Compare commits

...

15 Commits
master ... f24

Author SHA1 Message Date
Peter Jones
2d2051e9b0 Fix regexp in power compile flags, and synchronize release number with
other branches.

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-12-08 10:38:41 -05:00
Dan Horák
53551178b0 fix typo in regex 2016-12-08 10:36:31 -05:00
Peter Jones
f02e9fb10e Get the actual .spec changes from f25 we need as well.
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-12-06 16:50:36 -05:00
Peter Jones
4a7cefbbee Pull f25 bug fixes into f24
Resolves: rhbz#1292615
  Resolves: rhbz#1261926
  Resolves: rhbz#1226325
  Resolves: rhbz#1347291

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-12-06 16:25:49 -05:00
Peter Jones
c84176a39b update do-rebase for newer git
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-12-06 16:21:11 -05:00
Peter Jones
9a4054fb1c Update ppc64 configure invocation
Resolves: rhbz#1344700
- Make chainloader code work right when shim is absent or disabled
  Resolves: rhbz#1344512

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-06-10 14:24:12 -04:00
Peter Jones
35f33eadc0 Two bug fixes...
- Revert TPM patches, they break some x86 platforms and ppc64
  Resolves: rhbz#1334075
  Resolves: rhbz#1334672
- Chainloading on EFI doesn't work with some bootloaders
  Resolves: rhbz#1320273

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-06-09 15:56:36 -04:00
Peter Jones
2572c167e1 Revert 27e66193, which was replaced by upstream's 49426e9fd
Resolves: rhbz#1251600

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-04-07 11:01:05 -04:00
Peter Jones
8768d236a0 Fix ppc64 build failure on fedora-24
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-04-07 10:42:00 -04:00
Peter Jones
af00b6d03c Pull TPM updates from mjg59.
Resolves: rhbz#1318067

Signed-off-by: Peter Jones <pjones@redhat.com>
2016-04-05 15:33:29 -04:00
Peter Jones
0fa4f490e8 Fix aarch64 build problem.
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-03-08 11:56:14 -05:00
Peter Jones
9bc6276234 Rebased to newer upstream for fedora-24
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-03-07 14:15:26 -05:00
Peter Jones
e229c7b688 Update debuginfo too
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-03-04 19:47:13 -05:00
Peter Jones
133f7eab29 Minor fixup to our bzrignore fix.
Signed-off-by: Peter Jones <pjones@redhat.com>
2016-03-04 19:39:57 -05:00
Peter Jones
83affdbaa1 make the sb thing work 2016-03-04 19:38:41 -05:00
114 changed files with 2771 additions and 2015 deletions

View File

@ -1,28 +0,0 @@
From bf4d21655b4331c9f01e0ccca30a736e0503ce71 Mon Sep 17 00:00:00 2001
From: Gustavo Luiz Duarte <gustavold@linux.vnet.ibm.com>
Date: Tue, 25 Sep 2012 18:40:55 -0400
Subject: [PATCH 01/85] Fix crash on http
Don't free file->data on receiving FIN flag since it is used all over without
checking. http_close() will be called later to free that memory.
https://bugzilla.redhat.com/show_bug.cgi?id=860834
---
grub-core/net/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/net/http.c b/grub-core/net/http.c
index 4684f8b..ef9538c 100644
--- a/grub-core/net/http.c
+++ b/grub-core/net/http.c
@@ -393,7 +393,7 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial)
data->sock = grub_net_tcp_open (file->device->net->server,
HTTP_PORT, http_receive,
- http_err, http_err,
+ http_err, NULL,
file);
if (!data->sock)
{
--
2.5.0

View File

@ -1,7 +1,7 @@
From 93a6fae012cadae03cbf81ebf82ae17894026e2c Mon Sep 17 00:00:00 2001
From e32c57d2abd034cbdea24a8f51de8dbef453bd96 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Thu, 20 Sep 2012 18:07:39 -0300
Subject: [PATCH 07/85] IBM client architecture (CAS) reboot support
Subject: [PATCH 01/90] IBM client architecture (CAS) reboot support
This is an implementation of IBM client architecture (CAS) reboot for GRUB.
@ -25,10 +25,10 @@ parameters
4 files changed, 90 insertions(+)
diff --git a/grub-core/kern/ieee1275/openfw.c b/grub-core/kern/ieee1275/openfw.c
index 5c12157..81276fa 100644
index ddb7783..6db8b98 100644
--- a/grub-core/kern/ieee1275/openfw.c
+++ b/grub-core/kern/ieee1275/openfw.c
@@ -591,3 +591,65 @@ grub_ieee1275_canonicalise_devname (const char *path)
@@ -561,3 +561,65 @@ grub_ieee1275_canonicalise_devname (const char *path)
return NULL;
}
@ -157,7 +157,7 @@ index a8502d9..ab78ca8 100644
{
char *line;
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
index 6d4e7d5..6a21f5d 100644
index 8e42513..9f26c69 100644
--- a/include/grub/ieee1275/ieee1275.h
+++ b/include/grub/ieee1275/ieee1275.h
@@ -234,6 +234,8 @@ int EXPORT_FUNC(grub_ieee1275_devalias_next) (struct grub_ieee1275_devalias *ali
@ -166,9 +166,9 @@ index 6d4e7d5..6a21f5d 100644
struct grub_ieee1275_devalias *alias);
+int EXPORT_FUNC(grub_ieee1275_cas_reboot) (char *script);
+int EXPORT_FUNC(grub_ieee1275_set_boot_last_label) (const char *text);
int EXPORT_FUNC(grub_ieee1275_parse_net_options) (const char *path);
#define FOR_IEEE1275_DEVALIASES(alias) for (grub_ieee1275_devalias_init_iterator (&(alias)); grub_ieee1275_devalias_next (&(alias));)
--
2.5.0
2.9.3

View File

@ -1,16 +1,21 @@
From 297d32d320c94cdea94d8be4d06e6c574a5221f3 Mon Sep 17 00:00:00 2001
From 4f82466e3b1fcf3370d82432e406f51906e1fa46 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Wed, 24 Apr 2013 10:51:48 -0300
Subject: [PATCH 08/85] for ppc, reset console display attr when clear screen
Subject: [PATCH 02/90] for ppc, reset console display attr when clear screen
v2: Also use \x0c instead of a literal ^L to make future patches less
awkward.
This should fix this bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=908519
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/term/terminfo.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c
index f0d3e3d..7cb7909 100644
index f0d3e3d..9bb75c1 100644
--- a/grub-core/term/terminfo.c
+++ b/grub-core/term/terminfo.c
@@ -151,7 +151,7 @@ grub_terminfo_set_current (struct grub_term_output *term,
@ -18,10 +23,10 @@ index f0d3e3d..7cb7909 100644
* ANSI escape sequence. Using video console, Apple Open Firmware
* (version 3.1.1) only recognizes the literal ^L. So use both. */
- data->cls = grub_strdup (" \e[2J");
+ data->cls = grub_strdup (" \e[2J\e[m");
+ data->cls = grub_strdup ("\x0c\e[2J\e[m");
data->reverse_video_on = grub_strdup ("\e[7m");
data->reverse_video_off = grub_strdup ("\e[m");
if (grub_strcmp ("ieee1275", str) == 0)
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 0ca5375206e061c0229301c19d1311f8b0499c11 Mon Sep 17 00:00:00 2001
From 9cff6efa3a7e15a6968fed29a29f38713da864fd Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 11 Jun 2013 15:14:05 -0300
Subject: [PATCH 09/85] Disable GRUB video support for IBM power machines
Subject: [PATCH 03/90] Disable GRUB video support for IBM power machines
Should fix the problem in bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=973205
@ -48,7 +48,7 @@ index 0b150ec..813ab38 100644
GRUB_MOD_FINI(ieee1275_fb)
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
index 6a21f5d..663935d 100644
index 9f26c69..ab4f284 100644
--- a/include/grub/ieee1275/ieee1275.h
+++ b/include/grub/ieee1275/ieee1275.h
@@ -146,6 +146,8 @@ enum grub_ieee1275_flag
@ -61,5 +61,5 @@ index 6a21f5d..663935d 100644
extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag);
--
2.5.0
2.9.3

View File

@ -1,28 +0,0 @@
From eaa05aa39e24bff667f48310871f64f367a78e3b Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Fri, 29 Jan 2016 14:49:24 -0500
Subject: [PATCH 03/85] Failed config now returns exit code (#1252311)
Grub would notify the user if the new config was invalid, however, it
did not exit properly with exit code 1. Added the proper exit code.
Resolves: rhbz#1252311
---
util/grub-mkconfig.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index 203b076..f8496d2 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -273,6 +273,7 @@ Ensure that there are no errors in /etc/default/grub
and /etc/grub.d/* files or please file a bug report with
%s file attached." "${grub_cfg}.new" >&2
echo >&2
+ exit 1
else
# none of the children aborted with error, install the new grub.cfg
mv -f ${grub_cfg}.new ${grub_cfg}
--
2.5.0

View File

@ -1,7 +1,7 @@
From e0bb91aa1752a0a2bc3c4b0bdc4c49430b470ebc Mon Sep 17 00:00:00 2001
From 512fe6865738286c94f87da64ca6b475bc3e2f38 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 7 Jul 2015 10:13:14 -0400
Subject: [PATCH 14/85] Fix bzr's ignore artificats in .gitignore
Subject: [PATCH 04/90] Fix bzr's ignore artificats in .gitignore
We lost a man page because of incompatibilities between bzr's ignore
system and .gitignore, so solve that slightly better.
@ -367,5 +367,5 @@ index 18ab8e8..06c9f3a 100644
-/grub-fs-tester
+xzcompress_test
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 7401bf6fb1f319f6f910391f57680e9794678878 Mon Sep 17 00:00:00 2001
From 7f1ea377390345b8ef7609ad0fa2952708b17e19 Mon Sep 17 00:00:00 2001
From: Marcel Kolaja <mkolaja@redhat.com>
Date: Tue, 21 Jan 2014 10:57:08 -0500
Subject: [PATCH 18/85] Honor a symlink when generating configuration by
Subject: [PATCH 05/90] Honor a symlink when generating configuration by
grub2-mkconfig
Honor a symlink when generating configuration by grub2-mkconfig, so that
@ -25,5 +25,5 @@ index f8496d2..3b070fd 100644
fi
--
2.5.0
2.9.3

