From 0bcec266a089080004d264ef42360e72474dc0c8 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 6 Apr 2018 15:38:57 -0400 Subject: [PATCH] Enable TPM measurements Set the default boot entry to the first entry when we're using BLS. Signed-off-by: Peter Jones --- 0001-Bump-version-to-2.03.patch | 2 +- 0002-Remove-bashisms-from-tests.patch | 2 +- 0003-fs-tester-make-sh-compatible.patch | 2 +- 0004-support-busybox-date.patch | 2 +- ...retrieve-fstime-when-it-s-not-useful.patch | 2 +- 0006-Support-lseek64.patch | 2 +- 0007-Use-SHELL-rather-than-bin-sh.patch | 2 +- 0008-po-Use-SHELL-rather-than-bin-sh.patch | 2 +- 0009-Add-termux-path-to-dict.patch | 2 +- 0010-Fix-shebang-for-termux.patch | 2 +- 0011-Add-strtoull-test.patch | 2 +- ...x-behaviour-on-chars-between-9-and-a.patch | 2 +- 0013-Add-Virtual-LAN-support.patch | 2 +- ...out-to-mkimage_generate_elfXX-rather.patch | 2 +- ...r-arm-uboot-code-to-make-it-genereic.patch | 2 +- ...-parts-that-are-platform-independent.patch | 2 +- ...-Rename-uboot-halt.c-to-dummy-halt.c.patch | 2 +- ...ame-uboot-datetime-to-dummy-datetime.patch | 2 +- 0019-arm-coreboot-Start-new-port.patch | 2 +- ...upport-for-device-tree-based-drivers.patch | 2 +- ...-coreboot-Support-for-vexpress-timer.patch | 2 +- 0022-arm-coreboot-Export-FDT-routines.patch | 2 +- ...-Split-protocol-from-controller-code.patch | 2 +- ...reboot-Support-keyboard-for-vexpress.patch | 2 +- ...m_coreboot-Support-grub-mkstandalone.patch | 2 +- ...oreboot-Support-loading-linux-images.patch | 2 +- 0027-arm_coreboot-Support-DMA.patch | 2 +- 0028-ehci-Split-core-code-from-PCI-part.patch | 2 +- 0029-arm_coreboot-Support-EHCI.patch | 2 +- ...n-FDT-nodes-with-compatible-property.patch | 2 +- ...ty-to-send-receive-messages-on-paren.patch | 2 +- 0032-rk3288_spi-Add-SPI-driver.patch | 2 +- ...eboot-Add-Chromebook-keyboard-driver.patch | 2 +- 0034-Missing-parts-of-previous-commit.patch | 2 +- ...-cbmemc-to-support-updated-console-f.patch | 2 +- ...t_keyboard-Fix-falco-chromebook-case.patch | 2 +- 0037-sparc64-Close-cdboot-ihandle.patch | 2 +- ...-Fix-Xen-boot-using-GRUB2-on-AARCH64.patch | 2 +- ...p-option-support-in-xen_module-comma.patch | 2 +- ...inux_xen.in-Add-xen_boot-command-sup.patch | 2 +- ...-introduction-of-Xen-boot-commands-i.patch | 2 +- ...se-devspec-to-determine-the-OBP-path.patch | 2 +- ...unt-ext2-3-4-filesystems-that-have-t.patch | 2 +- 0044-ehci-Fix-compilation-for-amd64.patch | 2 +- ...-compilation-for-ppc-sparc-and-arm64.patch | 2 +- 0046-ehci-Fix-compilation-on-i386.patch | 2 +- 0047-crypto-Fix-use-after-free.patch | 2 +- 0048-arm-efi-Fix-compilation.patch | 2 +- 0049-fdt-silence-clang-warning.patch | 2 +- 0050-Fix-a-segfault-in-lsefi.patch | 2 +- ...t-typedef-and-use-grub_size_t-instea.patch | 2 +- ...x-reading-label-lvd.ident-is-dstring.patch | 2 +- ...b-core-fs-udf.c-Add-support-for-UUID.patch | 2 +- ...orriso-presence-before-doing-anythin.patch | 2 +- 0055-Fail-if-xorriso-failed.patch | 2 +- ...efi-refactor-grub_efi_allocate_pages.patch | 2 +- 0057-Remove-grub_efi_allocate_pages.patch | 2 +- 0058-efi-move-fdt-helper-library.patch | 2 +- 0059-efi-Add-GRUB_PE32_MAGIC-definition.patch | 2 +- ...inux-loader-improve-type-portability.patch | 2 +- ...allocation-type-to-GRUB_EFI_LOADER_C.patch | 2 +- ...RM_-definitions-when-handling-term-c.patch | 2 +- ...B_GZ-prefix-to-gzio-specific-defines.patch | 2 +- 0064-info-in-builddir.patch | 2 +- 0065-re-write-.gitignore.patch | 2 +- ...ient-architecture-CAS-reboot-support.patch | 2 +- ...nsole-display-attr-when-clear-screen.patch | 2 +- ...video-support-for-IBM-power-machines.patch | 2 +- ...when-generating-configuration-by-gru.patch | 2 +- 0070-Move-bash-completion-script-922997.patch | 2 +- 0071-Update-to-minilzo-2.08.patch | 2 +- ...o-include-entries-by-title-not-just-.patch | 2 +- 0073-Add-GRUB_DISABLE_UUID.patch | 2 +- 0074-Make-exit-take-a-return-code.patch | 2 +- ...pot-as-binary-so-git-won-t-try-to-di.patch | 2 +- ...es-load-an-env-block-from-a-variable.patch | 2 +- ...HCP-client-ID-and-UUID-options-added.patch | 2 +- ...-trim-arp-packets-with-abnormal-size.patch | 2 +- ...Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch | 2 +- ...UEFI-operating-systems-returned-by-o.patch | 2 +- 0081-Migrate-PPC-from-Yaboot-to-Grub2.patch | 2 +- 0082-Add-fw_path-variable-revised.patch | 2 +- 0083-Add-support-for-linuxefi.patch | 2 +- ...xefi-and-initrdefi-where-appropriate.patch | 2 +- ...w-insmod-when-secure-boot-is-enabled.patch | 2 +- ...-hex-hex-straight-through-unmolested.patch | 2 +- 0087-Add-X-option-to-printf-functions.patch | 2 +- ...for-specific-config-file-for-netboot.patch | 2 +- ...g-module-to-parse-Boot-Loader-Specif.patch | 2 +- 0090-Don-t-write-messages-to-the-screen.patch | 2 +- 0091-Don-t-print-GNU-GRUB-header.patch | 2 +- 0092-Don-t-add-to-highlighted-row.patch | 2 +- 0093-Message-string-cleanups.patch | 2 +- ...ing-now-that-we-aren-t-displaying-it.patch | 2 +- ...t-indentation-for-the-term-help-text.patch | 2 +- 0096-Indent-menu-entries.patch | 2 +- 0097-Fix-margins.patch | 2 +- ...-1-for-our-right-hand-margin-so-line.patch | 2 +- ...-Use-linux16-when-appropriate-880840.patch | 2 +- 0100-Enable-pager-by-default.-985860.patch | 2 +- ...-on-serial-so-don-t-tell-the-user-to.patch | 2 +- ...n-t-say-GNU-Linux-in-generated-menus.patch | 2 +- ...-Don-t-draw-a-border-around-the-menu.patch | 2 +- ...andard-margin-for-the-timeout-string.patch | 2 +- ...rame-to-list-of-relocations-stripped.patch | 2 +- ...rk-with-our-changes-for-linux16-and-.patch | 2 +- ...on-t-print-during-fdt-loading-method.patch | 2 +- ...spaces-when-we-re-doing-our-cmdline-.patch | 2 +- ...password-to-boot-entries-generated-b.patch | 2 +- 0110-Don-t-emit-Booting-.-message.patch | 2 +- ...f-man-pages-with-slightly-nicer-ones.patch | 2 +- ...ix-when-fallback-searching-for-grub-.patch | 2 +- ...-before-grub.cfg-on-tftp-config-file.patch | 2 +- ...ert-function-to-support-NVMe-devices.patch | 2 +- ...M-Mustang-device-tree-for-hardware-t.patch | 2 +- ...device-tree-from-the-grub-default-fi.patch | 2 +- ...P-protocol-for-exclusive-use-by-grub.patch | 2 +- ...P-protocol-for-exclusive-use-by-grub.patch | 2 +- 0119-Add-grub_util_readlink.patch | 2 +- ...se-symlinks-including-those-across-d.patch | 2 +- ...CLASS-in-10_linux-from-etc-os-releas.patch | 2 +- ...t-ordering-for-.debug-and-rescue-ker.patch | 2 +- 0123-Load-arm-with-SB-enabled.patch | 2 +- 0124-Try-prefix-if-fw_path-doesn-t-work.patch | 2 +- ...-grub.cfg-netboot-selection-order-11.patch | 2 +- ...-Package-Sort-for-grub2-mkconfig-112.patch | 2 +- 0127-Handle-rssd-storage-devices.patch | 2 +- ...x16-initrd16-and-linuxefi-initrdefi-.patch | 2 +- ...fig-construct-titles-that-look-like-.patch | 2 +- ...ly-grub2-password-config-tool-985962.patch | 2 +- ...fig-construct-titles-that-look-like-.patch | 2 +- ...-configure.ac-and-grub-rpm-sort-play.patch | 2 +- 0133-tcp-add-window-scaling-support.patch | 2 +- ...net-retransmit-if-our-device-is-busy.patch | 2 +- ...out-actually-using-the-configured-ne.patch | 2 +- ...r-for-the-first-exclusive-reopen-of-.patch | 2 +- ...ue-when-reading-username-and-passwor.patch | 2 +- ...ub-password-will-not-be-read-1290803.patch | 2 +- ...ub-setpassword-documentation-1290799.patch | 2 +- ...le-issue-in-grub-setpassword-1294243.patch | 2 +- ...rsistent-RAM-and-unknown-possible-fu.patch | 2 +- 0142-efiemu-Fix-compilation-failure.patch | 2 +- ...P-protocol-for-exclusive-use-by-grub.patch | 2 +- 0144-Add-a-url-parser.patch | 2 +- ...net-and-bootp-add-support-for-dhcpv6.patch | 2 +- ...rnel-settings-and-use-it-in-10_linux.patch | 2 +- 0147-Normalize-slashes-in-tftp-paths.patch | 2 +- 0148-Fix-malformed-tftp-packets.patch | 2 +- 0149-Fix-race-in-EFI-validation.patch | 2 +- ...1374141-fix-incorrect-mask-for-ppc64.patch | 2 +- ...art-of-chainloader-target-if-present.patch | 2 +- ...ecureboot-support-on-efi-chainloader.patch | 2 +- ...loaders-that-link-in-efi-mode-honor-.patch | 2 +- 0154-Make-grub_fatal-also-backtrace.patch | 2 +- 0155-Rework-linux-command.patch | 2 +- 0156-Rework-linux16-command.patch | 2 +- 0157-Make-grub-editenv-build-again.patch | 2 +- ...ix-up-some-man-pages-rpmdiff-noticed.patch | 2 +- ...-work-some-intricacies-of-PE-loading.patch | 2 +- ...-of-efi-chainload-so-non-sb-cases-wo.patch | 2 +- ...-double-free-on-verification-failure.patch | 2 +- ...machine-type-test-in-30_os-prober.in.patch | 2 +- ...fix-wrong-sanity-check-in-relocate_c.patch | 2 +- ...truncate-overlong-relocation-section.patch | 2 +- 0165-linuxefi-minor-cleanups.patch | 2 +- ...rch-64-on-32-boot-in-linuxefi-loader.patch | 2 +- 0167-Fix-up-linux-params-usage.patch | 2 +- 0168-Make-exit-take-a-return-code.patch | 2 +- ...fdt-has-address-cells-and-size-cells.patch | 2 +- ...rintf-in-the-secure-boot-verify-code.patch | 2 +- ...fo-pages-say-grub2-where-appropriate.patch | 2 +- ...more-debug-info-in-our-module-loader.patch | 2 +- ...-chainloader-entries-don-t-try-any-x.patch | 2 +- ...-Add-ability-to-boot-from-subvolumes.patch | 2 +- ...port-btrfs_subvol-and-btrfs_subvolid.patch | 2 +- 0176-grub2-btrfs-03-follow_default.patch | 2 +- 0177-grub2-btrfs-04-grub2-install.patch | 2 +- 0178-grub2-btrfs-05-grub2-mkconfig.patch | 2 +- 0179-grub2-btrfs-06-subvol-mount.patch | 2 +- ...ootable-Snapshot-submenu-in-grub.cfg.patch | 2 +- ...subvol-name-scheme-to-support-old-sn.patch | 2 +- ...-correctly-with-btrfs-snapshots-bsc-.patch | 2 +- ...ocate_pool-and-grub_efi_free_pool-wr.patch | 2 +- ...fi_.-memory-helpers-where-reasonable.patch | 2 +- 0185-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch | 2 +- ...c-sized-arrays-since-we-don-t-build-.patch | 2 +- 0187-don-t-ignore-const.patch | 2 +- 0188-don-t-use-int-for-efi-status.patch | 2 +- ...INIT-declare-its-function-prototypes.patch | 2 +- ...p-some-errors-in-the-linuxefi-loader.patch | 2 +- 0191-editenv-handle-relative-symlinks.patch | 2 +- ...e-libgrub.pp-depend-on-config-util.h.patch | 2 +- ...-efi-as-HFS-on-ppc-machines-in-grub-.patch | 2 +- ...20_linux_xen.in-Add-xen_boot-command.patch | 2 +- ...-figure-out-whether-multiboot2-shoul.patch | 2 +- ...d-xen-or-multiboot-2-modules-as-need.patch | 2 +- ...lt-tsc-calibration-method-to-pmtimer.patch | 2 +- ...-calibration-not-take-51-seconds-to-.patch | 2 +- 0199-align-struct-efi_variable-better.patch | 2 +- 0200-Add-quicksort-implementation.patch | 2 +- ...nd-support-to-parse-BootLoaderSpec-c.patch | 2 +- 0202-Add-BLS-support-to-grub-mkconfig.patch | 2 +- ...d-grub_exit-definition-for-grub-emu-.patch | 2 +- ...-backtrace-on-grub_abort-for-grub-em.patch | 2 +- ...-blscfg-command-for-the-emu-platform.patch | 2 +- ...nux-and-initrd-commands-for-grub-emu.patch | 2 +- 0207-Fix-the-efidir-in-grub-setpassword.patch | 2 +- 0208-Add-grub2-switch-to-blscfg.patch | 2 +- 0209-Add-grub_debug_enabled.patch | 2 +- 0210-make-better-backtraces.patch | 2 +- ...w-our-startup-message-if-debug-is-se.patch | 2 +- ...-some-minor-include-path-weirdnesses.patch | 2 +- ...it-possible-to-enabled-build-id-sha1.patch | 2 +- ...f-grub_dprintf-without-the-file-line.patch | 2 +- ...dprintf-that-tells-us-load-addresses.patch | 2 +- ...scan-different-BLS-directories-on-EF.patch | 2 +- 0217-Core-TPM-support.patch | 789 ++++++++++++++++++ 0218-Measure-kernel-initrd.patch | 42 + 0219-Add-BIOS-boot-measurement.patch | 179 ++++ ...re-kernel-and-initrd-on-BIOS-systems.patch | 87 ++ 0221-Measure-the-kernel-commandline.patch | 43 + 0222-Measure-commands.patch | 76 ++ ...Measure-multiboot-images-and-modules.patch | 78 ++ 0224-Fix-boot-when-there-s-no-TPM.patch | 32 + 0225-Rework-TPM-measurements.patch | 219 +++++ 0226-Fix-event-log-prefix.patch | 29 + ...ot-menu-entry-as-default-when-using-.patch | 30 + grub.patches | 11 + grub2.spec | 6 +- 229 files changed, 1836 insertions(+), 217 deletions(-) create mode 100644 0217-Core-TPM-support.patch create mode 100644 0218-Measure-kernel-initrd.patch create mode 100644 0219-Add-BIOS-boot-measurement.patch create mode 100644 0220-Measure-kernel-and-initrd-on-BIOS-systems.patch create mode 100644 0221-Measure-the-kernel-commandline.patch create mode 100644 0222-Measure-commands.patch create mode 100644 0223-Measure-multiboot-images-and-modules.patch create mode 100644 0224-Fix-boot-when-there-s-no-TPM.patch create mode 100644 0225-Rework-TPM-measurements.patch create mode 100644 0226-Fix-event-log-prefix.patch create mode 100644 0227-Set-the-first-boot-menu-entry-as-default-when-using-.patch diff --git a/0001-Bump-version-to-2.03.patch b/0001-Bump-version-to-2.03.patch index 5d45d97..41e1e1a 100644 --- a/0001-Bump-version-to-2.03.patch +++ b/0001-Bump-version-to-2.03.patch @@ -1,7 +1,7 @@ From b0bad6fd9449d3333fe1ab58953c0e6c1ce12c0d Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Wed, 3 May 2017 11:55:52 +0200 -Subject: [PATCH 001/216] Bump version to 2.03 +Subject: [PATCH 001/227] Bump version to 2.03 --- configure.ac | 2 +- diff --git a/0002-Remove-bashisms-from-tests.patch b/0002-Remove-bashisms-from-tests.patch index c720c94..505c61a 100644 --- a/0002-Remove-bashisms-from-tests.patch +++ b/0002-Remove-bashisms-from-tests.patch @@ -1,7 +1,7 @@ From 5a0c548ba388b343b0bb6d2a38888e7eac5bbb96 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 03:47:13 +0300 -Subject: [PATCH 002/216] Remove bashisms from tests. +Subject: [PATCH 002/227] Remove bashisms from tests. Those tests don't actually need bash. Just use common shebang. --- diff --git a/0003-fs-tester-make-sh-compatible.patch b/0003-fs-tester-make-sh-compatible.patch index 604c30d..0100db8 100644 --- a/0003-fs-tester-make-sh-compatible.patch +++ b/0003-fs-tester-make-sh-compatible.patch @@ -1,7 +1,7 @@ From 37865c2c4ad26cd5e947b08abf1fde8145699919 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 14:35:59 +0300 -Subject: [PATCH 003/216] fs-tester: make sh-compatible +Subject: [PATCH 003/227] fs-tester: make sh-compatible --- tests/util/grub-fs-tester.in | 306 ++++++++++++++++++++++++------------------- diff --git a/0004-support-busybox-date.patch b/0004-support-busybox-date.patch index dcffc08..333c6dc 100644 --- a/0004-support-busybox-date.patch +++ b/0004-support-busybox-date.patch @@ -1,7 +1,7 @@ From b43b8cacc813c2c15347de1e35cc88d9aa912d22 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 14:31:36 +0300 -Subject: [PATCH 004/216] support busybox date. +Subject: [PATCH 004/227] support busybox date. Busybox date doesn't understand weekdays in -d input, so strip them beforehand. diff --git a/0005-Don-t-retrieve-fstime-when-it-s-not-useful.patch b/0005-Don-t-retrieve-fstime-when-it-s-not-useful.patch index 6e69d36..4c1ab60 100644 --- a/0005-Don-t-retrieve-fstime-when-it-s-not-useful.patch +++ b/0005-Don-t-retrieve-fstime-when-it-s-not-useful.patch @@ -1,7 +1,7 @@ From 6dec3a26b37e128ded5d912e08abc5cee1592499 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 21:24:05 +0300 -Subject: [PATCH 005/216] Don't retrieve fstime when it's not useful. +Subject: [PATCH 005/227] Don't retrieve fstime when it's not useful. --- tests/util/grub-fs-tester.in | 48 ++++++++++++++++++++++---------------------- diff --git a/0006-Support-lseek64.patch b/0006-Support-lseek64.patch index e2ad027..d6eb14b 100644 --- a/0006-Support-lseek64.patch +++ b/0006-Support-lseek64.patch @@ -1,7 +1,7 @@ From 608bec51128008afb81c9e3f297283e9f830a146 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 20:21:05 +0300 -Subject: [PATCH 006/216] Support lseek64. +Subject: [PATCH 006/227] Support lseek64. Android doesn't have 64-bit off_t, so use off64_t instead. --- diff --git a/0007-Use-SHELL-rather-than-bin-sh.patch b/0007-Use-SHELL-rather-than-bin-sh.patch index c1aec0c..a865082 100644 --- a/0007-Use-SHELL-rather-than-bin-sh.patch +++ b/0007-Use-SHELL-rather-than-bin-sh.patch @@ -1,7 +1,7 @@ From c2ea443446b7feea868e54f94a87781f69820375 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 00:55:30 +0300 -Subject: [PATCH 007/216] Use $(SHELL) rather than /bin/sh. +Subject: [PATCH 007/227] Use $(SHELL) rather than /bin/sh. /bin/sh doesn't exist under termux. --- diff --git a/0008-po-Use-SHELL-rather-than-bin-sh.patch b/0008-po-Use-SHELL-rather-than-bin-sh.patch index 6a572fa..eb26b85 100644 --- a/0008-po-Use-SHELL-rather-than-bin-sh.patch +++ b/0008-po-Use-SHELL-rather-than-bin-sh.patch @@ -1,7 +1,7 @@ From 4341f82af0b61d3dfbe675670d4105dc759c0df3 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 14:54:03 +0300 -Subject: [PATCH 008/216] po: Use @SHELL@ rather than /bin/sh. +Subject: [PATCH 008/227] po: Use @SHELL@ rather than /bin/sh. /bin/sh might not exist. --- diff --git a/0009-Add-termux-path-to-dict.patch b/0009-Add-termux-path-to-dict.patch index 04ad6f0..23386fe 100644 --- a/0009-Add-termux-path-to-dict.patch +++ b/0009-Add-termux-path-to-dict.patch @@ -1,7 +1,7 @@ From 1073ddb12078f3c8edbdb74bb8f5afc674983f40 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 23 Jan 2017 14:52:48 +0300 -Subject: [PATCH 009/216] Add termux path to dict. +Subject: [PATCH 009/227] Add termux path to dict. --- tests/util/grub-fs-tester.in | 2 +- diff --git a/0010-Fix-shebang-for-termux.patch b/0010-Fix-shebang-for-termux.patch index 9e7ae40..516e573 100644 --- a/0010-Fix-shebang-for-termux.patch +++ b/0010-Fix-shebang-for-termux.patch @@ -1,7 +1,7 @@ From a827807a1330d5ad619faa103bc7f12d89fc8bee Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Sun, 22 Jan 2017 20:22:34 +0300 -Subject: [PATCH 010/216] Fix shebang for termux. +Subject: [PATCH 010/227] Fix shebang for termux. Termux doesn't have a /bin/sh. So we needto use $SHELL. Keep /bin/sh as much as possible. diff --git a/0011-Add-strtoull-test.patch b/0011-Add-strtoull-test.patch index ec03b56..0f9b45f 100644 --- a/0011-Add-strtoull-test.patch +++ b/0011-Add-strtoull-test.patch @@ -1,7 +1,7 @@ From ede6c9689395499f98a4c14d76b97151b4de5f54 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Wed, 3 May 2017 12:58:15 +0200 -Subject: [PATCH 011/216] Add strtoull test. +Subject: [PATCH 011/227] Add strtoull test. --- grub-core/Makefile.core.def | 5 +++++ diff --git a/0012-strtoull-Fix-behaviour-on-chars-between-9-and-a.patch b/0012-strtoull-Fix-behaviour-on-chars-between-9-and-a.patch index fc3ad75..ea96d45 100644 --- a/0012-strtoull-Fix-behaviour-on-chars-between-9-and-a.patch +++ b/0012-strtoull-Fix-behaviour-on-chars-between-9-and-a.patch @@ -1,7 +1,7 @@ From dc6e1b5af83eb1c4290baf97c2d221c0865127be Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Wed, 10 Aug 2016 17:49:42 +0200 -Subject: [PATCH 012/216] strtoull: Fix behaviour on chars between '9' and 'a'. +Subject: [PATCH 012/227] strtoull: Fix behaviour on chars between '9' and 'a'. Reported by: Aaron Miller --- diff --git a/0013-Add-Virtual-LAN-support.patch b/0013-Add-Virtual-LAN-support.patch index 702becf..ba64ee5 100644 --- a/0013-Add-Virtual-LAN-support.patch +++ b/0013-Add-Virtual-LAN-support.patch @@ -1,7 +1,7 @@ From d9f7de0ae3c0c09cff7257c55418450261f3e082 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Mon, 23 Dec 2013 12:32:02 -0200 -Subject: [PATCH 013/216] Add Virtual LAN support. +Subject: [PATCH 013/227] Add Virtual LAN support. This patch adds support for virtual LAN (VLAN) tagging. VLAN tagging allows multiple VLANs in a bridged network to share the same physical network link diff --git a/0014-mkimage-Pass-layout-to-mkimage_generate_elfXX-rather.patch b/0014-mkimage-Pass-layout-to-mkimage_generate_elfXX-rather.patch index 73b6b5d..1f37380 100644 --- a/0014-mkimage-Pass-layout-to-mkimage_generate_elfXX-rather.patch +++ b/0014-mkimage-Pass-layout-to-mkimage_generate_elfXX-rather.patch @@ -1,7 +1,7 @@ From a35ac854308b0af7c86c2c7b199f6abdfa2110b0 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 17:32:15 +0200 -Subject: [PATCH 014/216] mkimage: Pass layout to mkimage_generate_elfXX rather +Subject: [PATCH 014/227] mkimage: Pass layout to mkimage_generate_elfXX rather than some fields. This allows easier extension of this function without having too long of diff --git a/0015-Refactor-arm-uboot-code-to-make-it-genereic.patch b/0015-Refactor-arm-uboot-code-to-make-it-genereic.patch index 08e426d..866b86b 100644 --- a/0015-Refactor-arm-uboot-code-to-make-it-genereic.patch +++ b/0015-Refactor-arm-uboot-code-to-make-it-genereic.patch @@ -1,7 +1,7 @@ From d08c9685149e7788001ac9a209baa1d84c3628e0 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 17:47:57 +0200 -Subject: [PATCH 015/216] Refactor arm-uboot code to make it genereic. +Subject: [PATCH 015/227] Refactor arm-uboot code to make it genereic. arm-coreboot startup code can be very similar to arm-uboot but current code has U-Boot specific references. So split U-Boot part from generic part. diff --git a/0016-coreboot-Split-parts-that-are-platform-independent.patch b/0016-coreboot-Split-parts-that-are-platform-independent.patch index bb73104..4351c32 100644 --- a/0016-coreboot-Split-parts-that-are-platform-independent.patch +++ b/0016-coreboot-Split-parts-that-are-platform-independent.patch @@ -1,7 +1,7 @@ From 461bfab7b7e47fd0a76bf6076a438af1b7e2184a Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 19:06:22 +0200 -Subject: [PATCH 016/216] coreboot: Split parts that are platform-independent. +Subject: [PATCH 016/227] coreboot: Split parts that are platform-independent. We currently assume that coreboot is always i386, it's no longer the case, so split i386-coreboot parts from generic coreboot code. diff --git a/0017-Rename-uboot-halt.c-to-dummy-halt.c.patch b/0017-Rename-uboot-halt.c-to-dummy-halt.c.patch index fa7e44f..7c48335 100644 --- a/0017-Rename-uboot-halt.c-to-dummy-halt.c.patch +++ b/0017-Rename-uboot-halt.c-to-dummy-halt.c.patch @@ -1,7 +1,7 @@ From 1daa716c7017f1858de117a20a31da66815435c5 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 19:31:55 +0200 -Subject: [PATCH 017/216] Rename uboot/halt.c to dummy/halt.c. +Subject: [PATCH 017/227] Rename uboot/halt.c to dummy/halt.c. It's not U-Boot specific and it's a stub. --- diff --git a/0018-Rename-uboot-datetime-to-dummy-datetime.patch b/0018-Rename-uboot-datetime-to-dummy-datetime.patch index dd22a34..31538d2 100644 --- a/0018-Rename-uboot-datetime-to-dummy-datetime.patch +++ b/0018-Rename-uboot-datetime-to-dummy-datetime.patch @@ -1,7 +1,7 @@ From 9808c3ef956c6472a96790b60cf74f4eaa742010 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 19:37:29 +0200 -Subject: [PATCH 018/216] Rename uboot/datetime to dummy/datetime. +Subject: [PATCH 018/227] Rename uboot/datetime to dummy/datetime. It's just a stub and is not UBoot-specific. --- diff --git a/0019-arm-coreboot-Start-new-port.patch b/0019-arm-coreboot-Start-new-port.patch index 6da1bd9..113b451 100644 --- a/0019-arm-coreboot-Start-new-port.patch +++ b/0019-arm-coreboot-Start-new-port.patch @@ -1,7 +1,7 @@ From 24e37a885269bdec9b27babf1da0bba3692d55c0 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 20:53:28 +0200 -Subject: [PATCH 019/216] arm-coreboot: Start new port. +Subject: [PATCH 019/227] arm-coreboot: Start new port. --- configure.ac | 2 + diff --git a/0020-Add-support-for-device-tree-based-drivers.patch b/0020-Add-support-for-device-tree-based-drivers.patch index 2ad7206..a0a4d73 100644 --- a/0020-Add-support-for-device-tree-based-drivers.patch +++ b/0020-Add-support-for-device-tree-based-drivers.patch @@ -1,7 +1,7 @@ From fcbb723d4b1f7ad4687191562621dd0eb25f4d9e Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:19:59 +0200 -Subject: [PATCH 020/216] Add support for device-tree-based drivers. +Subject: [PATCH 020/227] Add support for device-tree-based drivers. --- grub-core/Makefile.core.def | 2 + diff --git a/0021-arm-coreboot-Support-for-vexpress-timer.patch b/0021-arm-coreboot-Support-for-vexpress-timer.patch index b0c498c..ced2613 100644 --- a/0021-arm-coreboot-Support-for-vexpress-timer.patch +++ b/0021-arm-coreboot-Support-for-vexpress-timer.patch @@ -1,7 +1,7 @@ From 5a865b37866ee8cd64c080bc6fb1e537f8e2b3c6 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:26:36 +0200 -Subject: [PATCH 021/216] arm-coreboot: Support for vexpress timer. +Subject: [PATCH 021/227] arm-coreboot: Support for vexpress timer. --- grub-core/kern/arm/coreboot/timer.c | 36 ++++++++++++++++++++++++++++++++++++ diff --git a/0022-arm-coreboot-Export-FDT-routines.patch b/0022-arm-coreboot-Export-FDT-routines.patch index f9b5bfe..f7e27c3 