rpms/grub2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c9s
Branches Tags
rpms:c8
rpms:c8s
rpms:c10s
rpms:a8
rpms:c9s
rpms:a9-beta
rpms:c9-beta
rpms:a10s
rpms:a9
rpms:c9
rpms:a8-beta
rpms:c8-beta
rpms:a9-fix-root-dev-only
rpms:a9-fix
rpms:a9_new_sb
rpms:a8_new_sb
rpms:imports/c10s/grub2-2.12-1.el10
rpms:changed/a8/grub2-2.02-158.el8_10.alma.1
rpms:imports/c8/grub2-2.02-158.el8_10
rpms:imports/c10s/grub2-2.06-134.el10
rpms:changed/a9-beta/grub2-2.06-92.el9.alma.1
rpms:imports/c9-beta/grub2-2.06-92.el9
rpms:changed/a10s/grub-2.06-133.el10.alma.1
rpms:imports/c10s/grub2-2.06-133.el10
rpms:imports/c10s/grub-2.06-133.el10
rpms:changed/a9/grub2-2.06-82.el9_4.alma.1
rpms:imports/c9/grub2-2.06-82.el9_4
rpms:imports/c9/grub2-2.06-81.el9_4
rpms:imports/a10s/rub2-2.06-127.el10.alma.1
rpms:imports/c10s/grub2-2.06-127.el10
rpms:changed/a10s/grub2-2.06-122.el10.alma.1
rpms:imports/c10s/grub2-2.06-122.el10
rpms:changed/a8/grub2-2.02-156.el8.alma.1
rpms:imports/c10s/grub2-2.06-121.el10
rpms:changed/a9/grub2-2.06-80.el9_4.alma.1
rpms:imports/c9/grub2-2.06-80.el9_4
rpms:imports/c8/grub2-2.02-156.el8.alma.1
rpms:imports/a9/grub2-2.06-77.el9.alma.1
rpms:changed/a8-beta/grub2-2.02-156.el8.alma.1
rpms:imports/c8-beta/grub2-2.02-156.el8
rpms:changed/a9/grub2-2.06-70.el9_3.2.alma.2
rpms:changed/a9/grub2-2.06-70.el9_3.2.alma.1
rpms:changed/a8-beta/grub2-2.02-150.el8.alma.1
rpms:changed/a9-beta/grub2-2.06-70.el9_3.1.alma.1
rpms:imports/c9-beta/grub2-2.06-70.el9_3.1
rpms:imports/c9-beta/grub2-2.06-69.el9
rpms:changed/a8/grub2-2.02-148.el8_8.1.alma
rpms:changed/a9/grub2-2.06-61.el9_2.1.alma
rpms:imports/c9/grub2-2.06-61.el9_2.1
rpms:changed/a8/grub2-2.02-148.el8.alma
rpms:imports/c8/grub2-2.02-148.el8
rpms:changed/a9/grub2-2.06-61.el9.alma
rpms:imports/c9/grub2-2.06-61.el9
rpms:changed/a9/grub2-2.06-46.el9_1.5.alma
rpms:imports/c9/grub2-2.06-46.el9_1.5
rpms:changed/a9-beta/grub2-2.06-61.el9.alma
rpms:changed/a8-beta/grub2-2.02-148.el8.alma
rpms:imports/c9-beta/grub2-2.06-61.el9
rpms:imports/c8-beta/grub2-2.02-148.el8
rpms:changed/a8/grub2-2.02-142.el8_7.3.alma
rpms:imports/c8/grub2-2.02-142.el8_7.3
rpms:changed/a9/grub2-2.06-46.el9_1.3.alma
rpms:imports/c9/grub2-2.06-46.el9_1.3
rpms:imports/c8s/grub2-2.02-148.el8
rpms:imports/c8s/grub2-2.02-147.el8
rpms:changed/a8/grub2-2.02-142.el8_7.1.alma
rpms:imports/c8/grub2-2.02-142.el8_7.1
rpms:changed/a9/grub2-2.06-46.el9.alma
rpms:imports/c9/grub2-2.06-46.el9
rpms:changed/a8/grub2-2.02-142.el8.alma
rpms:imports/c8/grub2-2.02-142.el8
rpms:changed/a9-beta/grub2-2.06-38.el9.alma
rpms:changed/a8-beta/grub2-2.02-138.el8.alma
rpms:imports/c9-beta/grub2-2.06-38.el9
rpms:imports/c8-beta/grub2-2.02-138.el8
rpms:imports/c8s/grub2-2.02-142.el8
rpms:imports/c8s/grub2-2.02-138.el8
rpms:changed/a9/grub2-2.06-27.el9_0.7.alma
rpms:changed/a8/grub2-2.02-123.el8_6.8.alma
rpms:imports/c9/grub2-2.06-27.el9_0.7
rpms:imports/c8/grub2-2.02-123.el8_6.8
rpms:imports/c8s/grub2-2.02-129.el8
rpms:imports/c9/grub2-2.06-27.el9_0
rpms:imports/c8s/grub2-2.02-106.el8_5.1
rpms:changed/a8/grub2-2.02-123.el8.alma
rpms:imports/c8/grub2-2.02-123.el8
rpms:imports/c9-beta/grub2-2.06-27.el9_0
rpms:imports/c8s/grub2-2.02-123.el8
rpms:imports/c8-beta/grub2-2.02-120.el8
rpms:imports/c8s/grub2-2.02-122.el8
rpms:imports/c8s/grub2-2.02-120.el8
rpms:imports/c9-beta/grub2-2.06-23.el9
rpms:imports/c8s/grub2-2.02-114.el8
rpms:imports/c8s/grub2-2.02-111.el8
rpms:imports/c9-beta/grub2-2.06-16.el9
rpms:imports/c9-beta/grub2-2.06-13.el9
rpms:imports/c9-beta/grub2-2.06-6.el9
rpms:changed/a8/grub2-2.02-106.el8.alma
rpms:imports/c8/grub2-2.02-106.el8
rpms:imports/c8-beta/grub2-2.02-106.el8
rpms:imports/c8-beta/grub2-2.02-99.el8
rpms:imports/c8-beta/grub2-2.02-84.el8
rpms:imports/c8-beta/grub2-2.02-81.el8
rpms:imports/c8-beta/grub2-2.02-74.el8
rpms:imports/c8/grub2-2.02-99.el8_4.1
rpms:changed/a8/grub2-2.02-99.el8.alma
rpms:imports/c8s/grub2-2.02-106.el8
rpms:imports/c8s/grub2-2.02-104.el8
rpms:imports/c8s/grub2-2.02-99.el8
rpms:imports/c8s/grub2-2.02-97.el8
rpms:imports/c8s/grub2-2.02-95.el8
rpms:imports/c8/grub2-2.02-99.el8
rpms:imports/c8/grub2-2.02-90.el8_3.1
rpms:imports/c8/grub2-2.02-90.el8
rpms:imports/c8/grub2-2.02-87.el8_2
rpms:imports/c8/grub2-2.02-82.el8_2.1
...
pull from: rpms:c8
Branches Tags
rpms:c8s
rpms:c10s
rpms:a8
rpms:c8
rpms:c9s
rpms:a9-beta
rpms:c9-beta
rpms:a10s
rpms:a9
rpms:c9
rpms:a8-beta
rpms:c8-beta
rpms:a9-fix-root-dev-only
rpms:a9-fix
rpms:a9_new_sb
rpms:a8_new_sb
rpms:imports/c10s/grub2-2.12-1.el10
rpms:changed/a8/grub2-2.02-158.el8_10.alma.1
rpms:imports/c8/grub2-2.02-158.el8_10
rpms:imports/c10s/grub2-2.06-134.el10
rpms:changed/a9-beta/grub2-2.06-92.el9.alma.1
rpms:imports/c9-beta/grub2-2.06-92.el9
rpms:changed/a10s/grub-2.06-133.el10.alma.1
rpms:imports/c10s/grub2-2.06-133.el10
rpms:imports/c10s/grub-2.06-133.el10
rpms:changed/a9/grub2-2.06-82.el9_4.alma.1
rpms:imports/c9/grub2-2.06-82.el9_4
rpms:imports/c9/grub2-2.06-81.el9_4
rpms:imports/a10s/rub2-2.06-127.el10.alma.1
rpms:imports/c10s/grub2-2.06-127.el10
rpms:changed/a10s/grub2-2.06-122.el10.alma.1
rpms:imports/c10s/grub2-2.06-122.el10
rpms:changed/a8/grub2-2.02-156.el8.alma.1
rpms:imports/c10s/grub2-2.06-121.el10
rpms:changed/a9/grub2-2.06-80.el9_4.alma.1
rpms:imports/c9/grub2-2.06-80.el9_4
rpms:imports/c8/grub2-2.02-156.el8.alma.1
rpms:imports/a9/grub2-2.06-77.el9.alma.1
rpms:changed/a8-beta/grub2-2.02-156.el8.alma.1
rpms:imports/c8-beta/grub2-2.02-156.el8
rpms:changed/a9/grub2-2.06-70.el9_3.2.alma.2
rpms:changed/a9/grub2-2.06-70.el9_3.2.alma.1
rpms:changed/a8-beta/grub2-2.02-150.el8.alma.1
rpms:changed/a9-beta/grub2-2.06-70.el9_3.1.alma.1
rpms:imports/c9-beta/grub2-2.06-70.el9_3.1
rpms:imports/c9-beta/grub2-2.06-69.el9
rpms:changed/a8/grub2-2.02-148.el8_8.1.alma
rpms:changed/a9/grub2-2.06-61.el9_2.1.alma
rpms:imports/c9/grub2-2.06-61.el9_2.1
rpms:changed/a8/grub2-2.02-148.el8.alma
rpms:imports/c8/grub2-2.02-148.el8
rpms:changed/a9/grub2-2.06-61.el9.alma
rpms:imports/c9/grub2-2.06-61.el9
rpms:changed/a9/grub2-2.06-46.el9_1.5.alma
rpms:imports/c9/grub2-2.06-46.el9_1.5
rpms:changed/a9-beta/grub2-2.06-61.el9.alma
rpms:changed/a8-beta/grub2-2.02-148.el8.alma
rpms:imports/c9-beta/grub2-2.06-61.el9
rpms:imports/c8-beta/grub2-2.02-148.el8
rpms:changed/a8/grub2-2.02-142.el8_7.3.alma
rpms:imports/c8/grub2-2.02-142.el8_7.3
rpms:changed/a9/grub2-2.06-46.el9_1.3.alma
rpms:imports/c9/grub2-2.06-46.el9_1.3
rpms:imports/c8s/grub2-2.02-148.el8
rpms:imports/c8s/grub2-2.02-147.el8
rpms:changed/a8/grub2-2.02-142.el8_7.1.alma
rpms:imports/c8/grub2-2.02-142.el8_7.1
rpms:changed/a9/grub2-2.06-46.el9.alma
rpms:imports/c9/grub2-2.06-46.el9
rpms:changed/a8/grub2-2.02-142.el8.alma
rpms:imports/c8/grub2-2.02-142.el8
rpms:changed/a9-beta/grub2-2.06-38.el9.alma
rpms:changed/a8-beta/grub2-2.02-138.el8.alma
rpms:imports/c9-beta/grub2-2.06-38.el9
rpms:imports/c8-beta/grub2-2.02-138.el8
rpms:imports/c8s/grub2-2.02-142.el8
rpms:imports/c8s/grub2-2.02-138.el8
rpms:changed/a9/grub2-2.06-27.el9_0.7.alma
rpms:changed/a8/grub2-2.02-123.el8_6.8.alma
rpms:imports/c9/grub2-2.06-27.el9_0.7
rpms:imports/c8/grub2-2.02-123.el8_6.8
rpms:imports/c8s/grub2-2.02-129.el8
rpms:imports/c9/grub2-2.06-27.el9_0
rpms:imports/c8s/grub2-2.02-106.el8_5.1
rpms:changed/a8/grub2-2.02-123.el8.alma
rpms:imports/c8/grub2-2.02-123.el8
rpms:imports/c9-beta/grub2-2.06-27.el9_0
rpms:imports/c8s/grub2-2.02-123.el8
rpms:imports/c8-beta/grub2-2.02-120.el8
rpms:imports/c8s/grub2-2.02-122.el8
rpms:imports/c8s/grub2-2.02-120.el8
rpms:imports/c9-beta/grub2-2.06-23.el9
rpms:imports/c8s/grub2-2.02-114.el8
rpms:imports/c8s/grub2-2.02-111.el8
rpms:imports/c9-beta/grub2-2.06-16.el9
rpms:imports/c9-beta/grub2-2.06-13.el9
rpms:imports/c9-beta/grub2-2.06-6.el9
rpms:changed/a8/grub2-2.02-106.el8.alma
rpms:imports/c8/grub2-2.02-106.el8
rpms:imports/c8-beta/grub2-2.02-106.el8
rpms:imports/c8-beta/grub2-2.02-99.el8
rpms:imports/c8-beta/grub2-2.02-84.el8
rpms:imports/c8-beta/grub2-2.02-81.el8
rpms:imports/c8-beta/grub2-2.02-74.el8
rpms:imports/c8/grub2-2.02-99.el8_4.1
rpms:changed/a8/grub2-2.02-99.el8.alma
rpms:imports/c8s/grub2-2.02-106.el8
rpms:imports/c8s/grub2-2.02-104.el8
rpms:imports/c8s/grub2-2.02-99.el8
rpms:imports/c8s/grub2-2.02-97.el8
rpms:imports/c8s/grub2-2.02-95.el8
rpms:imports/c8/grub2-2.02-99.el8
rpms:imports/c8/grub2-2.02-90.el8_3.1
rpms:imports/c8/grub2-2.02-90.el8
rpms:imports/c8/grub2-2.02-87.el8_2
rpms:imports/c8/grub2-2.02-82.el8_2.1

No commits in common. "c9s" and "c8" have entirely different histories.
c9s ... c8

743 changed files with 73018 additions and 19912 deletions
Show Stats Expand all files Collapse all files

15
.git.diff.order
View File

@ -1,15 +0,0 @@
*.dec
*.dsc.inc
*.dsc
*.fdf
*.inf
*.vfr
*.ac
*.def
*.c
*.h
*.S
*.mk
Makefile.*
Make.*
Makefile

1
.gitattributes vendored
View File

@ -1 +0,0 @@
po/exclude.pot binary

22
.gitignore vendored
View File

@ -1,13 +1,9 @@
grub-*.tar.?z
*.rpm
clog
/unifont-*.pcf.?z
/theme.tar.bz2
kojilogs
/grub-*/
.build*.log
.*.git/
tmp/
.*.sw?
results_grub2/
/gnulib-*.tar.?z
SOURCES/grub-2.02.tar.xz
SOURCES/redhatsecureboot301.cer
SOURCES/redhatsecureboot502.cer
SOURCES/redhatsecureboot601.cer
SOURCES/redhatsecureboot701.cer
SOURCES/redhatsecurebootca3.cer
SOURCES/redhatsecurebootca5.cer
SOURCES/theme.tar.bz2
SOURCES/unifont-5.1.20080820.pcf.gz

9
.grub2.metadata Normal file
View File

@ -0,0 +1,9 @@
3d7eb6eaab28b88cb969ba9ab24af959f4d1b178 SOURCES/grub-2.02.tar.xz
4a07b56e28741884b86da6ac91f8f9929541a1e4 SOURCES/redhatsecureboot301.cer
3f94c47f1d08bacc7cb29bdd912e286b8d2f6fcf SOURCES/redhatsecureboot502.cer
039357ef97aab3e484d1119edd4528156f5859e6 SOURCES/redhatsecureboot601.cer
e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot701.cer
cf9230e69000076727e5b784ec871d22716dc5da SOURCES/redhatsecurebootca3.cer
e6f506462069aa17d2e8610503635c20f3a995c3 SOURCES/redhatsecurebootca5.cer
cf0b7763c528902da7e8b05cfa248f20c8825ce5 SOURCES/theme.tar.bz2
87f8600ba24e521b5d20bdf6c4b71af8ae861e3a SOURCES/unifont-5.1.20080820.pcf.gz

24
0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch
View File

@ -1,24 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Fri, 11 Jun 2021 12:10:45 +0200
Subject: [PATCH] Revert "templates: Fix user-facing typo with an incorrect use
of "it's""
This reverts commit 722737630889607c3b5761f1f5a48f1674cd2821.
---
util/grub.d/30_os-prober.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index 5984e92d291..94622481284 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -36,7 +36,7 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n
exit 0
fi
-grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIts output will be used to detect bootable binaries on them and create new boot entries.")"
+grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
if [ -z "${OSPROBED}" ] ; then

71
0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch
View File

@ -1,71 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Fri, 11 Jun 2021 12:10:54 +0200
Subject: [PATCH] Revert "templates: Properly disable the os-prober by default"
This reverts commit 54e0a1bbf1e9106901a557195bb35e5e20fb3925.
---
util/grub-mkconfig.in | 5 +----
util/grub.d/30_os-prober.in | 8 ++++----
2 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index f8cbb8d7a2b..d3e879b8e5c 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -140,9 +140,6 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
-# Disable os-prober by default due to security reasons.
-GRUB_DISABLE_OS_PROBER="true"
-
# Filesystem for the device containing our userland. Used for stuff like
# choosing Hurd filesystem module.
GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
@@ -204,7 +201,6 @@ export GRUB_DEVICE \
GRUB_DEVICE_PARTUUID \
GRUB_DEVICE_BOOT \
GRUB_DEVICE_BOOT_UUID \
- GRUB_DISABLE_OS_PROBER \
GRUB_FS \
GRUB_FONT \
GRUB_PRELOAD_MODULES \
@@ -246,6 +242,7 @@ export GRUB_DEFAULT \
GRUB_BACKGROUND \
GRUB_THEME \
GRUB_GFXPAYLOAD_LINUX \
+ GRUB_DISABLE_OS_PROBER \
GRUB_INIT_TUNE \
GRUB_SAVEDEFAULT \
GRUB_ENABLE_CRYPTODISK \
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index 94622481284..80685b15f4d 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -26,8 +26,8 @@ export TEXTDOMAINDIR="@localedir@"
. "$pkgdatadir/grub-mkconfig_lib"
-if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
- grub_warn "$(gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.")"
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
+ gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
exit 0
fi
@@ -36,12 +36,12 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n
exit 0
fi
-grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
-
OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
if [ -z "${OSPROBED}" ] ; then
# empty os-prober output, nothing doing
exit 0
+else
+ grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
fi
osx_entry() {

70
0003-Revert-templates-Disable-the-os-prober-by-default.patch
View File

@ -1,70 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Fri, 11 Jun 2021 12:10:58 +0200
Subject: [PATCH] Revert "templates: Disable the os-prober by default"
This reverts commit e346414725a70e5c74ee87ca14e580c66f517666.
---
docs/grub.texi | 18 ++++++++----------
util/grub.d/30_os-prober.in | 5 +----
2 files changed, 9 insertions(+), 14 deletions(-)
diff --git a/docs/grub.texi b/docs/grub.texi
index f8b4b3b21a7..69f08d289f9 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -1519,13 +1519,10 @@ boot sequence. If you have problems, set this option to @samp{text} and
GRUB will tell Linux to boot in normal text mode.
@item GRUB_DISABLE_OS_PROBER
-The @command{grub-mkconfig} has a feature to use the external
-@command{os-prober} program to discover other operating systems installed on
-the same machine and generate appropriate menu entries for them. It is disabled
-by default since automatic and silent execution of @command{os-prober}, and
-creating boot entries based on that data, is a potential attack vector. Set
-this option to @samp{false} to enable this feature in the
-@command{grub-mkconfig} command.
+Normally, @command{grub-mkconfig} will try to use the external
+@command{os-prober} program, if installed, to discover other operating
+systems installed on the same system and generate appropriate menu entries
+for them. Set this option to @samp{true} to disable this.
@item GRUB_OS_PROBER_SKIP_LIST
List of space-separated FS UUIDs of filesystems to be ignored from os-prober
@@ -1853,9 +1850,10 @@ than zero; otherwise 0.
@section Multi-boot manual config
Currently autogenerating config files for multi-boot environments depends on
-os-prober and has several shortcomings. Due to that it is disabled by default.
-It is advised to use the power of GRUB syntax and do it yourself. A possible
-configuration is detailed here, feel free to adjust to your needs.
+os-prober and has several shortcomings. While fixing it is scheduled for the
+next release, meanwhile you can make use of the power of GRUB syntax and do it
+yourself. A possible configuration is detailed here, feel free to adjust to your
+needs.
First create a separate GRUB partition, big enough to hold GRUB. Some of the
following entries show how to load OS installer images from this same partition,
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index 80685b15f4d..1b91c102f35 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -26,8 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
. "$pkgdatadir/grub-mkconfig_lib"
-if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
- gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
exit 0
fi
@@ -40,8 +39,6 @@ OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
if [ -z "${OSPROBED}" ] ; then
# empty os-prober output, nothing doing
exit 0
-else
- grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
fi
osx_entry() {

246
0010-re-write-.gitignore.patch
View File

@ -1,246 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 8 Jul 2019 12:55:29 +0200
Subject: [PATCH] re-write .gitignore
---
.gitignore | 150 ++++++++++++++++++++++++++++++++++++++
docs/.gitignore | 5 ++
grub-core/.gitignore | 16 ++++
grub-core/lib/.gitignore | 1 +
include/grub/gcrypt/.gitignore | 2 +
po/.gitignore | 5 ++
util/bash-completion.d/.gitignore | 2 +
7 files changed, 181 insertions(+)
create mode 100644 docs/.gitignore
create mode 100644 grub-core/.gitignore
create mode 100644 grub-core/lib/.gitignore
create mode 100644 include/grub/gcrypt/.gitignore
create mode 100644 po/.gitignore
create mode 100644 util/bash-completion.d/.gitignore
diff --git a/.gitignore b/.gitignore
index f6a1bd0517..208d1d2325 100644
--- a/.gitignore
+++ b/.gitignore
@@ -275,3 +275,153 @@ widthspec.bin
/xfs_test
/xzcompress_test
/zfs_test
+=======
+# things ./autogen.sh will create
+/Makefile.utilgcry.def
+/ABOUT-NLS
+/aclocal.m4
+/autom4te.cache
+/build-aux
+/configure
+/gnulib
+/grub-core/lib/gnulib/
+/Makefile
+
+# things very common editors create that we never want
+*~
+.*.sw?
+*.patch
+
+# stuff you're likely to make while building test trees
+grub.cfg
+/build*/
+
+# built objects across the whole tree
+Makefile.in
+*.a
+*.am
+*.efi
+*.exec
+*.image
+*.img
+*.info
+*.lst
+*.marker
+/m4
+*.mod
+*.module
+*.o
+*.pf2
+*.yy.[ch]
+.deps/
+.deps-core/
+.deps-util/
+.dirstamp
+
+# next are things you get if you do ./configure in the topdir (for e.g.
+# "make dist" invocation.
+/config-util.h
+/config.h
+/include/grub/cpu
+/include/grub/machine
+/INSTALL
+/INSTALL.grub
+/po/Makefile.in.in
+/po/Makevars
+/po/Makevars.template
+/po/POTFILES
+/po/Rules-quot
+/stamp-h
+/stamp-h1
+bootstrap.log
+config.log
+config.status
+
+# stuff "make dist" creates
+ChangeLog
+grub-*.tar
+grub-*.tar.*
+
+# stuff "make" creates
+/[[:digit:]][[:digit:]]_?*
+/ascii.h
+/build-grub-gen-asciih
+/build-grub-gen-widthspec
+/build-grub-mkfont
+/config-util.h.in
+/garbage-gen
+/grub*-bios-setup
+/grub*-bios-setup.8
+/grub*-editenv
+/grub*-editenv.1
+/grub*-file
+/grub*-file.1
+/grub*-fs-tester
+/grub*-fstest
+/grub*-fstest.1
+/grub*-get-kernel-settings
+/grub*-get-kernel-settings.3
+/grub*-glue-efi
+/grub*-glue-efi.1
+/grub*-install
+/grub*-install.8
+/grub*-kbdcomp
+/grub*-kbdcomp.1
+/grub*-macbless
+/grub*-macbless.8
+/grub*-menulst2cfg
+/grub*-menulst2cfg.1
+/grub*-mount
+/grub*-mount.1
+/grub*-mkconfig
+/grub*-mkconfig.8
+/grub*-mkconfig_lib
+/grub*-mkfont
+/grub*-mkfont.1
+/grub*-mkimage
+/grub*-mkimage.1
+/grub*-mklayout
+/grub*-mklayout.1
+/grub*-mknetdir
+/grub*-mknetdir.1
+/grub*-mkpasswd-pbkdf2
+/grub*-mkpasswd-pbkdf2.1
+/grub*-mkrelpath
+/grub*-mkrelpath.1
+/grub*-mkrescue
+/grub*-mkrescue.1
+/grub*-mkstandalone
+/grub*-mkstandalone.1
+/grub*-ofpathname
+/grub*-ofpathname.8
+/grub*-probe
+/grub*-probe.8
+/grub*-reboot
+/grub*-reboot.8
+/grub*-render-label
+/grub*-render-label.1
+/grub*-script-check
+/grub*-script-check.1
+/grub*-set-bootflag
+/grub*-set-bootflag.1
+/grub*-set-default
+/grub*-set-default.8
+/grub*-set-password
+/grub*-set-password.8
+/grub*-shell
+/grub*-shell-tester
+/grub*-sparc64-setup
+/grub*-sparc64-setup.8
+/grub*-syslinux2cfg
+/grub*-syslinux2cfg.1
+/grub*-switch-to-blscfg
+/grub*-switch-to-blscfg.8
+/grub_fstest.pp
+/grub_fstest_init.c
+/grub_fstest_init.lst
+/grub_script.tab.[ch]
+/libgrub.pp
+/libgrub_a_init.c
+/libgrub_a_init.lst
+/stamp-h.in
+/widthspec.h
diff --git a/docs/.gitignore b/docs/.gitignore
new file mode 100644
index 0000000000..e1d849ef95
--- /dev/null
+++ b/docs/.gitignore
@@ -0,0 +1,5 @@
+/*.in
+/Makefile
+/stamp-1
+/stamp-vti
+/version*.texi
diff --git a/grub-core/.gitignore b/grub-core/.gitignore
new file mode 100644
index 0000000000..2acce28115
--- /dev/null
+++ b/grub-core/.gitignore
@@ -0,0 +1,16 @@
+/*.lst
+/Makefile
+/Makefile.gcry.def
+/unidata.c
+/build-grub-module-verifier
+/gdb_grub
+/genmod.sh
+/gensyminfo.sh
+/gentrigtables
+/gmodule.pl
+/grub_script.tab.[ch]
+/modinfo.sh
+/rs_decoder.h
+/symlist.c
+/symlist.h
+/trigtables.c
diff --git a/grub-core/lib/.gitignore b/grub-core/lib/.gitignore
new file mode 100644
index 0000000000..6815459140
--- /dev/null
+++ b/grub-core/lib/.gitignore
@@ -0,0 +1 @@
+/libgcrypt-grub/
diff --git a/include/grub/gcrypt/.gitignore b/include/grub/gcrypt/.gitignore
new file mode 100644
index 0000000000..8fbf564624
--- /dev/null
+++ b/include/grub/gcrypt/.gitignore
@@ -0,0 +1,2 @@
+g10lib.h
+gcrypt.h
diff --git a/po/.gitignore b/po/.gitignore
new file mode 100644
index 0000000000..f507e7741e
--- /dev/null
+++ b/po/.gitignore
@@ -0,0 +1,5 @@
+/Makefile
+/POTFILES*.in
+/grub.pot
+/remove-potcdate.sed
+/stamp-po
diff --git a/util/bash-completion.d/.gitignore b/util/bash-completion.d/.gitignore
new file mode 100644
index 0000000000..6813a527ad
--- /dev/null
+++ b/util/bash-completion.d/.gitignore
@@ -0,0 +1,2 @@
+Makefile
+grub

1609
0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch
View File

File diff suppressed because it is too large Load Diff

85
0024-Don-t-say-GNU-Linux-in-generated-menus.patch
View File

@ -1,85 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 14 Mar 2011 14:27:42 -0400
Subject: [PATCH] Don't say "GNU/Linux" in generated menus.
[rharwood: say it even less]
---
grub-core/normal/main.c | 2 +-
tests/util/grub-shell-tester.in | 2 +-
tests/util/grub-shell.in | 2 +-
util/grub.d/10_linux.in | 4 ++--
util/grub.d/20_linux_xen.in | 4 ++--
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 7ca2e5400b..98372217ad 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -218,7 +218,7 @@ grub_normal_init_page (struct grub_term_output *term,
grub_term_cls (term);
- msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION);
+ msg_formatted = grub_xasprintf (_("GRUB version %s"), PACKAGE_VERSION);
if (!msg_formatted)
return;
diff --git a/tests/util/grub-shell-tester.in b/tests/util/grub-shell-tester.in
index 8a87109b15..9a4319d4f4 100644
--- a/tests/util/grub-shell-tester.in
+++ b/tests/util/grub-shell-tester.in
@@ -56,7 +56,7 @@ for option in "$@"; do
usage
exit 0 ;;
-v | --version)
- echo "$0 (GNU GRUB ${PACKAGE_VERSION})"
+ echo "$0 (GRUB ${PACKAGE_VERSION})"
exit 0 ;;
--modules=*)
ms=`echo "$option" | sed -e 's/--modules=//'`
diff --git a/tests/util/grub-shell.in b/tests/util/grub-shell.in
index 93e9f51484..ec1182bf93 100644
--- a/tests/util/grub-shell.in
+++ b/tests/util/grub-shell.in
@@ -209,7 +209,7 @@ for option in "$@"; do
usage
exit 0 ;;
-v | --version)
- echo "$0 (GNU GRUB ${PACKAGE_VERSION})"
+ echo "$0 (GRUB ${PACKAGE_VERSION})"
exit 0 ;;
--trim)
trim=1
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index dc75a1c30b..4a499c53a6 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
CLASS="--class gnu-linux --class gnu --class os"
if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
- OS=GNU/Linux
+ OS="$(sed 's, release .*$,,g' /etc/system-release)"
else
- OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ OS="${GRUB_DISTRIBUTOR}"
CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
fi
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
index 3b1f470492..ada20775a1 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
CLASS="--class gnu-linux --class gnu --class os --class xen"
if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
- OS=GNU/Linux
+ OS="$(sed 's, release .*$,,g' /etc/system-release)"
else
- OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ OS="${GRUB_DISTRIBUTOR}"
CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
fi

127
0028-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch
View File

@ -1,127 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 8 Jul 2019 17:33:22 +0200
Subject: [PATCH] Try mac/guid/etc before grub.cfg on tftp config files.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/normal/main.c | 97 ++++++++++++++++++++++++++-----------------------
1 file changed, 51 insertions(+), 46 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index bf24e65713..0a99768f75 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -345,61 +345,66 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
/* Guess the config filename. It is necessary to make CONFIG static,
so that it won't get broken by longjmp. */
char *config;
- const char *prefix, *fw_path;
-
- prefix = fw_path = grub_env_get ("fw_path");
- if (fw_path)
- {
- config = grub_xasprintf ("%s/grub.cfg", fw_path);
- if (config)
- {
- grub_file_t file;
-
- file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG);
- if (file)
- {
- grub_file_close (file);
- grub_enter_normal_mode (config);
- }
- else
- {
- /* Ignore all errors. */
- grub_errno = 0;
- }
- grub_free (config);
- }
- }
+ const char *prefix;
+ const char *net_search_cfg;
+ int disable_net_search = 0;
+ prefix = grub_env_get ("fw_path");
if (! prefix)
prefix = grub_env_get ("prefix");
+
+ net_search_cfg = grub_env_get ("feature_net_search_cfg");
+ if (net_search_cfg && net_search_cfg[0] == 'n')
+ disable_net_search = 1;
+
if (prefix)
{
- grub_size_t config_len;
- int disable_net_search = 0;
- const char *net_search_cfg;
-
- config_len = grub_strlen (prefix) +
- sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX");
- config = grub_malloc (config_len);
-
- if (!config)
- goto quit;
-
- grub_snprintf (config, config_len, "%s/grub.cfg", prefix);
-
- net_search_cfg = grub_env_get ("feature_net_search_cfg");
- if (net_search_cfg && net_search_cfg[0] == 'n')
- disable_net_search = 1;
-
if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 &&
!disable_net_search)
- grub_net_search_config_file (config);
+ {
+ grub_size_t config_len;
+ config_len = grub_strlen (prefix) +
+ sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX");
+ config = grub_malloc (config_len);
- grub_enter_normal_mode (config);
- grub_free (config);
- }
+ if (! config)
+ goto quit;
+
+ grub_snprintf (config, config_len, "%s/grub.cfg", prefix);
+
+ grub_net_search_configfile (config);
+
+ grub_enter_normal_mode (config);
+ grub_free (config);
+ config = NULL;
+ }
+
+ if (!config)
+ {
+ config = grub_xasprintf ("%s/grub.cfg", prefix);
+ if (config)
+ {
+ grub_file_t file;
+
+ file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG);
+ if (file)
+ {
+ grub_file_close (file);
+ grub_enter_normal_mode (config);
+ }
+ else
+ {
+ /* Ignore all errors. */
+ grub_errno = 0;
+ }
+ grub_free (config);
+ }
+ }
+ }
else
- grub_enter_normal_mode (0);
+ {
+ grub_enter_normal_mode (0);
+ }
}
else
grub_enter_normal_mode (argv[0]);

47
0055-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch
View File

@ -1,47 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 9 Jul 2019 14:31:19 +0200
Subject: [PATCH] 20_linux_xen: load xen or multiboot{,2} modules as needed.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
util/grub.d/20_linux_xen.in | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
index e9e73b815f..c23b064be6 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
@@ -153,6 +153,7 @@ linux_entry_xsm ()
else
xen_rm_opts="no-real-mode edd=off"
fi
+ insmod ${xen_module}
${xen_loader} ${rel_xen_dirname}/${xen_basename} placeholder ${xen_args} \${xen_rm_opts}
echo '$(echo "$lmessage" | grub_quote)'
${module_loader} ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
@@ -166,6 +167,7 @@ EOF
done
sed "s/^/$submenu_indentation/" << EOF
echo '$(echo "$message" | grub_quote)'
+ insmod ${xen_module}
${module_loader} --nounzip $(echo $initrd_path)
EOF
fi
@@ -253,13 +255,16 @@ while [ "x${xen_list}" != "x" ] ; do
echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {"
fi
if ($grub_file --is-arm64-efi $current_xen); then
+ xen_module="xen_boot"
xen_loader="xen_hypervisor"
module_loader="xen_module"
else
if ($grub_file --is-x86-multiboot2 $current_xen); then
+ xen_module="multiboot2"
xen_loader="multiboot2"
module_loader="module2"
else
+ xen_module="multiboot"
xen_loader="multiboot"
module_loader="module"
fi