View File

@ -0,0 +1,55 @@
From 5b77e510eb6e4b649c53ab0790cdc9fdf0c85be9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 3 Apr 2013 14:35:34 -0400
Subject: [PATCH 06/90] Move bash completion script (#922997)
Apparently these go in a new place now.
---
configure.ac | 11 +++++++++++
util/bash-completion.d/Makefile.am | 1 -
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 9ddfc53..ab9134c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -287,6 +287,14 @@ AC_SUBST(grubdirname)
AC_DEFINE_UNQUOTED(GRUB_DIR_NAME, "$grubdirname",
[Default grub directory name])
+PKG_PROG_PKG_CONFIG
+AS_IF([$($PKG_CONFIG --exists bash-completion)], [
+ bashcompletiondir=$($PKG_CONFIG --variable=completionsdir bash-completion)
+] , [
+ bashcompletiondir=${datadir}/bash-completion/completions
+])
+AC_SUBST(bashcompletiondir)
+
#
# Checks for build programs.
#
@@ -476,6 +484,9 @@ HOST_CFLAGS="$HOST_CFLAGS $grub_cv_cc_w_extra_flags"
# Check for target programs.
#
+# This makes sure pkg.m4 is available.
+m4_pattern_forbid([^_?PKG_[A-Z_]+$],[*** pkg.m4 missing, please install pkg-config])
+
# Find tools for the target.
if test "x$target_alias" != x && test "x$host_alias" != "x$target_alias"; then
tmp_ac_tool_prefix="$ac_tool_prefix"
diff --git a/util/bash-completion.d/Makefile.am b/util/bash-completion.d/Makefile.am
index 136287c..61108f0 100644
--- a/util/bash-completion.d/Makefile.am
+++ b/util/bash-completion.d/Makefile.am
@@ -6,7 +6,6 @@ EXTRA_DIST = $(bash_completion_source)
CLEANFILES = $(bash_completion_script) config.log
-bashcompletiondir = $(sysconfdir)/bash_completion.d
bashcompletion_DATA = $(bash_completion_script)
$(bash_completion_script): $(bash_completion_source) $(top_builddir)/config.status
--
2.9.3

View File

@ -1,7 +1,7 @@
From 78b35097d8647b555deb8ece7ef141587529923d Mon Sep 17 00:00:00 2001
From 579ecb682efc5221b4a13b8009af1731f5349912 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 4 Dec 2014 15:36:09 -0500
Subject: [PATCH 02/85] Update to minilzo-2.08
Subject: [PATCH 07/90] Update to minilzo-2.08
This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow
@ -8786,5 +8786,5 @@ index 74fefa9..7937454 100644
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From beee9fcaeb35cf95c6bcf272034d691235542121 Mon Sep 17 00:00:00 2001
From de423b22780b0fd225a1ee476166777af29d53d0 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 30 Oct 2012 15:19:39 -0200
Subject: [PATCH 06/85] Add vlan-tag support on IBM PPC machines
Subject: [PATCH 08/90] Add vlan-tag support on IBM PPC machines
This patch adds support for virtual LAN (VLAN) tagging. VLAN tagging allows
multiple VLANs in a bridged network to share the same physical network link but
@ -32,7 +32,7 @@ index 1259022..5fa26e1 100644
ptr = canon + grub_strlen (canon) - 1;
while (ptr > canon && (*ptr == ',' || *ptr == ':'))
diff --git a/grub-core/kern/ieee1275/openfw.c b/grub-core/kern/ieee1275/openfw.c
index ddb7783..5c12157 100644
index 6db8b98..81276fa 100644
--- a/grub-core/kern/ieee1275/openfw.c
+++ b/grub-core/kern/ieee1275/openfw.c
@@ -23,6 +23,7 @@
@ -159,22 +159,22 @@ index c397b1b..faaca67 100644
return err;
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
index 8e42513..6d4e7d5 100644
index ab4f284..663935d 100644
--- a/include/grub/ieee1275/ieee1275.h
+++ b/include/grub/ieee1275/ieee1275.h
@@ -234,6 +234,7 @@ int EXPORT_FUNC(grub_ieee1275_devalias_next) (struct grub_ieee1275_devalias *ali
void EXPORT_FUNC(grub_ieee1275_children_peer) (struct grub_ieee1275_devalias *alias);
void EXPORT_FUNC(grub_ieee1275_children_first) (const char *devpath,
@@ -238,6 +238,7 @@ void EXPORT_FUNC(grub_ieee1275_children_first) (const char *devpath,
struct grub_ieee1275_devalias *alias);
int EXPORT_FUNC(grub_ieee1275_cas_reboot) (char *script);
int EXPORT_FUNC(grub_ieee1275_set_boot_last_label) (const char *text);
+int EXPORT_FUNC(grub_ieee1275_parse_net_options) (const char *path);
#define FOR_IEEE1275_DEVALIASES(alias) for (grub_ieee1275_devalias_init_iterator (&(alias)); grub_ieee1275_devalias_next (&(alias));)
diff --git a/include/grub/net.h b/include/grub/net.h
index 4dc066a..96aa9fa 100644
index 2192fa1..6ac9d72 100644
--- a/include/grub/net.h
+++ b/include/grub/net.h
@@ -563,4 +563,6 @@ extern char *grub_net_default_server;
@@ -561,4 +561,6 @@ extern char *grub_net_default_server;
#define GRUB_NET_INTERVAL 400
#define GRUB_NET_INTERVAL_ADDITION 20
@ -182,5 +182,5 @@ index 4dc066a..96aa9fa 100644
+
#endif /* ! GRUB_NET_HEADER */
--
2.5.0
2.9.3

View File

@ -1,21 +1,21 @@
From bc5d351596ec8d95b837e23f9775db6d8bd7fd29 Mon Sep 17 00:00:00 2001
From 196ae5abd961cd64b60d9ab41bfc02d340e8bb6f Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 5 Sep 2014 10:07:04 -0400
Subject: [PATCH 17/85] Allow "fallback" to include entries by title, not just
Subject: [PATCH 09/90] Allow "fallback" to include entries by title, not just
number.
Resolves: rhbz#1026084
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/normal/menu.c | 76 +++++++++++++++++++++++++++++++------------------
1 file changed, 49 insertions(+), 27 deletions(-)
grub-core/normal/menu.c | 85 +++++++++++++++++++++++++++++++++----------------
1 file changed, 58 insertions(+), 27 deletions(-)
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index cd15f04..73a94aa 100644
index 719e2fb..2e8a7bd 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -163,12 +163,35 @@ grub_menu_set_timeout (int timeout)
@@ -163,16 +163,41 @@ grub_menu_set_timeout (int timeout)
}
}
@ -28,7 +28,7 @@ index cd15f04..73a94aa 100644
+ while (1)
+ {
+ if (*ptr2 == '>' && ptr2[1] != '>' && *ptr1 == 0)
+ return 1;
+ return ptr2 - spec;
+ if (*ptr2 == '>' && ptr2[1] != '>')
+ return 0;
+ if (*ptr2 == '>')
@ -36,10 +36,11 @@ index cd15f04..73a94aa 100644
+ if (*ptr1 != *ptr2)
+ return 0;
+ if (*ptr1 == 0)
+ return 1;
+ return ptr1 - id;
+ ptr1++;
+ ptr2++;
+ }
+ return 0;
+}
+
/* Get the first entry number from the value of the environment variable NAME,
@ -52,7 +53,12 @@ index cd15f04..73a94aa 100644
{
const char *val;
char *tail;
@@ -182,9 +205,32 @@ get_and_remove_first_entry_number (const char *name)
int entry;
+ int sz = 0;
val = grub_env_get (name);
if (! val)
@@ -182,9 +207,39 @@ get_and_remove_first_entry_number (const char *name)
entry = (int) grub_strtoul (val, &tail, 0);
@ -62,12 +68,13 @@ index cd15f04..73a94aa 100644
+ grub_menu_entry_t e = menu->entry_list;
+ int i;
+
+ grub_errno = GRUB_ERR_NONE;
+
+ for (i = 0; e; i++)
+ {
+ if (menuentry_eq (e->title, val)
+ || menuentry_eq (e->id, val))
+ sz = menuentry_eq (e->title, val);
+ if (sz < 1)
+ sz = menuentry_eq (e->id, val);
+
+ if (sz >= 1)
+ {
+ entry = i;
+ break;
@ -75,6 +82,9 @@ index cd15f04..73a94aa 100644
+ e = e->next;
+ }
+
+ if (sz > 0)
+ grub_errno = GRUB_ERR_NONE;
+
+ if (! e)
+ entry = -1;
+ }
@ -82,11 +92,14 @@ index cd15f04..73a94aa 100644
if (grub_errno == GRUB_ERR_NONE)
{
- /* Skip whitespace to find the next digit. */
+ if (sz > 0)
+ tail += sz;
+
+ /* Skip whitespace to find the next entry. */
while (*tail && grub_isspace (*tail))
tail++;
grub_env_set (name, tail);
@@ -347,7 +393,7 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
@@ -347,7 +402,7 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
grub_menu_execute_entry (entry, 1);
/* Deal with fallback entries. */
@ -95,7 +108,7 @@ index cd15f04..73a94aa 100644
>= 0)
{
grub_print_error ();
@@ -465,30 +511,6 @@ grub_menu_register_viewer (struct grub_menu_viewer *viewer)
@@ -465,30 +520,6 @@ grub_menu_register_viewer (struct grub_menu_viewer *viewer)
viewers = viewer;
}
@ -127,5 +140,5 @@ index cd15f04..73a94aa 100644
static int
get_entry_number (grub_menu_t menu, const char *name)
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 73545c78c604559e2af231f1b526265ba15c3839 Mon Sep 17 00:00:00 2001
From 8f405e93871ad51cd9ab4dfdea844042a33fa7f0 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 4 Sep 2014 16:49:25 -0400
Subject: [PATCH 20/85] Add GRUB_DISABLE_UUID.
Subject: [PATCH 10/90] Add GRUB_DISABLE_UUID.
This will cause "search --fs-uuid --set=root ..." not to be generated by
grub2-mkconfig, and instead simply attempt to use the grub device name
@ -95,5 +95,5 @@ index 60b31ca..cf35e41 100644
else
echo $device |sed 's, ,_,g'
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 1f1a695cc6dedd19ecb7ff50c66a8f57d50e362b Mon Sep 17 00:00:00 2001
From 6879936079d17ace35cebcab787f7fb9f8cd205e Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 26 Feb 2014 21:49:12 -0500
Subject: [PATCH 12/85] Make "exit" take a return code.
Subject: [PATCH 11/90] Make "exit" take a return code.
This adds "exit" with a return code. With this patch, any "exit"
command /may/ include a return code, and on platforms that support
@ -12,6 +12,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/commands/minicmd.c | 20 ++++++++++++++++----
grub-core/kern/efi/efi.c | 9 +++++++--
grub-core/kern/emu/main.c | 2 +-
grub-core/kern/emu/misc.c | 5 +++--
grub-core/kern/i386/coreboot/init.c | 2 +-
grub-core/kern/i386/qemu/init.c | 2 +-
@ -23,7 +24,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
grub-core/kern/uboot/init.c | 6 +++---
grub-core/kern/xen/init.c | 2 +-
include/grub/misc.h | 2 +-
13 files changed, 38 insertions(+), 20 deletions(-)
14 files changed, 39 insertions(+), 21 deletions(-)
diff --git a/grub-core/commands/minicmd.c b/grub-core/commands/minicmd.c
index a3a1182..b25ca4b 100644
@ -81,6 +82,19 @@ index caf9bcc..101307f 100644
for (;;) ;
}
diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c
index f91280f..34634d3 100644
--- a/grub-core/kern/emu/main.c
+++ b/grub-core/kern/emu/main.c
@@ -66,7 +66,7 @@ grub_reboot (void)
}
void
-grub_exit (void)
+grub_exit (int retval __attribute__((unused)))
{
grub_reboot ();
}
diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
index d361feb..331fa62 100644
--- a/grub-core/kern/emu/misc.c
@ -241,5 +255,5 @@ index 2a9f87c..0620814 100644
grub_uint64_t d,
grub_uint64_t *r);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From cb62c40cb96d103e5675dc25ca17a38226e91305 Mon Sep 17 00:00:00 2001
From ef756db92dd4f47ed4bb4aede86d33326b0b9188 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 22 Jul 2015 11:21:01 -0400
Subject: [PATCH 13/85] Mark po/exclude.pot as binary so git won't try to diff
Subject: [PATCH 12/90] Mark po/exclude.pot as binary so git won't try to diff
nonprintables.
Signed-off-by: Peter Jones <pjones@redhat.com>
@ -18,5 +18,5 @@ index 0000000..33ffaa4
@@ -0,0 +1 @@
+po/exclude.pot binary
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 05f2dc34ddf1bd0ce75edfedfa68236c51165350 Mon Sep 17 00:00:00 2001
From e14c5369fea76d1e067ca9f7e5e55bfe615cb639 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 7 Dec 2015 14:20:49 -0500
Subject: [PATCH 11/85] Make efi machines load an env block from a variable
Subject: [PATCH 13/90] Make efi machines load an env block from a variable
Signed-off-by: Peter Jones <pjones@redhat.com>
---
@ -80,5 +80,5 @@ index e9c85de..a5b6c1d 100644
char **path);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 836b528eed2671f3014f4d0983377ca69dc0fec1 Mon Sep 17 00:00:00 2001
From 12fb24b4d8a8f0fd7f79bc224157c290ebab31f4 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 27 Nov 2012 17:18:53 -0200
Subject: [PATCH 04/85] DHCP client ID and UUID options added.
Subject: [PATCH 14/90] DHCP client ID and UUID options added.
---
grub-core/net/bootp.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++-----
@ -9,7 +9,7 @@ Subject: [PATCH 04/85] DHCP client ID and UUID options added.
2 files changed, 81 insertions(+), 8 deletions(-)
diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
index a088244..4532177 100644
index 189551a..a9c8f47 100644
--- a/grub-core/net/bootp.c
+++ b/grub-core/net/bootp.c
@@ -25,6 +25,49 @@
@ -112,7 +112,7 @@ index a088244..4532177 100644
/* If you need any other options please contact GRUB
development team. */
}
@@ -295,14 +374,6 @@ grub_net_process_dhcp (struct grub_net_buff *nb,
@@ -298,14 +377,6 @@ grub_net_process_dhcp (struct grub_net_buff *nb,
}
}
@ -128,7 +128,7 @@ index a088244..4532177 100644
grub_cmd_dhcpopt (struct grub_command *cmd __attribute__ ((unused)),
int argc, char **args)
diff --git a/include/grub/net.h b/include/grub/net.h
index 2192fa1..4dc066a 100644
index 6ac9d72..96aa9fa 100644
--- a/include/grub/net.h
+++ b/include/grub/net.h
@@ -456,6 +456,8 @@ enum
@ -141,5 +141,5 @@ index 2192fa1..4dc066a 100644
};
--
2.5.0
2.9.3