100644 --- a/0022-arm-coreboot-Export-FDT-routines.patch +++ b/0022-arm-coreboot-Export-FDT-routines.patch @@ -1,7 +1,7 @@ From ac6b41b89fbb82a3ba843a7ed19115d81432b604 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:29:48 +0200 -Subject: [PATCH 022/216] arm-coreboot: Export FDT routines. +Subject: [PATCH 022/227] arm-coreboot: Export FDT routines. We need to use them from modules as well. --- diff --git a/0023-at_keyboard-Split-protocol-from-controller-code.patch b/0023-at_keyboard-Split-protocol-from-controller-code.patch index add73ff..365e0df 100644 --- a/0023-at_keyboard-Split-protocol-from-controller-code.patch +++ b/0023-at_keyboard-Split-protocol-from-controller-code.patch @@ -1,7 +1,7 @@ From 216950a4eea1a1ead1c28eaca94e34ea2ef2ad19 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:41:22 +0200 -Subject: [PATCH 023/216] at_keyboard: Split protocol from controller code. +Subject: [PATCH 023/227] at_keyboard: Split protocol from controller code. On vexpress controller is different but protocol is the same, so reuse the code. diff --git a/0024-arm_coreboot-Support-keyboard-for-vexpress.patch b/0024-arm_coreboot-Support-keyboard-for-vexpress.patch index f196493..e09cc13 100644 --- a/0024-arm_coreboot-Support-keyboard-for-vexpress.patch +++ b/0024-arm_coreboot-Support-keyboard-for-vexpress.patch @@ -1,7 +1,7 @@ From 848bed9d92cf20e9f25db4c69a20efad23996ca0 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:42:37 +0200 -Subject: [PATCH 024/216] arm_coreboot: Support keyboard for vexpress. +Subject: [PATCH 024/227] arm_coreboot: Support keyboard for vexpress. --- grub-core/Makefile.core.def | 3 + diff --git a/0025-arm_coreboot-Support-grub-mkstandalone.patch b/0025-arm_coreboot-Support-grub-mkstandalone.patch index beec316..255f415 100644 --- a/0025-arm_coreboot-Support-grub-mkstandalone.patch +++ b/0025-arm_coreboot-Support-grub-mkstandalone.patch @@ -1,7 +1,7 @@ From 3edabad8fefb112cc4b2d43be6e97d43c909ceee Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 21:59:48 +0200 -Subject: [PATCH 025/216] arm_coreboot: Support grub-mkstandalone. +Subject: [PATCH 025/227] arm_coreboot: Support grub-mkstandalone. --- util/grub-install-common.c | 12 ++++++++++-- diff --git a/0026-arm_coreboot-Support-loading-linux-images.patch b/0026-arm_coreboot-Support-loading-linux-images.patch index 9f27b79..c080d14 100644 --- a/0026-arm_coreboot-Support-loading-linux-images.patch +++ b/0026-arm_coreboot-Support-loading-linux-images.patch @@ -1,7 +1,7 @@ From 656c3b0d7fbe23f0e1ab561c8faa4ac4a37364d1 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 22:00:06 +0200 -Subject: [PATCH 026/216] arm_coreboot: Support loading linux images. +Subject: [PATCH 026/227] arm_coreboot: Support loading linux images. --- grub-core/loader/arm/linux.c | 132 ++++++++++++++++++++++--------------------- diff --git a/0027-arm_coreboot-Support-DMA.patch b/0027-arm_coreboot-Support-DMA.patch index a5814a6..98dd932 100644 --- a/0027-arm_coreboot-Support-DMA.patch +++ b/0027-arm_coreboot-Support-DMA.patch @@ -1,7 +1,7 @@ From 265292f2b0da0eb414c409871ba0f94a99ec33c1 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 22:06:04 +0200 -Subject: [PATCH 027/216] arm_coreboot: Support DMA. +Subject: [PATCH 027/227] arm_coreboot: Support DMA. This is needed to support USB and some other busses. --- diff --git a/0028-ehci-Split-core-code-from-PCI-part.patch b/0028-ehci-Split-core-code-from-PCI-part.patch index e4af4e5..a133bff 100644 --- a/0028-ehci-Split-core-code-from-PCI-part.patch +++ b/0028-ehci-Split-core-code-from-PCI-part.patch @@ -1,7 +1,7 @@ From 058df7b5a9cc7aaa9872eaa916b715544a8f9840 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 22:10:26 +0200 -Subject: [PATCH 028/216] ehci: Split core code from PCI part. +Subject: [PATCH 028/227] ehci: Split core code from PCI part. On ARM often EHCI is present without PCI and just declared in device tree. So splitcore from PCI part. diff --git a/0029-arm_coreboot-Support-EHCI.patch b/0029-arm_coreboot-Support-EHCI.patch index 0b92933..faa8b70 100644 --- a/0029-arm_coreboot-Support-EHCI.patch +++ b/0029-arm_coreboot-Support-EHCI.patch @@ -1,7 +1,7 @@ From d11ced1e1fb93676942e51618eb53c140f541890 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 8 May 2017 22:14:28 +0200 -Subject: [PATCH 029/216] arm_coreboot: Support EHCI. +Subject: [PATCH 029/227] arm_coreboot: Support EHCI. --- grub-core/Makefile.core.def | 2 ++ diff --git a/0030-Fix-bug-on-FDT-nodes-with-compatible-property.patch b/0030-Fix-bug-on-FDT-nodes-with-compatible-property.patch index b696015..8c7209b 100644 --- a/0030-Fix-bug-on-FDT-nodes-with-compatible-property.patch +++ b/0030-Fix-bug-on-FDT-nodes-with-compatible-property.patch @@ -1,7 +1,7 @@ From 4f8471532d454b2db96434c28bf7105ed69e0f4d Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 08:39:40 +0200 -Subject: [PATCH 030/216] Fix bug on FDT nodes with compatible property +Subject: [PATCH 030/227] Fix bug on FDT nodes with compatible property --- grub-core/bus/fdt.c | 2 ++ diff --git a/0031-fdtbus-Add-ability-to-send-receive-messages-on-paren.patch b/0031-fdtbus-Add-ability-to-send-receive-messages-on-paren.patch index 7f711c2..c8254ff 100644 --- a/0031-fdtbus-Add-ability-to-send-receive-messages-on-paren.patch +++ b/0031-fdtbus-Add-ability-to-send-receive-messages-on-paren.patch @@ -1,7 +1,7 @@ From c4313c812dc14e82a774b580b5e34d40e7f3fae6 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 08:40:29 +0200 -Subject: [PATCH 031/216] fdtbus: Add ability to send/receive messages on +Subject: [PATCH 031/227] fdtbus: Add ability to send/receive messages on parent busses. --- diff --git a/0032-rk3288_spi-Add-SPI-driver.patch b/0032-rk3288_spi-Add-SPI-driver.patch index dc3374a..c646634 100644 --- a/0032-rk3288_spi-Add-SPI-driver.patch +++ b/0032-rk3288_spi-Add-SPI-driver.patch @@ -1,7 +1,7 @@ From b0b1b81a11f8bae8ab9e8edd87ac3f4f7949d03b Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 08:42:14 +0200 -Subject: [PATCH 032/216] rk3288_spi: Add SPI driver +Subject: [PATCH 032/227] rk3288_spi: Add SPI driver --- grub-core/Makefile.core.def | 1 + diff --git a/0033-arm_coreboot-Add-Chromebook-keyboard-driver.patch b/0033-arm_coreboot-Add-Chromebook-keyboard-driver.patch index 97aa64c..4919eb6 100644 --- a/0033-arm_coreboot-Add-Chromebook-keyboard-driver.patch +++ b/0033-arm_coreboot-Add-Chromebook-keyboard-driver.patch @@ -1,7 +1,7 @@ From 5c3fd1b135bd73c8e3467b9b635b25ca4d360a19 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 08:47:34 +0200 -Subject: [PATCH 033/216] arm_coreboot: Add Chromebook keyboard driver. +Subject: [PATCH 033/227] arm_coreboot: Add Chromebook keyboard driver. --- grub-core/term/arm/cros.c | 125 +++++++++++++++++++++++ diff --git a/0034-Missing-parts-of-previous-commit.patch b/0034-Missing-parts-of-previous-commit.patch index 2ca4600..0fcd898 100644 --- a/0034-Missing-parts-of-previous-commit.patch +++ b/0034-Missing-parts-of-previous-commit.patch @@ -1,7 +1,7 @@ From c6eaa982d12e3cfc5465dda5ea372774188b6b81 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 09:02:15 +0200 -Subject: [PATCH 034/216] Missing parts of previous commit +Subject: [PATCH 034/227] Missing parts of previous commit --- grub-core/Makefile.core.def | 2 ++ diff --git a/0035-coreboot-Changed-cbmemc-to-support-updated-console-f.patch b/0035-coreboot-Changed-cbmemc-to-support-updated-console-f.patch index c9c7ffe..31e00e5 100644 --- a/0035-coreboot-Changed-cbmemc-to-support-updated-console-f.patch +++ b/0035-coreboot-Changed-cbmemc-to-support-updated-console-f.patch @@ -1,7 +1,7 @@ From 70b555a52a065b2beb91e6fc97a6b358c931b303 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Tue, 9 May 2017 09:03:02 +0200 -Subject: [PATCH 035/216] coreboot: Changed cbmemc to support updated console +Subject: [PATCH 035/227] coreboot: Changed cbmemc to support updated console format from coreboot. --- diff --git a/0036-at_keyboard-Fix-falco-chromebook-case.patch b/0036-at_keyboard-Fix-falco-chromebook-case.patch index 8460973..ec5dbb8 100644 --- a/0036-at_keyboard-Fix-falco-chromebook-case.patch +++ b/0036-at_keyboard-Fix-falco-chromebook-case.patch @@ -1,7 +1,7 @@ From c4b8bec5fee4e30a165fd14a188cf3ab8eccd095 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Tue, 9 May 2017 14:27:52 +0200 -Subject: [PATCH 036/216] at_keyboard: Fix falco chromebook case. +Subject: [PATCH 036/227] at_keyboard: Fix falco chromebook case. EC is slow, so we need few delays for it to toggle the bits correctly. diff --git a/0037-sparc64-Close-cdboot-ihandle.patch b/0037-sparc64-Close-cdboot-ihandle.patch index 8217a6d..0eb9d52 100644 --- a/0037-sparc64-Close-cdboot-ihandle.patch +++ b/0037-sparc64-Close-cdboot-ihandle.patch @@ -1,7 +1,7 @@ From bd4e40aadded7093908d786d03b4acf60b7b1707 Mon Sep 17 00:00:00 2001 From: Eric Snowberg Date: Thu, 11 May 2017 18:42:23 -0700 -Subject: [PATCH 037/216] sparc64: Close cdboot ihandle +Subject: [PATCH 037/227] sparc64: Close cdboot ihandle The ihandle is left open with a cd-core image. This will cause a delay booting grub from a virtual cdrom in a LDOM. It will also cause problems diff --git a/0038-arm64-xen_boot-Fix-Xen-boot-using-GRUB2-on-AARCH64.patch b/0038-arm64-xen_boot-Fix-Xen-boot-using-GRUB2-on-AARCH64.patch index d29b004..4ecac6c 100644 --- a/0038-arm64-xen_boot-Fix-Xen-boot-using-GRUB2-on-AARCH64.patch +++ b/0038-arm64-xen_boot-Fix-Xen-boot-using-GRUB2-on-AARCH64.patch @@ -1,7 +1,7 @@ From ae5817f1dcbf0b99f7a849f56afe442165317840 Mon Sep 17 00:00:00 2001 From: Julien Grall Date: Fri, 19 Feb 2016 16:28:52 +0000 -Subject: [PATCH 038/216] arm64/xen_boot: Fix Xen boot using GRUB2 on AARCH64 +Subject: [PATCH 038/227] arm64/xen_boot: Fix Xen boot using GRUB2 on AARCH64 Xen is currently crashing because of malformed compatible property for the boot module. This is because the property string is not diff --git a/0039-arm64-Add-nounzip-option-support-in-xen_module-comma.patch b/0039-arm64-Add-nounzip-option-support-in-xen_module-comma.patch index ffd6f89..84005bc 100644 --- a/0039-arm64-Add-nounzip-option-support-in-xen_module-comma.patch +++ b/0039-arm64-Add-nounzip-option-support-in-xen_module-comma.patch @@ -1,7 +1,7 @@ From 8eed7be8a61c295df700e918744a984162378ca9 Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Sun, 14 May 2017 15:43:45 +0800 -Subject: [PATCH 039/216] arm64: Add "--nounzip" option support in xen_module +Subject: [PATCH 039/227] arm64: Add "--nounzip" option support in xen_module command This patch adds "--nounzip" option support in order to diff --git a/0040-util-grub.d-20_linux_xen.in-Add-xen_boot-command-sup.patch b/0040-util-grub.d-20_linux_xen.in-Add-xen_boot-command-sup.patch index 5dfb73d..ee4bb02 100644 --- a/0040-util-grub.d-20_linux_xen.in-Add-xen_boot-command-sup.patch +++ b/0040-util-grub.d-20_linux_xen.in-Add-xen_boot-command-sup.patch @@ -1,7 +1,7 @@ From d33045ce7ffcb7c1e4a60c14d5ca64b36e3c5abe Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Sun, 14 May 2017 15:43:46 +0800 -Subject: [PATCH 040/216] util/grub.d/20_linux_xen.in: Add xen_boot command +Subject: [PATCH 040/227] util/grub.d/20_linux_xen.in: Add xen_boot command support for aarch64 This patch adds the support of xen_boot command for aarch64: diff --git a/0041-arm64-Update-the-introduction-of-Xen-boot-commands-i.patch b/0041-arm64-Update-the-introduction-of-Xen-boot-commands-i.patch index 5355d1d..5547064 100644 --- a/0041-arm64-Update-the-introduction-of-Xen-boot-commands-i.patch +++ b/0041-arm64-Update-the-introduction-of-Xen-boot-commands-i.patch @@ -1,7 +1,7 @@ From 26c2f306fd425d2c0348023b8dcb7eb40a01851a Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Sun, 14 May 2017 15:43:47 +0800 -Subject: [PATCH 041/216] arm64: Update the introduction of Xen boot commands +Subject: [PATCH 041/227] arm64: Update the introduction of Xen boot commands in docs/grub.texi delete: xen_linux, xen_initrd, xen_xsm diff --git a/0042-sparc64-Don-t-use-devspec-to-determine-the-OBP-path.patch b/0042-sparc64-Don-t-use-devspec-to-determine-the-OBP-path.patch index e22b55c..c383ae5 100644 --- a/0042-sparc64-Don-t-use-devspec-to-determine-the-OBP-path.patch +++ b/0042-sparc64-Don-t-use-devspec-to-determine-the-OBP-path.patch @@ -1,7 +1,7 @@ From f8679cedff703b437171f4708d46adbfcff80a65 Mon Sep 17 00:00:00 2001 From: Eric Snowberg Date: Thu, 18 May 2017 17:10:22 -0600 -Subject: [PATCH 042/216] sparc64: Don't use devspec to determine the OBP path +Subject: [PATCH 042/227] sparc64: Don't use devspec to determine the OBP path Don't use devspec to determine the OBP path on SPARC hardware. Within all versions of Linux on SPARC, the devspec returns one of three values: diff --git a/0043-Allow-GRUB-to-mount-ext2-3-4-filesystems-that-have-t.patch b/0043-Allow-GRUB-to-mount-ext2-3-4-filesystems-that-have-t.patch index d1b26ab..df596a5 100644 --- a/0043-Allow-GRUB-to-mount-ext2-3-4-filesystems-that-have-t.patch +++ b/0043-Allow-GRUB-to-mount-ext2-3-4-filesystems-that-have-t.patch @@ -1,7 +1,7 @@ From 734668238fcc0ef691a080839e04f33854fa133a Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Thu, 29 Jun 2017 13:27:49 +0000 -Subject: [PATCH 043/216] Allow GRUB to mount ext2/3/4 filesystems that have +Subject: [PATCH 043/227] Allow GRUB to mount ext2/3/4 filesystems that have the encryption feature. On such a filesystem, inodes may have EXT4_ENCRYPT_FLAG set. diff --git a/0044-ehci-Fix-compilation-for-amd64.patch b/0044-ehci-Fix-compilation-for-amd64.patch index b841e5d..f8031f6 100644 --- a/0044-ehci-Fix-compilation-for-amd64.patch +++ b/0044-ehci-Fix-compilation-for-amd64.patch @@ -1,7 +1,7 @@ From edb37fb30bbc8a3b6bec67911c7200e4eb071127 Mon Sep 17 00:00:00 2001 From: phcoder Date: Sun, 9 Jul 2017 20:58:31 +0200 -Subject: [PATCH 044/216] ehci: Fix compilation for amd64 +Subject: [PATCH 044/227] ehci: Fix compilation for amd64 --- grub-core/bus/usb/ehci.c | 8 ++++---- diff --git a/0045-cache-Fix-compilation-for-ppc-sparc-and-arm64.patch b/0045-cache-Fix-compilation-for-ppc-sparc-and-arm64.patch index 6f2c7f7..13f3812 100644 --- a/0045-cache-Fix-compilation-for-ppc-sparc-and-arm64.patch +++ b/0045-cache-Fix-compilation-for-ppc-sparc-and-arm64.patch @@ -1,7 +1,7 @@ From d8901e3ba115d705c9c08ecedd201aca8b4867b8 Mon Sep 17 00:00:00 2001 From: phcoder Date: Sun, 9 Jul 2017 20:59:15 +0200 -Subject: [PATCH 045/216] cache: Fix compilation for ppc, sparc and arm64 +Subject: [PATCH 045/227] cache: Fix compilation for ppc, sparc and arm64 --- include/grub/cache.h | 4 +++- diff --git a/0046-ehci-Fix-compilation-on-i386.patch b/0046-ehci-Fix-compilation-on-i386.patch index 098d08b..1240741 100644 --- a/0046-ehci-Fix-compilation-on-i386.patch +++ b/0046-ehci-Fix-compilation-on-i386.patch @@ -1,7 +1,7 @@ From 284afab081ef7ed7db2c59151853aa3c92d988f2 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Sun, 9 Jul 2017 21:31:19 +0200 -Subject: [PATCH 046/216] ehci: Fix compilation on i386 +Subject: [PATCH 046/227] ehci: Fix compilation on i386 --- grub-core/bus/usb/ehci.c | 4 ++-- diff --git a/0047-crypto-Fix-use-after-free.patch b/0047-crypto-Fix-use-after-free.patch index 9633abe..c326f1f 100644 --- a/0047-crypto-Fix-use-after-free.patch +++ b/0047-crypto-Fix-use-after-free.patch @@ -1,7 +1,7 @@ From a0fe0c26aa8a1c0ad66d9527611bd726b849c623 Mon Sep 17 00:00:00 2001 From: AppChecker Date: Sun, 9 Jul 2017 21:57:35 +0200 -Subject: [PATCH 047/216] crypto: Fix use after free. +Subject: [PATCH 047/227] crypto: Fix use after free. Reported by: AppChecker Transformed to patch by: Satish Govindarajan diff --git a/0048-arm-efi-Fix-compilation.patch b/0048-arm-efi-Fix-compilation.patch index c0ad575..cf01fd8 100644 --- a/0048-arm-efi-Fix-compilation.patch +++ b/0048-arm-efi-Fix-compilation.patch @@ -1,7 +1,7 @@ From cb8b7e4e36bf32dccbbba8252aa44ad3ada4fbc1 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Sun, 9 Jul 2017 21:48:37 +0000 -Subject: [PATCH 048/216] arm-efi: Fix compilation +Subject: [PATCH 048/227] arm-efi: Fix compilation --- grub-core/loader/arm/linux.c | 8 ++++---- diff --git a/0049-fdt-silence-clang-warning.patch b/0049-fdt-silence-clang-warning.patch index 5257448..65d5856 100644 --- a/0049-fdt-silence-clang-warning.patch +++ b/0049-fdt-silence-clang-warning.patch @@ -1,7 +1,7 @@ From 68d54b55f49249c5e0517bf189f0f3df7ee6a36f Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 10 Jul 2017 01:34:22 +0000 -Subject: [PATCH 049/216] fdt: silence clang warning. +Subject: [PATCH 049/227] fdt: silence clang warning. --- grub-core/lib/fdt.c | 3 ++- diff --git a/0050-Fix-a-segfault-in-lsefi.patch b/0050-Fix-a-segfault-in-lsefi.patch index 1f78148..e03d9f6 100644 --- a/0050-Fix-a-segfault-in-lsefi.patch +++ b/0050-Fix-a-segfault-in-lsefi.patch @@ -1,7 +1,7 @@ From e8ab5a1a9e2889eb59d1fa494ba441a53698dcd2 Mon Sep 17 00:00:00 2001 From: Rob Clark Date: Wed, 19 Jul 2017 15:47:41 -0400 -Subject: [PATCH 050/216] Fix a segfault in lsefi +Subject: [PATCH 050/227] Fix a segfault in lsefi when protocols_per_handle returns error, we can't use the pointers we passed to it, and that includes trusting num_protocols. diff --git a/0051-zfs-remove-size_t-typedef-and-use-grub_size_t-instea.patch b/0051-zfs-remove-size_t-typedef-and-use-grub_size_t-instea.patch index da31a81..02fae77 100644 --- a/0051-zfs-remove-size_t-typedef-and-use-grub_size_t-instea.patch +++ b/0051-zfs-remove-size_t-typedef-and-use-grub_size_t-instea.patch @@ -1,7 +1,7 @@ From fa42786264cef98c56e972b3bb6b8448000e1c70 Mon Sep 17 00:00:00 2001 From: Pete Batard Date: Thu, 3 Aug 2017 15:46:15 +0100 -Subject: [PATCH 051/216] zfs: remove size_t typedef and use grub_size_t +Subject: [PATCH 051/227] zfs: remove size_t typedef and use grub_size_t instead * Prevents some toolchains from issuing a warning on size_t redef. diff --git a/0052-udf-Fix-reading-label-lvd.ident-is-dstring.patch b/0052-udf-Fix-reading-label-lvd.ident-is-dstring.patch index 301e16a..7abba79 100644 --- a/0052-udf-Fix-reading-label-lvd.ident-is-dstring.patch +++ b/0052-udf-Fix-reading-label-lvd.ident-is-dstring.patch @@ -1,7 +1,7 @@ From 76188809d5ca40c5285b0ab202b5edea7be3f04d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Thu, 22 Jun 2017 14:33:17 +0200 -Subject: [PATCH 052/216] udf: Fix reading label, lvd.ident is dstring +Subject: [PATCH 052/227] udf: Fix reading label, lvd.ident is dstring UDF dstring has stored length in the last byte of buffer. Therefore last byte is not part of recorded characters. And empty string in dstring is diff --git a/0053-grub-core-fs-udf.c-Add-support-for-UUID.patch b/0053-grub-core-fs-udf.c-Add-support-for-UUID.patch index 810e9c3..85322f2 100644 --- a/0053-grub-core-fs-udf.c-Add-support-for-UUID.patch +++ b/0053-grub-core-fs-udf.c-Add-support-for-UUID.patch @@ -1,7 +1,7 @@ From 435fa75e01ef40917239c7f775e505e86f70d202 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Thu, 22 Jun 2017 14:42:16 +0200 -Subject: [PATCH 053/216] * grub-core/fs/udf.c: Add support for UUID +Subject: [PATCH 053/227] * grub-core/fs/udf.c: Add support for UUID Use same algorithm as in libblkid from util-linux v2.30. diff --git a/0054-mkrescue-Check-xorriso-presence-before-doing-anythin.patch b/0054-mkrescue-Check-xorriso-presence-before-doing-anythin.patch index 6b96db4..ab811b4 100644 --- a/0054-mkrescue-Check-xorriso-presence-before-doing-anythin.patch +++ b/0054-mkrescue-Check-xorriso-presence-before-doing-anythin.patch @@ -1,7 +1,7 @@ From 9e962fd3c42081e2eef1f99a0eaab38fd04d2620 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 7 Aug 2017 18:05:17 +0200 -Subject: [PATCH 054/216] mkrescue: Check xorriso presence before doing +Subject: [PATCH 054/227] mkrescue: Check xorriso presence before doing anything else. mkrescue can't do anything useful without xorriso, so abort early if it's diff --git a/0055-Fail-if-xorriso-failed.patch b/0055-Fail-if-xorriso-failed.patch index 3e66426..df3d2e4 100644 --- a/0055-Fail-if-xorriso-failed.patch +++ b/0055-Fail-if-xorriso-failed.patch @@ -1,7 +1,7 @@ From e66dc5d71ebfc9763420a76c274e6980d54641c3 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 7 Aug 2017 18:08:39 +0200 -Subject: [PATCH 055/216] Fail if xorriso failed. +Subject: [PATCH 055/227] Fail if xorriso failed. If xorriso failed most likely we didn't generate a meaningful image. --- diff --git a/0056-efi-refactor-grub_efi_allocate_pages.patch b/0056-efi-refactor-grub_efi_allocate_pages.patch index 5420fa2..82ec938 100644 --- a/0056-efi-refactor-grub_efi_allocate_pages.patch +++ b/0056-efi-refactor-grub_efi_allocate_pages.patch @@ -1,7 +1,7 @@ From dd5fde2df83c5c03b7ba04d2cc5b7be96de8da7b Mon Sep 17 00:00:00 2001 From: Leif Lindholm Date: Thu, 3 Aug 2017 11:04:23 +0100 -Subject: [PATCH 056/216] efi: refactor grub_efi_allocate_pages +Subject: [PATCH 056/227] efi: refactor grub_efi_allocate_pages Expose a new function, grub_efi_allocate_pages_real(), making it possible to specify allocation type and memory type as supported by the UEFI diff --git a/0057-Remove-grub_efi_allocate_pages.patch b/0057-Remove-grub_efi_allocate_pages.patch index 52fbf35..c50ba52 100644 --- a/0057-Remove-grub_efi_allocate_pages.patch +++ b/0057-Remove-grub_efi_allocate_pages.patch @@ -1,7 +1,7 @@ From 4bc909bf89f5b4ff86c9e4e609d4fe0c11a66b0c Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Mon, 7 Aug 2017 18:33:29 +0200 -Subject: [PATCH 057/216] Remove grub_efi_allocate_pages. +Subject: [PATCH 057/227] Remove grub_efi_allocate_pages. grub_efi_allocate_pages Essentially does 2 unrelated things: * Allocate at fixed address. diff --git a/0058-efi-move-fdt-helper-library.patch b/0058-efi-move-fdt-helper-library.patch index eec465b..d1f4d29 100644 --- a/0058-efi-move-fdt-helper-library.patch +++ b/0058-efi-move-fdt-helper-library.patch @@ -1,7 +1,7 @@ From 8c9465fac901caac6802d6872a1374518b001517 Mon Sep 17 00:00:00 2001 From: Leif Lindholm Date: Thu, 3 Aug 2017 11:04:24 +0100 -Subject: [PATCH 058/216] efi: move fdt helper library +Subject: [PATCH 058/227] efi: move fdt helper library There is nothing ARM64 (or even ARM) specific about the efi fdt helper library, which is used for locating or overriding a firmware-provided diff --git a/0059-efi-Add-GRUB_PE32_MAGIC-definition.patch b/0059-efi-Add-GRUB_PE32_MAGIC-definition.patch index 355b6f2..99a2cda 100644 --- a/0059-efi-Add-GRUB_PE32_MAGIC-definition.patch +++ b/0059-efi-Add-GRUB_PE32_MAGIC-definition.patch @@ -1,7 +1,7 @@ From c5841ba7f0d14c193f20854e7e55b4f7ce9207d5 Mon Sep 17 00:00:00 2001 From: Leif Lindholm Date: Thu, 3 Aug 2017 11:04:25 +0100 -Subject: [PATCH 059/216] efi: Add GRUB_PE32_MAGIC definition +Subject: [PATCH 059/227] efi: Add GRUB_PE32_MAGIC definition Add a generic GRUB_PE32_MAGIC definition for the PE 'MZ' tag and delete the existing one in arm64/linux.h. diff --git a/0060-arm64-linux-loader-improve-type-portability.patch b/0060-arm64-linux-loader-improve-type-portability.patch index 5be24c5..4eb8257 100644 --- a/0060-arm64-linux-loader-improve-type-portability.patch +++ b/0060-arm64-linux-loader-improve-type-portability.patch @@ -1,7 +1,7 @@ From 91212e0aa07e704a61e4540c18a27f149f5e51c3 Mon Sep 17 00:00:00 2001 From: Leif Lindholm Date: Thu, 3 Aug 2017 11:04:26 +0100 -Subject: [PATCH 060/216] arm64 linux loader: improve type portability +Subject: [PATCH 060/227] arm64 linux loader: improve type portability In preparation for turning this into a common loader for 32-bit and 64-bit platforms, ensure the code will compile cleanly for either. diff --git a/0061-efi-change-heap-allocation-type-to-GRUB_EFI_LOADER_C.patch b/0061-efi-change-heap-allocation-type-to-GRUB_EFI_LOADER_C.patch index edcfbbe..ba859a9 100644 --- a/0061-efi-change-heap-allocation-type-to-GRUB_EFI_LOADER_C.patch +++ b/0061-efi-change-heap-allocation-type-to-GRUB_EFI_LOADER_C.patch @@ -1,7 +1,7 @@ From f826330683675f0deb55b58fd229afd7d65fb053 Mon Sep 17 00:00:00 2001 From: Leif Lindholm Date: Thu, 3 Aug 2017 11:04:32 +0100 -Subject: [PATCH 061/216] efi: change heap allocation type to +Subject: [PATCH 061/227] efi: change heap allocation type to GRUB_EFI_LOADER_CODE With upcoming changes to EDK2, allocations of type EFI_LOADER_DATA may diff --git a/0062-core-use-GRUB_TERM_-definitions-when-handling-term-c.patch b/0062-core-use-GRUB_TERM_-definitions-when-handling-term-c.patch index