (file); -- if (!size) -+ fsize = grub_file_size (file); -+ if (!fsize) - { - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), - filename); - goto fail; - } -- pages = (((grub_efi_uintn_t) size + ((1 << 12) - 1)) >> 12); -+ pages = (((grub_efi_uintn_t) fsize + ((1 << 12) - 1)) >> 12); - - status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_ANY_PAGES, - GRUB_EFI_LOADER_CODE, -@@ -288,7 +833,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - - boot_image = (void *) ((grub_addr_t) address); -- if (grub_file_read (file, boot_image, size) != size) -+ if (grub_file_read (file, boot_image, fsize) != fsize) - { - if (grub_errno == GRUB_ERR_NONE) - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -298,7 +843,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - - #if defined (__i386__) || defined (__x86_64__) -- if (size >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) -+ if (fsize >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) - { - struct grub_macho_fat_header *head = boot_image; - if (head->magic -@@ -307,6 +852,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_uint32_t i; - struct grub_macho_fat_arch *archs - = (struct grub_macho_fat_arch *) (head + 1); -+ -+ if (grub_efi_secure_boot()) -+ { -+ grub_error (GRUB_ERR_BAD_OS, -+ "MACHO binaries are forbidden with Secure Boot"); -+ goto fail; -+ } -+ - for (i = 0; i < grub_cpu_to_le32 (head->nfat_arch); i++) - { - if (GRUB_MACHO_CPUTYPE_IS_HOST_CURRENT (archs[i].cputype)) -@@ -321,21 +874,28 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - > ~grub_cpu_to_le32 (archs[i].size) - || grub_cpu_to_le32 (archs[i].offset) - + grub_cpu_to_le32 (archs[i].size) -- > (grub_size_t) size) -+ > (grub_size_t) fsize) - { - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), - filename); - goto fail; - } - boot_image = (char *) boot_image + grub_cpu_to_le32 (archs[i].offset); -- size = grub_cpu_to_le32 (archs[i].size); -+ fsize = grub_cpu_to_le32 (archs[i].size); - } - } - #endif - -+ if (grub_linuxefi_secure_validate((void *)address, fsize)) -+ { -+ grub_file_close (file); -+ grub_loader_set (grub_secureboot_chainloader_boot, -+ grub_secureboot_chainloader_unload, 0); -+ return 0; -+ } -+ - status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -- boot_image, size, -- &image_handle); -+ boot_image, fsize, &image_handle); - if (status != GRUB_EFI_SUCCESS) - { - if (status == GRUB_EFI_OUT_OF_RESOURCES) -@@ -357,33 +917,10 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - loaded_image->device_handle = dev_handle; - -- if (argc > 1) -+ if (cmdline) - { -- int i, len; -- grub_efi_char16_t *p16; -- -- for (i = 1, len = 0; i < argc; i++) -- len += grub_strlen (argv[i]) + 1; -- -- len *= sizeof (grub_efi_char16_t); -- cmdline = p16 = grub_malloc (len); -- if (! cmdline) -- goto fail; -- -- for (i = 1; i < argc; i++) -- { -- char *p8; -- -- p8 = argv[i]; -- while (*p8) -- *(p16++) = *(p8++); -- -- *(p16++) = ' '; -- } -- *(--p16) = 0; -- - loaded_image->load_options = cmdline; -- loaded_image->load_options_size = len; -+ loaded_image->load_options_size = cmdline_len; - } - - grub_file_close (file); -@@ -405,6 +942,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (address) - efi_call_2 (b->free_pages, address, pages); - -+ if (cmdline) -+ grub_free (cmdline); -+ - grub_dl_unref (my_mod); - - return grub_errno; -diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h -index 7d44732d2c3..6e24dae2cb6 100644 ---- a/include/grub/efi/pe32.h -+++ b/include/grub/efi/pe32.h -@@ -214,7 +214,11 @@ struct grub_pe64_optional_header - struct grub_pe32_section_table - { - char name[8]; -- grub_uint32_t virtual_size; -+ union -+ { -+ grub_uint32_t physical_address; -+ grub_uint32_t virtual_size; -+ }; - grub_uint32_t virtual_address; - grub_uint32_t raw_data_size; - grub_uint32_t raw_data_offset; -@@ -265,6 +269,20 @@ struct grub_pe32_header - #endif - }; - -+struct grub_pe32_header_32 -+{ -+ char signature[GRUB_PE32_SIGNATURE_SIZE]; -+ struct grub_pe32_coff_header coff_header; -+ struct grub_pe32_optional_header optional_header; -+}; -+ -+struct grub_pe32_header_64 -+{ -+ char signature[GRUB_PE32_SIGNATURE_SIZE]; -+ struct grub_pe32_coff_header coff_header; -+ struct grub_pe64_optional_header optional_header; -+}; -+ - struct grub_pe32_fixup_block - { - grub_uint32_t page_rva; diff --git a/0262-Make-our-info-pages-say-grub2-where-appropriate.patch b/0243-Make-our-info-pages-say-grub2-where-appropriate.patch similarity index 100% rename from 0262-Make-our-info-pages-say-grub2-where-appropriate.patch rename to 0243-Make-our-info-pages-say-grub2-where-appropriate.patch diff --git a/0263-print-more-debug-info-in-our-module-loader.patch b/0244-print-more-debug-info-in-our-module-loader.patch similarity index 100% rename from 0263-print-more-debug-info-in-our-module-loader.patch rename to 0244-print-more-debug-info-in-our-module-loader.patch diff --git a/0264-macos-just-build-chainloader-entries-don-t-try-any-x.patch b/0245-macos-just-build-chainloader-entries-don-t-try-any-x.patch similarity index 98% rename from 0264-macos-just-build-chainloader-entries-don-t-try-any-x.patch rename to 0245-macos-just-build-chainloader-entries-don-t-try-any-x.patch index 1038a93f..3a761c0c 100644 --- a/0264-macos-just-build-chainloader-entries-don-t-try-any-x.patch +++ b/0245-macos-just-build-chainloader-entries-don-t-try-any-x.patch @@ -20,7 +20,7 @@ Signed-off-by: Peter Jones 1 file changed, 18 insertions(+), 60 deletions(-) diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index e40274fc0f4..d979de1982a 100644 +index 9b8f5968e2d..13a3a6bc752 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in @@ -42,68 +42,25 @@ if [ -z "${OSPROBED}" ] ; then @@ -104,7 +104,7 @@ index e40274fc0f4..d979de1982a 100644 } EOF } -@@ -307,11 +264,12 @@ EOF +@@ -284,11 +241,12 @@ EOF echo "$title_correction_code" ;; macosx) diff --git a/0265-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch b/0246-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch similarity index 100% rename from 0265-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch rename to 0246-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch diff --git a/0266-export-btrfs_subvol-and-btrfs_subvolid.patch b/0247-export-btrfs_subvol-and-btrfs_subvolid.patch similarity index 100% rename from 0266-export-btrfs_subvol-and-btrfs_subvolid.patch rename to 0247-export-btrfs_subvol-and-btrfs_subvolid.patch diff --git a/0267-grub2-btrfs-03-follow_default.patch b/0248-grub2-btrfs-03-follow_default.patch similarity index 100% rename from 0267-grub2-btrfs-03-follow_default.patch rename to 0248-grub2-btrfs-03-follow_default.patch diff --git a/0268-grub2-btrfs-04-grub2-install.patch b/0249-grub2-btrfs-04-grub2-install.patch similarity index 100% rename from 0268-grub2-btrfs-04-grub2-install.patch rename to 0249-grub2-btrfs-04-grub2-install.patch diff --git a/0250-Re-work-some-intricacies-of-PE-loading.patch b/0250-Re-work-some-intricacies-of-PE-loading.patch deleted file mode 100644 index dc4cdd77..00000000 --- a/0250-Re-work-some-intricacies-of-PE-loading.patch +++ /dev/null @@ -1,350 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 9 Jun 2016 12:22:29 -0400 -Subject: [PATCH] Re-work some intricacies of PE loading. - -The PE spec is not a well written document, and awesomely every place -where there's an ambiguous way to read something, Windows' bootmgfw.efi -takes a different read than either of them. ---- - grub-core/loader/efi/chainloader.c | 156 +++++++++++++++++++++++++++++-------- - include/grub/efi/pe32.h | 32 +++++++- - 2 files changed, 152 insertions(+), 36 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index aee8e6becf6..4b77a7d5adb 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -301,7 +301,7 @@ image_is_64_bit (grub_pe_header_t *pe_hdr) - return 0; - } - --static const grub_uint16_t machine_type = -+static const grub_uint16_t machine_type __attribute__((__unused__)) = - #if defined(__x86_64__) - GRUB_PE32_MACHINE_X86_64; - #elif defined(__aarch64__) -@@ -367,10 +367,10 @@ relocate_coff (pe_coff_loader_image_context_t *context, - - reloc_base = image_address (orig, size, section->raw_data_offset); - reloc_base_end = image_address (orig, size, section->raw_data_offset -- + section->virtual_size - 1); -+ + section->virtual_size); - -- grub_dprintf ("chain", "reloc_base %p reloc_base_end %p\n", reloc_base, -- reloc_base_end); -+ grub_dprintf ("chain", "relocate_coff(): reloc_base %p reloc_base_end %p\n", -+ reloc_base, reloc_base_end); - - if (!reloc_base && !reloc_base_end) - return GRUB_EFI_SUCCESS; -@@ -507,12 +507,13 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_efi_status_t efi_status; - char *buffer = NULL; - char *buffer_aligned = NULL; -- grub_efi_uint32_t i, size; -+ grub_efi_uint32_t i; - struct grub_pe32_section_table *section; - char *base, *end; - pe_coff_loader_image_context_t context; - grub_uint32_t section_alignment; - grub_uint32_t buffer_size; -+ int found_entry_point = 0; - - b = grub_efi_system_table->boot_services; - -@@ -526,8 +527,28 @@ handle_image (void *data, grub_efi_uint32_t datasize) - goto error_exit; - } - -+ /* -+ * The spec says, uselessly, of SectionAlignment: -+ * ===== -+ * The alignment (in bytes) of sections when they are loaded into -+ * memory. It must be greater than or equal to FileAlignment. The -+ * default is the page size for the architecture. -+ * ===== -+ * Which doesn't tell you whose responsibility it is to enforce the -+ * "default", or when. It implies that the value in the field must -+ * be > FileAlignment (also poorly defined), but it appears visual -+ * studio will happily write 512 for FileAlignment (its default) and -+ * 0 for SectionAlignment, intending to imply PAGE_SIZE. -+ * -+ * We only support one page size, so if it's zero, nerf it to 4096. -+ */ - section_alignment = context.section_alignment; -+ if (section_alignment == 0) -+ section_alignment = 4096; -+ - buffer_size = context.image_size + section_alignment; -+ grub_dprintf ("chain", "image size is %08lx, datasize is %08x\n", -+ context.image_size, datasize); - - efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, - buffer_size, &buffer); -@@ -539,7 +560,6 @@ handle_image (void *data, grub_efi_uint32_t datasize) - } - - buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment); -- - if (!buffer_aligned) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -@@ -548,27 +568,62 @@ handle_image (void *data, grub_efi_uint32_t datasize) - - grub_memcpy (buffer_aligned, data, context.size_of_headers); - -+ entry_point = image_address (buffer_aligned, context.image_size, -+ context.entry_point); -+ -+ grub_dprintf ("chain", "entry_point: %p\n", entry_point); -+ if (!entry_point) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point"); -+ goto error_exit; -+ } -+ - char *reloc_base, *reloc_base_end; -- reloc_base = image_address (buffer_aligned, datasize, -+ grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n", -+ (void *)(unsigned long long)context.reloc_dir->rva, -+ context.reloc_dir->size); -+ reloc_base = image_address (buffer_aligned, context.image_size, - context.reloc_dir->rva); - /* RelocBaseEnd here is the address of the last byte of the table */ -- reloc_base_end = image_address (buffer_aligned, datasize, -+ reloc_base_end = image_address (buffer_aligned, context.image_size, - context.reloc_dir->rva - + context.reloc_dir->size - 1); -+ grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n", -+ reloc_base, reloc_base_end); -+ - struct grub_pe32_section_table *reloc_section = NULL; - - section = context.first_section; - for (i = 0; i < context.number_of_sections; i++, section++) - { -- size = section->virtual_size; -- if (size > section->raw_data_size) -- size = section->raw_data_size; -+ char name[9]; - - base = image_address (buffer_aligned, context.image_size, - section->virtual_address); - end = image_address (buffer_aligned, context.image_size, -- section->virtual_address + size - 1); -+ section->virtual_address + section->virtual_size -1); - -+ grub_strncpy(name, section->name, 9); -+ name[8] = '\0'; -+ grub_dprintf ("chain", "Section %d \"%s\" at %p..%p\n", i, -+ name, base, end); -+ -+ if (end < base) -+ { -+ grub_dprintf ("chain", " base is %p but end is %p... bad.\n", -+ base, end); -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Image has invalid negative size"); -+ goto error_exit; -+ } -+ -+ if (section->virtual_address <= context.entry_point && -+ (section->virtual_address + section->raw_data_size - 1) -+ > context.entry_point) -+ { -+ found_entry_point++; -+ grub_dprintf ("chain", " section contains entry point\n"); -+ } - - /* We do want to process .reloc, but it's often marked - * discardable, so we don't want to memcpy it. */ -@@ -587,21 +642,46 @@ handle_image (void *data, grub_efi_uint32_t datasize) - if (section->raw_data_size && section->virtual_size && - base && end && reloc_base == base && reloc_base_end == end) - { -+ grub_dprintf ("chain", " section is relocation section\n"); - reloc_section = section; - } -+ else -+ { -+ grub_dprintf ("chain", " section is not reloc section?\n"); -+ grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n", -+ section->raw_data_size, section->virtual_size); -+ grub_dprintf ("chain", " base: %p end: %p\n", base, end); -+ grub_dprintf ("chain", " reloc_base: %p reloc_base_end: %p\n", -+ reloc_base, reloc_base_end); -+ } - } - -- if (section->characteristics && GRUB_PE32_SCN_MEM_DISCARDABLE) -- continue; -+ grub_dprintf ("chain", " Section characteristics are %08x\n", -+ section->characteristics); -+ grub_dprintf ("chain", " Section virtual size: %08x\n", -+ section->virtual_size); -+ grub_dprintf ("chain", " Section raw_data size: %08x\n", -+ section->raw_data_size); -+ if (section->characteristics & GRUB_PE32_SCN_MEM_DISCARDABLE) -+ { -+ grub_dprintf ("chain", " Discarding section\n"); -+ continue; -+ } - - if (!base || !end) - { -+ grub_dprintf ("chain", " section is invalid\n"); - grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size"); - goto error_exit; - } - -- if (section->virtual_address < context.size_of_headers || -- section->raw_data_offset < context.size_of_headers) -+ if (section->characteristics & GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA) -+ { -+ if (section->raw_data_size != 0) -+ grub_dprintf ("chain", " UNINITIALIZED_DATA section has data?\n"); -+ } -+ else if (section->virtual_address < context.size_of_headers || -+ section->raw_data_offset < context.size_of_headers) - { - grub_error (GRUB_ERR_BAD_ARGUMENT, - "Section %d is inside image headers", i); -@@ -609,13 +689,24 @@ handle_image (void *data, grub_efi_uint32_t datasize) - } - - if (section->raw_data_size > 0) -- grub_memcpy (base, (grub_efi_uint8_t*)data + section->raw_data_offset, -- size); -+ { -+ grub_dprintf ("chain", " copying 0x%08x bytes to %p\n", -+ section->raw_data_size, base); -+ grub_memcpy (base, -+ (grub_efi_uint8_t*)data + section->raw_data_offset, -+ section->raw_data_size); -+ } - -- if (size < section->virtual_size) -- grub_memset (base + size, 0, section->virtual_size - size); -+ if (section->raw_data_size < section->virtual_size) -+ { -+ grub_dprintf ("chain", " padding with 0x%08x bytes at %p\n", -+ section->virtual_size - section->raw_data_size, -+ base + section->raw_data_size); -+ grub_memset (base + section->raw_data_size, 0, -+ section->virtual_size - section->raw_data_size); -+ } - -- grub_dprintf ("chain", "copied section %s\n", section->name); -+ grub_dprintf ("chain", " finished section %s\n", name); - } - - /* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */ -@@ -638,12 +729,15 @@ handle_image (void *data, grub_efi_uint32_t datasize) - } - } - -- entry_point = image_address (buffer_aligned, context.image_size, -- context.entry_point); -- -- if (!entry_point) -+ if (!found_entry_point) - { -- grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point"); -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "entry point is not within sections"); -+ goto error_exit; -+ } -+ if (found_entry_point > 1) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "%d sections contain entry point", -+ found_entry_point); - goto error_exit; - } - -@@ -661,26 +755,24 @@ handle_image (void *data, grub_efi_uint32_t datasize) - li->load_options_size = cmdline_len; - li->file_path = grub_efi_get_media_file_path (file_path); - li->device_handle = dev_handle; -- if (li->file_path) -- { -- grub_printf ("file path: "); -- grub_efi_print_device_path (li->file_path); -- } -- else -+ if (!li->file_path) - { - grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found"); - goto error_exit; - } - -+ grub_dprintf ("chain", "booting via entry point\n"); - efi_status = efi_call_2 (entry_point, grub_efi_image_handle, - grub_efi_system_table); - -+ grub_dprintf ("chain", "entry_point returned %ld\n", efi_status); - grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); - efi_status = efi_call_1 (b->free_pool, buffer); - - return 1; - - error_exit: -+ grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno); - if (buffer) - efi_call_1 (b->free_pool, buffer); - -diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h -index 6e24dae2cb6..c03cc599f63 100644 ---- a/include/grub/efi/pe32.h -+++ b/include/grub/efi/pe32.h -@@ -229,12 +229,18 @@ struct grub_pe32_section_table - grub_uint32_t characteristics; - }; - -+#define GRUB_PE32_SCN_TYPE_NO_PAD 0x00000008 - #define GRUB_PE32_SCN_CNT_CODE 0x00000020 - #define GRUB_PE32_SCN_CNT_INITIALIZED_DATA 0x00000040 --#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 --#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 --#define GRUB_PE32_SCN_MEM_READ 0x40000000 --#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 -+#define GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA 0x00000080 -+#define GRUB_PE32_SCN_LNK_OTHER 0x00000100 -+#define GRUB_PE32_SCN_LNK_INFO 0x00000200 -+#define GRUB_PE32_SCN_LNK_REMOVE 0x00000800 -+#define GRUB_PE32_SCN_LNK_COMDAT 0x00001000 -+#define GRUB_PE32_SCN_GPREL 0x00008000 -+#define GRUB_PE32_SCN_MEM_16BIT 0x00020000 -+#define GRUB_PE32_SCN_MEM_LOCKED 0x00040000 -+#define GRUB_PE32_SCN_MEM_PRELOAD 0x00080000 - - #define GRUB_PE32_SCN_ALIGN_1BYTES 0x00100000 - #define GRUB_PE32_SCN_ALIGN_2BYTES 0x00200000 -@@ -243,10 +249,28 @@ struct grub_pe32_section_table - #define GRUB_PE32_SCN_ALIGN_16BYTES 0x00500000 - #define GRUB_PE32_SCN_ALIGN_32BYTES 0x00600000 - #define GRUB_PE32_SCN_ALIGN_64BYTES 0x00700000 -+#define GRUB_PE32_SCN_ALIGN_128BYTES 0x00800000 -+#define GRUB_PE32_SCN_ALIGN_256BYTES 0x00900000 -+#define GRUB_PE32_SCN_ALIGN_512BYTES 0x00A00000 -+#define GRUB_PE32_SCN_ALIGN_1024BYTES 0x00B00000 -+#define GRUB_PE32_SCN_ALIGN_2048BYTES 0x00C00000 -+#define GRUB_PE32_SCN_ALIGN_4096BYTES 0x00D00000 -+#define GRUB_PE32_SCN_ALIGN_8192BYTES 0x00E00000 - - #define GRUB_PE32_SCN_ALIGN_SHIFT 20 - #define GRUB_PE32_SCN_ALIGN_MASK 7 - -+#define GRUB_PE32_SCN_LNK_NRELOC_OVFL 0x01000000 -+#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 -+#define GRUB_PE32_SCN_MEM_NOT_CACHED 0x04000000 -+#define GRUB_PE32_SCN_MEM_NOT_PAGED 0x08000000 -+#define GRUB_PE32_SCN_MEM_SHARED 0x10000000 -+#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 -+#define GRUB_PE32_SCN_MEM_READ 0x40000000 -+#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 -+ -+ -+ - #define GRUB_PE32_SIGNATURE_SIZE 4 - - struct grub_pe32_header diff --git a/0269-grub2-btrfs-05-grub2-mkconfig.patch b/0250-grub2-btrfs-05-grub2-mkconfig.patch similarity index 99% rename from 0269-grub2-btrfs-05-grub2-mkconfig.patch rename to 0250-grub2-btrfs-05-grub2-mkconfig.patch index 699bc939..d7bfb4d8 100644 --- a/0269-grub2-btrfs-05-grub2-mkconfig.patch +++ b/0250-grub2-btrfs-05-grub2-mkconfig.patch @@ -88,7 +88,7 @@ index 858b526c925..e2a53300126 100644 +EOF +fi diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 24a10f95d2c..69415af69b2 100644 +index 4e49ccdf742..d9a05937e46 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in @@ -66,10 +66,14 @@ fi diff --git a/0251-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch b/0251-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch deleted file mode 100644 index 061999ef..00000000 --- a/0251-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch +++ /dev/null @@ -1,412 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 10 Jun 2016 14:06:15 -0400 -Subject: [PATCH] Rework even more of efi chainload so non-sb cases work right. - -This ensures that if shim protocol is not loaded, or is loaded but shim -is disabled, we will fall back to a correct load method for the efi -chain loader. - -Here's what I tested with this version: - -results expected actual ------------------------------------------------------------- -sb + enabled + shim + fedora success success -sb + enabled + shim + win success success -sb + enabled + grub + fedora fail fail -sb + enabled + grub + win fail fail - -sb + mokdisabled + shim + fedora success success -sb + mokdisabled + shim + win success success -sb + mokdisabled + grub + fedora fail fail -sb + mokdisabled + grub + win fail fail - -sb disabled + shim + fedora success success* -sb disabled + shim + win success success* -sb disabled + grub + fedora success success -sb disabled + grub + win success success - -nosb + shim + fedora success success* -nosb + shim + win success success* -nosb + grub + fedora success success -nosb + grub + win success success - -* for some reason shim protocol is being installed in these cases, and I - can't see why, but I think it may be this firmware build returning an - erroneous value. But this effectively falls back to the mokdisabled - behavior, which works correctly, and the presence of the "grub" (i.e. - no shim) tests effectively tests the desired behavior here. - -Resolves: rhbz#1344512 - -Signed-off-by: Peter Jones ---- - grub-core/kern/efi/sb.c | 14 +++-- - grub-core/loader/arm64/linux.c | 4 +- - grub-core/loader/efi/chainloader.c | 124 ++++++++++++++++++++++--------------- - grub-core/loader/efi/linux.c | 13 ++-- - grub-core/loader/i386/efi/linux.c | 10 ++- - include/grub/efi/linux.h | 2 +- - 6 files changed, 103 insertions(+), 64 deletions(-) - -diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c -index a41b6c5b851..d74778b0cac 100644 ---- a/grub-core/kern/efi/sb.c -+++ b/grub-core/kern/efi/sb.c -@@ -36,14 +36,20 @@ grub_efi_secure_boot (void) - grub_efi_boolean_t ret = 0; - - secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -- - if (datasize != 1 || !secure_boot) -- goto out; -+ { -+ grub_dprintf ("secureboot", "No SecureBoot variable\n"); -+ goto out; -+ } -+ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); - - setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -- - if (datasize != 1 || !setup_mode) -- goto out; -+ { -+ grub_dprintf ("secureboot", "No SetupMode variable\n"); -+ goto out; -+ } -+ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); - - if (*secure_boot && !*setup_mode) - ret = 1; -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index ab0d27ee4df..fcab2ed37e7 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -248,6 +248,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_file_t file = 0; - struct linux_arm64_kernel_header lh; - struct grub_arm64_linux_pe_header *pe; -+ int rc; - - grub_dl_ref (my_mod); - -@@ -292,7 +293,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - -- if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) -+ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -+ if (rc < 0) - { - grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); - goto fail; -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 4b77a7d5adb..b977c7b5573 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -182,7 +182,6 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) - /* Fill the file path for the directory. */ - d = (grub_efi_device_path_t *) ((char *) file_path - + ((char *) d - (char *) dp)); -- grub_efi_print_device_path (d); - copy_file_path ((grub_efi_file_path_device_path_t *) d, - dir_start, dir_end - dir_start); - -@@ -252,10 +251,9 @@ read_header (void *data, grub_efi_uint32_t size, - grub_efi_status_t status; - - shim_lock = grub_efi_locate_protocol (&guid, NULL); -- - if (!shim_lock) - { -- grub_error (GRUB_ERR_BAD_ARGUMENT, "no shim lock protocol"); -+ grub_dprintf ("chain", "no shim lock protocol"); - return 0; - } - -@@ -280,7 +278,7 @@ read_header (void *data, grub_efi_uint32_t size, - break; - } - -- return 0; -+ return -1; - } - - static void* -@@ -381,7 +379,7 @@ relocate_coff (pe_coff_loader_image_context_t *context, - return GRUB_EFI_UNSUPPORTED; - } - -- adjust = (grub_uint64_t)data - context->image_address; -+ adjust = (grub_uint64_t)(grub_efi_uintn_t)data - context->image_address; - if (adjust == 0) - return GRUB_EFI_SUCCESS; - -@@ -514,18 +512,25 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_uint32_t section_alignment; - grub_uint32_t buffer_size; - int found_entry_point = 0; -+ int rc; - - b = grub_efi_system_table->boot_services; - -- if (read_header (data, datasize, &context)) -- { -- grub_dprintf ("chain", "Succeed to read header\n"); -- } -- else -+ rc = read_header (data, datasize, &context); -+ if (rc < 0) - { - grub_dprintf ("chain", "Failed to read header\n"); - goto error_exit; - } -+ else if (rc == 0) -+ { -+ grub_dprintf ("chain", "Secure Boot is not enabled\n"); -+ return 0; -+ } -+ else -+ { -+ grub_dprintf ("chain", "Header read without error\n"); -+ } - - /* - * The spec says, uselessly, of SectionAlignment: -@@ -547,7 +552,7 @@ handle_image (void *data, grub_efi_uint32_t datasize) - section_alignment = 4096; - - buffer_size = context.image_size + section_alignment; -- grub_dprintf ("chain", "image size is %08lx, datasize is %08x\n", -+ grub_dprintf ("chain", "image size is %08"PRIxGRUB_UINT64_T", datasize is %08x\n", - context.image_size, datasize); - - efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, -@@ -580,7 +585,7 @@ handle_image (void *data, grub_efi_uint32_t datasize) - - char *reloc_base, *reloc_base_end; - grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n", -- (void *)(unsigned long long)context.reloc_dir->rva, -+ (void *)(unsigned long)context.reloc_dir->rva, - context.reloc_dir->size); - reloc_base = image_address (buffer_aligned, context.image_size, - context.reloc_dir->rva); -@@ -796,10 +801,56 @@ grub_secureboot_chainloader_unload (void) - return GRUB_ERR_NONE; - } - -+static grub_err_t -+grub_load_and_start_image(void *boot_image) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_status_t status; -+ grub_efi_loaded_image_t *loaded_image; -+ -+ b = grub_efi_system_table->boot_services; -+ -+ status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -+ boot_image, fsize, &image_handle); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (status == GRUB_EFI_OUT_OF_RESOURCES) -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); -+ else -+ grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -+ return -1; -+ } -+ -+ /* LoadImage does not set a device handler when the image is -+ loaded from memory, so it is necessary to set it explicitly here. -+ This is a mess. */ -+ loaded_image = grub_efi_get_loaded_image (image_handle); -+ if (! loaded_image) -+ { -+ grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); -+ return -1; -+ } -+ loaded_image->device_handle = dev_handle; -+ -+ if (cmdline) -+ { -+ loaded_image->load_options = cmdline; -+ loaded_image->load_options_size = cmdline_len; -+ } -+ -+ return 0; -+} -+ - static grub_err_t - grub_secureboot_chainloader_boot (void) - { -- handle_image ((void *)address, fsize); -+ int rc; -+ rc = handle_image ((void *)(unsigned long)address, fsize); -+ if (rc == 0) -+ { -+ grub_load_and_start_image((void *)(unsigned long)address); -+ } -+ - grub_loader_unset (); - return grub_errno; - } -@@ -813,9 +864,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_boot_services_t *b; - grub_device_t dev = 0; - grub_efi_device_path_t *dp = 0; -- grub_efi_loaded_image_t *loaded_image; - char *filename; - void *boot_image = 0; -+ int rc; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -902,9 +953,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (! file_path) - goto fail; - -- grub_printf ("file path: "); -- grub_efi_print_device_path (file_path); -- - fsize = grub_file_size (file); - if (!fsize) - { -@@ -979,51 +1027,27 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -- if (grub_linuxefi_secure_validate((void *)address, fsize)) -+ rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); -+ grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); -+ if (rc > 0) - { - grub_file_close (file); - grub_loader_set (grub_secureboot_chainloader_boot, - grub_secureboot_chainloader_unload, 0); - return 0; - } -- -- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -- boot_image, fsize, &image_handle); -- if (status != GRUB_EFI_SUCCESS) -+ else if (rc == 0) - { -- if (status == GRUB_EFI_OUT_OF_RESOURCES) -- grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); -- else -- grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -- -- goto fail; -- } -+ grub_load_and_start_image(boot_image); -+ grub_file_close (file); -+ grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); - -- /* LoadImage does not set a device handler when the image is -- loaded from memory, so it is necessary to set it explicitly here. -- This is a mess. */ -- loaded_image = grub_efi_get_loaded_image (image_handle); -- if (! loaded_image) -- { -- grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); -- goto fail; -- } -- loaded_image->device_handle = dev_handle; -- -- if (cmdline) -- { -- loaded_image->load_options = cmdline; -- loaded_image->load_options_size = cmdline_len; -+ return 0; - } - - grub_file_close (file); -- grub_device_close (dev); -- -- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); -- return 0; -- -- fail: - -+fail: - if (dev) - grub_device_close (dev); - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index aea378adf5c..8890bdf059a 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -33,21 +33,24 @@ struct grub_efi_shim_lock - }; - typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; - --grub_efi_boolean_t -+int - grub_linuxefi_secure_validate (void *data, grub_uint32_t size) - { - grub_efi_guid_t guid = SHIM_LOCK_GUID; - grub_efi_shim_lock_t *shim_lock; -+ grub_efi_status_t status; - - shim_lock = grub_efi_locate_protocol(&guid, NULL); -- -+ grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock); - if (!shim_lock) -- return 1; -+ return 0; - -- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -+ status = shim_lock->verify(data, size); -+ grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", status); -+ if (status == GRUB_EFI_SUCCESS) - return 1; - -- return 0; -+ return -1; - } - - typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 7ccf32d9d45..82f75b7f3ab 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -155,6 +155,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - struct linux_kernel_header lh; - grub_ssize_t len, start, filelen; - void *kernel = NULL; -+ int rc; - - grub_dl_ref (my_mod); - -@@ -180,13 +181,16 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - if (grub_file_read (file, kernel, filelen) != filelen) - { -- grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), -+ argv[0]); - goto fail; - } - -- if (! grub_linuxefi_secure_validate (kernel, filelen)) -+ rc = grub_linuxefi_secure_validate (kernel, filelen); -+ if (rc < 0) - { -- grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), -+ argv[0]); - grub_free (kernel); - goto fail; - } -diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h -index d9ede36773b..0033d9305a9 100644 ---- a/include/grub/efi/linux.h -+++ b/include/grub/efi/linux.h -@@ -22,7 +22,7 @@ - #include - #include - --grub_efi_boolean_t -+int - EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); - grub_err_t - EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, diff --git a/0270-grub2-btrfs-06-subvol-mount.patch b/0251-grub2-btrfs-06-subvol-mount.patch similarity index 100% rename from 0270-grub2-btrfs-06-subvol-mount.patch rename to 0251-grub2-btrfs-06-subvol-mount.patch diff --git a/0271-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch b/0252-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch similarity index 100% rename from 0271-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch rename to 0252-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch diff --git a/0252-linuxefi-fix-double-free-on-verification-failure.patch b/0252-linuxefi-fix-double-free-on-verification-failure.patch deleted file mode 100644 index 7d1b3c8f..00000000 --- a/0252-linuxefi-fix-double-free-on-verification-failure.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 14 Jun 2016 09:50:25 -0400 -Subject: [PATCH] linuxefi: fix double free on verification failure. - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 82f75b7f3ab..010bf982d80 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -191,7 +191,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), - argv[0]); -- grub_free (kernel); - goto fail; - } - diff --git a/0272-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch b/0253-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch similarity index 100% rename from 0272-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch rename to 0253-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch diff --git a/0253-fix-machine-type-test-in-30_os-prober.in.patch b/0253-fix-machine-type-test-in-30_os-prober.in.patch deleted file mode 100644 index 11d6f4b9..00000000 --- a/0253-fix-machine-type-test-in-30_os-prober.in.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 11 Jul 2016 13:36:45 -0400 -Subject: [PATCH] fix machine type test in 30_os-prober.in - -Signed-off-by: Peter Jones ---- - util/grub.d/30_os-prober.