382
0058-Add-BLS-support-to-grub-mkconfig.patch
View File

@ -1,382 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 9 Dec 2016 15:40:29 -0500
Subject: [PATCH] Add BLS support to grub-mkconfig
GRUB now has BootLoaderSpec support, the user can choose to use this by
setting GRUB_ENABLE_BLSCFG to true in /etc/default/grub. On this setup,
the boot menu entries are not added to the grub.cfg, instead BLS config
files are parsed by blscfg command and the entries created dynamically.
A 10_linux_bls grub.d snippet to generate menu entries from BLS files
is also added that can be used on platforms where the bootloader doesn't
have BLS support and only can parse a normal grub configuration file.
Portions of the 10_linux_bls were taken from the ostree-grub-generator
script that's included in the OSTree project.
Fixes to support multi-devices and generate a BLS section even if no
kernels are found in the boot directory were proposed by Yclept Nemo
and Tom Gundersen respectively.
Signed-off-by: Peter Jones <pjones@redhat.com>
[javierm: remove outdated URL for BLS document]
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
[iwienand@redhat.com: skip machine ID check when updating entries]
Signed-off-by: Ian Wienand <iwienand@redhat.com>
[rharwood: use sort(1), commit message composits, drop man pages]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
util/grub-mkconfig.in | 9 +-
util/grub-mkconfig_lib.in | 22 ++++-
util/grub.d/10_linux.in | 218 +++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 243 insertions(+), 6 deletions(-)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index 535c0f0249..f55339a3f6 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -50,6 +50,8 @@ grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@"
export TEXTDOMAIN=@PACKAGE@
export TEXTDOMAINDIR="@localedir@"
+export GRUB_GRUBENV_UPDATE="yes"
+
. "${pkgdatadir}/grub-mkconfig_lib"
# Usage: usage
@@ -59,6 +61,7 @@ usage () {
gettext "Generate a grub config file"; echo
echo
print_option_help "-o, --output=$(gettext FILE)" "$(gettext "output generated config to FILE [default=stdout]")"
+ print_option_help "--no-grubenv-update" "$(gettext "do not update variables in the grubenv file")"
print_option_help "-h, --help" "$(gettext "print this message and exit")"
print_option_help "-V, --version" "$(gettext "print the version information and exit")"
echo
@@ -94,6 +97,9 @@ do
--output=*)
grub_cfg=`echo "$option" | sed 's/--output=//'`
;;
+ --no-grubenv-update)
+ GRUB_GRUBENV_UPDATE="no"
+ ;;
-*)
gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2
usage
@@ -253,7 +259,8 @@ export GRUB_DEFAULT \
GRUB_OS_PROBER_SKIP_LIST \
GRUB_DISABLE_SUBMENU \
GRUB_DEFAULT_DTB \
- SUSE_BTRFS_SNAPSHOT_BOOTING
+ SUSE_BTRFS_SNAPSHOT_BOOTING \
+ GRUB_ENABLE_BLSCFG
if test "x${grub_cfg}" != "x"; then
rm -f "${grub_cfg}.new"
diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in
index 5e96f6cc5d..301d8a8a1e 100644
--- a/util/grub-mkconfig_lib.in
+++ b/util/grub-mkconfig_lib.in
@@ -30,6 +30,9 @@ fi
if test "x$grub_file" = x; then
grub_file="${bindir}/@grub_file@"
fi
+if test "x$grub_editenv" = x; then
+ grub_editenv="${bindir}/@grub_editenv@"
+fi
if test "x$grub_mkrelpath" = x; then
grub_mkrelpath="${bindir}/@grub_mkrelpath@"
fi
@@ -122,8 +125,19 @@ EOF
fi
}
+prepare_grub_to_access_device_with_variable ()
+{
+ device_variable="$1"
+ shift
+ prepare_grub_to_access_device "$@"
+ unset "device_variable"
+}
+
prepare_grub_to_access_device ()
{
+ if [ -z "$device_variable" ]; then
+ device_variable="root"
+ fi
old_ifs="$IFS"
IFS='
'
@@ -158,18 +172,18 @@ prepare_grub_to_access_device ()
# otherwise set root as per value in device.map.
fs_hint="`"${grub_probe}" --device $@ --target=compatibility_hint`"
if [ "x$fs_hint" != x ]; then
- echo "set root='$fs_hint'"
+ echo "set ${device_variable}='$fs_hint'"
fi
if [ "x${GRUB_DISABLE_UUID}" != "xtrue" ] && fs_uuid="`"${grub_probe}" --device $@ --target=fs_uuid 2> /dev/null`" ; then
hints="`"${grub_probe}" --device $@ --target=hints_string 2> /dev/null`" || hints=
if [ "x$hints" != x ]; then
echo "if [ x\$feature_platform_search_hint = xy ]; then"
- echo " search --no-floppy --fs-uuid --set=root ${hints} ${fs_uuid}"
+ echo " search --no-floppy --fs-uuid --set=${device_variable} ${hints} ${fs_uuid}"
echo "else"
- echo " search --no-floppy --fs-uuid --set=root ${fs_uuid}"
+ echo " search --no-floppy --fs-uuid --set=${device_variable} ${fs_uuid}"
echo "fi"
else
- echo "search --no-floppy --fs-uuid --set=root ${fs_uuid}"
+ echo "search --no-floppy --fs-uuid --set=${device_variable} ${fs_uuid}"
fi
fi
IFS="$old_ifs"
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 7bb3a211a7..2851952659 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -82,6 +82,218 @@ case x"$GRUB_FS" in
;;
esac
+populate_header_warn()
+{
+if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then
+ bls_parser="10_linux script"
+else
+ bls_parser="blscfg command"
+fi
+cat <<EOF
+
+# This section was generated by a script. Do not modify the generated file - all changes
+# will be lost the next time file is regenerated. Instead edit the BootLoaderSpec files.
+#
+# The $bls_parser parses the BootLoaderSpec files stored in /boot/loader/entries and
+# populates the boot menu. Please refer to the Boot Loader Specification documentation
+# for the files format: https://systemd.io/BOOT_LOADER_SPECIFICATION/.
+
+EOF
+}
+
+read_config()
+{
+ config_file=${1}
+ title=""
+ initrd=""
+ options=""
+ linux=""
+ grub_arg=""
+
+ while read -r line
+ do
+ record=$(echo ${line} | cut -f 1 -d ' ')
+ value=$(echo ${line} | cut -s -f2- -d ' ')
+ case "${record}" in
+ "title")
+ title=${value}
+ ;;
+ "initrd")
+ initrd=${value}
+ ;;
+ "linux")
+ linux=${value}
+ ;;
+ "options")
+ options=${value}
+ ;;
+ "grub_arg")
+ grub_arg=${value}
+ ;;
+ esac
+ done < ${config_file}
+}
+
+blsdir="/boot/loader/entries"
+
+get_sorted_bls()
+{
+ if ! [ -d "${blsdir}" ]; then
+ return
+ fi
+
+ local IFS=$'\n'
+
+ files=($(for bls in ${blsdir}/*.conf; do
+ if ! [[ -e "${bls}" ]] ; then
+ continue
+ fi
+ bls="${bls%.conf}"
+ bls="${bls##*/}"
+ echo "${bls}"
+ done | sort -Vr 2>/dev/null)) || :
+
+ echo "${files[@]}"
+}
+
+update_bls_cmdline()
+{
+ local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+ local -a files=($(get_sorted_bls))
+
+ for bls in "${files[@]}"; do
+ local options="${cmdline}"
+ if [ -z "${bls##*debug*}" ]; then
+ options="${options} ${GRUB_CMDLINE_LINUX_DEBUG}"
+ fi
+ options="$(echo "${options}" | sed -e 's/\//\\\//g')"
+ sed -i -e "s/^options.*/options ${options}/" "${blsdir}/${bls}.conf"
+ done
+}
+
+populate_menu()
+{
+ local -a files=($(get_sorted_bls))
+
+ gettext_printf "Generating boot entries from BLS files...\n" >&2
+
+ for bls in "${files[@]}"; do
+ read_config "${blsdir}/${bls}.conf"
+
+ menu="${menu}menuentry '${title}' ${grub_arg} --id=${bls} {\n"
+ menu="${menu}\t linux ${linux} ${options}\n"
+ if [ -n "${initrd}" ] ; then
+ menu="${menu}\t initrd ${boot_prefix}${initrd}\n"
+ fi
+ menu="${menu}}\n\n"
+ done
+ # The printf command seems to be more reliable across shells for special character (\n, \t) evaluation
+ printf "$menu"
+}
+
+# Make BLS the default if GRUB_ENABLE_BLSCFG was not set and grubby is not installed.
+if [ -z "${GRUB_ENABLE_BLSCFG}" ] && ! command -v new-kernel-pkg >/dev/null; then
+ GRUB_ENABLE_BLSCFG="true"
+fi
+
+if [ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]; then
+ if [ x$dirname = x/ ]; then
+ if [ -z "${prepare_root_cache}" ]; then
+ prepare_grub_to_access_device ${GRUB_DEVICE}
+ fi
+ else
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_grub_to_access_device ${GRUB_DEVICE_BOOT}
+ fi
+ fi
+
+ if [ -d /sys/firmware/efi ]; then
+ bootefi_device="`${grub_probe} --target=device /boot/efi/`"
+ prepare_grub_to_access_device_with_variable boot ${bootefi_device}
+ else
+ boot_device="`${grub_probe} --target=device /boot/`"
+ prepare_grub_to_access_device_with_variable boot ${boot_device}
+ fi
+
+ arch="$(uname -m)"
+ if [ "x${arch}" = "xppc64le" ] && [ -d /sys/firmware/opal ]; then
+
+ BLS_POPULATE_MENU="true"
+ petitboot_path="/sys/firmware/devicetree/base/ibm,firmware-versions/petitboot"
+
+ if test -e ${petitboot_path}; then
+ read -r -d '' petitboot_version < ${petitboot_path}
+ petitboot_version="$(echo ${petitboot_version//v})"
+
+ if test -n ${petitboot_version}; then
+ major_version="$(echo ${petitboot_version} | cut -d . -f1)"
+ minor_version="$(echo ${petitboot_version} | cut -d . -f2)"
+
+ re='^[0-9]+$'
+ if [[ $major_version =~ $re ]] && [[ $minor_version =~ $re ]] &&
+ ([[ ${major_version} -gt 1 ]] ||
+ [[ ${major_version} -eq 1 &&
+ ${minor_version} -ge 8 ]]); then
+ BLS_POPULATE_MENU="false"
+ fi
+ fi
+ fi
+ fi
+
+ populate_header_warn
+
+ cat << EOF
+# The kernelopts variable should be defined in the grubenv file. But to ensure that menu
+# entries populated from BootLoaderSpec files that use this variable work correctly even
+# without a grubenv file, define a fallback kernelopts variable if this has not been set.
+#
+# The kernelopts variable in the grubenv file can be modified using the grubby tool or by
+# executing the grub2-mkconfig tool. For the latter, the values of the GRUB_CMDLINE_LINUX
+# and GRUB_CMDLINE_LINUX_DEFAULT options from /etc/default/grub file are used to set both
+# the kernelopts variable in the grubenv file and the fallback kernelopts variable.
+if [ -z "\${kernelopts}" ]; then
+ set kernelopts="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+fi
+EOF
+
+ update_bls_cmdline
+
+ if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then
+ populate_menu
+ else
+ cat << EOF
+
+insmod blscfg
+blscfg
+EOF
+ fi
+
+ if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then
+ blsdir="/boot/loader/entries"
+ [ -d "${blsdir}" ] && GRUB_BLS_FS="$(${grub_probe} --target=fs ${blsdir})"
+ if [ "x${GRUB_BLS_FS}" = "xbtrfs" ] || [ "x${GRUB_BLS_FS}" = "xzfs" ]; then
+ blsdir=$(make_system_path_relative_to_its_root "${blsdir}")
+ if [ "x${blsdir}" != "x/loader/entries" ] && [ "x${blsdir}" != "x/boot/loader/entries" ]; then
+ ${grub_editenv} - set blsdir="${blsdir}"
+ fi
+ fi
+
+ if [ -n "${GRUB_EARLY_INITRD_LINUX_CUSTOM}" ]; then
+ ${grub_editenv} - set early_initrd="${GRUB_EARLY_INITRD_LINUX_CUSTOM}"
+ fi
+
+ if [ -n "${GRUB_DEFAULT_DTB}" ]; then
+ ${grub_editenv} - set devicetree="${GRUB_DEFAULT_DTB}"
+ fi
+
+ if [ -n "${GRUB_SAVEDEFAULT}" ]; then
+ ${grub_editenv} - set save_default="${GRUB_SAVEDEFAULT}"
+ fi
+ fi
+
+ exit 0
+fi
+
mktitle ()
{
local title_type
@@ -121,6 +333,7 @@ linux_entry ()
if [ -z "$boot_device_id" ]; then
boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
fi
+
if [ x$type != xsimple ] ; then
title=$(mktitle "$type" "$version")
if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
@@ -231,6 +444,7 @@ is_top_level=true
while [ "x$list" != "x" ] ; do
linux=`version_find_latest $list`
gettext_printf "Found linux image: %s\n" "$linux" >&2
+
basename=`basename $linux`
dirname=`dirname $linux`
rel_dirname=`make_system_path_relative_to_its_root $dirname`
@@ -269,7 +483,9 @@ while [ "x$list" != "x" ] ; do
for i in ${initrd}; do
initrd_display="${initrd_display} ${dirname}/${i}"
done
- gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
+ if [ "x${GRUB_ENABLE_BLSCFG}" != "xtrue" ]; then
+ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2
+ fi
fi
fdt=

108
0075-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch
View File

@ -1,108 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Wed, 10 Jul 2019 23:58:28 +0200
Subject: [PATCH] bootp: Add processing DHCPACK packet from HTTP Boot
The vendor class identifier with the string "HTTPClient" is used to denote the
packet as responding to HTTP boot request. In DHCP4 config, the filename for
HTTP boot is the URL of the boot file while for PXE boot it is the path to the
boot file. As a consequence, the next-server becomes obseleted because the HTTP
URL already contains the server address for the boot file. For DHCP6 config,
there's no difference definition in existing config as dhcp6.bootfile-url can
be used to specify URL for both HTTP and PXE boot file.
This patch adds processing for "HTTPClient" vendor class identifier in DHCPACK
packet by treating it as HTTP format, not as the PXE format.
Signed-off-by: Michael Chang <mchang@suse.com>
Signed-off-by: Ken Lin <ken.lin@hpe.com>
---
grub-core/net/bootp.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++
include/grub/net.h | 1 +
2 files changed, 56 insertions(+)
diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
index fe93b80f1c..8fb8918ae7 100644
--- a/grub-core/net/bootp.c
+++ b/grub-core/net/bootp.c
@@ -20,6 +20,7 @@
#include <grub/env.h>
#include <grub/i18n.h>
#include <grub/command.h>
+#include <grub/net.h>
#include <grub/net/ip.h>
#include <grub/net/netbuff.h>
#include <grub/net/udp.h>
@@ -500,6 +501,60 @@ grub_net_configure_by_dhcp_ack (const char *name,
if (opt && opt_len)
grub_env_set_net_property (name, "rootpath", (const char *) opt, opt_len);
+ opt = find_dhcp_option (bp, size, GRUB_NET_BOOTP_VENDOR_CLASS_IDENTIFIER, &opt_len);
+ if (opt && opt_len)
+ {
+ grub_env_set_net_property (name, "vendor_class_identifier", (const char *) opt, opt_len);
+ if (opt && grub_strcmp (opt, "HTTPClient") == 0)
+ {
+ char *proto, *ip, *pa;
+
+ if (!dissect_url (bp->boot_file, &proto, &ip, &pa))
+ return inter;
+
+ grub_env_set_net_property (name, "boot_file", pa, grub_strlen (pa));
+ if (is_def)
+ {
+ grub_net_default_server = grub_strdup (ip);
+ grub_env_set ("net_default_interface", name);
+ grub_env_export ("net_default_interface");
+ }
+ if (device && !*device)
+ {
+ *device = grub_xasprintf ("%s,%s", proto, ip);
+ grub_print_error ();
+ }
+ if (path)
+ {
+ *path = grub_strdup (pa);
+ grub_print_error ();
+ if (*path)
+ {
+ char *slash;
+ slash = grub_strrchr (*path, '/');
+ if (slash)
+ *slash = 0;
+ else
+ **path = 0;
+ }
+ }
+ grub_net_add_ipv4_local (inter, mask);
+ inter->dhcp_ack = grub_malloc (size);
+ if (inter->dhcp_ack)
+ {
+ grub_memcpy (inter->dhcp_ack, bp, size);
+ inter->dhcp_acklen = size;
+ }
+ else
+ grub_errno = GRUB_ERR_NONE;
+
+ grub_free (proto);
+ grub_free (ip);
+ grub_free (pa);
+ return inter;
+ }
+ }
+
opt = find_dhcp_option (bp, size, GRUB_NET_BOOTP_EXTENSIONS_PATH, &opt_len);
if (opt && opt_len)
grub_env_set_net_property (name, "extensionspath", (const char *) opt, opt_len);
diff --git a/include/grub/net.h b/include/grub/net.h
index 543251f727..42af7de250 100644
--- a/include/grub/net.h
+++ b/include/grub/net.h
@@ -531,6 +531,7 @@ enum
GRUB_NET_DHCP_MESSAGE_TYPE = 53,
GRUB_NET_DHCP_SERVER_IDENTIFIER = 54,
GRUB_NET_DHCP_PARAMETER_REQUEST_LIST = 55,
+ GRUB_NET_BOOTP_VENDOR_CLASS_IDENTIFIER = 60,
GRUB_NET_BOOTP_CLIENT_ID = 61,
GRUB_NET_DHCP_TFTP_SERVER_NAME = 66,
GRUB_NET_DHCP_BOOTFILE_NAME = 67,

40
0094-Make-reset-an-alias-for-the-reboot-command.patch
View File

@ -1,40 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 31 Aug 2018 16:42:03 -0400
Subject: [PATCH] Make "reset" an alias for the "reboot" command.
I'm really tired of half the tools I get to use having one and the other half
having the other.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/commands/reboot.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/grub-core/commands/reboot.c b/grub-core/commands/reboot.c
index 46d364c99a..f5cc228363 100644
--- a/grub-core/commands/reboot.c
+++ b/grub-core/commands/reboot.c
@@ -32,15 +32,18 @@ grub_cmd_reboot (grub_command_t cmd __attribute__ ((unused)),
grub_reboot ();
}
-static grub_command_t cmd;
+static grub_command_t reboot_cmd, reset_cmd;
GRUB_MOD_INIT(reboot)
{
- cmd = grub_register_command ("reboot", grub_cmd_reboot,
- 0, N_("Reboot the computer."));
+ reboot_cmd = grub_register_command ("reboot", grub_cmd_reboot,
+ 0, N_("Reboot the computer."));
+ reset_cmd = grub_register_command ("reset", grub_cmd_reboot,
+ 0, N_("Reboot the computer."));
}
GRUB_MOD_FINI(reboot)
{
- grub_unregister_command (cmd);
+ grub_unregister_command (reboot_cmd);
+ grub_unregister_command (reset_cmd);
}

134
0095-Add-a-version-command.patch
View File

@ -1,134 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 11 Sep 2018 14:20:37 -0400
Subject: [PATCH] Add a "version" command
This adds a command that shows you info about grub's version, the grub
target platform, the compiler version, and if you built with
--with-rpm-version=<string>, the rpm package version.
Signed-off-by: Peter Jones <pjones@redhat.com>
[rharwood: don't say GNU, commit message cleanup]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
configure.ac | 13 ++++++++++
grub-core/Makefile.core.def | 5 ++++
grub-core/commands/version.c | 56 ++++++++++++++++++++++++++++++++++++++++++++
config.h.in | 1 +
4 files changed, 75 insertions(+)
create mode 100644 grub-core/commands/version.c
diff --git a/configure.ac b/configure.ac
index 54462e0892..7b4e1854d3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -284,6 +284,19 @@ AC_SUBST(target_cpu)
AC_SUBST(platform)
# Define default variables
+have_with_rpm_version=n
+AC_ARG_WITH([rpm_version],
+ AS_HELP_STRING([--with-rpm-version=VERSION],
+ [set the rpm package version [[guessed]]]),
+ [have_with_rpm_version=y],
+ [have_with_rpm_version=n])
+if test x$have_with_rpm_version = xy; then
+ rpm_version="$with_rpm_version"
+else
+ rpm_version=""
+fi
+GRUB_RPM_VERSION="$rpm_version"
+AC_SUBST(GRUB_RPM_VERSION)
have_with_bootdir=n
AC_ARG_WITH([bootdir],
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 4e7d90da76..4f203533f5 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -579,6 +579,11 @@ image = {
enable = mips_loongson;
};
+module = {
+ name = version;
+ common = commands/version.c;
+};
+
module = {
name = disk;
common = lib/disk.c;
diff --git a/grub-core/commands/version.c b/grub-core/commands/version.c
new file mode 100644
index 0000000000..de0acb07ba
--- /dev/null
+++ b/grub-core/commands/version.c
@@ -0,0 +1,56 @@
+/* version.c - Command to print the grub version and build info. */
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2006,2007,2008 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <grub/dl.h>
+#include <grub/term.h>
+#include <grub/time.h>
+#include <grub/types.h>
+#include <grub/misc.h>
+#include <grub/extcmd.h>
+#include <grub/i18n.h>
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+static grub_err_t
+grub_cmd_version (grub_command_t cmd UNUSED, int argc, char **args UNUSED)
+{
+ if (argc != 0)
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("no arguments expected"));
+
+ grub_printf (_("GRUB version %s\n"), PACKAGE_VERSION);
+ grub_printf (_("Platform %s-%s\n"), GRUB_TARGET_CPU, GRUB_PLATFORM);
+ if (grub_strlen(GRUB_RPM_VERSION) != 0)
+ grub_printf (_("RPM package version %s\n"), GRUB_RPM_VERSION);
+ grub_printf (_("Compiler version %s\n"), __VERSION__);
+
+ return 0;
+}
+
+static grub_command_t cmd;
+
+GRUB_MOD_INIT(version)
+{
+ cmd = grub_register_command ("version", grub_cmd_version, NULL,
+ N_("Print version and build information."));
+}
+
+GRUB_MOD_FINI(version)
+{
+ grub_unregister_command (cmd);
+}
diff --git a/config.h.in b/config.h.in
index 9e8f9911b1..c7e316f0f1 100644
--- a/config.h.in
+++ b/config.h.in
@@ -59,6 +59,7 @@
#define GRUB_TARGET_CPU "@GRUB_TARGET_CPU@"
#define GRUB_PLATFORM "@GRUB_PLATFORM@"
+#define GRUB_RPM_VERSION "@GRUB_RPM_VERSION@"
#define RE_ENABLE_I18N 1

74
0096-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch
View File

@ -1,74 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 11 Sep 2018 15:58:29 -0400
Subject: [PATCH] Add more dprintf, and nerf dprintf in script.c
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/disk/diskfilter.c | 3 +++
grub-core/disk/efi/efidisk.c | 1 +
grub-core/kern/device.c | 1 +
grub-core/script/script.c | 5 +++++
4 files changed, 10 insertions(+)
diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c
index 0320115662..7cdffe3ebd 100644
--- a/grub-core/disk/diskfilter.c
+++ b/grub-core/disk/diskfilter.c
@@ -188,6 +188,8 @@ scan_disk (const char *name, int accept_diskfilter)
grub_disk_t disk;
static int scan_depth = 0;
+ grub_dprintf ("diskfilter", "scanning %s\n", name);
+
if (!accept_diskfilter && is_valid_diskfilter_name (name))
return 0;
@@ -1212,6 +1214,7 @@ insert_array (grub_disk_t disk, const struct grub_diskfilter_pv_id *id,
the same. */
if (pv->disk && grub_disk_native_sectors (disk) >= pv->part_size)
return GRUB_ERR_NONE;
+ grub_dprintf ("diskfilter", "checking %s\n", disk->name);
pv->disk = grub_disk_open (disk->name);
if (!pv->disk)
return grub_errno;
diff --git a/grub-core/disk/efi/efidisk.c b/grub-core/disk/efi/efidisk.c
index f077b5f553..fe8ba6e6c9 100644
--- a/grub-core/disk/efi/efidisk.c
+++ b/grub-core/disk/efi/efidisk.c
@@ -855,6 +855,7 @@ grub_efidisk_get_device_name (grub_efi_handle_t *handle)
return 0;
}
+ grub_dprintf ("efidisk", "getting disk for %s\n", device_name);
parent = grub_disk_open (device_name);
grub_free (dup_dp);
diff --git a/grub-core/kern/device.c b/grub-core/kern/device.c
index 73b8ecc0c0..f58b58c89d 100644
--- a/grub-core/kern/device.c
+++ b/grub-core/kern/device.c
@@ -34,6 +34,7 @@ grub_device_open (const char *name)
{
grub_device_t dev = 0;
+ grub_dprintf ("device", "opening device %s\n", name);
if (! name)
{
name = grub_env_get ("root");
diff --git a/grub-core/script/script.c b/grub-core/script/script.c
index ec4d4337c6..844e8343ca 100644
--- a/grub-core/script/script.c
+++ b/grub-core/script/script.c
@@ -22,6 +22,11 @@
#include <grub/parser.h>
#include <grub/mm.h>
+#ifdef grub_dprintf
+#undef grub_dprintf
+#endif
+#define grub_dprintf(no, fmt, ...)
+
/* It is not possible to deallocate the memory when a syntax error was
found. Because of that it is required to keep track of all memory
allocations. The memory is freed in case of an error, or assigned

199
0099-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch
View File

@ -1,199 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 11 Jul 2019 18:03:25 +0200
Subject: [PATCH] Attempt to fix up all the places -Wsign-compare=error finds.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/kern/emu/misc.c | 2 +-
grub-core/lib/reed_solomon.c | 4 ++--
grub-core/osdep/linux/blocklist.c | 2 +-
grub-core/osdep/linux/getroot.c | 2 +-
grub-core/osdep/linux/hostdisk.c | 2 +-
util/grub-fstest.c | 2 +-
util/grub-menulst2cfg.c | 2 +-
util/grub-mkfont.c | 13 +++++++------
util/grub-probe.c | 2 +-
util/setup.c | 2 +-
10 files changed, 17 insertions(+), 16 deletions(-)
diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
index 0ff13bcaf8..d278c2921f 100644
--- a/grub-core/kern/emu/misc.c
+++ b/grub-core/kern/emu/misc.c
@@ -185,7 +185,7 @@ grub_util_get_image_size (const char *path)
sz = ftello (f);
if (sz < 0)
grub_util_error (_("cannot open `%s': %s"), path, strerror (errno));
- if (sz != (size_t) sz)
+ if (sz > (off_t)(GRUB_SIZE_MAX >> 1))
grub_util_error (_("file `%s' is too big"), path);
ret = (size_t) sz;
diff --git a/grub-core/lib/reed_solomon.c b/grub-core/lib/reed_solomon.c
index 467305b46a..79037c093f 100644
--- a/grub-core/lib/reed_solomon.c
+++ b/grub-core/lib/reed_solomon.c
@@ -157,7 +157,7 @@ static void
rs_encode (gf_single_t *data, grub_size_t s, grub_size_t rs)
{
gf_single_t *rs_polynomial;
- int i, j;
+ unsigned int i, j;
gf_single_t *m;
m = xcalloc (s + rs, sizeof (gf_single_t));
grub_memcpy (m, data, s * sizeof (gf_single_t));
@@ -324,7 +324,7 @@ static void
encode_block (gf_single_t *ptr, grub_size_t s,
gf_single_t *rptr, grub_size_t rs)
{
- int i, j;
+ unsigned int i, j;
for (i = 0; i < SECTOR_SIZE; i++)
{
grub_size_t ds = (s + SECTOR_SIZE - 1 - i) / SECTOR_SIZE;
diff --git a/grub-core/osdep/linux/blocklist.c b/grub-core/osdep/linux/blocklist.c
index c77d6085cc..42a315031f 100644
--- a/grub-core/osdep/linux/blocklist.c
+++ b/grub-core/osdep/linux/blocklist.c
@@ -109,7 +109,7 @@ grub_install_get_blocklist (grub_device_t root_dev,
else
{
struct fiemap *fie2;
- int i;
+ unsigned int i;
fie2 = xmalloc (sizeof (*fie2)
+ fie1.fm_mapped_extents
* sizeof (fie1.fm_extents[1]));
diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c
index 28790307e0..9f730b3518 100644
--- a/grub-core/osdep/linux/getroot.c
+++ b/grub-core/osdep/linux/getroot.c
@@ -236,7 +236,7 @@ grub_find_root_devices_from_btrfs (const char *dir)
{
int fd;
struct btrfs_ioctl_fs_info_args fsi;
- int i, j = 0;
+ unsigned int i, j = 0;
char **ret;
fd = open (dir, 0);
diff --git a/grub-core/osdep/linux/hostdisk.c b/grub-core/osdep/linux/hostdisk.c
index da62f924e3..7bc99ac1c1 100644
--- a/grub-core/osdep/linux/hostdisk.c
+++ b/grub-core/osdep/linux/hostdisk.c
@@ -83,7 +83,7 @@ grub_util_get_fd_size_os (grub_util_fd_t fd, const char *name, unsigned *log_sec
if (sector_size & (sector_size - 1) || !sector_size)
return -1;
for (log_sector_size = 0;
- (1 << log_sector_size) < sector_size;
+ (1U << log_sector_size) < sector_size;
log_sector_size++);
if (log_secsize)
diff --git a/util/grub-fstest.c b/util/grub-fstest.c
index 8386564200..bfcef852d8 100644
--- a/util/grub-fstest.c
+++ b/util/grub-fstest.c
@@ -323,7 +323,7 @@ cmd_cmp (char *src, char *dest)
read_file (src, cmp_hook, ff);
{
- grub_uint64_t pre;
+ long long pre;
pre = ftell (ff);
fseek (ff, 0, SEEK_END);
if (pre != ftell (ff))
diff --git a/util/grub-menulst2cfg.c b/util/grub-menulst2cfg.c
index a39f869394..358d604210 100644
--- a/util/grub-menulst2cfg.c
+++ b/util/grub-menulst2cfg.c
@@ -34,7 +34,7 @@ main (int argc, char **argv)
char *buf = NULL;
size_t bufsize = 0;
char *suffix = xstrdup ("");
- int suffixlen = 0;
+ size_t suffixlen = 0;
const char *out_fname = 0;
grub_util_host_init (&argc, &argv);
diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c
index 0fe45a6103..3e09240b99 100644
--- a/util/grub-mkfont.c
+++ b/util/grub-mkfont.c
@@ -138,7 +138,8 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face,
int width, height;
int cuttop, cutbottom, cutleft, cutright;
grub_uint8_t *data;
- int mask, i, j, bitmap_size;
+ int mask, i, bitmap_size;
+ unsigned int j;
FT_GlyphSlot glyph;
int flag = FT_LOAD_RENDER | FT_LOAD_MONOCHROME;
FT_Error err;
@@ -183,7 +184,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face,
cuttop = cutbottom = cutleft = cutright = 0;
else
{
- for (cuttop = 0; cuttop < glyph->bitmap.rows; cuttop++)
+ for (cuttop = 0; cuttop < (long)glyph->bitmap.rows; cuttop++)
{
for (j = 0; j < glyph->bitmap.width; j++)
if (glyph->bitmap.buffer[j / 8 + cuttop * glyph->bitmap.pitch]
@@ -203,10 +204,10 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face,
break;
}
cutbottom = glyph->bitmap.rows - 1 - cutbottom;
- if (cutbottom + cuttop >= glyph->bitmap.rows)
+ if (cutbottom + cuttop >= (long)glyph->bitmap.rows)
cutbottom = 0;
- for (cutleft = 0; cutleft < glyph->bitmap.width; cutleft++)
+ for (cutleft = 0; cutleft < (long)glyph->bitmap.width; cutleft++)
{
for (j = 0; j < glyph->bitmap.rows; j++)
if (glyph->bitmap.buffer[cutleft / 8 + j * glyph->bitmap.pitch]
@@ -225,7 +226,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face,
break;
}
cutright = glyph->bitmap.width - 1 - cutright;
- if (cutright + cutleft >= glyph->bitmap.width)
+ if (cutright + cutleft >= (long)glyph->bitmap.width)
cutright = 0;
}
@@ -262,7 +263,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face,
mask = 0;
data = &glyph_info->bitmap[0] - 1;
- for (j = cuttop; j < height + cuttop; j++)
+ for (j = cuttop; j < (long)height + cuttop; j++)
for (i = cutleft; i < width + cutleft; i++)
add_pixel (&data, &mask,
glyph->bitmap.buffer[i / 8 + j * glyph->bitmap.pitch] &
diff --git a/util/grub-probe.c b/util/grub-probe.c
index c08e46bbb4..c6fac732b4 100644
--- a/util/grub-probe.c
+++ b/util/grub-probe.c
@@ -798,7 +798,7 @@ argp_parser (int key, char *arg, struct argp_state *state)
case 't':
{
- int i;
+ unsigned int i;
for (i = PRINT_FS; i < ARRAY_SIZE (targets); i++)
if (strcmp (arg, targets[i]) == 0)
diff --git a/util/setup.c b/util/setup.c
index da5f2c07f5..8b22bb8cca 100644
--- a/util/setup.c
+++ b/util/setup.c
@@ -406,7 +406,7 @@ SETUP (const char *dir,
int is_ldm;
grub_err_t err;
grub_disk_addr_t *sectors;
- int i;
+ unsigned int i;
grub_fs_t fs;
unsigned int nsec, maxsec;

59
0100-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch
View File

@ -1,59 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 11 Jul 2019 18:20:37 +0200
Subject: [PATCH] Don't use -Wno-sign-compare -Wno-conversion -Wno-error, do
use -Wextra.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
configure.ac | 14 +++++++++++---
conf/Makefile.common | 2 +-
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/configure.ac b/configure.ac
index 7b4e1854d3..490353713a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1452,11 +1452,11 @@ fi
# Set them to their new values for the tests below.
CC="$TARGET_CC"
if test x"$platform" = xemu ; then
-CFLAGS="$TARGET_CFLAGS -Wno-error"
+CFLAGS="$TARGET_CFLAGS"
elif test "x$TARGET_APPLE_LINKER" = x1 ; then
-CFLAGS="$TARGET_CFLAGS -nostdlib -static -Wno-error"
+CFLAGS="$TARGET_CFLAGS -nostdlib -static"
else
-CFLAGS="$TARGET_CFLAGS -nostdlib -Wno-error"
+CFLAGS="$TARGET_CFLAGS -nostdlib"
fi
CPPFLAGS="$TARGET_CPPFLAGS"
@@ -1990,6 +1990,14 @@ if test x"$enable_werror" != xno ; then
HOST_CFLAGS="$HOST_CFLAGS -Werror"
fi
+AC_ARG_ENABLE([wextra],
+ [AS_HELP_STRING([--disable-wextra],
+ [do not use -Wextra when building GRUB])])
+if test x"$enable_wextra" != xno ; then
+ TARGET_CFLAGS="$TARGET_CFLAGS -Wextra"
+ HOST_CFLAGS="$HOST_CFLAGS -Wextra"
+fi
+
TARGET_CPP="$TARGET_CC -E"
TARGET_CCAS=$TARGET_CC
diff --git a/conf/Makefile.common b/conf/Makefile.common
index 2ff9b39357..35e14ff017 100644
--- a/conf/Makefile.common
+++ b/conf/Makefile.common
@@ -66,7 +66,7 @@ grubconfdir = $(sysconfdir)/grub.d
platformdir = $(pkglibdir)/$(target_cpu)-$(platform)
starfielddir = $(pkgdatadir)/themes/starfield
-CFLAGS_GNULIB = -Wno-undef -Wno-sign-compare -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Wno-conversion
+CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code
CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib
CFLAGS_POSIX = -fno-builtin

38
0106-Do-not-allow-stack-trampolines-anywhere.patch
View File

@ -1,38 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 12 Jul 2019 10:06:50 +0200
Subject: [PATCH] Do not allow stack trampolines, anywhere.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
configure.ac | 3 +++
conf/Makefile.common | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 490353713a..a02d40a05b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1998,6 +1998,9 @@ if test x"$enable_wextra" != xno ; then
HOST_CFLAGS="$HOST_CFLAGS -Wextra"
fi
+TARGET_CFLAGS="$TARGET_CFLAGS -Werror=trampolines -fno-trampolines"
+HOST_CFLAGS="$HOST_CFLAGS -Werror=trampolines -fno-trampolines"
+
TARGET_CPP="$TARGET_CC -E"
TARGET_CCAS=$TARGET_CC
diff --git a/conf/Makefile.common b/conf/Makefile.common
index 35e14ff017..0647c53b91 100644
--- a/conf/Makefile.common
+++ b/conf/Makefile.common
@@ -66,7 +66,7 @@ grubconfdir = $(sysconfdir)/grub.d
platformdir = $(pkglibdir)/$(target_cpu)-$(platform)
starfielddir = $(pkgdatadir)/themes/starfield
-CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code
+CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Werror=trampolines -fno-trampolines
CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib
CFLAGS_POSIX = -fno-builtin

346
0110-Add-efi-export-env-and-efi-load-env-commands.patch
View File

@ -1,346 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 16 Jan 2019 13:21:46 -0500
Subject: [PATCH] Add efi-export-env and efi-load-env commands
This adds "efi-export-env VARIABLE" and "efi-load-env", which manipulate the
environment block stored in the EFI variable
GRUB_ENV-91376aff-cba6-42be-949d-06fde81128e8.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/Makefile.core.def | 6 ++
grub-core/commands/efi/env.c | 168 +++++++++++++++++++++++++++++++++++++++++++
grub-core/kern/efi/efi.c | 3 +
grub-core/kern/efi/init.c | 5 --
grub-core/lib/envblk.c | 43 +++++++++++
util/grub-set-bootflag.c | 1 +
include/grub/efi/efi.h | 5 ++
include/grub/lib/envblk.h | 3 +
8 files changed, 229 insertions(+), 5 deletions(-)
create mode 100644 grub-core/commands/efi/env.c
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index ea4d59f51b..dc9fea6f44 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -820,6 +820,12 @@ module = {
enable = efi;
};
+module = {
+ name = efienv;
+ common = commands/efi/env.c;
+ enable = efi;
+};
+
module = {
name = efifwsetup;
efi = commands/efi/efifwsetup.c;
diff --git a/grub-core/commands/efi/env.c b/grub-core/commands/efi/env.c
new file mode 100644
index 0000000000..cbd13e03e8
--- /dev/null
+++ b/grub-core/commands/efi/env.c
@@ -0,0 +1,168 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+#include <grub/dl.h>
+#include <grub/mm.h>
+#include <grub/misc.h>
+#include <grub/types.h>
+#include <grub/mm.h>
+#include <grub/misc.h>
+#include <grub/efi/api.h>
+#include <grub/efi/efi.h>
+#include <grub/env.h>
+#include <grub/lib/envblk.h>
+#include <grub/command.h>
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+static const grub_efi_guid_t grub_env_guid = GRUB_EFI_GRUB_VARIABLE_GUID;
+
+static grub_err_t
+grub_efi_export_env(grub_command_t cmd __attribute__ ((unused)),
+ int argc, char *argv[])
+{
+ const char *value;
+ char *old_value;
+ struct grub_envblk envblk_s = { NULL, 0 };
+ grub_envblk_t envblk = &envblk_s;
+ grub_err_t err;
+ int changed = 1;
+ grub_efi_status_t status;
+
+ grub_dprintf ("efienv", "argc:%d\n", argc);
+ for (int i = 0; i < argc; i++)
+ grub_dprintf ("efienv", "argv[%d]: %s\n", i, argv[i]);
+
+ if (argc != 1)
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("variable name expected"));
+
+ grub_efi_get_variable ("GRUB_ENV", &grub_env_guid, &envblk_s.size,
+ (void **) &envblk_s.buf);
+ if (!envblk_s.buf || envblk_s.size < 1)
+ {
+ char *buf = grub_malloc (1025);
+ if (!buf)
+ return grub_errno;
+
+ grub_memcpy (buf, GRUB_ENVBLK_SIGNATURE, sizeof (GRUB_ENVBLK_SIGNATURE) - 1);
+ grub_memset (buf + sizeof (GRUB_ENVBLK_SIGNATURE) - 1, '#',
+ DEFAULT_ENVBLK_SIZE - sizeof (GRUB_ENVBLK_SIGNATURE) + 1);
+ buf[1024] = '\0';
+
+ envblk_s.buf = buf;
+ envblk_s.size = 1024;
+ }
+ else
+ {
+ char *buf = grub_realloc (envblk_s.buf, envblk_s.size + 1);
+ if (!buf)
+ return grub_errno;
+
+ envblk_s.buf = buf;
+ envblk_s.buf[envblk_s.size] = '\0';
+ }
+
+ err = grub_envblk_get(envblk, argv[0], &old_value);
+ if (err != GRUB_ERR_NONE)
+ {
+ grub_dprintf ("efienv", "grub_envblk_get returned %d\n", err);
+ return err;
+ }
+
+ value = grub_env_get(argv[0]);
+ if ((!value && !old_value) ||
+ (value && old_value && !grub_strcmp(old_value, value)))
+ changed = 0;
+
+ if (old_value)
+ grub_free(old_value);
+
+ if (changed == 0)
+ {
+ grub_dprintf ("efienv", "No changes necessary\n");
+ return 0;
+ }
+
+ if (value)
+ {
+ grub_dprintf ("efienv", "setting \"%s\" to \"%s\"\n", argv[0], value);
+ grub_envblk_set(envblk, argv[0], value);
+ }
+ else
+ {
+ grub_dprintf ("efienv", "deleting \"%s\" from envblk\n", argv[0]);
+ grub_envblk_delete(envblk, argv[0]);
+ }
+
+ grub_dprintf ("efienv", "envblk is %lu bytes:\n\"%s\"\n", envblk_s.size, envblk_s.buf);
+
+ grub_dprintf ("efienv", "removing GRUB_ENV\n");
+ status = grub_efi_set_variable ("GRUB_ENV", &grub_env_guid, NULL, 0);
+ if (status != GRUB_EFI_SUCCESS)
+ grub_dprintf ("efienv", "removal returned %ld\n", status);
+
+ grub_dprintf ("efienv", "setting GRUB_ENV\n");
+ status = grub_efi_set_variable ("GRUB_ENV", &grub_env_guid,
+ envblk_s.buf, envblk_s.size);
+ if (status != GRUB_EFI_SUCCESS)
+ grub_dprintf ("efienv", "setting GRUB_ENV returned %ld\n", status);
+
+ return 0;
+}
+
+static int
+set_var (const char *name, const char *value,
+ void *whitelist __attribute__((__unused__)))
+{
+ grub_env_set (name, value);
+ return 0;
+}
+
+static grub_err_t
+grub_efi_load_env(grub_command_t cmd __attribute__ ((unused)),
+ int argc, char *argv[] __attribute__((__unused__)))
+{
+ struct grub_envblk envblk_s = { NULL, 0 };
+ grub_envblk_t envblk = &envblk_s;
+
+ grub_efi_get_variable ("GRUB_ENV", &grub_env_guid, &envblk_s.size,
+ (void **) &envblk_s.buf);
+ if (!envblk_s.buf || envblk_s.size < 1)
+ return 0;
+
+ if (argc > 0)
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("unexpected argument"));
+
+ grub_envblk_iterate (envblk, NULL, set_var);
+ grub_free (envblk_s.buf);
+}
+
+static grub_command_t export_cmd, loadenv_cmd;
+
+GRUB_MOD_INIT(lsefi)
+{
+ export_cmd = grub_register_command ("efi-export-env", grub_efi_export_env,
+ N_("VARIABLE_NAME"), N_("Export environment variable to UEFI."));
+ loadenv_cmd = grub_register_command ("efi-load-env", grub_efi_load_env,
+ NULL, N_("Load the grub environment from UEFI."));
+}
+
+GRUB_MOD_FINI(lsefi)
+{
+ grub_unregister_command (export_cmd);
+ grub_unregister_command (loadenv_cmd);
+}
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index 2a446f5031..14bc10eb56 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -225,6 +225,9 @@ grub_efi_set_variable(const char *var, const grub_efi_guid_t *guid,
if (status == GRUB_EFI_SUCCESS)
return GRUB_ERR_NONE;
+ if (status == GRUB_EFI_NOT_FOUND && datasize == 0)
+ return GRUB_ERR_NONE;
+
return grub_error (GRUB_ERR_IO, "could not set EFI variable `%s'", var);
}
diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c
index 2d12e6188f..0574d8d621 100644
--- a/grub-core/kern/efi/init.c
+++ b/grub-core/kern/efi/init.c
@@ -85,11 +85,6 @@ stack_protector_init (void)
grub_addr_t grub_modbase;
-#define GRUB_EFI_GRUB_VARIABLE_GUID \
- { 0x91376aff, 0xcba6, 0x42be, \
- { 0x94, 0x9d, 0x06, 0xfd, 0xe8, 0x11, 0x28, 0xe8 } \
- }
-
/* Helper for grub_efi_env_init */
static int
set_var (const char *name, const char *value,
diff --git a/grub-core/lib/envblk.c b/grub-core/lib/envblk.c
index 2e4e78b132..874506da16 100644
--- a/grub-core/lib/envblk.c
+++ b/grub-core/lib/envblk.c
@@ -223,6 +223,49 @@ grub_envblk_delete (grub_envblk_t envblk, const char *name)
}
}
+struct get_var_state {
+ const char * const name;
+ char * value;
+ int found;
+};
+
+static int
+get_var (const char * const name, const char * const value, void *statep)
+{
+ struct get_var_state *state = (struct get_var_state *)statep;
+
+ if (!grub_strcmp(state->name, name))
+ {
+ state->found = 1;
+ state->value = grub_strdup(value);
+ if (!state->value)
+ grub_errno = grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+
+ return 1;
+ }
+
+ return 0;
+}
+
+grub_err_t
+grub_envblk_get (grub_envblk_t envblk, const char * const name, char ** const value)
+{
+ struct get_var_state state = {
+ .name = name,
+ .value = NULL,
+ .found = 0,
+ };
+
+ grub_envblk_iterate(envblk, (void *)&state, get_var);
+
+ *value = state.value;
+
+ if (state.found && !state.value)
+ return grub_errno;
+
+ return GRUB_ERR_NONE;
+}
+
void
grub_envblk_iterate (grub_envblk_t envblk,
void *hook_data,
diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c
index d506f7e75b..a6ccc11383 100644
--- a/util/grub-set-bootflag.c
+++ b/util/grub-set-bootflag.c
@@ -25,6 +25,7 @@
#include <config-util.h> /* For *_DIR_NAME defines */
#include <grub/types.h>
+#include <grub/err.h>
#include <grub/lib/envblk.h> /* For GRUB_ENVBLK_DEFCFG define */
#include <errno.h>
#include <stdio.h>
diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h
index 2e0691454b..8dfc89a33b 100644
--- a/include/grub/efi/efi.h
+++ b/include/grub/efi/efi.h
@@ -24,6 +24,11 @@
#include <grub/dl.h>
#include <grub/efi/api.h>
+#define GRUB_EFI_GRUB_VARIABLE_GUID \
+ { 0x91376aff, 0xcba6, 0x42be, \
+ { 0x94, 0x9d, 0x06, 0xfd, 0xe8, 0x11, 0x28, 0xe8 } \
+ }
+
/* Variables. */
extern grub_efi_system_table_t *EXPORT_VAR(grub_efi_system_table);
extern grub_efi_handle_t EXPORT_VAR(grub_efi_image_handle);
diff --git a/include/grub/lib/envblk.h b/include/grub/lib/envblk.h
index c3e6559217..ab969af246 100644
--- a/include/grub/lib/envblk.h
+++ b/include/grub/lib/envblk.h
@@ -22,6 +22,8 @@
#define GRUB_ENVBLK_SIGNATURE "# GRUB Environment Block\n"
#define GRUB_ENVBLK_DEFCFG "grubenv"
+#define DEFAULT_ENVBLK_SIZE 1024
+
#ifndef ASM_FILE
struct grub_envblk
@@ -33,6 +35,7 @@ typedef struct grub_envblk *grub_envblk_t;
grub_envblk_t grub_envblk_open (char *buf, grub_size_t size);
int grub_envblk_set (grub_envblk_t envblk, const char *name, const char *value);
+grub_err_t grub_envblk_get (grub_envblk_t envblk, const char * const name, char ** const value);
void grub_envblk_delete (grub_envblk_t envblk, const char *name);
void grub_envblk_iterate (grub_envblk_t envblk,
void *hook_data,