View File

@ -1,80 +0,0 @@
From ecaecc9bc12a86a64bffeb64879c621da10d5136 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 7 Jul 2015 12:04:28 -0400
Subject: [PATCH 15/85] Add some __unused__ where gcc 5.x is more picky about
it.
With some build flags, gcc 5.x throws more warnings about __unused__ not
being present than older compilers did. This patch adds the annotation.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/gettext/gettext.c | 10 +++++-----
grub-core/normal/menu.c | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index 4880cef..1b1986f 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -434,7 +434,7 @@ static char *
grub_gettext_env_write_lang (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, val, grub_env_get ("locale_dir"),
grub_env_get ("prefix"));
if (err)
@@ -451,7 +451,7 @@ grub_gettext_env_write_lang (struct grub_env_var *var
void
grub_gettext_reread_prefix (const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"),
grub_env_get ("locale_dir"),
val);
@@ -463,7 +463,7 @@ static char *
read_main (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"), val,
grub_env_get ("prefix"));
if (err)
@@ -475,7 +475,7 @@ static char *
read_secondary (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&secondary_context, grub_env_get ("lang"), val,
0);
if (err)
@@ -500,7 +500,7 @@ grub_cmd_translate (grub_command_t cmd __attribute__ ((unused)),
GRUB_MOD_INIT (gettext)
{
const char *lang;
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
lang = grub_env_get ("lang");
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index 719e2fb..cd15f04 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -807,7 +807,7 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
/* Callback invoked immediately before a menu entry is executed. */
static void
-notify_booting (grub_menu_entry_t entry,
+notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
void *userdata __attribute__((unused)))
{
grub_printf (" ");
--
2.5.0

View File

@ -1,7 +1,7 @@
From eb1adf51b18aaa62078bddf91439ca054b6f7965 Mon Sep 17 00:00:00 2001
From a6f4624278357f853e3e8888e538eb0ef3654556 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Wed, 5 Feb 2014 09:42:42 -0200
Subject: [PATCH 05/85] trim arp packets with abnormal size
Subject: [PATCH 15/90] trim arp packets with abnormal size
GRUB uses arp request to create the arp response. If the incoming packet
is foobared, GRUB needs to trim the arp response packet before sending it.
@ -27,5 +27,5 @@ index 4b68c41..f7c59d3 100644
struct grub_net_buff nb_reply;
struct arppkt *arp_reply;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 5212412d2c54f112cb68aa5dfc4711abdec9ce94 Mon Sep 17 00:00:00 2001
From c22139b340f1a306ad718646a4cd4bc1d4039d7b Mon Sep 17 00:00:00 2001
From: Prarit Bhargava <prarit@redhat.com>
Date: Wed, 12 Mar 2014 10:58:16 -0400
Subject: [PATCH 19/85] Fix bad test on GRUB_DISABLE_SUBMENU.
Subject: [PATCH 16/90] Fix bad test on GRUB_DISABLE_SUBMENU.
The file /etc/grub.d/10_linux does
@ -20,7 +20,7 @@ Resolves: rhbz#1063414
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 5a78513..6f835b7 100644
index de9044c..cf6331f 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -224,7 +224,11 @@ while [ "x$list" != "x" ] ; do
@ -37,5 +37,5 @@ index 5a78513..6f835b7 100644
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
--
2.5.0
2.9.3

View File

@ -1,26 +0,0 @@
From e704140ffbdc0bbe0cf9ddc66f1ffe51018078ae Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 3 Apr 2013 14:35:34 -0400
Subject: [PATCH 16/85] Move bash completion script (#922997)
Apparently these go in a new place now.
---
util/bash-completion.d/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/bash-completion.d/Makefile.am b/util/bash-completion.d/Makefile.am
index 136287c..0bcdb06 100644
--- a/util/bash-completion.d/Makefile.am
+++ b/util/bash-completion.d/Makefile.am
@@ -6,7 +6,7 @@ EXTRA_DIST = $(bash_completion_source)
CLEANFILES = $(bash_completion_script) config.log
-bashcompletiondir = $(sysconfdir)/bash_completion.d
+bashcompletiondir = $(datarootdir)/bash-completion/completions
bashcompletion_DATA = $(bash_completion_script)
$(bash_completion_script): $(bash_completion_source) $(top_builddir)/config.status
--
2.5.0