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index dc98eace934..e40274fc0f4 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -144,6 +144,7 @@ for OS in ${OSPROBED} ; do - sixteenbit="" - linuxefi="linux" - initrdefi="initrd" -+ machine=`uname -m` - case "$machine" in - i?86|x86_64) - sixteenbit="16" diff --git a/0273-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch b/0254-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch similarity index 100% rename from 0273-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch rename to 0254-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch diff --git a/0254-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch b/0254-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch deleted file mode 100644 index 27e078c5..00000000 --- a/0254-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 21 Nov 2016 15:34:00 +0100 -Subject: [PATCH] efi/chainloader: fix wrong sanity check in relocate_coff() - -In relocate_coff(), the relocation entries are parsed from the original -image (not the section-wise copied image). The original image is -pointed-to by the "orig" pointer. The current check - - (void *)reloc_end < data - -compares the addresses of independent memory allocations. "data" is a typo -here, it should be "orig". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 -Signed-off-by: Laszlo Ersek -Tested-by: Bogdan Costescu -Tested-by: Juan Orti ---- - grub-core/loader/efi/chainloader.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index b977c7b5573..d5ab21d09c3 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -401,7 +401,7 @@ relocate_coff (pe_coff_loader_image_context_t *context, - reloc_end = (struct grub_pe32_fixup_block *) - ((char *)reloc_base + reloc_base->size); - -- if ((void *)reloc_end < data || (void *)reloc_end > image_end) -+ if ((void *)reloc_end < orig || (void *)reloc_end > image_end) - { - grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc entry %d overflows binary", - n); diff --git a/0274-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch b/0255-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch similarity index 100% rename from 0274-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch rename to 0255-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch diff --git a/0255-efi-chainloader-truncate-overlong-relocation-section.patch b/0255-efi-chainloader-truncate-overlong-relocation-section.patch deleted file mode 100644 index 6931f91b..00000000 --- a/0255-efi-chainloader-truncate-overlong-relocation-section.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 23 Nov 2016 06:27:09 +0100 -Subject: [PATCH] efi/chainloader: truncate overlong relocation section - -The UEFI Windows 7 boot loader ("EFI/Microsoft/Boot/bootmgfw.efi", SHA1 -31b410e029bba87d2068c65a80b88882f9f8ea25) has inconsistent headers. - -Compare: - -> The Data Directory -> ... -> Entry 5 00000000000d9000 00000574 Base Relocation Directory [.reloc] - -Versus: - -> Sections: -> Idx Name Size VMA LMA File off ... -> ... -> 10 .reloc 00000e22 00000000100d9000 00000000100d9000 000a1800 ... - -That is, the size reported by the RelocDir entry (0x574) is smaller than -the virtual size of the .reloc section (0xe22). - -Quoting the grub2 debug log for the same: - -> chainloader.c:595: reloc_dir: 0xd9000 reloc_size: 0x00000574 -> chainloader.c:603: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 -> ... -> chainloader.c:620: Section 10 ".reloc" at 0x7d208000..0x7d208e21 -> chainloader.c:661: section is not reloc section? -> chainloader.c:663: rds: 0x00001000, vs: 00000e22 -> chainloader.c:664: base: 0x7d208000 end: 0x7d208e21 -> chainloader.c:666: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 -> chainloader.c:671: Section characteristics are 42000040 -> chainloader.c:673: Section virtual size: 00000e22 -> chainloader.c:675: Section raw_data size: 00001000 -> chainloader.c:678: Discarding section - -After hexdumping "bootmgfw.efi" and manually walking its relocation blocks -(yes, really), I determined that the (smaller) RelocDir value is correct. -The remaining area that extends up to the .reloc section size (== 0xe22 - -0x574 == 0x8ae bytes) exists as zero padding in the file. - -This zero padding shouldn't be passed to relocate_coff() for parsing. In -order to cope with it, split the handling of .reloc sections into the -following branches: - -- original case (equal size): original behavior (--> relocation - attempted), - -- overlong .reloc section (longer than reported by RelocDir): truncate the - section to the RelocDir size for the purposes of relocate_coff(), and - attempt relocation, - -- .reloc section is too short, or other checks fail: original behavior - (--> relocation not attempted). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 -Signed-off-by: Laszlo Ersek ---- - grub-core/loader/efi/chainloader.c | 26 +++++++++++++++++++++----- - 1 file changed, 21 insertions(+), 5 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index d5ab21d09c3..7826e794ad9 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -596,7 +596,7 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n", - reloc_base, reloc_base_end); - -- struct grub_pe32_section_table *reloc_section = NULL; -+ struct grub_pe32_section_table *reloc_section = NULL, fake_reloc_section; - - section = context.first_section; - for (i = 0; i < context.number_of_sections; i++, section++) -@@ -645,12 +645,28 @@ handle_image (void *data, grub_efi_uint32_t datasize) - * made sense, and the VA and size match RelocDir's - * versions, then we believe in this section table. */ - if (section->raw_data_size && section->virtual_size && -- base && end && reloc_base == base && reloc_base_end == end) -+ base && end && reloc_base == base) - { -- grub_dprintf ("chain", " section is relocation section\n"); -- reloc_section = section; -+ if (reloc_base_end == end) -+ { -+ grub_dprintf ("chain", " section is relocation section\n"); -+ reloc_section = section; -+ } -+ else if (reloc_base_end && reloc_base_end < end) -+ { -+ /* Bogus virtual size in the reloc section -- RelocDir -+ * reported a smaller Base Relocation Directory. Decrease -+ * the section's virtual size so that it equal RelocDir's -+ * idea, but only for the purposes of relocate_coff(). */ -+ grub_dprintf ("chain", -+ " section is (overlong) relocation section\n"); -+ grub_memcpy (&fake_reloc_section, section, sizeof *section); -+ fake_reloc_section.virtual_size -= (end - reloc_base_end); -+ reloc_section = &fake_reloc_section; -+ } - } -- else -+ -+ if (!reloc_section) - { - grub_dprintf ("chain", " section is not reloc section?\n"); - grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n", diff --git a/0275-Use-grub_efi_.-memory-helpers-where-reasonable.patch b/0256-Use-grub_efi_.-memory-helpers-where-reasonable.patch similarity index 98% rename from 0275-Use-grub_efi_.-memory-helpers-where-reasonable.patch rename to 0256-Use-grub_efi_.-memory-helpers-where-reasonable.patch index 415cf92b..0dc026f4 100644 --- a/0275-Use-grub_efi_.-memory-helpers-where-reasonable.patch +++ b/0256-Use-grub_efi_.-memory-helpers-where-reasonable.patch @@ -13,7 +13,7 @@ Signed-off-by: Peter Jones 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 7826e794ad9..d2557b38dce 100644 +index 5cd9b6e08a8..106eb10a362 100644 --- a/grub-core/loader/efi/chainloader.c +++ b/grub-core/loader/efi/chainloader.c @@ -65,7 +65,7 @@ grub_chainloader_unload (void) diff --git a/0256-linuxefi-minor-cleanups.patch b/0256-linuxefi-minor-cleanups.patch deleted file mode 100644 index 057c7465..00000000 --- a/0256-linuxefi-minor-cleanups.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 14 Feb 2017 16:31:52 -0500 -Subject: [PATCH] linuxefi: minor cleanups - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 30 ++++++++++++++++++++---------- - 1 file changed, 20 insertions(+), 10 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 010bf982d80..8b5a817b9d1 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -61,13 +61,18 @@ grub_linuxefi_unload (void) - grub_dl_unref (my_mod); - loaded = 0; - if (initrd_mem) -- grub_efi_free_pages((grub_efi_physical_address_t)initrd_mem, BYTES_TO_PAGES(params->ramdisk_size)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -+ BYTES_TO_PAGES(params->ramdisk_size)); - if (linux_cmdline) -- grub_efi_free_pages((grub_efi_physical_address_t)linux_cmdline, BYTES_TO_PAGES(params->cmdline_size + 1)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -+ linux_cmdline, -+ BYTES_TO_PAGES(params->cmdline_size + 1)); - if (kernel_mem) -- grub_efi_free_pages((grub_efi_physical_address_t)kernel_mem, BYTES_TO_PAGES(kernel_size)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -+ BYTES_TO_PAGES(kernel_size)); - if (params) -- grub_efi_free_pages((grub_efi_physical_address_t)params, BYTES_TO_PAGES(16384)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -+ BYTES_TO_PAGES(16384)); - return GRUB_ERR_NONE; - } - -@@ -115,7 +120,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - } - - params->ramdisk_size = size; -- params->ramdisk_image = (grub_uint32_t)(grub_uint64_t) initrd_mem; -+ params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; - - ptr = initrd_mem; - -@@ -142,7 +147,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - grub_free (files); - - if (initrd_mem && grub_errno) -- grub_efi_free_pages((grub_efi_physical_address_t)initrd_mem, BYTES_TO_PAGES(size)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -+ BYTES_TO_PAGES(size)); - - return grub_errno; - } -@@ -244,7 +250,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - linux_cmdline + sizeof (LINUX_IMAGE) - 1, - lh.cmdline_size - (sizeof (LINUX_IMAGE) - 1)); - -- lh.cmd_line_ptr = (grub_uint32_t)(grub_uint64_t)linux_cmdline; -+ lh.cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; - - handover_offset = lh.handover_offset; - -@@ -288,13 +294,17 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - if (linux_cmdline && !loaded) -- grub_efi_free_pages((grub_efi_physical_address_t)linux_cmdline, BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -+ linux_cmdline, -+ BYTES_TO_PAGES(lh.cmdline_size + 1)); - - if (kernel_mem && !loaded) -- grub_efi_free_pages((grub_efi_physical_address_t)kernel_mem, BYTES_TO_PAGES(kernel_size)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -+ BYTES_TO_PAGES(kernel_size)); - - if (params && !loaded) -- grub_efi_free_pages((grub_efi_physical_address_t)params, BYTES_TO_PAGES(16384)); -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -+ BYTES_TO_PAGES(16384)); - - return grub_errno; - } diff --git a/0276-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch b/0257-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch similarity index 97% rename from 0276-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch rename to 0257-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch index 9bb46657..c7259543 100644 --- a/0276-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +++ b/0257-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch @@ -12,7 +12,7 @@ Signed-off-by: Peter Jones 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index d2557b38dce..2c62faa2943 100644 +index 106eb10a362..3630b0cbf2d 100644 --- a/grub-core/loader/efi/chainloader.c +++ b/grub-core/loader/efi/chainloader.c @@ -783,7 +783,8 @@ handle_image (void *data, grub_efi_uint32_t datasize) diff --git a/0277-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch b/0258-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch similarity index 100% rename from 0277-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch rename to 0258-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch diff --git a/0258-Fix-up-linux-params-usage.patch b/0258-Fix-up-linux-params-usage.patch deleted file mode 100644 index 3e089a9e..00000000 --- a/0258-Fix-up-linux-params-usage.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 30 May 2017 14:16:07 -0400 -Subject: [PATCH] Fix up linux params usage... - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 4 ++-- - grub-core/loader/i386/linux.c | 5 ++++- - 2 files changed, 6 insertions(+), 3 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index bed5919cab3..6ff796f56ff 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -161,7 +161,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- struct linux_kernel_header *lh; -+ struct linux_i386_kernel_header *lh; - grub_ssize_t len, start, filelen; - void *kernel = NULL; - int setup_header_end_offset; -@@ -224,7 +224,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_memcpy ((grub_uint8_t *)params + 0x1f1, - (grub_uint8_t *)kernel + 0x1f1, - MIN(0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -- lh = (struct linux_kernel_header *)params; -+ lh = (struct linux_i386_kernel_header *)params; - grub_dprintf ("linuxefi", "lh is at %p\n", lh); - grub_dprintf ("linuxefi", "checking lh->boot_flag\n"); - if (lh->boot_flag != grub_cpu_to_le16 (0xaa55)) -diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index 626ec9fef0c..35055431247 100644 ---- a/grub-core/loader/i386/linux.c -+++ b/grub-core/loader/i386/linux.c -@@ -680,6 +680,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - grub_file_t file = 0; - struct linux_i386_kernel_header lh; -+ grub_uint8_t *linux_params_ptr; - grub_uint8_t setup_sects; - grub_size_t real_size, prot_size, prot_file_size, kernel_offset; - grub_ssize_t len; -@@ -811,6 +812,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - preferred_address)) - goto fail; - -+ - grub_memset (&linux_params, 0, sizeof (linux_params)); - grub_memcpy (&linux_params.setup_sects, &lh.setup_sects, sizeof (lh) - 0x1F1); - -@@ -820,7 +822,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - len = sizeof (linux_params) - sizeof (lh); - -- grub_memcpy (&linux_params + sizeof (lh), kernel + kernel_offset, len); -+ linux_params_ptr = (void *)&linux_params; -+ grub_memcpy (linux_params_ptr + sizeof (lh), kernel + kernel_offset, len); - kernel_offset += len; - - linux_params.type_of_loader = GRUB_LINUX_BOOT_LOADER_TYPE; diff --git a/0278-don-t-ignore-const.patch b/0259-don-t-ignore-const.patch similarity index 100% rename from 0278-don-t-ignore-const.patch rename to 0259-don-t-ignore-const.patch diff --git a/0279-don-t-use-int-for-efi-status.patch b/0260-don-t-use-int-for-efi-status.patch similarity index 100% rename from 0279-don-t-use-int-for-efi-status.patch rename to 0260-don-t-use-int-for-efi-status.patch diff --git a/0261-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch b/0261-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch deleted file mode 100644 index 3e3b406c..00000000 --- a/0261-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 9 May 2016 14:15:17 -0400 -Subject: [PATCH] Add some grub_dprintf() in the secure boot verify code. - -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/linux.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index 2a7024134da..7fe7201a388 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -43,12 +43,22 @@ grub_linuxefi_secure_validate (void *data, grub_uint32_t size) - shim_lock = grub_efi_locate_protocol(&guid, NULL); - grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock); - if (!shim_lock) -- return 0; -+ { -+ grub_dprintf ("secureboot", "shim not available\n"); -+ return 0; -+ } - -- status = shim_lock->verify(data, size); -+ grub_dprintf ("secureboot", "Asking shim to verify kernel signature\n"); -+ status = shim_lock->verify (data, size); - grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", status); - if (status == GRUB_EFI_SUCCESS) -- return 1; -+ { -+ grub_dprintf ("secureboot", "Kernel signature verification passed\n"); -+ return 1; -+ } -+ -+ grub_dprintf ("secureboot", "Kernel signature verification failed (0x%lx)\n", -+ (unsigned long) status); - - return -1; - } diff --git a/0280-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch b/0261-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch similarity index 100% rename from 0280-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch rename to 0261-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch diff --git a/0282-editenv-handle-relative-symlinks.patch b/0262-editenv-handle-relative-symlinks.patch similarity index 100% rename from 0282-editenv-handle-relative-symlinks.patch rename to 0262-editenv-handle-relative-symlinks.patch diff --git a/0283-Make-libgrub.pp-depend-on-config-util.h.patch b/0263-Make-libgrub.pp-depend-on-config-util.h.patch similarity index 100% rename from 0283-Make-libgrub.pp-depend-on-config-util.h.patch rename to 0263-Make-libgrub.pp-depend-on-config-util.h.patch diff --git a/0284-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch b/0264-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch similarity index 100% rename from 0284-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch rename to 0264-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch diff --git a/0285-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch b/0265-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch similarity index 100% rename from 0285-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch rename to 0265-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch diff --git a/0286-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch b/0266-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch similarity index 100% rename from 0286-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch rename to 0266-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch diff --git a/0287-align-struct-efi_variable-better.patch b/0267-align-struct-efi_variable-better.patch similarity index 100% rename from 0287-align-struct-efi_variable-better.patch rename to 0267-align-struct-efi_variable-better.patch diff --git a/0288-Add-quicksort-implementation.patch b/0268-Add-quicksort-implementation.patch similarity index 100% rename from 0288-Add-quicksort-implementation.patch rename to 0268-Add-quicksort-implementation.patch diff --git a/0289-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch b/0269-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch similarity index 99% rename from 0289-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch rename to 0269-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch index cde929e2..0dc1f0fd 100644 --- a/0289-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch +++ b/0269-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch @@ -20,7 +20,7 @@ the bls_import command, change it to blscfg and improve the BLS support. create mode 100644 grub-core/commands/loadenv.