d389a04..4a52aef 100644 --- a/0062-core-use-GRUB_TERM_-definitions-when-handling-term-c.patch +++ b/0062-core-use-GRUB_TERM_-definitions-when-handling-term-c.patch @@ -1,7 +1,7 @@ From bdd89d239cd9b4089630bfb5ec862aab8086dca2 Mon Sep 17 00:00:00 2001 From: Pete Batard Date: Mon, 7 Aug 2017 16:20:30 +0100 -Subject: [PATCH 062/216] core: use GRUB_TERM_ definitions when handling term +Subject: [PATCH 062/227] core: use GRUB_TERM_ definitions when handling term characters * Also use hex value for GRUB_TERM_ESC as '\e' is not in the C standard and is not understood by some compilers diff --git a/0063-io-add-a-GRUB_GZ-prefix-to-gzio-specific-defines.patch b/0063-io-add-a-GRUB_GZ-prefix-to-gzio-specific-defines.patch index 2bb5af4..98cfcad 100644 --- a/0063-io-add-a-GRUB_GZ-prefix-to-gzio-specific-defines.patch +++ b/0063-io-add-a-GRUB_GZ-prefix-to-gzio-specific-defines.patch @@ -1,7 +1,7 @@ From 1deebd85ef87cc581e995ce0a51dc0802ac9c367 Mon Sep 17 00:00:00 2001 From: Pete Batard Date: Mon, 7 Aug 2017 16:23:12 +0100 -Subject: [PATCH 063/216] io: add a GRUB_GZ prefix to gzio specific defines +Subject: [PATCH 063/227] io: add a GRUB_GZ prefix to gzio specific defines * This is done to avoid a conflict with a PACKED define in the EDK2 --- diff --git a/0064-info-in-builddir.patch b/0064-info-in-builddir.patch index 6c53dbd..d8abdfd 100644 --- a/0064-info-in-builddir.patch +++ b/0064-info-in-builddir.patch @@ -1,7 +1,7 @@ From 5cf0df8753c19e83251c7244cafe38869a65060f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 8 Aug 2017 13:08:59 -0400 -Subject: [PATCH 064/216] info-in-builddir +Subject: [PATCH 064/227] info-in-builddir --- docs/Makefile.am | 2 +- diff --git a/0065-re-write-.gitignore.patch b/0065-re-write-.gitignore.patch index 1785d5e..a28c04a 100644 --- a/0065-re-write-.gitignore.patch +++ b/0065-re-write-.gitignore.patch @@ -1,7 +1,7 @@ From ff9da35fd789354cc1490b75893e765771808352 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 8 Aug 2017 12:48:04 -0400 -Subject: [PATCH 065/216] re-write .gitignore +Subject: [PATCH 065/227] re-write .gitignore --- .gitignore | 352 ++++++++++++-------------------------- diff --git a/0066-IBM-client-architecture-CAS-reboot-support.patch b/0066-IBM-client-architecture-CAS-reboot-support.patch index 236c35d..a33ea3e 100644 --- a/0066-IBM-client-architecture-CAS-reboot-support.patch +++ b/0066-IBM-client-architecture-CAS-reboot-support.patch @@ -1,7 +1,7 @@ From 34423216f8f3d7ce6086e2f1ee9869407e6a2221 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Thu, 20 Sep 2012 18:07:39 -0300 -Subject: [PATCH 066/216] IBM client architecture (CAS) reboot support +Subject: [PATCH 066/227] IBM client architecture (CAS) reboot support This is an implementation of IBM client architecture (CAS) reboot for GRUB. diff --git a/0067-for-ppc-reset-console-display-attr-when-clear-screen.patch b/0067-for-ppc-reset-console-display-attr-when-clear-screen.patch index e1be032..e0f6494 100644 --- a/0067-for-ppc-reset-console-display-attr-when-clear-screen.patch +++ b/0067-for-ppc-reset-console-display-attr-when-clear-screen.patch @@ -1,7 +1,7 @@ From 070dc282d3cc6602571296e90945df9d4671aecb Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Wed, 24 Apr 2013 10:51:48 -0300 -Subject: [PATCH 067/216] for ppc, reset console display attr when clear screen +Subject: [PATCH 067/227] for ppc, reset console display attr when clear screen v2: Also use \x0c instead of a literal ^L to make future patches less awkward. diff --git a/0068-Disable-GRUB-video-support-for-IBM-power-machines.patch b/0068-Disable-GRUB-video-support-for-IBM-power-machines.patch index 52e8fcd..10b6b2f 100644 --- a/0068-Disable-GRUB-video-support-for-IBM-power-machines.patch +++ b/0068-Disable-GRUB-video-support-for-IBM-power-machines.patch @@ -1,7 +1,7 @@ From 4e31478fdf4cda470305c1bb2acb9b820e790757 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Tue, 11 Jun 2013 15:14:05 -0300 -Subject: [PATCH 068/216] Disable GRUB video support for IBM power machines +Subject: [PATCH 068/227] Disable GRUB video support for IBM power machines Should fix the problem in bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=973205 diff --git a/0069-Honor-a-symlink-when-generating-configuration-by-gru.patch b/0069-Honor-a-symlink-when-generating-configuration-by-gru.patch index 406b5ec..8b0db67 100644 --- a/0069-Honor-a-symlink-when-generating-configuration-by-gru.patch +++ b/0069-Honor-a-symlink-when-generating-configuration-by-gru.patch @@ -1,7 +1,7 @@ From 35535549324923af7fecf79cc739baba48246f21 Mon Sep 17 00:00:00 2001 From: Marcel Kolaja Date: Tue, 21 Jan 2014 10:57:08 -0500 -Subject: [PATCH 069/216] Honor a symlink when generating configuration by +Subject: [PATCH 069/227] Honor a symlink when generating configuration by grub2-mkconfig Honor a symlink when generating configuration by grub2-mkconfig, so that diff --git a/0070-Move-bash-completion-script-922997.patch b/0070-Move-bash-completion-script-922997.patch index 4a15fea..b7ffc97 100644 --- a/0070-Move-bash-completion-script-922997.patch +++ b/0070-Move-bash-completion-script-922997.patch @@ -1,7 +1,7 @@ From 999bbc2002275efce284aed6e1e31b3ca351fa19 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 3 Apr 2013 14:35:34 -0400 -Subject: [PATCH 070/216] Move bash completion script (#922997) +Subject: [PATCH 070/227] Move bash completion script (#922997) Apparently these go in a new place now. --- diff --git a/0071-Update-to-minilzo-2.08.patch b/0071-Update-to-minilzo-2.08.patch index 10af846..c91ac43 100644 --- a/0071-Update-to-minilzo-2.08.patch +++ b/0071-Update-to-minilzo-2.08.patch @@ -1,7 +1,7 @@ From c0977f7fd42e16cc568af7ae667a2aeda85eb583 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 4 Dec 2014 15:36:09 -0500 -Subject: [PATCH 071/216] Update to minilzo-2.08 +Subject: [PATCH 071/227] Update to minilzo-2.08 This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow diff --git a/0072-Allow-fallback-to-include-entries-by-title-not-just-.patch b/0072-Allow-fallback-to-include-entries-by-title-not-just-.patch index 75d35ce..9cb959f 100644 --- a/0072-Allow-fallback-to-include-entries-by-title-not-just-.patch +++ b/0072-Allow-fallback-to-include-entries-by-title-not-just-.patch @@ -1,7 +1,7 @@ From 15e9ccc8abd5621107788bea6ae6f2bdb27a3ed3 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 5 Sep 2014 10:07:04 -0400 -Subject: [PATCH 072/216] Allow "fallback" to include entries by title, not +Subject: [PATCH 072/227] Allow "fallback" to include entries by title, not just number. Resolves: rhbz#1026084 diff --git a/0073-Add-GRUB_DISABLE_UUID.patch b/0073-Add-GRUB_DISABLE_UUID.patch index b183520..06c5c62 100644 --- a/0073-Add-GRUB_DISABLE_UUID.patch +++ b/0073-Add-GRUB_DISABLE_UUID.patch @@ -1,7 +1,7 @@ From 87602724b509a60628623baabf5a2c7741a68884 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 4 Sep 2014 16:49:25 -0400 -Subject: [PATCH 073/216] Add GRUB_DISABLE_UUID. +Subject: [PATCH 073/227] Add GRUB_DISABLE_UUID. This will cause "search --fs-uuid --set=root ..." not to be generated by grub2-mkconfig, and instead simply attempt to use the grub device name diff --git a/0074-Make-exit-take-a-return-code.patch b/0074-Make-exit-take-a-return-code.patch index f92dcf9..de99f8a 100644 --- a/0074-Make-exit-take-a-return-code.patch +++ b/0074-Make-exit-take-a-return-code.patch @@ -1,7 +1,7 @@ From 68d514b51b81911d8359d7825618112dae4a44d9 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 26 Feb 2014 21:49:12 -0500 -Subject: [PATCH 074/216] Make "exit" take a return code. +Subject: [PATCH 074/227] Make "exit" take a return code. This adds "exit" with a return code. With this patch, any "exit" command /may/ include a return code, and on platforms that support diff --git a/0075-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch b/0075-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch index 81d0f02..0b00e66 100644 --- a/0075-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch +++ b/0075-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch @@ -1,7 +1,7 @@ From 126f6952b853ea67e784650ed12f365ab7988f51 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 22 Jul 2015 11:21:01 -0400 -Subject: [PATCH 075/216] Mark po/exclude.pot as binary so git won't try to +Subject: [PATCH 075/227] Mark po/exclude.pot as binary so git won't try to diff nonprintables. Signed-off-by: Peter Jones diff --git a/0076-Make-efi-machines-load-an-env-block-from-a-variable.patch b/0076-Make-efi-machines-load-an-env-block-from-a-variable.patch index e535e18..7229658 100644 --- a/0076-Make-efi-machines-load-an-env-block-from-a-variable.patch +++ b/0076-Make-efi-machines-load-an-env-block-from-a-variable.patch @@ -1,7 +1,7 @@ From 506b52759b2b2ad46e7b389979fcbaa78d68dab9 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 7 Dec 2015 14:20:49 -0500 -Subject: [PATCH 076/216] Make efi machines load an env block from a variable +Subject: [PATCH 076/227] Make efi machines load an env block from a variable Signed-off-by: Peter Jones --- diff --git a/0077-DHCP-client-ID-and-UUID-options-added.patch b/0077-DHCP-client-ID-and-UUID-options-added.patch index 53b6300..1307cc6 100644 --- a/0077-DHCP-client-ID-and-UUID-options-added.patch +++ b/0077-DHCP-client-ID-and-UUID-options-added.patch @@ -1,7 +1,7 @@ From 8a0b654a520e407da69e0cf64f3dd6bb7cf86240 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Tue, 27 Nov 2012 17:18:53 -0200 -Subject: [PATCH 077/216] DHCP client ID and UUID options added. +Subject: [PATCH 077/227] DHCP client ID and UUID options added. --- grub-core/net/bootp.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++----- diff --git a/0078-trim-arp-packets-with-abnormal-size.patch b/0078-trim-arp-packets-with-abnormal-size.patch index f4f375f..e22fb0e 100644 --- a/0078-trim-arp-packets-with-abnormal-size.patch +++ b/0078-trim-arp-packets-with-abnormal-size.patch @@ -1,7 +1,7 @@ From cffad45026af9a05a0509daf593fa87148a3de66 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Wed, 5 Feb 2014 09:42:42 -0200 -Subject: [PATCH 078/216] trim arp packets with abnormal size +Subject: [PATCH 078/227] trim arp packets with abnormal size GRUB uses arp request to create the arp response. If the incoming packet is foobared, GRUB needs to trim the arp response packet before sending it. diff --git a/0079-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch b/0079-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch index f1213e3..d985a8d 100644 --- a/0079-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch +++ b/0079-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch @@ -1,7 +1,7 @@ From 97b0254d8f3de9a51aa3df570d862bbb8dbd044b Mon Sep 17 00:00:00 2001 From: Prarit Bhargava Date: Wed, 12 Mar 2014 10:58:16 -0400 -Subject: [PATCH 079/216] Fix bad test on GRUB_DISABLE_SUBMENU. +Subject: [PATCH 079/227] Fix bad test on GRUB_DISABLE_SUBMENU. The file /etc/grub.d/10_linux does diff --git a/0080-Add-support-for-UEFI-operating-systems-returned-by-o.patch b/0080-Add-support-for-UEFI-operating-systems-returned-by-o.patch index 5203802..7950a33 100644 --- a/0080-Add-support-for-UEFI-operating-systems-returned-by-o.patch +++ b/0080-Add-support-for-UEFI-operating-systems-returned-by-o.patch @@ -1,7 +1,7 @@ From cf5302cca4a0daf5eb9b058243e6f56e63ab58dc Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Wed, 12 Jun 2013 11:51:49 -0400 -Subject: [PATCH 080/216] Add support for UEFI operating systems returned by +Subject: [PATCH 080/227] Add support for UEFI operating systems returned by os-prober os-prober returns UEFI operating systems in the form: diff --git a/0081-Migrate-PPC-from-Yaboot-to-Grub2.patch b/0081-Migrate-PPC-from-Yaboot-to-Grub2.patch index bc776f6..482ff88 100644 --- a/0081-Migrate-PPC-from-Yaboot-to-Grub2.patch +++ b/0081-Migrate-PPC-from-Yaboot-to-Grub2.patch @@ -1,7 +1,7 @@ From 4fbdca3b8a359170032882db53646cc4bfd17f6b Mon Sep 17 00:00:00 2001 From: Mark Hamzy Date: Wed, 28 Mar 2012 14:46:41 -0500 -Subject: [PATCH 081/216] Migrate PPC from Yaboot to Grub2 +Subject: [PATCH 081/227] Migrate PPC from Yaboot to Grub2 Add configuration support for serial terminal consoles. This will set the maximum screen size so that text is not overwritten. diff --git a/0082-Add-fw_path-variable-revised.patch b/0082-Add-fw_path-variable-revised.patch index f039d01..90901a2 100644 --- a/0082-Add-fw_path-variable-revised.patch +++ b/0082-Add-fw_path-variable-revised.patch @@ -1,7 +1,7 @@ From ebd364c3aabe4e484243ccf6e276563416b3f244 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Wed, 19 Sep 2012 21:22:55 -0300 -Subject: [PATCH 082/216] Add fw_path variable (revised) +Subject: [PATCH 082/227] Add fw_path variable (revised) This patch makes grub look for its config file on efi where the app was found. It was originally written by Matthew Garrett, and adapted to fix the diff --git a/0083-Add-support-for-linuxefi.patch b/0083-Add-support-for-linuxefi.patch index 26de190..c31e707 100644 --- a/0083-Add-support-for-linuxefi.patch +++ b/0083-Add-support-for-linuxefi.patch @@ -1,7 +1,7 @@ From e1243befd2bc84b3c85100bece1424529dedafb4 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Tue, 10 Jul 2012 11:58:52 -0400 -Subject: [PATCH 083/216] Add support for linuxefi +Subject: [PATCH 083/227] Add support for linuxefi --- grub-core/Makefile.core.def | 8 + diff --git a/0084-Use-linuxefi-and-initrdefi-where-appropriate.patch b/0084-Use-linuxefi-and-initrdefi-where-appropriate.patch index 7526b44..003b3c8 100644 --- a/0084-Use-linuxefi-and-initrdefi-where-appropriate.patch +++ b/0084-Use-linuxefi-and-initrdefi-where-appropriate.patch @@ -1,7 +1,7 @@ From 859cdda8e3c026eb132ad15320222a7ef89d8940 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 16 Jul 2012 18:57:11 -0400 -Subject: [PATCH 084/216] Use "linuxefi" and "initrdefi" where appropriate. +Subject: [PATCH 084/227] Use "linuxefi" and "initrdefi" where appropriate. --- util/grub.d/10_linux.in | 18 ++++++++++++++++-- diff --git a/0085-Don-t-allow-insmod-when-secure-boot-is-enabled.patch b/0085-Don-t-allow-insmod-when-secure-boot-is-enabled.patch index fd142cc..c94f585 100644 --- a/0085-Don-t-allow-insmod-when-secure-boot-is-enabled.patch +++ b/0085-Don-t-allow-insmod-when-secure-boot-is-enabled.patch @@ -1,7 +1,7 @@ From a7dd90b084d0e6d10e8f1892651d8c20c079c99d Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Tue, 23 Oct 2012 10:40:49 -0400 -Subject: [PATCH 085/216] Don't allow insmod when secure boot is enabled. +Subject: [PATCH 085/227] Don't allow insmod when secure boot is enabled. Hi, diff --git a/0086-Pass-x-hex-hex-straight-through-unmolested.patch b/0086-Pass-x-hex-hex-straight-through-unmolested.patch index 9572576..7dfa6b3 100644 --- a/0086-Pass-x-hex-hex-straight-through-unmolested.patch +++ b/0086-Pass-x-hex-hex-straight-through-unmolested.patch @@ -1,7 +1,7 @@ From 66e04779bda094f385e8bbbe3523501821b830e4 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 1 Oct 2012 13:24:37 -0400 -Subject: [PATCH 086/216] Pass "\x[[:hex:]][[:hex:]]" straight through +Subject: [PATCH 086/227] Pass "\x[[:hex:]][[:hex:]]" straight through unmolested. --- diff --git a/0087-Add-X-option-to-printf-functions.patch b/0087-Add-X-option-to-printf-functions.patch index f2ad0c0..3a1e071 100644 --- a/0087-Add-X-option-to-printf-functions.patch +++ b/0087-Add-X-option-to-printf-functions.patch @@ -1,7 +1,7 @@ From 85d1de365ee5f0fb5409a3b1d895204262a7a068 Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Tue, 27 Nov 2012 16:58:39 -0200 -Subject: [PATCH 087/216] Add %X option to printf functions. +Subject: [PATCH 087/227] Add %X option to printf functions. --- grub-core/kern/misc.c | 7 +++++-- diff --git a/0088-Search-for-specific-config-file-for-netboot.patch b/0088-Search-for-specific-config-file-for-netboot.patch index 9b4ad36..da3a449 100644 --- a/0088-Search-for-specific-config-file-for-netboot.patch +++ b/0088-Search-for-specific-config-file-for-netboot.patch @@ -1,7 +1,7 @@ From 4b15dd15153b2e7070ae37736c3094223fa3a01d Mon Sep 17 00:00:00 2001 From: Paulo Flabiano Smorigo Date: Tue, 27 Nov 2012 17:22:07 -0200 -Subject: [PATCH 088/216] Search for specific config file for netboot +Subject: [PATCH 088/227] Search for specific config file for netboot This patch implements a search for a specific configuration when the config file is on a remoteserver. It uses the following order: diff --git a/0089-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch b/0089-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch index c834a6e..6468cf8 100644 --- a/0089-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +++ b/0089-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch @@ -1,7 +1,7 @@ From cb7f166adef2b0acc52fa0b506621295a1408702 Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Tue, 22 Jan 2013 06:31:38 +0100 -Subject: [PATCH 089/216] blscfg: add blscfg module to parse Boot Loader +Subject: [PATCH 089/227] blscfg: add blscfg module to parse Boot Loader Specification snippets http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec diff --git a/0090-Don-t-write-messages-to-the-screen.patch b/0090-Don-t-write-messages-to-the-screen.patch index fb4b6e9..854ea34 100644 --- a/0090-Don-t-write-messages-to-the-screen.patch +++ b/0090-Don-t-write-messages-to-the-screen.patch @@ -1,7 +1,7 @@ From 472265de61af84149ba89a91072317e15298caa1 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Wed, 15 May 2013 13:30:20 -0400 -Subject: [PATCH 090/216] Don't write messages to the screen +Subject: [PATCH 090/227] Don't write messages to the screen Writing messages to the screen before the menus or boot splash happens so quickly it looks like something is wrong and isn't diff --git a/0091-Don-t-print-GNU-GRUB-header.patch b/0091-Don-t-print-GNU-GRUB-header.patch index ba0ba9d..8a663b3 100644 --- a/0091-Don-t-print-GNU-GRUB-header.patch +++ b/0091-Don-t-print-GNU-GRUB-header.patch @@ -1,7 +1,7 @@ From 2b9d1073c695f0363202a00586e1994432d23347 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Wed, 15 May 2013 13:53:48 -0400 -Subject: [PATCH 091/216] Don't print GNU GRUB header +Subject: [PATCH 091/227] Don't print GNU GRUB header No one cares. --- diff --git a/0092-Don-t-add-to-highlighted-row.patch b/0092-Don-t-add-to-highlighted-row.patch index c417c51..e0f0bda 100644 --- a/0092-Don-t-add-to-highlighted-row.patch +++ b/0092-Don-t-add-to-highlighted-row.patch @@ -1,7 +1,7 @@ From 7cb577925e3d40869b9748afa5060b178ba88abd Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Wed, 15 May 2013 17:49:45 -0400 -Subject: [PATCH 092/216] Don't add '*' to highlighted row +Subject: [PATCH 092/227] Don't add '*' to highlighted row It is already highlighted. --- diff --git a/0093-Message-string-cleanups.patch b/0093-Message-string-cleanups.patch index 7eaaa0c..61b0906 100644 --- a/0093-Message-string-cleanups.patch +++ b/0093-Message-string-cleanups.patch @@ -1,7 +1,7 @@ From 67803e1ea2884a1ff8ecbb1cc9371fa63c9a7544 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 11:09:04 -0400 -Subject: [PATCH 093/216] Message string cleanups +Subject: [PATCH 093/227] Message string cleanups Make use of terminology consistent. Remove jargon. --- diff --git a/0094-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch b/0094-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch index 6136313..7e70fc8 100644 --- a/0094-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch +++ b/0094-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch @@ -1,7 +1,7 @@ From 7857716e067795304fc788813e427fac3f9624d7 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 14:08:23 -0400 -Subject: [PATCH 094/216] Fix border spacing now that we aren't displaying it +Subject: [PATCH 094/227] Fix border spacing now that we aren't displaying it --- grub-core/normal/menu_text.c | 6 +++--- diff --git a/0095-Use-the-correct-indentation-for-the-term-help-text.patch b/0095-Use-the-correct-indentation-for-the-term-help-text.patch index 1f86088..b4ea161 100644 --- a/0095-Use-the-correct-indentation-for-the-term-help-text.patch +++ b/0095-Use-the-correct-indentation-for-the-term-help-text.patch @@ -1,7 +1,7 @@ From 9ecf176aa2951d848ca2d0ab23e663b2ddc1b336 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 14:08:49 -0400 -Subject: [PATCH 095/216] Use the correct indentation for the term help text +Subject: [PATCH 095/227] Use the correct indentation for the term help text That is consistent with the menu help text --- diff --git a/0096-Indent-menu-entries.patch b/0096-Indent-menu-entries.patch index 8b8e3ed..7fae91b 100644 --- a/0096-Indent-menu-entries.patch +++ b/0096-Indent-menu-entries.patch @@ -1,7 +1,7 @@ From 62af3df5904d4fff7e8c4bab0a90aae6752be432 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 14:30:55 -0400 -Subject: [PATCH 096/216] Indent menu entries +Subject: [PATCH 096/227] Indent menu entries --- grub-core/normal/menu_text.c | 3 ++- diff --git a/0097-Fix-margins.patch b/0097-Fix-margins.patch index 6c2ca93..926920a 100644 --- a/0097-Fix-margins.patch +++ b/0097-Fix-margins.patch @@ -1,7 +1,7 @@ From aa23d4d1be22a7255f9faa3bac39a5d29c2de9f2 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 14:59:36 -0400 -Subject: [PATCH 097/216] Fix margins +Subject: [PATCH 097/227] Fix margins --- grub-core/normal/menu_text.c | 8 +++----- diff --git a/0098-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch b/0098-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch index febd0a0..dee6d58 100644 --- a/0098-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch +++ b/0098-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch @@ -1,7 +1,7 @@ From cc0abdf469be06b17879f19b26c73b916f479b28 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 21 Jun 2013 14:44:08 -0400 -Subject: [PATCH 098/216] Use -2 instead of -1 for our right-hand margin, so +Subject: [PATCH 098/227] Use -2 instead of -1 for our right-hand margin, so linewrapping works (#976643). Signed-off-by: Peter Jones diff --git a/0099-Use-linux16-when-appropriate-880840.patch b/0099-Use-linux16-when-appropriate-880840.patch index 4b3c6dc..b834eb8 100644 --- a/0099-Use-linux16-when-appropriate-880840.patch +++ b/0099-Use-linux16-when-appropriate-880840.patch @@ -1,7 +1,7 @@ From 9b332449552b4c8afbe2d0e30b795d93c2ac733f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 28 Oct 2013 10:05:07 -0400 -Subject: [PATCH 099/216] Use linux16 when appropriate (#880840) +Subject: [PATCH 099/227] Use linux16 when appropriate (#880840) The kernel group really would prefer that we use the 16 bit entry point on x86 bios machines. diff --git a/0100-Enable-pager-by-default.-985860.patch b/0100-Enable-pager-by-default.-985860.patch index 5064115..f764a56 100644 --- a/0100-Enable-pager-by-default.-985860.patch +++ b/0100-Enable-pager-by-default.