View File

@ -1,7 +1,7 @@
From 2f3c6669c5f8d0255e6103508eb71667d8dec158 Mon Sep 17 00:00:00 2001
From f0daa044a90c508f8f60d23e5ef39597ec80c2cc Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Wed, 12 Jun 2013 11:51:49 -0400
Subject: [PATCH 10/85] Add support for UEFI operating systems returned by
Subject: [PATCH 17/90] Add support for UEFI operating systems returned by
os-prober
os-prober returns UEFI operating systems in the form:
@ -46,5 +46,5 @@ index 515a68c..9b8f596 100644
esac
done
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From c6addd5bf471e6596f6c180a8d83a31df59c6d69 Mon Sep 17 00:00:00 2001
From 0e433858169473aa7a042c28dd6f0d4e1adab8d7 Mon Sep 17 00:00:00 2001
From: Mark Hamzy <hamzy@us.ibm.com>
Date: Wed, 28 Mar 2012 14:46:41 -0500
Subject: [PATCH 22/85] Migrate PPC from Yaboot to Grub2
Subject: [PATCH 18/90] Migrate PPC from Yaboot to Grub2
Add configuration support for serial terminal consoles. This will set the
maximum screen size so that text is not overwritten.
@ -12,7 +12,7 @@ maximum screen size so that text is not overwritten.
create mode 100644 util/grub.d/20_ppc_terminfo.in
diff --git a/Makefile.util.def b/Makefile.util.def
index ed9b4c6..dfd48fc 100644
index f9caccb..6d452da 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -487,6 +487,13 @@ script = {
@ -150,5 +150,5 @@ index 0000000..10d6658
+ terminfo -g ${X}x${Y} ${TERMINAL}
+EOF
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From a0c5493ead025948d40154dde08cb8504a1c840c Mon Sep 17 00:00:00 2001
From fdc52554d998170f56ed45856082f4a3bfeb3e2a Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Wed, 19 Sep 2012 21:22:55 -0300
Subject: [PATCH 23/85] Add fw_path variable (revised)
Subject: [PATCH 19/90] Add fw_path variable (revised)
This patch makes grub look for its config file on efi where the app was
found. It was originally written by Matthew Garrett, and adapted to fix the
@ -77,5 +77,5 @@ index 249e19b..759c475 100644
prefix = grub_env_get ("prefix");
if (prefix)
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From e7f9069fb31f0b112d7cd56872253287ab8c99a5 Mon Sep 17 00:00:00 2001
From a64179016df64b72cc956fd6085ca3ed1a41baac Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg@redhat.com>
Date: Tue, 10 Jul 2012 11:58:52 -0400
Subject: [PATCH 24/85] Add support for linuxefi
Subject: [PATCH 20/90] Add support for linuxefi
---
grub-core/Makefile.core.def | 8 +
@ -478,5 +478,5 @@ index da0ca3b..fc36bda 100644
/* Boot parameters for Linux based on 2.6.12. This is used by the setup
--
2.5.0
2.9.3

View File

@ -1,14 +1,14 @@
From 8c186e1142ec99ecde320a673cb72cbbcaa98936 Mon Sep 17 00:00:00 2001
From 5894e3bfaf055554c786b4c1a9452d4e3bb9f568 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 16 Jul 2012 18:57:11 -0400
Subject: [PATCH 25/85] Use "linuxefi" and "initrdefi" where appropriate.
Subject: [PATCH 21/90] Use "linuxefi" and "initrdefi" where appropriate.
---
util/grub.d/10_linux.in | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 6f835b7..c41a9ca 100644
index cf6331f..8ccf012 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -129,17 +129,31 @@ linux_entry ()
@ -46,5 +46,5 @@ index 6f835b7..c41a9ca 100644
sed "s/^/$submenu_indentation/" << EOF
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From b231f595542985cba4fb6c079e0d1ee82fc5983c Mon Sep 17 00:00:00 2001
From 9d70f7f9a356d965ed48963e2ead12af8de97615 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@ubuntu.com>
Date: Tue, 23 Oct 2012 10:40:49 -0400
Subject: [PATCH 26/85] Don't allow insmod when secure boot is enabled.
Subject: [PATCH 22/90] Don't allow insmod when secure boot is enabled.
Hi,
@ -17,16 +17,23 @@ I'm currently test-building this patch (replacing your current
grub-2.00-no-insmod-on-sb.patch), but this should be more correct. It
moves the check into grub_dl_load_file.
---
grub-core/kern/dl.c | 21 +++++++++++++++++++++
grub-core/kern/dl.c | 22 ++++++++++++++++++++++
grub-core/kern/efi/efi.c | 28 ++++++++++++++++++++++++++++
include/grub/efi/efi.h | 1 +
3 files changed, 50 insertions(+)
3 files changed, 51 insertions(+)
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
index e394cd9..04e804d 100644
index e394cd9..6210709 100644
--- a/grub-core/kern/dl.c
+++ b/grub-core/kern/dl.c
@@ -38,6 +38,14 @@
@@ -32,12 +32,21 @@
#include <grub/env.h>
#include <grub/cache.h>
#include <grub/i18n.h>
+#include <grub/efi/sb.h>
/* Platforms where modules are in a readonly area of memory. */
#if defined(GRUB_MACHINE_QEMU)
#define GRUB_MODULES_MACHINE_READONLY
#endif
@ -41,7 +48,7 @@ index e394cd9..04e804d 100644
#pragma GCC diagnostic ignored "-Wcast-align"
@@ -686,6 +694,19 @@ grub_dl_load_file (const char *filename)
@@ -686,6 +695,19 @@ grub_dl_load_file (const char *filename)
void *core = 0;
grub_dl_t mod = 0;
@ -113,5 +120,5 @@ index 9a2da0e..2245632 100644
EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1,
const grub_efi_device_path_t *dp2);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From ed9658a2d5f703e68e098b19726ef162e6c755b7 Mon Sep 17 00:00:00 2001
From c2a19ee447623af8765254b87ff83cbb5b8253bc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 1 Oct 2012 13:24:37 -0400
Subject: [PATCH 27/85] Pass "\x[[:hex:]][[:hex:]]" straight through
Subject: [PATCH 23/90] Pass "\x[[:hex:]][[:hex:]]" straight through
unmolested.
---
@ -179,5 +179,5 @@ index ab78ca8..cf6cd66 100644
case '$':
if (escaped)
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 356b0c4cb947c5f7983cfe8a4cc1e89e8118f4c2 Mon Sep 17 00:00:00 2001
From c482ec700b2ba4b1fabccaa5848cccae466d3a12 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 27 Nov 2012 16:58:39 -0200
Subject: [PATCH 21/85] Add %X option to printf functions.
Subject: [PATCH 24/90] Add %X option to printf functions.
---
grub-core/kern/misc.c | 7 +++++--
@ -54,5 +54,5 @@ index 6bb0351..81be344 100644
case 'd':
{
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From a4b155fe619747aeb5eac12ca02d3cec83532756 Mon Sep 17 00:00:00 2001
From 70a8c5e075d59ec13fdee4c3868b3862a8cd8aa4 Mon Sep 17 00:00:00 2001
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
Date: Tue, 27 Nov 2012 17:22:07 -0200
Subject: [PATCH 28/85] Search for specific config file for netboot
Subject: [PATCH 25/90] Search for specific config file for netboot
This patch implements a search for a specific configuration when the config
file is on a remoteserver. It uses the following order:
@ -22,10 +22,10 @@ https://bugzilla.redhat.com/show_bug.cgi?id=873406
3 files changed, 135 insertions(+), 4 deletions(-)
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
index 9424595..e53d9a0 100644
index 10773fc..0769bf8 100644
--- a/grub-core/net/net.c
+++ b/grub-core/net/net.c
@@ -1725,6 +1725,124 @@ grub_net_restore_hw (void)
@@ -1735,6 +1735,124 @@ grub_net_restore_hw (void)
return GRUB_ERR_NONE;
}
@ -199,5 +199,5 @@ index 96aa9fa..e13ae1e 100644
+
#endif /* ! GRUB_NET_HEADER */
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 14812d576121fdc90b05ede5d1f30075b4ab2396 Mon Sep 17 00:00:00 2001
From 8992c2812e1e914e803429314b9164a19af4398b Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Tue, 22 Jan 2013 06:31:38 +0100
Subject: [PATCH 29/85] blscfg: add blscfg module to parse Boot Loader
Subject: [PATCH 26/90] blscfg: add blscfg module to parse Boot Loader
Specification snippets
http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
@ -247,5 +247,5 @@ index 0000000..4274aca
+ grub_unregister_extcmd (cmd);
+}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 83a711aa32c98578a9a38c71eef6659fe4cc90a7 Mon Sep 17 00:00:00 2001
From 3e83ff704af9a967fa55d60cc3917bc4ccd85f32 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Wed, 15 May 2013 13:30:20 -0400
Subject: [PATCH 30/85] Don't write messages to the screen
Subject: [PATCH 27/90] Don't write messages to the screen
Writing messages to the screen before the menus or boot splash
happens so quickly it looks like something is wrong and isn't
@ -9,10 +9,10 @@ very appealing.
---
grub-core/boot/i386/pc/boot.S | 3 ---
grub-core/boot/i386/pc/diskboot.S | 5 -----
grub-core/gettext/gettext.c | 15 ---------------
grub-core/gettext/gettext.c | 25 +++++--------------------
grub-core/kern/main.c | 5 -----
util/grub.d/10_linux.in | 7 -------
5 files changed, 35 deletions(-)
5 files changed, 5 insertions(+), 40 deletions(-)
diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S
index 2bd0b2d..ea167fe 100644
@ -45,11 +45,15 @@ index 1ee4cf5..c8b87ed 100644
movw $LOCAL(firstlist), %di
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index 1b1986f..b22e1bc 100644
index 4880cef..b22e1bc 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -437,13 +437,9 @@ grub_gettext_env_write_lang (struct grub_env_var *var
grub_err_t __attribute__((__unused__)) err;
@@ -434,16 +434,12 @@ static char *
grub_gettext_env_write_lang (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, val, grub_env_get ("locale_dir"),
grub_env_get ("prefix"));
- if (err)
@ -62,7 +66,12 @@ index 1b1986f..b22e1bc 100644
return grub_strdup (val);
}
@@ -455,8 +451,6 @@ grub_gettext_reread_prefix (const char *val)
@@ -451,23 +447,19 @@ grub_gettext_env_write_lang (struct grub_env_var *var
void
grub_gettext_reread_prefix (const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"),
grub_env_get ("locale_dir"),
val);
@ -71,8 +80,11 @@ index 1b1986f..b22e1bc 100644
}
static char *
@@ -466,8 +460,6 @@ read_main (struct grub_env_var *var
grub_err_t __attribute__((__unused__)) err;
read_main (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"), val,
grub_env_get ("prefix"));
- if (err)
@ -80,8 +92,12 @@ index 1b1986f..b22e1bc 100644
return grub_strdup (val);
}
@@ -478,9 +470,6 @@ read_secondary (struct grub_env_var *var
grub_err_t __attribute__((__unused__)) err;
@@ -475,12 +467,9 @@ static char *
read_secondary (struct grub_env_var *var
__attribute__ ((unused)), const char *val)
{
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
err = grub_gettext_init_ext (&secondary_context, grub_env_get ("lang"), val,
0);
- if (err)
@ -90,7 +106,14 @@ index 1b1986f..b22e1bc 100644
return grub_strdup (val);
}
@@ -506,12 +495,8 @@ GRUB_MOD_INIT (gettext)
@@ -500,18 +489,14 @@ grub_cmd_translate (grub_command_t cmd __attribute__ ((unused)),
GRUB_MOD_INIT (gettext)
{
const char *lang;
- grub_err_t err;
+ grub_err_t __attribute__((__unused__)) err;
lang = grub_env_get ("lang");
err = grub_gettext_init_ext (&main_context, lang, grub_env_get ("locale_dir"),
grub_env_get ("prefix"));
@ -120,7 +143,7 @@ index 8ab7794..da47b18 100644
grub_boot_time ("Before loading embedded modules.");
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index c41a9ca..74f5f29 100644
index 8ccf012..a3d9711 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -128,29 +128,22 @@ linux_entry ()
@ -154,5 +177,5 @@ index c41a9ca..74f5f29 100644
EOF
fi
--
2.5.0
2.9.3