45
0111-Make-it-possible-to-subtract-conditions-from-debug.patch
View File

@ -1,45 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 17 Jan 2019 13:10:39 -0500
Subject: [PATCH] Make it possible to subtract conditions from debug=
This makes it so you can do set debug to "all,-scripting,-lexer" and get the
obvious outcome. Any negation present will take preference over that
conditional, so "all,-scripting,scripting" is the same thing as
"all,-scripting".
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/kern/misc.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
index 9a2fae6398..578bf51a5f 100644
--- a/grub-core/kern/misc.c
+++ b/grub-core/kern/misc.c
@@ -164,12 +164,24 @@ int
grub_debug_enabled (const char * condition)
{
const char *debug;
+ char *negcond;
+ int negated = 0;
debug = grub_env_get ("debug");
if (!debug)
return 0;
- if (grub_strword (debug, "all") || grub_strword (debug, condition))
+ negcond = grub_zalloc (grub_strlen (condition) + 2);
+ if (negcond)
+ {
+ grub_strcpy (negcond, "-");
+ grub_strcpy (negcond+1, condition);
+ negated = grub_strword (debug, negcond);
+ grub_free (negcond);
+ }
+
+ if (!negated &&
+ (grub_strword (debug, "all") || grub_strword (debug, condition)))
return 1;
return 0;

44
0112-Export-all-variables-from-the-initial-context-when-c.patch
View File

@ -1,44 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 22 Jan 2019 15:40:25 +0100
Subject: [PATCH] Export all variables from the initial context when creating a
submenu
When a submenu is created, only the exported variables are copied to the
new menu context. But we want the variables to be global, so export lets
export all variables to the new created submenu.
Also, don't unset the default variable when a new submenu is created.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/normal/context.c | 2 +-
grub-core/normal/menu.c | 2 --
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/grub-core/normal/context.c b/grub-core/normal/context.c
index ee53d4a68e..87edd254c4 100644
--- a/grub-core/normal/context.c
+++ b/grub-core/normal/context.c
@@ -99,7 +99,7 @@ grub_env_new_context (int export_all)
grub_err_t
grub_env_context_open (void)
{
- return grub_env_new_context (0);
+ return grub_env_new_context (1);
}
int grub_extractor_level = 0;
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index 4a02aadb01..fe2e77a43e 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -375,8 +375,6 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
if (ptr && ptr[0] && ptr[1])
grub_env_set ("default", ptr + 1);
- else
- grub_env_unset ("default");
grub_script_execute_new_scope (entry->sourcecode, entry->argc, entry->args);

97
0114-Don-t-assume-that-boot-commands-will-only-return-on-.patch
View File

@ -1,97 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 9 Apr 2019 13:12:40 +0200
Subject: [PATCH] Don't assume that boot commands will only return on fail
While it's true that for most loaders the boot command never returns, it
may be the case that it does. For example the GRUB emulator boot command
calls to systemctl kexec which in turn does an asynchonous call to kexec.
So in this case GRUB will wrongly assume that the boot command fails and
print a "Failed to boot both default and fallback entries" even when the
kexec call later succeeds.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/normal/menu.c | 23 +++++++++++++----------
1 file changed, 13 insertions(+), 10 deletions(-)
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index fe2e77a43e..ec0c92bade 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -285,7 +285,7 @@ get_and_remove_first_entry_number (grub_menu_t menu, const char *name)
}
/* Run a menu entry. */
-static void
+static grub_err_t
grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
{
grub_err_t err = GRUB_ERR_NONE;
@@ -302,7 +302,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
{
grub_print_error ();
grub_errno = GRUB_ERR_NONE;
- return;
+ return grub_errno;
}
errs_before = grub_err_printed_errors;
@@ -315,7 +315,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
grub_env_context_open ();
menu = grub_zalloc (sizeof (*menu));
if (! menu)
- return;
+ return grub_errno;
grub_env_set_menu (menu);
if (auto_boot)
grub_env_set ("timeout", "0");
@@ -385,7 +385,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
if (grub_errno == GRUB_ERR_NONE && grub_loader_is_loaded ())
/* Implicit execution of boot, only if something is loaded. */
- grub_command_execute ("boot", 0, 0);
+ err = grub_command_execute ("boot", 0, 0);
if (errs_before != grub_err_printed_errors)
grub_wait_after_message ();
@@ -408,6 +408,8 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot)
else
grub_env_unset ("default");
grub_env_unset ("timeout");
+
+ return err;
}
/* Execute ENTRY from the menu MENU, falling back to entries specified
@@ -422,10 +424,13 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
void *callback_data)
{
int fallback_entry;
+ grub_err_t err;
callback->notify_booting (entry, callback_data);
- grub_menu_execute_entry (entry, 1);
+ err = grub_menu_execute_entry (entry, 1);
+ if (err == GRUB_ERR_NONE)
+ return;
/* Deal with fallback entries. */
while ((fallback_entry = get_and_remove_first_entry_number (menu, "fallback"))
@@ -436,11 +441,9 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
entry = grub_menu_get_entry (menu, fallback_entry);
callback->notify_fallback (entry, callback_data);
- grub_menu_execute_entry (entry, 1);
- /* If the function call to execute the entry returns at all, then this is
- taken to indicate a boot failure. For menu entries that do something
- other than actually boot an operating system, this could assume
- incorrectly that something failed. */
+ err = grub_menu_execute_entry (entry, 1);
+ if (err == GRUB_ERR_NONE)
+ return;
}
if (!autobooted)

28
0118-Add-start-symbol-for-RISC-V.patch
View File

@ -1,28 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: David Abdurachmanov <david.abdurachmanov@sifive.com>
Date: Sat, 9 Nov 2019 19:51:57 +0000
Subject: [PATCH] Add start symbol for RISC-V
All other architectures have start symbol.
Hopefully this resolves:
BUILDSTDERR: ././grub-mkimage: error: undefined symbol start.
Signed-off-by: David Abdurachmanov <david.abdurachmanov@sifive.com>
---
grub-core/kern/riscv/efi/startup.S | 1 +
1 file changed, 1 insertion(+)
diff --git a/grub-core/kern/riscv/efi/startup.S b/grub-core/kern/riscv/efi/startup.S
index f2a7b2b1ed..781773136e 100644
--- a/grub-core/kern/riscv/efi/startup.S
+++ b/grub-core/kern/riscv/efi/startup.S
@@ -29,6 +29,7 @@
.file "startup.S"
.text
+FUNCTION(start)
FUNCTION(_start)
/*
* EFI_SYSTEM_TABLE and EFI_HANDLE are passed in a1/a0.

33
0119-bootstrap.conf-Force-autogen.sh-to-use-python3.patch
View File

@ -1,33 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Wed, 15 Jan 2020 12:47:46 +0100
Subject: [PATCH] bootstrap.conf: Force autogen.sh to use python3
The python-unversioned-command package is not installed in the buildroot,
but the bootstrap script expects the python command to be present if one
is not defined. So building the package leads to the following error:
./autogen.sh: line 20: python: command not found
This is harmless since gnulib is included as a source anyways, because the
builders can't download. But still the issue should be fixed by forcing to
use python3 that's the default in Fedora now.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
bootstrap.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bootstrap.conf b/bootstrap.conf
index 6b043fc354..52d4af44be 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -92,7 +92,7 @@ bootstrap_post_import_hook () {
patch -d po -p3 \
< "po/gettext-patches/$patchname.patch"
done
- FROM_BOOTSTRAP=1 ./autogen.sh
+ PYTHON=python3 FROM_BOOTSTRAP=1 ./autogen.sh
set +e # bootstrap expects this
}

30
0125-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch
View File

@ -1,30 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Wed, 22 Apr 2020 12:41:52 +0200
Subject: [PATCH] kern/term: Also accept F8 as a user interrupt key
Make F8, which used to be the hotkey to show the Windows boot menu during
boot for a long long time, also interrupt sleeps / stop the menu countdown.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/kern/term.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/grub-core/kern/term.c b/grub-core/kern/term.c
index 14d5964983..4d61f4e979 100644
--- a/grub-core/kern/term.c
+++ b/grub-core/kern/term.c
@@ -144,9 +144,10 @@ grub_key_is_interrupt (int key)
/*
* ESC sometimes is the BIOS setup hotkey and may be hard to discover, also
* check F4, which was chosen because is not used as a hotkey to enter the
- * BIOS setup by any vendor.
+ * BIOS setup by any vendor. Also, F8 which was the key to get the Windows
+ * bootmenu for a long time.
*/
- if (key == GRUB_TERM_ESC || key == GRUB_TERM_KEY_F4)
+ if (key == GRUB_TERM_ESC || key == GRUB_TERM_KEY_F4 || key == GRUB_TERM_KEY_F8)
return 1;
/*

62
0127-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch
View File

@ -1,62 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Sat, 16 May 2020 11:33:18 +0200
Subject: [PATCH] tpm: Don't propagate TPM measurement errors to the verifiers
layer
Currently if the EFI firmware fails to do a TPM measurement for a file,
the error will be propagated to the verifiers framework and so opening
the file will not succeed.
This mean that buggy firmwares will prevent the system to boot since the
loader won't be able to open any file. But failing to do TPM measurements
shouldn't be a fatal error and the system should still be able to boot.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/commands/tpm.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/grub-core/commands/tpm.c b/grub-core/commands/tpm.c
index 2052c36eab..e287d042e6 100644
--- a/grub-core/commands/tpm.c
+++ b/grub-core/commands/tpm.c
@@ -42,7 +42,8 @@ grub_tpm_verify_init (grub_file_t io,
static grub_err_t
grub_tpm_verify_write (void *context, void *buf, grub_size_t size)
{
- return grub_tpm_measure (buf, size, GRUB_BINARY_PCR, context);
+ grub_tpm_measure (buf, size, GRUB_BINARY_PCR, context);
+ return GRUB_ERR_NONE;
}
static grub_err_t
@@ -50,7 +51,6 @@ grub_tpm_verify_string (char *str, enum grub_verify_string_type type)
{
const char *prefix = NULL;
char *description;
- grub_err_t status;
switch (type)
{
@@ -66,15 +66,15 @@ grub_tpm_verify_string (char *str, enum grub_verify_string_type type)
}
description = grub_malloc (grub_strlen (str) + grub_strlen (prefix) + 1);
if (!description)
- return grub_errno;
+ return GRUB_ERR_NONE;
grub_memcpy (description, prefix, grub_strlen (prefix));
grub_memcpy (description + grub_strlen (prefix), str,
grub_strlen (str) + 1);
- status =
- grub_tpm_measure ((unsigned char *) str, grub_strlen (str),
- GRUB_STRING_PCR, description);
+
+ grub_tpm_measure ((unsigned char *) str, grub_strlen (str), GRUB_STRING_PCR,
+ description);
grub_free (description);
- return status;
+ return GRUB_ERR_NONE;
}
struct grub_file_verifier grub_tpm_verifier = {

47
0129-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch
View File

@ -1,47 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 2 Jun 2020 13:25:01 +0200
Subject: [PATCH] http: Prepend prefix when the HTTP path is relative as done
in efi/http
There are two different HTTP drivers that can be used when requesting an
HTTP resource: the efi/http that uses the EFI_HTTP_PROTOCOL and the http
that uses GRUB's HTTP and TCP/IP implementation.
The efi/http driver appends a prefix that is defined in the variable
http_path, but the http driver doesn't.
So using this driver and attempting to fetch a resource using a relative
path fails.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/net/http.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/grub-core/net/http.c b/grub-core/net/http.c
index b52b558d63..7f878b5615 100644
--- a/grub-core/net/http.c
+++ b/grub-core/net/http.c
@@ -501,13 +501,20 @@ http_open (struct grub_file *file, const char *filename)
{
grub_err_t err;
struct http_data *data;
+ const char *http_path;
data = grub_zalloc (sizeof (*data));
if (!data)
return grub_errno;
file->size = GRUB_FILE_SIZE_UNKNOWN;
- data->filename = grub_strdup (filename);
+ /* If path is relative, prepend http_path */
+ http_path = grub_env_get ("http_path");
+ if (http_path && filename[0] != '/')
+ data->filename = grub_xasprintf ("%s/%s", http_path, filename);
+ else
+ data->filename = grub_strdup (filename);
+
if (!data->filename)
{
grub_free (data);

27
0130-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch
View File

@ -1,27 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 16 Jan 2019 13:21:46 -0500
Subject: [PATCH] Fix a missing return in efi-export-env and efi-load-env
commands
Somewhere along the way this got mis-merged to include a return without
a value. Fix it up.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/commands/efi/env.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/grub-core/commands/efi/env.c b/grub-core/commands/efi/env.c
index cbd13e03e8..977edb6b06 100644
--- a/grub-core/commands/efi/env.c
+++ b/grub-core/commands/efi/env.c
@@ -149,6 +149,8 @@ grub_efi_load_env(grub_command_t cmd __attribute__ ((unused)),
grub_envblk_iterate (envblk, NULL, set_var);
grub_free (envblk_s.buf);
+
+ return GRUB_ERR_NONE;
}
static grub_command_t export_cmd, loadenv_cmd;

37
0136-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch
View File

@ -1,37 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 20 Jul 2020 12:24:02 -0400
Subject: [PATCH] Fix const char ** pointers in grub-core/net/bootp.c
This will need to get folded back in the right place on the next rebase,
but it's before "Make grub_strtol() "end" pointers have safer const
qualifiers" currently, so for now I'm leaving it here instead of merging
it back with the original patch.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/bootp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
index 8fb8918ae7..7baf3540c8 100644
--- a/grub-core/net/bootp.c
+++ b/grub-core/net/bootp.c
@@ -329,7 +329,7 @@ grub_net_configure_by_dhcp_ack (const char *name,
struct grub_net_network_level_interface *inter;
int mask = -1;
char server_ip[sizeof ("xxx.xxx.xxx.xxx")];
- const grub_uint8_t *opt;
+ const char *opt;
grub_uint8_t opt_len, overload = 0;
const char *boot_file = 0, *server_name = 0;
grub_size_t boot_file_len, server_name_len;
@@ -505,7 +505,7 @@ grub_net_configure_by_dhcp_ack (const char *name,
if (opt && opt_len)
{
grub_env_set_net_property (name, "vendor_class_identifier", (const char *) opt, opt_len);
- if (opt && grub_strcmp (opt, "HTTPClient") == 0)
+ if (opt && grub_strcmp ((char *)opt, "HTTPClient") == 0)
{
char *proto, *ip, *pa;

38
0137-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch
View File

@ -1,38 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 20 Jul 2020 12:24:02 -0400
Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/ip4_config.c
This will need to get folded back in the right place on the next rebase,
but it's before "Make grub_strtol() "end" pointers have safer const
qualifiers" currently, so for now I'm leaving it here instead of merging
it back with the original patch.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/efi/ip4_config.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c
index 9725e928f7..cb880fc3e8 100644
--- a/grub-core/net/efi/ip4_config.c
+++ b/grub-core/net/efi/ip4_config.c
@@ -61,7 +61,8 @@ int
grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest)
{
grub_uint32_t newip = 0;
- int i, ncolon = 0;
+ grub_size_t i;
+ int ncolon = 0;
const char *ptr = val;
/* Check that is not an IPv6 address */
@@ -78,7 +79,7 @@ grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *addres
for (i = 0; i < 4; i++)
{
unsigned long t;
- t = grub_strtoul (ptr, (char **) &ptr, 0);
+ t = grub_strtoul (ptr, &ptr, 0);
if (grub_errno)
{
grub_errno = GRUB_ERR_NONE;

28
0138-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch
View File

@ -1,28 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 20 Jul 2020 12:24:02 -0400
Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/ip6_config.c
This will need to get folded back in the right place on the next rebase,
but it's before "Make grub_strtol() "end" pointers have safer const
qualifiers" currently, so for now I'm leaving it here instead of merging
it back with the original patch.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/efi/ip6_config.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/net/efi/ip6_config.c b/grub-core/net/efi/ip6_config.c
index a46f6f9b68..1c5415d718 100644
--- a/grub-core/net/efi/ip6_config.c
+++ b/grub-core/net/efi/ip6_config.c
@@ -85,7 +85,7 @@ grub_efi_string_to_ip6_address (const char *val, grub_efi_ipv6_address_t *addres
ptr++;
continue;
}
- t = grub_strtoul (ptr, (char **) &ptr, 16);
+ t = grub_strtoul (ptr, &ptr, 16);
if (grub_errno)
{
grub_errno = GRUB_ERR_NONE;

37
0139-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch
View File

@ -1,37 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 20 Jul 2020 12:24:02 -0400
Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/net.c
This will need to get folded back in the right place on the next rebase,
but it's before "Make grub_strtol() "end" pointers have safer const
qualifiers" currently, so for now I'm leaving it here instead of merging
it back with the original patch.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/efi/net.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c
index a3f0535d43..78e5442fc5 100644
--- a/grub-core/net/efi/net.c
+++ b/grub-core/net/efi/net.c
@@ -729,7 +729,7 @@ grub_efi_net_parse_address (const char *address,
{
grub_uint32_t subnet_mask_size;
- subnet_mask_size = grub_strtoul (rest + 1, (char **) &rest, 0);
+ subnet_mask_size = grub_strtoul (rest + 1, &rest, 0);
if (!grub_errno && subnet_mask_size <= 32 && *rest == 0)
{
@@ -758,7 +758,7 @@ grub_efi_net_parse_address (const char *address,
{
grub_efi_uint8_t prefix_length;
- prefix_length = grub_strtoul (rest + 1, (char **) &rest, 0);
+ prefix_length = grub_strtoul (rest + 1, &rest, 0);
if (!grub_errno && prefix_length <= 128 && *rest == 0)
{
ip6->prefix_length = prefix_length;

46
0140-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch
View File

@ -1,46 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 20 Jul 2020 12:24:02 -0400
Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/pxe.c
This will need to get folded back in the right place on the next rebase,
but it's before "Make grub_strtol() "end" pointers have safer const
qualifiers" currently, so for now I'm leaving it here instead of merging
it back with the original patch.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/efi/pxe.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/grub-core/net/efi/pxe.c b/grub-core/net/efi/pxe.c
index 531949cba5..73e2bb01c1 100644
--- a/grub-core/net/efi/pxe.c
+++ b/grub-core/net/efi/pxe.c
@@ -187,7 +187,7 @@ parse_ip6 (const char *val, grub_uint64_t *ip, const char **rest)
ptr++;
continue;
}
- t = grub_strtoul (ptr, (char **) &ptr, 16);
+ t = grub_strtoul (ptr, &ptr, 16);
if (grub_errno)
{
grub_errno = GRUB_ERR_NONE;
@@ -225,7 +225,7 @@ pxe_open (struct grub_efi_net_device *dev,
int type __attribute__((unused)))
{
int i;
- char *p;
+ const char *p;
grub_efi_status_t status;
grub_efi_pxe_ip_address_t server_ip;
grub_efi_uint64_t file_size = 0;
@@ -313,7 +313,7 @@ pxe_read (struct grub_efi_net_device *dev,
grub_size_t len)
{
int i;
- char *p;
+ const char *p;
grub_efi_status_t status;
grub_efi_pxe_t *pxe = (prefer_ip6) ? dev->ip6_pxe : dev->ip4_pxe;
grub_efi_uint64_t bufsz = len;

190
0141-Add-systemd-integration-scripts-to-make-systemctl-re.patch
View File

@ -1,190 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Wed, 22 Jul 2020 14:03:42 +0200
Subject: [PATCH] Add systemd integration scripts to make "systemctl reboot
--boot-loader-menu=xxx" work with grub
This commit adds a number of scripts / config files to make
"systemctl reboot --boot-loader-menu=xxx" work with grub:
1. /lib/systemd/system/systemd-logind.service.d/10-grub.conf
This sets SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU in the env. for logind,
indicating that the boot-loader which is used supports this feature, see:
https://github.com/systemd/systemd/blob/master/docs/ENVIRONMENT.md
2. /lib/systemd/system/grub-systemd-integration.service
/lib/systemd/system/reboot.target.wants/grub-systemd-integration.service ->
../grub-systemd-integration.service
/usr/libexec/grub/grub-systemd-integration.sh
The symlink in the .wants dir causes the added service file to be started
by systemd just before rebooting the system.
If /run/systemd/reboot-to-boot-loader-menu exist then the service will run
the grub-systemd-integration.sh script.
This script sets the new menu_show_once_timeout grubenv variable to the
requested timeout in seconds.
3. /etc/grub.d/14_menu_show_once
This new grub-mkconfig snippet adds the necessary code to the generated
grub.conf to honor the new menu_show_once_timeout variable, and to
automatically clear it after consuming it.
Note the service and libexec script use grub-systemd-integration as name
because in the future they may be used to add further integration with
systemctl reboot --foo options, e.g. support for --boot-loader-entry=NAME.
A few notes about upstreaming this patch from the rhboot grub2 fork:
1. I have deliberately put the grub.conf bits for this in a new / separate
grub-mkconfig snippet generator for easy upstreaming
2. Even though the commit message mentions the .wants symlink for the .service
I have been unable to come up with a clean way to do this at "make install"
time, this should be fixed before upstreaming.
Downstream notes:
1. Since make install does not add the .wants symlink, this needs to be done
in grub2.spec %install
2. This is keeping support for the "old" Fedora specific menu_show_once env
variable, which has a hardcoded timeout of 60 sec in 12_menu_auto_hide in
place for now. This can be dropped (eventually) in a follow-up patch once
GNOME has been converted to use the systemd dbus API equivalent of
"systemctl reboot --boot-loader-menu=xxx".
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
Makefile.util.def | 27 ++++++++++++++++++++++++
conf/Makefile.common | 6 ++++++
util/grub.d/14_menu_show_once.in | 13 ++++++++++++
util/systemd/10-grub-logind-service.conf.in | 2 ++
util/systemd/grub-systemd-integration.service.in | 8 +++++++
util/systemd/systemd-integration.sh.in | 6 ++++++
6 files changed, 62 insertions(+)
create mode 100755 util/grub.d/14_menu_show_once.in
create mode 100644 util/systemd/10-grub-logind-service.conf.in
create mode 100644 util/systemd/grub-systemd-integration.service.in
create mode 100644 util/systemd/systemd-integration.sh.in
diff --git a/Makefile.util.def b/Makefile.util.def
index b4ce5383b7..6366442129 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -470,6 +470,12 @@ script = {
installdir = grubconf;
};
+script = {
+ name = '14_menu_show_once';
+ common = util/grub.d/14_menu_show_once.in;
+ installdir = grubconf;
+};
+
script = {
name = '01_users';
common = util/grub.d/01_users.in;
@@ -569,6 +575,27 @@ script = {
installdir = grubconf;
};
+script = {
+ name = 'grub-systemd-integration.service';
+ common = util/systemd/grub-systemd-integration.service.in;
+ installdir = systemdunit;
+ condition = COND_HOST_LINUX;
+};
+
+script = {
+ name = 'systemd-integration.sh';
+ common = util/systemd/systemd-integration.sh.in;
+ installdir = grublibexec;
+ condition = COND_HOST_LINUX;
+};
+
+script = {
+ name = '10-grub-logind-service.conf';
+ common = util/systemd/10-grub-logind-service.conf.in;
+ installdir = systemd_logind_service_d;
+ condition = COND_HOST_LINUX;
+};
+
program = {
mansection = 1;
name = grub-mkrescue;
diff --git a/conf/Makefile.common b/conf/Makefile.common
index 0647c53b91..9fe5863b2d 100644
--- a/conf/Makefile.common
+++ b/conf/Makefile.common
@@ -63,8 +63,11 @@ CCASFLAGS_LIBRARY = $(UTILS_CCASFLAGS)
# Other variables
grubconfdir = $(sysconfdir)/grub.d
+grublibexecdir = $(libexecdir)/$(grubdirname)
platformdir = $(pkglibdir)/$(target_cpu)-$(platform)
starfielddir = $(pkgdatadir)/themes/starfield
+systemdunitdir = ${prefix}/lib/systemd/system
+systemd_logind_service_ddir = $(systemdunitdir)/systemd-logind.service.d
CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Werror=trampolines -fno-trampolines
CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib
@@ -121,6 +124,9 @@ noinst_LIBRARIES =
dist_noinst_DATA =
platform_SCRIPTS =
platform_PROGRAMS =
+grublibexec_SCRIPTS =
+systemdunit_SCRIPTS =
+systemd_logind_service_d_SCRIPTS =
TESTS =
EXTRA_DIST =
diff --git a/util/grub.d/14_menu_show_once.in b/util/grub.d/14_menu_show_once.in
new file mode 100755
index 0000000000..1cd7f36142
--- /dev/null
+++ b/util/grub.d/14_menu_show_once.in
@@ -0,0 +1,13 @@
+#! /bin/sh
+# Force the menu to be shown once, with a timeout of ${menu_show_once_timeout}
+# if requested by ${menu_show_once_timeout} being set in the env.
+cat << EOF
+if [ x\$feature_timeout_style = xy ]; then
+ if [ "\${menu_show_once_timeout}" ]; then
+ set timeout_style=menu
+ set timeout="\${menu_show_once_timeout}"
+ unset menu_show_once_timeout
+ save_env menu_show_once_timeout
+ fi
+fi
+EOF
diff --git a/util/systemd/10-grub-logind-service.conf.in b/util/systemd/10-grub-logind-service.conf.in
new file mode 100644
index 0000000000..f2d4ac0073
--- /dev/null
+++ b/util/systemd/10-grub-logind-service.conf.in
@@ -0,0 +1,2 @@
+[Service]
+Environment=SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU=true
diff --git a/util/systemd/grub-systemd-integration.service.in b/util/systemd/grub-systemd-integration.service.in
new file mode 100644
index 0000000000..c81fb594ce
--- /dev/null
+++ b/util/systemd/grub-systemd-integration.service.in
@@ -0,0 +1,8 @@
+[Unit]
+Description=Grub2 systemctl reboot --boot-loader-menu=... support
+Before=umount.target systemd-reboot.service
+DefaultDependencies=no
+ConditionPathExists=/run/systemd/reboot-to-boot-loader-menu
+
+[Service]
+ExecStart=@libexecdir@/@grubdirname@/systemd-integration.sh
diff --git a/util/systemd/systemd-integration.sh.in b/util/systemd/systemd-integration.sh.in
new file mode 100644
index 0000000000..dc1218597b
--- /dev/null
+++ b/util/systemd/systemd-integration.sh.in
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+TIMEOUT_USEC=$(cat /run/systemd/reboot-to-boot-loader-menu)
+TIMEOUT=$(((TIMEOUT_USEC + 500000) / 1000000))
+
+@grub_editenv@ - set menu_show_once_timeout=$TIMEOUT

32
0142-systemd-integration.sh-Also-set-old-menu_show_once-g.patch
View File

@ -1,32 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Thu, 23 Jul 2020 09:27:36 +0200
Subject: [PATCH] systemd-integration.sh: Also set old menu_show_once grubenv
var
Downstream RH / Fedora patch for compatibility with old, not (yet)
regenerated grub.cfg files which miss the menu_show_once_timeout check.
This older grubenv variable leads to a fixed timeout of 60 seconds.
Note that the new menu_show_once_timeout will overrule these 60 seconds
if both are set and the grub.cfg does have the menu_show_once_timeout
check.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
util/systemd/systemd-integration.sh.in | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/util/systemd/systemd-integration.sh.in b/util/systemd/systemd-integration.sh.in
index dc1218597b..a4c071c5b0 100644
--- a/util/systemd/systemd-integration.sh.in
+++ b/util/systemd/systemd-integration.sh.in
@@ -4,3 +4,8 @@ TIMEOUT_USEC=$(cat /run/systemd/reboot-to-boot-loader-menu)
TIMEOUT=$(((TIMEOUT_USEC + 500000) / 1000000))
@grub_editenv@ - set menu_show_once_timeout=$TIMEOUT
+
+# Downstream RH / Fedora patch for compatibility with old, not (yet)
+# regenerated grub.cfg files which miss the menu_show_once_timeout check
+# this older grubenv variable leads to a fixed timeout of 60 seconds
+@grub_editenv@ - set menu_show_once=1

34
0149-kern-file-Fix-error-handling-in-grub_file_open.patch
View File

@ -1,34 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Steve McIntyre <steve@einval.com>
Date: Tue, 6 Dec 2022 01:45:11 +0000
Subject: [PATCH] kern/file: Fix error handling in grub_file_open()
grub_file_open() calls grub_file_get_device_name(), but doesn't check
the return. Instead, it checks if grub_errno is set.
However, nothing initialises grub_errno here when grub_file_open()
starts. This means that trying to open one file that doesn't exist and
then trying to open another file that does will (incorrectly) also
fail to open that second file.
Let's fix that.
Signed-off-by: Steve McIntyre <steve@einval.com>
---
grub-core/kern/file.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c
index 58454458c4..5b58f45cfd 100644
--- a/grub-core/kern/file.c
+++ b/grub-core/kern/file.c
@@ -66,6 +66,9 @@ grub_file_open (const char *name, enum grub_file_type type)
const char *file_name;
grub_file_filter_id_t filter;
+ /* Reset grub_errno before we start */
+ grub_errno = GRUB_ERR_NONE;
+
device_name = grub_file_get_device_name (name);
if (grub_errno)
goto fail;

109
0173-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch
View File

@ -1,109 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Mon, 28 Sep 2020 11:11:17 +1000
Subject: [PATCH] ieee1275: enter lockdown based on /ibm,secure-boot
If the 'ibm,secure-boot' property of the root node is 2 or greater,
enter lockdown.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/Makefile.core.def | 1 +
grub-core/kern/ieee1275/init.c | 27 +++++++++++++++++++++++++++
include/grub/lockdown.h | 3 ++-
docs/grub.texi | 4 ++--
4 files changed, 32 insertions(+), 3 deletions(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 9ea5fb38f1..4a57de975e 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -323,6 +323,7 @@ kernel = {
powerpc_ieee1275 = kern/powerpc/cache.S;
powerpc_ieee1275 = kern/powerpc/dl.c;
powerpc_ieee1275 = kern/powerpc/compiler-rt.S;
+ powerpc_ieee1275 = kern/lockdown.c;
sparc64_ieee1275 = kern/sparc64/cache.S;
sparc64_ieee1275 = kern/sparc64/dl.c;
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index 937c1bc44c..fc7d971272 100644
--- a/grub-core/kern/ieee1275/init.c
+++ b/grub-core/kern/ieee1275/init.c
@@ -44,6 +44,7 @@
#ifdef __sparc__
#include <grub/machine/kernel.h>
#endif
+#include <grub/lockdown.h>
/* The minimal heap size we can live with. */
#define HEAP_MIN_SIZE (unsigned long) (2 * 1024 * 1024)
@@ -271,6 +272,30 @@ grub_parse_cmdline (void)
}
}
+static void
+grub_get_ieee1275_secure_boot (void)
+{
+ grub_ieee1275_phandle_t root;
+ int rc;
+ grub_uint32_t is_sb;
+
+ grub_ieee1275_finddevice ("/", &root);
+
+ rc = grub_ieee1275_get_integer_property (root, "ibm,secure-boot", &is_sb,
+ sizeof (is_sb), 0);
+
+ /* ibm,secure-boot:
+ * 0 - disabled
+ * 1 - audit
+ * 2 - enforce
+ * 3 - enforce + OS-specific behaviour
+ *
+ * We only support enforce.
+ */
+ if (rc >= 0 && is_sb >= 2)
+ grub_lockdown ();
+}
+
grub_addr_t grub_modbase;
void
@@ -296,6 +321,8 @@ grub_machine_init (void)
#else
grub_install_get_time_ms (grub_rtc_get_time_ms);
#endif
+
+ grub_get_ieee1275_secure_boot ();
}
void
diff --git a/include/grub/lockdown.h b/include/grub/lockdown.h
index 40531fa823..ebfee4bf06 100644
--- a/include/grub/lockdown.h
+++ b/include/grub/lockdown.h
@@ -24,7 +24,8 @@
#define GRUB_LOCKDOWN_DISABLED 0
#define GRUB_LOCKDOWN_ENABLED 1
-#ifdef GRUB_MACHINE_EFI
+#if defined(GRUB_MACHINE_EFI) || \
+ (defined(__powerpc__) && defined(GRUB_MACHINE_IEEE1275))
extern void
EXPORT_FUNC (grub_lockdown) (void);
extern int
diff --git a/docs/grub.texi b/docs/grub.texi
index 4816be8561..a4da9c2a1b 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -6227,8 +6227,8 @@ Measured boot is currently only supported on EFI platforms.
@section Lockdown when booting on a secure setup
The GRUB can be locked down when booted on a secure boot environment, for example
-if the UEFI secure boot is enabled. On a locked down configuration, the GRUB will
-be restricted and some operations/commands cannot be executed.
+if UEFI or Power secure boot is enabled. On a locked down configuration, the
+GRUB will be restricted and some operations/commands cannot be executed.
The @samp{lockdown} variable is set to @samp{y} when the GRUB is locked down.
Otherwise it does not exit.