-985860.patch @@ -1,7 +1,7 @@ From 24b186833aad3f456111b7f9d3806065dbb95a2e Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 28 Oct 2013 10:09:27 -0400 -Subject: [PATCH 100/216] Enable pager by default. (#985860) +Subject: [PATCH 100/227] Enable pager by default. (#985860) Signed-off-by: Peter Jones --- diff --git a/0101-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch b/0101-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch index cc9192f..1059488 100644 --- a/0101-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch +++ b/0101-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch @@ -1,7 +1,7 @@ From 3635e1f8f5925e9c5ba54e9bbe79503d78177ea4 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 28 Oct 2013 10:13:27 -0400 -Subject: [PATCH 101/216] F10 doesn't work on serial, so don't tell the user to +Subject: [PATCH 101/227] F10 doesn't work on serial, so don't tell the user to hit it (#987443) Signed-off-by: Peter Jones diff --git a/0102-Don-t-say-GNU-Linux-in-generated-menus.patch b/0102-Don-t-say-GNU-Linux-in-generated-menus.patch index a8ccaa0..9e3042c 100644 --- a/0102-Don-t-say-GNU-Linux-in-generated-menus.patch +++ b/0102-Don-t-say-GNU-Linux-in-generated-menus.patch @@ -1,7 +1,7 @@ From c3bd10791d0ecc17cd8243de8eea4cd683ae2bdb Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 14 Mar 2011 14:27:42 -0400 -Subject: [PATCH 102/216] Don't say "GNU/Linux" in generated menus. +Subject: [PATCH 102/227] Don't say "GNU/Linux" in generated menus. --- util/grub.d/10_linux.in | 4 ++-- diff --git a/0103-Don-t-draw-a-border-around-the-menu.patch b/0103-Don-t-draw-a-border-around-the-menu.patch index ad76c4c..d423522 100644 --- a/0103-Don-t-draw-a-border-around-the-menu.patch +++ b/0103-Don-t-draw-a-border-around-the-menu.patch @@ -1,7 +1,7 @@ From 79e679458cc2e70d0097cfc702668976fe1fdc5d Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Wed, 15 May 2013 16:47:33 -0400 -Subject: [PATCH 103/216] Don't draw a border around the menu +Subject: [PATCH 103/227] Don't draw a border around the menu It looks cleaner without it. --- diff --git a/0104-Use-the-standard-margin-for-the-timeout-string.patch b/0104-Use-the-standard-margin-for-the-timeout-string.patch index 4223398..ddf1703 100644 --- a/0104-Use-the-standard-margin-for-the-timeout-string.patch +++ b/0104-Use-the-standard-margin-for-the-timeout-string.patch @@ -1,7 +1,7 @@ From a82ffe034724bb20b062bba9606654d0e3919acc Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Fri, 7 Jun 2013 10:52:32 -0400 -Subject: [PATCH 104/216] Use the standard margin for the timeout string +Subject: [PATCH 104/227] Use the standard margin for the timeout string So that it aligns with the other messages --- diff --git a/0105-Add-.eh_frame-to-list-of-relocations-stripped.patch b/0105-Add-.eh_frame-to-list-of-relocations-stripped.patch index df9f19a..4a61b2e 100644 --- a/0105-Add-.eh_frame-to-list-of-relocations-stripped.patch +++ b/0105-Add-.eh_frame-to-list-of-relocations-stripped.patch @@ -1,7 +1,7 @@ From 35cdd6b929d5f63750bb214a53e1c75b31dcae99 Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Mon, 13 Jan 2014 21:50:59 -0500 -Subject: [PATCH 105/216] Add .eh_frame to list of relocations stripped +Subject: [PATCH 105/227] Add .eh_frame to list of relocations stripped --- conf/Makefile.common | 2 +- diff --git a/0106-Make-10_linux-work-with-our-changes-for-linux16-and-.patch b/0106-Make-10_linux-work-with-our-changes-for-linux16-and-.patch index ccd2186..da8f480 100644 --- a/0106-Make-10_linux-work-with-our-changes-for-linux16-and-.patch +++ b/0106-Make-10_linux-work-with-our-changes-for-linux16-and-.patch @@ -1,7 +1,7 @@ From 3f5daaa46d0a5eb390a74da40abe54d385d308cf Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Jan 2014 13:12:23 -0500 -Subject: [PATCH 106/216] Make 10_linux work with our changes for linux16 and +Subject: [PATCH 106/227] Make 10_linux work with our changes for linux16 and linuxefi on aarch64 Signed-off-by: Peter Jones diff --git a/0107-Don-t-print-during-fdt-loading-method.patch b/0107-Don-t-print-during-fdt-loading-method.patch index c85dec8..53a1042 100644 --- a/0107-Don-t-print-during-fdt-loading-method.patch +++ b/0107-Don-t-print-during-fdt-loading-method.patch @@ -1,7 +1,7 @@ From 276027c67b27f2ee557ca9e2492c779a5f76cb9b Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Jan 2014 16:15:46 -0500 -Subject: [PATCH 107/216] Don't print during fdt loading method. +Subject: [PATCH 107/227] Don't print during fdt loading method. Signed-off-by: Peter Jones --- diff --git a/0108-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch b/0108-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch index 0f5e3ec..9ef7f77 100644 --- a/0108-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch +++ b/0108-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch @@ -1,7 +1,7 @@ From 25add18bbc13249a2ce32f4e9b0de512ecc1fe4b Mon Sep 17 00:00:00 2001 From: Hans de Goede Date: Mon, 30 Jun 2014 14:16:46 -0400 -Subject: [PATCH 108/216] Don't munge raw spaces when we're doing our cmdline +Subject: [PATCH 108/227] Don't munge raw spaces when we're doing our cmdline escaping (#923374) Signed-off-by: Peter Jones diff --git a/0109-Don-t-require-a-password-to-boot-entries-generated-b.patch b/0109-Don-t-require-a-password-to-boot-entries-generated-b.patch index 03792b2..10c6828 100644 --- a/0109-Don-t-require-a-password-to-boot-entries-generated-b.patch +++ b/0109-Don-t-require-a-password-to-boot-entries-generated-b.patch @@ -1,7 +1,7 @@ From 9b109204ee0d1888d64d553849798ee57af1809f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 11 Feb 2014 11:14:50 -0500 -Subject: [PATCH 109/216] Don't require a password to boot entries generated by +Subject: [PATCH 109/227] Don't require a password to boot entries generated by grub-mkconfig. When we set a password, we just want that to mean you can't /edit/ an entry. diff --git a/0110-Don-t-emit-Booting-.-message.patch b/0110-Don-t-emit-Booting-.-message.patch index a591959..26ac458 100644 --- a/0110-Don-t-emit-Booting-.-message.patch +++ b/0110-Don-t-emit-Booting-.-message.patch @@ -1,7 +1,7 @@ From 68f1935b5c6f66afbf9d6990615946c44f3d54cb Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 18 Feb 2014 09:37:49 -0500 -Subject: [PATCH 110/216] Don't emit "Booting ..." message. +Subject: [PATCH 110/227] Don't emit "Booting ..." message. UI team still hates this stuff, so we're disabling it for RHEL 7. diff --git a/0111-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch b/0111-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch index 95a609c..5d7b471 100644 --- a/0111-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +++ b/0111-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch @@ -1,7 +1,7 @@ From 6cdf99aa53970695fbf5c002fa288e1044571ca7 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 4 Mar 2014 11:00:23 -0500 -Subject: [PATCH 111/216] Replace a lot of man pages with slightly nicer ones. +Subject: [PATCH 111/227] Replace a lot of man pages with slightly nicer ones. Replace a bunch of machine generated ones with ones that look nicer. --- diff --git a/0112-use-fw_path-prefix-when-fallback-searching-for-grub-.patch b/0112-use-fw_path-prefix-when-fallback-searching-for-grub-.patch index 70c833b..a8c6857 100644 --- a/0112-use-fw_path-prefix-when-fallback-searching-for-grub-.patch +++ b/0112-use-fw_path-prefix-when-fallback-searching-for-grub-.patch @@ -1,7 +1,7 @@ From f72c593c32ecba7b10ceb4c63ca8ec48f60c3ccf Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Wed, 19 Feb 2014 15:58:43 -0500 -Subject: [PATCH 112/216] use fw_path prefix when fallback searching for grub +Subject: [PATCH 112/227] use fw_path prefix when fallback searching for grub config When PXE booting via UEFI firmware, grub was searching for grub.cfg diff --git a/0113-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch b/0113-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch index 5eea04a..6fa6582 100644 --- a/0113-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch +++ b/0113-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch @@ -1,7 +1,7 @@ From 09265872f163e6dfe1aa319ac40e8090f31830f7 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 6 Mar 2014 11:51:33 -0500 -Subject: [PATCH 113/216] Try mac/guid/etc before grub.cfg on tftp config +Subject: [PATCH 113/227] Try mac/guid/etc before grub.cfg on tftp config files. Signed-off-by: Peter Jones diff --git a/0114-Fix-convert-function-to-support-NVMe-devices.patch b/0114-Fix-convert-function-to-support-NVMe-devices.patch index 08ecd97..d510121 100644 --- a/0114-Fix-convert-function-to-support-NVMe-devices.patch +++ b/0114-Fix-convert-function-to-support-NVMe-devices.patch @@ -1,7 +1,7 @@ From 39976a692a9350b1293f209953426830ddde2ad6 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 18 Feb 2014 11:34:00 -0500 -Subject: [PATCH 114/216] Fix convert function to support NVMe devices +Subject: [PATCH 114/227] Fix convert function to support NVMe devices This is adapted from the patch at https://bugzilla.redhat.com/show_bug.cgi?id=1019660 , which is against diff --git a/0115-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch b/0115-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch index c88f98b..3908a24 100644 --- a/0115-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch +++ b/0115-Switch-to-use-APM-Mustang-device-tree-for-hardware-t.patch @@ -1,7 +1,7 @@ From 05d7e199d3f48cf9fd9b2af877cfe37c498f0874 Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Mon, 10 Feb 2014 16:13:10 -0500 -Subject: [PATCH 115/216] Switch to use APM Mustang device tree, for hardware +Subject: [PATCH 115/227] Switch to use APM Mustang device tree, for hardware testing. Signed-off-by: David A. Marlin diff --git a/0116-Use-the-default-device-tree-from-the-grub-default-fi.patch b/0116-Use-the-default-device-tree-from-the-grub-default-fi.patch index 1aec17c..f62dbce 100644 --- a/0116-Use-the-default-device-tree-from-the-grub-default-fi.patch +++ b/0116-Use-the-default-device-tree-from-the-grub-default-fi.patch @@ -1,7 +1,7 @@ From b2ad2a3b4a4bc998003c1275709f0677c39503a9 Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Wed, 12 Feb 2014 14:54:04 -0500 -Subject: [PATCH 116/216] Use the default device tree from the grub default +Subject: [PATCH 116/227] Use the default device tree from the grub default file instead of hardcoding a value. diff --git a/0117-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0117-reopen-SNP-protocol-for-exclusive-use-by-grub.patch index c4dd05d..64864dc 100644 --- a/0117-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +++ b/0117-reopen-SNP-protocol-for-exclusive-use-by-grub.patch @@ -1,7 +1,7 @@ From 5d87e5b1697c28d55348486cb3c704b467c8e798 Mon Sep 17 00:00:00 2001 From: Fedora Ninjas Date: Sat, 15 Feb 2014 15:10:22 -0500 -Subject: [PATCH 117/216] reopen SNP protocol for exclusive use by grub +Subject: [PATCH 117/227] reopen SNP protocol for exclusive use by grub --- grub-core/net/drivers/efi/efinet.c | 16 ++++++++++++++++ diff --git a/0118-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0118-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch index 3ee3743..89aa0c3 100644 --- a/0118-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +++ b/0118-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch @@ -1,7 +1,7 @@ From f00ca4e03561840f116642c7100df6dc6395209d Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 4 Mar 2016 15:13:59 -0500 -Subject: [PATCH 118/216] Revert "reopen SNP protocol for exclusive use by +Subject: [PATCH 118/227] Revert "reopen SNP protocol for exclusive use by grub" This reverts commit a3f2c756ce34c9666bddef35e3b3b85ccecdcffc , which is diff --git a/0119-Add-grub_util_readlink.patch b/0119-Add-grub_util_readlink.patch index c9b33ac..4ba23c1 100644 --- a/0119-Add-grub_util_readlink.patch +++ b/0119-Add-grub_util_readlink.patch @@ -1,7 +1,7 @@ From ffc123b7ab4fe37da16d4c62d87255f8c5c14b9f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 3 Sep 2014 10:01:03 -0400 -Subject: [PATCH 119/216] Add grub_util_readlink() +Subject: [PATCH 119/227] Add grub_util_readlink() Add grub_util_readlink(). This requires pulling in stat and readlink from gnulib, which pulls in stat and related headers, but after that the diff --git a/0120-Make-editenv-chase-symlinks-including-those-across-d.patch b/0120-Make-editenv-chase-symlinks-including-those-across-d.patch index 9c13d85..5d85be8 100644 --- a/0120-Make-editenv-chase-symlinks-including-those-across-d.patch +++ b/0120-Make-editenv-chase-symlinks-including-those-across-d.patch @@ -1,7 +1,7 @@ From fb903fc1587b582e23e44811dc8c4ed359806028 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 3 Sep 2014 10:38:00 -0400 -Subject: [PATCH 120/216] Make editenv chase symlinks including those across +Subject: [PATCH 120/227] Make editenv chase symlinks including those across devices. This lets us make /boot/grub2/grubenv a symlink to diff --git a/0121-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch b/0121-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch index a3bc069..fbaa756 100644 --- a/0121-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +++ b/0121-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch @@ -1,7 +1,7 @@ From 5948f763fc01d7f29923e94ef9b1ed923b11ff1a Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 4 Sep 2014 14:23:23 -0400 -Subject: [PATCH 121/216] Generate OS and CLASS in 10_linux from +Subject: [PATCH 121/227] Generate OS and CLASS in 10_linux from /etc/os-release This makes us use pretty names in the titles we generate in diff --git a/0122-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch b/0122-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch index 7e4d2e8..54c2965 100644 --- a/0122-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch +++ b/0122-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch @@ -1,7 +1,7 @@ From 547d0c60f28c026801af2ada3e0995d0ecc22c35 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 4 Sep 2014 15:52:08 -0400 -Subject: [PATCH 122/216] Minimize the sort ordering for .debug and -rescue- +Subject: [PATCH 122/227] Minimize the sort ordering for .debug and -rescue- kernels. Resolves: rhbz#1065360 diff --git a/0123-Load-arm-with-SB-enabled.patch b/0123-Load-arm-with-SB-enabled.patch index 82d9c07..49c2438 100644 --- a/0123-Load-arm-with-SB-enabled.patch +++ b/0123-Load-arm-with-SB-enabled.patch @@ -1,7 +1,7 @@ From c03bf04fd9e3192bec942a7adee23b5377ea81dc Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 18 Sep 2014 11:26:14 -0400 -Subject: [PATCH 123/216] Load arm with SB enabled. +Subject: [PATCH 123/227] Load arm with SB enabled. Make sure we actually try to validate secure boot on this platform (even though we're not shipping it enabled by default.) diff --git a/0124-Try-prefix-if-fw_path-doesn-t-work.patch b/0124-Try-prefix-if-fw_path-doesn-t-work.patch index 226b8f6..aed5d8e 100644 --- a/0124-Try-prefix-if-fw_path-doesn-t-work.patch +++ b/0124-Try-prefix-if-fw_path-doesn-t-work.patch @@ -1,7 +1,7 @@ From 0c98cb57eb1a34ec29f719e3a798f5b20c6a4082 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 3 Oct 2014 11:08:03 -0400 -Subject: [PATCH 124/216] Try $prefix if $fw_path doesn't work. +Subject: [PATCH 124/227] Try $prefix if $fw_path doesn't work. Related: rhbz#1148652 diff --git a/0125-Update-info-with-grub.cfg-netboot-selection-order-11.patch b/0125-Update-info-with-grub.cfg-netboot-selection-order-11.patch index 131459c..c8b76b6 100644 --- a/0125-Update-info-with-grub.cfg-netboot-selection-order-11.patch +++ b/0125-Update-info-with-grub.cfg-netboot-selection-order-11.patch @@ -1,7 +1,7 @@ From d446fed131fadd00d0daab0654c7d9e14442d451 Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Mon, 16 Mar 2015 16:34:51 -0400 -Subject: [PATCH 125/216] Update info with grub.cfg netboot selection order +Subject: [PATCH 125/227] Update info with grub.cfg netboot selection order (#1148650) Added documentation to the grub info page that specifies the order diff --git a/0126-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch b/0126-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch index 97aaf4b..8fb6f66 100644 --- a/0126-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch +++ b/0126-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch @@ -1,7 +1,7 @@ From e62ab1057d87e2a1e3c7fcf6b134f86ec24f2eac Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Mon, 16 Mar 2015 14:14:19 -0400 -Subject: [PATCH 126/216] Use Distribution Package Sort for grub2-mkconfig +Subject: [PATCH 126/227] Use Distribution Package Sort for grub2-mkconfig (#1124074) Users reported that newly installed kernels on their systems installed diff --git a/0127-Handle-rssd-storage-devices.patch b/0127-Handle-rssd-storage-devices.patch index d69ff40..186faa2 100644 --- a/0127-Handle-rssd-storage-devices.patch +++ b/0127-Handle-rssd-storage-devices.patch @@ -1,7 +1,7 @@ From 8d3f2f0f389efbb9ed5da0c4f90fc82d104163c1 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 30 Jun 2015 15:50:41 -0400 -Subject: [PATCH 127/216] Handle rssd storage devices. +Subject: [PATCH 127/227] Handle rssd storage devices. Resolves: rhbz#1087962 diff --git a/0128-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch b/0128-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch index dbde9c2..82ec930 100644 --- a/0128-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch +++ b/0128-Try-to-emit-linux16-initrd16-and-linuxefi-initrdefi-.patch @@ -1,7 +1,7 @@ From e5ed14fb98e18d173f9396103aca65351e4e67e2 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 27 Oct 2014 09:22:55 -0400 -Subject: [PATCH 128/216] Try to emit linux16/initrd16 and linuxefi/initrdefi +Subject: [PATCH 128/227] Try to emit linux16/initrd16 and linuxefi/initrdefi in 30-os_prober. Resolves: rhbz#1108296 diff --git a/0129-Make-grub2-mkconfig-construct-titles-that-look-like-.patch b/0129-Make-grub2-mkconfig-construct-titles-that-look-like-.patch index fcb80f2..38e20d6 100644 --- a/0129-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +++ b/0129-Make-grub2-mkconfig-construct-titles-that-look-like-.patch @@ -1,7 +1,7 @@ From 75c3d5fedb92fcf107b594216655c29bb20cbebc Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 28 Apr 2015 11:15:03 -0400 -Subject: [PATCH 129/216] Make grub2-mkconfig construct titles that look like +Subject: [PATCH 129/227] Make grub2-mkconfig construct titles that look like the ones we want elsewhere. Resolves: rhbz#1215839 diff --git a/0130-Add-friendly-grub2-password-config-tool-985962.patch b/0130-Add-friendly-grub2-password-config-tool-985962.patch index f6fa3a1..5ef255d 100644 --- a/0130-Add-friendly-grub2-password-config-tool-985962.patch +++ b/0130-Add-friendly-grub2-password-config-tool-985962.patch @@ -1,7 +1,7 @@ From d03d08a8ba14eddda515907cafc640fb1dbe0874 Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Thu, 25 Jun 2015 11:13:11 -0400 -Subject: [PATCH 130/216] Add friendly grub2 password config tool (#985962) +Subject: [PATCH 130/227] Add friendly grub2 password config tool (#985962) Provided a tool for users to reset the grub2 root user password without having to alter the grub.cfg. The hashed password now diff --git a/0131-Make-grub2-mkconfig-construct-titles-that-look-like-.patch b/0131-Make-grub2-mkconfig-construct-titles-that-look-like-.patch index ec33824..b9d9af0 100644 --- a/0131-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +++ b/0131-Make-grub2-mkconfig-construct-titles-that-look-like-.patch @@ -1,7 +1,7 @@ From 7d9c29023e6c242306ae008a984245037655a23c Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 28 Apr 2015 11:15:03 -0400 -Subject: [PATCH 131/216] Make grub2-mkconfig construct titles that look like +Subject: [PATCH 131/227] Make grub2-mkconfig construct titles that look like the ones we want elsewhere. Resolves: rhbz#1215839 diff --git a/0132-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch b/0132-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch index 8dacb34..87b3ced 100644 --- a/0132-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch +++ b/0132-Try-to-make-sure-configure.ac-and-grub-rpm-sort-play.patch @@ -1,7 +1,7 @@ From e97b5c4ec2f11ac544c3c1de8fa5b84ac24d9536 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 3 Aug 2015 11:46:42 -0400 -Subject: [PATCH 132/216] Try to make sure configure.ac and grub-rpm-sort play +Subject: [PATCH 132/227] Try to make sure configure.ac and grub-rpm-sort play nice. Apparently the test for whether to use grub-rpm-sort and also the diff --git a/0133-tcp-add-window-scaling-support.patch b/0133-tcp-add-window-scaling-support.patch index 3725a41..4dd6b6b 100644 --- a/0133-tcp-add-window-scaling-support.patch +++ b/0133-tcp-add-window-scaling-support.patch @@ -1,7 +1,7 @@ From df119e7a941f0e1329181d33d63349375b9b56d9 Mon Sep 17 00:00:00 2001 From: Josef Bacik Date: Wed, 12 Aug 2015 08:57:55 -0700 -Subject: [PATCH 133/216] tcp: add window scaling support +Subject: [PATCH 133/227] tcp: add window scaling support Sometimes we have to provision boxes across regions, such as California to Sweden. The http server has a 10 minute timeout, so if we can't get our 250mb diff --git a/0134-efinet-retransmit-if-our-device-is-busy.patch b/0134-efinet-retransmit-if-our-device-is-busy.patch index 15dcf34..99c9312 100644 --- a/0134-efinet-retransmit-if-our-device-is-busy.patch +++ b/0134-efinet-retransmit-if-our-device-is-busy.patch @@ -1,7 +1,7 @@ From d4f94fc4cd48954f757d6efb82311eb3256389e4 Mon Sep 17 00:00:00 2001 From: Josef Bacik Date: Mon, 31 Aug 2015 13:34:35 -0400 -Subject: [PATCH 134/216] efinet: retransmit if our device is busy +Subject: [PATCH 134/227] efinet: retransmit if our device is busy When I fixed the txbuf handling I ripped out the retransmission code since it was flooding our network when we had the buggy behavior. Turns out this was too diff --git a/0135-Be-more-aggro-about-actually-using-the-configured-ne.patch b/0135-Be-more-aggro-about-actually-using-the-configured-ne.patch index 8497eed..bbf6862 100644 --- a/0135-Be-more-aggro-about-actually-using-the-configured-ne.patch +++ b/0135-Be-more-aggro-about-actually-using-the-configured-ne.patch @@ -1,7 +1,7 @@ From d4eb7984ad8938e50764c541f0e8f4c8d6d012f8 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 11 Sep 2015 17:30:49 -0400 -Subject: [PATCH 135/216] Be more aggro about actually using the *configured* +Subject: [PATCH 135/227] Be more aggro about actually using the *configured* network device. Right now we use any SNP device with the same mac+IP block, but when diff --git a/0136-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch b/0136-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch index 4bdeda2..34b1b92 100644 --- a/0136-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch +++ b/0136-efinet-add-filter-for-the-first-exclusive-reopen-of-.patch @@ -1,7 +1,7 @@ From fdbc8b81c9f3bbef64298dbf1f5230eda0cda02f Mon Sep 17 00:00:00 2001 From: RHEL Ninjas Date: Fri, 25 Sep 2015 16:24:23 +0900 -Subject: [PATCH 136/216] efinet: add filter for the first exclusive reopen of +Subject: [PATCH 136/227] efinet: add filter for the first exclusive reopen of SNP --- diff --git a/0137-Fix-security-issue-when-reading-username-and-passwor.patch b/0137-Fix-security-issue-when-reading-username-and-passwor.patch index 34d01f5..416a75b 100644 --- a/0137-Fix-security-issue-when-reading-username-and-passwor.patch +++ b/0137-Fix-security-issue-when-reading-username-and-passwor.patch @@ -1,7 +1,7 @@ From fa4b152860e04053ee1cae6b70237a1975473a81 Mon Sep 17 00:00:00 2001 From: Hector Marco-Gisbert Date: Fri, 13 Nov 2015 16:21:09 +0100 -Subject: [PATCH 137/216] Fix security issue when reading username and password +Subject: [PATCH 137/227] Fix security issue when reading username and password This patch fixes two integer underflows at: * grub-core/lib/crypto.c diff --git a/0138-Warn-if-grub-password-will-not-be-read-1290803.patch b/0138-Warn-if-grub-password-will-not-be-read-1290803.patch index 47880f5..81970f4 100644 --- a/0138-Warn-if-grub-password-will-not-be-read-1290803.patch +++ b/0138-Warn-if-grub-password-will-not-be-read-1290803.patch @@ -1,7 +1,7 @@ From c8ed108d2f3f9b57add84e282fef6e39634aec99 Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Mon, 22 Feb 2016 15:30:05 -0500 -Subject: [PATCH 138/216] Warn if grub password will not be read (#1290803) +Subject: [PATCH 138/227] Warn if grub password will not be read (#1290803) It is possible for a system to have never run grub-mkconfig and add the section that reads the user.cfg file which contains a user set GRUB diff --git a/0139-Clean-up-grub-setpassword-documentation-1290799.patch b/0139-Clean-up-grub-setpassword-documentation-1290799.patch index 571b415..60e445f 100644 --- a/0139-Clean-up-grub-setpassword-documentation-1290799.patch +++ b/0139-Clean-up-grub-setpassword-documentation-1290799.patch @@ -1,7 +1,7 @@ From 884c7f7b14633fc47d5cada7f02df6fb5176b224 Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Tue, 26 Jan 2016 10:28:35 -0500 -Subject: [PATCH 139/216] Clean up grub-setpassword documentation (#1290799) +Subject: [PATCH 139/227] Clean up grub-setpassword documentation (#1290799) The output for --help had some errors. Corrected those and polished the text to be a little easier to follow. Carried verbage over to man page diff --git a/0140-Fix-locale-issue-in-grub-setpassword-1294243.patch b/0140-Fix-locale-issue-in-grub-setpassword-1294243.patch index db9aa18..ffec037 100644 --- a/0140-Fix-locale-issue-in-grub-setpassword-1294243.patch +++ b/0140-Fix-locale-issue-in-grub-setpassword-1294243.patch @@ -1,7 +1,7 @@ From 5f3812d1820b13137b5c79b135a6b790cb78ae60 Mon Sep 