View File

@ -0,0 +1,45 @@
From 9bd3d2fb49a6b8e3807ce7275876fd4b416545c9 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Wed, 15 May 2013 13:53:48 -0400
Subject: [PATCH 28/90] Don't print GNU GRUB header
No one cares.
---
grub-core/normal/main.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index b2654ef..f57b750 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -202,15 +202,16 @@ read_config_file (const char *config)
/* Initialize the screen. */
void
grub_normal_init_page (struct grub_term_output *term,
- int y)
+ int y __attribute__((__unused__)))
{
+ grub_term_cls (term);
+
+#if 0
grub_ssize_t msg_len;
int posx;
char *msg_formatted;
grub_uint32_t *unicode_msg;
grub_uint32_t *last_position;
-
- grub_term_cls (term);
msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION);
if (!msg_formatted)
@@ -235,6 +236,7 @@ grub_normal_init_page (struct grub_term_output *term,
grub_putcode ('\n', term);
grub_putcode ('\n', term);
grub_free (unicode_msg);
+#endif
}
static void
--
2.9.3

View File

@ -1,7 +1,7 @@
From b8293967f7455f70a3f586f5583d7a9e5cc6772c Mon Sep 17 00:00:00 2001
From dd2c80ddd0e5e57b33a9d06894225e629b1b8b5e Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Wed, 15 May 2013 17:49:45 -0400
Subject: [PATCH 32/85] Don't add '*' to highlighted row
Subject: [PATCH 29/90] Don't add '*' to highlighted row
It is already highlighted.
---
@ -22,5 +22,5 @@ index e22bb91..a3d1f23 100644
grub_print_ucs4_menu (unicode_title,
unicode_title + len,
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 6b0f11d8c752b5a7b5030e2cd19ba3b78b7dd901 Mon Sep 17 00:00:00 2001
From 4cc90ad7d495b896e0b6b2677285ced8ce70cee1 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 11:09:04 -0400
Subject: [PATCH 33/85] Message string cleanups
Subject: [PATCH 30/90] Message string cleanups
Make use of terminology consistent. Remove jargon.
---
@ -67,5 +67,5 @@ index a3d1f23..64a8386 100644
{
grub_print_error ();
--
2.5.0
2.9.3

View File

@ -1,33 +0,0 @@
From 4a5b10c4083c9b99aed2e98577e7634b74c250d9 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Wed, 15 May 2013 13:53:48 -0400
Subject: [PATCH 31/85] Don't print GNU GRUB header
No one cares.
---
grub-core/normal/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index b2654ef..3af349d 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -212,6 +212,7 @@ grub_normal_init_page (struct grub_term_output *term,
grub_term_cls (term);
+#if 0
msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION);
if (!msg_formatted)
return;
@@ -235,6 +236,7 @@ grub_normal_init_page (struct grub_term_output *term,
grub_putcode ('\n', term);
grub_putcode ('\n', term);
grub_free (unicode_msg);
+#endif
}
static void
--
2.5.0