138
0177-Allow-chainloading-EFI-apps-from-loop-mounts.patch
View File

@ -1,138 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Fri, 11 Jun 2021 13:51:20 +0200
Subject: [PATCH] Allow chainloading EFI apps from loop mounts.
Signed-off-by: Dimitri John Ledkov <Dimitri.ledkov@canonical.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/disk/loopback.c | 9 +--------
grub-core/loader/efi/chainloader.c | 23 +++++++++++++++++++++++
include/grub/loopback.h | 30 ++++++++++++++++++++++++++++++
3 files changed, 54 insertions(+), 8 deletions(-)
create mode 100644 include/grub/loopback.h
diff --git a/grub-core/disk/loopback.c b/grub-core/disk/loopback.c
index 41bebd14fe..99f47924ec 100644
--- a/grub-core/disk/loopback.c
+++ b/grub-core/disk/loopback.c
@@ -21,20 +21,13 @@
#include <grub/misc.h>
#include <grub/file.h>
#include <grub/disk.h>
+#include <grub/loopback.h>
#include <grub/mm.h>
#include <grub/extcmd.h>
#include <grub/i18n.h>
GRUB_MOD_LICENSE ("GPLv3+");
-struct grub_loopback
-{
- char *devname;
- grub_file_t file;
- struct grub_loopback *next;
- unsigned long id;
-};
-
static struct grub_loopback *loopback_list;
static unsigned long last_id = 0;
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index d41e8ea14a..3af6b12292 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -24,6 +24,7 @@
#include <grub/err.h>
#include <grub/device.h>
#include <grub/disk.h>
+#include <grub/loopback.h>
#include <grub/misc.h>
#include <grub/charset.h>
#include <grub/mm.h>
@@ -901,6 +902,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
grub_efi_status_t status;
grub_efi_boot_services_t *b;
grub_device_t dev = 0;
+ grub_device_t orig_dev = 0;
grub_efi_device_path_t *dp = 0;
char *filename;
void *boot_image = 0;
@@ -958,6 +960,15 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
if (! dev)
goto fail;
+ /* if device is loopback, use underlying dev */
+ if (dev->disk->dev->id == GRUB_DISK_DEVICE_LOOPBACK_ID)
+ {
+ struct grub_loopback *d;
+ orig_dev = dev;
+ d = dev->disk->data;
+ dev = d->file->device;
+ }
+
if (dev->disk)
dev_handle = grub_efidisk_get_device_handle (dev->disk);
else if (dev->net && dev->net->server)
@@ -1065,6 +1076,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
}
#endif
+ if (orig_dev)
+ {
+ dev = orig_dev;
+ orig_dev = 0;
+ }
+
rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize);
grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc);
if (rc > 0)
@@ -1087,6 +1104,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
// -1 fall-through to fail
fail:
+ if (orig_dev)
+ {
+ dev = orig_dev;
+ orig_dev = 0;
+ }
+
if (dev)
grub_device_close (dev);
diff --git a/include/grub/loopback.h b/include/grub/loopback.h
new file mode 100644
index 0000000000..3b9a9e32e8
--- /dev/null
+++ b/include/grub/loopback.h
@@ -0,0 +1,30 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2019 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef GRUB_LOOPBACK_HEADER
+#define GRUB_LOOPBACK_HEADER 1
+
+struct grub_loopback
+{
+ char *devname;
+ grub_file_t file;
+ struct grub_loopback *next;
+ unsigned long id;
+};
+
+#endif /* ! GRUB_LOOPBACK_HEADER */

54
0179-fs-ext2-Ignore-checksum-seed-incompat-feature.patch
View File

@ -1,54 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Fri, 11 Jun 2021 00:01:29 +0200
Subject: [PATCH] fs/ext2: Ignore checksum seed incompat feature
This incompat feature is used to denote that the filesystem stored its
metadata checksum seed in the superblock. This is used to allow tune2fs
to change the UUID on a mounted metadata_csum filesystem without having
to rewrite all the disk metadata.
But GRUB doesn't use the metadata checksum in anyway, so can just ignore
this feature if is enabled. This is consistent with GRUB filesystem code
in general which just does a best effort to access the filesystem's data.
It may be removed from the ignored list in the future if supports to do
metadata checksumming verification is added to the read-only FS driver.
Suggested-by: Eric Sandeen <esandeen@redhat.com>
Suggested-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/fs/ext2.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/grub-core/fs/ext2.c b/grub-core/fs/ext2.c
index e7dd78e663..731d346f88 100644
--- a/grub-core/fs/ext2.c
+++ b/grub-core/fs/ext2.c
@@ -103,6 +103,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
#define EXT4_FEATURE_INCOMPAT_64BIT 0x0080
#define EXT4_FEATURE_INCOMPAT_MMP 0x0100
#define EXT4_FEATURE_INCOMPAT_FLEX_BG 0x0200
+#define EXT4_FEATURE_INCOMPAT_CSUM_SEED 0x2000
#define EXT4_FEATURE_INCOMPAT_ENCRYPT 0x10000
/* The set of back-incompatible features this driver DOES support. Add (OR)
@@ -123,9 +124,16 @@ GRUB_MOD_LICENSE ("GPLv3+");
* mmp: Not really back-incompatible - was added as such to
* avoid multiple read-write mounts. Safe to ignore for this
* RO driver.
+ * checksum seed: Not really back-incompatible - was added to allow tools
+ * such as tune2fs to change the UUID on a mounted metadata
+ * checksummed filesystem. Safe to ignore for now since the
+ * driver doesn't support checksum verification. But it must
+ * be removed from this list if that support is added later.
+ *
*/
#define EXT2_DRIVER_IGNORED_INCOMPAT ( EXT3_FEATURE_INCOMPAT_RECOVER \
- | EXT4_FEATURE_INCOMPAT_MMP)
+ | EXT4_FEATURE_INCOMPAT_MMP \
+ | EXT4_FEATURE_INCOMPAT_CSUM_SEED)
#define EXT3_JOURNAL_MAGIC_NUMBER 0xc03b3998U

36
0180-Don-t-update-the-cmdline-when-generating-legacy-menu.patch
View File

@ -1,36 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Thu, 17 Jun 2021 14:31:42 +0200
Subject: [PATCH] Don't update the cmdline when generating legacy menuentry
commands
On OPAL ppc64le machines with an old petitboot version that doesn't have
support to parse BLS snippets, the grub2-mkconfig script is executed to
generate menuentry commands from the BLS snippets.
In this case, the script is executed with the --no-grubenv-update option
that indicates that no side effects should happen when running the script.
But the options field in the BLS snippets are updated regardless, only do
the update if --no-grubenv-update was not used.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
util/grub.d/10_linux.in | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index e490e1a43a..865af3d6c4 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -256,7 +256,9 @@ if [ -z "\${kernelopts}" ]; then
fi
EOF
- update_bls_cmdline
+ if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then
+ update_bls_cmdline
+ fi
if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then
populate_menu

33
0181-Suppress-gettext-error-message.patch
View File

@ -1,33 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 29 Jun 2021 13:17:42 +0200
Subject: [PATCH] Suppress gettext error message
Colin Watson's patch from comment #11 on the upstream bug:
https://savannah.gnu.org/bugs/?35880#comment11
Resolves: rhbz#1592124
Signed-off-by: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
---
grub-core/gettext/gettext.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index 4d02e62c10..7ec81ca0b4 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -424,6 +424,13 @@ grub_gettext_init_ext (struct grub_gettext_context *ctx,
grub_free (lang);
}
+ /* If no translations are available, fall back to untranslated text. */
+ if (err == GRUB_ERR_FILE_NOT_FOUND)
+ {
+ grub_errno = GRUB_ERR_NONE;
+ return 0;
+ }
+
if (locale[0] == 'e' && locale[1] == 'n'
&& (locale[2] == '\0' || locale[2] == '_'))
grub_errno = err = GRUB_ERR_NONE;

42
0182-grub-set-password-Always-use-boot-grub2-user.cfg-as-.patch
View File

@ -1,42 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Mon, 5 Jul 2021 18:24:22 +0200
Subject: [PATCH] grub-set-password: Always use /boot/grub2/user.cfg as
password default
The GRUB configuration file is always placed in /boot/grub2/ now, even for
EFI. But the tool is still creating the user.cfg in the ESP and not there.
Resolves: rhbz#1955294
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
util/grub-set-password.in | 9 +--------
1 file changed, 1 insertion(+), 8 deletions(-)
diff --git a/util/grub-set-password.in b/util/grub-set-password.in
index c0b5ebbfdc..d8005e5a14 100644
--- a/util/grub-set-password.in
+++ b/util/grub-set-password.in
@@ -1,11 +1,6 @@
#!/bin/sh -e
-EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/' -e 's/\"//g')
-if [ -d /sys/firmware/efi/efivars/ ]; then
- grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'`
-else
- grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'`
-fi
+grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'`
PACKAGE_VERSION="@PACKAGE_VERSION@"
PACKAGE_NAME="@PACKAGE_NAME@"
@@ -116,8 +111,6 @@ if [ -z "${MYPASS}" ]; then
exit 1
fi
-# on the ESP, these will fail to set the permissions, but it's okay because
-# the directory is protected.
install -m 0600 /dev/null "${OUTPUT_PATH}/user.cfg" 2>/dev/null || :
chmod 0600 "${OUTPUT_PATH}/user.cfg" 2>/dev/null || :
echo "GRUB2_PASSWORD=${MYPASS}" > "${OUTPUT_PATH}/user.cfg"

63
0183-templates-Check-for-EFI-at-runtime-instead-of-config.patch
View File

@ -1,63 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 6 Jul 2021 00:38:40 +0200
Subject: [PATCH] templates: Check for EFI at runtime instead of config
generation time
The 30_uefi-firmware template checks if an OsIndicationsSupported UEFI var
exists and EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, to decide whether
a "fwsetup" menu entry would be added or not to the GRUB menu.
But this has the problem that it will only work if the configuration file
was created on an UEFI machine that supports booting to a firmware UI.
This for example doesn't support creating GRUB config files when executing
on systems that support both UEFI and legacy BIOS booting. Since creating
the config file from legacy BIOS wouldn't allow to access the firmware UI.
To prevent this, make the template to unconditionally create the grub.cfg
snippet but check at runtime if was booted through UEFI to decide if this
entry should be added. That way it won't be added when booting with BIOS.
There's no need to check if EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set,
since that's already done by the "fwsetup" command when is executed.
Resolves: rhbz#1823864
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
util/grub.d/30_uefi-firmware.in | 21 ++++++++-------------
1 file changed, 8 insertions(+), 13 deletions(-)
diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in
index d344d3883d..b6041b55e2 100644
--- a/util/grub.d/30_uefi-firmware.in
+++ b/util/grub.d/30_uefi-firmware.in
@@ -26,19 +26,14 @@ export TEXTDOMAINDIR="@localedir@"
. "$pkgdatadir/grub-mkconfig_lib"
-EFI_VARS_DIR=/sys/firmware/efi/efivars
-EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c
-OS_INDICATIONS="$EFI_VARS_DIR/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE"
+LABEL="UEFI Firmware Settings"
-if [ -e "$OS_INDICATIONS" ] && \
- [ "$(( $(printf 0x%x \'"$(cat $OS_INDICATIONS | cut -b5)"\') & 1 ))" = 1 ]; then
- LABEL="UEFI Firmware Settings"
+gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2
- gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2
-
- cat << EOF
-menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
- fwsetup
-}
-EOF
+cat << EOF
+if [ "\$grub_platform" = "efi" ]; then
+ menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+ fwsetup
+ }
fi
+EOF

92
0184-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch
View File

@ -1,92 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 6 Jul 2021 01:10:18 +0200
Subject: [PATCH] efi: Print an error if boot to firmware setup is not
supported
The "fwsetup" command is only registered if the firmware supports booting
to the firmware setup UI. But it could be possible that the GRUB config
already contains a "fwsetup" entry, because it was generated in a machine
that has support for this feature.
To prevent users getting a "can't find command `fwsetup`" error if it is
not supported by the firmware, let's just always register the command but
print a more accurate message if the firmware doesn't support this option.
Resolves: rhbz#1823864
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/commands/efi/efifwsetup.c | 43 ++++++++++++++++++++-----------------
1 file changed, 23 insertions(+), 20 deletions(-)
diff --git a/grub-core/commands/efi/efifwsetup.c b/grub-core/commands/efi/efifwsetup.c
index eaca032838..328c45e82e 100644
--- a/grub-core/commands/efi/efifwsetup.c
+++ b/grub-core/commands/efi/efifwsetup.c
@@ -27,6 +27,25 @@
GRUB_MOD_LICENSE ("GPLv3+");
+static grub_efi_boolean_t
+efifwsetup_is_supported (void)
+{
+ grub_efi_uint64_t *os_indications_supported = NULL;
+ grub_size_t oi_size = 0;
+ grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
+
+ grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size,
+ (void **) &os_indications_supported);
+
+ if (!os_indications_supported)
+ return 0;
+
+ if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI)
+ return 1;
+
+ return 0;
+}
+
static grub_err_t
grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
int argc __attribute__ ((unused)),
@@ -38,6 +57,10 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
grub_size_t oi_size;
grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
+ if (!efifwsetup_is_supported ())
+ return grub_error (GRUB_ERR_INVALID_COMMAND,
+ N_("Reboot to firmware setup is not supported"));
+
grub_efi_get_variable ("OsIndications", &global, &oi_size,
(void **) &old_os_indications);
@@ -56,28 +79,8 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)),
static grub_command_t cmd = NULL;
-static grub_efi_boolean_t
-efifwsetup_is_supported (void)
-{
- grub_efi_uint64_t *os_indications_supported = NULL;
- grub_size_t oi_size = 0;
- grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID;
-
- grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size,
- (void **) &os_indications_supported);
-
- if (!os_indications_supported)
- return 0;
-
- if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI)
- return 1;
-
- return 0;
-}
-
GRUB_MOD_INIT (efifwsetup)
{
- if (efifwsetup_is_supported ())
cmd = grub_register_command ("fwsetup", grub_cmd_fwsetup, NULL,
N_("Reboot into firmware setup menu."));

218
0185-arm64-Fix-EFI-loader-kernel-image-allocation.patch
View File

@ -1,218 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date: Mon, 2 Aug 2021 23:10:01 +1000
Subject: [PATCH] arm64: Fix EFI loader kernel image allocation
We are currently allocating just enough memory for the file size,
which means that the kernel BSS is in limbo (and not even zeroed).
We are also not honoring the alignment specified in the image
PE header.
This makes us use the PE optional header in which the kernel puts the
actual size it needs, including BSS, and make sure we clear it, and
honors the specified alignment for the image.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[pjones: arm: check for the PE magic for the compiled arch]
Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/loader/arm64/linux.c | 100 +++++++++++++++++++++++++++--------------
include/grub/arm/linux.h | 1 +
include/grub/arm64/linux.h | 1 +
3 files changed, 68 insertions(+), 34 deletions(-)
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index 47f8cf0d84..f18d90bd74 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -41,6 +41,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
static grub_dl_t my_mod;
static int loaded;
+static void *kernel_alloc_addr;
+static grub_uint32_t kernel_alloc_pages;
static void *kernel_addr;
static grub_uint64_t kernel_size;
static grub_uint32_t handover_offset;
@@ -204,9 +206,8 @@ grub_linux_unload (void)
GRUB_EFI_BYTES_TO_PAGES (initrd_end - initrd_start));
initrd_start = initrd_end = 0;
grub_free (linux_args);
- if (kernel_addr)
- grub_efi_free_pages ((grub_addr_t) kernel_addr,
- GRUB_EFI_BYTES_TO_PAGES (kernel_size));
+ if (kernel_alloc_addr)
+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages);
grub_fdt_unload ();
return GRUB_ERR_NONE;
}
@@ -311,14 +312,35 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
return grub_errno;
}
+static grub_err_t
+parse_pe_header (void *kernel, grub_uint64_t *total_size,
+ grub_uint32_t *entry_offset,
+ grub_uint32_t *alignment)
+{
+ struct linux_arch_kernel_header *lh = kernel;
+ struct grub_armxx_linux_pe_header *pe;
+
+ pe = (void *)((unsigned long)kernel + lh->hdr_offset);
+
+ if (pe->opt.magic != GRUB_PE32_PEXX_MAGIC)
+ return grub_error(GRUB_ERR_BAD_OS, "Invalid PE optional header magic");
+
+ *total_size = pe->opt.image_size;
+ *entry_offset = pe->opt.entry_addr;
+ *alignment = pe->opt.section_alignment;
+
+ return GRUB_ERR_NONE;
+}
+
static grub_err_t
grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
int argc, char *argv[])
{
grub_file_t file = 0;
- struct linux_arch_kernel_header lh;
- struct grub_armxx_linux_pe_header *pe;
grub_err_t err;
+ grub_off_t filelen;
+ grub_uint32_t align;
+ void *kernel = NULL;
int rc;
grub_dl_ref (my_mod);
@@ -333,40 +355,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
if (!file)
goto fail;
- kernel_size = grub_file_size (file);
-
- if (grub_file_read (file, &lh, sizeof (lh)) < (long) sizeof (lh))
- return grub_errno;
-
- if (grub_arch_efi_linux_check_image (&lh) != GRUB_ERR_NONE)
- goto fail;
-
- grub_loader_unset();
-
- grub_dprintf ("linux", "kernel file size: %lld\n", (long long) kernel_size);
- kernel_addr = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (kernel_size));
- grub_dprintf ("linux", "kernel numpages: %lld\n",
- (long long) GRUB_EFI_BYTES_TO_PAGES (kernel_size));
- if (!kernel_addr)
+ filelen = grub_file_size (file);
+ kernel = grub_malloc(filelen);
+ if (!kernel)
{
- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel load buffer"));
goto fail;
}
- grub_file_seek (file, 0);
- if (grub_file_read (file, kernel_addr, kernel_size)
- < (grub_int64_t) kernel_size)
+ if (grub_file_read (file, kernel, filelen) < (grub_ssize_t)filelen)
{
- if (!grub_errno)
- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), argv[0]);
+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"),
+ argv[0]);
goto fail;
}
- grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
-
if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED)
{
- rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size);
+ rc = grub_linuxefi_secure_validate (kernel, filelen);
if (rc <= 0)
{
grub_error (GRUB_ERR_INVALID_COMMAND,
@@ -375,8 +381,32 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
}
}
- pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset);
- handover_offset = pe->opt.entry_addr;
+ if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE)
+ goto fail;
+ if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE)
+ goto fail;
+ grub_dprintf ("linux", "kernel mem size : %lld\n", (long long) kernel_size);
+ grub_dprintf ("linux", "kernel entry offset : %d\n", handover_offset);
+ grub_dprintf ("linux", "kernel alignment : 0x%x\n", align);
+
+ grub_loader_unset();
+
+ kernel_alloc_pages = GRUB_EFI_BYTES_TO_PAGES (kernel_size + align - 1);
+ kernel_alloc_addr = grub_efi_allocate_any_pages (kernel_alloc_pages);
+ grub_dprintf ("linux", "kernel numpages: %d\n", kernel_alloc_pages);
+ if (!kernel_alloc_addr)
+ {
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+ goto fail;
+ }
+ kernel_addr = (void *)ALIGN_UP((grub_uint64_t)kernel_alloc_addr, align);
+
+ grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
+ grub_memcpy (kernel_addr, kernel, grub_min(filelen, kernel_size));
+ if (kernel_size > filelen)
+ grub_memset ((char *)kernel_addr + filelen, 0, kernel_size - filelen);
+ grub_free(kernel);
+ kernel = NULL;
cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE);
linux_args = grub_malloc (cmdline_size);
@@ -400,6 +430,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
}
fail:
+ if (kernel)
+ grub_free (kernel);
+
if (file)
grub_file_close (file);
@@ -412,9 +445,8 @@ fail:
if (linux_args && !loaded)
grub_free (linux_args);
- if (kernel_addr && !loaded)
- grub_efi_free_pages ((grub_addr_t) kernel_addr,
- GRUB_EFI_BYTES_TO_PAGES (kernel_size));
+ if (kernel_alloc_addr && !loaded)
+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages);
return grub_errno;
}
diff --git a/include/grub/arm/linux.h b/include/grub/arm/linux.h
index b582f67f66..966a5074f5 100644
--- a/include/grub/arm/linux.h
+++ b/include/grub/arm/linux.h
@@ -44,6 +44,7 @@ struct grub_arm_linux_pe_header
#if defined(__arm__)
# define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM_MAGIC_SIGNATURE
+# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE32_MAGIC
# define linux_arch_kernel_header linux_arm_kernel_header
# define grub_armxx_linux_pe_header grub_arm_linux_pe_header
#endif
diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h
index ea030312df..422bf2bf24 100644
--- a/include/grub/arm64/linux.h
+++ b/include/grub/arm64/linux.h
@@ -48,6 +48,7 @@ struct grub_arm64_linux_pe_header
#if defined(__aarch64__)
# define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM64_MAGIC_SIGNATURE
+# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE64_MAGIC
# define linux_arch_kernel_header linux_arm64_kernel_header
# define grub_armxx_linux_pe_header grub_arm64_linux_pe_header
#endif

118
0188-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch
View File

@ -1,118 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Erwan Velu <erwanaliasr1@gmail.com>
Date: Wed, 25 Aug 2021 15:31:52 +0200
Subject: [PATCH] fs/xfs: Fix unreadable filesystem with v4 superblock
The commit 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
introduced the bigtime support by adding some features in v3 inodes.
This change extended grub_xfs_inode struct by 76 bytes but also changed
the computation of XFS_V2_INODE_SIZE and XFS_V3_INODE_SIZE. Prior this
commit, XFS_V2_INODE_SIZE was 100 bytes. After the commit it's 84 bytes
XFS_V2_INODE_SIZE becomes 16 bytes too small.
As a result, the data structures aren't properly aligned and the GRUB
generates "attempt to read or write outside of partition" errors when
trying to read the XFS filesystem:
GNU GRUB version 2.11
....
grub> set debug=efi,gpt,xfs
grub> insmod part_gpt
grub> ls (hd0,gpt1)/
partmap/gpt.c:93: Read a valid GPT header
partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
fs/xfs.c:931: Reading sb
fs/xfs.c:270: Validating superblock
fs/xfs.c:295: XFS v4 superblock detected
fs/xfs.c:962: Reading root ino 128
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:515: Reading inode (739521961424144223) - 344365866970255880, 3840
error: attempt to read or write outside of partition.
This commit change the XFS_V2_INODE_SIZE computation by subtracting 76
bytes instead of 92 bytes from the actual size of grub_xfs_inode struct.
This 76 bytes value comes from added members:
20 grub_uint8_t unused5
1 grub_uint64_t flags2
48 grub_uint8_t unused6
This patch explicitly splits the v2 and v3 parts of the structure.
The unused4 is still ending of the v2 structures and the v3 starts
at unused5. Thanks to this we will avoid future corruptions of v2
or v3 inodes.
The XFS_V2_INODE_SIZE is returning to its expected size and the
filesystem is back to a readable state:
GNU GRUB version 2.11
....
grub> set debug=efi,gpt,xfs
grub> insmod part_gpt
grub> ls (hd0,gpt1)/
partmap/gpt.c:93: Read a valid GPT header
partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
fs/xfs.c:931: Reading sb
fs/xfs.c:270: Validating superblock
fs/xfs.c:295: XFS v4 superblock detected
fs/xfs.c:962: Reading root ino 128
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:931: Reading sb
fs/xfs.c:270: Validating superblock
fs/xfs.c:295: XFS v4 superblock detected
fs/xfs.c:962: Reading root ino 128
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:515: Reading inode (128) - 64, 0
fs/xfs.c:515: Reading inode (131) - 64, 768
efi/ fs/xfs.c:515: Reading inode (3145856) - 1464904, 0
grub2/ fs/xfs.c:515: Reading inode (132) - 64, 1024
grub/ fs/xfs.c:515: Reading inode (139) - 64, 2816
grub>
Fixes: 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
Signed-off-by: Erwan Velu <e.velu@criteo.com>
Tested-by: Carlos Maiolino <cmaiolino@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit a4b495520e4dc41a896a8b916a64eda9970c50ea)
---
grub-core/fs/xfs.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
index 0f524c3a8a..e3816d1ec4 100644
--- a/grub-core/fs/xfs.c
+++ b/grub-core/fs/xfs.c
@@ -192,6 +192,11 @@ struct grub_xfs_time_legacy
grub_uint32_t nanosec;
} GRUB_PACKED;
+/*
+ * The struct grub_xfs_inode layout was taken from the
+ * struct xfs_dinode_core which is described here:
+ * https://mirrors.edge.kernel.org/pub/linux/utils/fs/xfs/docs/xfs_filesystem_structure.pdf
+ */
struct grub_xfs_inode
{
grub_uint8_t magic[2];
@@ -208,14 +213,15 @@ struct grub_xfs_inode
grub_uint32_t nextents;
grub_uint16_t unused3;
grub_uint8_t fork_offset;
- grub_uint8_t unused4[37];
+ grub_uint8_t unused4[17]; /* Last member of inode v2. */
+ grub_uint8_t unused5[20]; /* First member of inode v3. */
grub_uint64_t flags2;
- grub_uint8_t unused5[48];
+ grub_uint8_t unused6[48]; /* Last member of inode v3. */
} GRUB_PACKED;
#define XFS_V3_INODE_SIZE sizeof(struct grub_xfs_inode)
-/* Size of struct grub_xfs_inode until fork_offset (included). */
-#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 92)
+/* Size of struct grub_xfs_inode v2, up to unused4 member included. */
+#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 76)
struct grub_xfs_dirblock_tail
{

48
0189-Print-module-name-on-license-check-failure.patch
View File

@ -1,48 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 12 Oct 2021 12:34:23 -0400
Subject: [PATCH] Print module name on license check failure
At the very least, this will make it easier to track down the problem
module - or, if something else has gone wrong, provide more information
for debugging.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/kern/dl.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
index 9557254035..f304494574 100644
--- a/grub-core/kern/dl.c
+++ b/grub-core/kern/dl.c
@@ -528,14 +528,16 @@ grub_dl_find_section_index (Elf_Ehdr *e, const char *name)
Be sure to understand your license obligations.
*/
static grub_err_t
-grub_dl_check_license (Elf_Ehdr *e)
+grub_dl_check_license (grub_dl_t mod, Elf_Ehdr *e)
{
Elf_Shdr *s = grub_dl_find_section (e, ".module_license");
if (s && (grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3") == 0
|| grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3+") == 0
|| grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv2+") == 0))
return GRUB_ERR_NONE;
- return grub_error (GRUB_ERR_BAD_MODULE, "incompatible license");
+ return grub_error (GRUB_ERR_BAD_MODULE,
+ "incompatible license in module %s: %s", mod->name,
+ (char *) e + s->sh_offset);
}
static grub_err_t
@@ -743,8 +745,8 @@ grub_dl_load_core_noinit (void *addr, grub_size_t size)
constitutes linking) and GRUB core being licensed under GPLv3+.
Be sure to understand your license obligations.
*/
- if (grub_dl_check_license (e)
- || grub_dl_resolve_name (mod, e)
+ if (grub_dl_resolve_name (mod, e)
+ || grub_dl_check_license (mod, e)
|| grub_dl_resolve_dependencies (mod, e)
|| grub_dl_load_segments (mod, e)
|| grub_dl_resolve_symbols (mod, e)

106
0190-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch
View File

@ -1,106 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Fri, 22 Oct 2021 09:53:15 +1100
Subject: [PATCH] powerpc-ieee1275: load grub at 4MB, not 2MB
This was first reported under PFW but reproduces under SLOF.
- The core.elf was 2126152 = 0x207148 bytes in size with the following
program headers (per readelf):
Entry point 0x200000
There are 4 program headers, starting at offset 52
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
LOAD 0x000160 0x00200000 0x00200000 0x21f98 0x2971c RWE 0x8
GNU_STACK 0x0220f8 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
LOAD 0x0220f8 0x00232000 0x00232000 0x1e4e50 0x1e4e50 RWE 0x4
NOTE 0x206f48 0x00000000 0x00000000 0x00200 0x00000 R 0x4
- SLOF places the ELF file at 0x4000 (after the reserved space for
interrupt handlers etc.) upwards. The image was 2126152 = 0x207148
bytes in size, so it runs from 0x4000 - 0x20b148. We'll call 0x4000 the
load address.
0x0 0x4000 0x20b148
|----------|--------------|
| reserved | ELF contents |
- SLOF then copies the first LOAD program header (for .text). That runs
for 0x21f98 bytes. It runs from
(load addr + 0x160) to (load addr + 0x160 + 0x21f98)
= 0x4160 to 0x260f8
and we copy it to 0x200000 to 0x221f98. This overwrites the end of the
image:
0x0 0x4000 0x200000 0x221f98
|----------|------------|---------------|
| reserved | ELF cont.. | .text section |
- SLOF zeros the bss up to PhysAddr + MemSize = 0x22971c
0x0 0x4000 0x200000 0x221f98 0x22971c
|----------|------------|---------------|--------|
| reserved | ELF cont.. | .text section | bss 0s |
- SLOF then goes to fulfil the next LOAD header (for mods), which is
for 0x1e4e50 bytes. We copy from
(load addr + 0x220f8) to (load addr + 0x220f8 + 0x1e4e50)
= 0x260f8 to 0x20af48
and we copy it to 0x232000 to 0x416e50:
0x0 0x4000 0x200000 0x221f98 0x22971c
|----------|------------|---------------|--------|
| reserved | ELF cont.. | .text section | bss 0s |
|-------------|
| copied area |
0x260f8 0x20af48
This goes poorly:
0x0 0x4000 0x200000 0x221f98 0x22971c 0x232000 0x40bf08 0x416e50
|----------|------------|---------------|--------|-----|-----------|-------------|
| reserved | ELF cont.. | .text section | bss 0s | pad | some mods | .text start |
This matches the observations on the running system - 0x40bf08 was where
the contents of memory no longer matched the contents of the ELF file.
This was reported as a license verification failure on SLOF as the
last module's .module_license section fell past where the corruption
began.
Signed-off-by: Daniel Axtens <dja@axtens.net>
[rharwood@redhat.com: trim very detailed commit message]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/Makefile.core.def | 2 +-
include/grub/offsets.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 4a57de975e..08ac0fb15f 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -89,7 +89,7 @@ kernel = {
i386_xen_pvh_ldflags = '$(TARGET_IMG_BASE_LDOPT),0x100000';
mips_loongson_ldflags = '-Wl,-Ttext,0x80200000';
- powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x200000';
+ powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x400000';
sparc64_ieee1275_ldflags = '-Wl,-Ttext,0x4400';
mips_arc_ldflags = '-Wl,-Ttext,$(TARGET_LINK_ADDR)';
mips_qemu_mips_ldflags = '-Wl,-Ttext,0x80200000';
diff --git a/include/grub/offsets.h b/include/grub/offsets.h
index 871e1cd4c3..69211aa798 100644
--- a/include/grub/offsets.h
+++ b/include/grub/offsets.h
@@ -63,7 +63,7 @@
#define GRUB_KERNEL_SPARC64_IEEE1275_LINK_ADDR 0x4400
#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ALIGN 4
-#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x200000
+#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x400000
#define GRUB_KERNEL_MIPS_LOONGSON_LINK_ADDR 0x80200000

160
0192-fs-btrfs-Use-full-btrfs-bootloader-area.patch
View File

@ -1,160 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Mon, 13 Dec 2021 14:25:49 +0800
Subject: [PATCH] fs/btrfs: Use full btrfs bootloader area
Up to now GRUB can only embed to the first 64 KiB before primary
superblock of btrfs, effectively limiting the GRUB core size. That
could consequently pose restrictions to feature enablement like
advanced zstd compression.
This patch attempts to utilize full unused area reserved by btrfs for
the bootloader outlined in the document [1]:
The first 1MiB on each device is unused with the exception of primary
superblock that is on the offset 64KiB and spans 4KiB.
Apart from that, adjacent sectors to superblock and first block group
are not used for embedding in case of overflow and logged access to
adjacent sectors could be useful for tracing it up.
This patch has been tested to provide out of the box support for btrfs
zstd compression with which GRUB has been installed to the partition.
[1] https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)#BOOTLOADER_SUPPORT
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit b0f06a81c6f31b6fa20be67a96b6683bba8210c9)
---
grub-core/fs/btrfs.c | 90 ++++++++++++++++++++++++++++++++++++++++++++--------
include/grub/disk.h | 2 ++
2 files changed, 79 insertions(+), 13 deletions(-)
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
index 4cc86e9b79..07c0ff874b 100644
--- a/grub-core/fs/btrfs.c
+++ b/grub-core/fs/btrfs.c
@@ -2476,6 +2476,33 @@ grub_btrfs_label (grub_device_t device, char **label)
}
#ifdef GRUB_UTIL
+
+struct embed_region {
+ unsigned int start;
+ unsigned int secs;
+};
+
+/*
+ * https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)#BOOTLOADER_SUPPORT
+ * The first 1 MiB on each device is unused with the exception of primary
+ * superblock that is on the offset 64 KiB and spans 4 KiB.
+ */
+
+static const struct {
+ struct embed_region available;
+ struct embed_region used[6];
+} btrfs_head = {
+ .available = {0, GRUB_DISK_KiB_TO_SECTORS (1024)}, /* The first 1 MiB. */
+ .used = {
+ {0, 1}, /* boot.S. */
+ {GRUB_DISK_KiB_TO_SECTORS (64) - 1, 1}, /* Overflow guard. */
+ {GRUB_DISK_KiB_TO_SECTORS (64), GRUB_DISK_KiB_TO_SECTORS (4)}, /* 4 KiB superblock. */
+ {GRUB_DISK_KiB_TO_SECTORS (68), 1}, /* Overflow guard. */
+ {GRUB_DISK_KiB_TO_SECTORS (1024) - 1, 1}, /* Overflow guard. */
+ {0, 0} /* Array terminator. */
+ }
+};
+
static grub_err_t
grub_btrfs_embed (grub_device_t device __attribute__ ((unused)),
unsigned int *nsectors,
@@ -2483,25 +2510,62 @@ grub_btrfs_embed (grub_device_t device __attribute__ ((unused)),
grub_embed_type_t embed_type,
grub_disk_addr_t **sectors)
{
- unsigned i;
+ unsigned int i, j, n = 0;
+ const struct embed_region *u;
+ grub_disk_addr_t *map;
if (embed_type != GRUB_EMBED_PCBIOS)
return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET,
"BtrFS currently supports only PC-BIOS embedding");
- if (64 * 2 - 1 < *nsectors)
- return grub_error (GRUB_ERR_OUT_OF_RANGE,
- N_("your core.img is unusually large. "
- "It won't fit in the embedding area"));
-
- *nsectors = 64 * 2 - 1;
- if (*nsectors > max_nsectors)
- *nsectors = max_nsectors;
- *sectors = grub_calloc (*nsectors, sizeof (**sectors));
- if (!*sectors)
+ map = grub_calloc (btrfs_head.available.secs, sizeof (*map));
+ if (map == NULL)
return grub_errno;
- for (i = 0; i < *nsectors; i++)
- (*sectors)[i] = i + 1;
+
+ /*
+ * Populating the map array so that it can be used to index if a disk
+ * address is available to embed:
+ * - 0: available,
+ * - 1: unavailable.
+ */
+ for (u = btrfs_head.used; u->secs; ++u)
+ {
+ unsigned int end = u->start + u->secs;
+
+ if (end > btrfs_head.available.secs)
+ end = btrfs_head.available.secs;
+ for (i = u->start; i < end; ++i)
+ map[i] = 1;
+ }
+
+ /* Adding up n until it matches total size of available embedding area. */
+ for (i = 0; i < btrfs_head.available.secs; ++i)
+ if (map[i] == 0)
+ n++;
+
+ if (n < *nsectors)
+ {
+ grub_free (map);
+ return grub_error (GRUB_ERR_OUT_OF_RANGE,
+ N_("your core.img is unusually large. "
+ "It won't fit in the embedding area"));
+ }
+
+ if (n > max_nsectors)
+ n = max_nsectors;
+
+ /*
+ * Populating the array so that it can used to index disk block address for
+ * an image file's offset to be embedded on disk (the unit is in sectors):
+ * - i: The disk block address relative to btrfs_head.available.start,
+ * - j: The offset in image file.
+ */
+ for (i = 0, j = 0; i < btrfs_head.available.secs && j < n; ++i)
+ if (map[i] == 0)
+ map[j++] = btrfs_head.available.start + i;
+
+ *nsectors = n;
+ *sectors = map;
return GRUB_ERR_NONE;
}
diff --git a/include/grub/disk.h b/include/grub/disk.h
index f95aca929a..06210a7049 100644
--- a/include/grub/disk.h
+++ b/include/grub/disk.h
@@ -182,6 +182,8 @@ typedef struct grub_disk_memberlist *grub_disk_memberlist_t;
/* Return value of grub_disk_native_sectors() in case disk size is unknown. */
#define GRUB_DISK_SIZE_UNKNOWN 0xffffffffffffffffULL
+#define GRUB_DISK_KiB_TO_SECTORS(x) ((x) << (10 - GRUB_DISK_SECTOR_BITS))
+
/* Convert sector number from one sector size to another. */
static inline grub_disk_addr_t
grub_convert_sector (grub_disk_addr_t sector,

30
0193-Add-Fedora-location-of-DejaVu-SANS-font.patch
View File

@ -1,30 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: fluteze <fluteze@gmail.com>
Date: Sat, 27 Nov 2021 10:54:44 -0600
Subject: [PATCH] Add Fedora location of DejaVu SANS font
In Fedora 35, and possibly earlier, grub would fail to configure with a
complaint about DejaVu being "not found" even though it was installed.
The DejaVu sans font search path is updated to reflect the
distribution's current install path.
Signed-off-by: Erik Edwards <fluteze@gmail.com>
[rharwood@redhat.com: slight commit message edits]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index ab0d326f00..40c4338bce 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1784,7 +1784,7 @@ fi
if test x"$starfield_excuse" = x; then
for ext in pcf pcf.gz bdf bdf.gz ttf ttf.gz; do
- for dir in . /usr/src /usr/share/fonts/X11/misc /usr/share/fonts/truetype/ttf-dejavu /usr/share/fonts/dejavu /usr/share/fonts/truetype; do
+ for dir in . /usr/src /usr/share/fonts/X11/misc /usr/share/fonts/truetype/ttf-dejavu /usr/share/fonts/dejavu /usr/share/fonts/truetype /usr/share/fonts/dejavu-sans-fonts; do
if test -f "$dir/DejaVuSans.$ext"; then
DJVU_FONT_SOURCE="$dir/DejaVuSans.$ext"
break 2

90
0194-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch
View File

@ -1,90 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 28 Jan 2022 11:30:32 +0100
Subject: [PATCH] normal/menu: Don't show "Booting `%s'" msg when auto-booting
with TIMEOUT_STYLE_HIDDEN
When the user has asked the menu code to be hidden/quiet and the current
entry is being autobooted because the timeout has expired don't show
the "Booting `%s'" msg.
This is necessary to let flicker-free boots really be flicker free,
otherwise the "Booting `%s'" msg will kick the EFI fb into text mode
and show the msg, breaking the flicker-free experience.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
grub-core/normal/menu.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index ec0c92bade..c8516a5a08 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -606,13 +606,15 @@ print_countdown (struct grub_term_coordinate *pos, int n)
entry to be executed is a result of an automatic default selection because
of the timeout. */
static int
-run_menu (grub_menu_t menu, int nested, int *auto_boot)
+run_menu (grub_menu_t menu, int nested, int *auto_boot, int *notify_boot)
{
grub_uint64_t saved_time;
int default_entry, current_entry;
int timeout;
enum timeout_style timeout_style;
+ *notify_boot = 1;
+
default_entry = get_entry_number (menu, "default");
/* If DEFAULT_ENTRY is not within the menu entries, fall back to
@@ -687,6 +689,7 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
if (timeout == 0)
{
*auto_boot = 1;
+ *notify_boot = timeout_style != TIMEOUT_STYLE_HIDDEN;
return default_entry;
}
@@ -840,12 +843,16 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
/* Callback invoked immediately before a menu entry is executed. */
static void
-notify_booting (grub_menu_entry_t entry,
- void *userdata __attribute__((unused)))
+notify_booting (grub_menu_entry_t entry, void *userdata)
{
- grub_printf (" ");
- grub_printf_ (N_("Booting `%s'"), entry->title);
- grub_printf ("\n\n");
+ int *notify_boot = userdata;
+
+ if (*notify_boot)
+ {
+ grub_printf (" ");
+ grub_printf_ (N_("Booting `%s'"), entry->title);
+ grub_printf ("\n\n");
+ }
}
/* Callback invoked when a default menu entry executed because of a timeout
@@ -893,8 +900,9 @@ show_menu (grub_menu_t menu, int nested, int autobooted)
int boot_entry;
grub_menu_entry_t e;
int auto_boot;
+ int notify_boot;
- boot_entry = run_menu (menu, nested, &auto_boot);
+ boot_entry = run_menu (menu, nested, &auto_boot, &notify_boot);
if (boot_entry < 0)
break;
@@ -906,7 +914,7 @@ show_menu (grub_menu_t menu, int nested, int autobooted)
if (auto_boot)
grub_menu_execute_with_fallback (menu, e, autobooted,
- &execution_callback, 0);
+ &execution_callback, &notify_boot);
else
grub_menu_execute_entry (e, 0);
if (autobooted)

41
0195-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch
View File

@ -1,41 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 28 Jan 2022 11:30:33 +0100
Subject: [PATCH] EFI: suppress the "Welcome to GRUB!" message in EFI builds
Grub EFI builds are now often used in combination with flicker-free
boot, but this breaks with upstream grub because the "Welcome to GRUB!"
message will kick the EFI fb into text mode and show the msg,
breaking the flicker-free experience.
EFI systems are so fast, that when the menu or the countdown are enabled
the message will be immediately overwritten, so in these cases not
printing the message does not matter.
And in case when the timeout_style is set to TIMEOUT_STYLE_HIDDEN,
the user has asked grub to be quiet (for example to allow flickfree
boot) annd thus the message should not be printed.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
grub-core/kern/main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
index 3fc3401472..993b8a8598 100644
--- a/grub-core/kern/main.c
+++ b/grub-core/kern/main.c
@@ -317,10 +317,13 @@ grub_main (void)
grub_boot_time ("After machine init.");
+ /* This breaks flicker-free boot on EFI systems, so disable it there. */
+#ifndef GRUB_MACHINE_EFI
/* Hello. */
grub_setcolorstate (GRUB_TERM_COLOR_HIGHLIGHT);
grub_printf ("Welcome to GRUB!\n\n");
grub_setcolorstate (GRUB_TERM_COLOR_STANDARD);
+#endif
/* Init verifiers API. */
grub_verifiers_init ();

51
0196-EFI-console-Do-not-set-colorstate-until-the-first-te.patch
View File

@ -1,51 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 28 Jan 2022 12:43:48 +0100
Subject: [PATCH] EFI: console: Do not set colorstate until the first text
output
GRUB_MOD_INIT(normal) does an unconditional:
grub_env_set ("color_normal", "light-gray/black");
which triggers a grub_term_setcolorstate() call. The original version
of the "efi/console: Do not set text-mode until we actually need it" patch:
https://lists.gnu.org/archive/html/grub-devel/2018-03/msg00125.html
Protected against this by caching the requested state in
grub_console_setcolorstate () and then only applying it when the first
text output actually happens. During refactoring to move the
grub_console_setcolorstate () up higher in the grub-core/term/efi/console.c
file the code to cache the color-state + bail early was accidentally
dropped.
Restore the cache the color-state + bail early behavior from the original.
Cc: Javier Martinez Canillas <javierm@redhat.com>
Fixes: 2d7c3abd871f ("efi/console: Do not set text-mode until we actually need it")
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
grub-core/term/efi/console.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/grub-core/term/efi/console.c b/grub-core/term/efi/console.c
index 2f1ae85ba7..c44b2ac318 100644
--- a/grub-core/term/efi/console.c
+++ b/grub-core/term/efi/console.c
@@ -82,6 +82,16 @@ grub_console_setcolorstate (struct grub_term_output *term
{
grub_efi_simple_text_output_interface_t *o;
+ if (grub_efi_is_finished || text_mode != GRUB_TEXT_MODE_AVAILABLE)
+ {
+ /*
+ * Cache colorstate changes before the first text-output, this avoids
+ * "color_normal" environment writes causing a switch to textmode.
+ */
+ text_colorstate = state;
+ return;
+ }
+
if (grub_efi_is_finished)
return;