17 00:00:00 2001 From: Robert Marshall Date: Fri, 29 Jan 2016 16:56:11 -0500 -Subject: [PATCH 140/216] Fix locale issue in grub-setpassword (#1294243) +Subject: [PATCH 140/227] Fix locale issue in grub-setpassword (#1294243) A shell substitution was expecting non-translated output to grab the hashed password and put it in the user.cfg file. Modified code to force diff --git a/0141-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch b/0141-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch index ef599b0..00c6170 100644 --- a/0141-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch +++ b/0141-efiemu-Handle-persistent-RAM-and-unknown-possible-fu.patch @@ -1,7 +1,7 @@ From a7a38221a7f4593a9abb5f422d0dd349866ed029 Mon Sep 17 00:00:00 2001 From: Robert Elliott Date: Fri, 22 Jan 2016 13:32:30 +0100 -Subject: [PATCH 141/216] efiemu: Handle persistent RAM and unknown possible +Subject: [PATCH 141/227] efiemu: Handle persistent RAM and unknown possible future additions. (cherry picked from commit ae3b83a4d4df75a01198a2fed7542391e7c449e0) diff --git a/0142-efiemu-Fix-compilation-failure.patch b/0142-efiemu-Fix-compilation-failure.patch index 81545a9..bd6f225 100644 --- a/0142-efiemu-Fix-compilation-failure.patch +++ b/0142-efiemu-Fix-compilation-failure.patch @@ -1,7 +1,7 @@ From 1da43f34f211772fbda36ef6fd81e1cbde37eae7 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Fri, 22 Jan 2016 14:10:30 +0100 -Subject: [PATCH 142/216] efiemu: Fix compilation failure +Subject: [PATCH 142/227] efiemu: Fix compilation failure (cherry picked from commit b6a03dfd327489d53ee07c6d7d593b99c7b7cb62) diff --git a/0143-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch b/0143-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch index 6475102..9883f11 100644 --- a/0143-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch +++ b/0143-Revert-reopen-SNP-protocol-for-exclusive-use-by-grub.patch @@ -1,7 +1,7 @@ From 9b93a986a68502c1ab2303efd7469fda0c5709cf Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 7 Apr 2016 10:58:06 -0400 -Subject: [PATCH 143/216] Revert "reopen SNP protocol for exclusive use by +Subject: [PATCH 143/227] Revert "reopen SNP protocol for exclusive use by grub" I *think* this should have been replaced by upstream's diff --git a/0144-Add-a-url-parser.patch b/0144-Add-a-url-parser.patch index 96aac6f..bbb66af 100644 --- a/0144-Add-a-url-parser.patch +++ b/0144-Add-a-url-parser.patch @@ -1,7 +1,7 @@ From 520e6078ff9e3fbf1edf687e51597dac98c07d56 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Jun 2016 16:18:44 -0400 -Subject: [PATCH 144/216] Add a url parser. +Subject: [PATCH 144/227] Add a url parser. This patch adds a url parser that can parse http, https, tftp, and tftps urls, and is easily extensible to handle more types. diff --git a/0145-efinet-and-bootp-add-support-for-dhcpv6.patch b/0145-efinet-and-bootp-add-support-for-dhcpv6.patch index b95e2ae..b7d3a10 100644 --- a/0145-efinet-and-bootp-add-support-for-dhcpv6.patch +++ b/0145-efinet-and-bootp-add-support-for-dhcpv6.patch @@ -1,7 +1,7 @@ From 0bdcc68529fe2f3cdf92173fadffd2f9a6476b9b Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 8 Jun 2016 21:03:37 -0400 -Subject: [PATCH 145/216] efinet and bootp: add support for dhcpv6 +Subject: [PATCH 145/227] efinet and bootp: add support for dhcpv6 Signed-off-by: Peter Jones --- diff --git a/0146-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch b/0146-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch index 6920294..6041008 100644 --- a/0146-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +++ b/0146-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch @@ -1,7 +1,7 @@ From dcadcc9070f778654eb704fc0907e261996ef76e Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 23 Jun 2016 11:01:39 -0400 -Subject: [PATCH 146/216] Add grub-get-kernel-settings and use it in 10_linux +Subject: [PATCH 146/227] Add grub-get-kernel-settings and use it in 10_linux This patch adds grub-get-kernel-settings, which reads the system kernel installation configuration from /etc/sysconfig/kernel, and outputs diff --git a/0147-Normalize-slashes-in-tftp-paths.patch b/0147-Normalize-slashes-in-tftp-paths.patch index 7f288aa..0385e89 100644 --- a/0147-Normalize-slashes-in-tftp-paths.patch +++ b/0147-Normalize-slashes-in-tftp-paths.patch @@ -1,7 +1,7 @@ From 130783c1e461b64befbf0fa8c9002ef763606105 Mon Sep 17 00:00:00 2001 From: Lenny Szubowicz Date: Mon, 29 Aug 2016 11:04:48 -0400 -Subject: [PATCH 147/216] Normalize slashes in tftp paths. +Subject: [PATCH 147/227] Normalize slashes in tftp paths. Some tftp servers do not handle multiple consecutive slashes correctly; this patch avoids sending tftp requests with non-normalized paths. diff --git a/0148-Fix-malformed-tftp-packets.patch b/0148-Fix-malformed-tftp-packets.patch index 2fe933e..692116c 100644 --- a/0148-Fix-malformed-tftp-packets.patch +++ b/0148-Fix-malformed-tftp-packets.patch @@ -1,7 +1,7 @@ From af0e4fc8f9cd844c44c969c0991269ec9ab01a62 Mon Sep 17 00:00:00 2001 From: Mark Salter Date: Tue, 7 Mar 2017 18:26:17 -0500 -Subject: [PATCH 148/216] Fix malformed tftp packets +Subject: [PATCH 148/227] Fix malformed tftp packets 0088-Normalize-slashes-in-tftp-paths.patch collapses multiple contiguous slashes in a filename into one slash in the tftp packet filename field. diff --git a/0149-Fix-race-in-EFI-validation.patch b/0149-Fix-race-in-EFI-validation.patch index f92c600..22f4273 100644 --- a/0149-Fix-race-in-EFI-validation.patch +++ b/0149-Fix-race-in-EFI-validation.patch @@ -1,7 +1,7 @@ From d5339007d0ffdaf6e8a4e9702e7cec447b118804 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Tue, 14 Jul 2015 16:58:51 -0700 -Subject: [PATCH 149/216] Fix race in EFI validation +Subject: [PATCH 149/227] Fix race in EFI validation --- grub-core/loader/i386/efi/linux.c | 44 ++++++++++----------------------------- diff --git a/0150-bz1374141-fix-incorrect-mask-for-ppc64.patch b/0150-bz1374141-fix-incorrect-mask-for-ppc64.patch index 35f461a..d7910e2 100644 --- a/0150-bz1374141-fix-incorrect-mask-for-ppc64.patch +++ b/0150-bz1374141-fix-incorrect-mask-for-ppc64.patch @@ -1,7 +1,7 @@ From eea2b6113c2f17ed5755b23242457948025bfd33 Mon Sep 17 00:00:00 2001 From: Masahiro Matsuya Date: Sat, 29 Oct 2016 08:35:26 +0900 -Subject: [PATCH 150/216] bz1374141 fix incorrect mask for ppc64 +Subject: [PATCH 150/227] bz1374141 fix incorrect mask for ppc64 The netmask configured in firmware is not respected on ppc64 (big endian). When 255.255.252.0 is set as netmask in firmware, the following is the value of bootpath string in grub_ieee1275_parse_bootpath(). diff --git a/0151-Use-device-part-of-chainloader-target-if-present.patch b/0151-Use-device-part-of-chainloader-target-if-present.patch index 2530058..e5b7e7e 100644 --- a/0151-Use-device-part-of-chainloader-target-if-present.patch +++ b/0151-Use-device-part-of-chainloader-target-if-present.patch @@ -1,7 +1,7 @@ From d08c1a531d80b4e14a7bfeb0d762125f4fab1317 Mon Sep 17 00:00:00 2001 From: Raymund Will Date: Fri, 10 Apr 2015 01:45:02 -0400 -Subject: [PATCH 151/216] Use device part of chainloader target, if present. +Subject: [PATCH 151/227] Use device part of chainloader target, if present. Otherwise chainloading is restricted to '$root', which might not even be readable by EFI! diff --git a/0152-Add-secureboot-support-on-efi-chainloader.patch b/0152-Add-secureboot-support-on-efi-chainloader.patch index 72e6c99..984bb24 100644 --- a/0152-Add-secureboot-support-on-efi-chainloader.patch +++ b/0152-Add-secureboot-support-on-efi-chainloader.patch @@ -1,7 +1,7 @@ From 729766b6416f6ca13c694ce220c3b2156ced1691 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 6 Oct 2015 13:04:37 -0400 -Subject: [PATCH 152/216] Add secureboot support on efi chainloader +Subject: [PATCH 152/227] Add secureboot support on efi chainloader Expand the chainloader to be able to verify the image by means of shim lock protocol. The PE/COFF image is loaded and relocated by the diff --git a/0153-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch b/0153-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch index 6b71573..57a2e2c 100644 --- a/0153-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +++ b/0153-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch @@ -1,7 +1,7 @@ From fe18b297027c4976d11b87f1b5adc07a7565cdee Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 6 Oct 2015 16:09:25 -0400 -Subject: [PATCH 153/216] Make any of the loaders that link in efi mode honor +Subject: [PATCH 153/227] Make any of the loaders that link in efi mode honor secure boot. And in this case "honor" means "even if somebody does link this in, they diff --git a/0154-Make-grub_fatal-also-backtrace.patch b/0154-Make-grub_fatal-also-backtrace.patch index 1e6869a..9f46563 100644 --- a/0154-Make-grub_fatal-also-backtrace.patch +++ b/0154-Make-grub_fatal-also-backtrace.patch @@ -1,7 +1,7 @@ From b2fd6377486d66ced5fd82325c3ee8e11f4f1176 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 27 Jan 2016 09:22:42 -0500 -Subject: [PATCH 154/216] Make grub_fatal() also backtrace. +Subject: [PATCH 154/227] Make grub_fatal() also backtrace. --- grub-core/Makefile.core.def | 3 ++ diff --git a/0155-Rework-linux-command.patch b/0155-Rework-linux-command.patch index 5d5022a..d22067b 100644 --- a/0155-Rework-linux-command.patch +++ b/0155-Rework-linux-command.patch @@ -1,7 +1,7 @@ From 4fec1bb24e09f36366c62196285392a674d259d3 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Sun, 9 Aug 2015 16:12:39 -0700 -Subject: [PATCH 155/216] Rework linux command +Subject: [PATCH 155/227] Rework linux command We want a single buffer that contains the entire kernel image in order to perform a TPM measurement. Allocate one and copy the entire kernel into it diff --git a/0156-Rework-linux16-command.patch b/0156-Rework-linux16-command.patch index 8a327e6..ed902d3 100644 --- a/0156-Rework-linux16-command.patch +++ b/0156-Rework-linux16-command.patch @@ -1,7 +1,7 @@ From 7d6ce3346f32a67e07fd3fda9ad65ac76f600628 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Sun, 9 Aug 2015 16:20:58 -0700 -Subject: [PATCH 156/216] Rework linux16 command +Subject: [PATCH 156/227] Rework linux16 command We want a single buffer that contains the entire kernel image in order to perform a TPM measurement. Allocate one and copy the entire kernel int it diff --git a/0157-Make-grub-editenv-build-again.patch b/0157-Make-grub-editenv-build-again.patch index 1158cfc..8aa6a79 100644 --- a/0157-Make-grub-editenv-build-again.patch +++ b/0157-Make-grub-editenv-build-again.patch @@ -1,7 +1,7 @@ From 4e0105392434bac9f10ac79a820a69098abec2f5 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 4 Mar 2016 16:29:13 -0500 -Subject: [PATCH 157/216] Make grub-editenv build again. +Subject: [PATCH 157/227] Make grub-editenv build again. 36212460d3565b18439a3a8130b28e6c97702c6a split how some of the mkimage utility functions are defined, and they wind up being linked into diff --git a/0158-Fix-up-some-man-pages-rpmdiff-noticed.patch b/0158-Fix-up-some-man-pages-rpmdiff-noticed.patch index 84bedbe..26f7e6f 100644 --- a/0158-Fix-up-some-man-pages-rpmdiff-noticed.patch +++ b/0158-Fix-up-some-man-pages-rpmdiff-noticed.patch @@ -1,7 +1,7 @@ From 7779112786e3f892e05b9d293299dd7ef151d9dd Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 23 Sep 2014 09:58:49 -0400 -Subject: [PATCH 158/216] Fix up some man pages rpmdiff noticed. +Subject: [PATCH 158/227] Fix up some man pages rpmdiff noticed. --- configure.ac | 2 ++ diff --git a/0159-Re-work-some-intricacies-of-PE-loading.patch b/0159-Re-work-some-intricacies-of-PE-loading.patch index d778f3a..0a94794 100644 --- a/0159-Re-work-some-intricacies-of-PE-loading.patch +++ b/0159-Re-work-some-intricacies-of-PE-loading.patch @@ -1,7 +1,7 @@ From 9ca2908ab56bc32052b2f01bda6a35a190e39bae Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 9 Jun 2016 12:22:29 -0400 -Subject: [PATCH 159/216] Re-work some intricacies of PE loading. +Subject: [PATCH 159/227] Re-work some intricacies of PE loading. The PE spec is not a well written document, and awesomely every place where there's an ambiguous way to read something, Windows' bootmgfw.efi diff --git a/0160-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch b/0160-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch index 62ef4d4..daeca9a 100644 --- a/0160-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch +++ b/0160-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch @@ -1,7 +1,7 @@ From d8441e12feab1ae94f11849d1bcc5e73abb69231 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 10 Jun 2016 14:06:15 -0400 -Subject: [PATCH 160/216] Rework even more of efi chainload so non-sb cases +Subject: [PATCH 160/227] Rework even more of efi chainload so non-sb cases work right. This ensures that if shim protocol is not loaded, or is loaded but shim diff --git a/0161-linuxefi-fix-double-free-on-verification-failure.patch b/0161-linuxefi-fix-double-free-on-verification-failure.patch index 6c14d33..9dbaab6 100644 --- a/0161-linuxefi-fix-double-free-on-verification-failure.patch +++ b/0161-linuxefi-fix-double-free-on-verification-failure.patch @@ -1,7 +1,7 @@ From e432d9b485112f0d35fd623e4b2467a3d788a38f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Jun 2016 09:50:25 -0400 -Subject: [PATCH 161/216] linuxefi: fix double free on verification failure. +Subject: [PATCH 161/227] linuxefi: fix double free on verification failure. Signed-off-by: Peter Jones --- diff --git a/0162-fix-machine-type-test-in-30_os-prober.in.patch b/0162-fix-machine-type-test-in-30_os-prober.in.patch index 4e842de..1cc7170 100644 --- a/0162-fix-machine-type-test-in-30_os-prober.in.patch +++ b/0162-fix-machine-type-test-in-30_os-prober.in.patch @@ -1,7 +1,7 @@ From 33faccd6c6f23774bbbbc83731a712a7bed76c3f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 11 Jul 2016 13:36:45 -0400 -Subject: [PATCH 162/216] fix machine type test in 30_os-prober.in +Subject: [PATCH 162/227] fix machine type test in 30_os-prober.in Signed-off-by: Peter Jones --- diff --git a/0163-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch b/0163-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch index d1a1427..2f41f34 100644 --- a/0163-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch +++ b/0163-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch @@ -1,7 +1,7 @@ From ab9c2a7711858b2300abf802230c044db55c5171 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 21 Nov 2016 15:34:00 +0100 -Subject: [PATCH 163/216] efi/chainloader: fix wrong sanity check in +Subject: [PATCH 163/227] efi/chainloader: fix wrong sanity check in relocate_coff() In relocate_coff(), the relocation entries are parsed from the original diff --git a/0164-efi-chainloader-truncate-overlong-relocation-section.patch b/0164-efi-chainloader-truncate-overlong-relocation-section.patch index e510762..78eac3e 100644 --- a/0164-efi-chainloader-truncate-overlong-relocation-section.patch +++ b/0164-efi-chainloader-truncate-overlong-relocation-section.patch @@ -1,7 +1,7 @@ From 243bfac3395d76a7fc7344c5471e49ea41689233 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 23 Nov 2016 06:27:09 +0100 -Subject: [PATCH 164/216] efi/chainloader: truncate overlong relocation section +Subject: [PATCH 164/227] efi/chainloader: truncate overlong relocation section The UEFI Windows 7 boot loader ("EFI/Microsoft/Boot/bootmgfw.efi", SHA1 31b410e029bba87d2068c65a80b88882f9f8ea25) has inconsistent headers. diff --git a/0165-linuxefi-minor-cleanups.patch b/0165-linuxefi-minor-cleanups.patch index 70a1998..6d8cfed 100644 --- a/0165-linuxefi-minor-cleanups.patch +++ b/0165-linuxefi-minor-cleanups.patch @@ -1,7 +1,7 @@ From ea34d6d6755dcd818fe6e74526a58a4f818f711a Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Feb 2017 16:31:52 -0500 -Subject: [PATCH 165/216] linuxefi: minor cleanups +Subject: [PATCH 165/227] linuxefi: minor cleanups Signed-off-by: Peter Jones --- diff --git a/0166-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch b/0166-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch index 3efa07f..a1aba1c 100644 --- a/0166-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +++ b/0166-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch @@ -1,7 +1,7 @@ From 543b4c21f3bf43b8919bd4b47195ebb542b73733 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 14 Feb 2017 16:18:54 -0500 -Subject: [PATCH 166/216] Handle multi-arch (64-on-32) boot in linuxefi loader. +Subject: [PATCH 166/227] Handle multi-arch (64-on-32) boot in linuxefi loader. Allow booting 64-bit kernels on 32-bit EFI on x86. diff --git a/0167-Fix-up-linux-params-usage.patch b/0167-Fix-up-linux-params-usage.patch index d8f4d77..ea529de 100644 --- a/0167-Fix-up-linux-params-usage.patch +++ b/0167-Fix-up-linux-params-usage.patch @@ -1,7 +1,7 @@ From 02a30356c3a09ac0959abdc4a29b88a59e1f1ac1 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 30 May 2017 14:16:07 -0400 -Subject: [PATCH 167/216] Fix up linux params usage... +Subject: [PATCH 167/227] Fix up linux params usage... Signed-off-by: Peter Jones --- diff --git a/0168-Make-exit-take-a-return-code.patch b/0168-Make-exit-take-a-return-code.patch index 33595d9..a84a724 100644 --- a/0168-Make-exit-take-a-return-code.patch +++ b/0168-Make-exit-take-a-return-code.patch @@ -1,7 +1,7 @@ From 874de3a91070b6f056434f2fce48d778ff84c665 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 26 Feb 2014 21:49:12 -0500 -Subject: [PATCH 168/216] Make "exit" take a return code. +Subject: [PATCH 168/227] Make "exit" take a return code. This adds "exit" with a return code. With this patch, any "exit" command /may/ include a return code, and on platforms that support diff --git a/0169-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch b/0169-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch index a10b5d8..2653340 100644 --- a/0169-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch +++ b/0169-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch @@ -1,7 +1,7 @@ From a327d2275238e8dd54ec8599d2d158e9cdd7693c Mon Sep 17 00:00:00 2001 From: Mark Salter Date: Mon, 17 Apr 2017 08:44:29 -0400 -Subject: [PATCH 169/216] arm64: make sure fdt has #address-cells and +Subject: [PATCH 169/227] arm64: make sure fdt has #address-cells and #size-cells properties Recent upstream changes to kexec-tools relies on #address-cells diff --git a/0170-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch b/0170-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch index 060a958..1c25e9d 100644 --- a/0170-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch +++ b/0170-Add-some-grub_dprintf-in-the-secure-boot-verify-code.patch @@ -1,7 +1,7 @@ From 848a699f96e8529a30a47670051c5cb1f1a91d66 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 9 May 2016 14:15:17 -0400 -Subject: [PATCH 170/216] Add some grub_dprintf() in the secure boot verify +Subject: [PATCH 170/227] Add some grub_dprintf() in the secure boot verify code. Signed-off-by: Peter Jones diff --git a/0171-Make-our-info-pages-say-grub2-where-appropriate.patch b/0171-Make-our-info-pages-say-grub2-where-appropriate.patch index d2ce2fe..208a20c 100644 --- a/0171-Make-our-info-pages-say-grub2-where-appropriate.patch +++ b/0171-Make-our-info-pages-say-grub2-where-appropriate.patch @@ -1,7 +1,7 @@ From 004821d9e309f65e4ff533f66787663fe2a54eac Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 6 May 2016 18:43:08 -0400 -Subject: [PATCH 171/216] Make our info pages say "grub2" where appropriate. +Subject: [PATCH 171/227] Make our info pages say "grub2" where appropriate. This needs to be hooked up to --program-transform=, but I haven't had time. diff --git a/0172-print-more-debug-info-in-our-module-loader.patch b/0172-print-more-debug-info-in-our-module-loader.patch index 049a8e1..c4a9b74 100644 --- a/0172-print-more-debug-info-in-our-module-loader.patch +++ b/0172-print-more-debug-info-in-our-module-loader.patch @@ -1,7 +1,7 @@ From 6025b0afe64157eb922d562e85f1734b7ce800c9 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 1 May 2017 11:19:40 -0400 -Subject: [PATCH 172/216] print more debug info in our module loader. +Subject: [PATCH 172/227] print more debug info in our module loader. Signed-off-by: Peter Jones --- diff --git a/0173-macos-just-build-chainloader-entries-don-t-try-any-x.patch b/0173-macos-just-build-chainloader-entries-don-t-try-any-x.patch index 7aa12e8..4ab3340 100644 --- a/0173-macos-just-build-chainloader-entries-don-t-try-any-x.patch +++ b/0173-macos-just-build-chainloader-entries-don-t-try-any-x.patch @@ -1,7 +1,7 @@ From 21539770394174892fe90ab9ce09a4d9a7e2a676 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 24 May 2017 12:42:32 -0400 -Subject: [PATCH 173/216] macos: just build chainloader entries, don't try any +Subject: [PATCH 173/227] macos: just build chainloader entries, don't try any xnu xnu. Since our bugs tell us that the xnu boot entries really just don't work diff --git a/0174-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch b/0174-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch index 51e8b12..1d7a61b 100644 --- a/0174-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch +++ b/0174-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch @@ -1,7 +1,7 @@ From ba06fbb797dff2261df7d211484c98905447ddb6 Mon Sep 17 00:00:00 2001 From: Jeff Mahoney Date: Wed, 18 Dec 2013 09:57:04 +0000 -Subject: [PATCH 174/216] grub2/btrfs: Add ability to boot from subvolumes +Subject: [PATCH 174/227] grub2/btrfs: Add ability to boot from subvolumes This patch adds the ability to specify a different root on a btrfs filesystem too boot from other than the default one. diff --git a/0175-export-btrfs_subvol-and-btrfs_subvolid.patch b/0175-export-btrfs_subvol-and-btrfs_subvolid.patch index a4cbf11..cd92a44 100644 --- a/0175-export-btrfs_subvol-and-btrfs_subvolid.patch +++ b/0175-export-btrfs_subvol-and-btrfs_subvolid.patch @@ -1,7 +1,7 @@ From c2d51bfc2fedf707ec4bc8cca9a10cb1100c6888 Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Wed, 18 Dec 2013 09:57:04 +0000 -Subject: [PATCH 175/216] export btrfs_subvol and btrfs_subvolid +Subject: [PATCH 175/227] export btrfs_subvol and btrfs_subvolid We should export btrfs_subvol and btrfs_subvolid to have both visible to subsidiary configuration files loaded using configfile. diff --git a/0176-grub2-btrfs-03-follow_default.patch b/0176-grub2-btrfs-03-follow_default.patch index 9057bbe..557d085 100644 --- a/0176-grub2-btrfs-03-follow_default.patch +++ b/0176-grub2-btrfs-03-follow_default.patch @@ -1,7 +1,7 @@ From afc0024ac644e80552c808e8b8def04fd7f89918 Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH 176/216] grub2-btrfs-03-follow_default +Subject: [PATCH 176/227] grub2-btrfs-03-follow_default --- grub-core/fs/btrfs.c | 107 ++++++++++++++++++++++++++++++++++++--------------- diff --git a/0177-grub2-btrfs-04-grub2-install.patch b/0177-grub2-btrfs-04-grub2-install.patch index 536ec53..95d71cb 100644 --- a/0177-grub2-btrfs-04-grub2-install.patch +++ b/0177-grub2-btrfs-04-grub2-install.patch @@ -1,7 +1,7 @@ From a5cb6219b1f4abb50cbe0254ee6a2850e379854f Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH 177/216] grub2-btrfs-04-grub2-install +Subject: [PATCH 177/227] grub2-btrfs-04-grub2-install --- grub-core/osdep/linux/getroot.c | 7 +++++++ diff --git a/0178-grub2-btrfs-05-grub2-mkconfig.patch b/0178-grub2-btrfs-05-grub2-mkconfig.patch index 8407c35..f1c5f96 100644 --- a/0178-grub2-btrfs-05-grub2-mkconfig.patch +++ b/0178-grub2-btrfs-05-grub2-mkconfig.patch @@ -1,7 +1,7 @@ From 3312b0eab4773f09b00d294e3438d6cf881d62ef Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH 178/216] grub2-btrfs-05-grub2-mkconfig +Subject: [PATCH 178/227] grub2-btrfs-05-grub2-mkconfig --- util/grub-mkconfig.in | 3 ++- diff --git a/0179-grub2-btrfs-06-subvol-mount.patch b/0179-grub2-btrfs-06-subvol-mount.patch index b8f2445..356b448 100644 --- a/0179-grub2-btrfs-06-subvol-mount.patch +++ b/0179-grub2-btrfs-06-subvol-mount.patch @@ -1,7 +1,7 @@ From 421b1facc21a25ca28a48c9dd323c48c5ce8a46b Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Fri, 22 May 2015 11:45:25 +0000 -Subject: [PATCH 179/216] grub2-btrfs-06-subvol-mount +Subject: [PATCH 179/227] grub2-btrfs-06-subvol-mount --- grub-core/fs/btrfs.c | 195 +++++++++++++++++++++++++++++++++++++++- diff --git a/0180-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch b/0180-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch index 868d9c3..5ac77a5 100644 --- a/0180-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch +++ b/0180-No-more-Bootable-Snapshot-submenu-in-grub.cfg.patch @@ -1,7 +1,7 @@ From 1eeea190cf2e134fddb448c7b55e6c82697f3f72 Mon Sep 17 00:00:00 2001 From: Dusty Mabe Date: Sat, 18 Jul 2015 15:38:08 +0000 -Subject: [PATCH 180/216] No more "Bootable Snapshot" submenu in grub.cfg. +Subject: [PATCH 180/227] No more "Bootable Snapshot" submenu in grub.cfg. This breaks grubby (run on kernel upgrades) because grubby just does a search for "menuentry". diff --git a/0181-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch b/0181-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch index 2c93432..357d4ec 100644 --- a/0181-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch +++ b/0181-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch @@ -1,7 +1,7 @@ From 5f9e9d0d069b416175a2102edc574ffb9d523978 Mon Sep 17 00:00:00 2001 From: Andrei Borzenkov Date: Tue, 21 Jun 2016 16:44:17 +0000 -Subject: [PATCH 181/216] Fallback to old subvol name scheme to support old +Subject: [PATCH 181/227] Fallback to old subvol name scheme to support old snapshot config Ref: bsc#953538 diff --git a/0182-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch b/0182-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch index efa2eeb..218b281 100644 --- a/0182-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch +++ b/0182-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch @@ -1,7 +1,7 @@ From 158b6b3987ed402ddcb6d0568acbb60cc7a01aac Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 11 May 2017 08:56:57 +0000 -Subject: [PATCH 182/216] Grub not working correctly with btrfs snapshots +Subject: [PATCH 182/227] Grub not working correctly with btrfs snapshots (bsc#1026511) --- diff --git a/0183-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch b/0183-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch index 56c3b20..ba00ca7 100644 --- a/0183-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch +++ b/0183-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch @@ -1,7 +1,7 @@ From bdc07d05d0eeb39f0c90e7f8f6850016ebc4bf6b Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 1 Jun 2017 09:59:56 -0400 -Subject: [PATCH 183/216] Add grub_efi_allocate_pool() and grub_efi_free_pool() +Subject: [PATCH 183/227] Add grub_efi_allocate_pool() and grub_efi_free_pool() wrappers. Signed-off-by: Peter Jones diff --git a/0184-Use-grub_efi_.