rpms/grub2
7
0
Fork 0
Code Issues Pull Requests Releases Activity
135 Commits 22 Branches 233 Tags 23 MiB
07dbf9d2b1
Commit Graph

72 Commits

Author SHA1 Message Date
Nicolas Frayer
f3ad4de544 ppc/mkimage/appendedsig: Upstream code sync for alignment and sbat 
Related: #RHEL-24742
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2026-02-06 16:30:22 +01:00
Nicolas Frayer
3ffe88cd96 Fix several security issues about module unloading and file handling 
Resolves: #RHEL-141594
Resolves: #CVE-2025-54771 #CVE-2025-61661
Resolves: #CVE-2025-61662 #CVE-2025-61663 #CVE-2025-61664
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2026-02-05 11:02:08 +01:00
Nicolas Frayer
76c8afe3de appendedsig: Fix grub-mkimage with an unaligned appended signature size 
Related: #RHEL-24742
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-12-03 13:01:57 +01:00
Nicolas Frayer
4fba475751 ieee1275: Upstream patches for appended signature support 
Related: #RHEL-24742
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-11-28 11:27:32 +01:00
Leo Sandoval
58ea0e86c8 Fix the fallback mechanism when menu entries fail to boot 
Resolves: RHEL-109456
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2025-09-08 14:43:06 -06:00
Leo Sandoval
b6fea26353 Set correctly the memory attributes for the kernel PE sections 
Resolves: #RHEL-106075
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2025-07-29 12:10:13 -06:00
Nicolas Frayer
3b726150c9 osdep/linux/getroot: Detect DDF container similar to IMSM 
Resolves: #RHEL-44336
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-06-09 09:57:20 +02:00
Leo Sandoval
ca135ed532 Handle special kernel parameter characters properly 
Resolves: #RHEL-64297
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2025-06-02 16:54:10 -06:00
Nicolas Frayer
4b6a3a3027 ieee1275: Appended signature support 
Resolves: #RHEL-24742
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-05-22 01:30:39 +02:00
Nicolas Frayer
f00a43d2a6 ppc/mkimage: SBAT support on powerpc 
Resolves: #RHEL-87421
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-04-15 18:42:57 +02:00
Nicolas Frayer
6b93e67189 fs/xfs: Sync with latest xfs upstream 
Resolves: #RHEL-85960
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-04-04 15:26:02 +02:00
Nicolas Frayer
12da33fad6 ieee1275/ofnet: Fix grub_malloc() removed after added safe 
Resolves: #RHEL-83117
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-03-25 14:56:25 +01:00
Nicolas Frayer
d2abbf1abe Added the following 2 commits to optimize memory consumption 
tpm: Disable the tpm verifier if the TPM device is not present
powerpc: increase MIN RMA size for CAS negotiation

Resolves: #RHEL-76558
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-03-17 15:53:16 +01:00
Leo Sandoval
e36472a9a9 Remove NTFS attribute verification patch 
The removed patch was part of the CVE patches ported recently into RHEL but
is causing segfaults on dual boot (Windows & RHEL) systems when generating the
grub configuration with the grub2-mkconfig tool. At some point the same patch
will come back with the corresponding fix but for the time being, it is removed.

Related: RHEL-83117

Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2025-03-11 13:07:50 -06:00
Nicolas Frayer
9e9b890c89 fs/ext2: Rework out-of-bounds read for inline and external extents 
Related: RHEL-79857
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-02-26 18:34:09 +01:00
Nicolas Frayer
6eaa34fe07 Add several CVE fixes 
- Resolves: CVE-2024-45779 CVE-2024-45778 CVE-2025-1118
- Resolves: CVE-2025-0677 CVE-2024-45782 CVE-2025-0690
- Resolves: CVE-2024-45783 CVE-2025-0624 CVE-2024-45776
- Resolves: CVE-2025-0622 CVE-2024-45774 CVE-2024-45775
- Resolves: CVE-2024-45781 CVE-2024-45780
- Resolves: #RHEL-79700
- Resolves: #RHEL-79341
- Resolves: #RHEL-79875
- Resolves: #RHEL-79849
- Resolves: #RHEL-79707
- Resolves: #RHEL-79857
- Resolves: #RHEL-79709
- Resolves: #RHEL-79846
- Resolves: #RHEL-75737
- Resolves: #RHEL-79713
- Resolves: #RHEL-73785
- Resolves: #RHEL-73787
- Resolves: #RHEL-79704
- Resolves: #RHEL-79702

Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-02-18 19:06:15 +01:00
Nicolas Frayer
76fac13a2b kern/ieee1275/init: Add IEEE 1275 Radix support for KVM on Power 
Resolves: #RHEL-52761
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2025-01-13 15:09:05 +01:00
Leo Sandoval
69027610fe 10_linux.in: escape semicolon and ampersand on BLS upddate 
Resolves: #RHEL-25558
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2024-11-21 11:45:46 -06:00
Nicolas Frayer
0e73191379 cmd/search: Fix a possible NULL ptr dereference 
Resolves: #RHEL-61263
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-10-17 12:06:22 +02:00
Nicolas Frayer
ec05bd1b7c arm64/linux: Allocate memory for kernel with EFI_LOADER_CODE type 
Resolves: #RHEL-49868
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-08-13 20:21:40 +02:00
Nicolas Frayer
93795b8bea grub2-mkconfig: Remove mountpoint check 
Related: #RHEL-32099
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-08-02 11:26:39 +02:00
Andrew Lukoshko
032b849f1c grub2-mkconfig: Simplify os_name detection 2024-07-31 16:56:13 +00:00
Nicolas Frayer
d9c75f0368 chainloader: Remove unexpected "/EndEntire" 
Resolves: #RHEL-4380
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-07-16 13:51:45 +02:00
Nicolas Frayer
0185426fb4 grub2-mkconfig: Prevent mkconfig from overwriting grub cfg stub 
Resolves: #RHEL-32099
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-07-16 11:18:07 +02:00
Leo Sandoval
694ab652e3 grub-mkconfig.in: turn off executable owner bit 
Resolves: RHEL-45870
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
 2024-07-02 18:11:03 +02:00
Nicolas Frayer
e4e452562c cmd/search: Rework of CVE-2023-4001 fix 
Resolves: #RHEL-36249
Resolves: #RHEL-36186
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-05-28 12:13:38 +02:00
Nicolas Frayer
6c0546793a util: grub-install on EFI if forced 
Resolves: #RHEL-20443
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-02-22 13:33:26 +01:00
Nicolas Frayer
dfbe55e237 kern/dl: grub_dl_set_mem_attrs()/grub_dl_load_segments() fixes 
Resolves: #RHEL-26322
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-02-22 10:01:04 +01:00
Nicolas Frayer
50a93da15d fs/ntfs: OOB write fix 
(CVE-2023-4692)

Resolves: #RHEL-11567
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-02-20 12:40:47 +01:00
Nicolas Frayer
624933c2c9 grub-set-bootflag: Fix for CVE-2024-1048 
(CVE-2024-1048)

Resolves: #RHEL-20747
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-02-08 10:54:24 +01:00
Nicolas Frayer
af60250e69 search command: add flag to only search root dev 
Resolves: #RHEL-20526
Resolves: #2224953
Resolves: #CVE-2023-4001
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-01-05 11:57:05 +01:00
Nicolas Frayer
490f527bca normal: Remove grub_env_set prefix in grub_try_normal_prefix 
Resolves: #RHEL-1601
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2024-01-04 16:55:36 +01:00
Nicolas Frayer
64902f6ea1 kern/ieee1275/init: ppc64: Restrict high memory in presence 
of fadump

Resolves: #RHEL-14282
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-10-19 18:30:12 +02:00
Nicolas Frayer
efe1183890 grub2-mkconfig: Pass all boot params when used by anaconda 
Resolves: #RHEL-2185
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-09-05 18:33:08 +02:00
Nicolas Frayer
6fc00a514b grub2-mkconfig: dont overwrite BLS cmdline if BLSCFG is true 
This is an updated version of commit 8378a93e60

Resolves: #2203203
Resolves: #2212320
Resolves: #2221543
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-08-24 18:21:11 +02:00
Nicolas Frayer
0bfb1c72a4 Revert previous patch as it breaks install 
Related: #2203203
Related: #2212320
Related: #2221543
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-08-02 16:40:00 +02:00
Nicolas Frayer
8378a93e60 grub2-mkconfig: don't overwrite BLS cmdline if BLSCFG is true 
Resolves: #2203203
Resolves: #2212320
Resolves: #2221543
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-07-25 12:02:43 +02:00
Nicolas Frayer
baa6c11af8 efi/http: change uint32_t to uintn_t 
Resolves: #2207851
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-06-08 11:10:00 +02:00
Nicolas Frayer
8bb1eea054 kern/ieee1275/init: sync vec5 patchset with upstream 
Resolves: #2183939
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-06-01 09:29:57 +02:00
Nicolas Frayer
b9c80be152 util: Enable default kernel for updates 
Resolves: #2184069
Signed-off-by: Marta Lewandowska <mlewando@redhat.com>
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
 2023-05-30 18:10:51 +02:00
Robbie Harwood
36401863be ppc64le sysfs and mm update 
Resolves: #2026579
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-02-20 17:22:34 +00:00
Robbie Harwood
861fb30b3e Sync patches with Fedora 
Resolves: #2007427
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-02-16 09:51:24 -05:00
Robbie Harwood
5ad247ff66 ppc64le: sync cas/tpm patchset with upstream 
Resolves: #2143420
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-02-08 20:08:58 +00:00
Robbie Harwood
1149c5b9c8 ppc64le: cas5, take 3 
Resolves: #2153071
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-02-06 20:31:54 +00:00
Robbie Harwood
433335e50c Pull in allocator fixes from upstream 
Resolves: #2156419
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-02-01 19:51:45 +00:00
Robbie Harwood
9c7afa3d14 ppc64le: update signed media fixes 
Resolves: #2143420
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-01-27 19:19:39 +00:00
Robbie Harwood
80718e98fa ppc64le: fix issues using core.elf on boot media 
Resolves: #2143420
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2023-01-13 20:30:06 +00:00
Robbie Harwood
1395eb50d1 ppc64le: fix lpar cas5 
Resolves: #2153071
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2022-12-14 19:37:46 +00:00
Robbie Harwood
f2a26f5bbb Font CVE fixes 
Resolves: CVE-2022-2601
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2022-11-03 19:34:00 +00:00
Robbie Harwood
f6015fa651 TDX measurement to RTMR 
Resolves: #1981487
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 2022-10-28 13:06:11 -04:00