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index edf249f0002..fb661b4abf8 100644 +index 9983d5fa6ad..5cbebe50661 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -129,6 +129,7 @@ kernel = { diff --git a/0290-Add-BLS-support-to-grub-mkconfig.patch b/0270-Add-BLS-support-to-grub-mkconfig.patch similarity index 90% rename from 0290-Add-BLS-support-to-grub-mkconfig.patch rename to 0270-Add-BLS-support-to-grub-mkconfig.patch index 2857ad3a..75698fdf 100644 --- a/0290-Add-BLS-support-to-grub-mkconfig.patch +++ b/0270-Add-BLS-support-to-grub-mkconfig.patch @@ -10,8 +10,8 @@ files are parsed by blscfg command and the entries created dynamically. --- util/grub-mkconfig.in | 3 ++- util/grub-mkconfig_lib.in | 29 +++++++++++++++++++---------- - util/grub.d/10_linux.in | 37 ++++++++++++++++++++++++++++++++++++- - 3 files changed, 57 insertions(+), 12 deletions(-) + util/grub.d/10_linux.in | 37 +++++++++++++++++++++++++++++++++++-- + 3 files changed, 56 insertions(+), 13 deletions(-) diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in index 4248b9341ab..c20171919d9 100644 @@ -104,10 +104,10 @@ index b3aae534ddc..1acc1d01c39 100644 fi IFS="$old_ifs" diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 69415af69b2..aec1ca3eba0 100644 +index d9a05937e46..839f1fdb655 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -135,6 +135,34 @@ linux_entry () +@@ -121,6 +121,34 @@ linux_entry () if [ -z "$boot_device_id" ]; then boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" fi @@ -142,7 +142,7 @@ index 69415af69b2..aec1ca3eba0 100644 if [ x$type != xsimple ] ; then title=$(mktitle "$type" "$version") if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then -@@ -239,7 +267,10 @@ submenu_indentation="" +@@ -223,7 +251,10 @@ submenu_indentation="" is_top_level=true while [ "x$list" != "x" ] ; do linux=`version_find_latest $list` @@ -154,14 +154,14 @@ index 69415af69b2..aec1ca3eba0 100644 basename=`basename $linux` dirname=`dirname $linux` rel_dirname=`make_system_path_relative_to_its_root $dirname` -@@ -303,6 +334,10 @@ while [ "x$list" != "x" ] ; do +@@ -262,7 +293,9 @@ while [ "x$list" != "x" ] ; do + for i in ${initrd}; do + initrd_display="${initrd_display} ${dirname}/${i}" + done +- gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 ++ if [ "x${GRUB_ENABLE_BLSCFG}" != "xtrue" ]; then ++ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 ++ fi fi - if test -z "${initramfs}" && test -z "${initrd_real}" ; then -+ if [ "x${GRUB_ENABLE_BLSCFG}" != "xtrue" ]; then -+ gettext_printf "Found initrd image: %s\n" "${dirname}/${initramfs}" >&2 -+ fi -+ elif test -z "${initramfs}" ; then - # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's - # no initrd or builtin initramfs, it can't work here. - if [ "x${GRUB_DEVICE_PARTUUID}" = "x" ] \ + fdt= diff --git a/0291-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch b/0271-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch similarity index 100% rename from 0291-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch rename to 0271-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch diff --git a/0292-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch b/0272-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch similarity index 100% rename from 0292-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch rename to 0272-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch diff --git a/0293-Enable-blscfg-command-for-the-emu-platform.patch b/0273-Enable-blscfg-command-for-the-emu-platform.patch similarity index 99% rename from 0293-Enable-blscfg-command-for-the-emu-platform.patch rename to 0273-Enable-blscfg-command-for-the-emu-platform.patch index ba9207ef..3aaddefa 100644 --- a/0293-Enable-blscfg-command-for-the-emu-platform.patch +++ b/0273-Enable-blscfg-command-for-the-emu-platform.patch @@ -14,7 +14,7 @@ Signed-off-by: Javier Martinez Canillas 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index fb661b4abf8..8e6110e4bb6 100644 +index 5cbebe50661..5c5bdc32275 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -778,6 +778,7 @@ module = { diff --git a/0294-Add-linux-and-initrd-commands-for-grub-emu.patch b/0274-Add-linux-and-initrd-commands-for-grub-emu.patch similarity index 96% rename from 0294-Add-linux-and-initrd-commands-for-grub-emu.patch rename to 0274-Add-linux-and-initrd-commands-for-grub-emu.patch index 3df76a1d..cc9b65f0 100644 --- a/0294-Add-linux-and-initrd-commands-for-grub-emu.patch +++ b/0274-Add-linux-and-initrd-commands-for-grub-emu.patch @@ -6,7 +6,7 @@ Subject: [PATCH] Add linux and initrd commands for grub-emu When using grub-emu, the linux and initrd commands are used as arguments to the kexec command line tool, to allow booting the selected menu entry. --- - grub-core/Makefile.core.def | 2 +- + grub-core/Makefile.core.def | 1 - grub-core/kern/emu/main.c | 4 + grub-core/kern/emu/misc.c | 18 ++++- grub-core/loader/emu/linux.c | 172 +++++++++++++++++++++++++++++++++++++++++++ @@ -14,25 +14,21 @@ to the kexec command line tool, to allow booting the selected menu entry. include/grub/emu/hostfile.h | 3 +- include/grub/emu/misc.h | 3 + grub-core/Makefile.am | 1 + - 8 files changed, 203 insertions(+), 4 deletions(-) + 8 files changed, 202 insertions(+), 4 deletions(-) create mode 100644 grub-core/loader/emu/linux.c diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 8e6110e4bb6..7edff60ccd4 100644 +index 5c5bdc32275..ac3af772572 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -1710,10 +1710,10 @@ module = { - arm = loader/arm/linux.c; - arm64 = loader/arm64/linux.c; - arm64 = loader/efi/linux.c; -+ emu = loader/emu/linux.c; - fdt = lib/fdt.c; +@@ -1710,7 +1710,6 @@ module = { + common = loader/linux.c; common = lib/cmdline.c; - enable = noemu; - }; - module = { + efi = loader/efi/linux.c; + }; diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c index 55ea5a11ccd..846fe9715ec 100644 --- a/grub-core/kern/emu/main.c diff --git a/0295-Fix-the-efidir-in-grub-setpassword.patch b/0275-Fix-the-efidir-in-grub-setpassword.patch similarity index 100% rename from 0295-Fix-the-efidir-in-grub-setpassword.patch rename to 0275-Fix-the-efidir-in-grub-setpassword.patch diff --git a/0296-Add-grub2-switch-to-blscfg.patch b/0276-Add-grub2-switch-to-blscfg.patch similarity index 100% rename from 0296-Add-grub2-switch-to-blscfg.patch rename to 0276-Add-grub2-switch-to-blscfg.patch diff --git a/0297-Add-grub_debug_enabled.patch b/0277-Add-grub_debug_enabled.patch similarity index 100% rename from 0297-Add-grub_debug_enabled.patch rename to 0277-Add-grub_debug_enabled.patch diff --git a/0298-make-better-backtraces.patch b/0278-make-better-backtraces.patch similarity index 99% rename from 0298-make-better-backtraces.patch rename to 0278-make-better-backtraces.patch index 7597cd48..bd266102 100644 --- a/0298-make-better-backtraces.patch +++ b/0278-make-better-backtraces.patch @@ -37,7 +37,7 @@ Signed-off-by: Peter Jones delete mode 100644 grub-core/lib/i386/backtrace.c diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 7edff60ccd4..1153ec4d2cf 100644 +index ac3af772572..242bf178d5c 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -130,6 +130,12 @@ kernel = { @@ -63,7 +63,7 @@ index 7edff60ccd4..1153ec4d2cf 100644 i386 = kern/i386/dl.c; i386_xen = kern/i386/dl.c; -@@ -2288,13 +2291,11 @@ module = { +@@ -2277,13 +2280,11 @@ module = { module = { name = backtrace; diff --git a/0299-normal-don-t-draw-our-startup-message-if-debug-is-se.patch b/0279-normal-don-t-draw-our-startup-message-if-debug-is-se.patch similarity index 100% rename from 0299-normal-don-t-draw-our-startup-message-if-debug-is-se.patch rename to 0279-normal-don-t-draw-our-startup-message-if-debug-is-se.patch diff --git a/0300-Work-around-some-minor-include-path-weirdnesses.patch b/0280-Work-around-some-minor-include-path-weirdnesses.patch similarity index 100% rename from 0300-Work-around-some-minor-include-path-weirdnesses.patch rename to 0280-Work-around-some-minor-include-path-weirdnesses.patch diff --git a/0281-Clean-up-some-errors-in-the-linuxefi-loader.patch b/0281-Clean-up-some-errors-in-the-linuxefi-loader.patch deleted file mode 100644 index b8e36770..00000000 --- a/0281-Clean-up-some-errors-in-the-linuxefi-loader.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 24 May 2017 15:58:18 -0400 -Subject: [PATCH] Clean up some errors in the linuxefi loader - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 6ff796f56ff..cb9631c95e1 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -161,8 +161,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- struct linux_i386_kernel_header *lh; -- grub_ssize_t len, start, filelen; -+ struct linux_i386_kernel_header *lh = NULL; -+ grub_ssize_t start, filelen; - void *kernel = NULL; - int setup_header_end_offset; - int rc; -@@ -212,18 +212,19 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- grub_dprintf ("linuxefi", "params = %p\n", (unsigned long) params); -+ grub_dprintf ("linuxefi", "params = %p\n", params); - - grub_memset (params, 0, sizeof(*params)); - - setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); -- grub_dprintf ("linuxefi", "copying %d bytes from %p to %p\n", -- MIN(0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1, -+ grub_dprintf ("linuxefi", "copying %zu bytes from %p to %p\n", -+ MIN((grub_size_t)0x202+setup_header_end_offset, -+ sizeof (*params)) - 0x1f1, - (grub_uint8_t *)kernel + 0x1f1, - (grub_uint8_t *)params + 0x1f1); - grub_memcpy ((grub_uint8_t *)params + 0x1f1, - (grub_uint8_t *)kernel + 0x1f1, -- MIN(0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -+ MIN((grub_size_t)0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); - lh = (struct linux_i386_kernel_header *)params; - grub_dprintf ("linuxefi", "lh is at %p\n", lh); - grub_dprintf ("linuxefi", "checking lh->boot_flag\n"); -@@ -297,7 +298,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - handover_offset = lh->handover_offset; - - start = (lh->setup_sects + 1) * 512; -- len = grub_file_size(file) - start; - - kernel_mem = grub_efi_allocate_pages_max(lh->pref_address, - BYTES_TO_PAGES(lh->init_size)); -@@ -343,7 +343,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - loaded = 0; - } - -- if (linux_cmdline && !loaded) -+ if (linux_cmdline && lh && !loaded) - grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) - linux_cmdline, - BYTES_TO_PAGES(lh->cmdline_size + 1)); diff --git a/0301-Make-it-possible-to-enabled-build-id-sha1.patch b/0281-Make-it-possible-to-enabled-build-id-sha1.patch similarity index 100% rename from 0301-Make-it-possible-to-enabled-build-id-sha1.patch rename to 0281-Make-it-possible-to-enabled-build-id-sha1.patch diff --git a/0302-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch b/0282-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch similarity index 100% rename from 0302-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch rename to 0282-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch diff --git a/0303-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch b/0283-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch similarity index 100% rename from 0303-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch rename to 0283-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch diff --git a/0304-Only-attempt-to-scan-different-BLS-directories-on-EF.patch b/0284-Only-attempt-to-scan-different-BLS-directories-on-EF.patch similarity index 100% rename from 0304-Only-attempt-to-scan-different-BLS-directories-on-EF.patch rename to 0284-Only-attempt-to-scan-different-BLS-directories-on-EF.patch diff --git a/0305-Core-TPM-support.patch b/0285-Core-TPM-support.patch similarity index 99% rename from 0305-Core-TPM-support.patch rename to 0285-Core-TPM-support.patch index 730f01a5..f7e4c4f6 100644 --- a/0305-Core-TPM-support.patch +++ b/0285-Core-TPM-support.patch @@ -23,7 +23,7 @@ will measure all modules as they're loaded. create mode 100644 include/grub/tpm.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 1153ec4d2cf..334ca3fcf46 100644 +index 242bf178d5c..e03835b9dc1 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -131,6 +131,7 @@ kernel = { diff --git a/0306-Measure-kernel-initrd.patch b/0286-Measure-kernel-initrd.patch similarity index 87% rename from 0306-Measure-kernel-initrd.patch rename to 0286-Measure-kernel-initrd.patch index f3f97252..473f4bcd 100644 --- a/0306-Measure-kernel-initrd.patch +++ b/0286-Measure-kernel-initrd.patch @@ -9,7 +9,7 @@ Measure the kernel and initrd when loaded on UEFI systems 1 file changed, 4 insertions(+) diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index cb9631c95e1..95a197743a9 100644 +index 1279f510a24..6c7ff1e2db7 100644 --- a/grub-core/loader/i386/efi/linux.c +++ b/grub-core/loader/i386/efi/linux.c @@ -27,6 +27,7 @@ @@ -20,7 +20,7 @@ index cb9631c95e1..95a197743a9 100644 GRUB_MOD_LICENSE ("GPLv3+"); -@@ -132,6 +133,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), +@@ -131,6 +132,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), argv[i]); goto fail; } @@ -28,7 +28,7 @@ index cb9631c95e1..95a197743a9 100644 ptr += cursize; grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); ptr += ALIGN_UP_OVERHEAD (cursize, 4); -@@ -196,6 +198,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -195,6 +197,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } diff --git a/0307-Add-BIOS-boot-measurement.patch b/0287-Add-BIOS-boot-measurement.patch similarity index 100% rename from 0307-Add-BIOS-boot-measurement.patch rename to 0287-Add-BIOS-boot-measurement.patch diff --git a/0308-Measure-kernel-and-initrd-on-BIOS-systems.patch b/0288-Measure-kernel-and-initrd-on-BIOS-systems.patch similarity index 98% rename from 0308-Measure-kernel-and-initrd-on-BIOS-systems.patch rename to 0288-Measure-kernel-and-initrd-on-BIOS-systems.patch index 92c6c60f..f12885ad 100644 --- a/0308-Measure-kernel-and-initrd-on-BIOS-systems.patch +++ b/0288-Measure-kernel-and-initrd-on-BIOS-systems.patch @@ -42,7 +42,7 @@ index 35055431247..24fb1084b25 100644 if (grub_errno == GRUB_ERR_NONE) { diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index e2bb1a99a74..654e363e584 100644 +index 783a3cd93bc..15544230763 100644 --- a/grub-core/loader/i386/pc/linux.c +++ b/grub-core/loader/i386/pc/linux.c @@ -36,6 +36,7 @@ diff --git a/0309-Measure-the-kernel-commandline.patch b/0289-Measure-the-kernel-commandline.patch similarity index 100% rename from 0309-Measure-the-kernel-commandline.patch rename to 0289-Measure-the-kernel-commandline.patch diff --git a/0310-Measure-commands.patch b/0290-Measure-commands.patch similarity index 100% rename from 0310-Measure-commands.patch rename to 0290-Measure-commands.patch diff --git a/0311-Measure-multiboot-images-and-modules.patch b/0291-Measure-multiboot-images-and-modules.patch similarity index 100% rename from 0311-Measure-multiboot-images-and-modules.patch rename to 0291-Measure-multiboot-images-and-modules.patch diff --git a/0312-Fix-boot-when-there-s-no-TPM.patch b/0292-Fix-boot-when-there-s-no-TPM.patch similarity index 100% rename from 0312-Fix-boot-when-there-s-no-TPM.patch rename to 0292-Fix-boot-when-there-s-no-TPM.patch diff --git a/0313-Rework-TPM-measurements.patch b/0293-Rework-TPM-measurements.patch similarity index 97% rename from 0313-Rework-TPM-measurements.patch rename to 0293-Rework-TPM-measurements.patch index 2ff20282..32bae452 100644 --- a/0313-Rework-TPM-measurements.patch +++ b/0293-Rework-TPM-measurements.patch @@ -73,10 +73,10 @@ index 6b56304d4a7..178f7382f07 100644 return i; } diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 95a197743a9..8bb759d8a91 100644 +index 6c7ff1e2db7..8ad35e0a2e8 100644 --- a/grub-core/loader/i386/efi/linux.c +++ b/grub-core/loader/i386/efi/linux.c -@@ -133,7 +133,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), +@@ -132,7 +132,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), argv[i]); goto fail; } @@ -85,7 +85,7 @@ index 95a197743a9..8bb759d8a91 100644 ptr += cursize; grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); ptr += ALIGN_UP_OVERHEAD (cursize, 4); -@@ -198,7 +198,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -197,7 +197,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), goto fail; } @@ -121,7 +121,7 @@ index 1c5b0ac25ce..2ce424a997b 100644 header = find_header (buffer, len); diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 654e363e584..547df29c213 100644 +index 15544230763..4f8c02288ec 100644 --- a/grub-core/loader/i386/pc/linux.c +++ b/grub-core/loader/i386/pc/linux.c @@ -162,7 +162,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), diff --git a/0314-Fix-event-log-prefix.patch b/0294-Fix-event-log-prefix.patch similarity index 100% rename from 0314-Fix-event-log-prefix.patch rename to 0294-Fix-event-log-prefix.patch diff --git a/0315-Set-the-first-boot-menu-entry-as-default-when-using-.patch b/0295-Set-the-first-boot-menu-entry-as-default-when-using-.patch similarity index 90% rename from 0315-Set-the-first-boot-menu-entry-as-default-when-using-.patch rename to 0295-Set-the-first-boot-menu-entry-as-default-when-using-.patch index 31ddeeeb..1e8e73fa 100644 --- a/0315-Set-the-first-boot-menu-entry-as-default-when-using-.patch +++ b/0295-Set-the-first-boot-menu-entry-as-default-when-using-.patch @@ -14,10 +14,10 @@ Signed-off-by: Javier Martinez Canillas 1 file changed, 1 insertion(+) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index aec1ca3eba0..1e7ec7071c3 100644 +index 839f1fdb655..89cd71d852d 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -158,6 +158,7 @@ if [ -s \$prefix/grubenv ]; then +@@ -144,6 +144,7 @@ if [ -s \$prefix/grubenv ]; then fi EOF diff --git a/0316-tpm-fix-warnings-when-compiling-for-platforms-other-.patch b/0296-tpm-fix-warnings-when-compiling-for-platforms-other-.patch similarity index 100% rename from 0316-tpm-fix-warnings-when-compiling-for-platforms-other-.patch rename to 0296-tpm-fix-warnings-when-compiling-for-platforms-other-.patch diff --git a/0317-Make-TPM-errors-less-fatal.patch b/0297-Make-TPM-errors-less-fatal.patch similarity index 97% rename from 0317-Make-TPM-errors-less-fatal.patch rename to 0297-Make-TPM-errors-less-fatal.patch index 12678d31..38090df8 100644 --- a/0317-Make-TPM-errors-less-fatal.patch +++ b/0297-Make-TPM-errors-less-fatal.patch @@ -102,10 +102,10 @@ index 178f7382f07..d5c12957cad 100644 return i; } diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 8bb759d8a91..66e58b71e22 100644 +index 8ad35e0a2e8..cdc175c951a 100644 --- a/grub-core/loader/i386/efi/linux.c +++ b/grub-core/loader/i386/efi/linux.c -@@ -134,6 +134,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), +@@ -133,6 +133,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), goto fail; } grub_tpm_measure (ptr, cursize, GRUB_BINARY_PCR, "grub_linuxefi", "Initrd"); @@ -113,7 +113,7 @@ index 8bb759d8a91..66e58b71e22 100644 ptr += cursize; grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); ptr += ALIGN_UP_OVERHEAD (cursize, 4); -@@ -199,6 +200,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), +@@ -198,6 +199,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), } grub_tpm_measure (kernel, filelen, GRUB_BINARY_PCR, "grub_linuxefi", "Kernel"); @@ -146,7 +146,7 @@ index 2ce424a997b..ca85358f771 100644 header = find_header (buffer, len); diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 547df29c213..1e369afcbad 100644 +index 4f8c02288ec..cfff25c21b5 100644 --- a/grub-core/loader/i386/pc/linux.c +++ b/grub-core/loader/i386/pc/linux.c @@ -163,6 +163,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), diff --git a/0318-blscfg-handle-multiple-initramfs-images.patch b/0298-blscfg-handle-multiple-initramfs-images.patch similarity index 100% rename from 0318-blscfg-handle-multiple-initramfs-images.patch rename to 0298-blscfg-handle-multiple-initramfs-images.patch diff --git a/0319-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch b/0299-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch similarity index 100% rename from 0319-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch rename to 0299-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch diff --git a/0320-BLS-Use-etcdefaultgrub-instead-of-etc.patch b/0300-BLS-Use-etcdefaultgrub-instead-of-etc.patch similarity index 100% rename from 0320-BLS-Use-etcdefaultgrub-instead-of-etc.patch rename to 0300-BLS-Use-etcdefaultgrub-instead-of-etc.patch diff --git a/0321-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch b/0301-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch similarity index 100% rename from 0321-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch rename to 0301-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch diff --git a/0322-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch b/0302-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch similarity index 100% rename from 0322-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch rename to 0302-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch diff --git a/0323-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch b/0303-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch similarity index 100% rename from 0323-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch rename to 0303-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch diff --git a/0324-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch b/0304-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch similarity index 95% rename from 0324-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch rename to 0304-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch index 8be87f3b..84b01675 100644 --- a/0324-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch +++ b/0304-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch @@ -19,10 +19,10 @@ Signed-off-by: Javier Martinez Canillas 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 1e7ec7071c3..13a6115056b 100644 +index 89cd71d852d..61d0664fb5c 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -147,8 +147,13 @@ linux_entry () +@@ -133,8 +133,13 @@ linux_entry () fi fi diff --git a/0325-Include-OSTree-path-when-searching-kernels-images-if.patch b/0305-Include-OSTree-path-when-searching-kernels-images-if.patch similarity index 94% rename from 0325-Include-OSTree-path-when-searching-kernels-images-if.patch rename to 0305-Include-OSTree-path-when-searching-kernels-images-if.patch index 2e369890..70b33b34 100644 --- a/0325-Include-OSTree-path-when-searching-kernels-images-if.patch +++ b/0305-Include-OSTree-path-when-searching-kernels-images-if.patch @@ -20,10 +20,10 @@ Signed-off-by: Javier Martinez Canillas 1 file changed, 6 insertions(+) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 13a6115056b..bcb81943aa2 100644 +index 61d0664fb5c..9682e97b7f5 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -253,6 +253,12 @@ case "x$machine" in +@@ -237,6 +237,12 @@ case "x$machine" in done ;; esac diff --git a/0326-Use-BLS-version-field-to-compare-entries-if-id-field.patch b/0306-Use-BLS-version-field-to-compare-entries-if-id-field.patch similarity index 100% rename from 0326-Use-BLS-version-field-to-compare-entries-if-id-field.patch rename to 0306-Use-BLS-version-field-to-compare-entries-if-id-field.patch diff --git a/0327-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch b/0307-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch similarity index 100% rename from 0327-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch rename to 0307-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch diff --git a/0328-Fixup-for-newer-compiler.patch b/0308-Fixup-for-newer-compiler.patch similarity index 100% rename from 0328-Fixup-for-newer-compiler.patch rename to 0308-Fixup-for-newer-compiler.patch diff --git a/0329-Don-t-attempt-to-export-the-start-and-_start-symbols.patch b/0309-Don-t-attempt-to-export-the-start-and-_start-symbols.patch similarity index 100% rename from 0329-Don-t-attempt-to-export-the-start-and-_start-symbols.patch rename to 0309-Don-t-attempt-to-export-the-start-and-_start-symbols.patch diff --git a/0330-Simplify-BLS-entry-key-val-pairs-lookup.patch b/0310-Simplify-BLS-entry-key-val-pairs-lookup.patch similarity index 100% rename from 0330-Simplify-BLS-entry-key-val-pairs-lookup.patch rename to 0310-Simplify-BLS-entry-key-val-pairs-lookup.patch diff --git a/0331-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch b/0311-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch similarity index 100% rename from 0331-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch rename to 0311-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch diff --git a/0332-Skip-leading-spaces-on-BLS-field-values.patch b/0312-Skip-leading-spaces-on-BLS-field-values.patch similarity index 100% rename from 0332-Skip-leading-spaces-on-BLS-field-values.patch rename to 0312-Skip-leading-spaces-on-BLS-field-values.patch diff --git a/0333-Fixup-for-newer-compiler.patch b/0313-Fixup-for-newer-compiler.patch similarity index 100% rename from 0333-Fixup-for-newer-compiler.patch rename to 0313-Fixup-for-newer-compiler.patch diff --git a/0334-TPM-Fix-hash_log_extend_event-function-prototype.patch b/0314-TPM-Fix-hash_log_extend_event-function-prototype.patch similarity index 100% rename from 0334-TPM-Fix-hash_log_extend_event-function-prototype.patch rename to 0314-TPM-Fix-hash_log_extend_event-function-prototype.patch diff --git a/0335-TPM-Fix-compiler-warnings.patch b/0315-TPM-Fix-compiler-warnings.patch similarity index 100% rename from 0335-TPM-Fix-compiler-warnings.patch rename to 0315-TPM-Fix-compiler-warnings.patch diff --git a/0336-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch b/0316-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch similarity index 100% rename from 0336-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch rename to 0316-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch diff --git a/0337-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch b/0317-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch similarity index 100% rename from 0337-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch rename to 0317-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch diff --git a/0338-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch b/0318-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch similarity index 100% rename from 0338-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch rename to 0318-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch diff --git a/0339-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch b/0319-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch similarity index 100% rename from 0339-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch rename to 0319-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch diff --git a/0340-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch b/0320-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch similarity index 100% rename from 0340-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch rename to 0320-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch diff --git a/0341-Revert-trim-arp-packets-with-abnormal-size.patch b/0321-Revert-trim-arp-packets-with-abnormal-size.patch similarity index 100% rename from 0341-Revert-trim-arp-packets-with-abnormal-size.patch rename to 0321-Revert-trim-arp-packets-with-abnormal-size.patch diff --git a/0342-Use-xid-to-match-DHCP-replies.patch b/0322-Use-xid-to-match-DHCP-replies.patch similarity index 100% rename from 0342-Use-xid-to-match-DHCP-replies.patch rename to 0322-Use-xid-to-match-DHCP-replies.patch diff --git a/0343-Add-support-for-non-Ethernet-network-cards.patch b/0323-Add-support-for-non-Ethernet-network-cards.patch similarity index 100% rename from 0343-Add-support-for-non-Ethernet-network-cards.patch rename to 0323-Add-support-for-non-Ethernet-network-cards.patch diff --git a/0344-misc-fix-invalid-character-recongition-in-strto-l.patch b/0324-misc-fix-invalid-character-recongition-in-strto-l.patch similarity index 100% rename from 0344-misc-fix-invalid-character-recongition-in-strto-l.patch rename to 0324-misc-fix-invalid-character-recongition-in-strto-l.patch diff --git a/0345-net-read-bracketed-ipv6-addrs-and-port-numbers.patch b/0325-net-read-bracketed-ipv6-addrs-and-port-numbers.patch similarity index 100% rename from 0345-net-read-bracketed-ipv6-addrs-and-port-numbers.patch rename to 0325-net-read-bracketed-ipv6-addrs-and-port-numbers.patch diff --git a/0346-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch b/0326-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch similarity index 100% rename from 0346-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch rename to 0326-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch diff --git a/0347-bootp-New-net_bootp6-command.patch b/0327-bootp-New-net_bootp6-command.patch similarity index 100% rename from 0347-bootp-New-net_bootp6-command.patch rename to 0327-bootp-New-net_bootp6-command.patch diff --git a/0348-Put-back-our-code-to-add-a-local-route.patch b/0328-Put-back-our-code-to-add-a-local-route.patch similarity index 100% rename from 0348-Put-back-our-code-to-add-a-local-route.patch rename to 0328-Put-back-our-code-to-add-a-local-route.patch diff --git a/0349-efinet-UEFI-IPv6-PXE-support.patch b/0329-efinet-UEFI-IPv6-PXE-support.patch similarity index 100% rename from 0349-efinet-UEFI-IPv6-PXE-support.patch rename to 0329-efinet-UEFI-IPv6-PXE-support.patch diff --git a/0350-grub.texi-Add-net_bootp6-doument.patch b/0330-grub.texi-Add-net_bootp6-doument.patch similarity index 100% rename from 0350-grub.texi-Add-net_bootp6-doument.patch rename to 0330-grub.texi-Add-net_bootp6-doument.patch diff --git a/0351-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch b/0331-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch similarity index 100% rename from 0351-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch rename to 0331-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch diff --git a/0352-efinet-Setting-network-from-UEFI-device-path.patch b/0332-efinet-Setting-network-from-UEFI-device-path.patch similarity index 100% rename from 0352-efinet-Setting-network-from-UEFI-device-path.patch rename to 0332-efinet-Setting-network-from-UEFI-device-path.patch diff --git a/0353-efinet-Setting-DNS-server-from-UEFI-protocol.patch b/0333-efinet-Setting-DNS-server-from-UEFI-protocol.patch similarity index 100% rename from 0353-efinet-Setting-DNS-server-from-UEFI-protocol.patch rename to 0333-efinet-Setting-DNS-server-from-UEFI-protocol.patch diff --git a/0354-Fix-one-more-coverity-complaint.patch b/0334-Fix-one-more-coverity-complaint.patch similarity index 100% rename from 0354-Fix-one-more-coverity-complaint.patch rename to 0334-Fix-one-more-coverity-complaint.patch diff --git a/0355-Fix-grub_net_hwaddr_to_str.patch b/0335-Fix-grub_net_hwaddr_to_str.patch similarity index 100% rename from 0355-Fix-grub_net_hwaddr_to_str.patch rename to 0335-Fix-grub_net_hwaddr_to_str.patch diff --git a/0356-Support-UEFI-networking-protocols.patch b/0336-Support-UEFI-networking-protocols.patch similarity index 99% rename from 0356-Support-UEFI-networking-protocols.patch rename to 0336-Support-UEFI-networking-protocols.patch index 90bf7f13..af4f203e 100644 --- a/0356-Support-UEFI-networking-protocols.patch +++ b/0336-Support-UEFI-networking-protocols.patch @@ -53,10 +53,10 @@ V3: create mode 100644 include/grub/net/efi.