71
0197-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch
View File

@ -1,71 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 28 Jan 2022 12:43:49 +0100
Subject: [PATCH] EFI: console: Do not set cursor until the first text output
To allow flickerfree boot the EFI console code does not call
grub_efi_set_text_mode (1) until some text is actually output.
Depending on if the output text is because of an error loading
e.g. the .cfg file; or because of showing the menu the cursor needs
to be on or off when the first text is shown.
So far the cursor was hardcoded to being on, but this is causing
drawing artifacts + slow drawing of the menu as reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=1946969
Handle the cursorstate in the same way as the colorstate to fix this,
when no text has been output yet, just cache the cursorstate and
then use the last set value when the first text is output.
Fixes: 2d7c3abd871f ("efi/console: Do not set text-mode until we actually need it")
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
---
grub-core/term/efi/console.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/grub-core/term/efi/console.c b/grub-core/term/efi/console.c
index c44b2ac318..a3622e4fe5 100644
--- a/grub-core/term/efi/console.c
+++ b/grub-core/term/efi/console.c
@@ -31,7 +31,15 @@ typedef enum {
}
grub_text_mode;
+typedef enum {
+ GRUB_CURSOR_MODE_UNDEFINED = -1,
+ GRUB_CURSOR_MODE_OFF = 0,
+ GRUB_CURSUR_MODE_ON
+}
+grub_cursor_mode;
+
static grub_text_mode text_mode = GRUB_TEXT_MODE_UNDEFINED;
+static grub_cursor_mode cursor_mode = GRUB_CURSOR_MODE_UNDEFINED;
static grub_term_color_state text_colorstate = GRUB_TERM_COLOR_UNDEFINED;
static grub_uint32_t
@@ -119,8 +127,12 @@ grub_console_setcursor (struct grub_term_output *term __attribute__ ((unused)),
{
grub_efi_simple_text_output_interface_t *o;
- if (grub_efi_is_finished)
- return;
+ if (grub_efi_is_finished || text_mode != GRUB_TEXT_MODE_AVAILABLE)
+ {
+ /* Cache cursor changes before the first text-output */
+ cursor_mode = on;
+ return;
+ }
o = grub_efi_system_table->con_out;
efi_call_2 (o->enable_cursor, o, on);
@@ -143,7 +155,8 @@ grub_prepare_for_text_output (struct grub_term_output *term)
return GRUB_ERR_BAD_DEVICE;
}
- grub_console_setcursor (term, 1);
+ if (cursor_mode != GRUB_CURSOR_MODE_UNDEFINED)
+ grub_console_setcursor (term, cursor_mode);
if (text_colorstate != GRUB_TERM_COLOR_UNDEFINED)
grub_console_setcolorstate (term, text_colorstate);
text_mode = GRUB_TEXT_MODE_AVAILABLE;

93
0198-Use-visual-indentation-in-config.h.in.patch
View File

@ -1,93 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 15 Dec 2021 15:46:13 -0500
Subject: [PATCH] Use visual indentation in config.h.in
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit de8051f34de0aa55c921a510974e5bb27e39c17b)
[rharwood: GRUB_RPM_CONFIG presence]
---
config.h.in | 58 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 29 insertions(+), 29 deletions(-)
diff --git a/config.h.in b/config.h.in
index c80e3e0aba..f2ed0066ec 100644
--- a/config.h.in
+++ b/config.h.in
@@ -23,47 +23,47 @@
#define MINILZO_CFG_SKIP_LZO1X_DECOMPRESS 1
#if defined (GRUB_BUILD)
-#undef ENABLE_NLS
-#define BUILD_SIZEOF_LONG @BUILD_SIZEOF_LONG@
-#define BUILD_SIZEOF_VOID_P @BUILD_SIZEOF_VOID_P@
-#if defined __APPLE__
-# if defined __BIG_ENDIAN__
-# define BUILD_WORDS_BIGENDIAN 1
-# else
-# define BUILD_WORDS_BIGENDIAN 0
-# endif
-#else
-#define BUILD_WORDS_BIGENDIAN @BUILD_WORDS_BIGENDIAN@
-#endif
+# undef ENABLE_NLS
+# define BUILD_SIZEOF_LONG @BUILD_SIZEOF_LONG@
+# define BUILD_SIZEOF_VOID_P @BUILD_SIZEOF_VOID_P@
+# if defined __APPLE__
+# if defined __BIG_ENDIAN__
+# define BUILD_WORDS_BIGENDIAN 1
+# else
+# define BUILD_WORDS_BIGENDIAN 0
+# endif
+# else /* !defined __APPLE__ */
+# define BUILD_WORDS_BIGENDIAN @BUILD_WORDS_BIGENDIAN@
+# endif /* !defined __APPLE__ */
#elif defined (GRUB_UTIL) || !defined (GRUB_MACHINE)
-#include <config-util.h>
-#else
-#define HAVE_FONT_SOURCE @HAVE_FONT_SOURCE@
+# include <config-util.h>
+#else /* !defined GRUB_UTIL && defined GRUB_MACHINE */
+# define HAVE_FONT_SOURCE @HAVE_FONT_SOURCE@
/* Define if C symbols get an underscore after compilation. */
-#define HAVE_ASM_USCORE @HAVE_ASM_USCORE@
+# define HAVE_ASM_USCORE @HAVE_ASM_USCORE@
/* Define it to one of __bss_start, edata and _edata. */
-#define BSS_START_SYMBOL @BSS_START_SYMBOL@
+# define BSS_START_SYMBOL @BSS_START_SYMBOL@
/* Define it to either end or _end. */
-#define END_SYMBOL @END_SYMBOL@
+# define END_SYMBOL @END_SYMBOL@
/* Name of package. */
-#define PACKAGE "@PACKAGE@"
+# define PACKAGE "@PACKAGE@"
/* Version number of package. */
-#define VERSION "@VERSION@"
+# define VERSION "@VERSION@"
/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "@PACKAGE_STRING@"
+# define PACKAGE_STRING "@PACKAGE_STRING@"
/* Define to the version of this package. */
-#define PACKAGE_VERSION "@PACKAGE_VERSION@"
+# define PACKAGE_VERSION "@PACKAGE_VERSION@"
/* Define to the full name of this package. */
-#define PACKAGE_NAME "@PACKAGE_NAME@"
+# define PACKAGE_NAME "@PACKAGE_NAME@"
/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT "@PACKAGE_BUGREPORT@"
+# define PACKAGE_BUGREPORT "@PACKAGE_BUGREPORT@"
-#define GRUB_TARGET_CPU "@GRUB_TARGET_CPU@"
-#define GRUB_PLATFORM "@GRUB_PLATFORM@"
-#define GRUB_RPM_VERSION "@GRUB_RPM_VERSION@"
+# define GRUB_TARGET_CPU "@GRUB_TARGET_CPU@"
+# define GRUB_PLATFORM "@GRUB_PLATFORM@"
+# define GRUB_RPM_VERSION "@GRUB_RPM_VERSION@"
-#define RE_ENABLE_I18N 1
+# define RE_ENABLE_I18N 1
-#define _GNU_SOURCE 1
+# define _GNU_SOURCE 1
#endif

275
0199-Where-present-ensure-config-util.h-precedes-config.h.patch
View File

@ -1,275 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 22 Feb 2022 16:57:54 -0500
Subject: [PATCH] Where present, ensure config-util.h precedes config.h
gnulib defines go in config-util.h, and we need to know whether to
provide duplicates in config.h or not.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 46e82b28e1a75703d0424c7e13d009171310c6cd)
[rharwood: gensymlist isn't part of tarballs]
---
grub-core/disk/host.c | 2 +-
grub-core/kern/emu/argp_common.c | 2 +-
grub-core/kern/emu/main.c | 2 +-
grub-core/osdep/aros/config.c | 2 +-
grub-core/osdep/basic/emunet.c | 2 +-
grub-core/osdep/basic/init.c | 2 +-
grub-core/osdep/haiku/getroot.c | 2 +-
grub-core/osdep/linux/emunet.c | 2 +-
grub-core/osdep/unix/config.c | 2 +-
grub-core/osdep/unix/cputime.c | 2 +-
grub-core/osdep/unix/dl.c | 2 +-
grub-core/osdep/unix/emuconsole.c | 2 +-
grub-core/osdep/unix/getroot.c | 2 +-
grub-core/osdep/windows/config.c | 2 +-
grub-core/osdep/windows/cputime.c | 2 +-
grub-core/osdep/windows/dl.c | 2 +-
grub-core/osdep/windows/emuconsole.c | 2 +-
grub-core/osdep/windows/init.c | 2 +-
18 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/grub-core/disk/host.c b/grub-core/disk/host.c
index c151d225df..f34529f86a 100644
--- a/grub-core/disk/host.c
+++ b/grub-core/disk/host.c
@@ -20,8 +20,8 @@
/* When using the disk, make a reference to this module. Otherwise
the user will end up with a useless module :-). */
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/dl.h>
#include <grub/disk.h>
diff --git a/grub-core/kern/emu/argp_common.c b/grub-core/kern/emu/argp_common.c
index 1668858703..8cb4608c3d 100644
--- a/grub-core/kern/emu/argp_common.c
+++ b/grub-core/kern/emu/argp_common.c
@@ -17,8 +17,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#pragma GCC diagnostic ignored "-Wmissing-prototypes"
#pragma GCC diagnostic ignored "-Wmissing-declarations"
diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c
index 55ea5a11cc..12277c34d2 100644
--- a/grub-core/kern/emu/main.c
+++ b/grub-core/kern/emu/main.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <time.h>
#include <stdio.h>
diff --git a/grub-core/osdep/aros/config.c b/grub-core/osdep/aros/config.c
index c82d0ea8e7..55f5728efc 100644
--- a/grub-core/osdep/aros/config.c
+++ b/grub-core/osdep/aros/config.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/emu/hostdisk.h>
#include <grub/emu/exec.h>
diff --git a/grub-core/osdep/basic/emunet.c b/grub-core/osdep/basic/emunet.c
index 6362e5cfbb..dbfd316d61 100644
--- a/grub-core/osdep/basic/emunet.c
+++ b/grub-core/osdep/basic/emunet.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/i18n.h>
#include <grub/emu/net.h>
diff --git a/grub-core/osdep/basic/init.c b/grub-core/osdep/basic/init.c
index c54c710dbc..b104c7e162 100644
--- a/grub-core/osdep/basic/init.c
+++ b/grub-core/osdep/basic/init.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/util/misc.h>
#include <grub/i18n.h>
diff --git a/grub-core/osdep/haiku/getroot.c b/grub-core/osdep/haiku/getroot.c
index 4e123c0903..927a1ebc94 100644
--- a/grub-core/osdep/haiku/getroot.c
+++ b/grub-core/osdep/haiku/getroot.c
@@ -1,5 +1,5 @@
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <string.h>
diff --git a/grub-core/osdep/linux/emunet.c b/grub-core/osdep/linux/emunet.c
index 19b188f09e..d5a6417355 100644
--- a/grub-core/osdep/linux/emunet.c
+++ b/grub-core/osdep/linux/emunet.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <sys/socket.h>
#include <sys/types.h>
diff --git a/grub-core/osdep/unix/config.c b/grub-core/osdep/unix/config.c
index 46a881530c..0ce0e309ac 100644
--- a/grub-core/osdep/unix/config.c
+++ b/grub-core/osdep/unix/config.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/emu/hostdisk.h>
#include <grub/emu/exec.h>
diff --git a/grub-core/osdep/unix/cputime.c b/grub-core/osdep/unix/cputime.c
index cff359a3b9..fb6ff55a1a 100644
--- a/grub-core/osdep/unix/cputime.c
+++ b/grub-core/osdep/unix/cputime.c
@@ -1,5 +1,5 @@
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <sys/times.h>
#include <unistd.h>
diff --git a/grub-core/osdep/unix/dl.c b/grub-core/osdep/unix/dl.c
index 562b101a28..99b189bc1c 100644
--- a/grub-core/osdep/unix/dl.c
+++ b/grub-core/osdep/unix/dl.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/dl.h>
#include <grub/misc.h>
diff --git a/grub-core/osdep/unix/emuconsole.c b/grub-core/osdep/unix/emuconsole.c
index 7308798efe..cac159424d 100644
--- a/grub-core/osdep/unix/emuconsole.c
+++ b/grub-core/osdep/unix/emuconsole.c
@@ -17,8 +17,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/term.h>
#include <grub/types.h>
diff --git a/grub-core/osdep/unix/getroot.c b/grub-core/osdep/unix/getroot.c
index 46d7116c6e..4f436284ce 100644
--- a/grub-core/osdep/unix/getroot.c
+++ b/grub-core/osdep/unix/getroot.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config-util.h>
#include <config.h>
+#include <config-util.h>
#include <sys/stat.h>
#include <sys/types.h>
diff --git a/grub-core/osdep/windows/config.c b/grub-core/osdep/windows/config.c
index 928ab1a49b..2bb8a2fd88 100644
--- a/grub-core/osdep/windows/config.c
+++ b/grub-core/osdep/windows/config.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/emu/hostfile.h>
#include <grub/emu/config.h>
diff --git a/grub-core/osdep/windows/cputime.c b/grub-core/osdep/windows/cputime.c
index 3568aa2d35..5d06d79dd5 100644
--- a/grub-core/osdep/windows/cputime.c
+++ b/grub-core/osdep/windows/cputime.c
@@ -1,5 +1,5 @@
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/emu/misc.h>
#include <windows.h>
diff --git a/grub-core/osdep/windows/dl.c b/grub-core/osdep/windows/dl.c
index eec6a24ad7..8eab7057e4 100644
--- a/grub-core/osdep/windows/dl.c
+++ b/grub-core/osdep/windows/dl.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/dl.h>
#include <grub/misc.h>
diff --git a/grub-core/osdep/windows/emuconsole.c b/grub-core/osdep/windows/emuconsole.c
index 4fb3693cc0..17a44de469 100644
--- a/grub-core/osdep/windows/emuconsole.c
+++ b/grub-core/osdep/windows/emuconsole.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/term.h>
#include <grub/misc.h>
diff --git a/grub-core/osdep/windows/init.c b/grub-core/osdep/windows/init.c
index 6297de6326..51a9647dde 100644
--- a/grub-core/osdep/windows/init.c
+++ b/grub-core/osdep/windows/init.c
@@ -16,8 +16,8 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <config.h>
#include <config-util.h>
+#include <config.h>
#include <grub/util/misc.h>
#include <grub/osdep/hostfile.h>
#include <grub/util/windows.h>

140
0200-Drop-gnulib-fix-base64.patch.patch
View File

@ -1,140 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 28 Oct 2021 15:07:50 -0400
Subject: [PATCH] Drop gnulib fix-base64.patch
Originally added in 9fbdec2f6b4fa8b549daa4d49134d1fe89d95ef9 and
subsequently modified in 552c9fd08122a3036c724ce96dfe68aa2f75705f,
fix-base64.patch handled two problems we have using gnulib, which are
exerciesd by the base64 module but not directly caused by it.
First, grub2 defines its own bool type, while gnulib expects the
equivalent of stdbool.h to be present. Rather than patching gnulib,
instead use gnulib's stdbool module to provide a bool type if needed.
(Suggested by Simon Josefsson.)
Second, our config.h doesn't always inherit config-util.h, which is
where gnulib-related options like _GL_ATTRIBUTE_CONST end up.
fix-base64.h worked around this by defining the attribute away, but this
workaround is better placed in config.h itself, not a gnulib patch.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 54fd1c3301dd15f6b6212c12887265e8a6cbc076)
---
grub-core/lib/posix_wrap/sys/types.h | 7 +++----
grub-core/lib/xzembed/xz.h | 5 +----
bootstrap.conf | 3 ++-
conf/Makefile.extra-dist | 1 -
config.h.in | 4 ++++
grub-core/lib/gnulib-patches/fix-base64.patch | 21 ---------------------
6 files changed, 10 insertions(+), 31 deletions(-)
delete mode 100644 grub-core/lib/gnulib-patches/fix-base64.patch
diff --git a/grub-core/lib/posix_wrap/sys/types.h b/grub-core/lib/posix_wrap/sys/types.h
index f63412c8da..2f3e865495 100644
--- a/grub-core/lib/posix_wrap/sys/types.h
+++ b/grub-core/lib/posix_wrap/sys/types.h
@@ -23,11 +23,10 @@
#include <stddef.h>
+/* Provided by gnulib if not present. */
+#include <stdbool.h>
+
typedef grub_ssize_t ssize_t;
-#ifndef GRUB_POSIX_BOOL_DEFINED
-typedef enum { false = 0, true = 1 } bool;
-#define GRUB_POSIX_BOOL_DEFINED 1
-#endif
typedef grub_uint8_t uint8_t;
typedef grub_uint16_t uint16_t;
diff --git a/grub-core/lib/xzembed/xz.h b/grub-core/lib/xzembed/xz.h
index f7b32d8003..d1417039aa 100644
--- a/grub-core/lib/xzembed/xz.h
+++ b/grub-core/lib/xzembed/xz.h
@@ -29,10 +29,7 @@
#include <unistd.h>
#include <string.h>
#include <grub/misc.h>
-
-#ifndef GRUB_POSIX_BOOL_DEFINED
-typedef enum { false = 0, true = 1 } bool;
-#endif
+#include <stdbool.h>
/**
* enum xz_ret - Return codes
diff --git a/bootstrap.conf b/bootstrap.conf
index 52d4af44be..645e3a459c 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -35,6 +35,7 @@ gnulib_modules="
realloc-gnu
regex
save-cwd
+ stdbool
"
gnulib_tool_option_extras="\
@@ -79,7 +80,7 @@ cp -a INSTALL INSTALL.grub
bootstrap_post_import_hook () {
set -e
- for patchname in fix-base64 fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \
+ for patchname in fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \
fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width no-abort; do
patch -d grub-core/lib/gnulib -p2 \
< "grub-core/lib/gnulib-patches/$patchname.patch"
diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index ad235de7fc..f4791dc6ca 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -31,7 +31,6 @@ EXTRA_DIST += grub-core/gensymlist.sh
EXTRA_DIST += grub-core/genemuinit.sh
EXTRA_DIST += grub-core/genemuinitheader.sh
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-base64.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-state-deref.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
diff --git a/config.h.in b/config.h.in
index f2ed0066ec..9c7b4afaaa 100644
--- a/config.h.in
+++ b/config.h.in
@@ -66,4 +66,8 @@
# define _GNU_SOURCE 1
+# ifndef _GL_INLINE_HEADER_BEGIN
+# define _GL_ATTRIBUTE_CONST __attribute__ ((const))
+# endif /* !_GL_INLINE_HEADER_BEGIN */
+
#endif
diff --git a/grub-core/lib/gnulib-patches/fix-base64.patch b/grub-core/lib/gnulib-patches/fix-base64.patch
deleted file mode 100644
index 985db12797..0000000000
--- a/grub-core/lib/gnulib-patches/fix-base64.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/lib/base64.h b/lib/base64.h
-index 9cd0183b8..185a2afa1 100644
---- a/lib/base64.h
-+++ b/lib/base64.h
-@@ -21,8 +21,14 @@
- /* Get size_t. */
- # include <stddef.h>
-
--/* Get bool. */
--# include <stdbool.h>
-+#ifndef GRUB_POSIX_BOOL_DEFINED
-+typedef enum { false = 0, true = 1 } bool;
-+#define GRUB_POSIX_BOOL_DEFINED 1
-+#endif
-+
-+#ifndef _GL_ATTRIBUTE_CONST
-+# define _GL_ATTRIBUTE_CONST /* empty */
-+#endif
-
- # ifdef __cplusplus
- extern "C" {

97
0201-Drop-gnulib-no-abort.patch.patch
View File

@ -1,97 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 5 Jan 2022 16:42:11 -0500
Subject: [PATCH] Drop gnulib no-abort.patch
Originally added in db7337a3d353a817ffe9eb4a3702120527100be9, this
patched out all relevant invocations of abort() in gnulib. While it was
not documented why at the time, testing suggests that there's no abort()
implementation available for gnulib to use.
gnulib's position is that the use of abort() is correct here, since it
happens when input violates a "shall" from POSIX. Additionally, the
code in question is probably not reachable. Since abort() is more
friendly to user-space, they prefer to make no change, so we can just
carry a define instead. (Suggested by Paul Eggert.)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 5137c8eb3ec11c3217acea1a93a3f88f3fa4cbca)
---
bootstrap.conf | 2 +-
conf/Makefile.extra-dist | 1 -
config.h.in | 3 +++
grub-core/lib/gnulib-patches/no-abort.patch | 26 --------------------------
4 files changed, 4 insertions(+), 28 deletions(-)
delete mode 100644 grub-core/lib/gnulib-patches/no-abort.patch
diff --git a/bootstrap.conf b/bootstrap.conf
index 645e3a459c..71ce943c7d 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -81,7 +81,7 @@ cp -a INSTALL INSTALL.grub
bootstrap_post_import_hook () {
set -e
for patchname in fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \
- fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width no-abort; do
+ fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width; do
patch -d grub-core/lib/gnulib -p2 \
< "grub-core/lib/gnulib-patches/$patchname.patch"
done
diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index f4791dc6ca..5eef708338 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -38,7 +38,6 @@ EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-uninit-structure.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-width.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/no-abort.patch
EXTRA_DIST += grub-core/lib/libgcrypt
EXTRA_DIST += grub-core/lib/libgcrypt-grub/mpi/generic
diff --git a/config.h.in b/config.h.in
index 9c7b4afaaa..c3134309c6 100644
--- a/config.h.in
+++ b/config.h.in
@@ -68,6 +68,9 @@
# ifndef _GL_INLINE_HEADER_BEGIN
# define _GL_ATTRIBUTE_CONST __attribute__ ((const))
+
+/* We don't have an abort() for gnulib to call in regexp. */
+# define abort __builtin_unreachable
# endif /* !_GL_INLINE_HEADER_BEGIN */
#endif
diff --git a/grub-core/lib/gnulib-patches/no-abort.patch b/grub-core/lib/gnulib-patches/no-abort.patch
deleted file mode 100644
index e469c4762e..0000000000
--- a/grub-core/lib/gnulib-patches/no-abort.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-diff --git a/lib/regcomp.c b/lib/regcomp.c
-index cc85f35ac..de45ebb5c 100644
---- a/lib/regcomp.c
-+++ b/lib/regcomp.c
-@@ -528,9 +528,9 @@ regerror (int errcode, const regex_t *__restrict preg, char *__restrict errbuf,
- to this routine. If we are given anything else, or if other regex
- code generates an invalid error code, then the program has a bug.
- Dump core so we can fix it. */
-- abort ();
--
-- msg = gettext (__re_error_msgid + __re_error_msgid_idx[errcode]);
-+ msg = gettext ("unknown regexp error");
-+ else
-+ msg = gettext (__re_error_msgid + __re_error_msgid_idx[errcode]);
-
- msg_size = strlen (msg) + 1; /* Includes the null. */
-
-@@ -1136,7 +1136,7 @@ optimize_utf8 (re_dfa_t *dfa)
- }
- break;
- default:
-- abort ();
-+ break;
- }
-
- if (mb_chars || has_period)

832
0202-Update-gnulib-version-and-drop-most-gnulib-patches.patch
View File

@ -1,832 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 15 Dec 2021 15:07:50 -0500
Subject: [PATCH] Update gnulib version and drop most gnulib patches
In addition to the changes carried in our gnulib patches, several
Coverity and code hygiene fixes that were previously downstream are also
included in this 3-year gnulib increment.
Unfortunately, fix-width.patch is retained.
Bump minimum autoconf version from 2.63 to 2.64 and automake from 1.11
to 1.14, as required by gnulib.
Sync bootstrap script itself with gnulib.
Update regexp module for new dynarray dependency.
Fix various new warnings.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit deb18ff931c3133c2aa536a92bd92e50d6615303)
[rharwood: backport around requirements in INSTALL]
---
configure.ac | 2 +-
grub-core/Makefile.core.def | 3 +
grub-core/disk/luks2.c | 4 +-
grub-core/lib/posix_wrap/limits.h | 6 +-
include/grub/compiler.h | 4 +-
include/grub/list.h | 2 +-
INSTALL | 2 +-
bootstrap | 291 ++++++++++++---------
bootstrap.conf | 22 +-
conf/Makefile.extra-dist | 6 -
config.h.in | 68 +++++
grub-core/lib/gnulib-patches/fix-null-deref.patch | 13 -
.../lib/gnulib-patches/fix-null-state-deref.patch | 12 -
.../gnulib-patches/fix-regcomp-uninit-token.patch | 15 --
.../gnulib-patches/fix-regexec-null-deref.patch | 12 -
.../lib/gnulib-patches/fix-uninit-structure.patch | 11 -
.../lib/gnulib-patches/fix-unused-value.patch | 14 -
17 files changed, 262 insertions(+), 225 deletions(-)
delete mode 100644 grub-core/lib/gnulib-patches/fix-null-deref.patch
delete mode 100644 grub-core/lib/gnulib-patches/fix-null-state-deref.patch
delete mode 100644 grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
delete mode 100644 grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
delete mode 100644 grub-core/lib/gnulib-patches/fix-uninit-structure.patch
delete mode 100644 grub-core/lib/gnulib-patches/fix-unused-value.patch
diff --git a/configure.ac b/configure.ac
index 40c4338bce..79f45ef1e1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,7 +49,7 @@ AC_CANONICAL_TARGET
program_prefix="${save_program_prefix}"
AM_INIT_AUTOMAKE([1.11])
-AC_PREREQ(2.63)
+AC_PREREQ(2.64)
AC_CONFIG_SRCDIR([include/grub/dl.h])
AC_CONFIG_HEADER([config-util.h])
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 08ac0fb15f..ec1ec5083b 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -762,6 +762,9 @@ module = {
name = regexp;
common = commands/regexp.c;
common = commands/wildcard.c;
+ common = lib/gnulib/malloc/dynarray_finalize.c;
+ common = lib/gnulib/malloc/dynarray_emplace_enlarge.c;
+ common = lib/gnulib/malloc/dynarray_resize.c;
common = lib/gnulib/regex.c;
cflags = '$(CFLAGS_POSIX) $(CFLAGS_GNULIB)';
cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB)';
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 371a53b837..c917a5f91e 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -389,7 +389,7 @@ luks2_verify_key (grub_luks2_digest_t *d, grub_uint8_t *candidate_key,
{
grub_uint8_t candidate_digest[GRUB_CRYPTODISK_MAX_KEYLEN];
grub_uint8_t digest[GRUB_CRYPTODISK_MAX_KEYLEN], salt[GRUB_CRYPTODISK_MAX_KEYLEN];
- grub_size_t saltlen = sizeof (salt), digestlen = sizeof (digest);
+ idx_t saltlen = sizeof (salt), digestlen = sizeof (digest);
const gcry_md_spec_t *hash;
gcry_err_code_t gcry_ret;
@@ -428,7 +428,7 @@ luks2_decrypt_key (grub_uint8_t *out_key,
grub_uint8_t area_key[GRUB_CRYPTODISK_MAX_KEYLEN];
grub_uint8_t salt[GRUB_CRYPTODISK_MAX_KEYLEN];
grub_uint8_t *split_key = NULL;
- grub_size_t saltlen = sizeof (salt);
+ idx_t saltlen = sizeof (salt);
char cipher[32], *p;
const gcry_md_spec_t *hash;
gcry_err_code_t gcry_ret;
diff --git a/grub-core/lib/posix_wrap/limits.h b/grub-core/lib/posix_wrap/limits.h
index 591dbf3289..4be7b40806 100644
--- a/grub-core/lib/posix_wrap/limits.h
+++ b/grub-core/lib/posix_wrap/limits.h
@@ -25,7 +25,11 @@
#define USHRT_MAX GRUB_USHRT_MAX
#define UINT_MAX GRUB_UINT_MAX
#define ULONG_MAX GRUB_ULONG_MAX
-#define SIZE_MAX GRUB_SIZE_MAX
+
+/* gnulib also defines this type */
+#ifndef SIZE_MAX
+# define SIZE_MAX GRUB_SIZE_MAX
+#endif
#define SCHAR_MIN GRUB_SCHAR_MIN
#define SCHAR_MAX GRUB_SCHAR_MAX
diff --git a/include/grub/compiler.h b/include/grub/compiler.h
index ebafec6895..441a9eca07 100644
--- a/include/grub/compiler.h
+++ b/include/grub/compiler.h
@@ -30,10 +30,10 @@
/* Does this compiler support compile-time error attributes? */
#if GNUC_PREREQ(4,3)
-# define ATTRIBUTE_ERROR(msg) \
+# define GRUB_ATTRIBUTE_ERROR(msg) \
__attribute__ ((__error__ (msg)))
#else
-# define ATTRIBUTE_ERROR(msg) __attribute__ ((noreturn))
+# define GRUB_ATTRIBUTE_ERROR(msg) __attribute__ ((noreturn))
#endif
#if GNUC_PREREQ(4,4)
diff --git a/include/grub/list.h b/include/grub/list.h
index b13acb9624..21f4b4b44a 100644
--- a/include/grub/list.h
+++ b/include/grub/list.h
@@ -40,7 +40,7 @@ void EXPORT_FUNC(grub_list_remove) (grub_list_t item);
static inline void *
grub_bad_type_cast_real (int line, const char *file)
- ATTRIBUTE_ERROR ("bad type cast between incompatible grub types");
+ GRUB_ATTRIBUTE_ERROR ("bad type cast between incompatible grub types");
static inline void *
grub_bad_type_cast_real (int line, const char *file)
diff --git a/INSTALL b/INSTALL
index 79a0af7d93..ee9f536f76 100644
--- a/INSTALL
+++ b/INSTALL
@@ -42,7 +42,7 @@ If you use a development snapshot or want to hack on GRUB you may
need the following.
* Python 2.6 or later
-* Autoconf 2.63 or later
+* Autoconf 2.64 or later
* Automake 1.11 or later
Prerequisites for make-check:
diff --git a/bootstrap b/bootstrap
index 5b08e7e2d4..dc2238f4ad 100755
--- a/bootstrap
+++ b/bootstrap
@@ -1,10 +1,10 @@
#! /bin/sh
# Print a version string.
-scriptversion=2019-01-04.17; # UTC
+scriptversion=2022-01-26.05; # UTC
# Bootstrap this package from checked-out sources.
-# Copyright (C) 2003-2019 Free Software Foundation, Inc.
+# Copyright (C) 2003-2022 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -47,7 +47,7 @@ PERL="${PERL-perl}"
me=$0
-default_gnulib_url=git://git.sv.gnu.org/gnulib
+default_gnulib_url=https://git.savannah.gnu.org/git/gnulib.git
usage() {
cat <<EOF
@@ -71,7 +71,9 @@ Options:
--no-git do not use git to update gnulib. Requires that
--gnulib-srcdir point to a correct gnulib snapshot
--skip-po do not download po files
-
+EOF
+ bootstrap_print_option_usage_hook
+ cat <<EOF
If the file $me.conf exists in the same directory as this script, its
contents are read as shell variables to configure the bootstrap.
@@ -113,6 +115,12 @@ Running without arguments will suffice in most cases.
EOF
}
+copyright_year=`echo "$scriptversion" | sed -e 's/[^0-9].*//'`
+copyright="Copyright (C) ${copyright_year} Free Software Foundation, Inc.
+License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
+This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law."
+
# warnf_ FORMAT-STRING ARG1...
warnf_ ()
{
@@ -154,6 +162,18 @@ gnulib_files=
: ${AUTOPOINT=autopoint}
: ${AUTORECONF=autoreconf}
+# A function to be called for each unrecognized option. Returns 0 if
+# the option in $1 has been processed by the function. Returns 1 if
+# the option has not been processed by the function. Override it via
+# your own definition in bootstrap.conf
+
+bootstrap_option_hook() { return 1; }
+
+# A function to be called in order to print the --help information
+# corresponding to user-defined command-line options.
+
+bootstrap_print_option_usage_hook() { :; }
+
# A function to be called right after gnulib-tool is run.
# Override it via your own definition in bootstrap.conf.
bootstrap_post_import_hook() { :; }
@@ -166,11 +186,11 @@ bootstrap_epilogue() { :; }
# specified directory. Fill in the first %s with the destination
# directory and the second with the domain name.
po_download_command_format=\
-"wget --mirror --level=1 -nd -q -A.po -P '%s' \
+"wget --mirror --level=1 -nd -nv -A.po -P '%s' \
https://translationproject.org/latest/%s/"
# Prefer a non-empty tarname (4th argument of AC_INIT if given), else
-# fall back to the package name (1st argument with munging)
+# fall back to the package name (1st argument with munging).
extract_package_name='
/^AC_INIT(\[*/{
s///
@@ -187,8 +207,11 @@ extract_package_name='
p
}
'
-package=$(sed -n "$extract_package_name" configure.ac) \
- || die 'cannot find package name in configure.ac'
+package=$(${AUTOCONF:-autoconf} --trace AC_INIT:\$4 configure.ac 2>/dev/null)
+if test -z "$package"; then
+ package=$(sed -n "$extract_package_name" configure.ac) \
+ || die 'cannot find package name in configure.ac'
+fi
gnulib_name=lib$package
build_aux=build-aux
@@ -290,6 +313,116 @@ find_tool ()
eval "export $find_tool_envvar"
}
+# Strip blank and comment lines to leave significant entries.
+gitignore_entries() {
+ sed '/^#/d; /^$/d' "$@"
+}
+
+# If $STR is not already on a line by itself in $FILE, insert it at the start.
+# Entries are inserted at the start of the ignore list to ensure existing
+# entries starting with ! are not overridden. Such entries support
+# whitelisting exceptions after a more generic blacklist pattern.
+insert_if_absent() {
+ file=$1
+ str=$2
+ test -f $file || touch $file
+ test -r $file || die "Error: failed to read ignore file: $file"
+ duplicate_entries=$(gitignore_entries $file | sort | uniq -d)
+ if [ "$duplicate_entries" ] ; then
+ die "Error: Duplicate entries in $file: " $duplicate_entries
+ fi
+ linesold=$(gitignore_entries $file | wc -l)
+ linesnew=$( { echo "$str"; cat $file; } | gitignore_entries | sort -u | wc -l)
+ if [ $linesold != $linesnew ] ; then
+ { echo "$str" | cat - $file > $file.bak && mv $file.bak $file; } \
+ || die "insert_if_absent $file $str: failed"
+ fi
+}
+
+# Adjust $PATTERN for $VC_IGNORE_FILE and insert it with
+# insert_if_absent.
+insert_vc_ignore() {
+ vc_ignore_file="$1"
+ pattern="$2"
+ case $vc_ignore_file in
+ *.gitignore)
+ # A .gitignore entry that does not start with '/' applies
+ # recursively to subdirectories, so prepend '/' to every
+ # .gitignore entry.
+ pattern=$(echo "$pattern" | sed s,^,/,);;
+ esac
+ insert_if_absent "$vc_ignore_file" "$pattern"
+}
+
+symlink_to_dir()
+{
+ src=$1/$2
+ dst=${3-$2}
+
+ test -f "$src" && {
+
+ # If the destination directory doesn't exist, create it.
+ # This is required at least for "lib/uniwidth/cjk.h".
+ dst_dir=$(dirname "$dst")
+ if ! test -d "$dst_dir"; then
+ mkdir -p "$dst_dir"
+
+ # If we've just created a directory like lib/uniwidth,
+ # tell version control system(s) it's ignorable.
+ # FIXME: for now, this does only one level
+ parent=$(dirname "$dst_dir")
+ for dot_ig in x $vc_ignore; do
+ test $dot_ig = x && continue
+ ig=$parent/$dot_ig
+ insert_vc_ignore $ig "${dst_dir##*/}"
+ done
+ fi
+
+ if $copy; then
+ {
+ test ! -h "$dst" || {
+ echo "$me: rm -f $dst" &&
+ rm -f "$dst"
+ }
+ } &&
+ test -f "$dst" &&
+ cmp -s "$src" "$dst" || {
+ echo "$me: cp -fp $src $dst" &&
+ cp -fp "$src" "$dst"
+ }
+ else
+ # Leave any existing symlink alone, if it already points to the source,
+ # so that broken build tools that care about symlink times
+ # aren't confused into doing unnecessary builds. Conversely, if the
+ # existing symlink's timestamp is older than the source, make it afresh,
+ # so that broken tools aren't confused into skipping needed builds. See
+ # <https://lists.gnu.org/r/bug-gnulib/2011-05/msg00326.html>.
+ test -h "$dst" &&
+ src_ls=$(ls -diL "$src" 2>/dev/null) && set $src_ls && src_i=$1 &&
+ dst_ls=$(ls -diL "$dst" 2>/dev/null) && set $dst_ls && dst_i=$1 &&
+ test "$src_i" = "$dst_i" &&
+ both_ls=$(ls -dt "$src" "$dst") &&
+ test "X$both_ls" = "X$dst$nl$src" || {
+ dot_dots=
+ case $src in
+ /*) ;;
+ *)
+ case /$dst/ in
+ *//* | */../* | */./* | /*/*/*/*/*/)
+ die "invalid symlink calculation: $src -> $dst";;
+ /*/*/*/*/) dot_dots=../../../;;
+ /*/*/*/) dot_dots=../../;;
+ /*/*/) dot_dots=../;;
+ esac;;
+ esac
+
+ echo "$me: ln -fs $dot_dots$src $dst" &&
+ ln -fs "$dot_dots$src" "$dst"
+ }
+ fi
+ }
+}
+
# Override the default configuration, if necessary.
# Make sure that bootstrap.conf is sourced from the current directory
# if we were invoked as "sh bootstrap".
@@ -320,6 +453,12 @@ do
--help)
usage
exit;;
+ --version)
+ set -e
+ echo "bootstrap $scriptversion"
+ echo "$copyright"
+ exit 0
+ ;;
--gnulib-srcdir=*)
GNULIB_SRCDIR=${option#--gnulib-srcdir=};;
--skip-po)
@@ -335,7 +474,7 @@ do
--no-git)
use_git=false;;
*)
- die "$option: unknown option";;
+ bootstrap_option_hook $option || die "$option: unknown option";;
esac
done
@@ -346,47 +485,6 @@ if test -n "$checkout_only_file" && test ! -r "$checkout_only_file"; then
die "Bootstrapping from a non-checked-out distribution is risky."
fi
-# Strip blank and comment lines to leave significant entries.
-gitignore_entries() {
- sed '/^#/d; /^$/d' "$@"
-}
-
-# If $STR is not already on a line by itself in $FILE, insert it at the start.
-# Entries are inserted at the start of the ignore list to ensure existing
-# entries starting with ! are not overridden. Such entries support
-# whitelisting exceptions after a more generic blacklist pattern.
-insert_if_absent() {
- file=$1
- str=$2
- test -f $file || touch $file
- test -r $file || die "Error: failed to read ignore file: $file"
- duplicate_entries=$(gitignore_entries $file | sort | uniq -d)
- if [ "$duplicate_entries" ] ; then
- die "Error: Duplicate entries in $file: " $duplicate_entries
- fi
- linesold=$(gitignore_entries $file | wc -l)
- linesnew=$( { echo "$str"; cat $file; } | gitignore_entries | sort -u | wc -l)
- if [ $linesold != $linesnew ] ; then
- { echo "$str" | cat - $file > $file.bak && mv $file.bak $file; } \
- || die "insert_if_absent $file $str: failed"
- fi
-}
-
-# Adjust $PATTERN for $VC_IGNORE_FILE and insert it with
-# insert_if_absent.
-insert_vc_ignore() {
- vc_ignore_file="$1"
- pattern="$2"
- case $vc_ignore_file in
- *.gitignore)
- # A .gitignore entry that does not start with '/' applies
- # recursively to subdirectories, so prepend '/' to every
- # .gitignore entry.
- pattern=$(echo "$pattern" | sed s,^,/,);;
- esac
- insert_if_absent "$vc_ignore_file" "$pattern"
-}
-
# Die if there is no AC_CONFIG_AUX_DIR($build_aux) line in configure.ac.
found_aux_dir=no
grep '^[ ]*AC_CONFIG_AUX_DIR(\['"$build_aux"'\])' configure.ac \
@@ -665,9 +763,25 @@ if $use_gnulib; then
shallow=
if test -z "$GNULIB_REVISION"; then
git clone -h 2>&1 | grep -- --depth > /dev/null && shallow='--depth 2'
+ git clone $shallow ${GNULIB_URL:-$default_gnulib_url} "$gnulib_path" \
+ || cleanup_gnulib
+ else
+ git fetch -h 2>&1 | grep -- --depth > /dev/null && shallow='--depth 2'
+ mkdir -p "$gnulib_path"
+ # Only want a shallow checkout of $GNULIB_REVISION, but git does not
+ # support cloning by commit hash. So attempt a shallow fetch by commit
+ # hash to minimize the amount of data downloaded and changes needed to
+ # be processed, which can drastically reduce download and processing
+ # time for checkout. If the fetch by commit fails, a shallow fetch can
+ # not be performed because we do not know what the depth of the commit
+ # is without fetching all commits. So fallback to fetching all commits.
+ git -C "$gnulib_path" init
+ git -C "$gnulib_path" remote add origin ${GNULIB_URL:-$default_gnulib_url}
+ git -C "$gnulib_path" fetch $shallow origin "$GNULIB_REVISION" \
+ || git -C "$gnulib_path" fetch origin \
+ || cleanup_gnulib
+ git -C "$gnulib_path" reset --hard FETCH_HEAD
fi
- git clone $shallow ${GNULIB_URL:-$default_gnulib_url} "$gnulib_path" \
- || cleanup_gnulib
trap - 1 2 13 15
fi
@@ -784,75 +898,6 @@ case $SKIP_PO in
fi;;
esac
-symlink_to_dir()
-{
- src=$1/$2
- dst=${3-$2}
-
- test -f "$src" && {
-
- # If the destination directory doesn't exist, create it.
- # This is required at least for "lib/uniwidth/cjk.h".
- dst_dir=$(dirname "$dst")
- if ! test -d "$dst_dir"; then
- mkdir -p "$dst_dir"
-
- # If we've just created a directory like lib/uniwidth,
- # tell version control system(s) it's ignorable.
- # FIXME: for now, this does only one level
- parent=$(dirname "$dst_dir")
- for dot_ig in x $vc_ignore; do
- test $dot_ig = x && continue
- ig=$parent/$dot_ig
- insert_vc_ignore $ig "${dst_dir##*/}"
- done
- fi
-
- if $copy; then
- {
- test ! -h "$dst" || {
- echo "$me: rm -f $dst" &&
- rm -f "$dst"
- }
- } &&
- test -f "$dst" &&
- cmp -s "$src" "$dst" || {
- echo "$me: cp -fp $src $dst" &&
- cp -fp "$src" "$dst"
- }
- else
- # Leave any existing symlink alone, if it already points to the source,
- # so that broken build tools that care about symlink times
- # aren't confused into doing unnecessary builds. Conversely, if the
- # existing symlink's timestamp is older than the source, make it afresh,
- # so that broken tools aren't confused into skipping needed builds. See
- # <https://lists.gnu.org/r/bug-gnulib/2011-05/msg00326.html>.
- test -h "$dst" &&
- src_ls=$(ls -diL "$src" 2>/dev/null) && set $src_ls && src_i=$1 &&
- dst_ls=$(ls -diL "$dst" 2>/dev/null) && set $dst_ls && dst_i=$1 &&
- test "$src_i" = "$dst_i" &&
- both_ls=$(ls -dt "$src" "$dst") &&
- test "X$both_ls" = "X$dst$nl$src" || {
- dot_dots=
- case $src in
- /*) ;;
- *)
- case /$dst/ in
- *//* | */../* | */./* | /*/*/*/*/*/)
- die "invalid symlink calculation: $src -> $dst";;
- /*/*/*/*/) dot_dots=../../../;;
- /*/*/*/) dot_dots=../../;;
- /*/*/) dot_dots=../;;
- esac;;
- esac
-
- echo "$me: ln -fs $dot_dots$src $dst" &&
- ln -fs "$dot_dots$src" "$dst"
- }
- fi
- }
-}
-
version_controlled_file() {
parent=$1
file=$2
@@ -970,7 +1015,7 @@ bootstrap_post_import_hook \
# Uninitialized submodules are listed with an initial dash.
if $use_git && git submodule | grep '^-' >/dev/null; then
die "some git submodules are not initialized. " \
- "Run 'git submodule init' and bootstrap again."
+ "Run 'git submodule update --init' and bootstrap again."
fi
# Remove any dangling symlink matching "*.m4" or "*.[ch]" in some
@@ -1064,7 +1109,7 @@ bootstrap_epilogue
echo "$0: done. Now you can run './configure'."
-# Local variables:
+# Local Variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
diff --git a/bootstrap.conf b/bootstrap.conf
index 71ce943c7d..e4e5f3750a 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -1,6 +1,6 @@
# Bootstrap configuration.
-# Copyright (C) 2006-2019 Free Software Foundation, Inc.
+# Copyright (C) 2006-2022 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -16,11 +16,10 @@
# along with this program. If not, see <https://www.gnu.org/licenses/>.
-GNULIB_REVISION=d271f868a8df9bbec29049d01e056481b7a1a263
+GNULIB_REVISION=9f48fb992a3d7e96610c4ce8be969cff2d61a01b
# gnulib modules used by this package.
-# mbswidth is used by gnulib-fix-width.diff's changes to argp rather than
-# directly.
+# mbswidth is used by fix-width.diff's changes to argp rather than directly.
gnulib_modules="
argp
base64
@@ -67,8 +66,8 @@ SKIP_PO=t
# Build prerequisites
buildreq="\
-autoconf 2.63
-automake 1.11
+autoconf 2.64
+automake 1.14
gettext 0.18.3
git 1.5.5
tar -
@@ -80,11 +79,12 @@ cp -a INSTALL INSTALL.grub
bootstrap_post_import_hook () {
set -e
- for patchname in fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \
- fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width; do
- patch -d grub-core/lib/gnulib -p2 \
- < "grub-core/lib/gnulib-patches/$patchname.patch"
- done
+
+ # Instead of patching our gnulib and therefore maintaining a fork, submit
+ # changes to gnulib and update the hash above when they've merged. Do not
+ # add new patches here.
+ patch -d grub-core/lib/gnulib -p2 < grub-core/lib/gnulib-patches/fix-width.patch
+
for patchname in \
0001-Support-POTFILES-shell \
0002-Handle-gettext_printf-shell-function \
diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index 5eef708338..26ac8765e3 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -31,12 +31,6 @@ EXTRA_DIST += grub-core/gensymlist.sh
EXTRA_DIST += grub-core/genemuinit.sh
EXTRA_DIST += grub-core/genemuinitheader.sh
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-state-deref.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-uninit-structure.patch
-EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch
EXTRA_DIST += grub-core/lib/gnulib-patches/fix-width.patch
EXTRA_DIST += grub-core/lib/libgcrypt
diff --git a/config.h.in b/config.h.in
index c3134309c6..512d1bbe13 100644
--- a/config.h.in
+++ b/config.h.in
@@ -67,10 +67,78 @@
# define _GNU_SOURCE 1
# ifndef _GL_INLINE_HEADER_BEGIN
+/* gnulib gets configured against the host, not the target, and the rest of
+ * our buildsystem works around that. This is difficult to avoid as gnulib's
+ * detection requires a more capable system than our target. Instead, we
+ * reach in and set values appropriately - intentionally setting more than the
+ * bare minimum. If, when updating gnulib, something breaks, there's probably
+ * a change needed here or in grub-core/Makefile.core.def. */
+# define SIZE_MAX ((size_t) -1)
+# define _GL_ATTRIBUTE_ALLOC_SIZE(args) \
+ __attribute__ ((__alloc_size__ args))
+# define _GL_ATTRIBUTE_ALWAYS_INLINE __attribute__ ((__always_inline__))
+# define _GL_ATTRIBUTE_ARTIFICIAL __attribute__ ((__artificial__))
+# define _GL_ATTRIBUTE_COLD __attribute__ ((cold))
# define _GL_ATTRIBUTE_CONST __attribute__ ((const))
+# define _GL_ATTRIBUTE_DEALLOC(f, i) __attribute ((__malloc__ (f, i)))
+# define _GL_ATTRIBUTE_DEALLOC_FREE _GL_ATTRIBUTE_DEALLOC (free, 1)
+# define _GL_ATTRIBUTE_DEPRECATED __attribute__ ((__deprecated__))
+# define _GL_ATTRIBUTE_ERROR(msg) __attribute__ ((__error__ (msg)))
+# define _GL_ATTRIBUTE_EXTERNALLY_VISIBLE \
+ __attribute__ ((externally_visible))
+# define _GL_ATTRIBUTE_FORMAT(spec) __attribute__ ((__format__ spec))
+# define _GL_ATTRIBUTE_LEAF __attribute__ ((__leaf__))
+# define _GL_ATTRIBUTE_MALLOC __attribute__ ((malloc))
+# define _GL_ATTRIBUTE_MAYBE_UNUSED _GL_ATTRIBUTE_UNUSED
+# define _GL_ATTRIBUTE_MAY_ALIAS __attribute__ ((__may_alias__))
+# define _GL_ATTRIBUTE_NODISCARD __attribute__ ((__warn_unused_result__))
+# define _GL_ATTRIBUTE_NOINLINE __attribute__ ((__noinline__))
+# define _GL_ATTRIBUTE_NONNULL(args) __attribute__ ((__nonnull__ args))
+# define _GL_ATTRIBUTE_NONSTRING __attribute__ ((__nonstring__))
+# define _GL_ATTRIBUTE_PACKED __attribute__ ((__packed__))
+# define _GL_ATTRIBUTE_PURE __attribute__ ((__pure__))
+# define _GL_ATTRIBUTE_RETURNS_NONNULL \
+ __attribute__ ((__returns_nonnull__))
+# define _GL_ATTRIBUTE_SENTINEL(pos) __attribute__ ((__sentinel__ pos))
+# define _GL_ATTRIBUTE_UNUSED __attribute__ ((__unused__))
+# define _GL_ATTRIBUTE_WARNING(msg) __attribute__ ((__warning__ (msg)))
+# define _GL_CMP(n1, n2) (((n1) > (n2)) - ((n1) < (n2)))
+# define _GL_GNUC_PREREQ GNUC_PREREQ
+# define _GL_INLINE inline
+# define _GL_UNUSED_LABEL _GL_ATTRIBUTE_UNUSED
+
+/* We can't use __has_attribute for these because gcc-5.1 is too old for
+ * that. Everything above is present in that version, though. */
+# if __GNUC__ >= 7
+# define _GL_ATTRIBUTE_FALLTHROUGH __attribute__ ((fallthrough))
+# else
+# define _GL_ATTRIBUTE_FALLTHROUGH /* empty */
+# endif
+
+# ifndef ASM_FILE
+typedef __INT_FAST32_TYPE__ int_fast32_t;
+typedef __UINT_FAST32_TYPE__ uint_fast32_t;
+# endif
+
+/* Ensure ialloc nests static/non-static inline properly. */
+# define IALLOC_INLINE static inline
+
+/* gnulib uses these for blocking out warnings they can't/won't fix. gnulib
+ * also makes the decision about whether to provide a declaration for
+ * reallocarray() at compile-time, so this is a convenient place to override -
+ * it's used by the ialloc module, which is used by base64. */
+# define _GL_INLINE_HEADER_BEGIN _Pragma ("GCC diagnostic push") \
+ void * \
+ reallocarray (void *ptr, unsigned int nmemb, unsigned int size);
+# define _GL_INLINE_HEADER_END _Pragma ("GCC diagnostic pop")
/* We don't have an abort() for gnulib to call in regexp. */
# define abort __builtin_unreachable
# endif /* !_GL_INLINE_HEADER_BEGIN */
+/* gnulib doesn't build cleanly with older compilers. */
+# if __GNUC__ < 11
+_Pragma ("GCC diagnostic ignored \"-Wtype-limits\"")
+# endif
+
#endif
diff --git a/grub-core/lib/gnulib-patches/fix-null-deref.patch b/grub-core/lib/gnulib-patches/fix-null-deref.patch
deleted file mode 100644
index 8fafa153a4..0000000000
--- a/grub-core/lib/gnulib-patches/fix-null-deref.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/lib/argp-parse.c b/lib/argp-parse.c
-index 6dec57310..900adad54 100644
---- a/lib/argp-parse.c
-+++ b/lib/argp-parse.c
-@@ -940,7 +940,7 @@ weak_alias (__argp_parse, argp_parse)
- void *
- __argp_input (const struct argp *argp, const struct argp_state *state)
- {
-- if (state)
-+ if (state && state->pstate)
- {
- struct group *group;
- struct parser *parser = state->pstate;
diff --git a/grub-core/lib/gnulib-patches/fix-null-state-deref.patch b/grub-core/lib/gnulib-patches/fix-null-state-deref.patch
deleted file mode 100644
index 813ec09c8a..0000000000
--- a/grub-core/lib/gnulib-patches/fix-null-state-deref.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/lib/argp-help.c 2020-10-28 14:32:19.189215988 +0000
-+++ b/lib/argp-help.c 2020-10-28 14:38:21.204673940 +0000
-@@ -145,7 +145,8 @@
- if (*(int *)((char *)upptr + up->uparams_offs) >= upptr->rmargin)
- {
- __argp_failure (state, 0, 0,
-- dgettext (state->root_argp->argp_domain,
-+ dgettext (state == NULL ? NULL
-+ : state->root_argp->argp_domain,
- "\
- ARGP_HELP_FMT: %s value is less than or equal to %s"),
- "rmargin", up->name);
diff --git a/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch b/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
deleted file mode 100644
index 02e06315df..0000000000
--- a/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- a/lib/regcomp.c 2020-11-24 17:06:08.159223858 +0000
-+++ b/lib/regcomp.c 2020-11-24 17:06:15.630253923 +0000
-@@ -3808,11 +3808,7 @@
- create_tree (re_dfa_t *dfa, bin_tree_t *left, bin_tree_t *right,
- re_token_type_t type)
- {
-- re_token_t t;
--#if defined GCC_LINT || defined lint
-- memset (&t, 0, sizeof t);
--#endif
-- t.type = type;
-+ re_token_t t = { .type = type };
- return create_token_tree (dfa, left, right, &t);
- }
-
diff --git a/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch b/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
deleted file mode 100644
index db6dac9c9e..0000000000
--- a/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/lib/regexec.c 2020-10-21 14:25:35.310195912 +0000
-+++ b/lib/regexec.c 2020-11-05 10:55:09.621542984 +0000
-@@ -1692,6 +1692,9 @@
- {
- Idx top = mctx->state_log_top;
-
-+ if (mctx->state_log == NULL)
-+ return REG_NOERROR;
-+
- if ((next_state_log_idx >= mctx->input.bufs_len
- && mctx->input.bufs_len < mctx->input.len)
- || (next_state_log_idx >= mctx->input.valid_len
diff --git a/grub-core/lib/gnulib-patches/fix-uninit-structure.patch b/grub-core/lib/gnulib-patches/fix-uninit-structure.patch
deleted file mode 100644
index 7b4d9f67af..0000000000
--- a/grub-core/lib/gnulib-patches/fix-uninit-structure.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/lib/regcomp.c 2020-10-22 13:49:06.770168928 +0000
-+++ b/lib/regcomp.c 2020-10-22 13:50:37.026528298 +0000
-@@ -3662,7 +3662,7 @@
- Idx alloc = 0;
- #endif /* not RE_ENABLE_I18N */
- reg_errcode_t ret;
-- re_token_t br_token;
-+ re_token_t br_token = {0};
- bin_tree_t *tree;
-
- sbcset = (re_bitset_ptr_t) calloc (sizeof (bitset_t), 1);
diff --git a/grub-core/lib/gnulib-patches/fix-unused-value.patch b/grub-core/lib/gnulib-patches/fix-unused-value.patch
deleted file mode 100644
index ba51f1bf22..0000000000
--- a/grub-core/lib/gnulib-patches/fix-unused-value.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/lib/regexec.c 2020-10-21 14:25:35.310195912 +0000
-+++ b/lib/regexec.c 2020-10-21 14:32:07.961765604 +0000
-@@ -828,7 +828,11 @@
- break;
- if (__glibc_unlikely (err != REG_NOMATCH))
- goto free_return;
-+#ifdef DEBUG
-+ /* Only used for assertion below when DEBUG is set, otherwise
-+ it will be over-written when we loop around. */
- match_last = -1;
-+#endif
- }
- else
- break; /* We found a match. */