-memory-helpers-where-reasonable.patch b/0184-Use-grub_efi_.-memory-helpers-where-reasonable.patch index 9cb87b8..ba40b50 100644 --- a/0184-Use-grub_efi_.-memory-helpers-where-reasonable.patch +++ b/0184-Use-grub_efi_.-memory-helpers-where-reasonable.patch @@ -1,7 +1,7 @@ From 0e6c1a61c5a7c38bd04a0d494dade62bc2c8cd43 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 1 Jun 2017 10:06:38 -0400 -Subject: [PATCH 184/216] Use grub_efi_...() memory helpers where reasonable. +Subject: [PATCH 184/227] Use grub_efi_...() memory helpers where reasonable. This uses grub_efi_allocate_pool(), grub_efi_free_pool(), and grub_efi_free_pages() instead of open-coded efi_call_N() calls, so we diff --git a/0185-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch b/0185-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch index 5176b35..80e9c66 100644 --- a/0185-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +++ b/0185-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch @@ -1,7 +1,7 @@ From 4759e79a841a9d7eab743e67715459d3a864a29f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 1 Jun 2017 10:07:50 -0400 -Subject: [PATCH 185/216] Add PRIxGRUB_EFI_STATUS and use it. +Subject: [PATCH 185/227] Add PRIxGRUB_EFI_STATUS and use it. This avoids syntax checkers getting confused about if it's llx or lx. diff --git a/0186-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch b/0186-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch index e4bf900..e8f5939 100644 --- a/0186-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch +++ b/0186-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch @@ -1,7 +1,7 @@ From c7bb1be13a759a55216c99662d660614a161c37f Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 26 Jun 2017 12:42:57 -0400 -Subject: [PATCH 186/216] Don't use dynamic sized arrays since we don't build +Subject: [PATCH 186/227] Don't use dynamic sized arrays since we don't build with -std=c99 --- diff --git a/0187-don-t-ignore-const.patch b/0187-don-t-ignore-const.patch index fb0f0ca..5accfc6 100644 --- a/0187-don-t-ignore-const.patch +++ b/0187-don-t-ignore-const.patch @@ -1,7 +1,7 @@ From 3eb59abe528f660e24e004a99b86686ea2f022c5 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 26 Jun 2017 12:43:22 -0400 -Subject: [PATCH 187/216] don't ignore const +Subject: [PATCH 187/227] don't ignore const --- grub-core/net/tftp.c | 2 +- diff --git a/0188-don-t-use-int-for-efi-status.patch b/0188-don-t-use-int-for-efi-status.patch index 175d2ae..7726376 100644 --- a/0188-don-t-use-int-for-efi-status.patch +++ b/0188-don-t-use-int-for-efi-status.patch @@ -1,7 +1,7 @@ From d4517c646fb4617a9ac162489b2fbaf9c2fcdd7b Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 26 Jun 2017 12:44:59 -0400 -Subject: [PATCH 188/216] don't use int for efi status +Subject: [PATCH 188/227] don't use int for efi status --- grub-core/kern/efi/efi.c | 2 +- diff --git a/0189-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch b/0189-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch index ae68340..db6404e 100644 --- a/0189-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch +++ b/0189-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch @@ -1,7 +1,7 @@ From 72eb71bcadf8f35851b15632e8ef4ad1d0a64513 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 26 Jun 2017 12:46:23 -0400 -Subject: [PATCH 189/216] make GRUB_MOD_INIT() declare its function prototypes. +Subject: [PATCH 189/227] make GRUB_MOD_INIT() declare its function prototypes. --- include/grub/dl.h | 2 ++ diff --git a/0190-Clean-up-some-errors-in-the-linuxefi-loader.patch b/0190-Clean-up-some-errors-in-the-linuxefi-loader.patch index 1872186..72598ad 100644 --- a/0190-Clean-up-some-errors-in-the-linuxefi-loader.patch +++ b/0190-Clean-up-some-errors-in-the-linuxefi-loader.patch @@ -1,7 +1,7 @@ From e240faaa432ad7ba3f7ced51b983d8d663a83460 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 24 May 2017 15:58:18 -0400 -Subject: [PATCH 190/216] Clean up some errors in the linuxefi loader +Subject: [PATCH 190/227] Clean up some errors in the linuxefi loader Signed-off-by: Peter Jones --- diff --git a/0191-editenv-handle-relative-symlinks.patch b/0191-editenv-handle-relative-symlinks.patch index c1e28f9..7b06e66 100644 --- a/0191-editenv-handle-relative-symlinks.patch +++ b/0191-editenv-handle-relative-symlinks.patch @@ -1,7 +1,7 @@ From 9778fafba22ec67f97bb35a34980230966ebe0de Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Mon, 14 Aug 2017 14:37:20 -0400 -Subject: [PATCH 191/216] editenv: handle relative symlinks +Subject: [PATCH 191/227] editenv: handle relative symlinks Handle symlinks with targets relative to the containing dir. This ensures that the rename operation does not depend on the cwd. diff --git a/0192-Make-libgrub.pp-depend-on-config-util.h.patch b/0192-Make-libgrub.pp-depend-on-config-util.h.patch index 45f09b8..a488e43 100644 --- a/0192-Make-libgrub.pp-depend-on-config-util.h.patch +++ b/0192-Make-libgrub.pp-depend-on-config-util.h.patch @@ -1,7 +1,7 @@ From b8baf7070cc80fc44ee998a4748029c893f5ab13 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 23 Aug 2017 10:37:27 -0400 -Subject: [PATCH 192/216] Make libgrub.pp depend on config-util.h +Subject: [PATCH 192/227] Make libgrub.pp depend on config-util.h If you build with "make -j48" a lot, sometimes you see: diff --git a/0193-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch b/0193-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch index 44ff463..cb78302 100644 --- a/0193-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +++ b/0193-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch @@ -1,7 +1,7 @@ From 385f38332007339ac7dd3e3e551c54faa3c32dbc Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 20 Apr 2017 13:29:06 -0400 -Subject: [PATCH 193/216] Don't guess /boot/efi/ as HFS+ on ppc machines in +Subject: [PATCH 193/227] Don't guess /boot/efi/ as HFS+ on ppc machines in grub-install This should never be trying this, and since we've consolidated the diff --git a/0194-Fix-util-grub.d-20_linux_xen.in-Add-xen_boot-command.patch b/0194-Fix-util-grub.d-20_linux_xen.in-Add-xen_boot-command.patch index 786c7b1..4dad9f3 100644 --- a/0194-Fix-util-grub.d-20_linux_xen.in-Add-xen_boot-command.patch +++ b/0194-Fix-util-grub.d-20_linux_xen.in-Add-xen_boot-command.patch @@ -1,7 +1,7 @@ From 733966aa9d241a0987a7097eca74b0f58b426833 Mon Sep 17 00:00:00 2001 From: Konrad Rzeszutek Wilk Date: Mon, 28 Aug 2017 13:51:14 -0400 -Subject: [PATCH 194/216] Fix util/grub.d/20_linux_xen.in: Add xen_boot command +Subject: [PATCH 194/227] Fix util/grub.d/20_linux_xen.in: Add xen_boot command support for aarch64 Commit d33045ce7ffcb7c1e4a60c14d5ca64b36e3c5abe introduced diff --git a/0195-Use-grub-file-to-figure-out-whether-multiboot2-shoul.patch b/0195-Use-grub-file-to-figure-out-whether-multiboot2-shoul.patch index 6347704..b7bcc4e 100644 --- a/0195-Use-grub-file-to-figure-out-whether-multiboot2-shoul.patch +++ b/0195-Use-grub-file-to-figure-out-whether-multiboot2-shoul.patch @@ -1,7 +1,7 @@ From d592ef69ef92e3f7a414577af70678be706ff8c8 Mon Sep 17 00:00:00 2001 From: Konrad Rzeszutek Wilk Date: Mon, 28 Aug 2017 13:59:12 -0400 -Subject: [PATCH 195/216] Use grub-file to figure out whether multiboot2 should +Subject: [PATCH 195/227] Use grub-file to figure out whether multiboot2 should be used for Xen.gz The multiboot2 is much more preferable than multiboot. Especiall diff --git a/0196-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch b/0196-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch index 87dd3eb..78be849 100644 --- a/0196-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch +++ b/0196-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch @@ -1,7 +1,7 @@ From ae2759407aad1b5cfee90299ef0a6f53ca4d3d9a Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 19 Oct 2017 11:29:11 -0400 -Subject: [PATCH 196/216] 20_linux_xen: load xen or multiboot{,2} modules as +Subject: [PATCH 196/227] 20_linux_xen: load xen or multiboot{,2} modules as needed. Signed-off-by: Peter Jones diff --git a/0197-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch b/0197-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch index 063a550..5565777 100644 --- a/0197-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch +++ b/0197-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch @@ -1,7 +1,7 @@ From d88a8ff86cb9c360bc92b75db69e5024b1e814cc Mon Sep 17 00:00:00 2001 From: "David E. Box" Date: Fri, 15 Sep 2017 15:37:05 -0700 -Subject: [PATCH 197/216] tsc: Change default tsc calibration method to pmtimer +Subject: [PATCH 197/227] tsc: Change default tsc calibration method to pmtimer on EFI systems On efi systems, make pmtimer based tsc calibration the default over the diff --git a/0198-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch b/0198-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch index c465008..9344d76 100644 --- a/0198-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch +++ b/0198-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch @@ -1,7 +1,7 @@ From ee10486cadcae785711ccc7c46dac24a500be8fc Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 7 Nov 2017 17:12:17 -0500 -Subject: [PATCH 198/216] Make pmtimer tsc calibration not take 51 seconds to +Subject: [PATCH 198/227] Make pmtimer tsc calibration not take 51 seconds to fail. On my laptop running at 2.4GHz, if I run a VM where tsc calibration diff --git a/0199-align-struct-efi_variable-better.patch b/0199-align-struct-efi_variable-better.patch index 9fdcca5..f689b07 100644 --- a/0199-align-struct-efi_variable-better.patch +++ b/0199-align-struct-efi_variable-better.patch @@ -1,7 +1,7 @@ From cfcacf01ed042f6354c5d4249bdc6d883d04b330 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 27 Feb 2018 13:55:35 -0500 -Subject: [PATCH 199/216] align struct efi_variable better... +Subject: [PATCH 199/227] align struct efi_variable better... --- include/grub/efiemu/runtime.h | 2 +- diff --git a/0200-Add-quicksort-implementation.patch b/0200-Add-quicksort-implementation.patch index e7fa6a6..bfc6f9d 100644 --- a/0200-Add-quicksort-implementation.patch +++ b/0200-Add-quicksort-implementation.patch @@ -1,7 +1,7 @@ From f46dc44957a3a31a86a215d43f3971fa4ca97318 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 9 Dec 2016 15:39:47 -0500 -Subject: [PATCH 200/216] Add quicksort implementation +Subject: [PATCH 200/227] Add quicksort implementation This will be used to sort the boot menu entries that are read from the BootLoaderSpec config files. diff --git a/0201-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch b/0201-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch index 19527bf..0e30460 100644 --- a/0201-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch +++ b/0201-Add-blscfg-command-support-to-parse-BootLoaderSpec-c.patch @@ -1,7 +1,7 @@ From de3430a0a616a9600ccac0f0a9df661446661999 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 9 Dec 2016 15:40:58 -0500 -Subject: [PATCH 201/216] Add blscfg command support to parse BootLoaderSpec +Subject: [PATCH 201/227] Add blscfg command support to parse BootLoaderSpec config fragments The BootLoaderSpec (BLS) defines a scheme where different bootloaders can diff --git a/0202-Add-BLS-support-to-grub-mkconfig.patch b/0202-Add-BLS-support-to-grub-mkconfig.patch index bc9ddfb..831b04b 100644 --- a/0202-Add-BLS-support-to-grub-mkconfig.patch +++ b/0202-Add-BLS-support-to-grub-mkconfig.patch @@ -1,7 +1,7 @@ From 9baa7c16e5138497862eba684d2c41e5ed16e787 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 9 Dec 2016 15:40:29 -0500 -Subject: [PATCH 202/216] Add BLS support to grub-mkconfig +Subject: [PATCH 202/227] Add BLS support to grub-mkconfig GRUB now has BootLoaderSpec support, the user can choose to use this by setting GRUB_ENABLE_BLSCFG to true in /etc/default/grub. On this setup, diff --git a/0203-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch b/0203-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch index 8af7297..88a8d07 100644 --- a/0203-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch +++ b/0203-Remove-duplicated-grub_exit-definition-for-grub-emu-.patch @@ -1,7 +1,7 @@ From 206697fab4e803807a83f1f7f330d3d009aba2fd Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Tue, 6 Feb 2018 11:02:09 +0100 -Subject: [PATCH 203/216] Remove duplicated grub_exit() definition for grub-emu +Subject: [PATCH 203/227] Remove duplicated grub_exit() definition for grub-emu platform The grub_exit() function signature was changed on all platforms to take a diff --git a/0204-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch b/0204-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch index d239fbe..18a7427 100644 --- a/0204-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch +++ b/0204-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch @@ -1,7 +1,7 @@ From 37844213b374844bc1a4056712241cf6d9421880 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Tue, 6 Feb 2018 11:16:28 +0100 -Subject: [PATCH 204/216] Don't attempt to backtrace on grub_abort() for +Subject: [PATCH 204/227] Don't attempt to backtrace on grub_abort() for grub-emu The emu platform doesn't have a grub_backtrace() implementation, so this diff --git a/0205-Enable-blscfg-command-for-the-emu-platform.patch b/0205-Enable-blscfg-command-for-the-emu-platform.patch index 9406ff0..1bb7821 100644 --- a/0205-Enable-blscfg-command-for-the-emu-platform.patch +++ b/0205-Enable-blscfg-command-for-the-emu-platform.patch @@ -1,7 +1,7 @@ From 01839f5d2491ba1b5694d1c4b2f3c2818a2408ae Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Fri, 2 Feb 2018 11:36:29 +0100 -Subject: [PATCH 205/216] Enable blscfg command for the emu platform +Subject: [PATCH 205/227] Enable blscfg command for the emu platform Allow grub-emu to call a blscfg command. This may be useful for platforms that don't support GRUB, so grub-emu can be used to parse the BLS configs diff --git a/0206-Add-linux-and-initrd-commands-for-grub-emu.patch b/0206-Add-linux-and-initrd-commands-for-grub-emu.patch index fc21f69..3b08b26 100644 --- a/0206-Add-linux-and-initrd-commands-for-grub-emu.patch +++ b/0206-Add-linux-and-initrd-commands-for-grub-emu.patch @@ -1,7 +1,7 @@ From f1a8f489ec2cafdcfbdd3b60ffc7752bed8c8528 Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Tue, 6 Feb 2018 09:09:00 +0100 -Subject: [PATCH 206/216] Add linux and initrd commands for grub-emu +Subject: [PATCH 206/227] Add linux and initrd commands for grub-emu When using grub-emu, the linux and initrd commands are used as arguments to the kexec command line tool, to allow booting the selected menu entry. diff --git a/0207-Fix-the-efidir-in-grub-setpassword.patch b/0207-Fix-the-efidir-in-grub-setpassword.patch index fadd832..98accaa 100644 --- a/0207-Fix-the-efidir-in-grub-setpassword.patch +++ b/0207-Fix-the-efidir-in-grub-setpassword.patch @@ -1,7 +1,7 @@ From 3682958910d45a129f38cb1f28bc61288f92a698 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 15 Mar 2018 14:12:54 -0400 -Subject: [PATCH 207/216] Fix the efidir in grub-setpassword +Subject: [PATCH 207/227] Fix the efidir in grub-setpassword Signed-off-by: Peter Jones --- diff --git a/0208-Add-grub2-switch-to-blscfg.patch b/0208-Add-grub2-switch-to-blscfg.patch index 02ca4d7..3e4c835 100644 --- a/0208-Add-grub2-switch-to-blscfg.patch +++ b/0208-Add-grub2-switch-to-blscfg.patch @@ -1,7 +1,7 @@ From 95d9f5c317fb59dbb47c1df531fe5ab6f61e55af Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 15 Mar 2018 14:12:40 -0400 -Subject: [PATCH 208/216] Add grub2-switch-to-blscfg +Subject: [PATCH 208/227] Add grub2-switch-to-blscfg Signed-off-by: Peter Jones --- diff --git a/0209-Add-grub_debug_enabled.patch b/0209-Add-grub_debug_enabled.patch index 2313645..df29fc1 100644 --- a/0209-Add-grub_debug_enabled.patch +++ b/0209-Add-grub_debug_enabled.patch @@ -1,7 +1,7 @@ From 73a860b83bc81959baabceeec6e9a32102884a57 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 30 Nov 2017 15:11:39 -0500 -Subject: [PATCH 209/216] Add grub_debug_enabled() +Subject: [PATCH 209/227] Add grub_debug_enabled() --- grub-core/kern/misc.c | 21 ++++++++++++++++----- diff --git a/0210-make-better-backtraces.patch b/0210-make-better-backtraces.patch index e71be4c..eaed62c 100644 --- a/0210-make-better-backtraces.patch +++ b/0210-make-better-backtraces.patch @@ -1,7 +1,7 @@ From 775dacceb8acc4036737080040f592f48daeb6e8 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 6 Nov 2017 18:31:56 -0500 -Subject: [PATCH 210/216] make better backtraces +Subject: [PATCH 210/227] make better backtraces Signed-off-by: Peter Jones --- diff --git a/0211-normal-don-t-draw-our-startup-message-if-debug-is-se.patch b/0211-normal-don-t-draw-our-startup-message-if-debug-is-se.patch index eea8d96..bf6201c 100644 --- a/0211-normal-don-t-draw-our-startup-message-if-debug-is-se.patch +++ b/0211-normal-don-t-draw-our-startup-message-if-debug-is-se.patch @@ -1,7 +1,7 @@ From cc1566933cbc2d8d56aa77ab1ca8a15392ee0d42 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 9 Nov 2017 15:58:52 -0500 -Subject: [PATCH 211/216] normal: don't draw our startup message if debug is +Subject: [PATCH 211/227] normal: don't draw our startup message if debug is set --- diff --git a/0212-Work-around-some-minor-include-path-weirdnesses.patch b/0212-Work-around-some-minor-include-path-weirdnesses.patch index 749ad6b..2f96dc7 100644 --- a/0212-Work-around-some-minor-include-path-weirdnesses.patch +++ b/0212-Work-around-some-minor-include-path-weirdnesses.patch @@ -1,7 +1,7 @@ From 1829abfbbb0544a06973eaa76659a282aae8b32d Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 16 Mar 2018 13:28:57 -0400 -Subject: [PATCH 212/216] Work around some minor include path weirdnesses +Subject: [PATCH 212/227] Work around some minor include path weirdnesses Signed-off-by: Peter Jones --- diff --git a/0213-Make-it-possible-to-enabled-build-id-sha1.patch b/0213-Make-it-possible-to-enabled-build-id-sha1.patch index d3d2db4..8d2f1d0 100644 --- a/0213-Make-it-possible-to-enabled-build-id-sha1.patch +++ b/0213-Make-it-possible-to-enabled-build-id-sha1.patch @@ -1,7 +1,7 @@ From 8e15f2dce2f8b2bdcad2d35da4d068e8af44eb1d Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 25 Jun 2015 15:41:06 -0400 -Subject: [PATCH 213/216] Make it possible to enabled --build-id=sha1 +Subject: [PATCH 213/227] Make it possible to enabled --build-id=sha1 Signed-off-by: Peter Jones --- diff --git a/0214-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch b/0214-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch index fe60887..ce36533 100644 --- a/0214-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch +++ b/0214-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch @@ -1,7 +1,7 @@ From 29216d4ad0f75587c42274ebd63b8526fa9e815c Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Sun, 28 Jun 2015 13:09:58 -0400 -Subject: [PATCH 214/216] Add grub_qdprintf() - grub_dprintf() without the +Subject: [PATCH 214/227] Add grub_qdprintf() - grub_dprintf() without the file+line number. This just makes copy+paste of our debug loading info easier. diff --git a/0215-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch b/0215-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch index c219c0d..67802d0 100644 --- a/0215-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch +++ b/0215-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch @@ -1,7 +1,7 @@ From bc8e33848ee9888fd8b3aa61b4d3ecf9094356aa Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 25 Jun 2015 15:11:36 -0400 -Subject: [PATCH 215/216] Make a "gdb" dprintf that tells us load addresses. +Subject: [PATCH 215/227] Make a "gdb" dprintf that tells us load addresses. This makes a grub_dprintf() call during platform init and during module loading that tells us the virtual addresses of the .text and .data diff --git a/0216-Only-attempt-to-scan-different-BLS-directories-on-EF.patch b/0216-Only-attempt-to-scan-different-BLS-directories-on-EF.patch index 329df51..db9bb31 100644 --- a/0216-Only-attempt-to-scan-different-BLS-directories-on-EF.patch +++ b/0216-Only-attempt-to-scan-different-BLS-directories-on-EF.patch @@ -1,7 +1,7 @@ From 62b3c9bf77feda2ae595c5e811b3918d3bf990a4 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Tue, 3 Apr 2018 15:42:47 +0200 -Subject: [PATCH 216/216] Only attempt to scan different BLS directories on EFI +Subject: [PATCH 216/227] Only attempt to scan different BLS directories on EFI machines Current BLS support attempted to scan for BLS directories, but this only diff --git a/0217-Core-TPM-support.patch b/0217-Core-TPM-support.patch new file mode 100644 index 0000000..e63a607 --- /dev/null +++ b/0217-Core-TPM-support.patch @@ -0,0 +1,789 @@ +From 7f4bde559545d19352072829fb9267b916c60fa3 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Tue, 14 Jul 2015 17:06:35 -0700 +Subject: [PATCH 217/227] Core TPM support + +Add support for performing basic TPM measurements. Right now this only +supports extending PCRs statically and only on UEFI and BIOS systems, but +will measure all modules as they're loaded. +--- + grub-core/Makefile.core.def | 3 + + grub-core/kern/dl.c | 3 + + grub-core/kern/efi/tpm.c | 282 +++++++++++++++++++++++++++++++++++++++++++ + grub-core/kern/i386/pc/tpm.c | 132 ++++++++++++++++++++ + grub-core/kern/tpm.c | 13 ++ + include/grub/efi/tpm.h | 153 +++++++++++++++++++++++ + include/grub/tpm.h | 91 ++++++++++++++ + grub-core/Makefile.am | 1 + + 8 files changed, 678 