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 334ca3fcf46..cdafd91c677 100644 +index e03835b9dc1..8e542acd589 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -2192,6 +2192,18 @@ module = { +@@ -2181,6 +2181,18 @@ module = { common = hook/datehook.c; }; @@ -75,7 +75,7 @@ index 334ca3fcf46..cdafd91c677 100644 module = { name = net; common = net/net.c; -@@ -2206,6 +2218,12 @@ module = { +@@ -2195,6 +2207,12 @@ module = { common = net/arp.c; common = net/netbuff.c; common = net/url.c; diff --git a/0357-AUDIT-0-http-boot-tracker-bug.patch b/0337-AUDIT-0-http-boot-tracker-bug.patch similarity index 100% rename from 0357-AUDIT-0-http-boot-tracker-bug.patch rename to 0337-AUDIT-0-http-boot-tracker-bug.patch diff --git a/0358-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch b/0338-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch similarity index 100% rename from 0358-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch rename to 0338-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch diff --git a/0359-efi-uga-use-64-bit-for-fb_base.patch b/0339-efi-uga-use-64-bit-for-fb_base.patch similarity index 100% rename from 0359-efi-uga-use-64-bit-for-fb_base.patch rename to 0339-efi-uga-use-64-bit-for-fb_base.patch diff --git a/0360-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch b/0340-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch similarity index 100% rename from 0360-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch rename to 0340-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch diff --git a/0361-EFI-console-Add-grub_console_read_key_stroke-helper-.patch b/0341-EFI-console-Add-grub_console_read_key_stroke-helper-.patch similarity index 100% rename from 0361-EFI-console-Add-grub_console_read_key_stroke-helper-.patch rename to 0341-EFI-console-Add-grub_console_read_key_stroke-helper-.patch diff --git a/0362-EFI-console-Implement-getkeystatus-support.patch b/0342-EFI-console-Implement-getkeystatus-support.patch similarity index 100% rename from 0362-EFI-console-Implement-getkeystatus-support.patch rename to 0342-EFI-console-Implement-getkeystatus-support.patch diff --git a/0363-Make-grub_getkeystatus-helper-funtion-available-ever.patch b/0343-Make-grub_getkeystatus-helper-funtion-available-ever.patch similarity index 100% rename from 0363-Make-grub_getkeystatus-helper-funtion-available-ever.patch rename to 0343-Make-grub_getkeystatus-helper-funtion-available-ever.patch diff --git a/0364-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch b/0344-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch similarity index 100% rename from 0364-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch rename to 0344-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch diff --git a/0365-grub-editenv-Add-incr-command-to-increment-integer-v.patch b/0345-grub-editenv-Add-incr-command-to-increment-integer-v.patch similarity index 100% rename from 0365-grub-editenv-Add-incr-command-to-increment-integer-v.patch rename to 0345-grub-editenv-Add-incr-command-to-increment-integer-v.patch diff --git a/0366-Add-auto-hide-menu-support.patch b/0346-Add-auto-hide-menu-support.patch similarity index 96% rename from 0366-Add-auto-hide-menu-support.patch rename to 0346-Add-auto-hide-menu-support.patch index 09e96b65..78bbf429 100644 --- a/0366-Add-auto-hide-menu-support.patch +++ b/0346-Add-auto-hide-menu-support.patch @@ -122,7 +122,7 @@ index 00000000000..a10fe45bb2c +fi +EOF diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index d979de1982a..4aeca88f5b7 100644 +index 13a3a6bc752..ab634393a31 100644 --- a/util/grub.d/30_os-prober.in +++ b/util/grub.d/30_os-prober.in @@ -42,6 +42,7 @@ if [ -z "${OSPROBED}" ] ; then @@ -133,7 +133,7 @@ index d979de1982a..4aeca88f5b7 100644 # TRANSLATORS: it refers on the OS residing on device %s onstr="$(gettext_printf "(on %s)" "${DEVICE}")" hints="" -@@ -125,6 +126,7 @@ for OS in ${OSPROBED} ; do +@@ -102,6 +103,7 @@ for OS in ${OSPROBED} ; do case ${BOOT} in chain) @@ -141,7 +141,7 @@ index d979de1982a..4aeca88f5b7 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" cat << EOF -@@ -155,6 +157,7 @@ EOF +@@ -132,6 +134,7 @@ EOF EOF ;; efi) @@ -149,7 +149,7 @@ index d979de1982a..4aeca88f5b7 100644 EFIPATH=${DEVICE#*@} DEVICE=${DEVICE%@*} -@@ -199,6 +202,7 @@ EOF +@@ -176,6 +179,7 @@ EOF LINITRD="${LINITRD#/boot}" fi @@ -157,7 +157,7 @@ index d979de1982a..4aeca88f5b7 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" recovery_params="$(echo "${LPARAMS}" | grep single)" || true counter=1 -@@ -272,6 +276,7 @@ EOF +@@ -249,6 +253,7 @@ EOF done ;; hurd) @@ -165,7 +165,7 @@ index d979de1982a..4aeca88f5b7 100644 onstr="$(gettext_printf "(on %s)" "${DEVICE}")" cat << EOF menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class hurd --class gnu --class os \$menuentry_id_option 'osprober-gnuhurd-/boot/gnumach.gz-false-$(grub_get_device_id "${DEVICE}")' { -@@ -298,6 +303,7 @@ EOF +@@ -275,6 +280,7 @@ EOF EOF ;; minix) @@ -173,7 +173,7 @@ index d979de1982a..4aeca88f5b7 100644 cat << EOF menuentry "${LONGNAME} (on ${DEVICE}, Multiboot)" { EOF -@@ -329,3 +335,15 @@ EOF +@@ -306,3 +312,15 @@ EOF esac esac done diff --git a/0367-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch b/0347-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch similarity index 100% rename from 0367-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch rename to 0347-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch diff --git a/0368-Add-grub-set-bootflag-utility.patch b/0348-Add-grub-set-bootflag-utility.patch similarity index 100% rename from 0368-Add-grub-set-bootflag-utility.patch rename to 0348-Add-grub-set-bootflag-utility.patch diff --git a/0369-Fix-grub-setpassword-o-s-output-path.patch b/0349-Fix-grub-setpassword-o-s-output-path.patch similarity index 100% rename from 0369-Fix-grub-setpassword-o-s-output-path.patch rename to 0349-Fix-grub-setpassword-o-s-output-path.patch diff --git a/0370-Make-grub-set-password-be-named-like-all-the-other-g.patch b/0350-Make-grub-set-password-be-named-like-all-the-other-g.patch similarity index 100% rename from 0370-Make-grub-set-password-be-named-like-all-the-other-g.patch rename to 0350-Make-grub-set-password-be-named-like-all-the-other-g.patch diff --git a/0371-docs-Add-grub-boot-indeterminate.service-example.patch b/0351-docs-Add-grub-boot-indeterminate.service-example.patch similarity index 100% rename from 0371-docs-Add-grub-boot-indeterminate.service-example.patch rename to 0351-docs-Add-grub-boot-indeterminate.service-example.patch diff --git a/0372-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch b/0352-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch similarity index 100% rename from 0372-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch rename to 0352-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch diff --git a/0373-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch b/0353-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch similarity index 100% rename from 0373-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch rename to 0353-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch diff --git a/0374-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch b/0354-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch similarity index 96% rename from 0374-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch rename to 0354-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch index fa7f994c..dc1778e2 100644 --- a/0374-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch +++ b/0354-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch @@ -29,10 +29,10 @@ index 5f47a9265f3..b3af931e958 100644 grub_cv_target_cc_soft_float=no if test "x$target_cpu" = xarm64; then diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index cdafd91c677..a656930800e 100644 +index 8e542acd589..4041472fe68 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -1714,6 +1714,7 @@ module = { +@@ -1709,6 +1709,7 @@ module = { sparc64_ieee1275 = loader/sparc64/ieee1275/linux.c; ia64_efi = loader/ia64/efi/linux.c; arm = loader/arm/linux.c; diff --git a/0375-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch b/0355-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch similarity index 100% rename from 0375-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch rename to 0355-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch diff --git a/0376-gentpl-add-disable-support.patch b/0356-gentpl-add-disable-support.patch similarity index 100% rename from 0376-gentpl-add-disable-support.patch rename to 0356-gentpl-add-disable-support.patch diff --git a/0377-gentpl-add-pc-firmware-type.patch b/0357-gentpl-add-pc-firmware-type.patch similarity index 100% rename from 0377-gentpl-add-pc-firmware-type.patch rename to 0357-gentpl-add-pc-firmware-type.patch diff --git a/0378-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch b/0358-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch similarity index 97% rename from 0378-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch rename to 0358-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch index e8e5a03d..d03e6d36 100644 --- a/0378-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch +++ b/0358-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch @@ -9,7 +9,7 @@ Signed-off-by: Peter Jones 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index a656930800e..3b022555c46 100644 +index 4041472fe68..67a2f997dcb 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -192,6 +192,7 @@ kernel = { diff --git a/0379-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch b/0359-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch similarity index 67% rename from 0379-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch rename to 0359-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch index aed1e9b8..ae436d84 100644 --- a/0379-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch +++ b/0359-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch @@ -6,23 +6,14 @@ Subject: [PATCH] Disable multiboot, multiboot2, and linux16 modules on EFI Signed-off-by: Peter Jones --- - grub-core/Makefile.core.def | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) + grub-core/Makefile.core.def | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 3b022555c46..81509b86a0d 100644 +index 67a2f997dcb..971ad1920d6 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -1654,7 +1654,7 @@ module = { - module = { - name = linux16; - common = loader/i386/pc/linux.c; -- enable = x86; -+ enable = i386_pc; - }; - - module = { -@@ -1689,7 +1689,7 @@ module = { +@@ -1682,7 +1682,7 @@ module = { common = loader/multiboot.c; common = loader/multiboot_mbi2.c; @@ -31,7 +22,7 @@ index 3b022555c46..81509b86a0d 100644 enable = mips; }; -@@ -1698,7 +1698,7 @@ module = { +@@ -1691,7 +1691,7 @@ module = { common = loader/multiboot.c; x86 = loader/i386/multiboot_mbi.c; extra_dist = loader/multiboot_elfxx.c; diff --git a/0381-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch b/0360-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch similarity index 91% rename from 0381-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch rename to 0360-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch index 0191f32e..66ef60ab 100644 --- a/0381-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch +++ b/0360-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch @@ -9,10 +9,10 @@ Signed-off-by: Peter Jones 1 file changed, 6 deletions(-) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 804c964431e..9039a6f73a3 100644 +index 971ad1920d6..5372d88f77e 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def -@@ -2193,12 +2193,6 @@ module = { +@@ -2188,12 +2188,6 @@ module = { module = { name = efi_netfs; common = net/efi/efi_netfs.c; diff --git a/0382-Don-t-build-the-fdt-command.patch b/0361-Don-t-build-the-fdt-command.patch similarity index 96% rename from 0382-Don-t-build-the-fdt-command.patch rename to 0361-Don-t-build-the-fdt-command.patch index 70d677e8..6f1da09d 100644 --- a/0382-Don-t-build-the-fdt-command.patch +++ b/0361-Don-t-build-the-fdt-command.patch @@ -24,7 +24,7 @@ Signed-off-by: Peter Jones delete mode 100644 grub-core/kern/efi/fdt.c diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 9039a6f73a3..ff6fa4bd000 100644 +index 5372d88f77e..5fae7db10f9 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -242,10 +242,8 @@ kernel = { @@ -38,7 +38,7 @@ index 9039a6f73a3..ff6fa4bd000 100644 i386_pc = kern/i386/pc/init.c; i386_pc = kern/i386/pc/mmap.c; -@@ -1701,11 +1699,17 @@ module = { +@@ -1694,11 +1692,17 @@ module = { enable = i386_pc; }; @@ -56,9 +56,9 @@ index 9039a6f73a3..ff6fa4bd000 100644 module = { name = linux; -@@ -1721,7 +1725,9 @@ module = { - arm = loader/arm/linux.c; +@@ -1716,7 +1720,9 @@ module = { arm64 = loader/arm64/linux.c; + arm64 = loader/efi/linux.c; emu = loader/emu/linux.c; + fdt = lib/fdt.c; @@ -66,7 +66,7 @@ index 9039a6f73a3..ff6fa4bd000 100644 common = loader/linux.c; common = lib/cmdline.c; -@@ -1729,12 +1735,14 @@ module = { +@@ -1724,12 +1730,14 @@ module = { efi = loader/efi/linux.c; }; @@ -81,7 +81,7 @@ index 9039a6f73a3..ff6fa4bd000 100644 module = { name = xnu; -@@ -1795,7 +1803,8 @@ module = { +@@ -1790,7 +1798,8 @@ module = { i386_coreboot = lib/LzmaDec.c; enable = i386_pc; enable = i386_coreboot; diff --git a/0383-blscfg-remove-unused-typedef.patch b/0362-blscfg-remove-unused-typedef.patch similarity index 100% rename from 0383-blscfg-remove-unused-typedef.patch rename to 0362-blscfg-remove-unused-typedef.patch diff --git a/0384-blscfg-don-t-dynamically-allocate-default_blsdir.patch b/0363-blscfg-don-t-dynamically-allocate-default_blsdir.patch similarity index 100% rename from 0384-blscfg-don-t-dynamically-allocate-default_blsdir.patch rename to 0363-blscfg-don-t-dynamically-allocate-default_blsdir.patch diff --git a/0385-blscfg-sort-BLS-entries-by-version-field.patch b/0364-blscfg-sort-BLS-entries-by-version-field.patch similarity index 100% rename from 0385-blscfg-sort-BLS-entries-by-version-field.patch rename to 0364-blscfg-sort-BLS-entries-by-version-field.patch diff --git a/0386-blscfg-remove-NULL-guards-around-grub_free.patch b/0365-blscfg-remove-NULL-guards-around-grub_free.patch similarity index 100% rename from 0386-blscfg-remove-NULL-guards-around-grub_free.patch rename to 0365-blscfg-remove-NULL-guards-around-grub_free.patch diff --git a/0387-blscfg-fix-filename-in-no-linux-key-error.patch b/0366-blscfg-fix-filename-in-no-linux-key-error.patch similarity index 100% rename from 0387-blscfg-fix-filename-in-no-linux-key-error.patch rename to 0366-blscfg-fix-filename-in-no-linux-key-error.patch diff --git a/0388-blscfg-don-t-leak-bls_entry.filename.patch b/0367-blscfg-don-t-leak-bls_entry.filename.patch similarity index 100% rename from 0388-blscfg-don-t-leak-bls_entry.filename.patch rename to 0367-blscfg-don-t-leak-bls_entry.filename.patch diff --git a/0389-blscfg-fix-compilation-on-EFI-and-EMU.patch b/0368-blscfg-fix-compilation-on-EFI-and-EMU.patch similarity index 100% rename from 0389-blscfg-fix-compilation-on-EFI-and-EMU.patch rename to 0368-blscfg-fix-compilation-on-EFI-and-EMU.patch diff --git a/0391-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch b/0369-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch similarity index 96% rename from 0391-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch rename to 0369-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch index a9e8151d..b6f16173 100644 --- a/0391-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch +++ b/0369-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch @@ -18,7 +18,7 @@ Signed-off-by: Will Thompson 1 file changed, 2 insertions(+) diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 46ebe210263..4168097732b 100644 +index 5fae7db10f9..e823233cc67 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -781,6 +781,7 @@ module = { diff --git a/0370-blscfg-Get-rid-of-the-linuxefi-linux16-linux-distinc.patch b/0370-blscfg-Get-rid-of-the-linuxefi-linux16-linux-distinc.patch new file mode 100644 index 00000000..abfb80e0 --- /dev/null +++ b/0370-blscfg-Get-rid-of-the-linuxefi-linux16-linux-distinc.patch @@ -0,0 +1,56 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 16 Jul 2018 11:00:50 -0400 +Subject: [PATCH] blscfg: Get rid of the linuxefi/linux16/linux distinction + +Signed-off-by: Peter Jones +--- + grub-core/commands/blscfg.c | 14 +++----------- + 1 file changed, 3 insertions(+), 11 deletions(-) + +diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c +index f4283708e21..6f9f8e773c5 100644 +--- a/grub-core/commands/blscfg.c ++++ b/grub-core/commands/blscfg.c +@@ -43,14 +43,6 @@ GRUB_MOD_LICENSE ("GPLv3+"); + #define GRUB_BOOT_DEVICE "($root)" + #endif + +-#ifdef GRUB_MACHINE_EFI +-#define GRUB_LINUX_CMD "linuxefi" +-#define GRUB_INITRD_CMD "initrdefi" +-#else +-#define GRUB_LINUX_CMD "linux" +-#define GRUB_INITRD_CMD "initrd" +-#endif +- + enum + { + PLATFORM_EFI, +@@ -563,7 +555,7 @@ static void create_entry (struct bls_entry *entry) + title, id); + if (initrds) + { +- int initrd_size = sizeof (GRUB_INITRD_CMD); ++ int initrd_size = sizeof ("initrd"); + char *tmp; + + for (i = 0; initrds != NULL && initrds[i] != NULL; i++) +@@ -579,7 +571,7 @@ static void create_entry (struct bls_entry *entry) + } + + +- tmp = grub_stpcpy(initrd, GRUB_INITRD_CMD); ++ tmp = grub_stpcpy(initrd, "initrd "); + for (i = 0; initrds != NULL && initrds[i] != NULL; i++) + { + grub_dprintf ("blscfg", "adding initrd %s\n", initrds[i]); +@@ -592,7 +584,7 @@ static void create_entry (struct bls_entry *entry) + src = grub_xasprintf ("load_video\n" + "set gfx_payload=keep\n" + "insmod gzio\n" +- GRUB_LINUX_CMD " %s%s%s%s\n" ++ "linux %s%s%s%s\n" + "%s", + GRUB_BOOT_DEVICE, clinux, options ? " " : "", options ? options : "", + initrd ? initrd : ""); diff --git a/0380-Make-the-linuxefi-module-just-be-the-x86-efi-version.patch b/0380-Make-the-linuxefi-module-just-be-the-x86-efi-version.patch deleted file mode 100644 index 9bb4dd0b..00000000 --- a/0380-Make-the-linuxefi-module-just-be-the-x86-efi-version.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 11 Jul 2018 13:49:17 -0400 -Subject: [PATCH] Make the linuxefi module just be the x86 efi version of linux - -Signed-off-by: Peter Jones ---- - grub-core/Makefile.core.def | 16 +++++----------- - 1 file changed, 5 insertions(+), 11 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 81509b86a0d..804c964431e 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1710,6 +1710,8 @@ module = { - module = { - name = linux; - x86 = loader/i386/linux.c; -+ x86_efi = loader/i386/efi/linux.c; -+ i386_efi = loader/i386/efi/linux.c; - xen = loader/i386/xen.c; - i386_pc = lib/i386/pc/vesa_modes_table.c; - mips = loader/mips/linux.c; -@@ -1717,13 +1719,14 @@ module = { - sparc64_ieee1275 = loader/sparc64/ieee1275/linux.c; - ia64_efi = loader/ia64/efi/linux.c; - arm = loader/arm/linux.c; -- arm = loader/efi/linux.c; - arm64 = loader/arm64/linux.c; -- arm64 = loader/efi/linux.c; - emu = loader/emu/linux.c; - fdt = lib/fdt.c; -+ - common = loader/linux.c; - common = lib/cmdline.c; -+ -+ efi = loader/efi/linux.c; - }; - - module = { -@@ -1784,15 +1787,6 @@ module = { - enable = x86_64_efi; - }; - --module = { -- name = linuxefi; -- efi = loader/i386/efi/linux.c; -- efi = lib/cmdline.c; -- efi = loader/efi/linux.c; -- enable = i386_efi; -- enable = x86_64_efi; --}; -- - module = { - name = chain; - efi = loader/efi/chainloader.c; diff --git a/0390-Fix-our-linuxefi-linux-command-reunion.patch b/0390-Fix-our-linuxefi-linux-command-reunion.patch deleted file mode 100644 index cda701e9..00000000 --- a/0390-Fix-our-linuxefi-linux-command-reunion.