util: grub-install on EFI if forced
Resolves: #1917213 Resolves: #2240994 Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
This commit is contained in:
parent
07412b4a97
commit
8a9297c431
77
0339-grub-install-on-EFI-if-forced.patch
Normal file
77
0339-grub-install-on-EFI-if-forced.patch
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Marta Lewandowska <mlewando@redhat.com>
|
||||||
|
Date: Fri, 13 Oct 2023 09:13:41 +0200
|
||||||
|
Subject: [PATCH] grub-install on EFI if forced
|
||||||
|
|
||||||
|
UEFI Secure Boot requires signed grub binaries to work, so grub-
|
||||||
|
install should not be used. However, users who have Secure Boot
|
||||||
|
disabled and wish to use the command should not be prevented from
|
||||||
|
doing so if they invoke --force.
|
||||||
|
|
||||||
|
fixes bz#1917213 / bz#2240994
|
||||||
|
|
||||||
|
Signed-off-by: Marta Lewandowska <mlewando@redhat.com>
|
||||||
|
---
|
||||||
|
util/grub-install.c | 42 ++++++++++++++++++++++++++----------------
|
||||||
|
1 file changed, 26 insertions(+), 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/util/grub-install.c b/util/grub-install.c
|
||||||
|
index 5babc7af5518..162162bec6e2 100644
|
||||||
|
--- a/util/grub-install.c
|
||||||
|
+++ b/util/grub-install.c
|
||||||
|
@@ -899,22 +899,6 @@ main (int argc, char *argv[])
|
||||||
|
|
||||||
|
platform = grub_install_get_target (grub_install_source_directory);
|
||||||
|
|
||||||
|
- switch (platform)
|
||||||
|
- {
|
||||||
|
- case GRUB_INSTALL_PLATFORM_ARM_EFI:
|
||||||
|
- case GRUB_INSTALL_PLATFORM_ARM64_EFI:
|
||||||
|
- case GRUB_INSTALL_PLATFORM_I386_EFI:
|
||||||
|
- case GRUB_INSTALL_PLATFORM_IA64_EFI:
|
||||||
|
- case GRUB_INSTALL_PLATFORM_X86_64_EFI:
|
||||||
|
- is_efi = 1;
|
||||||
|
- grub_util_error (_("this utility cannot be used for EFI platforms"
|
||||||
|
- " because it does not support UEFI Secure Boot"));
|
||||||
|
- break;
|
||||||
|
- default:
|
||||||
|
- is_efi = 0;
|
||||||
|
- break;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
{
|
||||||
|
char *platname = grub_install_get_platform_name (platform);
|
||||||
|
fprintf (stderr, _("Installing for %s platform.\n"), platname);
|
||||||
|
@@ -1027,6 +1011,32 @@ main (int argc, char *argv[])
|
||||||
|
grub_hostfs_init ();
|
||||||
|
grub_host_init ();
|
||||||
|
|
||||||
|
+ switch (platform)
|
||||||
|
+ {
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_I386_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_X86_64_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_ARM_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_ARM64_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_RISCV32_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_RISCV64_EFI:
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_IA64_EFI:
|
||||||
|
+ is_efi = 1;
|
||||||
|
+ if (!force)
|
||||||
|
+ grub_util_error (_("This utility should not be used for EFI platforms"
|
||||||
|
+ " because it does not support UEFI Secure Boot."
|
||||||
|
+ " If you really wish to proceed, invoke the --force"
|
||||||
|
+ " option.\nMake sure Secure Boot is disabled before"
|
||||||
|
+ " proceeding"));
|
||||||
|
+ break;
|
||||||
|
+ default:
|
||||||
|
+ is_efi = 0;
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ /* pacify warning. */
|
||||||
|
+ case GRUB_INSTALL_PLATFORM_MAX:
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* Find the EFI System Partition. */
|
||||||
|
if (is_efi)
|
||||||
|
{
|
@ -336,3 +336,4 @@ Patch0335: 0335-Add-Install-section-to-aux-systemd-units.patch
|
|||||||
Patch0336: 0336-arm64-Use-proper-memory-type-for-kernel-allocation.patch
|
Patch0336: 0336-arm64-Use-proper-memory-type-for-kernel-allocation.patch
|
||||||
Patch0337: 0337-Fix-missing-include-in-ofdisk.c.patch
|
Patch0337: 0337-Fix-missing-include-in-ofdisk.c.patch
|
||||||
Patch0338: 0338-kern-ieee1275-init-ppc64-Restrict-high-memory-in-pre.patch
|
Patch0338: 0338-kern-ieee1275-init-ppc64-Restrict-high-memory-in-pre.patch
|
||||||
|
Patch0339: 0339-grub-install-on-EFI-if-forced.patch
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
Name: grub2
|
Name: grub2
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 2.06
|
Version: 2.06
|
||||||
Release: 105%{?dist}
|
Release: 106%{?dist}
|
||||||
Summary: Bootloader with support for Linux, Multiboot and more
|
Summary: Bootloader with support for Linux, Multiboot and more
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: http://www.gnu.org/software/grub/
|
URL: http://www.gnu.org/software/grub/
|
||||||
@ -548,6 +548,11 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 6 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-106
|
||||||
|
- util: grub-install on EFI if forced
|
||||||
|
- Resolves: #1917213
|
||||||
|
- Resolves: #2240994
|
||||||
|
|
||||||
* Fri Oct 20 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-105
|
* Fri Oct 20 2023 Nicolas Frayer <nfrayer@redhat.com> - 2.06-105
|
||||||
- kern/ieee1275/init: ppc64: Restrict high memory in presence
|
- kern/ieee1275/init: ppc64: Restrict high memory in presence
|
||||||
of fadump
|
of fadump
|
||||||
|
Loading…
Reference in New Issue
Block a user