From f2b28b651f60f195bf75660dfe4a7b0c0730a4f9 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Sat, 6 Jul 2019 01:47:14 +0200 Subject: [PATCH] Some fixes mostly for ARM Fix failure to request grub.cfg over HTTP Some ARM fixes (pbrobinson) Preserve multi-device workflows (Yclept Nemo) Signed-off-by: Javier Martinez Canillas --- ...licate-net-name-string-if-not-needed.patch | 53 +++++++ ...m-Move-trampolines-into-code-section.patch | 78 ++++++++++ ...n-alignment-with-manual-relocation-o.patch | 41 ++++++ ...-efi-fdt.c-Do-not-copy-random-memory.patch | 29 ++++ ...t-break-FDT-extra-allocation-space-o.patch | 48 +++++++ 0313-Preserve-multi-device-workflows.patch | 133 ++++++++++++++++++ grub.patches | 6 + grub2.spec | 7 +- 8 files changed, 394 insertions(+), 1 deletion(-) create mode 100644 0308-Don-t-duplicate-net-name-string-if-not-needed.patch create mode 100644 0309-arm-Move-trampolines-into-code-section.patch create mode 100644 0310-arm-Align-section-alignment-with-manual-relocation-o.patch create mode 100644 0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch create mode 100644 0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch create mode 100644 0313-Preserve-multi-device-workflows.patch diff --git a/0308-Don-t-duplicate-net-name-string-if-not-needed.patch b/0308-Don-t-duplicate-net-name-string-if-not-needed.patch new file mode 100644 index 0000000..f890e90 --- /dev/null +++ b/0308-Don-t-duplicate-net-name-string-if-not-needed.patch @@ -0,0 +1,53 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Thu, 25 Apr 2019 17:50:23 +0200 +Subject: [PATCH] Don't duplicate net->name string if not needed + +Related: rhbz#1490991 + +Signed-off-by: Javier Martinez Canillas +--- + grub-core/net/efi/http.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c +index 484e0c68cee..de351b2cd03 100644 +--- a/grub-core/net/efi/http.c ++++ b/grub-core/net/efi/http.c +@@ -394,27 +394,27 @@ grub_efihttp_open (struct grub_efi_net_device *dev, + grub_err_t err; + grub_off_t size; + char *buf; +- char *file_name; ++ char *file_name = NULL; + const char *http_path; + + /* If path is relative, prepend http_path */ + http_path = grub_env_get ("http_path"); +- if (http_path && file->device->net->name[0] != '/') ++ if (http_path && file->device->net->name[0] != '/') { + file_name = grub_xasprintf ("%s/%s", http_path, file->device->net->name); +- else +- file_name = grub_strdup (file->device->net->name); ++ if (!file_name) ++ return grub_errno; ++ } + +- if (!file_name) +- return grub_errno; +- +- err = efihttp_request (dev->http, file->device->net->server, file_name, type, 1, 0); ++ err = efihttp_request (dev->http, file->device->net->server, ++ file_name ? file_name : file->device->net->name, type, 1, 0); + if (err != GRUB_ERR_NONE) + { + grub_free (file_name); + return err; + } + +- err = efihttp_request (dev->http, file->device->net->server, file_name, type, 0, &size); ++ err = efihttp_request (dev->http, file->device->net->server, ++ file_name ? file_name : file->device->net->name, type, 0, &size); + grub_free (file_name); + if (err != GRUB_ERR_NONE) + { diff --git a/0309-arm-Move-trampolines-into-code-section.patch b/0309-arm-Move-trampolines-into-code-section.patch new file mode 100644 index 0000000..7d15e51 --- /dev/null +++ b/0309-arm-Move-trampolines-into-code-section.patch @@ -0,0 +1,78 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Alexander Graf +Date: Tue, 30 Apr 2019 22:43:56 +0200 +Subject: [PATCH] arm: Move trampolines into code section + +When creating T32->A32 transition jumps, the relocation code in grub +will generate trampolines. These trampolines live in the .data section +of our PE binary which means they are not marked as executable. + +This misbehavior was unmasked by commit a51f953f4ee87 ("mkimage: Align +efi sections on 4k boundary") which made the X/NX boundary more obvious +because everything became page aligned. + +To put things into proper order, let's move the arm trampolines into the +.text section instead. That way everyone knows they are executable. + +Fixes: a51f953f4ee87 ("mkimage: Align efi sections on 4k boundary") +Reported-by: Julien ROBIN +Reported-by: Leif Lindholm +Signed-off-by: Alexander Graf +Tested-by: Julien ROBIN +Reviewed-by: Leif Lindholm +Tested-by: Leif Lindholm +Reviewed-by: Daniel Kiper +--- + util/grub-mkimagexx.c | 32 +++++++++++++++----------------- + 1 file changed, 15 insertions(+), 17 deletions(-) + +diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c +index a483c674c49..86e6254a27e 100644 +--- a/util/grub-mkimagexx.c ++++ b/util/grub-mkimagexx.c +@@ -1900,6 +1900,21 @@ SUFFIX (locate_sections) (Elf_Ehdr *e, const char *kernel_path, + } + } + ++#ifdef MKIMAGE_ELF32 ++ if (image_target->elf_target == EM_ARM) ++ { ++ grub_size_t tramp; ++ ++ layout->kernel_size = ALIGN_UP (layout->kernel_size, 16); ++ ++ tramp = arm_get_trampoline_size (e, smd->sections, smd->section_entsize, ++ smd->num_sections, image_target); ++ ++ layout->tramp_off = layout->kernel_size; ++ layout->kernel_size += ALIGN_UP (tramp, 16); ++ } ++#endif ++ + layout->kernel_size = ALIGN_UP (layout->kernel_size + image_target->vaddr_offset, + image_target->section_align) + - image_target->vaddr_offset; +@@ -1913,23 +1928,6 @@ SUFFIX (locate_sections) (Elf_Ehdr *e, const char *kernel_path, + layout->kernel_size = SUFFIX (put_section) (s, i, layout->kernel_size, smd, + image_target); + +-#ifdef MKIMAGE_ELF32 +- if (image_target->elf_target == EM_ARM) +- { +- grub_size_t tramp; +- layout->kernel_size = ALIGN_UP (layout->kernel_size + image_target->vaddr_offset, +- image_target->section_align) - image_target->vaddr_offset; +- +- layout->kernel_size = ALIGN_UP (layout->kernel_size, 16); +- +- tramp = arm_get_trampoline_size (e, smd->sections, smd->section_entsize, +- smd->num_sections, image_target); +- +- layout->tramp_off = layout->kernel_size; +- layout->kernel_size += ALIGN_UP (tramp, 16); +- } +-#endif +- + layout->bss_start = layout->kernel_size; + layout->end = layout->kernel_size; + diff --git a/0310-arm-Align-section-alignment-with-manual-relocation-o.patch b/0310-arm-Align-section-alignment-with-manual-relocation-o.patch new file mode 100644 index 0000000..52285fb --- /dev/null +++ b/0310-arm-Align-section-alignment-with-manual-relocation-o.patch @@ -0,0 +1,41 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Alexander Graf +Date: Tue, 30 Apr 2019 22:43:57 +0200 +Subject: [PATCH] arm: Align section alignment with manual relocation offset + code + +The arm relocation code has a manual special case for EFI binaries to +add the natural alignment to its own relocation awareness. + +Since commit a51f953f4ee87 ("mkimage: Align efi sections on 4k +boundary") we changed that alignment from 0x400 to 0x1000 bytes. Reflect +the change in that branch that we forgot as well. + +This fixes running 32bit arm grub efi binaries for me again. + +Fixes: a51f953f4ee87 ("mkimage: Align efi sections on 4k boundary") +Reported-by: Heinrich Schuchardt +Reported-by: Steve McIntyre +Signed-off-by: Alexander Graf +Reviewed-by: Daniel Kiper +Tested-by: Julien ROBIN +Reviewed-by: Leif Lindholm +Tested-by: Leif Lindholm +Reviewed-by: Daniel Kiper +--- + util/grub-mkimagexx.