73
0206-grub-core-loader-i386-efi-linux.c-do-not-validate-ke.patch
View File

@ -1,73 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Date: Thu, 3 Mar 2022 13:10:56 +0100
Subject: [PATCH] grub-core/loader/i386/efi/linux.c: do not validate kernels
twice
On codebases that have shim-lock-verifier built into the grub core
(like 2.06 upstream), shim-lock-verifier is in enforcing mode when
booted with secureboot. It means that grub_cmd_linux() command
attempts to perform shim validate upon opening linux kernel image,
including kernel measurement. And the verifier correctly returns file
open error when shim validate protocol is not present or shim fails to
validate the kernel.
This makes the call to grub_linuxefi_secure_validate() redundant, but
also harmful. As validating the kernel image twice, extends the PCRs
with the same measurement twice. Which breaks existing sealing
policies when upgrading from grub2.04+rhboot+sb+linuxefi to
grub2.06+rhboot+sb+linuxefi builds. It is also incorrect to measure
the kernel twice.
This patch must not be ported to older editions of grub code bases
that do not have verifiers framework, or it is not builtin, or
shim-lock-verifier is an optional module.
This patch is tested to ensure that unsigned kernels are not possible
to boot in secureboot mode when shim rejects kernel, or shim protocol
is missing, and that the measurements become stable once again. The
above also ensures that CVE-2020-15705 is not reintroduced.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
grub-core/loader/i386/efi/linux.c | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 3cf0f9b330..941df6400b 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -30,7 +30,6 @@
#include <grub/cpu/efi/memory.h>
#include <grub/tpm.h>
#include <grub/safemath.h>
-#include <grub/efi/sb.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -278,7 +277,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_ssize_t start, filelen;
void *kernel = NULL;
int setup_header_end_offset;
- int rc;
grub_dl_ref (my_mod);
@@ -308,17 +306,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
- if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED)
- {
- rc = grub_linuxefi_secure_validate (kernel, filelen);
- if (rc <= 0)
- {
- grub_error (GRUB_ERR_INVALID_COMMAND,
- N_("%s has invalid signature"), argv[0]);
- goto fail;
- }
- }
-
lh = (struct linux_i386_kernel_header *)kernel;
grub_dprintf ("linux", "original lh is at %p\n", kernel);

58
0207-grub-core-loader-arm64-linux.c-do-not-validate-kerne.patch
View File

@ -1,58 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Date: Fri, 4 Mar 2022 11:29:31 +0100
Subject: [PATCH] grub-core/loader/arm64/linux.c: do not validate kernel twice
Call to grub_file_open(, GRUB_FILE_TYPE_LINUX_KERNEL) already passes
the kernel file through shim-lock verifier when secureboot is on. Thus
there is no need to validate the kernel image again. And when doing so
again, duplicate PCR measurement is performed, breaking measurements
compatibility with 2.04+linuxefi.
This patch must not be ported to older editions of grub code bases
that do not have verifiers framework, or it is not builtin, or
shim-lock-verifier is an optional module.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
grub-core/loader/arm64/linux.c | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index f18d90bd74..d2af47c2c0 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -34,7 +34,6 @@
#include <grub/i18n.h>
#include <grub/lib/cmdline.h>
#include <grub/verify.h>
-#include <grub/efi/sb.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -341,7 +340,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_off_t filelen;
grub_uint32_t align;
void *kernel = NULL;
- int rc;
grub_dl_ref (my_mod);
@@ -370,17 +368,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
- if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED)
- {
- rc = grub_linuxefi_secure_validate (kernel, filelen);
- if (rc <= 0)
- {
- grub_error (GRUB_ERR_INVALID_COMMAND,
- N_("%s has invalid signature"), argv[0]);
- goto fail;
- }
- }
-
if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE)
goto fail;
if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE)

80
0208-grub-core-loader-efi-chainloader.c-do-not-validate-c.patch
View File

@ -1,80 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Date: Fri, 4 Mar 2022 09:31:43 +0100
Subject: [PATCH] grub-core/loader/efi/chainloader.c: do not validate
chainloader twice
On secureboot systems, with shimlock verifier, call to
grub_file_open(, GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE) will already
pass the chainloader target through shim-lock protocol verify
call. And create a TPM measurement. If verification fails,
grub_cmd_chainloader will fail at file open time.
This makes previous code paths for negative, and zero return codes
from grub_linuxefi_secure_validate unreachable under secureboot. But
also breaking measurements compatibility with 2.04+linuxefi codebases,
as the chainloader file is passed through shim_lock->verify() twice
(via verifier & direct call to grub_linuxefi_secure_validate)
extending the PCRs twice.
This reduces grub_loader options to perform
grub_secureboot_chainloader when secureboot is on, and otherwise
attempt grub_chainloader_boot.
It means that booting with secureboot off, yet still with shim (which
always verifies things successfully), will stop choosing
grub_secureboot_chainloader, and opting for a more regular
loadimage/startimage codepath. If we want to use the
grub_secureboot_chainloader codepath in such scenarios we should adapt
the code to simply check for shim_lock protocol presence /
shim_lock->context() success?! But I am not sure if that is necessary.
This patch must not be ported to older editions of grub code bases
that do not have verifiers framework, or it is not builtin, or
shim-lock-verifier is an optional module.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
grub-core/loader/efi/chainloader.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index 3af6b12292..644cd2e56f 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -906,7 +906,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
grub_efi_device_path_t *dp = 0;
char *filename;
void *boot_image = 0;
- int rc;
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
@@ -1082,9 +1081,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
orig_dev = 0;
}
- rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize);
- grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc);
- if (rc > 0)
+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED)
{
grub_file_close (file);
grub_device_close (dev);
@@ -1092,7 +1089,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
grub_secureboot_chainloader_unload, 0);
return 0;
}
- else if (rc == 0)
+ else
{
grub_load_and_start_image(boot_image);
grub_file_close (file);
@@ -1101,7 +1098,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
return 0;
}
- // -1 fall-through to fail
fail:
if (orig_dev)

83
0209-grub-core-loader-efi-linux.c-drop-now-unused-grub_li.patch
View File

@ -1,83 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Date: Fri, 4 Mar 2022 11:36:09 +0100
Subject: [PATCH] grub-core/loader/efi/linux.c: drop now unused
grub_linuxefi_secure_validate
Drop the now unused grub_linuxefi_secure_validate() as all prior users
of this API now rely on the shim-lock-verifier codepath instead.
This patch must not be ported to older editions of grub code bases
that do not have verifiers framework, or it is not builtin, or
shim-lock-verifier is an optional module.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
grub-core/loader/efi/linux.c | 40 ----------------------------------------
include/grub/efi/linux.h | 2 --
2 files changed, 42 deletions(-)
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index 9260731c10..9265cf4200 100644
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@@ -24,46 +24,6 @@
#include <grub/efi/pe32.h>
#include <grub/efi/linux.h>
-#define SHIM_LOCK_GUID \
- { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} }
-
-struct grub_efi_shim_lock
-{
- grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size);
-};
-typedef struct grub_efi_shim_lock grub_efi_shim_lock_t;
-
-// Returns 1 on success, -1 on error, 0 when not available
-int
-grub_linuxefi_secure_validate (void *data, grub_uint32_t size)
-{
- grub_efi_guid_t guid = SHIM_LOCK_GUID;
- grub_efi_shim_lock_t *shim_lock;
- grub_efi_status_t status;
-
- shim_lock = grub_efi_locate_protocol(&guid, NULL);
- grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock);
- if (!shim_lock)
- {
- grub_dprintf ("secureboot", "shim not available\n");
- return 0;
- }
-
- grub_dprintf ("secureboot", "Asking shim to verify kernel signature\n");
- status = shim_lock->verify (data, size);
- grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", (long int)status);
- if (status == GRUB_EFI_SUCCESS)
- {
- grub_dprintf ("secureboot", "Kernel signature verification passed\n");
- return 1;
- }
-
- grub_dprintf ("secureboot", "Kernel signature verification failed (0x%lx)\n",
- (unsigned long) status);
-
- return -1;
-}
-
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-align"
diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h
index 0033d9305a..887b02fd9f 100644
--- a/include/grub/efi/linux.h
+++ b/include/grub/efi/linux.h
@@ -22,8 +22,6 @@
#include <grub/err.h>
#include <grub/symbol.h>
-int
-EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size);
grub_err_t
EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset,
void *kernel_param);

101
0219-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch
View File

@ -1,101 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Thu, 2 Dec 2021 15:03:53 +0100
Subject: [PATCH] kern/efi/sb: Reject non-kernel files in the shim_lock
verifier
We must not allow other verifiers to pass things like the GRUB modules.
Instead of maintaining a blocklist, maintain an allowlist of things
that we do not care about.
This allowlist really should be made reusable, and shared by the
lockdown verifier, but this is the minimal patch addressing
security concerns where the TPM verifier was able to mark modules
as verified (or the OpenPGP verifier for that matter), when it
should not do so on shim-powered secure boot systems.
Fixes: CVE-2022-28735
Signed-off-by: Julian Andres Klode <julian.klode@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit fa61ad69861c1cb3f68bf853d78fae7fd93986a0)
---
grub-core/kern/efi/sb.c | 39 ++++++++++++++++++++++++++++++++++++---
include/grub/verify.h | 1 +
2 files changed, 37 insertions(+), 3 deletions(-)
diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
index c52ec6226a..89c4bb3fd1 100644
--- a/grub-core/kern/efi/sb.c
+++ b/grub-core/kern/efi/sb.c
@@ -119,10 +119,11 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
void **context __attribute__ ((unused)),
enum grub_verify_flags *flags)
{
- *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
+ *flags = GRUB_VERIFY_FLAGS_NONE;
switch (type & GRUB_FILE_TYPE_MASK)
{
+ /* Files we check. */
case GRUB_FILE_TYPE_LINUX_KERNEL:
case GRUB_FILE_TYPE_MULTIBOOT_KERNEL:
case GRUB_FILE_TYPE_BSD_KERNEL:
@@ -130,11 +131,43 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
case GRUB_FILE_TYPE_PLAN9_KERNEL:
case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE:
*flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK;
+ return GRUB_ERR_NONE;
- /* Fall through. */
+ /* Files that do not affect secureboot state. */
+ case GRUB_FILE_TYPE_NONE:
+ case GRUB_FILE_TYPE_LOOPBACK:
+ case GRUB_FILE_TYPE_LINUX_INITRD:
+ case GRUB_FILE_TYPE_OPENBSD_RAMDISK:
+ case GRUB_FILE_TYPE_XNU_RAMDISK:
+ case GRUB_FILE_TYPE_SIGNATURE:
+ case GRUB_FILE_TYPE_PUBLIC_KEY:
+ case GRUB_FILE_TYPE_PUBLIC_KEY_TRUST:
+ case GRUB_FILE_TYPE_PRINT_BLOCKLIST:
+ case GRUB_FILE_TYPE_TESTLOAD:
+ case GRUB_FILE_TYPE_GET_SIZE:
+ case GRUB_FILE_TYPE_FONT:
+ case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY:
+ case GRUB_FILE_TYPE_CAT:
+ case GRUB_FILE_TYPE_HEXCAT:
+ case GRUB_FILE_TYPE_CMP:
+ case GRUB_FILE_TYPE_HASHLIST:
+ case GRUB_FILE_TYPE_TO_HASH:
+ case GRUB_FILE_TYPE_KEYBOARD_LAYOUT:
+ case GRUB_FILE_TYPE_PIXMAP:
+ case GRUB_FILE_TYPE_GRUB_MODULE_LIST:
+ case GRUB_FILE_TYPE_CONFIG:
+ case GRUB_FILE_TYPE_THEME:
+ case GRUB_FILE_TYPE_GETTEXT_CATALOG:
+ case GRUB_FILE_TYPE_FS_SEARCH:
+ case GRUB_FILE_TYPE_LOADENV:
+ case GRUB_FILE_TYPE_SAVEENV:
+ case GRUB_FILE_TYPE_VERIFY_SIGNATURE:
+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
+ return GRUB_ERR_NONE;
+ /* Other files. */
default:
- return GRUB_ERR_NONE;
+ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("prohibited by secure boot policy"));
}
}
diff --git a/include/grub/verify.h b/include/grub/verify.h
index cd129c398f..672ae16924 100644
--- a/include/grub/verify.h
+++ b/include/grub/verify.h
@@ -24,6 +24,7 @@
enum grub_verify_flags
{
+ GRUB_VERIFY_FLAGS_NONE = 0,
GRUB_VERIFY_FLAGS_SKIP_VERIFICATION = 1,
GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2,
/* Defer verification to another authority. */

134
0244-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch
View File

@ -1,134 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Darren Kenny <darren.kenny@oracle.com>
Date: Tue, 29 Mar 2022 15:52:46 +0000
Subject: [PATCH] fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing
The fuzzer is generating btrfs file systems that have chunks with
invalid combinations of stripes and substripes for the given RAID
configurations.
After examining the Linux kernel fs/btrfs/tree-checker.c code, it
appears that sub-stripes should only be applied to RAID10, and in that
case there should only ever be 2 of them.
Similarly, RAID single should only have 1 stripe, and RAID1/1C3/1C4
should have 2. 3 or 4 stripes respectively, which is what redundancy
corresponds.
Some of the chunks ended up with a size of 0, which grub_malloc() still
returned memory for and in turn generated ASAN errors later when
accessed.
While it would be possible to specifically limit the number of stripes,
a more correct test was on the combination of the chunk item, and the
number of stripes by the size of the chunk stripe structure in
comparison to the size of the chunk itself.
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 3849647b4b98a4419366708fc4b7f339c6f55ec7)
---
grub-core/fs/btrfs.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
index 2fcfb738fe..0e9b450413 100644
--- a/grub-core/fs/btrfs.c
+++ b/grub-core/fs/btrfs.c
@@ -941,6 +941,12 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
return grub_error (GRUB_ERR_BAD_FS,
"couldn't find the chunk descriptor");
+ if (!chsize)
+ {
+ grub_dprintf ("btrfs", "zero-size chunk\n");
+ return grub_error (GRUB_ERR_BAD_FS,
+ "got an invalid zero-size chunk");
+ }
chunk = grub_malloc (chsize);
if (!chunk)
return grub_errno;
@@ -999,6 +1005,16 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
stripe_length = grub_divmod64 (grub_le_to_cpu64 (chunk->size),
nstripes,
NULL);
+
+ /* For single, there should be exactly 1 stripe. */
+ if (grub_le_to_cpu16 (chunk->nstripes) != 1)
+ {
+ grub_dprintf ("btrfs", "invalid RAID_SINGLE: nstripes != 1 (%u)\n",
+ grub_le_to_cpu16 (chunk->nstripes));
+ return grub_error (GRUB_ERR_BAD_FS,
+ "invalid RAID_SINGLE: nstripes != 1 (%u)",
+ grub_le_to_cpu16 (chunk->nstripes));
+ }
if (stripe_length == 0)
stripe_length = 512;
stripen = grub_divmod64 (off, stripe_length, &stripe_offset);
@@ -1018,6 +1034,19 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
stripen = 0;
stripe_offset = off;
csize = grub_le_to_cpu64 (chunk->size) - off;
+
+ /*
+ * Redundancy, and substripes only apply to RAID10, and there
+ * should be exactly 2 sub-stripes.
+ */
+ if (grub_le_to_cpu16 (chunk->nstripes) != redundancy)
+ {
+ grub_dprintf ("btrfs", "invalid RAID1: nstripes != %u (%u)\n",
+ redundancy, grub_le_to_cpu16 (chunk->nstripes));
+ return grub_error (GRUB_ERR_BAD_FS,
+ "invalid RAID1: nstripes != %u (%u)",
+ redundancy, grub_le_to_cpu16 (chunk->nstripes));
+ }
break;
}
case GRUB_BTRFS_CHUNK_TYPE_RAID0:
@@ -1054,6 +1083,20 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
stripe_offset = low + chunk_stripe_length
* high;
csize = chunk_stripe_length - low;
+
+ /*
+ * Substripes only apply to RAID10, and there
+ * should be exactly 2 sub-stripes.
+ */
+ if (grub_le_to_cpu16 (chunk->nsubstripes) != 2)
+ {
+ grub_dprintf ("btrfs", "invalid RAID10: nsubstripes != 2 (%u)",
+ grub_le_to_cpu16 (chunk->nsubstripes));
+ return grub_error (GRUB_ERR_BAD_FS,
+ "invalid RAID10: nsubstripes != 2 (%u)",
+ grub_le_to_cpu16 (chunk->nsubstripes));
+ }
+
break;
}
case GRUB_BTRFS_CHUNK_TYPE_RAID5:
@@ -1153,6 +1196,8 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
for (j = 0; j < 2; j++)
{
+ grub_size_t est_chunk_alloc = 0;
+
grub_dprintf ("btrfs", "chunk 0x%" PRIxGRUB_UINT64_T
"+0x%" PRIxGRUB_UINT64_T
" (%d stripes (%d substripes) of %"
@@ -1165,6 +1210,16 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
grub_dprintf ("btrfs", "reading laddr 0x%" PRIxGRUB_UINT64_T "\n",
addr);
+ if (grub_mul (sizeof (struct grub_btrfs_chunk_stripe),
+ grub_le_to_cpu16 (chunk->nstripes), &est_chunk_alloc) ||
+ grub_add (est_chunk_alloc,
+ sizeof (struct grub_btrfs_chunk_item), &est_chunk_alloc) ||
+ est_chunk_alloc > chunk->size)
+ {
+ err = GRUB_ERR_BAD_FS;
+ break;
+ }
+
if (is_raid56)
{
err = btrfs_read_from_chunk (data, chunk, stripen,

75
0245-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch
View File

@ -1,75 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Darren Kenny <darren.kenny@oracle.com>
Date: Thu, 7 Apr 2022 15:18:12 +0000
Subject: [PATCH] fs/btrfs: Fix more fuzz issues related to chunks
The corpus we generating issues in grub_btrfs_read_logical() when
attempting to iterate over nstripes entries in the boot mapping.
In most cases the reason for the failure was that the number of strips
exceeded the possible space statically allocated in superblock bootmapping
space. Each stripe entry in the bootmapping block consists of
a grub_btrfs_key followed by a grub_btrfs_chunk_stripe.
Another issue that came up was that while calculating the chunk size,
in an earlier piece of code in that function, depending on the data
provided in the btrfs file system, it would end up calculating a size
that was too small to contain even 1 grub_btrfs_chunk_item, which is
obviously invalid too.
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit e00cd76cbadcc897a9cc4087cb2fcb5dbe15e596)
---
grub-core/fs/btrfs.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
index 0e9b450413..47325f6ad7 100644
--- a/grub-core/fs/btrfs.c
+++ b/grub-core/fs/btrfs.c
@@ -947,6 +947,17 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
return grub_error (GRUB_ERR_BAD_FS,
"got an invalid zero-size chunk");
}
+
+ /*
+ * The space being allocated for a chunk should at least be able to
+ * contain one chunk item.
+ */
+ if (chsize < sizeof (struct grub_btrfs_chunk_item))
+ {
+ grub_dprintf ("btrfs", "chunk-size too small\n");
+ return grub_error (GRUB_ERR_BAD_FS,
+ "got an invalid chunk size");
+ }
chunk = grub_malloc (chsize);
if (!chunk)
return grub_errno;
@@ -1194,6 +1205,13 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
if (csize > (grub_uint64_t) size)
csize = size;
+ /*
+ * The space for a chunk stripe is limited to the space provide in the super-block's
+ * bootstrap mapping with an initial btrfs key at the start of each chunk.
+ */
+ grub_size_t avail_stripes = sizeof (data->sblock.bootstrap_mapping) /
+ (sizeof (struct grub_btrfs_key) + sizeof (struct grub_btrfs_chunk_stripe));
+
for (j = 0; j < 2; j++)
{
grub_size_t est_chunk_alloc = 0;
@@ -1220,6 +1238,12 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr,
break;
}
+ if (grub_le_to_cpu16 (chunk->nstripes) > avail_stripes)
+ {
+ err = GRUB_ERR_BAD_FS;
+ break;
+ }
+
if (is_raid56)
{
err = btrfs_read_from_chunk (data, chunk, stripen,

25
0259-grub-probe-document-the-behavior-of-multiple-v.patch
View File

@ -1,25 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Fri, 15 Jul 2022 15:49:25 -0400
Subject: [PATCH] grub-probe: document the behavior of multiple -v
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 51a55233eed08f7f12276afd6b3724b807a0b680)
---
util/grub-probe.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/util/grub-probe.c b/util/grub-probe.c
index c6fac732b4..ba867319a7 100644
--- a/util/grub-probe.c
+++ b/util/grub-probe.c
@@ -732,7 +732,8 @@ static struct argp_option options[] = {
{"device-map", 'm', N_("FILE"), 0,
N_("use FILE as the device map [default=%s]"), 0},
{"target", 't', N_("TARGET"), 0, 0, 0},
- {"verbose", 'v', 0, 0, N_("print verbose messages."), 0},
+ {"verbose", 'v', 0, 0,
+ N_("print verbose messages (pass twice to enable debug printing)."), 0},
{0, '0', 0, 0, N_("separate items in output using ASCII NUL characters"), 0},
{ 0, 0, 0, 0, 0, 0 }
};

43
0260-grub_fs_probe-dprint-errors-from-filesystems.patch
View File

@ -1,43 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Fri, 15 Jul 2022 15:39:41 -0400
Subject: [PATCH] grub_fs_probe(): dprint errors from filesystems
When filesystem detection fails, all that's currently debug-logged is a
series of messages like:
grub-core/kern/fs.c:56:fs: Detecting ntfs...
grub-core/kern/fs.c:76:fs: ntfs detection failed.
repeated for each filesystem. Any messages provided to grub_error() by
the filesystem are lost, and one has to break out gdb to figure out what
went wrong.
With this change, one instead sees:
grub-core/kern/fs.c:56:fs: Detecting fat...
grub-core/osdep/hostdisk.c:357:hostdisk: reusing open device
`/path/to/device'
grub-core/kern/fs.c:77:fs: error: invalid modification timestamp for /.
grub-core/kern/fs.c:79:fs: fat detection failed.
in the debug prints.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 838c79d658797d0662ee7f9e033e38ee88059e02)
---
grub-core/kern/fs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c
index c698295bcb..b58e2ae1d2 100644
--- a/grub-core/kern/fs.c
+++ b/grub-core/kern/fs.c
@@ -74,6 +74,7 @@ grub_fs_probe (grub_device_t device)
if (grub_errno == GRUB_ERR_NONE)
return p;
+ grub_dprintf ("fs", _("error: %s.\n"), grub_errmsg);
grub_error_push ();
grub_dprintf ("fs", "%s detection failed.\n", p->name);
grub_error_pop ();

64
0261-fs-fat-don-t-error-when-mtime-is-0.patch
View File

@ -1,64 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Fri, 15 Jul 2022 15:42:41 -0400
Subject: [PATCH] fs/fat: don't error when mtime is 0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In the wild, we occasionally see valid ESPs where some file modification times
are 0. For instance:
├── [Dec 31 1979] EFI
│ ├── [Dec 31 1979] BOOT
│ │ ├── [Dec 31 1979] BOOTX64.EFI
│ │ └── [Dec 31 1979] fbx64.efi
│ └── [Jun 27 02:41] fedora
│ ├── [Dec 31 1979] BOOTX64.CSV
│ ├── [Dec 31 1979] fonts
│ ├── [Mar 14 03:35] fw
│ │ ├── [Mar 14 03:35] fwupd-359c1169-abd6-4a0d-8bce-e4d4713335c1.cap
│ │ ├── [Mar 14 03:34] fwupd-9d255c4b-2d88-4861-860d-7ee52ade9463.cap
│ │ └── [Mar 14 03:34] fwupd-b36438d8-9128-49d2-b280-487be02d948b.cap
│ ├── [Dec 31 1979] fwupdx64.efi
│ ├── [May 10 10:47] grub.cfg
│ ├── [Jun 3 12:38] grub.cfg.new.new
│ ├── [May 10 10:41] grub.cfg.old
│ ├── [Jun 27 02:41] grubenv
│ ├── [Dec 31 1979] grubx64.efi
│ ├── [Dec 31 1979] mmx64.efi
│ ├── [Dec 31 1979] shim.efi
│ ├── [Dec 31 1979] shimx64.efi
│ └── [Dec 31 1979] shimx64-fedora.efi
└── [Dec 31 1979] FSCK0000.REC
5 directories, 17 files
This causes grub-probe failure, which in turn causes grub-mkconfig
failure. They are valid filesystems that appear intact, and the Linux
FAT stack is able to mount and manipulate them without complaint.
The check for mtime of 0 has been present since
20def1a3c3952982395cd7c3ea7e78638527962b ("fat: support file
modification times").
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 0615c4887352e32d7bb7198e9ad0d695f9dc2c31)
---
grub-core/fs/fat.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/grub-core/fs/fat.c b/grub-core/fs/fat.c
index dd82e4ee35..ff6200c5be 100644
--- a/grub-core/fs/fat.c
+++ b/grub-core/fs/fat.c
@@ -1027,9 +1027,6 @@ grub_fat_dir (grub_device_t device, const char *path, grub_fs_dir_hook_t hook,
grub_le_to_cpu16 (ctxt.dir.w_date),
&info.mtime);
#endif
- if (info.mtimeset == 0)
- grub_error (GRUB_ERR_OUT_OF_RANGE,
- "invalid modification timestamp for %s", path);
if (hook (ctxt.filename, &info, hook_data))
break;