View File

@ -1,7 +1,7 @@
From a31995777db4d7603e0cd901a4a643812e023f51 Mon Sep 17 00:00:00 2001
From ee01481e906071d01649b61925eaac0348f9a9a7 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 14:08:23 -0400
Subject: [PATCH 34/85] Fix border spacing now that we aren't displaying it
Subject: [PATCH 31/90] Fix border spacing now that we aren't displaying it
---
grub-core/normal/menu_text.c | 6 +++---
@ -28,5 +28,5 @@ index 64a8386..1062d64 100644
geo->timeout_lines = 2;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 2a01b399c5c73096ae372eb1f342b8a0f8f47030 Mon Sep 17 00:00:00 2001
From 748c629f47f4191c66011646e010cdf5ab506b90 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 14:08:49 -0400
Subject: [PATCH 35/85] Use the correct indentation for the term help text
Subject: [PATCH 32/90] Use the correct indentation for the term help text
That is consistent with the menu help text
---
@ -9,7 +9,7 @@ That is consistent with the menu help text
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 3af349d..d98e868 100644
index f57b750..0ce59fd 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -426,8 +426,8 @@ grub_normal_reader_init (int nested)
@ -24,5 +24,5 @@ index 3af349d..d98e868 100644
grub_print_message_indented (msg_formatted, 0, 0, term);
grub_putcode ('\n', term);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From f670c1c2e4a55188b3654aaac307e20a6c896796 Mon Sep 17 00:00:00 2001
From 93092c8a33db0cb36392c9684a60c12fbc823554 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 14:30:55 -0400
Subject: [PATCH 36/85] Indent menu entries
Subject: [PATCH 33/90] Indent menu entries
---
grub-core/normal/menu_text.c | 3 ++-
@ -22,5 +22,5 @@ index 1062d64..ecc60f9 100644
grub_print_ucs4_menu (unicode_title,
unicode_title + len,
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 397d978c51b6ac1db63e05de786334ceb6a40636 Mon Sep 17 00:00:00 2001
From ee7064d8667cf51d12f2cc5ead9b428446c563ad Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 14:59:36 -0400
Subject: [PATCH 37/85] Fix margins
Subject: [PATCH 34/90] Fix margins
---
grub-core/normal/menu_text.c | 8 +++-----
@ -33,5 +33,5 @@ index ecc60f9..0e43f2c 100644
- geo->timeout_lines /* timeout */
- 1 /* empty final line */;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From b5566d5a3ee9ada0c397102bd51887c7e0d7305f Mon Sep 17 00:00:00 2001
From 712f456d542ec913c4a5bc13f86443f79912cbf3 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 21 Jun 2013 14:44:08 -0400
Subject: [PATCH 38/85] Use -2 instead of -1 for our right-hand margin, so
Subject: [PATCH 35/90] Use -2 instead of -1 for our right-hand margin, so
linewrapping works (#976643).
Signed-off-by: Peter Jones <grub2-owner@fedoraproject.org>
@ -23,5 +23,5 @@ index 0e43f2c..537d4bf 100644
geo->first_entry_y = 3; /* three empty lines*/
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 2366e7d0b5915ca44930a682258a0a913269befc Mon Sep 17 00:00:00 2001
From aedb9655a10717fe3678a9e2fc720b55f5b0ffbc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 28 Oct 2013 10:05:07 -0400
Subject: [PATCH 39/85] Use linux16 when appropriate (#880840)
Subject: [PATCH 36/90] Use linux16 when appropriate (#880840)
The kernel group really would prefer that we use the 16 bit entry point
on x86 bios machines.
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 74f5f29..5b49dcb 100644
index a3d9711..f3bf6ac 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -76,6 +76,11 @@ linux_entry ()
@ -48,5 +48,5 @@ index 74f5f29..5b49dcb 100644
fi
fi
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 0c2e9a7c6f7f781542d3a94a5fc9b0b8ce435cd2 Mon Sep 17 00:00:00 2001
From 0b72348759eaec7d1d488e9788e724a2d48ce3f7 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 28 Oct 2013 10:09:27 -0400
Subject: [PATCH 40/85] Enable pager by default. (#985860)
Subject: [PATCH 37/90] Enable pager by default. (#985860)
Signed-off-by: Peter Jones <pjones@redhat.com>
---
@ -22,5 +22,5 @@ index 93a9023..858b526 100644
load_env
fi
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 9cbaea1b39567552e4e103cb35a7c18fdc36395a Mon Sep 17 00:00:00 2001
From 55d0f5f5fdecfab6c8439520491e08a0178bd5dc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 28 Oct 2013 10:13:27 -0400
Subject: [PATCH 41/85] F10 doesn't work on serial, so don't tell the user to
Subject: [PATCH 38/90] F10 doesn't work on serial, so don't tell the user to
hit it (#987443)
Signed-off-by: Peter Jones <pjones@redhat.com>
@ -23,5 +23,5 @@ index 537d4bf..452d55b 100644
STANDARD_MARGIN, STANDARD_MARGIN,
term, dry_run);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From af21e1092f7b99e1815b5a4653a15586580fd398 Mon Sep 17 00:00:00 2001
From d110064c73c1604b07cdaa3d41751074b2701142 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 14 Mar 2011 14:27:42 -0400
Subject: [PATCH 42/85] Don't say "GNU/Linux" in generated menus.
Subject: [PATCH 39/90] Don't say "GNU/Linux" in generated menus.
---
util/grub.d/10_linux.in | 4 ++--
@ -9,7 +9,7 @@ Subject: [PATCH 42/85] Don't say "GNU/Linux" in generated menus.
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 5b49dcb..d54b982 100644
index f3bf6ac..ef52cf3 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
@ -25,7 +25,7 @@ index 5b49dcb..d54b982 100644
fi
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
index 46045db..002e11d 100644
index c48af94..25e3c41 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
@ -41,5 +41,5 @@ index 46045db..002e11d 100644
fi
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 7874cc5b2a72249ec7bdea308cc7f689428a8714 Mon Sep 17 00:00:00 2001
From fbd9d8969c059d6e5572b1acfa42ba48bc4299e2 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Wed, 15 May 2013 16:47:33 -0400
Subject: [PATCH 43/85] Don't draw a border around the menu
Subject: [PATCH 40/90] Don't draw a border around the menu
It looks cleaner without it.
---
@ -70,5 +70,5 @@ index 452d55b..1ed2bd9 100644
grub_term_highlight_color = old_color_highlight;
geo->timeout_y = geo->first_entry_y + geo->num_entries
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From c18188e88655d8404dc1687b5a5c4e3ae1a01c7c Mon Sep 17 00:00:00 2001
From 3aeba4760755b9b263ed4ba60dc0431352b63fe7 Mon Sep 17 00:00:00 2001
From: William Jon McCann <william.jon.mccann@gmail.com>
Date: Fri, 7 Jun 2013 10:52:32 -0400
Subject: [PATCH 44/85] Use the standard margin for the timeout string
Subject: [PATCH 41/90] Use the standard margin for the timeout string
So that it aligns with the other messages
---
@ -39,5 +39,5 @@ index 1ed2bd9..7681f7d 100644
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 5baee32f7f9771fe64fa0cdf6e49cd4f6158487a Mon Sep 17 00:00:00 2001
From 333159a74035a726841c6c888f43d983a40ed959 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Mon, 13 Jan 2014 21:50:59 -0500
Subject: [PATCH 45/85] Add .eh_frame to list of relocations stripped
Subject: [PATCH 42/90] Add .eh_frame to list of relocations stripped
---
conf/Makefile.common | 2 +-
@ -21,5 +21,5 @@ index 11296b5..a476ab5 100644
CFLAGS_MODULE = $(CFLAGS_PLATFORM) -ffreestanding
LDFLAGS_MODULE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From ba2e29130c54c0082f2b9a6719e891c1a7397a03 Mon Sep 17 00:00:00 2001
From 5fa65416bae89efb88015e72cb21c28fe3833fc8 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 14 Jan 2014 13:12:23 -0500
Subject: [PATCH 46/85] Make 10_linux work with our changes for linux16 and
Subject: [PATCH 43/90] Make 10_linux work with our changes for linux16 and
linuxefi on aarch64
Signed-off-by: Peter Jones <pjones@redhat.com>
@ -10,7 +10,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 28 insertions(+), 3 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index d54b982..ab9d32d 100644
index ef52cf3..191aebe 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -77,8 +77,18 @@ linux_entry ()
@ -81,5 +81,5 @@ index d54b982..ab9d32d 100644
for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
if test -e "${i}" ; then
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 7c437680ba85ea5b1a7c98fd2b2e9ff8ddb00a1e Mon Sep 17 00:00:00 2001
From e89fd78bb3f62064d930c82ad14cd490166d1a2c Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 14 Jan 2014 16:15:46 -0500
Subject: [PATCH 47/85] Don't print during fdt loading method.
Subject: [PATCH 44/90] Don't print during fdt loading method.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
@ -9,7 +9,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 2 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index ab9d32d..04179d9 100644
index 191aebe..452a9f6 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -164,9 +164,7 @@ EOF
@ -23,5 +23,5 @@ index ab9d32d..04179d9 100644
EOF
fi
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 633be1409c09df43142eb1310234ff9ebfe0dc62 Mon Sep 17 00:00:00 2001
From 7683e149c587abf2d35de11c39ddb0810572b2e4 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Mon, 30 Jun 2014 14:16:46 -0400
Subject: [PATCH 48/85] Don't munge raw spaces when we're doing our cmdline
Subject: [PATCH 45/90] Don't munge raw spaces when we're doing our cmdline
escaping (#923374)
Signed-off-by: Peter Jones <pjones@redhat.com>
@ -32,5 +32,5 @@ index 0a5b2af..970ea86 100644
{
*buf++ = *c++;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 030328c1b5d1266d5f664dafd6af52d765dbe3b0 Mon Sep 17 00:00:00 2001
From 8a11a21d904e7e823ee6f17faedbf45a8e28044a Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 11 Feb 2014 11:14:50 -0500
Subject: [PATCH 49/85] Don't require a password to boot entries generated by
Subject: [PATCH 46/90] Don't require a password to boot entries generated by
grub-mkconfig.
When we set a password, we just want that to mean you can't /edit/ an entry.
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 04179d9..a0e71fa 100644
index 452a9f6..79a747e 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -26,7 +26,7 @@ datarootdir="@datarootdir@"
@ -27,5 +27,5 @@ index 04179d9..a0e71fa 100644
if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
OS="$(sed 's, release .*$,,g' /etc/system-release)"
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 62ce77c55bb224f3c318d94cf45bf170d2fc806f Mon Sep 17 00:00:00 2001
From 5468ac6eef409220e59741ccf1073d92916cdddf Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 18 Feb 2014 09:37:49 -0500
Subject: [PATCH 50/85] Don't emit "Booting ..." message.
Subject: [PATCH 47/90] Don't emit "Booting ..." message.
UI team still hates this stuff, so we're disabling it for RHEL 7.
@ -9,16 +9,20 @@ Resolves: rhbz#1023142
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/normal/menu.c | 2 ++
grub-core/normal/menu.c | 4 +++-
grub-core/normal/menu_entry.c | 3 ---
2 files changed, 2 insertions(+), 3 deletions(-)
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
index 73a94aa..e74cb56 100644
index 2e8a7bd..004711d 100644
--- a/grub-core/normal/menu.c
+++ b/grub-core/normal/menu.c
@@ -832,9 +832,11 @@ static void
notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
@@ -838,12 +838,14 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
/* Callback invoked immediately before a menu entry is executed. */
static void
-notify_booting (grub_menu_entry_t entry,
+notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
void *userdata __attribute__((unused)))
{
+#if 0
@ -44,5 +48,5 @@ index eeeee55..8349049 100644
errs_before = grub_err_printed_errors;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 07232bee88b91155ed2315db10d83e03e466efc6 Mon Sep 17 00:00:00 2001
From cce065ff19272aa908a293632a265211201d7237 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 4 Mar 2014 11:00:23 -0500
Subject: [PATCH 51/85] Replace a lot of man pages with slightly nicer ones.
Subject: [PATCH 48/90] Replace a lot of man pages with slightly nicer ones.
Replace a bunch of machine generated ones with ones that look nicer.
---
@ -134,7 +134,7 @@ index b16bd92..39eb94b 100644
EXTRA_DIST += docs/grub.cfg
EXTRA_DIST += docs/osdetect.cfg
diff --git a/configure.ac b/configure.ac
index a85b134..4369bda 100644
index ab9134c..9937a82 100644
--- a/configure.ac
+++ b/configure.ac
@@ -70,6 +70,29 @@ grub_TRANSFORM([grub-set-default])
@ -1959,5 +1959,5 @@ index 0000000..37ea2dd
+.SH SEE ALSO
+.BR "info grub"
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From a937e5533ae47be79d374fb99709282e16df4f0d Mon Sep 17 00:00:00 2001
From c28ddef07d11d790d89ee6ec8e3a8cc7e1aace0d Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Wed, 19 Feb 2014 15:58:43 -0500
Subject: [PATCH 52/85] use fw_path prefix when fallback searching for grub
Subject: [PATCH 49/90] use fw_path prefix when fallback searching for grub
config
When PXE booting via UEFI firmware, grub was searching for grub.cfg
@ -18,7 +18,7 @@ Signed-off-by: Mark Salter <msalter@redhat.com>
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index d98e868..660238a 100644
index 0ce59fd..a3713ef 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -343,7 +343,7 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
@ -41,5 +41,5 @@ index d98e868..660238a 100644
{
grub_size_t config_len;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 780862554b3ee8a44c9d0b7e77ba219377a6b39b Mon Sep 17 00:00:00 2001
From 82812e4ade82c9aa4f2e8f091b60b714ecfd82e5 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 6 Mar 2014 11:51:33 -0500
Subject: [PATCH 53/85] Try mac/guid/etc before grub.cfg on tftp config files.
Subject: [PATCH 50/90] Try mac/guid/etc before grub.cfg on tftp config files.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
@ -9,7 +9,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 43 insertions(+), 37 deletions(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 660238a..3ba1cdb 100644
index a3713ef..7d9c4f0 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -341,53 +341,59 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
@ -110,5 +110,5 @@ index 660238a..3ba1cdb 100644
else
grub_enter_normal_mode (argv[0]);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From f35eaf656ac008e23937d5a31ece0e41df9e69cf Mon Sep 17 00:00:00 2001
From b954efc0812579f973031b24c68a2f593bd89ba1 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 18 Feb 2014 11:34:00 -0500
Subject: [PATCH 54/85] Fix convert function to support NVMe devices
Subject: [PATCH 51/90] Fix convert function to support NVMe devices
This is adapted from the patch at
https://bugzilla.redhat.com/show_bug.cgi?id=1019660 , which is against
@ -55,5 +55,5 @@ index 92c0d70..bf317a2 100644
return grub_util_devmapper_part_to_disk (&st, is_part, os_dev);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 507dd275029deb504e0a7ffae3a7cd76f5701412 Mon Sep 17 00:00:00 2001
From 6900527741a21097f57a72854944f3e078a0ee42 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Mon, 10 Feb 2014 16:13:10 -0500
Subject: [PATCH 55/85] Switch to use APM Mustang device tree, for hardware
Subject: [PATCH 52/90] Switch to use APM Mustang device tree, for hardware
testing.
Signed-off-by: David A. Marlin <d.marlin@redhat.com>
@ -10,7 +10,7 @@ Signed-off-by: David A. Marlin <d.marlin@redhat.com>
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index a0e71fa..dc3d081 100644
index 79a747e..462b461 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -232,8 +232,8 @@ while [ "x$list" != "x" ] ; do
@ -25,5 +25,5 @@ index a0e71fa..dc3d081 100644
fi
done
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 30fa988875e7b218240ac2100f4bab768c80a7f6 Mon Sep 17 00:00:00 2001
From 823290f622902f1ae06efa29efbe4ca15af1aafe Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Wed, 12 Feb 2014 14:54:04 -0500
Subject: [PATCH 56/85] Use the default device tree from the grub default file
Subject: [PATCH 53/90] Use the default device tree from the grub default file
instead of hardcoding a value.
@ -26,7 +26,7 @@ index c088b70..9d595ac 100644
if test "x${grub_cfg}" != "x"; then
rm -f "${grub_cfg}.new"
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index dc3d081..30e0e85 100644
index 462b461..a9692a0 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -232,8 +232,8 @@ while [ "x$list" != "x" ] ; do
@ -41,5 +41,5 @@ index dc3d081..30e0e85 100644
fi
done
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From a3f2c756ce34c9666bddef35e3b3b85ccecdcffc Mon Sep 17 00:00:00 2001