insertions(+) + create mode 100644 grub-core/kern/efi/tpm.c + create mode 100644 grub-core/kern/i386/pc/tpm.c + create mode 100644 grub-core/kern/tpm.c + create mode 100644 include/grub/efi/tpm.h + create mode 100644 include/grub/tpm.h + +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index 77f0f3d8f46..51f07279d83 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -131,6 +131,7 @@ kernel = { + common = kern/term.c; + common = kern/qsort.c; + common = kern/backtrace.c; ++ common = kern/tpm.c; + + x86 = kern/i386/backtrace.c; + i386_xen = kern/i386/backtrace.c; +@@ -199,6 +200,7 @@ kernel = { + efi = kern/acpi.c; + efi = kern/efi/acpi.c; + efi = lib/envblk.c; ++ efi = kern/efi/tpm.c; + i386_coreboot = kern/i386/pc/acpi.c; + i386_multiboot = kern/i386/pc/acpi.c; + i386_coreboot = kern/acpi.c; +@@ -246,6 +248,7 @@ kernel = { + + i386_pc = kern/i386/pc/init.c; + i386_pc = kern/i386/pc/mmap.c; ++ i386_pc = kern/i386/pc/tpm.c; + i386_pc = term/i386/pc/console.c; + + i386_qemu = bus/pci.c; +diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c +index eb8b969cded..387d1e6446d 100644 +--- a/grub-core/kern/dl.c ++++ b/grub-core/kern/dl.c +@@ -33,6 +33,7 @@ + #include + #include + #include ++#include + + /* Platforms where modules are in a readonly area of memory. */ + #if defined(GRUB_MACHINE_QEMU) +@@ -829,6 +830,8 @@ grub_dl_load_file (const char *filename) + opens of the same device. */ + grub_file_close (file); + ++ grub_tpm_measure(core, size, GRUB_TPM_PCR, filename); ++ + mod = grub_dl_load_core (core, size); + grub_free (core); + if (! mod) +diff --git a/grub-core/kern/efi/tpm.c b/grub-core/kern/efi/tpm.c +new file mode 100644 +index 00000000000..c9fb3c133f3 +--- /dev/null ++++ b/grub-core/kern/efi/tpm.c +@@ -0,0 +1,282 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static grub_efi_guid_t tpm_guid = EFI_TPM_GUID; ++static grub_efi_guid_t tpm2_guid = EFI_TPM2_GUID; ++ ++static grub_efi_boolean_t grub_tpm_present(grub_efi_tpm_protocol_t *tpm) ++{ ++ grub_efi_status_t status; ++ TCG_EFI_BOOT_SERVICE_CAPABILITY caps; ++ grub_uint32_t flags; ++ grub_efi_physical_address_t eventlog, lastevent; ++ ++ caps.Size = (grub_uint8_t)sizeof(caps); ++ ++ status = efi_call_5(tpm->status_check, tpm, &caps, &flags, &eventlog, ++ &lastevent); ++ ++ if (status != GRUB_EFI_SUCCESS || caps.TPMDeactivatedFlag ++ || !caps.TPMPresentFlag) ++ return 0; ++ ++ return 1; ++} ++ ++static grub_efi_boolean_t grub_tpm2_present(grub_efi_tpm2_protocol_t *tpm) ++{ ++ grub_efi_status_t status; ++ EFI_TCG2_BOOT_SERVICE_CAPABILITY caps; ++ ++ caps.Size = (grub_uint8_t)sizeof(caps); ++ ++ status = efi_call_2(tpm->get_capability, tpm, &caps); ++ ++ if (status != GRUB_EFI_SUCCESS || !caps.TPMPresentFlag) ++ return 0; ++ ++ return 1; ++} ++ ++static grub_efi_boolean_t grub_tpm_handle_find(grub_efi_handle_t *tpm_handle, ++ grub_efi_uint8_t *protocol_version) ++{ ++ grub_efi_handle_t *handles; ++ grub_efi_uintn_t num_handles; ++ ++ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm_guid, NULL, ++ &num_handles); ++ if (handles && num_handles > 0) { ++ *tpm_handle = handles[0]; ++ *protocol_version = 1; ++ return 1; ++ } ++ ++ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm2_guid, NULL, ++ &num_handles); ++ if (handles && num_handles > 0) { ++ *tpm_handle = handles[0]; ++ *protocol_version = 2; ++ return 1; ++ } ++ ++ return 0; ++} ++ ++static grub_err_t ++grub_tpm1_execute(grub_efi_handle_t tpm_handle, ++ PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf) ++{ ++ grub_efi_status_t status; ++ grub_efi_tpm_protocol_t *tpm; ++ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn); ++ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut); ++ ++ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid, ++ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); ++ ++ if (!grub_tpm_present(tpm)) ++ return 0; ++ ++ /* UEFI TPM protocol takes the raw operand block, no param block header */ ++ status = efi_call_5 (tpm->pass_through_to_tpm, tpm, ++ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn, ++ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut); ++ ++ switch (status) { ++ case GRUB_EFI_SUCCESS: ++ return 0; ++ case GRUB_EFI_DEVICE_ERROR: ++ return grub_error (GRUB_ERR_IO, N_("Command failed")); ++ case GRUB_EFI_INVALID_PARAMETER: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter")); ++ case GRUB_EFI_BUFFER_TOO_SMALL: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small")); ++ case GRUB_EFI_NOT_FOUND: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); ++ default: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); ++ } ++} ++ ++static grub_err_t ++grub_tpm2_execute(grub_efi_handle_t tpm_handle, ++ PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf) ++{ ++ grub_efi_status_t status; ++ grub_efi_tpm2_protocol_t *tpm; ++ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn); ++ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut); ++ ++ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid, ++ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); ++ ++ if (!grub_tpm2_present(tpm)) ++ return 0; ++ ++ /* UEFI TPM protocol takes the raw operand block, no param block header */ ++ status = efi_call_5 (tpm->submit_command, tpm, ++ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn, ++ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut); ++ ++ switch (status) { ++ case GRUB_EFI_SUCCESS: ++ return 0; ++ case GRUB_EFI_DEVICE_ERROR: ++ return grub_error (GRUB_ERR_IO, N_("Command failed")); ++ case GRUB_EFI_INVALID_PARAMETER: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter")); ++ case GRUB_EFI_BUFFER_TOO_SMALL: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small")); ++ case GRUB_EFI_NOT_FOUND: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); ++ default: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); ++ } ++} ++ ++grub_err_t ++grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf) ++{ ++ grub_efi_handle_t tpm_handle; ++ grub_uint8_t protocol_version; ++ ++ /* It's not a hard failure for there to be no TPM */ ++ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version)) ++ return 0; ++ ++ if (protocol_version == 1) { ++ return grub_tpm1_execute(tpm_handle, inbuf, outbuf); ++ } else { ++ return grub_tpm2_execute(tpm_handle, inbuf, outbuf); ++ } ++} ++ ++typedef struct { ++ grub_uint32_t pcrindex; ++ grub_uint32_t eventtype; ++ grub_uint8_t digest[20]; ++ grub_uint32_t eventsize; ++ grub_uint8_t event[1]; ++} Event; ++ ++ ++static grub_err_t ++grub_tpm1_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf, ++ grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ Event *event; ++ grub_efi_status_t status; ++ grub_efi_tpm_protocol_t *tpm; ++ grub_efi_physical_address_t lastevent; ++ grub_uint32_t algorithm; ++ grub_uint32_t eventnum = 0; ++ ++ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid, ++ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); ++ ++ if (!grub_tpm_present(tpm)) ++ return 0; ++ ++ event = grub_zalloc(sizeof (Event) + grub_strlen(description) + 1); ++ if (!event) ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ N_("cannot allocate TPM event buffer")); ++ ++ event->pcrindex = pcr; ++ event->eventtype = EV_IPL; ++ event->eventsize = grub_strlen(description) + 1; ++ grub_memcpy(event->event, description, event->eventsize); ++ ++ algorithm = TCG_ALG_SHA; ++ status = efi_call_7 (tpm->log_extend_event, tpm, buf, (grub_uint64_t) size, ++ algorithm, event, &eventnum, &lastevent); ++ ++ switch (status) { ++ case GRUB_EFI_SUCCESS: ++ return 0; ++ case GRUB_EFI_DEVICE_ERROR: ++ return grub_error (GRUB_ERR_IO, N_("Command failed")); ++ case GRUB_EFI_INVALID_PARAMETER: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter")); ++ case GRUB_EFI_BUFFER_TOO_SMALL: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small")); ++ case GRUB_EFI_NOT_FOUND: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); ++ default: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); ++ } ++} ++ ++static grub_err_t ++grub_tpm2_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf, ++ grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ EFI_TCG2_EVENT *event; ++ grub_efi_status_t status; ++ grub_efi_tpm2_protocol_t *tpm; ++ ++ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid, ++ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); ++ ++ if (!grub_tpm2_present(tpm)) ++ return 0; ++ ++ event = grub_zalloc(sizeof (EFI_TCG2_EVENT) + grub_strlen(description) + 1); ++ if (!event) ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ N_("cannot allocate TPM event buffer")); ++ ++ event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER); ++ event->Header.HeaderVersion = 1; ++ event->Header.PCRIndex = pcr; ++ event->Header.EventType = EV_IPL; ++ event->Size = sizeof(*event) - sizeof(event->Event) + grub_strlen(description) + 1; ++ grub_memcpy(event->Event, description, grub_strlen(description) + 1); ++ ++ status = efi_call_5 (tpm->hash_log_extend_event, tpm, 0, buf, ++ (grub_uint64_t) size, event); ++ ++ switch (status) { ++ case GRUB_EFI_SUCCESS: ++ return 0; ++ case GRUB_EFI_DEVICE_ERROR: ++ return grub_error (GRUB_ERR_IO, N_("Command failed")); ++ case GRUB_EFI_INVALID_PARAMETER: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter")); ++ case GRUB_EFI_BUFFER_TOO_SMALL: ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small")); ++ case GRUB_EFI_NOT_FOUND: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable")); ++ default: ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error")); ++ } ++} ++ ++grub_err_t ++grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ grub_efi_handle_t tpm_handle; ++ grub_efi_uint8_t protocol_version; ++ ++ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version)) ++ return 0; ++ ++ if (protocol_version == 1) { ++ return grub_tpm1_log_event(tpm_handle, buf, size, pcr, description); ++ } else { ++ return grub_tpm2_log_event(tpm_handle, buf, size, pcr, description); ++ } ++} +diff --git a/grub-core/kern/i386/pc/tpm.c b/grub-core/kern/i386/pc/tpm.c +new file mode 100644 +index 00000000000..8c6c1e6ece2 +--- /dev/null ++++ b/grub-core/kern/i386/pc/tpm.c +@@ -0,0 +1,132 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define TCPA_MAGIC 0x41504354 ++ ++int tpm_present(void); ++ ++int tpm_present(void) ++{ ++ struct grub_bios_int_registers regs; ++ ++ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT; ++ regs.eax = 0xbb00; ++ regs.ebx = TCPA_MAGIC; ++ grub_bios_interrupt (0x1a, ®s); ++ ++ if (regs.eax == 0) ++ return 1; ++ ++ return 0; ++} ++ ++grub_err_t ++grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf) ++{ ++ struct grub_bios_int_registers regs; ++ grub_addr_t inaddr, outaddr; ++ ++ if (!tpm_present()) ++ return 0; ++ ++ inaddr = (grub_addr_t) inbuf; ++ outaddr = (grub_addr_t) outbuf; ++ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT; ++ regs.eax = 0xbb02; ++ regs.ebx = TCPA_MAGIC; ++ regs.ecx = 0; ++ regs.edx = 0; ++ regs.es = (inaddr & 0xffff0000) >> 4; ++ regs.edi = inaddr & 0xffff; ++ regs.ds = outaddr >> 4; ++ regs.esi = outaddr & 0xf; ++ ++ grub_bios_interrupt (0x1a, ®s); ++ ++ if (regs.eax) ++ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax); ++ ++ return 0; ++} ++ ++typedef struct { ++ grub_uint32_t pcrindex; ++ grub_uint32_t eventtype; ++ grub_uint8_t digest[20]; ++ grub_uint32_t eventdatasize; ++ grub_uint8_t event[0]; ++} GRUB_PACKED Event; ++ ++typedef struct { ++ grub_uint16_t ipblength; ++ grub_uint16_t reserved; ++ grub_uint32_t hashdataptr; ++ grub_uint32_t hashdatalen; ++ grub_uint32_t pcr; ++ grub_uint32_t reserved2; ++ grub_uint32_t logdataptr; ++ grub_uint32_t logdatalen; ++} GRUB_PACKED EventIncoming; ++ ++typedef struct { ++ grub_uint16_t opblength; ++ grub_uint16_t reserved; ++ grub_uint32_t eventnum; ++ grub_uint8_t hashvalue[20]; ++} GRUB_PACKED EventOutgoing; ++ ++grub_err_t ++grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ struct grub_bios_int_registers regs; ++ EventIncoming incoming; ++ EventOutgoing outgoing; ++ Event *event; ++ grub_uint32_t datalength; ++ ++ if (!tpm_present()) ++ return 0; ++ ++ datalength = grub_strlen(description); ++ event = grub_zalloc(datalength + sizeof(Event)); ++ if (!event) ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ N_("cannot allocate TPM event buffer")); ++ ++ event->pcrindex = pcr; ++ event->eventtype = 0x0d; ++ event->eventdatasize = grub_strlen(description); ++ grub_memcpy(event->event, description, datalength); ++ ++ incoming.ipblength = sizeof(incoming); ++ incoming.hashdataptr = (grub_uint32_t)buf; ++ incoming.hashdatalen = size; ++ incoming.pcr = pcr; ++ incoming.logdataptr = (grub_uint32_t)event; ++ incoming.logdatalen = datalength + sizeof(Event); ++ ++ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT; ++ regs.eax = 0xbb01; ++ regs.ebx = TCPA_MAGIC; ++ regs.ecx = 0; ++ regs.edx = 0; ++ regs.es = (((grub_addr_t) &incoming) & 0xffff0000) >> 4; ++ regs.edi = ((grub_addr_t) &incoming) & 0xffff; ++ regs.ds = (((grub_addr_t) &outgoing) & 0xffff0000) >> 4; ++ regs.esi = ((grub_addr_t) &outgoing) & 0xffff; ++ ++ grub_bios_interrupt (0x1a, ®s); ++ ++ grub_free(event); ++ ++ if (regs.eax) ++ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax); ++ ++ return 0; ++} +diff --git a/grub-core/kern/tpm.c b/grub-core/kern/tpm.c +new file mode 100644 +index 00000000000..1a991876c83 +--- /dev/null ++++ b/grub-core/kern/tpm.c +@@ -0,0 +1,13 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++grub_err_t ++grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ return grub_tpm_log_event(buf, size, pcr, description); ++} +diff --git a/include/grub/efi/tpm.h b/include/grub/efi/tpm.h +new file mode 100644 +index 00000000000..e2aff4a3c22 +--- /dev/null ++++ b/include/grub/efi/tpm.h +@@ -0,0 +1,153 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2015 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#ifndef GRUB_EFI_TPM_HEADER ++#define GRUB_EFI_TPM_HEADER 1 ++ ++#define EFI_TPM_GUID {0xf541796d, 0xa62e, 0x4954, {0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd }}; ++#define EFI_TPM2_GUID {0x607f766c, 0x7455, 0x42be, {0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }}; ++ ++typedef struct { ++ grub_efi_uint8_t Major; ++ grub_efi_uint8_t Minor; ++ grub_efi_uint8_t RevMajor; ++ grub_efi_uint8_t RevMinor; ++} TCG_VERSION; ++ ++typedef struct _TCG_EFI_BOOT_SERVICE_CAPABILITY { ++ grub_efi_uint8_t Size; /// Size of this structure. ++ TCG_VERSION StructureVersion; ++ TCG_VERSION ProtocolSpecVersion; ++ grub_efi_uint8_t HashAlgorithmBitmap; /// Hash algorithms . ++ char TPMPresentFlag; /// 00h = TPM not present. ++ char TPMDeactivatedFlag; /// 01h = TPM currently deactivated. ++} TCG_EFI_BOOT_SERVICE_CAPABILITY; ++ ++typedef struct { ++ grub_efi_uint32_t PCRIndex; ++ grub_efi_uint32_t EventType; ++ grub_efi_uint8_t digest[20]; ++ grub_efi_uint32_t EventSize; ++ grub_efi_uint8_t Event[1]; ++} TCG_PCR_EVENT; ++ ++struct grub_efi_tpm_protocol ++{ ++ grub_efi_status_t (*status_check) (struct grub_efi_tpm_protocol *this, ++ TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability, ++ grub_efi_uint32_t *TCGFeatureFlags, ++ grub_efi_physical_address_t *EventLogLocation, ++ grub_efi_physical_address_t *EventLogLastEntry); ++ grub_efi_status_t (*hash_all) (struct grub_efi_tpm_protocol *this, ++ grub_efi_uint8_t *HashData, ++ grub_efi_uint64_t HashLen, ++ grub_efi_uint32_t AlgorithmId, ++ grub_efi_uint64_t *HashedDataLen, ++ grub_efi_uint8_t **HashedDataResult); ++ grub_efi_status_t (*log_event) (struct grub_efi_tpm_protocol *this, ++ TCG_PCR_EVENT *TCGLogData, ++ grub_efi_uint32_t *EventNumber, ++ grub_efi_uint32_t Flags); ++ grub_efi_status_t (*pass_through_to_tpm) (struct grub_efi_tpm_protocol *this, ++ grub_efi_uint32_t TpmInputParameterBlockSize, ++ grub_efi_uint8_t *TpmInputParameterBlock, ++ grub_efi_uint32_t TpmOutputParameterBlockSize, ++ grub_efi_uint8_t *TpmOutputParameterBlock); ++ grub_efi_status_t (*log_extend_event) (struct grub_efi_tpm_protocol *this, ++ grub_efi_physical_address_t HashData, ++ grub_efi_uint64_t HashDataLen, ++ grub_efi_uint32_t AlgorithmId, ++ TCG_PCR_EVENT *TCGLogData, ++ grub_efi_uint32_t *EventNumber, ++ grub_efi_physical_address_t *EventLogLastEntry); ++}; ++ ++typedef struct grub_efi_tpm_protocol grub_efi_tpm_protocol_t; ++ ++typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_BITMAP; ++typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_FORMAT; ++typedef grub_efi_uint32_t EFI_TCG2_EVENT_ALGORITHM_BITMAP; ++ ++typedef struct tdEFI_TCG2_VERSION { ++ grub_efi_uint8_t Major; ++ grub_efi_uint8_t Minor; ++} GRUB_PACKED EFI_TCG2_VERSION; ++ ++typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY { ++ grub_efi_uint8_t Size; ++ EFI_TCG2_VERSION StructureVersion; ++ EFI_TCG2_VERSION ProtocolVersion; ++ EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap; ++ EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs; ++ grub_efi_boolean_t TPMPresentFlag; ++ grub_efi_uint16_t MaxCommandSize; ++ grub_efi_uint16_t MaxResponseSize; ++ grub_efi_uint32_t ManufacturerID; ++ grub_efi_uint32_t NumberOfPcrBanks; ++ EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks; ++} EFI_TCG2_BOOT_SERVICE_CAPABILITY; ++ ++typedef grub_efi_uint32_t TCG_PCRINDEX; ++typedef grub_efi_uint32_t TCG_EVENTTYPE; ++ ++typedef struct tdEFI_TCG2_EVENT_HEADER { ++ grub_efi_uint32_t HeaderSize; ++ grub_efi_uint16_t HeaderVersion; ++ TCG_PCRINDEX PCRIndex; ++ TCG_EVENTTYPE EventType; ++} GRUB_PACKED EFI_TCG2_EVENT_HEADER; ++ ++typedef struct tdEFI_TCG2_EVENT { ++ grub_efi_uint32_t Size; ++ EFI_TCG2_EVENT_HEADER Header; ++ grub_efi_uint8_t Event[1]; ++} GRUB_PACKED EFI_TCG2_EVENT; ++ ++struct grub_efi_tpm2_protocol ++{ ++ grub_efi_status_t (*get_capability) (struct grub_efi_tpm2_protocol *this, ++ EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability); ++ grub_efi_status_t (*get_event_log) (struct grub_efi_tpm2_protocol *this, ++ EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat, ++ grub_efi_physical_address_t *EventLogLocation, ++ grub_efi_physical_address_t *EventLogLastEntry, ++ grub_efi_boolean_t *EventLogTruncated); ++ grub_efi_status_t (*hash_log_extend_event) (struct grub_efi_tpm2_protocol *this, ++ grub_efi_uint64_t Flags, ++ grub_efi_physical_address_t *DataToHash, ++ grub_efi_uint64_t DataToHashLen, ++ EFI_TCG2_EVENT *EfiTcgEvent); ++ grub_efi_status_t (*submit_command) (struct grub_efi_tpm2_protocol *this, ++ grub_efi_uint32_t InputParameterBlockSize, ++ grub_efi_uint8_t *InputParameterBlock, ++ grub_efi_uint32_t OutputParameterBlockSize, ++ grub_efi_uint8_t *OutputParameterBlock); ++ grub_efi_status_t (*get_active_pcr_blanks) (struct grub_efi_tpm2_protocol *this, ++ grub_efi_uint32_t *ActivePcrBanks); ++ grub_efi_status_t (*set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this, ++ grub_efi_uint32_t ActivePcrBanks); ++ grub_efi_status_t (*get_result_of_set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this, ++ grub_efi_uint32_t *OperationPresent, ++ grub_efi_uint32_t *Response); ++}; ++ ++typedef struct grub_efi_tpm2_protocol grub_efi_tpm2_protocol_t; ++ ++#define TCG_ALG_SHA 0x00000004 ++ ++#endif +diff --git a/include/grub/tpm.h b/include/grub/tpm.h +new file mode 100644 +index 00000000000..40d3cf65ba6 +--- /dev/null ++++ b/include/grub/tpm.h +@@ -0,0 +1,91 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2015 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#ifndef GRUB_TPM_HEADER ++#define GRUB_TPM_HEADER 1 ++ ++#define SHA1_DIGEST_SIZE 20 ++ ++#define TPM_BASE 0x0 ++#define TPM_SUCCESS TPM_BASE ++#define TPM_AUTHFAIL (TPM_BASE + 0x1) ++#define TPM_BADINDEX (TPM_BASE + 0x2) ++ ++#define GRUB_TPM_PCR 9 ++#define GRUB_KERNEL_PCR 10 ++#define GRUB_INITRD_PCR 11 ++#define GRUB_CMDLINE_PCR 12 ++ ++#define TPM_TAG_RQU_COMMAND 0x00C1 ++#define TPM_ORD_Extend 0x14 ++ ++#define EV_IPL 0x0d ++ ++/* TCG_PassThroughToTPM Input Parameter Block */ ++typedef struct { ++ grub_uint16_t IPBLength; ++ grub_uint16_t Reserved1; ++ grub_uint16_t OPBLength; ++ grub_uint16_t Reserved2; ++ grub_uint8_t TPMOperandIn[1]; ++} GRUB_PACKED PassThroughToTPM_InputParamBlock; ++ ++/* TCG_PassThroughToTPM Output Parameter Block */ ++typedef struct { ++ grub_uint16_t OPBLength; ++ grub_uint16_t Reserved; ++ grub_uint8_t TPMOperandOut[1]; ++} GRUB_PACKED PassThroughToTPM_OutputParamBlock; ++ ++typedef struct { ++ grub_uint16_t tag; ++ grub_uint32_t paramSize; ++ grub_uint32_t ordinal; ++ grub_uint32_t pcrNum; ++ grub_uint8_t inDigest[SHA1_DIGEST_SIZE]; /* The 160 bit value representing the event to be recorded. */ ++} GRUB_PACKED ExtendIncoming; ++ ++/* TPM_Extend Outgoing Operand */ ++typedef struct { ++ grub_uint16_t tag; ++ grub_uint32_t paramSize; ++ grub_uint32_t returnCode; ++ grub_uint8_t outDigest[SHA1_DIGEST_SIZE]; /* The PCR value after execution of the command. */ ++} GRUB_PACKED ExtendOutgoing; ++ ++grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size, ++ grub_uint8_t pcr, ++ const char *description); ++#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_PCBIOS) ++grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf); ++grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size, ++ grub_uint8_t pcr, const char *description); ++#else ++static inline grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, ++ PassThroughToTPM_OutputParamBlock *outbuf) { return 0; }; ++static inline grub_err_t grub_tpm_log_event(unsigned char *buf, ++ grub_size_t size, ++ grub_uint8_t pcr, ++ const char *description) ++{ ++ return 0; ++}; ++#endif ++ ++#endif +diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am +index 5c7a2c8f808..84b076962d8 100644 +--- a/grub-core/Makefile.am ++++ b/grub-core/Makefile.am +@@ -94,6 +94,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/term.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/time.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/mm_private.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/net.h ++KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/tpm.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/memory.h + + if COND_i386_pc +-- +2.15.0 + diff --git a/0218-Measure-kernel-initrd.patch b/0218-Measure-kernel-initrd.patch new file mode 100644 index 0000000..02a039c --- /dev/null +++ b/0218-Measure-kernel-initrd.patch @@ -0,0 +1,42 @@ +From 556a7abe5d08b3b7b2d8446759587b17337fe9c9 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 16 Jul 2015 15:22:34 -0700 +Subject: [PATCH 218/227] Measure kernel + initrd + +Measure the kernel and initrd when loaded on UEFI systems +--- + grub-core/loader/i386/efi/linux.