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c +index 86e6254a27e..75773446d0f 100644 +--- a/util/grub-mkimagexx.c ++++ b/util/grub-mkimagexx.c +@@ -1099,7 +1099,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd, + (int) sym_addr, (int) sym_addr); + /* Data will be naturally aligned */ + if (image_target->id == IMAGE_EFI) +- sym_addr += 0x400; ++ sym_addr += GRUB_PE32_SECTION_ALIGNMENT; + *target = grub_host_to_target32 (grub_target_to_host32 (*target) + sym_addr); + } + break; diff --git a/0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch b/0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch new file mode 100644 index 0000000..a4851be --- /dev/null +++ b/0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch @@ -0,0 +1,29 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Heinrich Schuchardt +Date: Mon, 17 Dec 2018 22:00:24 +0100 +Subject: [PATCH] grub-core/loader/efi/fdt.c: Do not copy random memory + +We should not try to copy any memory area which is outside of the original +fdt. If this extra memory is controlled by a hypervisor this might end +with a crash. + +Signed-off-by: Heinrich Schuchardt +Reviewed-by: Leif Lindholm +Reviewed-by: Daniel Kiper +--- + grub-core/loader/efi/fdt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/loader/efi/fdt.c b/grub-core/loader/efi/fdt.c +index a9dbcfdfeaf..cecd617dccc 100644 +--- a/grub-core/loader/efi/fdt.c ++++ b/grub-core/loader/efi/fdt.c +@@ -68,7 +68,7 @@ grub_fdt_load (grub_size_t additional_size) + + if (raw_fdt) + { +- grub_memmove (fdt, raw_fdt, size); ++ grub_memmove (fdt, raw_fdt, size - additional_size); + grub_fdt_set_totalsize (fdt, size); + } + else diff --git a/0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch b/0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch new file mode 100644 index 0000000..164de66 --- /dev/null +++ b/0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch @@ -0,0 +1,48 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Robinson +Date: Thu, 20 Jun 2019 16:21:48 +0100 +Subject: [PATCH] linux, efi, arm*, fdt: break FDT extra allocation space out + into a #define + +A certain amount of dynamic space is required for the handover from +GRUB/Linux-EFI-stub. This entails things like initrd addresses, +address-cells entries and associated strings. + +But move this into a proper centralised #define rather than live-code +it in the loader. + +Signed-off-by: Leif Lindholm +Reviewed-by: Daniel Kiper +Signed-off-by: Peter Robinson +--- + grub-core/loader/arm64/linux.c | 2 +- + include/grub/fdt.h | 3 +++ + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c +index e1110749eb9..628b320618c 100644 +--- a/grub-core/loader/arm64/linux.c ++++ b/grub-core/loader/arm64/linux.c +@@ -73,7 +73,7 @@ finalize_params_linux (void) + grub_err_t err = GRUB_ERR_NONE; + void *fdt; + +- fdt = grub_fdt_load (0x400); ++ fdt = grub_fdt_load (GRUB_EFI_LINUX_FDT_EXTRA_SPACE); + if (!fdt) + { + err = grub_error(GRUB_ERR_BAD_OS, "failed to load FDT"); +diff --git a/include/grub/fdt.h b/include/grub/fdt.h +index e34644631e1..2041341fd68 100644 +--- a/include/grub/fdt.h ++++ b/include/grub/fdt.h +@@ -24,6 +24,9 @@ + #include + #include + ++/* Space required when preparing the /chosen node after boot has been called. */ ++#define GRUB_EFI_LINUX_FDT_EXTRA_SPACE 0x400 ++ + #define FDT_MAGIC 0xD00DFEED + + typedef struct { diff --git a/0313-Preserve-multi-device-workflows.patch b/0313-Preserve-multi-device-workflows.patch new file mode 100644 index 0000000..1d07b3f --- /dev/null +++ b/0313-Preserve-multi-device-workflows.patch @@ -0,0 +1,133 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Yclept Nemo +Date: Fri, 5 Jul 2019 12:14:51 +0200 +Subject: [PATCH] Preserve multi-device workflows + +The BLS patch [1] isn't POSIX-compliant (local shell variables), and +doesn't support multi-device workflows involving 'grub-probe'. This +breaks BTRFS RAID over multiple discs and possibly LVM, when /boot is on +the multi-device partition. The approach of this patch, using global +variables, is the only possibly approach if you want to maintain a +backwards-compatible 'prepare_grub_to_access_device' but still handle +both optional arguments and variadic arguments. Fixes [2]. + +[1] 0112-Add-BLS-support-to-grub-mkconfig.patch +[2] https://bugzilla.redhat.com/show_bug.cgi?id=1708389 +--- + util/grub-mkconfig_lib.in | 35 ++++++++++++++++++++--------------- + util/grub.d/10_linux.in | 4 ++-- + util/grub.d/10_linux_bls.in | 4 ++-- + 3 files changed, 24 insertions(+), 19 deletions(-) + +diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in +index 1acc1d01c39..bc11df2bd84 100644 +--- a/util/grub-mkconfig_lib.in ++++ b/util/grub-mkconfig_lib.in +@@ -128,18 +128,23 @@ EOF + fi + } + ++prepare_grub_to_access_device_with_variable () ++{ ++ device_variable="$1" ++ shift ++ prepare_grub_to_access_device "$@" ++ unset "device_variable" ++} ++ + prepare_grub_to_access_device () + { +- local device=$1 && shift +- if [ "$#" -gt 0 ]; then +- local variable=$1 && shift +- else +- local variable=root ++ if [ -z "$device_variable" ]; then ++ device_variable="root" + fi + old_ifs="$IFS" + IFS=' + ' +- partmap="`"${grub_probe}" --device ${device} --target=partmap`" ++ partmap="`"${grub_probe}" --device $@ --target=partmap`" + for module in ${partmap} ; do + case "${module}" in + netbsd | openbsd) +@@ -150,34 +155,34 @@ prepare_grub_to_access_device () + done + + # Abstraction modules aren't auto-loaded. +- abstraction="`"${grub_probe}" --device ${device} --target=abstraction`" ++ abstraction="`"${grub_probe}" --device $@ --target=abstraction`" + for module in ${abstraction} ; do + echo "insmod ${module}" + done + +- fs="`"${grub_probe}" --device ${device} --target=fs`" ++ fs="`"${grub_probe}" --device $@ --target=fs`" + for module in ${fs} ; do + echo "insmod ${module}" + done + + if [ x$GRUB_ENABLE_CRYPTODISK = xy ]; then +- for uuid in `"${grub_probe}" --device ${device} --target=cryptodisk_uuid`; do ++ for uuid in `"${grub_probe}" --device $@ --target=cryptodisk_uuid`; do + echo "cryptomount -u $uuid" + done + fi + + # If there's a filesystem UUID that GRUB is capable of identifying, use it; + # otherwise set root as per value in device.map. +- fs_hint="`"${grub_probe}" --device ${device} --target=compatibility_hint`" ++ fs_hint="`"${grub_probe}" --device $@ --target=compatibility_hint`" + if [ "x$fs_hint" != x ]; then +- echo "set ${variable}='$fs_hint'" ++ echo "set ${device_variable}='$fs_hint'" + fi +- if [ "x$GRUB_DISABLE_UUID" != "xtrue" ] && fs_uuid="`"${grub_probe}" --device ${device} --target=fs_uuid 2> /dev/null`" ; then +- hints="`"${grub_probe}" --device ${device} --target=hints_string 2> /dev/null`" || hints= ++ if [ "x$GRUB_DISABLE_UUID" != "xtrue" ] && fs_uuid="`"${grub_probe}" --device $@ --target=fs_uuid 2> /dev/null`" ; then ++ hints="`"${grub_probe}" --device $@ --target=hints_string 2> /dev/null`" || hints= + echo "if [ x\$feature_platform_search_hint = xy ]; then" +- echo " search --no-floppy --fs-uuid --set=${variable} ${hints} ${fs_uuid}" ++ echo " search --no-floppy --fs-uuid --set=${device_variable} ${hints} ${fs_uuid}" + echo "else" +- echo " search --no-floppy --fs-uuid --set=${variable} ${fs_uuid}" ++ echo " search --no-floppy --fs-uuid --set=${device_variable} ${fs_uuid}" + echo "fi" + fi + IFS="$old_ifs" +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index 9fd5a16fa32..3919b8aff4e 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -109,10 +109,10 @@ if [ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]; then + + if [ -d /sys/firmware/efi ]; then + bootefi_device="`${grub_probe} --target=device /boot/efi/`" +- prepare_grub_to_access_device ${bootefi_device} boot ++ prepare_grub_to_access_device_with_variable boot ${bootefi_device} + else + boot_device="`${grub_probe} --target=device /boot/`" +- prepare_grub_to_access_device ${boot_device} boot ++ prepare_grub_to_access_device_with_variable boot ${boot_device} + fi + + populate_header_warn +diff --git a/util/grub.d/10_linux_bls.in b/util/grub.d/10_linux_bls.in +index 76a5b9d75bc..1b7536435f1 100644 +--- a/util/grub.d/10_linux_bls.in ++++ b/util/grub.d/10_linux_bls.in +@@ -216,10 +216,10 @@ linux_entry () + + if [ -d /sys/firmware/efi ]; then + bootefi_device="`${grub_probe} --target=device /boot/efi/`" +- prepare_grub_to_access_device ${bootefi_device} boot ++ prepare_grub_to_access_device_with_variable boot ${bootefi_device} + else + boot_device="`${grub_probe} --target=device /boot/`" +- prepare_grub_to_access_device ${boot_device} boot ++ prepare_grub_to_access_device_with_variable boot ${boot_device} + fi + + populate_header_warn diff --git a/grub.patches b/grub.patches index 4fc5e45..aada811 100644 --- a/grub.patches +++ b/grub.patches @@ -305,3 +305,9 @@ Patch0304: 0304-10_linux_bls-use-to-separate-id-argument-due-a-Petit.patch Patch0305: 0305-grub-set-bootflag-Print-an-error-if-failing-to-read-.patch Patch0306: 0306-10_linux-generate-BLS-section-even-if-no-kernels-are.patch Patch0307: 0307-10_linux-don-t-search-for-OSTree-kernels.patch +Patch0308: 0308-Don-t-duplicate-net-name-string-if-not-needed.patch +Patch0309: 0309-arm-Move-trampolines-into-code-section.patch +Patch0310: 0310-arm-Align-section-alignment-with-manual-relocation-o.patch +Patch0311: 0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch +Patch0312: 0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch +Patch0313: 0313-Preserve-multi-device-workflows.patch diff --git a/grub2.spec b/grub2.spec index 4a2cfd5..173e8cd 100644 --- a/grub2.spec +++ b/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 89%{?dist} +Release: 90%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -518,6 +518,11 @@ rm -r /boot/grub2.tmp/ || : %endif %changelog +* Fri Jul 05 2019 Javier Martinez Canillas - 2.02-90 +- Fix failure to request grub.cfg over HTTP +- Some ARM fixes (pbrobinson) +- Preserve multi-device workflows (Yclept Nemo) + * Thu Jun 27 2019 Javier Martinez Canillas - 2.02-89 - Fix --bls-directory option comment in grub2-switch-to-blscfg man page Resolves: rhbz#1714835