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 12 Jul 2018 19:39:51 -0400 -Subject: [PATCH] Fix our linuxefi/linux command reunion. - -Signed-off-by: Peter Jones ---- - grub-core/Makefile.core.def | 4 ++-- - grub-core/loader/i386/efi/linux.c | 13 +++++++++++-- - 2 files changed, 13 insertions(+), 4 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index ff6fa4bd000..46ebe210263 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1713,8 +1713,8 @@ module = { - - module = { - name = linux; -- x86 = loader/i386/linux.c; -- x86_efi = loader/i386/efi/linux.c; -+ i386_pc = loader/i386/linux.c; -+ x86_64_efi = loader/i386/efi/linux.c; - i386_efi = loader/i386/efi/linux.c; - xen = loader/i386/xen.c; - i386_pc = lib/i386/pc/vesa_modes_table.c; -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 66e58b71e22..498d7ba7158 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -366,20 +366,29 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - static grub_command_t cmd_linux, cmd_initrd; -+static grub_command_t cmd_linuxefi, cmd_initrdefi; - --GRUB_MOD_INIT(linuxefi) -+GRUB_MOD_INIT(linux) - { - cmd_linux = -+ grub_register_command ("linux", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_linuxefi = - grub_register_command ("linuxefi", grub_cmd_linux, - 0, N_("Load Linux.")); - cmd_initrd = -+ grub_register_command ("initrd", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ cmd_initrdefi = - grub_register_command ("initrdefi", grub_cmd_initrd, - 0, N_("Load initrd.")); - my_mod = mod; - } - --GRUB_MOD_FINI(linuxefi) -+GRUB_MOD_FINI(linux) - { - grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_linuxefi); - grub_unregister_command (cmd_initrd); -+ grub_unregister_command (cmd_initrdefi); - } diff --git a/0392-Jettison-the-non-linux16-linux-loader-make-linux16-p.patch b/0392-Jettison-the-non-linux16-linux-loader-make-linux16-p.patch deleted file mode 100644 index 3f3b26ec..00000000 --- a/0392-Jettison-the-non-linux16-linux-loader-make-linux16-p.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 13 Jul 2018 16:15:27 -0400 -Subject: [PATCH] Jettison the non-linux16 "linux" loader; make linux16 provide - the command. - ---- - grub-core/Makefile.core.def | 9 +-------- - grub-core/loader/i386/pc/linux.c | 10 +++++++++- - 2 files changed, 10 insertions(+), 9 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 4168097732b..f96b1933eea 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1650,13 +1650,6 @@ module = { - enable = i386_pc; - }; - -- --module = { -- name = linux16; -- common = loader/i386/pc/linux.c; -- enable = i386_pc; --}; -- - module = { - name = ntldr; - i386_pc = loader/i386/pc/ntldr.c; -@@ -1715,7 +1708,7 @@ module = { - - module = { - name = linux; -- i386_pc = loader/i386/linux.c; -+ i386_pc = loader/i386/pc/linux.c; - x86_64_efi = loader/i386/efi/linux.c; - i386_efi = loader/i386/efi/linux.c; - xen = loader/i386/xen.c; -diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 1e369afcbad..cfff25c21b5 100644 ---- a/grub-core/loader/i386/pc/linux.c -+++ b/grub-core/loader/i386/pc/linux.c -@@ -481,7 +481,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - --static grub_command_t cmd_linux, cmd_initrd; -+static grub_command_t cmd_linux, cmd_linux16, cmd_initrd, cmd_initrd16; - - GRUB_MOD_INIT(linux16) - { -@@ -489,9 +489,15 @@ GRUB_MOD_INIT(linux16) - return; - - cmd_linux = -+ grub_register_command ("linux", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_linux16 = - grub_register_command ("linux16", grub_cmd_linux, - 0, N_("Load Linux.")); - cmd_initrd = -+ grub_register_command ("initrd", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ cmd_initrd16 = - grub_register_command ("initrd16", grub_cmd_initrd, - 0, N_("Load initrd.")); - my_mod = mod; -@@ -503,5 +509,7 @@ GRUB_MOD_FINI(linux16) - return; - - grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_linux16); - grub_unregister_command (cmd_initrd); -+ grub_unregister_command (cmd_initrd16); - } diff --git a/grub.patches b/grub.patches index 1cade548..777baab3 100644 --- a/grub.patches +++ b/grub.patches @@ -154,239 +154,217 @@ Patch0153: 0153-grub-setup-Debug-message-cleanup.patch Patch0154: 0154-efi-console-Fix-the-enter-key-not-working-on-x86-tab.patch Patch0155: 0155-commands-file-Use-definitions-from-arm-linux.h.patch Patch0156: 0156-commands-file-Use-definitions-from-arm64-linux.h.patch -Patch0157: 0157-re-write-.gitignore.patch -Patch0158: 0158-IBM-client-architecture-CAS-reboot-support.patch -Patch0159: 0159-for-ppc-reset-console-display-attr-when-clear-screen.patch -Patch0160: 0160-Disable-GRUB-video-support-for-IBM-power-machines.patch -Patch0161: 0161-Honor-a-symlink-when-generating-configuration-by-gru.patch -Patch0162: 0162-Move-bash-completion-script-922997.patch -Patch0163: 0163-Update-to-minilzo-2.08.patch -Patch0164: 0164-Allow-fallback-to-include-entries-by-title-not-just-.patch -Patch0165: 0165-Add-GRUB_DISABLE_UUID.patch -Patch0166: 0166-Make-exit-take-a-return-code.patch -Patch0167: 0167-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch -Patch0168: 0168-Make-efi-machines-load-an-env-block-from-a-variable.patch -Patch0169: 0169-DHCP-client-ID-and-UUID-options-added.patch -Patch0170: 0170-trim-arp-packets-with-abnormal-size.patch -Patch0171: 0171-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch -Patch0172: 0172-Add-support-for-UEFI-operating-systems-returned-by-o.patch -Patch0173: 0173-Migrate-PPC-from-Yaboot-to-Grub2.patch -Patch0174: 0174-Add-fw_path-variable-revised.patch -Patch0175: 0175-Add-support-for-linuxefi.patch -Patch0176: 0176-Use-linuxefi-and-initrdefi-where-appropriate.patch -Patch0177: 0177-Don-t-allow-insmod-when-secure-boot-is-enabled.patch -Patch0178: 0178-Pass-x-hex-hex-straight-through-unmolested.patch -Patch0179: 0179-Add-X-option-to-printf-functions.patch -Patch0180: 0180-Search-for-specific-config-file-for-netboot.patch -Patch0181: 0181-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch -Patch0182: 0182-Don-t-write-messages-to-the-screen.patch -Patch0183: 0183-Don-t-print-GNU-GRUB-header.patch -Patch0184: 0184-Don-t-add-to-highlighted-row.patch -Patch0185: 0185-Message-string-cleanups.patch -Patch0186: 0186-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch -Patch0187: 0187-Use-the-correct-indentation-for-the-term-help-text.patch -Patch0188: 0188-Indent-menu-entries.patch -Patch0189: 0189-Fix-margins.patch -Patch0190: 0190-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch -Patch0191: 0191-Use-linux16-when-appropriate-880840.patch -Patch0192: 0192-Enable-pager-by-default.-985860.patch -Patch0193: 0193-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch -Patch0194: 0194-Don-t-say-GNU-Linux-in-generated-menus.patch -Patch0195: 0195-Don-t-draw-a-border-around-the-menu.patch -Patch0196: 0196-Use-the-standard-margin-for-the-timeout-string.patch -Patch0197: 0197-Add-.eh_frame-to-list-of-relocations-stripped.patch -Patch0198: 0198-Make-10_linux-work-with-our-changes-for-linux16-and-.patch -Patch0199: 0199-Don-t-print-during-fdt-loading-method.patch -Patch0200: 0200-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch -Patch0201: 0201-Don-t-require-a-password-to-boot-entries-generated-b.patch -Patch0202: 0202-Don-t-emit-Booting-.-message.patch -Patch0203: 0203-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch -Patch0204: 0204-use-fw_path-prefix-when-fallback-searching-for-grub-.patch -Patch0205: 0205-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch -Patch0206: 0206-Fix-convert-function-to-support-NVMe-devices.patch -Patch0207: 0207-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch -Patch0208: 0208-Use-the-default-device-tree-from-the-grub-default-fi.patch -Patch0209: 0209-reopen-SNP-protocol-for-exclusive-use-by-grub.patch -Patch0210: 0210-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch -Patch0211: 0211-Add-grub_util_readlink.patch -Patch0212: 0212-Make-editenv-chase-symlinks-including-those-across-d.patch -Patch0213: 0213-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch -Patch0214: 0214-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch -Patch0215: 0215-Load-arm-with-SB-enabled.patch -Patch0216: 0216-Try-prefix-if-fw_path-doesn-t-work.patch -Patch0217: 0217-Update-info-with-grub.cfg-netboot-selection-order-11.patch -Patch0218: 0218-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch -Patch0219: 0219-Handle-rssd-storage-devices.patch -Patch0220: 0220-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch -Patch0221: 0221-Make-grub2-mkconfig-construct-titles-that-look-like-.patch -Patch0222: 0222-Add-friendly-grub2-password-config-tool-985962.patch -Patch0223: 0223-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch -Patch0224: 0224-tcp-add-window-scaling-support.patch -Patch0225: 0225-efinet-retransmit-if-our-device-is-busy.patch -Patch0226: 0226-Be-more-aggro-about-actually-using-the-configured-ne.patch -Patch0227: 0227-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch -Patch0228: 0228-Fix-security-issue-when-reading-username-and-passwor.patch -Patch0229: 0229-Warn-if-grub-password-will-not-be-read-1290803.patch -Patch0230: 0230-Clean-up-grub-setpassword-documentation-1290799.patch -Patch0231: 0231-Fix-locale-issue-in-grub-setpassword-1294243.patch -Patch0232: 0232-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch -Patch0233: 0233-efiemu-Fix-compilation-failure.patch -Patch0234: 0234-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch -Patch0235: 0235-Add-a-url-parser.patch -Patch0236: 0236-efinet-and-bootp-add-support-for-dhcpv6.patch -Patch0237: 0237-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch -Patch0238: 0238-Normalize-slashes-in-tftp-paths.patch -Patch0239: 0239-Fix-malformed-tftp-packets.patch -Patch0240: 0240-Fix-race-in-EFI-validation.patch -Patch0241: 0241-bz1374141-fix-incorrect-mask-for-ppc64.patch -Patch0242: 0242-Use-device-part-of-chainloader-target-if-present.patch -Patch0243: 0243-Add-secureboot-support-on-efi-chainloader.patch -Patch0244: 0244-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch -Patch0245: 0245-Make-grub_fatal-also-backtrace.patch -Patch0246: 0246-Rework-linux-command.patch -Patch0247: 0247-Rework-linux16-command.patch -Patch0248: 0248-Make-grub-editenv-build-again.patch -Patch0249: 0249-Fix-up-some-man-pages-rpmdiff-noticed.patch -Patch0250: 0250-Re-work-some-intricacies-of-PE-loading.patch -Patch0251: 0251-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch -Patch0252: 0252-linuxefi-fix-double-free-on-verification-failure.patch -Patch0253: 0253-fix-machine-type-test-in-30_os-prober.in.patch -Patch0254: 0254-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch -Patch0255: 0255-efi-chainloader-truncate-overlong-relocation-section.patch -Patch0256: 0256-linuxefi-minor-cleanups.patch -Patch0257: 0257-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch -Patch0258: 0258-Fix-up-linux-params-usage.patch -Patch0259: 0259-Make-exit-take-a-return-code.patch -Patch0260: 0260-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch -Patch0261: 0261-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch -Patch0262: 0262-Make-our-info-pages-say-grub2-where-appropriate.patch -Patch0263: 0263-print-more-debug-info-in-our-module-loader.patch -Patch0264: 0264-macos-just-build-chainloader-entries-don-t-try-any-x.patch -Patch0265: 0265-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch -Patch0266: 0266-export-btrfs_subvol-and-btrfs_subvolid.patch -Patch0267: 0267-grub2-btrfs-03-follow_default.patch -Patch0268: 0268-grub2-btrfs-04-grub2-install.patch -Patch0269: 0269-grub2-btrfs-05-grub2-mkconfig.patch -Patch0270: 0270-grub2-btrfs-06-subvol-mount.patch -Patch0271: 0271-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch -Patch0272: 0272-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch -Patch0273: 0273-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch -Patch0274: 0274-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch -Patch0275: 0275-Use-grub_efi_.-memory-helpers-where-reasonable.patch -Patch0276: 0276-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch -Patch0277: 0277-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch -Patch0278: 0278-don-t-ignore-const.patch -Patch0279: 0279-don-t-use-int-for-efi-status.patch -Patch0280: 0280-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch -Patch0281: 0281-Clean-up-some-errors-in-the-linuxefi-loader.patch -Patch0282: 0282-editenv-handle-relative-symlinks.patch -Patch0283: 0283-Make-libgrub.pp-depend-on-config-util.h.patch -Patch0284: 0284-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch -Patch0285: 0285-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch -Patch0286: 0286-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch -Patch0287: 0287-align-struct-efi_variable-better.patch -Patch0288: 0288-Add-quicksort-implementation.patch -Patch0289: 0289-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch -Patch0290: 0290-Add-BLS-support-to-grub-mkconfig.patch -Patch0291: 0291-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch -Patch0292: 0292-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch -Patch0293: 0293-Enable-blscfg-command-for-the-emu-platform.patch -Patch0294: 0294-Add-linux-and-initrd-commands-for-grub-emu.patch -Patch0295: 0295-Fix-the-efidir-in-grub-setpassword.patch -Patch0296: 0296-Add-grub2-switch-to-blscfg.patch -Patch0297: 0297-Add-grub_debug_enabled.patch -Patch0298: 0298-make-better-backtraces.patch -Patch0299: 0299-normal-don-t-draw-our-startup-message-if-debug-is-se.patch -Patch0300: 0300-Work-around-some-minor-include-path-weirdnesses.patch -Patch0301: 0301-Make-it-possible-to-enabled-build-id-sha1.patch -Patch0302: 0302-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch -Patch0303: 0303-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch -Patch0304: 0304-Only-attempt-to-scan-different-BLS-directories-on-EF.patch -Patch0305: 0305-Core-TPM-support.patch -Patch0306: 0306-Measure-kernel-initrd.patch -Patch0307: 0307-Add-BIOS-boot-measurement.patch -Patch0308: 0308-Measure-kernel-and-initrd-on-BIOS-systems.patch -Patch0309: 0309-Measure-the-kernel-commandline.patch -Patch0310: 0310-Measure-commands.patch -Patch0311: 0311-Measure-multiboot-images-and-modules.patch -Patch0312: 0312-Fix-boot-when-there-s-no-TPM.patch -Patch0313: 0313-Rework-TPM-measurements.patch -Patch0314: 0314-Fix-event-log-prefix.patch -Patch0315: 0315-Set-the-first-boot-menu-entry-as-default-when-using-.patch -Patch0316: 0316-tpm-fix-warnings-when-compiling-for-platforms-other-.patch -Patch0317: 0317-Make-TPM-errors-less-fatal.patch -Patch0318: 0318-blscfg-handle-multiple-initramfs-images.patch -Patch0319: 0319-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch -Patch0320: 0320-BLS-Use-etcdefaultgrub-instead-of-etc.patch -Patch0321: 0321-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch -Patch0322: 0322-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch -Patch0323: 0323-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch -Patch0324: 0324-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch -Patch0325: 0325-Include-OSTree-path-when-searching-kernels-images-if.patch -Patch0326: 0326-Use-BLS-version-field-to-compare-entries-if-id-field.patch -Patch0327: 0327-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch -Patch0328: 0328-Fixup-for-newer-compiler.patch -Patch0329: 0329-Don-t-attempt-to-export-the-start-and-_start-symbols.patch -Patch0330: 0330-Simplify-BLS-entry-key-val-pairs-lookup.patch -Patch0331: 0331-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch -Patch0332: 0332-Skip-leading-spaces-on-BLS-field-values.patch -Patch0333: 0333-Fixup-for-newer-compiler.patch -Patch0334: 0334-TPM-Fix-hash_log_extend_event-function-prototype.patch -Patch0335: 0335-TPM-Fix-compiler-warnings.patch -Patch0336: 0336-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch -Patch0337: 0337-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch -Patch0338: 0338-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch -Patch0339: 0339-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch -Patch0340: 0340-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch -Patch0341: 0341-Revert-trim-arp-packets-with-abnormal-size.patch -Patch0342: 0342-Use-xid-to-match-DHCP-replies.patch -Patch0343: 0343-Add-support-for-non-Ethernet-network-cards.patch -Patch0344: 0344-misc-fix-invalid-character-recongition-in-strto-l.patch -Patch0345: 0345-net-read-bracketed-ipv6-addrs-and-port-numbers.patch -Patch0346: 0346-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch -Patch0347: 0347-bootp-New-net_bootp6-command.patch -Patch0348: 0348-Put-back-our-code-to-add-a-local-route.patch -Patch0349: 0349-efinet-UEFI-IPv6-PXE-support.patch -Patch0350: 0350-grub.texi-Add-net_bootp6-doument.patch -Patch0351: 0351-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch -Patch0352: 0352-efinet-Setting-network-from-UEFI-device-path.patch -Patch0353: 0353-efinet-Setting-DNS-server-from-UEFI-protocol.patch -Patch0354: 0354-Fix-one-more-coverity-complaint.patch -Patch0355: 0355-Fix-grub_net_hwaddr_to_str.patch -Patch0356: 0356-Support-UEFI-networking-protocols.patch -Patch0357: 0357-AUDIT-0-http-boot-tracker-bug.patch -Patch0358: 0358-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch -Patch0359: 0359-efi-uga-use-64-bit-for-fb_base.patch -Patch0360: 0360-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch -Patch0361: 0361-EFI-console-Add-grub_console_read_key_stroke-helper-.patch -Patch0362: 0362-EFI-console-Implement-getkeystatus-support.patch -Patch0363: 0363-Make-grub_getkeystatus-helper-funtion-available-ever.patch -Patch0364: 0364-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch -Patch0365: 0365-grub-editenv-Add-incr-command-to-increment-integer-v.patch -Patch0366: 0366-Add-auto-hide-menu-support.patch -Patch0367: 0367-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch -Patch0368: 0368-Add-grub-set-bootflag-utility.patch -Patch0369: 0369-Fix-grub-setpassword-o-s-output-path.patch -Patch0370: 0370-Make-grub-set-password-be-named-like-all-the-other-g.patch -Patch0371: 0371-docs-Add-grub-boot-indeterminate.service-example.patch -Patch0372: 0372-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch -Patch0373: 0373-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch -Patch0374: 0374-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch -Patch0375: 0375-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch -Patch0376: 0376-gentpl-add-disable-support.patch -Patch0377: 0377-gentpl-add-pc-firmware-type.patch -Patch0378: 0378-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch -Patch0379: 0379-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch -Patch0380: 0380-Make-the-linuxefi-module-just-be-the-x86-efi-version.patch -Patch0381: 0381-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch -Patch0382: 0382-Don-t-build-the-fdt-command.patch -Patch0383: 0383-blscfg-remove-unused-typedef.patch -Patch0384: 0384-blscfg-don-t-dynamically-allocate-default_blsdir.patch -Patch0385: 0385-blscfg-sort-BLS-entries-by-version-field.patch -Patch0386: 0386-blscfg-remove-NULL-guards-around-grub_free.patch -Patch0387: 0387-blscfg-fix-filename-in-no-linux-key-error.patch -Patch0388: 0388-blscfg-don-t-leak-bls_entry.filename.patch -Patch0389: 0389-blscfg-fix-compilation-on-EFI-and-EMU.patch -Patch0390: 0390-Fix-our-linuxefi-linux-command-reunion.patch -Patch0391: 0391-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch -Patch0392: 0392-Jettison-the-non-linux16-linux-loader-make-linux16-p.patch +Patch0157: 0157-Add-support-for-Linux-EFI-stub-loading.patch +Patch0158: 0158-Rework-linux-command.patch +Patch0159: 0159-Rework-linux16-command.patch +Patch0160: 0160-Add-secureboot-support-on-efi-chainloader.patch +Patch0161: 0161-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +Patch0162: 0162-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +Patch0163: 0163-re-write-.gitignore.patch +Patch0164: 0164-IBM-client-architecture-CAS-reboot-support.patch +Patch0165: 0165-for-ppc-reset-console-display-attr-when-clear-screen.patch +Patch0166: 0166-Disable-GRUB-video-support-for-IBM-power-machines.patch +Patch0167: 0167-Honor-a-symlink-when-generating-configuration-by-gru.patch +Patch0168: 0168-Move-bash-completion-script-922997.patch +Patch0169: 0169-Update-to-minilzo-2.08.patch +Patch0170: 0170-Allow-fallback-to-include-entries-by-title-not-just-.patch +Patch0171: 0171-Add-GRUB_DISABLE_UUID.patch +Patch0172: 0172-Make-exit-take-a-return-code.patch +Patch0173: 0173-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch +Patch0174: 0174-Make-efi-machines-load-an-env-block-from-a-variable.patch +Patch0175: 0175-DHCP-client-ID-and-UUID-options-added.patch +Patch0176: 0176-trim-arp-packets-with-abnormal-size.patch +Patch0177: 0177-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch +Patch0178: 0178-Add-support-for-UEFI-operating-systems-returned-by-o.patch +Patch0179: 0179-Migrate-PPC-from-Yaboot-to-Grub2.patch +Patch0180: 0180-Add-fw_path-variable-revised.patch +Patch0181: 0181-Pass-x-hex-hex-straight-through-unmolested.patch +Patch0182: 0182-Add-X-option-to-printf-functions.patch +Patch0183: 0183-Search-for-specific-config-file-for-netboot.patch +Patch0184: 0184-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +Patch0185: 0185-Add-devicetree-loading.patch +Patch0186: 0186-Don-t-write-messages-to-the-screen.patch +Patch0187: 0187-Don-t-print-GNU-GRUB-header.patch +Patch0188: 0188-Don-t-add-to-highlighted-row.patch +Patch0189: 0189-Message-string-cleanups.patch +Patch0190: 0190-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch +Patch0191: 0191-Use-the-correct-indentation-for-the-term-help-text.patch +Patch0192: 0192-Indent-menu-entries.patch +Patch0193: 0193-Fix-margins.patch +Patch0194: 0194-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch +Patch0195: 0195-Enable-pager-by-default.-985860.patch +Patch0196: 0196-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch +Patch0197: 0197-Don-t-say-GNU-Linux-in-generated-menus.patch +Patch0198: 0198-Don-t-draw-a-border-around-the-menu.patch +Patch0199: 0199-Use-the-standard-margin-for-the-timeout-string.patch +Patch0200: 0200-Add-.eh_frame-to-list-of-relocations-stripped.patch +Patch0201: 0201-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch +Patch0202: 0202-Don-t-require-a-password-to-boot-entries-generated-b.patch +Patch0203: 0203-Don-t-emit-Booting-.-message.patch +Patch0204: 0204-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +Patch0205: 0205-use-fw_path-prefix-when-fallback-searching-for-grub-.patch +Patch0206: 0206-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch +Patch0207: 0207-Fix-convert-function-to-support-NVMe-devices.patch +Patch0208: 0208-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +Patch0209: 0209-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +Patch0210: 0210-Add-grub_util_readlink.patch +Patch0211: 0211-Make-editenv-chase-symlinks-including-those-across-d.patch +Patch0212: 0212-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +Patch0213: 0213-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch +Patch0214: 0214-Try-prefix-if-fw_path-doesn-t-work.patch +Patch0215: 0215-Update-info-with-grub.cfg-netboot-selection-order-11.patch +Patch0216: 0216-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch +Patch0217: 0217-Handle-rssd-storage-devices.patch +Patch0218: 0218-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +Patch0219: 0219-Add-friendly-grub2-password-config-tool-985962.patch +Patch0220: 0220-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch +Patch0221: 0221-tcp-add-window-scaling-support.patch +Patch0222: 0222-efinet-retransmit-if-our-device-is-busy.patch +Patch0223: 0223-Be-more-aggro-about-actually-using-the-configured-ne.patch +Patch0224: 0224-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch +Patch0225: 0225-Fix-security-issue-when-reading-username-and-passwor.patch +Patch0226: 0226-Warn-if-grub-password-will-not-be-read-1290803.patch +Patch0227: 0227-Clean-up-grub-setpassword-documentation-1290799.patch +Patch0228: 0228-Fix-locale-issue-in-grub-setpassword-1294243.patch +Patch0229: 0229-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch +Patch0230: 0230-efiemu-Fix-compilation-failure.patch +Patch0231: 0231-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +Patch0232: 0232-Add-a-url-parser.patch +Patch0233: 0233-efinet-and-bootp-add-support-for-dhcpv6.patch +Patch0234: 0234-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +Patch0235: 0235-Normalize-slashes-in-tftp-paths.patch +Patch0236: 0236-Fix-malformed-tftp-packets.patch +Patch0237: 0237-bz1374141-fix-incorrect-mask-for-ppc64.patch +Patch0238: 0238-Make-grub_fatal-also-backtrace.patch +Patch0239: 0239-Make-grub-editenv-build-again.patch +Patch0240: 0240-Fix-up-some-man-pages-rpmdiff-noticed.patch +Patch0241: 0241-Make-exit-take-a-return-code.patch +Patch0242: 0242-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch +Patch0243: 0243-Make-our-info-pages-say-grub2-where-appropriate.patch +Patch0244: 0244-print-more-debug-info-in-our-module-loader.patch +Patch0245: 0245-macos-just-build-chainloader-entries-don-t-try-any-x.patch +Patch0246: 0246-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch +Patch0247: 0247-export-btrfs_subvol-and-btrfs_subvolid.patch +Patch0248: 0248-grub2-btrfs-03-follow_default.patch +Patch0249: 0249-grub2-btrfs-04-grub2-install.patch +Patch0250: 0250-grub2-btrfs-05-grub2-mkconfig.patch +Patch0251: 0251-grub2-btrfs-06-subvol-mount.patch +Patch0252: 0252-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch +Patch0253: 0253-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch +Patch0254: 0254-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch +Patch0255: 0255-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch +Patch0256: 0256-Use-grub_efi_.-memory-helpers-where-reasonable.patch +Patch0257: 0257-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +Patch0258: 0258-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch +Patch0259: 0259-don-t-ignore-const.patch +Patch0260: 0260-don-t-use-int-for-efi-status.patch +Patch0261: 0261-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch +Patch0262: 0262-editenv-handle-relative-symlinks.patch +Patch0263: 0263-Make-libgrub.pp-depend-on-config-util.h.patch +Patch0264: 0264-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +Patch0265: 0265-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch +Patch0266: 0266-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch +Patch0267: 0267-align-struct-efi_variable-better.patch +Patch0268: 0268-Add-quicksort-implementation.patch +Patch0269: 0269-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch +Patch0270: 0270-Add-BLS-support-to-grub-mkconfig.patch +Patch0271: 0271-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch +Patch0272: 0272-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch +Patch0273: 0273-Enable-blscfg-command-for-the-emu-platform.patch +Patch0274: 0274-Add-linux-and-initrd-commands-for-grub-emu.patch +Patch0275: 0275-Fix-the-efidir-in-grub-setpassword.patch +Patch0276: 0276-Add-grub2-switch-to-blscfg.patch +Patch0277: 0277-Add-grub_debug_enabled.patch +Patch0278: 0278-make-better-backtraces.patch +Patch0279: 0279-normal-don-t-draw-our-startup-message-if-debug-is-se.patch +Patch0280: 0280-Work-around-some-minor-include-path-weirdnesses.patch +Patch0281: 0281-Make-it-possible-to-enabled-build-id-sha1.patch +Patch0282: 0282-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch +Patch0283: 0283-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch +Patch0284: 0284-Only-attempt-to-scan-different-BLS-directories-on-EF.patch +Patch0285: 0285-Core-TPM-support.patch +Patch0286: 0286-Measure-kernel-initrd.patch +Patch0287: 0287-Add-BIOS-boot-measurement.patch +Patch0288: 0288-Measure-kernel-and-initrd-on-BIOS-systems.patch +Patch0289: 0289-Measure-the-kernel-commandline.patch +Patch0290: 0290-Measure-commands.patch +Patch0291: 0291-Measure-multiboot-images-and-modules.patch +Patch0292: 0292-Fix-boot-when-there-s-no-TPM.patch +Patch0293: 0293-Rework-TPM-measurements.patch +Patch0294: 0294-Fix-event-log-prefix.patch +Patch0295: 0295-Set-the-first-boot-menu-entry-as-default-when-using-.patch +Patch0296: 0296-tpm-fix-warnings-when-compiling-for-platforms-other-.patch +Patch0297: 0297-Make-TPM-errors-less-fatal.patch +Patch0298: 0298-blscfg-handle-multiple-initramfs-images.patch +Patch0299: 0299-BLS-Fix-grub2-switch-to-blscfg-on-non-EFI-machines.patch +Patch0300: 0300-BLS-Use-etcdefaultgrub-instead-of-etc.patch +Patch0301: 0301-Add-missing-options-to-grub2-switch-to-blscfg-man-pa.patch +Patch0302: 0302-Make-grub2-switch-to-blscfg-to-generate-debug-BLS-wh.patch +Patch0303: 0303-Make-grub2-switch-to-blscfg-to-generate-BLS-fragment.patch +Patch0304: 0304-Only-attempt-to-query-dev-mounted-in-boot-efi-as-boo.patch +Patch0305: 0305-Include-OSTree-path-when-searching-kernels-images-if.patch +Patch0306: 0306-Use-BLS-version-field-to-compare-entries-if-id-field.patch +Patch0307: 0307-Add-version-field-to-BLS-generated-by-grub2-switch-t.patch +Patch0308: 0308-Fixup-for-newer-compiler.patch +Patch0309: 0309-Don-t-attempt-to-export-the-start-and-_start-symbols.patch +Patch0310: 0310-Simplify-BLS-entry-key-val-pairs-lookup.patch +Patch0311: 0311-Add-relative-path-to-the-kernel-and-initrds-BLS-fiel.patch +Patch0312: 0312-Skip-leading-spaces-on-BLS-field-values.patch +Patch0313: 0313-Fixup-for-newer-compiler.patch +Patch0314: 0314-TPM-Fix-hash_log_extend_event-function-prototype.patch +Patch0315: 0315-TPM-Fix-compiler-warnings.patch +Patch0316: 0316-grub-switch-to-blscfg.in-get-rid-of-a-bunch-of-bashi.patch +Patch0317: 0317-grub-switch-to-blscfg.in-Better-boot-prefix-checking.patch +Patch0318: 0318-Use-boot-loader-entries-as-BLS-directory-path-also-o.patch +Patch0319: 0319-Use-BLS-fragment-filename-as-menu-entry-id-and-for-c.patch +Patch0320: 0320-Fix-grub-switch-to-blscfg-boot-prefix-handling.patch +Patch0321: 0321-Revert-trim-arp-packets-with-abnormal-size.patch +Patch0322: 0322-Use-xid-to-match-DHCP-replies.patch +Patch0323: 0323-Add-support-for-non-Ethernet-network-cards.patch +Patch0324: 0324-misc-fix-invalid-character-recongition-in-strto-l.patch +Patch0325: 0325-net-read-bracketed-ipv6-addrs-and-port-numbers.patch +Patch0326: 0326-net-read-bracketed-ipv6-addrs-and-port-numbers-pjone.patch +Patch0327: 0327-bootp-New-net_bootp6-command.patch +Patch0328: 0328-Put-back-our-code-to-add-a-local-route.patch +Patch0329: 0329-efinet-UEFI-IPv6-PXE-support.patch +Patch0330: 0330-grub.texi-Add-net_bootp6-doument.patch +Patch0331: 0331-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch +Patch0332: 0332-efinet-Setting-network-from-UEFI-device-path.patch +Patch0333: 0333-efinet-Setting-DNS-server-from-UEFI-protocol.patch +Patch0334: 0334-Fix-one-more-coverity-complaint.patch +Patch0335: 0335-Fix-grub_net_hwaddr_to_str.patch +Patch0336: 0336-Support-UEFI-networking-protocols.patch +Patch0337: 0337-AUDIT-0-http-boot-tracker-bug.patch +Patch0338: 0338-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch +Patch0339: 0339-efi-uga-use-64-bit-for-fb_base.patch +Patch0340: 0340-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch +Patch0341: 0341-EFI-console-Add-grub_console_read_key_stroke-helper-.patch +Patch0342: 0342-EFI-console-Implement-getkeystatus-support.patch +Patch0343: 0343-Make-grub_getkeystatus-helper-funtion-available-ever.patch +Patch0344: 0344-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch +Patch0345: 0345-grub-editenv-Add-incr-command-to-increment-integer-v.patch +Patch0346: 0346-Add-auto-hide-menu-support.patch +Patch0347: 0347-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch +Patch0348: 0348-Add-grub-set-bootflag-utility.patch +Patch0349: 0349-Fix-grub-setpassword-o-s-output-path.patch +Patch0350: 0350-Make-grub-set-password-be-named-like-all-the-other-g.patch +Patch0351: 0351-docs-Add-grub-boot-indeterminate.service-example.patch +Patch0352: 0352-00_menu_auto_hide-Use-a-timeout-of-60s-for-menu_show.patch +Patch0353: 0353-00_menu_auto_hide-Reduce-number-of-save_env-calls.patch +Patch0354: 0354-Minor-fixes-to-make-armv7hl-build-as-arm-efi.patch +Patch0355: 0355-30_uefi-firmware-fix-use-with-sys-firmware-efi-efiva.patch +Patch0356: 0356-gentpl-add-disable-support.patch +Patch0357: 0357-gentpl-add-pc-firmware-type.patch +Patch0358: 0358-Disable-the-reboot-module-on-EFI-builds-it-is-in-ker.patch +Patch0359: 0359-Disable-multiboot-multiboot2-and-linux16-modules-on-.patch +Patch0360: 0360-Make-efi_netfs-not-duplicate-symbols-from-efinet.patch +Patch0361: 0361-Don-t-build-the-fdt-command.patch +Patch0362: 0362-blscfg-remove-unused-typedef.patch +Patch0363: 0363-blscfg-don-t-dynamically-allocate-default_blsdir.patch +Patch0364: 0364-blscfg-sort-BLS-entries-by-version-field.patch +Patch0365: 0365-blscfg-remove-NULL-guards-around-grub_free.patch +Patch0366: 0366-blscfg-fix-filename-in-no-linux-key-error.patch +Patch0367: 0367-blscfg-don-t-leak-bls_entry.filename.patch +Patch0368: 0368-blscfg-fix-compilation-on-EFI-and-EMU.patch +Patch0369: 0369-Add-loadenv-to-blscfg-and-loadenv-source-file-list.patch +Patch0370: 0370-blscfg-Get-rid-of-the-linuxefi-linux16-linux-distinc.patch diff --git a/grub2.spec b/grub2.spec index 7dd58cca..4f055bc3 100644 --- a/grub2.spec +++ b/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 44%{?dist} +Release: 45%{?dist} Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -479,6 +479,10 @@ fi %endif %changelog +* Mon Jul 16 2018 pjones - 2.02-45 +- Rework SB patches and 10_linux.in changes even harder. + Resolves: rhbz#1601578 + * Mon Jul 16 2018 Hans de Goede - 2.02-44 - Make the user session automatically set the boot_success grubenv flag - Make offline-updates increment the boot_indeterminate grubenv variable