57
0265-efi-allocate-the-initrd-within-the-bounds-expressed-.patch
View File

@ -1,57 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 1 Aug 2022 14:07:50 -0400
Subject: [PATCH] efi: allocate the initrd within the bounds expressed by the
kernel
Currently on x86, only linux kernels built with CONFIG_RELOCATABLE for
x86_64 can be loaded above 4G, but the maximum address for the initramfs
is specified via a HdrS field. This allows us to utilize that value,
and unless loading the kernel above 4G, uses the value present there.
If loading kernel above 4G is allowed, we assume loading the initramfs
above 4G also works; in practice this has been true in the kernel code
for quite some time.
Resolves: rhbz#2112134
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/loader/i386/efi/linux.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index e6b8998e5e..d003b474ee 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -190,6 +190,8 @@ grub_linuxefi_unload (void *data)
cmd_initrdefi->data = 0;
grub_free (context);
+ max_addresses[INITRD_MAX_ADDRESS].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
+
return GRUB_ERR_NONE;
}
@@ -426,11 +428,13 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
}
#endif
+ max_addresses[INITRD_MAX_ADDRESS].addr = lh->initrd_addr_max;
#if defined(__x86_64__)
if (lh->xloadflags & LINUX_XLF_CAN_BE_LOADED_ABOVE_4G)
{
grub_dprintf ("linux", "Loading kernel above 4GB is supported; enabling.\n");
max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_USABLE_ADDRESS;
+ max_addresses[INITRD_MAX_ADDRESS].addr = GRUB_EFI_MAX_USABLE_ADDRESS;
}
else
{
@@ -560,6 +564,8 @@ fail:
grub_dl_unref (my_mod);
+ max_addresses[INITRD_MAX_ADDRESS].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS;
+
if (lh)
kernel_free (cmdline, lh->cmdline_size + 1);

27
0267-BLS-create-etc-kernel-cmdline-during-mkconfig.patch
View File

@ -1,27 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 2 Aug 2022 15:56:28 -0400
Subject: [PATCH] BLS: create /etc/kernel/cmdline during mkconfig
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
util/grub.d/10_linux.in | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 865af3d6c4..9ebff661a9 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -161,6 +161,12 @@ update_bls_cmdline()
local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
local -a files=($(get_sorted_bls))
+ if [[ ! -f /etc/kernel/cmdline ]]; then
+ # anaconda has the correct information to do this during install;
+ # afterward, grubby will take care of syncing on updates.
+ echo "$cmdline rhgb quiet" > /etc/kernel/cmdline
+ fi
+
for bls in "${files[@]}"; do
local options="${cmdline}"
if [ -z "${bls##*debug*}" ]; then

35
0268-squish-don-t-dup-rhgb-quiet-check-mtimes.patch
View File

@ -1,35 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 17 Aug 2022 10:26:07 -0400
Subject: [PATCH] squish: don't dup rhgb quiet, check mtimes
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
util/grub.d/10_linux.in | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 9ebff661a9..41c6cb1dc2 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -161,10 +161,16 @@ update_bls_cmdline()
local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
local -a files=($(get_sorted_bls))
- if [[ ! -f /etc/kernel/cmdline ]]; then
- # anaconda has the correct information to do this during install;
- # afterward, grubby will take care of syncing on updates.
- echo "$cmdline rhgb quiet" > /etc/kernel/cmdline
+ if [[ ! -f /etc/kernel/cmdline ]] ||
+ [[ /etc/kernel/cmdline -ot /etc/default/grub ]]; then
+ # anaconda has the correct information to create this during install;
+ # afterward, grubby will take care of syncing on updates. If the user
+ # has modified /etc/default/grub, try to cope.
+ if [[ ! "$cmdline" =~ "rhgb quiet" ]]; then
+ # ensure these only show up once
+ cmdline="$cmdline rhgb quiet"
+ fi
+ echo "$cmdline" > /etc/kernel/cmdline
fi
for bls in "${files[@]}"; do

25
0269-squish-give-up-on-rhgb-quiet.patch
View File

@ -1,25 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 17 Aug 2022 11:30:30 -0400
Subject: [PATCH] squish: give up on rhgb quiet
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
util/grub.d/10_linux.in | 4 ----
1 file changed, 4 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 41c6cb1dc2..5d1fa072f2 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -166,10 +166,6 @@ update_bls_cmdline()
# anaconda has the correct information to create this during install;
# afterward, grubby will take care of syncing on updates. If the user
# has modified /etc/default/grub, try to cope.
- if [[ ! "$cmdline" =~ "rhgb quiet" ]]; then
- # ensure these only show up once
- cmdline="$cmdline rhgb quiet"
- fi
echo "$cmdline" > /etc/kernel/cmdline
fi

57
0270-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch
View File

@ -1,57 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Wed, 17 Aug 2022 10:26:03 -0400
Subject: [PATCH] squish: BLS: only write /etc/kernel/cmdline if writable
On OSTree systems, `grub2-mkconfig` is run with `/etc` mounted read-only
because as part of the promise of transactional updates, we want to make
sure that we're not modifying the current deployment's state (`/etc` or
`/var`).
This conflicts with 0837dcdf1 ("BLS: create /etc/kernel/cmdline during
mkconfig") which wants to write to `/etc/kernel/cmdline`. I'm not
exactly sure on the background there, but based on the comment I think
the intent is to fulfill grubby's expectation that the file exists.
However, in systems like Silverblue, kernel arguments are managed by the
rpm-ostree stack and grubby is not shipped at all.
Adjust the script slightly so that we only write `/etc/kernel/cmdline`
if the parent directory is writable.
In the future, we're hoping to simplify things further on rpm-ostree
systems by not running `grub2-mkconfig` at all since libostree already
directly writes BLS entries. Doing that would also have avoided this,
but ratcheting it into existing systems needs more careful thought.
Signed-off-by: Jonathan Lebon <jonathan@jlebon.com>
Fixes: https://github.com/fedora-silverblue/issue-tracker/issues/322
---
util/grub.d/10_linux.in | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 5d1fa072f2..4795a63b4c 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -161,12 +161,13 @@ update_bls_cmdline()
local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
local -a files=($(get_sorted_bls))
- if [[ ! -f /etc/kernel/cmdline ]] ||
- [[ /etc/kernel/cmdline -ot /etc/default/grub ]]; then
- # anaconda has the correct information to create this during install;
- # afterward, grubby will take care of syncing on updates. If the user
- # has modified /etc/default/grub, try to cope.
- echo "$cmdline" > /etc/kernel/cmdline
+ if [ -w /etc/kernel ] &&
+ [[ ! -f /etc/kernel/cmdline ||
+ /etc/kernel/cmdline -ot /etc/default/grub ]]; then
+ # anaconda has the correct information to create this during install;
+ # afterward, grubby will take care of syncing on updates. If the user
+ # has modified /etc/default/grub, try to cope.
+ echo "$cmdline" > /etc/kernel/cmdline
fi
for bls in "${files[@]}"; do

27
0271-blscfg-Don-t-root-device-in-emu-builds.patch
View File

@ -1,27 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 25 Aug 2022 17:57:55 -0400
Subject: [PATCH] blscfg: Don't root device in emu builds
Otherwise, we end up looking for kernel/initrd in /boot/boot which
doesn't work at all. Non-emu builds need to be looking in
($root)/boot/, which is what this is for.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/commands/blscfg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c
index e907a6a5d2..dbd0899acf 100644
--- a/grub-core/commands/blscfg.c
+++ b/grub-core/commands/blscfg.c
@@ -41,7 +41,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
#define GRUB_BLS_CONFIG_PATH "/loader/entries/"
#ifdef GRUB_MACHINE_EMU
-#define GRUB_BOOT_DEVICE "/boot"
+#define GRUB_BOOT_DEVICE ""
#else
#define GRUB_BOOT_DEVICE "($root)"
#endif

43
0272-loader-arm64-linux-Remove-magic-number-header-field-.patch
View File

@ -1,43 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Ard Biesheuvel <ardb@kernel.org>
Date: Thu, 11 Aug 2022 16:51:57 +0200
Subject: [PATCH] loader/arm64/linux: Remove magic number header field check
The "ARM\x64" magic number in the file header identifies an image as one
that implements the bare metal boot protocol, allowing the loader to
simply move the file to a suitably aligned address in memory, with
sufficient headroom for the trailing .bss segment (the required memory
size is described in the header as well).
Note of this matters for GRUB, as it only supports EFI boot. EFI does
not care about this magic number, and nor should GRUB: this prevents us
from booting other PE linux images, such as the generic EFI zboot
decompressor, which is a pure PE/COFF image, and does not implement the
bare metal boot protocol.
So drop the magic number check.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Resolves: rhbz#2125069
Signed-off-by: Jeremy Linton <jlinton@redhat.com>
(cherry-picked from commit 69edb31205602c29293a8c6e67363bba2a4a1e66)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/loader/arm64/linux.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index de85583487..489d0c7173 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -55,9 +55,6 @@ static grub_addr_t initrd_end;
grub_err_t
grub_arch_efi_linux_check_image (struct linux_arch_kernel_header * lh)
{
- if (lh->magic != GRUB_LINUX_ARMXX_MAGIC_SIGNATURE)
- return grub_error(GRUB_ERR_BAD_OS, "invalid magic number");
-
if ((lh->code0 & 0xffff) != GRUB_DOS_MAGIC)
return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET,
N_("plain image kernel not supported - rebuild with CONFIG_(U)EFI_STUB enabled"));

95
0273-Correct-BSS-zeroing-on-aarch64.patch
View File

@ -1,95 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Linton <jeremy.linton@arm.com>
Date: Tue, 6 Sep 2022 15:33:03 -0500
Subject: [PATCH] Correct BSS zeroing on aarch64
The aarch64 loader doesn't use efi bootservices, and
therefor it has a very minimal loader which makes a lot
of assumptions about the kernel layout. With the ZBOOT
changes, the layout has changed a bit and we not should
really be parsing the PE sections to determine how much
data to copy, otherwise the BSS won't be setup properly.
This code still makes a lot of assumptions about the
the kernel layout, so its far from ideal, but it works.
Resolves: rhbz#2125069
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
---
grub-core/loader/arm64/linux.c | 27 ++++++++++++++++++++++-----
1 file changed, 22 insertions(+), 5 deletions(-)
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index 489d0c7173..419f2201df 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -316,10 +316,12 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
static grub_err_t
parse_pe_header (void *kernel, grub_uint64_t *total_size,
grub_uint32_t *entry_offset,
- grub_uint32_t *alignment)
+ grub_uint32_t *alignment,grub_uint32_t *code_size)
{
struct linux_arch_kernel_header *lh = kernel;
struct grub_armxx_linux_pe_header *pe;
+ grub_uint16_t i;
+ struct grub_pe32_section_table *sections;
pe = (void *)((unsigned long)kernel + lh->hdr_offset);
@@ -329,6 +331,19 @@ parse_pe_header (void *kernel, grub_uint64_t *total_size,
*total_size = pe->opt.image_size;
*entry_offset = pe->opt.entry_addr;
*alignment = pe->opt.section_alignment;
+ *code_size = pe->opt.section_alignment;
+
+ sections = (struct grub_pe32_section_table *) ((char *)&pe->opt +
+ pe->coff.optional_header_size);
+ grub_dprintf ("linux", "num_sections : %d\n", pe->coff.num_sections );
+ for (i = 0 ; i < pe->coff.num_sections; i++)
+ {
+ grub_dprintf ("linux", "raw_size : %lld\n",
+ (long long) sections[i].raw_data_size);
+ grub_dprintf ("linux", "virt_size : %lld\n",
+ (long long) sections[i].virtual_size);
+ *code_size += sections[i].raw_data_size;
+ }
return GRUB_ERR_NONE;
}
@@ -341,6 +356,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_err_t err;
grub_off_t filelen;
grub_uint32_t align;
+ grub_uint32_t code_size;
void *kernel = NULL;
int nx_supported = 1;
@@ -373,11 +389,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE)
goto fail;
- if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE)
+ if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align, &code_size) != GRUB_ERR_NONE)
goto fail;
grub_dprintf ("linux", "kernel mem size : %lld\n", (long long) kernel_size);
grub_dprintf ("linux", "kernel entry offset : %d\n", handover_offset);
grub_dprintf ("linux", "kernel alignment : 0x%x\n", align);
+ grub_dprintf ("linux", "kernel size : 0x%x\n", code_size);
err = grub_efi_check_nx_image_support((grub_addr_t)kernel, filelen, &nx_supported);
if (err != GRUB_ERR_NONE)
@@ -396,9 +413,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
kernel_addr = (void *)ALIGN_UP((grub_uint64_t)kernel_alloc_addr, align);
grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
- grub_memcpy (kernel_addr, kernel, grub_min(filelen, kernel_size));
- if (kernel_size > filelen)
- grub_memset ((char *)kernel_addr + filelen, 0, kernel_size - filelen);
+ grub_memcpy (kernel_addr, kernel, grub_min(code_size, kernel_size));
+ if (kernel_size > code_size)
+ grub_memset ((char *)kernel_addr + code_size, 0, kernel_size - code_size);
grub_free(kernel);
kernel = NULL;

39
0274-linuxefi-Invalidate-i-cache-before-starting-the-kern.patch
View File

@ -1,39 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: dann frazier <dann.frazier@canonical.com>
Date: Thu, 25 Aug 2022 17:08:09 -0600
Subject: [PATCH] linuxefi: Invalidate i-cache before starting the kernel
We need to flush the memory range of the code we are about to execute
from the instruction cache before we can safely execute it. Not doing
so appears to be the source of rare synchronous exceptions a user
is seeing on a Cortex-A72-based platform while executing the Linux EFI
stub. Notably they seem to correlate with an instruction on a cache
line boundary.
Signed-off-by: dann frazier <dann.frazier@canonical.com>
---
grub-core/loader/efi/linux.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index 277f352e0c..e413bdcc23 100644
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@@ -16,6 +16,7 @@
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
+#include <grub/cache.h>
#include <grub/err.h>
#include <grub/mm.h>
#include <grub/types.h>
@@ -210,6 +211,9 @@ grub_efi_linux_boot (grub_addr_t kernel_addr, grub_size_t kernel_size,
asm volatile ("cli");
#endif
+ /* Invalidate the instruction cache */
+ grub_arch_sync_caches((void *)kernel_addr, kernel_size);
+
hf = (handover_func)((char *)kernel_addr + handover_offset + offset);
hf (grub_efi_image_handle, grub_efi_system_table, kernel_params);

42
0276-commands-efi-tpm-Refine-the-status-of-log-event.patch
View File

@ -1,42 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Lu Ken <ken.lu@intel.com>
Date: Wed, 13 Jul 2022 10:06:10 +0800
Subject: [PATCH] commands/efi/tpm: Refine the status of log event
1. Use macro GRUB_ERR_NONE instead of hard code 0.
2. Keep lowercase of the first char for the status string of log event.
Signed-off-by: Lu Ken <ken.lu@intel.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 922898573e37135f5dedc16f3e15a1d1d4c53f8a)
---
grub-core/commands/efi/tpm.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c
index a97d85368a..7acf510499 100644
--- a/grub-core/commands/efi/tpm.c
+++ b/grub-core/commands/efi/tpm.c
@@ -135,17 +135,17 @@ grub_efi_log_event_status (grub_efi_status_t status)
switch (status)
{
case GRUB_EFI_SUCCESS:
- return 0;
+ return GRUB_ERR_NONE;
case GRUB_EFI_DEVICE_ERROR:
- return grub_error (GRUB_ERR_IO, N_("Command failed"));
+ return grub_error (GRUB_ERR_IO, N_("command failed"));
case GRUB_EFI_INVALID_PARAMETER:
- return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid parameter"));
case GRUB_EFI_BUFFER_TOO_SMALL:
- return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("output buffer too small"));
case GRUB_EFI_NOT_FOUND:
return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
default:
- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("unknown TPM error"));
}
}

37
0277-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch
View File

@ -1,37 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Lu Ken <ken.lu@intel.com>
Date: Wed, 13 Jul 2022 10:06:11 +0800
Subject: [PATCH] commands/efi/tpm: Use grub_strcpy() instead of grub_memcpy()
The event description is a string, so using grub_strcpy() is cleaner than
using grub_memcpy().
Signed-off-by: Lu Ken <ken.lu@intel.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit ef8679b645a63eb9eb191bb9539d7d25a9d6ff3b)
---
grub-core/commands/efi/tpm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c
index 7acf510499..bb59599721 100644
--- a/grub-core/commands/efi/tpm.c
+++ b/grub-core/commands/efi/tpm.c
@@ -175,7 +175,7 @@ grub_tpm1_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
event->PCRIndex = pcr;
event->EventType = EV_IPL;
event->EventSize = grub_strlen (description) + 1;
- grub_memcpy (event->Event, description, event->EventSize);
+ grub_strcpy ((char *) event->Event, description);
algorithm = TCG_ALG_SHA;
status = efi_call_7 (tpm->log_extend_event, tpm, (grub_addr_t) buf, (grub_uint64_t) size,
@@ -212,7 +212,7 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
event->Header.EventType = EV_IPL;
event->Size =
sizeof (*event) - sizeof (event->Event) + grub_strlen (description) + 1;
- grub_memcpy (event->Event, description, grub_strlen (description) + 1);
+ grub_strcpy ((char *) event->Event, description);
status = efi_call_5 (tpm->hash_log_extend_event, tpm, 0, (grub_addr_t) buf,
(grub_uint64_t) size, event);

258
0278-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch
View File

@ -1,258 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Lu Ken <ken.lu@intel.com>
Date: Wed, 13 Jul 2022 10:06:12 +0800
Subject: [PATCH] efi/tpm: Add EFI_CC_MEASUREMENT_PROTOCOL support
The EFI_CC_MEASUREMENT_PROTOCOL abstracts the measurement for virtual firmware
in confidential computing environment. It is similar to the EFI_TCG2_PROTOCOL.
It was proposed by Intel and ARM and approved by UEFI organization.
It is defined in Intel GHCI specification: https://cdrdv2.intel.com/v1/dl/getContent/726790 .
The EDKII header file is available at https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/CcMeasurement.h .
Signed-off-by: Lu Ken <ken.lu@intel.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 4c76565b6cb885b7e144dc27f3612066844e2d19)
---
grub-core/commands/efi/tpm.c | 48 ++++++++++++++
include/grub/efi/cc.h | 151 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 199 insertions(+)
create mode 100644 include/grub/efi/cc.h
diff --git a/grub-core/commands/efi/tpm.c b/grub-core/commands/efi/tpm.c
index bb59599721..ae09c1bf8b 100644
--- a/grub-core/commands/efi/tpm.c
+++ b/grub-core/commands/efi/tpm.c
@@ -22,6 +22,7 @@
#include <grub/i18n.h>
#include <grub/efi/api.h>
#include <grub/efi/efi.h>
+#include <grub/efi/cc.h>
#include <grub/efi/tpm.h>
#include <grub/mm.h>
#include <grub/tpm.h>
@@ -31,6 +32,7 @@ typedef TCG_PCR_EVENT grub_tpm_event_t;
static grub_efi_guid_t tpm_guid = EFI_TPM_GUID;
static grub_efi_guid_t tpm2_guid = EFI_TPM2_GUID;
+static grub_efi_guid_t cc_measurement_guid = GRUB_EFI_CC_MEASUREMENT_PROTOCOL_GUID;
static grub_efi_handle_t *grub_tpm_handle;
static grub_uint8_t grub_tpm_version;
@@ -221,6 +223,50 @@ grub_tpm2_log_event (grub_efi_handle_t tpm_handle, unsigned char *buf,
return grub_efi_log_event_status (status);
}
+static void
+grub_cc_log_event (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ grub_efi_cc_event_t *event;
+ grub_efi_status_t status;
+ grub_efi_cc_protocol_t *cc;
+ grub_efi_cc_mr_index_t mr;
+
+ cc = grub_efi_locate_protocol (&cc_measurement_guid, NULL);
+ if (cc == NULL)
+ return;
+
+ status = efi_call_3 (cc->map_pcr_to_mr_index, cc, pcr, &mr);
+ if (status != GRUB_EFI_SUCCESS)
+ {
+ grub_efi_log_event_status (status);
+ return;
+ }
+
+ event = grub_zalloc (sizeof (grub_efi_cc_event_t) +
+ grub_strlen (description) + 1);
+ if (event == NULL)
+ {
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate CC event buffer"));
+ return;
+ }
+
+ event->Header.HeaderSize = sizeof (grub_efi_cc_event_header_t);
+ event->Header.HeaderVersion = GRUB_EFI_CC_EVENT_HEADER_VERSION;
+ event->Header.MrIndex = mr;
+ event->Header.EventType = EV_IPL;
+ event->Size = sizeof (*event) + grub_strlen (description) + 1;
+ grub_strcpy ((char *) event->Event, description);
+
+ status = efi_call_5 (cc->hash_log_extend_event, cc, 0,
+ (grub_efi_physical_address_t)(grub_addr_t) buf,
+ (grub_efi_uint64_t) size, event);
+ grub_free (event);
+
+ if (status != GRUB_EFI_SUCCESS)
+ grub_efi_log_event_status (status);
+}
+
grub_err_t
grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
const char *description)
@@ -228,6 +274,8 @@ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
grub_efi_handle_t tpm_handle;
grub_efi_uint8_t protocol_version;
+ grub_cc_log_event(buf, size, pcr, description);
+
if (!grub_tpm_handle_find (&tpm_handle, &protocol_version))
return 0;
diff --git a/include/grub/efi/cc.h b/include/grub/efi/cc.h
new file mode 100644
index 0000000000..8960306890
--- /dev/null
+++ b/include/grub/efi/cc.h
@@ -0,0 +1,151 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2022 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef GRUB_EFI_CC_H
+#define GRUB_EFI_CC_H 1
+
+#include <grub/efi/api.h>
+#include <grub/efi/efi.h>
+#include <grub/err.h>
+
+#define GRUB_EFI_CC_MEASUREMENT_PROTOCOL_GUID \
+ { 0x96751a3d, 0x72f4, 0x41a6, \
+ { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b } \
+ };
+
+struct grub_efi_cc_version
+{
+ grub_efi_uint8_t Major;
+ grub_efi_uint8_t Minor;
+};
+typedef struct grub_efi_cc_version grub_efi_cc_version_t;
+
+/* EFI_CC Type/SubType definition. */
+#define GRUB_EFI_CC_TYPE_NONE 0
+#define GRUB_EFI_CC_TYPE_SEV 1
+#define GRUB_EFI_CC_TYPE_TDX 2
+
+struct grub_efi_cc_type
+{
+ grub_efi_uint8_t Type;
+ grub_efi_uint8_t SubType;
+};
+typedef struct grub_efi_cc_type grub_efi_cc_type_t;
+
+typedef grub_efi_uint32_t grub_efi_cc_event_log_bitmap_t;
+typedef grub_efi_uint32_t grub_efi_cc_event_log_format_t;
+typedef grub_efi_uint32_t grub_efi_cc_event_algorithm_bitmap_t;
+typedef grub_efi_uint32_t grub_efi_cc_mr_index_t;
+
+/* Intel TDX measure register index. */
+#define GRUB_TDX_MR_INDEX_MRTD 0
+#define GRUB_TDX_MR_INDEX_RTMR0 1
+#define GRUB_TDX_MR_INDEX_RTMR1 2
+#define GRUB_TDX_MR_INDEX_RTMR2 3
+#define GRUB_TDX_MR_INDEX_RTMR3 4
+
+#define GRUB_EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002
+#define GRUB_EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004
+#define GRUB_EFI_CC_EVENT_HEADER_VERSION 1
+
+struct grub_efi_cc_event_header
+{
+ /* Size of the event header itself (sizeof(EFI_TD_EVENT_HEADER)). */
+ grub_efi_uint32_t HeaderSize;
+
+ /*
+ * Header version. For this version of this specification,
+ * the value shall be 1.
+ */
+ grub_efi_uint16_t HeaderVersion;
+
+ /* Index of the MR that shall be extended. */
+ grub_efi_cc_mr_index_t MrIndex;
+
+ /* Type of the event that shall be extended (and optionally logged). */
+ grub_efi_uint32_t EventType;
+} GRUB_PACKED;
+typedef struct grub_efi_cc_event_header grub_efi_cc_event_header_t;
+
+struct grub_efi_cc_event
+{
+ /* Total size of the event including the Size component, the header and the Event data. */
+ grub_efi_uint32_t Size;
+ grub_efi_cc_event_header_t Header;
+ grub_efi_uint8_t Event[0];
+} GRUB_PACKED;
+typedef struct grub_efi_cc_event grub_efi_cc_event_t;
+
+struct grub_efi_cc_boot_service_capability
+{
+ /* Allocated size of the structure. */
+ grub_efi_uint8_t Size;
+
+ /*
+ * Version of the grub_efi_cc_boot_service_capability_t structure itself.
+ * For this version of the protocol, the Major version shall be set to 1
+ * and the Minor version shall be set to 1.
+ */
+ grub_efi_cc_version_t StructureVersion;
+
+ /*
+ * Version of the EFI TD protocol.
+ * For this version of the protocol, the Major version shall be set to 1
+ * and the Minor version shall be set to 1.
+ */
+ grub_efi_cc_version_t ProtocolVersion;
+
+ /* Supported hash algorithms. */
+ grub_efi_cc_event_algorithm_bitmap_t HashAlgorithmBitmap;
+
+ /* Bitmap of supported event log formats. */
+ grub_efi_cc_event_log_bitmap_t SupportedEventLogs;
+
+ /* Indicates the CC type. */
+ grub_efi_cc_type_t CcType;
+};
+typedef struct grub_efi_cc_boot_service_capability grub_efi_cc_boot_service_capability_t;
+
+struct grub_efi_cc_protocol
+{
+ grub_efi_status_t
+ (*get_capability) (struct grub_efi_cc_protocol *this,
+ grub_efi_cc_boot_service_capability_t *ProtocolCapability);
+
+ grub_efi_status_t
+ (*get_event_log) (struct grub_efi_cc_protocol *this,
+ grub_efi_cc_event_log_format_t EventLogFormat,
+ grub_efi_physical_address_t *EventLogLocation,
+ grub_efi_physical_address_t *EventLogLastEntry,
+ grub_efi_boolean_t *EventLogTruncated);
+
+ grub_efi_status_t
+ (*hash_log_extend_event) (struct grub_efi_cc_protocol *this,
+ grub_efi_uint64_t Flags,
+ grub_efi_physical_address_t DataToHash,
+ grub_efi_uint64_t DataToHashLen,
+ grub_efi_cc_event_t *EfiCcEvent);
+
+ grub_efi_status_t
+ (*map_pcr_to_mr_index) (struct grub_efi_cc_protocol *this,
+ grub_efi_uint32_t PcrIndex,
+ grub_efi_cc_mr_index_t *MrIndex);
+};
+typedef struct grub_efi_cc_protocol grub_efi_cc_protocol_t;
+
+#endif

52
0286-kern-efi-sb-Enforce-verification-of-font-files.patch
View File

@ -1,52 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Zhang Boyang <zhangboyang.id@gmail.com>
Date: Sun, 14 Aug 2022 15:51:54 +0800
Subject: [PATCH] kern/efi/sb: Enforce verification of font files
As a mitigation and hardening measure enforce verification of font
files. Then only trusted font files can be load. This will reduce the
attack surface at cost of losing the ability of end-users to customize
fonts if e.g. UEFI Secure Boot is enabled. Vendors can always customize
fonts because they have ability to pack fonts into their GRUB bundles.
This goal is achieved by:
* Removing GRUB_FILE_TYPE_FONT from shim lock verifier's
skip-verification list.
* Adding GRUB_FILE_TYPE_FONT to lockdown verifier's defer-auth list,
so font files must be verified by a verifier before they can be loaded.
Suggested-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Zhang Boyang <zhangboyang.id@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 630deb8c0d8b02b670ced4b7030414bcf17aa080)
---
grub-core/kern/efi/sb.c | 1 -
grub-core/kern/lockdown.c | 1 +
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
index 89c4bb3fd1..db42c2539f 100644
--- a/grub-core/kern/efi/sb.c
+++ b/grub-core/kern/efi/sb.c
@@ -145,7 +145,6 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
case GRUB_FILE_TYPE_PRINT_BLOCKLIST:
case GRUB_FILE_TYPE_TESTLOAD:
case GRUB_FILE_TYPE_GET_SIZE:
- case GRUB_FILE_TYPE_FONT:
case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY:
case GRUB_FILE_TYPE_CAT:
case GRUB_FILE_TYPE_HEXCAT:
diff --git a/grub-core/kern/lockdown.c b/grub-core/kern/lockdown.c
index 0bc70fd42d..af6d493cd3 100644
--- a/grub-core/kern/lockdown.c
+++ b/grub-core/kern/lockdown.c
@@ -51,6 +51,7 @@ lockdown_verifier_init (grub_file_t io __attribute__ ((unused)),
case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE:
case GRUB_FILE_TYPE_ACPI_TABLE:
case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE:
+ case GRUB_FILE_TYPE_FONT:
*flags = GRUB_VERIFY_FLAGS_DEFER_AUTH;
/* Fall through. */

78
0292-font-Try-opening-fonts-from-the-bundled-memdisk.patch
View File

@ -1,78 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Wed, 16 Nov 2022 14:40:04 +0000
Subject: [PATCH] font: Try opening fonts from the bundled memdisk
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
grub-core/font/font.c | 48 +++++++++++++++++++++++++++++++-----------------
1 file changed, 31 insertions(+), 17 deletions(-)
diff --git a/grub-core/font/font.c b/grub-core/font/font.c
index e6616e610c..e421d1ae6f 100644
--- a/grub-core/font/font.c
+++ b/grub-core/font/font.c
@@ -409,6 +409,27 @@ read_section_as_short (struct font_file_section *section,
return 0;
}
+static grub_file_t
+try_open_from_prefix (const char *prefix, const char *filename)
+{
+ grub_file_t file;
+ char *fullname, *ptr;
+
+ fullname = grub_malloc (grub_strlen (prefix) + grub_strlen (filename) + 1
+ + sizeof ("/fonts/") + sizeof (".pf2"));
+ if (!fullname)
+ return 0;
+ ptr = grub_stpcpy (fullname, prefix);
+ ptr = grub_stpcpy (ptr, "/fonts/");
+ ptr = grub_stpcpy (ptr, filename);
+ ptr = grub_stpcpy (ptr, ".pf2");
+ *ptr = 0;
+
+ file = grub_buffile_open (fullname, GRUB_FILE_TYPE_FONT, 1024);
+ grub_free (fullname);
+ return file;
+}
+
/* Load a font and add it to the beginning of the global font list.
Returns 0 upon success, nonzero upon failure. */
grub_font_t
@@ -427,25 +448,18 @@ grub_font_load (const char *filename)
file = grub_buffile_open (filename, GRUB_FILE_TYPE_FONT, 1024);
else
{
- const char *prefix = grub_env_get ("prefix");
- char *fullname, *ptr;
- if (!prefix)
+ file = try_open_from_prefix ("(memdisk)", filename);
+ if (!file)
{
- grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("variable `%s' isn't set"),
- "prefix");
- goto fail;
+ const char *prefix = grub_env_get ("prefix");
+ if (!prefix)
+ {
+ grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("variable `%s' isn't set"),
+ "prefix");
+ goto fail;
+ }
+ file = try_open_from_prefix (prefix, filename);
}
- fullname = grub_malloc (grub_strlen (prefix) + grub_strlen (filename) + 1
- + sizeof ("/fonts/") + sizeof (".pf2"));
- if (!fullname)
- goto fail;
- ptr = grub_stpcpy (fullname, prefix);
- ptr = grub_stpcpy (ptr, "/fonts/");
- ptr = grub_stpcpy (ptr, filename);
- ptr = grub_stpcpy (ptr, ".pf2");
- *ptr = 0;
- file = grub_buffile_open (fullname, GRUB_FILE_TYPE_FONT, 1024);
- grub_free (fullname);
}
if (!file)
goto fail;

183
0293-mm-Clarify-grub_real_malloc.patch
View File

@ -1,183 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 25 Nov 2021 02:22:46 +1100
Subject: [PATCH] mm: Clarify grub_real_malloc()
When iterating through the singly linked list of free blocks,
grub_real_malloc() uses p and q for the current and previous blocks
respectively. This isn't super clear, so swap to using prev and cur.
This makes another quirk more obvious. The comment at the top of
grub_real_malloc() might lead you to believe that the function will
allocate from *first if there is space in that block.
It actually doesn't do that, and it can't do that with the current
data structures. If we used up all of *first, we would need to change
the ->next of the previous block to point to *first->next, but we
can't do that because it's a singly linked list and we don't have
access to *first's previous block.
What grub_real_malloc() actually does is set *first to the initial
previous block, and *first->next is the block we try to allocate
from. That allows us to keep all the data structures consistent.
Document that.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 246ad6a44c281bb13486ddea0a26bb661db73106)
---
grub-core/kern/mm.c | 76 +++++++++++++++++++++++++++++------------------------
1 file changed, 41 insertions(+), 35 deletions(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index d8c8377578..fb20e93acf 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -178,13 +178,20 @@ grub_mm_init_region (void *addr, grub_size_t size)
}
/* Allocate the number of units N with the alignment ALIGN from the ring
- buffer starting from *FIRST. ALIGN must be a power of two. Both N and
- ALIGN are in units of GRUB_MM_ALIGN. Return a non-NULL if successful,
- otherwise return NULL. */
+ * buffer given in *FIRST. ALIGN must be a power of two. Both N and
+ * ALIGN are in units of GRUB_MM_ALIGN. Return a non-NULL if successful,
+ * otherwise return NULL.
+ *
+ * Note: because in certain circumstances we need to adjust the ->next
+ * pointer of the previous block, we iterate over the singly linked
+ * list with the pair (prev, cur). *FIRST is our initial previous, and
+ * *FIRST->next is our initial current pointer. So we will actually
+ * allocate from *FIRST->next first and *FIRST itself last.
+ */
static void *
grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
{
- grub_mm_header_t p, q;
+ grub_mm_header_t cur, prev;
/* When everything is allocated side effect is that *first will have alloc
magic marked, meaning that there is no room in this region. */
@@ -192,24 +199,24 @@ grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
return 0;
/* Try to search free slot for allocation in this memory region. */
- for (q = *first, p = q->next; ; q = p, p = p->next)
+ for (prev = *first, cur = prev->next; ; prev = cur, cur = cur->next)
{
grub_off_t extra;
- extra = ((grub_addr_t) (p + 1) >> GRUB_MM_ALIGN_LOG2) & (align - 1);
+ extra = ((grub_addr_t) (cur + 1) >> GRUB_MM_ALIGN_LOG2) & (align - 1);
if (extra)
extra = align - extra;
- if (! p)
+ if (! cur)
grub_fatal ("null in the ring");
- if (p->magic != GRUB_MM_FREE_MAGIC)
- grub_fatal ("free magic is broken at %p: 0x%x", p, p->magic);
+ if (cur->magic != GRUB_MM_FREE_MAGIC)
+ grub_fatal ("free magic is broken at %p: 0x%x", cur, cur->magic);
- if (p->size >= n + extra)
+ if (cur->size >= n + extra)
{
- extra += (p->size - extra - n) & (~(align - 1));
- if (extra == 0 && p->size == n)
+ extra += (cur->size - extra - n) & (~(align - 1));
+ if (extra == 0 && cur->size == n)
{
/* There is no special alignment requirement and memory block
is complete match.
@@ -222,9 +229,9 @@ grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
| alloc, size=n | |
+---------------+ v
*/
- q->next = p->next;
+ prev->next = cur->next;
}
- else if (align == 1 || p->size == n + extra)
+ else if (align == 1 || cur->size == n + extra)
{
/* There might be alignment requirement, when taking it into
account memory block fits in.
@@ -241,23 +248,22 @@ grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
| alloc, size=n | |
+---------------+ v
*/
-
- p->size -= n;
- p += p->size;
+ cur->size -= n;
+ cur += cur->size;
}
else if (extra == 0)
{
grub_mm_header_t r;
- r = p + extra + n;
+ r = cur + extra + n;
r->magic = GRUB_MM_FREE_MAGIC;
- r->size = p->size - extra - n;
- r->next = p->next;
- q->next = r;
+ r->size = cur->size - extra - n;
+ r->next = cur->next;
+ prev->next = r;
- if (q == p)
+ if (prev == cur)
{
- q = r;
+ prev = r;
r->next = r;
}
}
@@ -284,32 +290,32 @@ grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
*/
grub_mm_header_t r;
- r = p + extra + n;
+ r = cur + extra + n;
r->magic = GRUB_MM_FREE_MAGIC;
- r->size = p->size - extra - n;
- r->next = p;
+ r->size = cur->size - extra - n;
+ r->next = cur;
- p->size = extra;
- q->next = r;
- p += extra;
+ cur->size = extra;
+ prev->next = r;
+ cur += extra;
}
- p->magic = GRUB_MM_ALLOC_MAGIC;
- p->size = n;
+ cur->magic = GRUB_MM_ALLOC_MAGIC;
+ cur->size = n;
/* Mark find as a start marker for next allocation to fasten it.
This will have side effect of fragmenting memory as small
pieces before this will be un-used. */
/* So do it only for chunks under 64K. */
if (n < (0x8000 >> GRUB_MM_ALIGN_LOG2)
- || *first == p)
- *first = q;
+ || *first == cur)
+ *first = prev;
- return p + 1;
+ return cur + 1;
}
/* Search was completed without result. */
- if (p == *first)
+ if (cur == *first)
break;
}

32
0294-mm-grub_real_malloc-Make-small-allocs-comment-match-.patch
View File

@ -1,32 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 25 Nov 2021 02:22:47 +1100
Subject: [PATCH] mm: grub_real_malloc(): Make small allocs comment match code
Small allocations move the region's *first pointer. The comment
says that this happens for allocations under 64K. The code says
it's for allocations under 32K. Commit 45bf8b3a7549 changed the
code intentionally: make the comment match.
Fixes: 45bf8b3a7549 (* grub-core/kern/mm.c (grub_real_malloc): Decrease cut-off of moving the)
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit a847895a8d000bdf27ad4d4326f883a0eed769ca)
---
grub-core/kern/mm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index fb20e93acf..db7e0b2a5b 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -306,7 +306,7 @@ grub_real_malloc (grub_mm_header_t *first, grub_size_t n, grub_size_t align)
/* Mark find as a start marker for next allocation to fasten it.
This will have side effect of fragmenting memory as small
pieces before this will be un-used. */
- /* So do it only for chunks under 64K. */
+ /* So do it only for chunks under 32K. */
if (n < (0x8000 >> GRUB_MM_ALIGN_LOG2)
|| *first == cur)
*first = prev;