From e119353dad1eadc771a011f82bf90bd04fc00f9a Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Sat, 15 Feb 2014 15:10:22 -0500
Subject: [PATCH 57/85] reopen SNP protocol for exclusive use by grub
Subject: [PATCH 54/90] reopen SNP protocol for exclusive use by grub
---
grub-core/net/drivers/efi/efinet.c | 16 ++++++++++++++++
@ -42,5 +42,5 @@ index 5388f95..ea0e0ca 100644
}
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 5a6729292b36c493c81b4bfeef70434318a604f2 Mon Sep 17 00:00:00 2001
From 5d47b56198754190c62179ae10ef175c00d1474d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 4 Mar 2016 15:13:59 -0500
Subject: [PATCH 58/85] Revert "reopen SNP protocol for exclusive use by grub"
Subject: [PATCH 55/90] Revert "reopen SNP protocol for exclusive use by grub"
This reverts commit a3f2c756ce34c9666bddef35e3b3b85ccecdcffc , which is
obsoleted by these:
@ -50,5 +50,5 @@ index ea0e0ca..5388f95 100644
}
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From deb910d72a3a8745ca207e75f5caa09b0264606c Mon Sep 17 00:00:00 2001
From 5a69c7fbfff14bcea80e781fcd6acad07c904e22 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 3 Sep 2014 10:01:03 -0400
Subject: [PATCH 59/85] Add grub_util_readlink()
Subject: [PATCH 56/90] Add grub_util_readlink()
Add grub_util_readlink(). This requires pulling in stat and readlink from
gnulib, which pulls in stat and related headers, but after that the
@ -3730,5 +3730,5 @@ index 0000000..9852778
+ REPLACE_LOCALTIME=0; AC_SUBST([REPLACE_LOCALTIME])
+])
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 4c54fc0998ac13e7d38ba44cefcda9384d794475 Mon Sep 17 00:00:00 2001
From a867dc42c711385634d86f04176cf3193d548f1d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 3 Sep 2014 10:38:00 -0400
Subject: [PATCH 60/85] Make editenv chase symlinks including those across
Subject: [PATCH 57/90] Make editenv chase symlinks including those across
devices.
This lets us make /boot/grub2/grubenv a symlink to
@ -17,7 +17,7 @@ Reviewed-by: Adam Jackson <ajax@redhat.com>
2 files changed, 53 insertions(+), 2 deletions(-)
diff --git a/Makefile.util.def b/Makefile.util.def
index dfd48fc..c123038 100644
index 6d452da..2061104 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -230,8 +230,17 @@ program = {
@ -102,5 +102,5 @@ index c6f8d22..d8d1dad 100644
+ free (rename_target);
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 5006f4ecf73a3742f1441177072dd814cd63e9b5 Mon Sep 17 00:00:00 2001
From 14b8db374bfc41fffa278ec33084324008384417 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 4 Sep 2014 14:23:23 -0400
Subject: [PATCH 61/85] Generate OS and CLASS in 10_linux from /etc/os-release
Subject: [PATCH 58/90] Generate OS and CLASS in 10_linux from /etc/os-release
This makes us use pretty names in the titles we generate in
grub2-mkconfig when GRUB_DISTRIBUTOR isn't set.
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 30e0e85..1881c73 100644
index a9692a0..c662726 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -29,7 +29,8 @@ export TEXTDOMAINDIR="@localedir@"
@ -28,5 +28,5 @@ index 30e0e85..1881c73 100644
OS="${GRUB_DISTRIBUTOR}"
CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From e6c8b26dece544383403a13019ad6d4991c72e4e Mon Sep 17 00:00:00 2001
From 700c631b4c887778951503346afe5b7ee70bf7dd Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 4 Sep 2014 15:52:08 -0400
Subject: [PATCH 62/85] Minimize the sort ordering for .debug and -rescue-
Subject: [PATCH 59/90] Minimize the sort ordering for .debug and -rescue-
kernels.
Resolves: rhbz#1065360
@ -30,5 +30,5 @@ index cf35e41..10fabee 100644
version_test_numeric "$version_test_gt_a" "$version_test_gt_cmp" "$version_test_gt_b"
return "$?"
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From d0ea23d1dd262db1d131f1fb8bf3d1e6c67ec252 Mon Sep 17 00:00:00 2001
From cae0d2cdb28017df75358e0839c60a9c2521cb82 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Sep 2014 11:26:14 -0400
Subject: [PATCH 63/85] Load arm with SB enabled.
Subject: [PATCH 60/90] Load arm with SB enabled.
Make sure we actually try to validate secure boot on this platform (even
though we're not shipping it enabled by default.)
@ -42,7 +42,7 @@ index e79bb0c..7fba196 100644
enable = x86_64_efi;
};
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index 9519d2e..9f425df 100644
index 9519d2e..4756ef7 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -28,6 +28,7 @@
@ -87,7 +87,7 @@ index 9519d2e..9f425df 100644
+ (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t);
+ loaded_image->load_options =
+ grub_efi_allocate_pages (0,
+ BYTES_TO_PAGES (loaded_image->load_options_size));
+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size));
+ if (!loaded_image->load_options)
+ return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters");
+
@ -142,7 +142,7 @@ index 9519d2e..9f425df 100644
+ if (loaded_image->load_options)
+ grub_efi_free_pages ((grub_efi_physical_address_t)
+ loaded_image->load_options,
+ BYTES_TO_PAGES (loaded_image->load_options_size));
+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size));
+ loaded_image->load_options = NULL;
+ loaded_image->load_options_size = 0;
+ }
@ -424,5 +424,5 @@ index 0000000..d9ede36
+
+#endif /* ! GRUB_EFI_LINUX_HEADER */
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 240f6e49d239635f7ca8cd2ca6103df534c92507 Mon Sep 17 00:00:00 2001
From d255a98813193eb2c23f9217106b121278843023 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 3 Oct 2014 11:08:03 -0400
Subject: [PATCH 64/85] Try $prefix if $fw_path doesn't work.
Subject: [PATCH 61/90] Try $prefix if $fw_path doesn't work.
Related: rhbz#1148652
@ -57,10 +57,10 @@ index 8a3ecd5..8efa1a6 100644
}
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
index e53d9a0..9af9a1f 100644
index 0769bf8..16d2ce0 100644
--- a/grub-core/net/net.c
+++ b/grub-core/net/net.c
@@ -1840,7 +1840,7 @@ grub_net_search_configfile (char *config)
@@ -1850,7 +1850,7 @@ grub_net_search_configfile (char *config)
/* Remove the remaining minus sign at the end. */
config[config_len] = '\0';
@ -70,7 +70,7 @@ index e53d9a0..9af9a1f 100644
static struct grub_preboot *fini_hnd;
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 3ba1cdb..13d9eab 100644
index 7d9c4f0..b69f9e7 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -331,74 +331,72 @@ grub_enter_normal_mode (const char *config)
@ -207,5 +207,5 @@ index 3ba1cdb..13d9eab 100644
}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From ce8210df5c25af8ce319f6cd5b7578beaf3e9a22 Mon Sep 17 00:00:00 2001
From 8e6fc0ea14aa01817cc9103ffd5e328a78e56857 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 27 Oct 2014 09:22:55 -0400
Subject: [PATCH 65/85] Try to emit linux16/initrd16 and linuxefi/initrdefi in
Subject: [PATCH 62/90] Try to emit linux16/initrd16 and linuxefi/initrdefi in
30-os_prober.
Resolves: rhbz#1108296
@ -73,5 +73,5 @@ index 9b8f596..dc98eac 100644
fi
cat << EOF
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 91f9701082fe351aa221323fb684e08c6b466b87 Mon Sep 17 00:00:00 2001
From b6e3ffe7ae7e4222cc15876cb72c691112f3c4b0 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 28 Apr 2015 11:15:03 -0400
Subject: [PATCH 66/85] Make grub2-mkconfig construct titles that look like the
Subject: [PATCH 63/90] Make grub2-mkconfig construct titles that look like the
ones we want elsewhere.
Resolves: rhbz#1215839
@ -12,7 +12,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 1881c73..539ac65 100644
index c662726..1215241 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -68,6 +68,15 @@ case x"$GRUB_FS" in
@ -50,5 +50,5 @@ index 1881c73..539ac65 100644
echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
else
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 0fd74ec2eb69ee6147fbf2062a9eecceff24896b Mon Sep 17 00:00:00 2001
From c4be6106eae8c1b479c325f531a1f81188f400e8 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Mon, 16 Mar 2015 16:34:51 -0400
Subject: [PATCH 67/85] Update info with grub.cfg netboot selection order
Subject: [PATCH 64/90] Update info with grub.cfg netboot selection order
(#1148650)
Added documentation to the grub info page that specifies the order
@ -66,5 +66,5 @@ index 98d4d0d..4c6323b 100644
@samp{(tftp)} device.
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 368462b4c02b93431943242d069a13aaa3f7f410 Mon Sep 17 00:00:00 2001
From 11abe391636d0819902357591aebf0ea01b88130 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Mon, 16 Mar 2015 14:14:19 -0400
Subject: [PATCH 68/85] Use Distribution Package Sort for grub2-mkconfig
Subject: [PATCH 65/90] Use Distribution Package Sort for grub2-mkconfig
(#1124074)
Users reported that newly installed kernels on their systems installed
@ -34,7 +34,7 @@ index 06c9f3a..7697877 100644
grub-set-default
grub-shell
diff --git a/Makefile.util.def b/Makefile.util.def
index c123038..1b0dc15 100644
index 2061104..d846b81 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -684,6 +684,22 @@ program = {
@ -61,7 +61,7 @@ index c123038..1b0dc15 100644
name = grub-mkconfig;
common = util/grub-mkconfig.in;
diff --git a/configure.ac b/configure.ac
index 4369bda..127d91d 100644
index 9937a82..d5e8d90 100644
--- a/configure.ac
+++ b/configure.ac
@@ -65,6 +65,7 @@ grub_TRANSFORM([grub-mkrelpath])
@ -80,7 +80,7 @@ index 4369bda..127d91d 100644
grub_TRANSFORM([grub-reboot.3])
grub_TRANSFORM([grub-render-label.3])
grub_TRANSFORM([grub-script-check.3])
@@ -1731,6 +1733,33 @@ fi
@@ -1743,6 +1745,33 @@ fi
AC_SUBST([LIBDEVMAPPER])
@ -456,5 +456,5 @@ index 0000000..f33bd1e
+ return 0;
+}
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From bcca98247da836509464b14549c34debb5b17bd3 Mon Sep 17 00:00:00 2001
From f7574b40f89ded29d82e5cfdb7494f8884bc1cdb Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Thu, 25 Jun 2015 11:13:11 -0400
Subject: [PATCH 69/85] Add friendly grub2 password config tool (#985962)
Subject: [PATCH 66/90] Add friendly grub2 password config tool (#985962)
Provided a tool for users to reset the grub2 root user password
without having to alter the grub.cfg. The hashed password now
@ -34,7 +34,7 @@ index 7697877..53a391e 100644
grub-shell-tester
grub-sparc64-setup
diff --git a/Makefile.util.def b/Makefile.util.def
index 1b0dc15..5598b03 100644
index d846b81..226c46b 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -440,6 +440,12 @@ script = {
@ -65,7 +65,7 @@ index 1b0dc15..5598b03 100644
common = util/grub-mkconfig_lib.in;
installdir = noinst;
diff --git a/configure.ac b/configure.ac
index 127d91d..d6ef6c3 100644
index d5e8d90..67ff20c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -65,6 +65,7 @@ grub_TRANSFORM([grub-mkrelpath])
@ -270,5 +270,5 @@ index 0000000..db2f44b
+fi
+EOF
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 4cee6969015be92d0a4371f4ccae7f36c6b80dc6 Mon Sep 17 00:00:00 2001
From a605e7af01dc697021b96fe6fbaf92ef3fca017c Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Tue, 14 Jul 2015 16:58:51 -0700
Subject: [PATCH 70/85] Fix race in EFI validation
Subject: [PATCH 67/90] Fix race in EFI validation
---
grub-core/loader/i386/efi/linux.c | 44 ++++++++++-----------------------------
@ -93,5 +93,5 @@ index e5b7785..7ccf32d 100644
{
grub_dl_unref (my_mod);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 6ea648a482015d3379acbe4f6f78991e3e923c47 Mon Sep 17 00:00:00 2001
From 63efe6a207f59ffa9e55cc10a0aed272f3571227 Mon Sep 17 00:00:00 2001
From: Don Zickus <dzickus@redhat.com>
Date: Wed, 22 Jul 2015 13:59:55 -0400
Subject: [PATCH 71/85] ppc64le sync mkconfig to disk (#1212114)
Subject: [PATCH 68/90] ppc64le sync mkconfig to disk (#1212114)
If creating a new grub2 entry using grub2-mkconfig, the entry is not
immediately sync'd to disk. If a crash happens before the writeback,
@ -38,5 +38,5 @@ index fb87247..73a18f7 100644
+ sync && mountpoint -q /boot &&fsfreeze -f /boot && fsfreeze -u /boot
+fi
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From bdc3eb0098b4b7d85423bb5674e50d78b01f3f49 Mon Sep 17 00:00:00 2001
From 9d47b2c482b6db238c99fe106f4b2e3c612f3a91 Mon Sep 17 00:00:00 2001
From: Raymund Will <rw@suse.com>
Date: Fri, 10 Apr 2015 01:45:02 -0400
Subject: [PATCH 72/85] Use device part of chainloader target, if present.
Subject: [PATCH 69/90] Use device part of chainloader target, if present.
Otherwise chainloading is restricted to '$root', which might not even
be readable by EFI!
@ -33,5 +33,5 @@ index 522a716..6b47497 100644
goto fail;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 5a211adebc2362cb5d7767bd95fe204f0d5cb852 Mon Sep 17 00:00:00 2001
From 9cbf35d19f4ffafdf2683acf7b6a320b55bbdfca Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 6 Oct 2015 13:04:37 -0400
Subject: [PATCH 73/85] Add secureboot support on efi chainloader
Subject: [PATCH 70/90] Add secureboot support on efi chainloader
Expand the chainloader to be able to verify the image by means of shim
lock protocol. The PE/COFF image is loaded and relocated by the
@ -796,5 +796,5 @@ index f79c36c..f79782e 100644
{
grub_uint32_t page_rva;
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From f1896dc881b276559079773ba666266979df2f74 Mon Sep 17 00:00:00 2001
From c1d31b6a26e5542142d569c94a70f1dc8e07afd6 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 6 Oct 2015 16:09:25 -0400
Subject: [PATCH 74/85] Make any of the loaders that link in efi mode honor
Subject: [PATCH 71/90] Make any of the loaders that link in efi mode honor
secure boot.
And in this case "honor" means "even if somebody does link this in, they
@ -24,9 +24,17 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
grub-core/loader/xnu.c | 7 +++++
include/grub/efi/efi.h | 1 -
include/grub/efi/sb.h | 29 +++++++++++++++++++
15 files changed, 146 insertions(+), 29 deletions(-)
include/grub/ia64/linux.h | 0
include/grub/mips/linux.h | 0
include/grub/powerpc/linux.h | 0
include/grub/sparc64/linux.h | 0
19 files changed, 146 insertions(+), 29 deletions(-)
create mode 100644 grub-core/kern/efi/sb.c
create mode 100644 include/grub/efi/sb.h
create mode 100644 include/grub/ia64/linux.h
create mode 100644 include/grub/mips/linux.h
create mode 100644 include/grub/powerpc/linux.h
create mode 100644 include/grub/sparc64/linux.h
diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am
index 04e9395..fd715a8 100644
@ -469,6 +477,18 @@ index 0000000..9629fbb
+int EXPORT_FUNC (grub_efi_secure_boot) (void);
+
+#endif /* ! GRUB_EFI_SB_HEADER */
diff --git a/include/grub/ia64/linux.h b/include/grub/ia64/linux.h
new file mode 100644
index 0000000..e69de29
diff --git a/include/grub/mips/linux.h b/include/grub/mips/linux.h
new file mode 100644
index 0000000..e69de29
diff --git a/include/grub/powerpc/linux.h b/include/grub/powerpc/linux.h
new file mode 100644
index 0000000..e69de29
diff --git a/include/grub/sparc64/linux.h b/include/grub/sparc64/linux.h
new file mode 100644
index 0000000..e69de29
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From a33e256429267872f469a2d3d1e36ac3721369b3 Mon Sep 17 00:00:00 2001
From 5a0d703884a73f93a68753c6ed64bdf08797c82a Mon Sep 17 00:00:00 2001
From: Hector Marco-Gisbert <hecmargi@upv.es>
Date: Fri, 13 Nov 2015 16:21:09 +0100
Subject: [PATCH 75/85] Fix security issue when reading username and password
Subject: [PATCH 72/90] Fix security issue when reading username and password
This patch fixes two integer underflows at:
* grub-core/lib/crypto.c
@ -43,5 +43,5 @@ index 7338f82..6d6dc7d 100644
if (cur_len)
{
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 9e51bd34baf8c705380abb4dc4b3847c11c93829 Mon Sep 17 00:00:00 2001
From c37a4f02e5fd0c3aa5f54baaeaf32eed0e3c110b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 27 Jan 2016 09:22:42 -0500
Subject: [PATCH 76/85] Make grub_fatal() also backtrace.
Subject: [PATCH 73/90] Make grub_fatal() also backtrace.
---
grub-core/Makefile.core.def | 3 ++
@ -171,5 +171,5 @@ index c3e03c7..c67273d 100644
#include <grub/term.h>
#include <grub/backtrace.h>
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 6ef376d234cf06ef3e92d77b03fa4060516a218c Mon Sep 17 00:00:00 2001
From 33d11870bbc2fa554fa9344c3c180279c258736a Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 16:12:39 -0700
Subject: [PATCH 80/85] Rework linux command
Subject: [PATCH 74/90] Rework linux command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel into it
@ -103,5 +103,5 @@ index b0afcca..5eb7d17 100644
grub_file_close (file);
--
2.5.0
2.9.3