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 6db5d0bf3a0..48febdc8100 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -132,6 +133,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), + argv[i]); + goto fail; + } ++ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "UEFI Linux initrd"); + ptr += cursize; + grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); + ptr += ALIGN_UP_OVERHEAD (cursize, 4); +@@ -196,6 +198,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_tpm_measure (kernel, filelen, GRUB_KERNEL_PCR, "UEFI Linux kernel"); ++ + rc = grub_linuxefi_secure_validate (kernel, filelen); + if (rc < 0) + { +-- +2.15.0 + diff --git a/0219-Add-BIOS-boot-measurement.patch b/0219-Add-BIOS-boot-measurement.patch new file mode 100644 index 0000000..22e73d3 --- /dev/null +++ b/0219-Add-BIOS-boot-measurement.patch @@ -0,0 +1,179 @@ +From 8390e231d322fd94f7a8223f140c4bc5de2ba56f Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Sun, 9 Aug 2015 15:48:51 -0700 +Subject: [PATCH 219/227] Add BIOS boot measurement + +Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware +can't do this stage for us. +--- + grub-core/boot/i386/pc/boot.S | 30 +++++++++++++++++++++++++- + grub-core/boot/i386/pc/diskboot.S | 44 +++++++++++++++++++++++++++++++++++++++ + 2 files changed, 73 insertions(+), 1 deletion(-) + +diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S +index ea167fe1206..c1df86dec0b 100644 +--- a/grub-core/boot/i386/pc/boot.S ++++ b/grub-core/boot/i386/pc/boot.S +@@ -24,11 +24,14 @@ + * defines for the code go here + */ + ++#define TPM 1 ++ + /* Print message string */ + #define MSG(x) movw $x, %si; call LOCAL(message) + #define ERR(x) movw $x, %si; jmp LOCAL(error_message) + + .macro floppy ++#ifndef TPM + part_start: + + LOCAL(probe_values): +@@ -85,6 +88,7 @@ fd_probe_error_string: .asciz "Floppy" + movb MACRO_DOLLAR(79), %ch + + jmp LOCAL(final_init) ++#endif + .endm + + .macro scratch +@@ -252,6 +256,7 @@ real_start: + /* set %si to the disk address packet */ + movw $disk_address_packet, %si + ++#ifndef TPM + /* check if LBA is supported */ + movb $0x41, %ah + movw $0x55aa, %bx +@@ -271,6 +276,7 @@ real_start: + + andw $1, %cx + jz LOCAL(chs_mode) ++#endif + + LOCAL(lba_mode): + xorw %ax, %ax +@@ -314,6 +320,9 @@ LOCAL(lba_mode): + jmp LOCAL(copy_buffer) + + LOCAL(chs_mode): ++#ifdef TPM ++ jmp LOCAL(general_error) ++#else + /* + * Determine the hard disk geometry from the BIOS! + * We do this first, so that LS-120 IDE floppies work correctly. +@@ -425,7 +434,7 @@ setup_sectors: + jc LOCAL(read_error) + + movw %es, %bx +- ++#endif /* TPM */ + LOCAL(copy_buffer): + /* + * We need to save %cx and %si because the startup code in +@@ -448,6 +457,25 @@ LOCAL(copy_buffer): + popw %ds + popa + ++#ifdef TPM ++ pusha ++ ++ movw $0xBB00, %ax /* TCG_StatusCheck */ ++ int $0x1A ++ test %eax, %eax ++ jnz boot /* No TPM or TPM deactivated */ ++ ++ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */ ++ movw $GRUB_BOOT_MACHINE_KERNEL_ADDR, %di ++ xorl %esi, %esi ++ movl $0x41504354, %ebx /* TCPA */ ++ movl $0x200, %ecx /* Measure 512 bytes */ ++ movl $0x8, %edx /* PCR 8 */ ++ int $0x1A ++ ++ popa ++#endif ++boot: + /* boot kernel */ + jmp *(LOCAL(kernel_address)) + +diff --git a/grub-core/boot/i386/pc/diskboot.S b/grub-core/boot/i386/pc/diskboot.S +index c8b87ed293c..05dd7fa701c 100644 +--- a/grub-core/boot/i386/pc/diskboot.S ++++ b/grub-core/boot/i386/pc/diskboot.S +@@ -19,6 +19,8 @@ + #include + #include + ++#define TPM 1 ++ + /* + * defines for the code go here + */ +@@ -53,6 +55,21 @@ _start: + /* this sets up for the first run through "bootloop" */ + movw $LOCAL(firstlist), %di + ++#ifdef TPM ++ /* clear EAX to remove potential garbage */ ++ xorl %eax, %eax ++ /* 8(%di) = number of sectors to read */ ++ movw 8(%di), %ax ++ ++ /* Multiply number of sectors to read with 512 bytes. EAX is 32bit ++ * which is large enough to hold values of up to 4GB. I doubt there ++ * will ever be a core.img larger than that. ;-) */ ++ shll $9, %eax ++ ++ /* write result to bytes_to_measure var */ ++ movl %eax, bytes_to_measure ++#endif ++ + /* save the sector number of the second sector in %ebp */ + movl (%di), %ebp + +@@ -290,6 +307,29 @@ LOCAL(copy_buffer): + /* END OF MAIN LOOP */ + + LOCAL(bootit): ++#ifdef TPM ++ pusha ++ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */ ++ ++ movw $0x0, %bx ++ movw %bx, %es ++ ++ /* We've already measured the first 512 bytes, now measure the rest */ ++ xorl %edi, %edi ++ movw $(GRUB_BOOT_MACHINE_KERNEL_ADDR + 0x200), %di ++ ++ movl $0x41504354, %ebx /* EBX = "TCPA" */ ++ ++ /* %ecx = The length, in bytes, of the buffer to measure */ ++ movl $bytes_to_measure, %esi ++ movl (%esi), %ecx ++ xorl %esi, %esi ++ movl $0x9, %edx /* PCR 9 */ ++ ++ int $0x1A ++ ++ popa ++#endif + /* print a newline */ + MSG(notification_done) + popw %dx /* this makes sure %dl is our "boot" drive */ +@@ -324,6 +364,10 @@ geometry_error_string: .asciz "Geom" + read_error_string: .asciz "Read" + general_error_string: .asciz " Error" + ++#ifdef TPM ++bytes_to_measure: .long 0 ++#endif ++ + /* + * message: write the string pointed to by %si + * +-- +2.15.0 + diff --git a/0220-Measure-kernel-and-initrd-on-BIOS-systems.patch b/0220-Measure-kernel-and-initrd-on-BIOS-systems.patch new file mode 100644 index 0000000..7357ebb --- /dev/null +++ b/0220-Measure-kernel-and-initrd-on-BIOS-systems.patch @@ -0,0 +1,87 @@ +From 2c3d5dcff2281c9f0894ce01b1c75be47dd13050 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Sun, 9 Aug 2015 16:28:29 -0700 +Subject: [PATCH 220/227] Measure kernel and initrd on BIOS systems + +Measure the kernel and initrd when loaded on BIOS systems +--- + grub-core/loader/i386/linux.c | 5 +++++ + grub-core/loader/i386/pc/linux.c | 3 +++ + grub-core/loader/linux.c | 2 ++ + 3 files changed, 10 insertions(+) + +diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c +index c9e89310bdd..bc10add45a6 100644 +--- a/grub-core/loader/i386/linux.c ++++ b/grub-core/loader/i386/linux.c +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -718,7 +719,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "Linux Kernel"); ++ + grub_memcpy (&lh, kernel, sizeof (lh)); ++ + kernel_offset = sizeof (lh); + + if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55)) +@@ -1032,6 +1036,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + + len = prot_file_size; + grub_memcpy (prot_mode_mem, kernel + kernel_offset, len); ++ kernel_offset += len; + + if (grub_errno == GRUB_ERR_NONE) + { +diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c +index b864e540333..6b8f365c9cf 100644 +--- a/grub-core/loader/i386/pc/linux.c ++++ b/grub-core/loader/i386/pc/linux.c +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -161,6 +162,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + ++ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "BIOS Linux Kernel"); ++ + grub_memcpy (&lh, kernel, sizeof (lh)); + kernel_offset = sizeof (lh); + +diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c +index be6fa0f4d45..3005c0d19c9 100644 +--- a/grub-core/loader/linux.c ++++ b/grub-core/loader/linux.c +@@ -4,6 +4,7 @@ + #include + #include + #include ++#include + + struct newc_head + { +@@ -288,6 +289,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, + grub_initrd_close (initrd_ctx); + return grub_errno; + } ++ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "Linux Initrd"); + ptr += cursize; + } + if (newc) +-- +2.15.0 + diff --git a/0221-Measure-the-kernel-commandline.patch b/0221-Measure-the-kernel-commandline.patch new file mode 100644 index 0000000..067cc6f --- /dev/null +++ b/0221-Measure-the-kernel-commandline.patch @@ -0,0 +1,43 @@ +From eeca74b2e520dd3c0ca74deb8c6351e9ec14096c Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Sun, 9 Aug 2015 16:32:29 -0700 +Subject: [PATCH 221/227] Measure the kernel commandline + +Measure the kernel commandline to ensure that it hasn't been modified +--- + grub-core/lib/cmdline.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c +index 970ea868c14..6b56304d4a7 100644 +--- a/grub-core/lib/cmdline.c ++++ b/grub-core/lib/cmdline.c +@@ -19,6 +19,7 @@ + + #include + #include ++#include + + static int + is_hex(char c) +@@ -79,7 +80,7 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf, + { + int i, space; + unsigned int arg_size; +- char *c; ++ char *c, *orig = buf; + + for (i = 0; i < argc; i++) + { +@@ -125,5 +126,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf, + + *buf = 0; + ++ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_CMDLINE_PCR, ++ "Kernel Commandline"); ++ + return i; + } +-- +2.15.0 + diff --git a/0222-Measure-commands.patch b/0222-Measure-commands.patch new file mode 100644 index 0000000..417aa70 --- /dev/null +++ b/0222-Measure-commands.patch @@ -0,0 +1,76 @@ +From c45fb4188646f0ea2a8e37dd5e1fa069ca6f7b8a Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Mon, 10 Aug 2015 15:27:12 -0700 +Subject: [PATCH 222/227] Measure commands + +Measure each command executed by grub, which includes script execution. +--- + grub-core/script/execute.c | 25 +++++++++++++++++++++++-- + include/grub/tpm.h | 1 + + 2 files changed, 24 insertions(+), 2 deletions(-) + +diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c +index cf6cd6601d6..9ae04a05160 100644 +--- a/grub-core/script/execute.c ++++ b/grub-core/script/execute.c +@@ -30,6 +30,7 @@ + #ifdef GRUB_MACHINE_IEEE1275 + #include + #endif ++#include + + /* Max digits for a char is 3 (0xFF is 255), similarly for an int it + is sizeof (int) * 3, and one extra for a possible -ve sign. */ +@@ -967,8 +968,9 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd) + grub_err_t ret = 0; + grub_script_function_t func = 0; + char errnobuf[18]; +- char *cmdname; +- int argc; ++ char *cmdname, *cmdstring; ++ int argc, offset = 0, cmdlen = 0; ++ unsigned int i; + char **args; + int invert; + struct grub_script_argv argv = { 0, 0, 0 }; +@@ -977,6 +979,25 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd) + if (grub_script_arglist_to_argv (cmdline->arglist, &argv) || ! argv.args[0]) + return grub_errno; + ++ for (i = 0; i < argv.argc; i++) { ++ cmdlen += grub_strlen (argv.args[i]) + 1; ++ } ++ ++ cmdstring = grub_malloc (cmdlen); ++ if (!cmdstring) ++ { ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ N_("cannot allocate command buffer")); ++ } ++ ++ for (i = 0; i < argv.argc; i++) { ++ offset += grub_snprintf (cmdstring + offset, cmdlen - offset, "%s ", ++ argv.args[i]); ++ } ++ cmdstring[cmdlen-1]= '\0'; ++ grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_COMMAND_PCR, ++ cmdstring); ++ grub_free(cmdstring); + invert = 0; + argc = argv.argc - 1; + args = argv.args + 1; +diff --git a/include/grub/tpm.h b/include/grub/tpm.h +index 40d3cf65ba6..7fc9d77d277 100644 +--- a/include/grub/tpm.h ++++ b/include/grub/tpm.h +@@ -30,6 +30,7 @@ + #define GRUB_KERNEL_PCR 10 + #define GRUB_INITRD_PCR 11 + #define GRUB_CMDLINE_PCR 12 ++#define GRUB_COMMAND_PCR 13 + + #define TPM_TAG_RQU_COMMAND 0x00C1 + #define TPM_ORD_Extend 0x14 +-- +2.15.0 + diff --git a/0223-Measure-multiboot-images-and-modules.patch b/0223-Measure-multiboot-images-and-modules.patch new file mode 100644 index 0000000..a289e83 --- /dev/null +++ b/0223-Measure-multiboot-images-and-modules.patch @@ -0,0 +1,78 @@ +From 98dd154527b9cddaff15ab22b35c41815d9f1b13 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Tue, 1 Sep 2015 16:02:55 -0700 +Subject: [PATCH 223/227] Measure multiboot images and modules + +--- + grub-core/loader/i386/multiboot_mbi.c | 3 +++ + grub-core/loader/multiboot.c | 2 ++ + grub-core/loader/multiboot_mbi2.c | 4 +++- + 3 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c +index fd7b41b0cad..5d00aed65ad 100644 +--- a/grub-core/loader/i386/multiboot_mbi.c ++++ b/grub-core/loader/i386/multiboot_mbi.c +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + #ifdef GRUB_MACHINE_EFI + #include +@@ -173,6 +174,8 @@ grub_multiboot_load (grub_file_t file, const char *filename) + return grub_errno; + } + ++ grub_tpm_measure((unsigned char*)buffer, len, GRUB_KERNEL_PCR, filename); ++ + header = find_header (buffer, len); + + if (header == 0) +diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c +index fb044a60c79..0ca525380c9 100644 +--- a/grub-core/loader/multiboot.c ++++ b/grub-core/loader/multiboot.c +@@ -43,6 +43,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -425,6 +426,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)), + } + + grub_file_close (file); ++ grub_tpm_measure (module, size, GRUB_KERNEL_PCR, argv[0]); + return GRUB_ERR_NONE; + } + +diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c +index b0679a9f6c9..a7b4a57ec4f 100644 +--- a/grub-core/loader/multiboot_mbi2.c ++++ b/grub-core/loader/multiboot_mbi2.c +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + #if defined (GRUB_MACHINE_EFI) + #include +@@ -131,8 +132,9 @@ grub_multiboot_load (grub_file_t file, const char *filename) + + COMPILE_TIME_ASSERT (MULTIBOOT_HEADER_ALIGN % 4 == 0); + ++ grub_tpm_measure ((unsigned char *)buffer, len, GRUB_KERNEL_PCR, filename); ++ + header = find_header (mld.buffer, len); +- + if (header == 0) + { + grub_free (mld.buffer); +-- +2.15.0 + diff --git a/0224-Fix-boot-when-there-s-no-TPM.patch b/0224-Fix-boot-when-there-s-no-TPM.patch new file mode 100644 index 0000000..3638e68 --- /dev/null +++ b/0224-Fix-boot-when-there-s-no-TPM.patch @@ -0,0 +1,32 @@ +From d621b990b2d3ba20a275de963841c4c2c9246a90 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Wed, 23 Mar 2016 16:49:42 -0700 +Subject: [PATCH 224/227] Fix boot when there's no TPM + +If the firmware has TPM support but has no TPM, we're jumping to core.img +without popping the registers back onto the stack. Fix that. + +(cherry picked from commit c2eee36ec08f8ed0cd25b8030276347680be4843) +--- + grub-core/boot/i386/pc/boot.S | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S +index c1df86dec0b..acab37369ae 100644 +--- a/grub-core/boot/i386/pc/boot.S ++++ b/grub-core/boot/i386/pc/boot.S +@@ -473,9 +473,9 @@ LOCAL(copy_buffer): + movl $0x8, %edx /* PCR 8 */ + int $0x1A + +- popa +-#endif + boot: ++ popa ++#endif + /* boot kernel */ + jmp *(LOCAL(kernel_address)) + +-- +2.15.0 + diff --git a/0225-Rework-TPM-measurements.patch b/0225-Rework-TPM-measurements.patch new file mode 100644 index 0000000..63d0964 --- /dev/null +++ b/0225-Rework-TPM-measurements.patch @@ -0,0 +1,219 @@ +From eb631580edb7cd1ed00de0a521373d363651be41 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Wed, 23 Mar 2016 17:03:43 -0700 +Subject: [PATCH 225/227] Rework TPM measurements + +Rework TPM measurements to use fewer PCRs. After discussion with upstream, +it's preferable to avoid using so many PCRs. Instead, measure into PCRs 8 +and 9 but use a prefix in the event log to indicate which subsystem carried +out the measurements. + +(cherry picked from commit bb3473d7c8741ad5ef7cf8aafbbcf094df08bfc9) +--- + grub-core/kern/dl.c | 2 +- + grub-core/kern/tpm.c | 10 ++++++++-- + grub-core/lib/cmdline.c | 4 ++-- + grub-core/loader/i386/efi/linux.c | 4 ++-- + grub-core/loader/i386/linux.c | 2 +- + grub-core/loader/i386/multiboot_mbi.c | 2 +- + grub-core/loader/i386/pc/linux.c | 2 +- + grub-core/loader/linux.c | 2 +- + grub-core/loader/multiboot.c | 2 +- + grub-core/loader/multiboot_mbi2.c | 2 +- + grub-core/script/execute.c | 4 ++-- + include/grub/tpm.h | 9 +++------ + 12 files changed, 24 insertions(+), 21 deletions(-) + +diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c +index 387d1e6446d..d0989573866 100644 +--- a/grub-core/kern/dl.c ++++ b/grub-core/kern/dl.c +@@ -830,7 +830,7 @@ grub_dl_load_file (const char *filename) + opens of the same device. */ + grub_file_close (file); + +- grub_tpm_measure(core, size, GRUB_TPM_PCR, filename); ++ grub_tpm_measure(core, size, GRUB_BINARY_PCR, "grub_module", filename); + + mod = grub_dl_load_core (core, size); + grub_free (core); +diff --git a/grub-core/kern/tpm.c b/grub-core/kern/tpm.c +index 1a991876c83..cb5a812035d 100644 +--- a/grub-core/kern/tpm.c ++++ b/grub-core/kern/tpm.c +@@ -7,7 +7,13 @@ + + grub_err_t + grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, +- const char *description) ++ const char *kind, const char *description) + { +- return grub_tpm_log_event(buf, size, pcr, description); ++ grub_err_t ret; ++ char *desc = grub_xasprintf("%s %s", kind, description); ++ if (!desc) ++ return GRUB_ERR_OUT_OF_MEMORY; ++ ret = grub_tpm_log_event(buf, size, pcr, description); ++ grub_free(desc); ++ return ret; + } +diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c +index 6b56304d4a7..178f7382f07 100644 +--- a/grub-core/lib/cmdline.c ++++ b/grub-core/lib/cmdline.c +@@ -126,8 +126,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf, + + *buf = 0; + +- grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_CMDLINE_PCR, +- "Kernel Commandline"); ++ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_ASCII_PCR, ++ "grub_kernel_cmdline", orig); + + return i; + } +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 48febdc8100..079e222e972 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -133,7 +133,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), + argv[i]); + goto fail; + } +- grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "UEFI Linux initrd"); ++ grub_tpm_measure (ptr, cursize, GRUB_BINARY_PCR, "grub_linuxefi", "Initrd"); + ptr += cursize; + grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); + ptr += ALIGN_UP_OVERHEAD (cursize, 4); +@@ -198,7 +198,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + +- grub_tpm_measure (kernel, filelen, GRUB_KERNEL_PCR, "UEFI Linux kernel"); ++ grub_tpm_measure (kernel, filelen, GRUB_BINARY_PCR, "grub_linuxefi", "Kernel"); + + rc = grub_linuxefi_secure_validate (kernel, filelen); + if (rc < 0) +diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c +index bc10add45a6..32e3bb08e88 100644 +--- a/grub-core/loader/i386/linux.c ++++ b/grub-core/loader/i386/linux.c +@@ -719,7 +719,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + +- grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "Linux Kernel"); ++ grub_tpm_measure (kernel, len, GRUB_BINARY_PCR, "grub_linux", "Kernel"); + + grub_memcpy (&lh, kernel, sizeof (lh)); + +diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c +index 5d00aed65ad..0981a2cfd93 100644 +--- a/grub-core/loader/i386/multiboot_mbi.c ++++ b/grub-core/loader/i386/multiboot_mbi.c +@@ -174,7 +174,7 @@ grub_multiboot_load (grub_file_t file, const char *filename) + return grub_errno; + } + +- grub_tpm_measure((unsigned char*)buffer, len, GRUB_KERNEL_PCR, filename); ++ grub_tpm_measure((unsigned char*)buffer, len, GRUB_BINARY_PCR, "grub_multiboot", filename); + + header = find_header (buffer, len); + +diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c +index 6b8f365c9cf..7edbc5ea6c4 100644 +--- a/grub-core/loader/i386/pc/linux.c ++++ b/grub-core/loader/i386/pc/linux.c +@@ -162,7 +162,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + goto fail; + } + +- grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "BIOS Linux Kernel"); ++ grub_tpm_measure (kernel, len, GRUB_BINARY_PCR, "grub_linux16", "Kernel"); + + grub_memcpy (&lh, kernel, sizeof (lh)); + kernel_offset = sizeof (lh); +diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c +index 3005c0d19c9..78c41e33416 100644 +--- a/grub-core/loader/linux.c ++++ b/grub-core/loader/linux.c +@@ -289,7 +289,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, + grub_initrd_close (initrd_ctx); + return grub_errno; + } +- grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "Linux Initrd"); ++ grub_tpm_measure (ptr, cursize, GRUB_BINARY_PCR, "grub_initrd", "Initrd"); + ptr += cursize; + } + if (newc) +diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c +index 0ca525380c9..cc53d429bca 100644 +--- a/grub-core/loader/multiboot.c ++++ b/grub-core/loader/multiboot.c +@@ -426,7 +426,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)), + } + + grub_file_close (file); +- grub_tpm_measure (module, size, GRUB_KERNEL_PCR, argv[0]); ++ grub_tpm_measure (module, size, GRUB_BINARY_PCR, "grub_multiboot", argv[0]); + return GRUB_ERR_NONE; + } + +diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c +index a7b4a57ec4f..f43482935cb 100644 +--- a/grub-core/loader/multiboot_mbi2.c ++++ b/grub-core/loader/multiboot_mbi2.c +@@ -132,7 +132,7 @@ grub_multiboot_load (grub_file_t file, const char *filename) + + COMPILE_TIME_ASSERT (MULTIBOOT_HEADER_ALIGN % 4 == 0); + +- grub_tpm_measure ((unsigned char *)buffer, len, GRUB_KERNEL_PCR, filename); ++ grub_tpm_measure ((unsigned char *)buffer, len, GRUB_BINARY_PCR, "grub_multiboot", filename); + + header = find_header (mld.buffer, len); + if (header == 0) +diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c +index 9ae04a05160..976643c47b0 100644 +--- a/grub-core/script/execute.c ++++ b/grub-core/script/execute.c +@@ -995,8 +995,8 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd) + argv.args[i]); + } + cmdstring[cmdlen-1]= '\0'; +- grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_COMMAND_PCR, +- cmdstring); ++ grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_ASCII_PCR, ++ "grub_cmd", cmdstring); + grub_free(cmdstring); + invert = 0; + argc = argv.argc - 1; +diff --git a/include/grub/tpm.h b/include/grub/tpm.h +index 7fc9d77d277..ecb2d09ff5d 100644 +--- a/include/grub/tpm.h ++++ b/include/grub/tpm.h +@@ -26,11 +26,8 @@ + #define TPM_AUTHFAIL (TPM_BASE + 0x1) + #define TPM_BADINDEX (TPM_BASE + 0x2) + +-#define GRUB_TPM_PCR 9 +-#define GRUB_KERNEL_PCR 10 +-#define GRUB_INITRD_PCR 11 +-#define GRUB_CMDLINE_PCR 12 +-#define GRUB_COMMAND_PCR 13 ++#define GRUB_ASCII_PCR 8 ++#define GRUB_BINARY_PCR 9 + + #define TPM_TAG_RQU_COMMAND 0x00C1 + #define TPM_ORD_Extend 0x14 +@@ -70,7 +67,7 @@ typedef struct { + } GRUB_PACKED ExtendOutgoing; + + grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size, +- grub_uint8_t pcr, ++ grub_uint8_t pcr, const char *kind, + const char *description); + #if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_PCBIOS) + grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, +-- +2.15.0 + diff --git a/0226-Fix-event-log-prefix.patch b/0226-Fix-event-log-prefix.patch new file mode 100644 index 0000000..81ea11b --- /dev/null +++ b/0226-Fix-event-log-prefix.patch @@ -0,0 +1,29 @@ +From 4caddfad92ef6fa251fbfaf7e10271434885f253 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Tue, 29 Mar 2016 15:36:49 -0700 +Subject: [PATCH 226/227] Fix event log prefix + +We're not passing the prefixed version of the description to the event log. +Fix that. + +(cherry picked from commit aab446306b8a78c741e229861c4988738cfc6426) +--- + grub-core/kern/tpm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/kern/tpm.c b/grub-core/kern/tpm.c +index cb5a812035d..e5e8fced624 100644 +--- a/grub-core/kern/tpm.c ++++ b/grub-core/kern/tpm.c +@@ -13,7 +13,7 @@ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, + char *desc = grub_xasprintf("%s %s", kind, description); + if (!desc) + return GRUB_ERR_OUT_OF_MEMORY; +- ret = grub_tpm_log_event(buf, size, pcr, description); ++ ret = grub_tpm_log_event(buf, size, pcr, desc); + grub_free(desc); + return ret; + } +-- +2.15.0 + diff --git a/0227-Set-the-first-boot-menu-entry-as-default-when-using-.patch b/0227-Set-the-first-boot-menu-entry-as-default-when-using-.patch new file mode 100644 index 0000000..bef63a4 --- /dev/null +++ b/0227-Set-the-first-boot-menu-entry-as-default-when-using-.patch @@ -0,0 +1,30 @@ +From 5d9681adc296936bea6d070c4b93db42741f05ff Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Fri, 6 Apr 2018 14:08:36 +0200 +Subject: [PATCH 227/227] Set the first boot menu entry as default when using + BLS fragments + +When BootLoaderSpec configuration files are used, the default boot menu +entry is always set to the first entry as sorted by the blscfg command. + +Suggested-by: Peter Jones +Signed-off-by: Javier Martinez Canillas +--- + util/grub.d/10_linux.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index f5daefb9d24..b24bb410dc0 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -149,6 +149,7 @@ if [ -s \$prefix/grubenv ]; then + fi + EOF + ++ ${grub_editenv} - set saved_entry=0 + ${grub_editenv} - set kernelopts="root=${linux_root_device_thisversion} ro ${args}" + + exit 0 +-- +2.15.0 + diff --git a/grub.patches b/grub.patches index 213069e..a9d8fd0 100644 --- a/grub.patches +++ b/grub.patches @@ -214,3 +214,14 @@ Patch0213: 0213-Make-it-possible-to-enabled-build-id-sha1.patch Patch0214: 0214-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch Patch0215: 0215-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch Patch0216: 0216-Only-attempt-to-scan-different-BLS-directories-on-EF.patch +Patch0217: 0217-Core-TPM-support.patch +Patch0218: 0218-Measure-kernel-initrd.patch +Patch0219: 0219-Add-BIOS-boot-measurement.patch +Patch0220: 0220-Measure-kernel-and-initrd-on-BIOS-systems.patch +Patch0221: 0221-Measure-the-kernel-commandline.patch +Patch0222: 0222-Measure-commands.patch +Patch0223: 0223-Measure-multiboot-images-and-modules.patch +Patch0224: 0224-Fix-boot-when-there-s-no-TPM.patch +Patch0225: 0225-Rework-TPM-measurements.patch +Patch0226: 0226-Fix-event-log-prefix.patch +Patch0227: 0227-Set-the-first-boot-menu-entry-as-default-when-using-.patch diff --git a/grub2.spec b/grub2.spec index 2b09a45..8545248 100644 --- a/grub2.spec +++ b/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 29%{?dist} +Release: 30%{?dist} Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -452,6 +452,10 @@ fi %endif %changelog +* Fri Apr 06 2018 Peter Jones - 2.02-30 +- Enable TPM measurements +- Set the default boot entry to the first entry when we're using BLS. + * Tue Apr 03 2018 Peter Jones - 2.02-29 - Add grub2-switch-to-blscfg - Fix for BLS paths on BIOS / non-UEFI (javierm)