120
0295-mm-Document-grub_free.patch
View File

@ -1,120 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 25 Nov 2021 02:22:48 +1100
Subject: [PATCH] mm: Document grub_free()
The grub_free() possesses a surprising number of quirks, and also
uses single-letter variable names confusingly to iterate through
the free list.
Document what's going on.
Use prev and cur to iterate over the free list.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 1f8d0b01738e49767d662d6426af3570a64565f0)
---
grub-core/kern/mm.c | 63 ++++++++++++++++++++++++++++++++++-------------------
1 file changed, 41 insertions(+), 22 deletions(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index db7e0b2a5b..0351171cf9 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -446,54 +446,73 @@ grub_free (void *ptr)
}
else
{
- grub_mm_header_t q, s;
+ grub_mm_header_t cur, prev;
#if 0
- q = r->first;
+ cur = r->first;
do
{
grub_printf ("%s:%d: q=%p, q->size=0x%x, q->magic=0x%x\n",
- GRUB_FILE, __LINE__, q, q->size, q->magic);
- q = q->next;
+ GRUB_FILE, __LINE__, cur, cur->size, cur->magic);
+ cur = cur->next;
}
- while (q != r->first);
+ while (cur != r->first);
#endif
-
- for (s = r->first, q = s->next; q <= p || q->next >= p; s = q, q = s->next)
+ /* Iterate over all blocks in the free ring.
+ *
+ * The free ring is arranged from high addresses to low
+ * addresses, modulo wraparound.
+ *
+ * We are looking for a block with a higher address than p or
+ * whose next address is lower than p.
+ */
+ for (prev = r->first, cur = prev->next; cur <= p || cur->next >= p;
+ prev = cur, cur = prev->next)
{
- if (q->magic != GRUB_MM_FREE_MAGIC)
- grub_fatal ("free magic is broken at %p: 0x%x", q, q->magic);
+ if (cur->magic != GRUB_MM_FREE_MAGIC)
+ grub_fatal ("free magic is broken at %p: 0x%x", cur, cur->magic);
- if (q <= q->next && (q > p || q->next < p))
+ /* Deal with wrap-around */
+ if (cur <= cur->next && (cur > p || cur->next < p))
break;
}
+ /* mark p as free and insert it between cur and cur->next */
p->magic = GRUB_MM_FREE_MAGIC;
- p->next = q->next;
- q->next = p;
+ p->next = cur->next;
+ cur->next = p;
+ /*
+ * If the block we are freeing can be merged with the next
+ * free block, do that.
+ */
if (p->next + p->next->size == p)
{
p->magic = 0;
p->next->size += p->size;
- q->next = p->next;
+ cur->next = p->next;
p = p->next;
}
- r->first = q;
+ r->first = cur;
- if (q == p + p->size)
+ /* Likewise if can be merged with the preceeding free block */
+ if (cur == p + p->size)
{
- q->magic = 0;
- p->size += q->size;
- if (q == s)
- s = p;
- s->next = p;
- q = s;
+ cur->magic = 0;
+ p->size += cur->size;
+ if (cur == prev)
+ prev = p;
+ prev->next = p;
+ cur = prev;
}
- r->first = q;
+ /*
+ * Set r->first such that the just free()d block is tried first.
+ * (An allocation is tried from *first->next, and cur->next == p.)
+ */
+ r->first = cur;
}
}

73
0296-mm-Document-grub_mm_init_region.patch
View File

@ -1,73 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 25 Nov 2021 02:22:49 +1100
Subject: [PATCH] mm: Document grub_mm_init_region()
The grub_mm_init_region() does some things that seem magical, especially
around region merging. Make it a bit clearer.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 246d69b7ea619fc1e77dcc5960e37aea45a9808c)
---
grub-core/kern/mm.c | 31 ++++++++++++++++++++++++++++++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index 0351171cf9..1cbf98c7ab 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -128,23 +128,52 @@ grub_mm_init_region (void *addr, grub_size_t size)
if (((grub_addr_t) addr + 0x1000) > ~(grub_addr_t) size)
size = ((grub_addr_t) -0x1000) - (grub_addr_t) addr;
+ /* Attempt to merge this region with every existing region */
for (p = &grub_mm_base, q = *p; q; p = &(q->next), q = *p)
+ /*
+ * Is the new region immediately below an existing region? That
+ * is, is the address of the memory we're adding now (addr) + size
+ * of the memory we're adding (size) + the bytes we couldn't use
+ * at the start of the region we're considering (q->pre_size)
+ * equal to the address of q? In other words, does the memory
+ * looks like this?
+ *
+ * addr q
+ * |----size-----|-q->pre_size-|<q region>|
+ */
if ((grub_uint8_t *) addr + size + q->pre_size == (grub_uint8_t *) q)
{
+ /*
+ * Yes, we can merge the memory starting at addr into the
+ * existing region from below. Align up addr to GRUB_MM_ALIGN
+ * so that our new region has proper alignment.
+ */
r = (grub_mm_region_t) ALIGN_UP ((grub_addr_t) addr, GRUB_MM_ALIGN);
+ /* Copy the region data across */
*r = *q;
+ /* Consider all the new size as pre-size */
r->pre_size += size;
-
+
+ /*
+ * If we have enough pre-size to create a block, create a
+ * block with it. Mark it as allocated and pass it to
+ * grub_free (), which will sort out getting it into the free
+ * list.
+ */
if (r->pre_size >> GRUB_MM_ALIGN_LOG2)
{
h = (grub_mm_header_t) (r + 1);
+ /* block size is pre-size converted to cells */
h->size = (r->pre_size >> GRUB_MM_ALIGN_LOG2);
h->magic = GRUB_MM_ALLOC_MAGIC;
+ /* region size grows by block size converted back to bytes */
r->size += h->size << GRUB_MM_ALIGN_LOG2;
+ /* adjust pre_size to be accurate */
r->pre_size &= (GRUB_MM_ALIGN - 1);
*p = r;
grub_free (h + 1);
}
+ /* Replace the old region with the new region */
*p = r;
return;
}

78
0297-mm-Document-GRUB-internal-memory-management-structur.patch
View File

@ -1,78 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 25 Nov 2021 02:22:45 +1100
Subject: [PATCH] mm: Document GRUB internal memory management structures
I spent more than a trivial quantity of time figuring out pre_size and
whether a memory region's size contains the header cell or not.
Document the meanings of all the properties. Hopefully now no-one else
has to figure it out!
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit a6c5c52ccffd2674d43db25fb4baa9c528526aa0)
---
include/grub/mm_private.h | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/include/grub/mm_private.h b/include/grub/mm_private.h
index c2c4cb1511..203533cc3d 100644
--- a/include/grub/mm_private.h
+++ b/include/grub/mm_private.h
@@ -21,15 +21,27 @@
#include <grub/mm.h>
+/* For context, see kern/mm.c */
+
/* Magic words. */
#define GRUB_MM_FREE_MAGIC 0x2d3c2808
#define GRUB_MM_ALLOC_MAGIC 0x6db08fa4
+/* A header describing a block of memory - either allocated or free */
typedef struct grub_mm_header
{
+ /*
+ * The 'next' free block in this region's circular free list.
+ * Only meaningful if the block is free.
+ */
struct grub_mm_header *next;
+ /* The block size, not in bytes but the number of cells of
+ * GRUB_MM_ALIGN bytes. Includes the header cell.
+ */
grub_size_t size;
+ /* either free or alloc magic, depending on the block type. */
grub_size_t magic;
+ /* pad to cell size: see the top of kern/mm.c. */
#if GRUB_CPU_SIZEOF_VOID_P == 4
char padding[4];
#elif GRUB_CPU_SIZEOF_VOID_P == 8
@@ -48,11 +60,27 @@ typedef struct grub_mm_header
#define GRUB_MM_ALIGN (1 << GRUB_MM_ALIGN_LOG2)
+/* A region from which we can make allocations. */
typedef struct grub_mm_region
{
+ /* The first free block in this region. */
struct grub_mm_header *first;
+
+ /*
+ * The next region in the linked list of regions. Regions are initially
+ * sorted in order of increasing size, but can grow, in which case the
+ * ordering may not be preserved.
+ */
struct grub_mm_region *next;
+
+ /*
+ * A grub_mm_region will always be aligned to cell size. The pre-size is
+ * the number of bytes we were given but had to skip in order to get that
+ * alignment.
+ */
grub_size_t pre_size;
+
+ /* How many bytes are in this region? (free and allocated) */
grub_size_t size;
}
*grub_mm_region_t;

56
0298-mm-Assert-that-we-preserve-header-vs-region-alignmen.patch
View File

@ -1,56 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 21 Apr 2022 15:24:14 +1000
Subject: [PATCH] mm: Assert that we preserve header vs region alignment
grub_mm_region_init() does:
h = (grub_mm_header_t) (r + 1);
where h is a grub_mm_header_t and r is a grub_mm_region_t.
Cells are supposed to be GRUB_MM_ALIGN aligned, but while grub_mm_dump
ensures this vs the region header, grub_mm_region_init() does not.
It's better to be explicit than implicit here: rather than changing
grub_mm_region_init() to ALIGN_UP(), require that the struct is
explicitly a multiple of the header size.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 1df8fe66c57087eb33bd6dc69f786ed124615aa7)
---
include/grub/mm_private.h | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/include/grub/mm_private.h b/include/grub/mm_private.h
index 203533cc3d..a688b92a83 100644
--- a/include/grub/mm_private.h
+++ b/include/grub/mm_private.h
@@ -20,6 +20,7 @@
#define GRUB_MM_PRIVATE_H 1
#include <grub/mm.h>
+#include <grub/misc.h>
/* For context, see kern/mm.c */
@@ -89,4 +90,17 @@ typedef struct grub_mm_region
extern grub_mm_region_t EXPORT_VAR (grub_mm_base);
#endif
+static inline void
+grub_mm_size_sanity_check (void) {
+ /* Ensure we preserve alignment when doing h = (grub_mm_header_t) (r + 1). */
+ COMPILE_TIME_ASSERT ((sizeof (struct grub_mm_region) %
+ sizeof (struct grub_mm_header)) == 0);
+
+ /*
+ * GRUB_MM_ALIGN is supposed to represent cell size, and a mm_header is
+ * supposed to be 1 cell.
+ */
+ COMPILE_TIME_ASSERT (sizeof (struct grub_mm_header) == GRUB_MM_ALIGN);
+}
+
#endif

203
0299-mm-When-adding-a-region-merge-with-region-after-as-w.patch
View File

@ -1,203 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 21 Apr 2022 15:24:15 +1000
Subject: [PATCH] mm: When adding a region, merge with region after as well as
before
On x86_64-efi (at least) regions seem to be added from top down. The mm
code will merge a new region with an existing region that comes
immediately before the new region. This allows larger allocations to be
satisfied that would otherwise be the case.
On powerpc-ieee1275, however, regions are added from bottom up. So if
we add 3x 32MB regions, we can still only satisfy a 32MB allocation,
rather than the 96MB allocation we might otherwise be able to satisfy.
* Define 'post_size' as being bytes lost to the end of an allocation
due to being given weird sizes from firmware that are not multiples
of GRUB_MM_ALIGN.
* Allow merging of regions immediately _after_ existing regions, not
just before. As with the other approach, we create an allocated
block to represent the new space and the pass it to grub_free() to
get the metadata right.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 052e6068be622ff53f1238b449c300dbd0a8abcd)
---
grub-core/kern/mm.c | 128 +++++++++++++++++++++++++++++-----------------
include/grub/mm_private.h | 9 ++++
2 files changed, 91 insertions(+), 46 deletions(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index 1cbf98c7ab..7be33e23bf 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -130,53 +130,88 @@ grub_mm_init_region (void *addr, grub_size_t size)
/* Attempt to merge this region with every existing region */
for (p = &grub_mm_base, q = *p; q; p = &(q->next), q = *p)
- /*
- * Is the new region immediately below an existing region? That
- * is, is the address of the memory we're adding now (addr) + size
- * of the memory we're adding (size) + the bytes we couldn't use
- * at the start of the region we're considering (q->pre_size)
- * equal to the address of q? In other words, does the memory
- * looks like this?
- *
- * addr q
- * |----size-----|-q->pre_size-|<q region>|
- */
- if ((grub_uint8_t *) addr + size + q->pre_size == (grub_uint8_t *) q)
- {
- /*
- * Yes, we can merge the memory starting at addr into the
- * existing region from below. Align up addr to GRUB_MM_ALIGN
- * so that our new region has proper alignment.
- */
- r = (grub_mm_region_t) ALIGN_UP ((grub_addr_t) addr, GRUB_MM_ALIGN);
- /* Copy the region data across */
- *r = *q;
- /* Consider all the new size as pre-size */
- r->pre_size += size;
+ {
+ /*
+ * Is the new region immediately below an existing region? That
+ * is, is the address of the memory we're adding now (addr) + size
+ * of the memory we're adding (size) + the bytes we couldn't use
+ * at the start of the region we're considering (q->pre_size)
+ * equal to the address of q? In other words, does the memory
+ * looks like this?
+ *
+ * addr q
+ * |----size-----|-q->pre_size-|<q region>|
+ */
+ if ((grub_uint8_t *) addr + size + q->pre_size == (grub_uint8_t *) q)
+ {
+ /*
+ * Yes, we can merge the memory starting at addr into the
+ * existing region from below. Align up addr to GRUB_MM_ALIGN
+ * so that our new region has proper alignment.
+ */
+ r = (grub_mm_region_t) ALIGN_UP ((grub_addr_t) addr, GRUB_MM_ALIGN);
+ /* Copy the region data across */
+ *r = *q;
+ /* Consider all the new size as pre-size */
+ r->pre_size += size;
- /*
- * If we have enough pre-size to create a block, create a
- * block with it. Mark it as allocated and pass it to
- * grub_free (), which will sort out getting it into the free
- * list.
- */
- if (r->pre_size >> GRUB_MM_ALIGN_LOG2)
- {
- h = (grub_mm_header_t) (r + 1);
- /* block size is pre-size converted to cells */
- h->size = (r->pre_size >> GRUB_MM_ALIGN_LOG2);
- h->magic = GRUB_MM_ALLOC_MAGIC;
- /* region size grows by block size converted back to bytes */
- r->size += h->size << GRUB_MM_ALIGN_LOG2;
- /* adjust pre_size to be accurate */
- r->pre_size &= (GRUB_MM_ALIGN - 1);
- *p = r;
- grub_free (h + 1);
- }
- /* Replace the old region with the new region */
- *p = r;
- return;
- }
+ /*
+ * If we have enough pre-size to create a block, create a
+ * block with it. Mark it as allocated and pass it to
+ * grub_free (), which will sort out getting it into the free
+ * list.
+ */
+ if (r->pre_size >> GRUB_MM_ALIGN_LOG2)
+ {
+ h = (grub_mm_header_t) (r + 1);
+ /* block size is pre-size converted to cells */
+ h->size = (r->pre_size >> GRUB_MM_ALIGN_LOG2);
+ h->magic = GRUB_MM_ALLOC_MAGIC;
+ /* region size grows by block size converted back to bytes */
+ r->size += h->size << GRUB_MM_ALIGN_LOG2;
+ /* adjust pre_size to be accurate */
+ r->pre_size &= (GRUB_MM_ALIGN - 1);
+ *p = r;
+ grub_free (h + 1);
+ }
+ /* Replace the old region with the new region */
+ *p = r;
+ return;
+ }
+
+ /*
+ * Is the new region immediately above an existing region? That
+ * is:
+ * q addr
+ * |<q region>|-q->post_size-|----size-----|
+ */
+ if ((grub_uint8_t *) q + sizeof (*q) + q->size + q->post_size ==
+ (grub_uint8_t *) addr)
+ {
+ /*
+ * Yes! Follow a similar pattern to above, but simpler.
+ * Our header starts at address - post_size, which should align us
+ * to a cell boundary.
+ *
+ * Cast to (void *) first to avoid the following build error:
+ * kern/mm.c: In function grub_mm_init_region:
+ * kern/mm.c:211:15: error: cast increases required alignment of target type [-Werror=cast-align]
+ * 211 | h = (grub_mm_header_t) ((grub_uint8_t *) addr - q->post_size);
+ * | ^
+ * It is safe to do that because proper alignment is enforced in grub_mm_size_sanity_check().
+ */
+ h = (grub_mm_header_t)(void *) ((grub_uint8_t *) addr - q->post_size);
+ /* our size is the allocated size plus post_size, in cells */
+ h->size = (size + q->post_size) >> GRUB_MM_ALIGN_LOG2;
+ h->magic = GRUB_MM_ALLOC_MAGIC;
+ /* region size grows by block size converted back to bytes */
+ q->size += h->size << GRUB_MM_ALIGN_LOG2;
+ /* adjust new post_size to be accurate */
+ q->post_size = (q->post_size + size) & (GRUB_MM_ALIGN - 1);
+ grub_free (h + 1);
+ return;
+ }
+ }
/* Allocate a region from the head. */
r = (grub_mm_region_t) ALIGN_UP ((grub_addr_t) addr, GRUB_MM_ALIGN);
@@ -195,6 +230,7 @@ grub_mm_init_region (void *addr, grub_size_t size)
r->first = h;
r->pre_size = (grub_addr_t) r - (grub_addr_t) addr;
r->size = (h->size << GRUB_MM_ALIGN_LOG2);
+ r->post_size = size - r->size;
/* Find where to insert this region. Put a smaller one before bigger ones,
to prevent fragmentation. */
diff --git a/include/grub/mm_private.h b/include/grub/mm_private.h
index a688b92a83..96c2d816be 100644
--- a/include/grub/mm_private.h
+++ b/include/grub/mm_private.h
@@ -81,8 +81,17 @@ typedef struct grub_mm_region
*/
grub_size_t pre_size;
+ /*
+ * Likewise, the post-size is the number of bytes we wasted at the end
+ * of the allocation because it wasn't a multiple of GRUB_MM_ALIGN
+ */
+ grub_size_t post_size;
+
/* How many bytes are in this region? (free and allocated) */
grub_size_t size;
+
+ /* pad to a multiple of cell size */
+ char padding[3 * GRUB_CPU_SIZEOF_VOID_P];
}
*grub_mm_region_t;

71
0300-mm-Debug-support-for-region-operations.patch
View File

@ -1,71 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Thu, 21 Apr 2022 15:24:16 +1000
Subject: [PATCH] mm: Debug support for region operations
This is handy for debugging. Enable with "set debug=regions".
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 8afa5ef45b797ba5d8147ceee85ac2c59dcc7f09)
---
grub-core/kern/mm.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index 7be33e23bf..38bfb01df9 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -115,9 +115,8 @@ grub_mm_init_region (void *addr, grub_size_t size)
grub_mm_header_t h;
grub_mm_region_t r, *p, q;
-#if 0
- grub_printf ("Using memory for heap: start=%p, end=%p\n", addr, addr + (unsigned int) size);
-#endif
+ grub_dprintf ("regions", "Using memory for heap: start=%p, end=%p\n",
+ addr, (char *) addr + (unsigned int) size);
/* Exclude last 4K to avoid overflows. */
/* If addr + 0x1000 overflows then whole region is in excluded zone. */
@@ -142,8 +141,14 @@ grub_mm_init_region (void *addr, grub_size_t size)
* addr q
* |----size-----|-q->pre_size-|<q region>|
*/
+ grub_dprintf ("regions", "Can we extend into region above?"
+ " %p + %" PRIxGRUB_SIZE " + %" PRIxGRUB_SIZE " ?=? %p\n",
+ (grub_uint8_t *) addr, size, q->pre_size, (grub_uint8_t *) q);
if ((grub_uint8_t *) addr + size + q->pre_size == (grub_uint8_t *) q)
{
+ grub_dprintf ("regions", "Yes: extending a region: (%p -> %p) -> (%p -> %p)\n",
+ q, (grub_uint8_t *) q + sizeof (*q) + q->size,
+ addr, (grub_uint8_t *) q + sizeof (*q) + q->size);
/*
* Yes, we can merge the memory starting at addr into the
* existing region from below. Align up addr to GRUB_MM_ALIGN
@@ -185,9 +190,15 @@ grub_mm_init_region (void *addr, grub_size_t size)
* q addr
* |<q region>|-q->post_size-|----size-----|
*/
+ grub_dprintf ("regions", "Can we extend into region below?"
+ " %p + %" PRIxGRUB_SIZE " + %" PRIxGRUB_SIZE " + %" PRIxGRUB_SIZE " ?=? %p\n",
+ (grub_uint8_t *) q, sizeof(*q), q->size, q->post_size, (grub_uint8_t *) addr);
if ((grub_uint8_t *) q + sizeof (*q) + q->size + q->post_size ==
(grub_uint8_t *) addr)
{
+ grub_dprintf ("regions", "Yes: extending a region: (%p -> %p) -> (%p -> %p)\n",
+ q, (grub_uint8_t *) q + sizeof (*q) + q->size,
+ q, (grub_uint8_t *) addr + size);
/*
* Yes! Follow a similar pattern to above, but simpler.
* Our header starts at address - post_size, which should align us
@@ -213,6 +224,8 @@ grub_mm_init_region (void *addr, grub_size_t size)
}
}
+ grub_dprintf ("regions", "No: considering a new region at %p of size %" PRIxGRUB_SIZE "\n",
+ addr, size);
/* Allocate a region from the head. */
r = (grub_mm_region_t) ALIGN_UP ((grub_addr_t) addr, GRUB_MM_ALIGN);

80
0301-mm-Drop-unused-unloading-of-modules-on-OOM.patch
View File

@ -1,80 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:17 +1000
Subject: [PATCH] mm: Drop unused unloading of modules on OOM
In grub_memalign(), there's a commented section which would allow for
unloading of unneeded modules in case where there is not enough free
memory available to satisfy a request. Given that this code is never
compiled in, let's remove it together with grub_dl_unload_unneeded().
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 139fd9b134a01e0b5fe0ebefafa7f48d1ffb6d60)
---
grub-core/kern/dl.c | 20 --------------------
grub-core/kern/mm.c | 8 --------
include/grub/dl.h | 1 -
3 files changed, 29 deletions(-)
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
index d5de80186f..ab9101a5ad 100644
--- a/grub-core/kern/dl.c
+++ b/grub-core/kern/dl.c
@@ -998,23 +998,3 @@ grub_dl_unload (grub_dl_t mod)
grub_free (mod);
return 1;
}
-
-/* Unload unneeded modules. */
-void
-grub_dl_unload_unneeded (void)
-{
- /* Because grub_dl_remove modifies the list of modules, this
- implementation is tricky. */
- grub_dl_t p = grub_dl_head;
-
- while (p)
- {
- if (grub_dl_unload (p))
- {
- p = grub_dl_head;
- continue;
- }
-
- p = p->next;
- }
-}
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index 38bfb01df9..1825dc8289 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -444,14 +444,6 @@ grub_memalign (grub_size_t align, grub_size_t size)
count++;
goto again;
-#if 0
- case 1:
- /* Unload unneeded modules. */
- grub_dl_unload_unneeded ();
- count++;
- goto again;
-#endif
-
default:
break;
}
diff --git a/include/grub/dl.h b/include/grub/dl.h
index 45ac8e339f..6bc2560bf0 100644
--- a/include/grub/dl.h
+++ b/include/grub/dl.h
@@ -206,7 +206,6 @@ grub_dl_t EXPORT_FUNC(grub_dl_load) (const char *name);
grub_dl_t grub_dl_load_core (void *addr, grub_size_t size);
grub_dl_t EXPORT_FUNC(grub_dl_load_core_noinit) (void *addr, grub_size_t size);
int EXPORT_FUNC(grub_dl_unload) (grub_dl_t mod);
-extern void grub_dl_unload_unneeded (void);
extern int EXPORT_FUNC(grub_dl_ref) (grub_dl_t mod);
extern int EXPORT_FUNC(grub_dl_unref) (grub_dl_t mod);
extern int EXPORT_FUNC(grub_dl_ref_count) (grub_dl_t mod);

130
0302-mm-Allow-dynamically-requesting-additional-memory-re.patch
View File

@ -1,130 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:18 +1000
Subject: [PATCH] mm: Allow dynamically requesting additional memory regions
Currently, all platforms will set up their heap on initialization of the
platform code. While this works mostly fine, it poses some limitations
on memory management on us. Most notably, allocating big chunks of
memory in the gigabyte range would require us to pre-request this many
bytes from the firmware and add it to the heap from the beginning on
some platforms like EFI. As this isn't needed for most configurations,
it is inefficient and may even negatively impact some usecases when,
e.g., chainloading. Nonetheless, allocating big chunks of memory is
required sometimes, where one example is the upcoming support for the
Argon2 key derival function in LUKS2.
In order to avoid pre-allocating big chunks of memory, this commit
implements a runtime mechanism to add more pages to the system. When
a given allocation cannot be currently satisfied, we'll call a given
callback set up by the platform's own memory management subsystem,
asking it to add a memory area with at least "n" bytes. If this
succeeds, we retry searching for a valid memory region, which should
now succeed.
If this fails, we try asking for "n" bytes, possibly spread across
multiple regions, in hopes that region merging means that we end up
with enough memory for things to work out.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 887f98f0db43e33fba4ec1f85e42fae1185700bc)
---
grub-core/kern/mm.c | 30 ++++++++++++++++++++++++++++++
include/grub/mm.h | 18 ++++++++++++++++++
2 files changed, 48 insertions(+)
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index 1825dc8289..f2e27f263b 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -28,6 +28,9 @@
- multiple regions may be used as free space. They may not be
contiguous.
+ - if existing regions are insufficient to satisfy an allocation, a new
+ region can be requested from firmware.
+
Regions are managed by a singly linked list, and the meta information is
stored in the beginning of each region. Space after the meta information
is used to allocate memory.
@@ -81,6 +84,7 @@
grub_mm_region_t grub_mm_base;
+grub_mm_add_region_func_t grub_mm_add_region_fn;
/* Get a header from the pointer PTR, and set *P and *R to a pointer
to the header and a pointer to its region, respectively. PTR must
@@ -444,6 +448,32 @@ grub_memalign (grub_size_t align, grub_size_t size)
count++;
goto again;
+ case 1:
+ /* Request additional pages, contiguous */
+ count++;
+
+ if (grub_mm_add_region_fn != NULL &&
+ grub_mm_add_region_fn (size, GRUB_MM_ADD_REGION_CONSECUTIVE) == GRUB_ERR_NONE)
+ goto again;
+
+ /* fallthrough */
+
+ case 2:
+ /* Request additional pages, anything at all */
+ count++;
+
+ if (grub_mm_add_region_fn != NULL)
+ {
+ /*
+ * Try again even if this fails, in case it was able to partially
+ * satisfy the request
+ */
+ grub_mm_add_region_fn (size, GRUB_MM_ADD_REGION_NONE);
+ goto again;
+ }
+
+ /* fallthrough */
+
default:
break;
}
diff --git a/include/grub/mm.h b/include/grub/mm.h
index d81623d226..7c6f925ffd 100644
--- a/include/grub/mm.h
+++ b/include/grub/mm.h
@@ -20,6 +20,7 @@
#ifndef GRUB_MM_H
#define GRUB_MM_H 1
+#include <grub/err.h>
#include <grub/types.h>
#include <grub/symbol.h>
#include <grub/err.h>
@@ -29,6 +30,23 @@
# define NULL ((void *) 0)
#endif
+#define GRUB_MM_ADD_REGION_NONE 0
+#define GRUB_MM_ADD_REGION_CONSECUTIVE (1 << 0)
+
+/*
+ * Function used to request memory regions of `grub_size_t` bytes. The second
+ * parameter is a bitfield of `GRUB_MM_ADD_REGION` flags.
+ */
+typedef grub_err_t (*grub_mm_add_region_func_t) (grub_size_t, unsigned int);
+
+/*
+ * Set this function pointer to enable adding memory-regions at runtime in case
+ * a memory allocation cannot be satisfied with existing regions.
+ */
+#ifndef GRUB_MACHINE_EMU
+extern grub_mm_add_region_func_t EXPORT_VAR(grub_mm_add_region_fn);
+#endif
+
void grub_mm_init_region (void *addr, grub_size_t size);
void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size);
void *EXPORT_FUNC(grub_malloc) (grub_size_t size);

103
0303-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch
View File

@ -1,103 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:19 +1000
Subject: [PATCH] kern/efi/mm: Always request a fixed number of pages on init
When initializing the EFI memory subsystem, we will by default request
a quarter of the available memory, bounded by a minimum/maximum value.
Given that we're about to extend the EFI memory system to dynamically
request additional pages from the firmware as required, this scaling of
requested memory based on available memory will not make a lot of sense
anymore.
Remove this logic as a preparatory patch such that we'll instead defer
to the runtime memory allocator. Note that ideally, we'd want to change
this after dynamic requesting of pages has been implemented for the EFI
platform. But because we'll need to split up initialization of the
memory subsystem and the request of pages from the firmware, we'd have
to duplicate quite some logic at first only to remove it afterwards
again. This seems quite pointless, so we instead have patches slightly
out of order.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 938c3760b8c0fca759140be48307179b50107ff6)
---
grub-core/kern/efi/mm.c | 35 +++--------------------------------
1 file changed, 3 insertions(+), 32 deletions(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index e460b072e6..782a1365a1 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -38,9 +38,8 @@
a multiplier of 4KB. */
#define MEMORY_MAP_SIZE 0x3000
-/* The minimum and maximum heap size for GRUB itself. */
-#define MIN_HEAP_SIZE 0x100000
-#define MAX_HEAP_SIZE (1600 * 0x100000)
+/* The default heap size for GRUB itself in bytes. */
+#define DEFAULT_HEAP_SIZE 0x100000
static void *finish_mmap_buf = 0;
static grub_efi_uintn_t finish_mmap_size = 0;
@@ -514,23 +513,6 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map,
return filtered_desc;
}
-/* Return the total number of pages. */
-static grub_efi_uint64_t
-get_total_pages (grub_efi_memory_descriptor_t *memory_map,
- grub_efi_uintn_t desc_size,
- grub_efi_memory_descriptor_t *memory_map_end)
-{
- grub_efi_memory_descriptor_t *desc;
- grub_efi_uint64_t total = 0;
-
- for (desc = memory_map;
- desc < memory_map_end;
- desc = NEXT_MEMORY_DESCRIPTOR (desc, desc_size))
- total += desc->num_pages;
-
- return total;
-}
-
/* Add memory regions. */
static void
add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
@@ -694,8 +676,6 @@ grub_efi_mm_init (void)
grub_efi_memory_descriptor_t *filtered_memory_map_end;
grub_efi_uintn_t map_size;
grub_efi_uintn_t desc_size;
- grub_efi_uint64_t total_pages;
- grub_efi_uint64_t required_pages;
int mm_status;
grub_nx_init ();
@@ -737,22 +717,13 @@ grub_efi_mm_init (void)
filtered_memory_map_end = filter_memory_map (memory_map, filtered_memory_map,
desc_size, memory_map_end);
- /* By default, request a quarter of the available memory. */
- total_pages = get_total_pages (filtered_memory_map, desc_size,
- filtered_memory_map_end);
- required_pages = (total_pages >> 2);
- if (required_pages < BYTES_TO_PAGES (MIN_HEAP_SIZE))
- required_pages = BYTES_TO_PAGES (MIN_HEAP_SIZE);
- else if (required_pages > BYTES_TO_PAGES (MAX_HEAP_SIZE))
- required_pages = BYTES_TO_PAGES (MAX_HEAP_SIZE);
-
/* Sort the filtered descriptors, so that GRUB can allocate pages
from smaller regions. */
sort_memory_map (filtered_memory_map, desc_size, filtered_memory_map_end);
/* Allocate memory regions for GRUB's memory management. */
add_memory_regions (filtered_memory_map, desc_size,
- filtered_memory_map_end, required_pages);
+ filtered_memory_map_end, BYTES_TO_PAGES (DEFAULT_HEAP_SIZE));
#if 0
/* For debug. */

85
0304-kern-efi-mm-Extract-function-to-add-memory-regions.patch
View File

@ -1,85 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:20 +1000
Subject: [PATCH] kern/efi/mm: Extract function to add memory regions
In preparation of support for runtime-allocating additional memory
region, this patch extracts the function to retrieve the EFI memory
map and add a subset of it to GRUB's own memory regions.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 96a7ea29e3cb61b6c2302e260e8e6a6117e17fa3)
[rharwood: backport around our nx]
---
grub-core/kern/efi/mm.c | 21 +++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index 782a1365a1..a1d3b51fe6 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -667,8 +667,8 @@ grub_nx_init (void)
}
}
-void
-grub_efi_mm_init (void)
+static grub_err_t
+grub_efi_mm_add_regions (grub_size_t required_bytes)
{
grub_efi_memory_descriptor_t *memory_map;
grub_efi_memory_descriptor_t *memory_map_end;
@@ -683,7 +683,7 @@ grub_efi_mm_init (void)
/* Prepare a memory region to store two memory maps. */
memory_map = grub_efi_allocate_any_pages (2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE));
if (! memory_map)
- grub_fatal ("cannot allocate memory");
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate memory for memory map");
/* Obtain descriptors for available memory. */
map_size = MEMORY_MAP_SIZE;
@@ -701,14 +701,14 @@ grub_efi_mm_init (void)
memory_map = grub_efi_allocate_any_pages (2 * BYTES_TO_PAGES (map_size));
if (! memory_map)
- grub_fatal ("cannot allocate memory");
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate memory for new memory map");
mm_status = grub_efi_get_memory_map (&map_size, memory_map, 0,
&desc_size, 0);
}
if (mm_status < 0)
- grub_fatal ("cannot get memory map");
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "error fetching memory map from EFI");
memory_map_end = NEXT_MEMORY_DESCRIPTOR (memory_map, map_size);
@@ -723,7 +723,7 @@ grub_efi_mm_init (void)
/* Allocate memory regions for GRUB's memory management. */
add_memory_regions (filtered_memory_map, desc_size,
- filtered_memory_map_end, BYTES_TO_PAGES (DEFAULT_HEAP_SIZE));
+ filtered_memory_map_end, BYTES_TO_PAGES (required_bytes));
#if 0
/* For debug. */
@@ -741,6 +741,15 @@ grub_efi_mm_init (void)
/* Release the memory maps. */
grub_efi_free_pages ((grub_addr_t) memory_map,
2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE));
+
+ return GRUB_ERR_NONE;
+}
+
+void
+grub_efi_mm_init (void)
+{
+ if (grub_efi_mm_add_regions (DEFAULT_HEAP_SIZE) != GRUB_ERR_NONE)
+ grub_fatal ("%s", grub_errmsg);
}
#if defined (__aarch64__) || defined (__arm__) || defined (__riscv)

87
0305-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch
View File

@ -1,87 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:21 +1000
Subject: [PATCH] kern/efi/mm: Pass up errors from add_memory_regions()
The function add_memory_regions() is currently only called on system
initialization to allocate a fixed amount of pages. As such, it didn't
need to return any errors: in case it failed, we cannot proceed anyway.
This will change with the upcoming support for requesting more memory
from the firmware at runtime, where it doesn't make sense anymore to
fail hard.
Refactor the function to return an error to prepare for this. Note that
this does not change the behaviour when initializing the memory system
because grub_efi_mm_init() knows to call grub_fatal() in case
grub_efi_mm_add_regions() returns an error.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 15a015698921240adc1ac266a3b5bc5fcbd81521)
---
grub-core/kern/efi/mm.c | 22 +++++++++++++++-------
1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index a1d3b51fe6..e0ebc65dba 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -514,7 +514,7 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map,
}
/* Add memory regions. */
-static void
+static grub_err_t
add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
grub_efi_uintn_t desc_size,
grub_efi_memory_descriptor_t *memory_map_end,
@@ -542,9 +542,9 @@ add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
GRUB_EFI_ALLOCATE_ADDRESS,
GRUB_EFI_LOADER_CODE);
if (! addr)
- grub_fatal ("cannot allocate conventional memory %p with %u pages",
- (void *) ((grub_addr_t) start),
- (unsigned) pages);
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ "Memory starting at %p (%u pages) marked as free, but EFI would not allocate",
+ (void *) ((grub_addr_t) start), (unsigned) pages);
grub_mm_init_region (addr, PAGES_TO_BYTES (pages));
@@ -554,7 +554,11 @@ add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
}
if (required_pages > 0)
- grub_fatal ("too little memory");
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ "could not allocate all requested memory: %" PRIuGRUB_UINT64_T " pages still required after iterating EFI memory map",
+ required_pages);
+
+ return GRUB_ERR_NONE;
}
void
@@ -676,6 +680,7 @@ grub_efi_mm_add_regions (grub_size_t required_bytes)
grub_efi_memory_descriptor_t *filtered_memory_map_end;
grub_efi_uintn_t map_size;
grub_efi_uintn_t desc_size;
+ grub_err_t err;
int mm_status;
grub_nx_init ();
@@ -722,8 +727,11 @@ grub_efi_mm_add_regions (grub_size_t required_bytes)
sort_memory_map (filtered_memory_map, desc_size, filtered_memory_map_end);
/* Allocate memory regions for GRUB's memory management. */
- add_memory_regions (filtered_memory_map, desc_size,
- filtered_memory_map_end, BYTES_TO_PAGES (required_bytes));
+ err = add_memory_regions (filtered_memory_map, desc_size,
+ filtered_memory_map_end,
+ BYTES_TO_PAGES (required_bytes));
+ if (err != GRUB_ERR_NONE)
+ return err;
#if 0
/* For debug. */

75
0306-kern-efi-mm-Implement-runtime-addition-of-pages.patch
View File

@ -1,75 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Thu, 21 Apr 2022 15:24:22 +1000
Subject: [PATCH] kern/efi/mm: Implement runtime addition of pages
Adjust the interface of grub_efi_mm_add_regions() to take a set of
GRUB_MM_ADD_REGION_* flags, which most notably is currently only the
GRUB_MM_ADD_REGION_CONSECUTIVE flag. This allows us to set the function
up as callback for the memory subsystem and have it call out to us in
case there's not enough pages available in the current heap.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Patrick Steinhardt <ps@pks.im>
(cherry picked from commit 1df2934822df4c1170dde069d97cfbf7a9572bba)
---
grub-core/kern/efi/mm.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index e0ebc65dba..016ba6cf2f 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -518,7 +518,8 @@ static grub_err_t
add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
grub_efi_uintn_t desc_size,
grub_efi_memory_descriptor_t *memory_map_end,
- grub_efi_uint64_t required_pages)
+ grub_efi_uint64_t required_pages,
+ unsigned int flags)
{
grub_efi_memory_descriptor_t *desc;
@@ -532,6 +533,10 @@ add_memory_regions (grub_efi_memory_descriptor_t *memory_map,
start = desc->physical_start;
pages = desc->num_pages;
+
+ if (pages < required_pages && (flags & GRUB_MM_ADD_REGION_CONSECUTIVE))
+ continue;
+
if (pages > required_pages)
{
start += PAGES_TO_BYTES (pages - required_pages);
@@ -672,7 +677,7 @@ grub_nx_init (void)
}
static grub_err_t
-grub_efi_mm_add_regions (grub_size_t required_bytes)
+grub_efi_mm_add_regions (grub_size_t required_bytes, unsigned int flags)
{
grub_efi_memory_descriptor_t *memory_map;
grub_efi_memory_descriptor_t *memory_map_end;
@@ -729,7 +734,8 @@ grub_efi_mm_add_regions (grub_size_t required_bytes)
/* Allocate memory regions for GRUB's memory management. */
err = add_memory_regions (filtered_memory_map, desc_size,
filtered_memory_map_end,
- BYTES_TO_PAGES (required_bytes));
+ BYTES_TO_PAGES (required_bytes),
+ flags);
if (err != GRUB_ERR_NONE)
return err;
@@ -756,8 +762,9 @@ grub_efi_mm_add_regions (grub_size_t required_bytes)
void
grub_efi_mm_init (void)
{
- if (grub_efi_mm_add_regions (DEFAULT_HEAP_SIZE) != GRUB_ERR_NONE)
+ if (grub_efi_mm_add_regions (DEFAULT_HEAP_SIZE, GRUB_MM_ADD_REGION_NONE) != GRUB_ERR_NONE)
grub_fatal ("%s", grub_errmsg);
+ grub_mm_add_region_fn = grub_efi_mm_add_regions;
}
#if defined (__aarch64__) || defined (__arm__) || defined (__riscv)

31
0307-efi-Increase-default-memory-allocation-to-32-MiB.patch
View File

@ -1,31 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Tue, 20 Sep 2022 00:30:30 +1000
Subject: [PATCH] efi: Increase default memory allocation to 32 MiB
We have multiple reports of things being slower with a 1 MiB initial static
allocation, and a report (more difficult to nail down) of a boot failure
as a result of the smaller initial allocation.
Make the initial memory allocation 32 MiB.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 75e38e86e7d9202f050b093f20500d9ad4c6dad9)
---
grub-core/kern/efi/mm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index 016ba6cf2f..b27e966e1f 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -39,7 +39,7 @@
#define MEMORY_MAP_SIZE 0x3000
/* The default heap size for GRUB itself in bytes. */
-#define DEFAULT_HEAP_SIZE 0x100000
+#define DEFAULT_HEAP_SIZE 0x2000000
static void *finish_mmap_buf = 0;
static grub_efi_uintn_t finish_mmap_size = 0;

Some files were not shown because too many files have changed in this diff Show More