View File

@ -1,7 +1,7 @@
From 9992eed98ad0d7d66444185a9cd2c81df5b4e1b2 Mon Sep 17 00:00:00 2001
From 0b86b309de12b4f3ea920124faa60841ffedf472 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 16:20:58 -0700
Subject: [PATCH 81/85] Rework linux16 command
Subject: [PATCH 75/90] Rework linux16 command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel int it
@ -97,5 +97,5 @@ index 9128315..b864e54 100644
grub_file_close (file);
--
2.5.0
2.9.3

View File

@ -0,0 +1,30 @@
From edaa6c877917816d57603e26d660107c82ffbb5d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 4 Mar 2016 16:29:13 -0500
Subject: [PATCH 76/90] Make grub-editenv build again.
36212460d3565b18439a3a8130b28e6c97702c6a split how some of the mkimage
utility functions are defined, and they wind up being linked into
grub-editenv. Most utilities got fixed, but this one was missed.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile.util.def | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Makefile.util.def b/Makefile.util.def
index 226c46b..8007de9 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -236,6 +236,8 @@ program = {
extra_dist = grub-core/osdep/unix/compress.c;
extra_dist = grub-core/osdep/basic/compress.c;
common = util/mkimage.c;
+ common = util/grub-mkimage32.c;
+ common = util/grub-mkimage64.c;
common = grub-core/osdep/config.c;
common = util/config.c;
common = util/resolve.c;
--
2.9.3

View File

@ -1,789 +0,0 @@
From 59e54f473afa4e4f67dde8f11a33cb8490496086 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Tue, 14 Jul 2015 17:06:35 -0700
Subject: [PATCH 77/85] Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI and BIOS systems, but
will measure all modules as they're loaded.
---
grub-core/Makefile.am | 1 +
grub-core/Makefile.core.def | 3 +
grub-core/kern/dl.c | 3 +
grub-core/kern/efi/tpm.c | 282 +++++++++++++++++++++++++++++++++++++++++++
grub-core/kern/i386/pc/tpm.c | 132 ++++++++++++++++++++
grub-core/kern/tpm.c | 13 ++
include/grub/efi/tpm.h | 153 +++++++++++++++++++++++
include/grub/tpm.h | 91 ++++++++++++++
8 files changed, 678 insertions(+)
create mode 100644 grub-core/kern/efi/tpm.c
create mode 100644 grub-core/kern/i386/pc/tpm.c
create mode 100644 grub-core/kern/tpm.c
create mode 100644 include/grub/efi/tpm.h
create mode 100644 include/grub/tpm.h
diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am
index fd715a8..d082933 100644
--- a/grub-core/Makefile.am
+++ b/grub-core/Makefile.am
@@ -93,6 +93,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/term.h
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/time.h
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/mm_private.h
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/net.h
+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/tpm.h
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/memory.h
if COND_i386_pc
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 990e41b..9fa9790 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -126,6 +126,7 @@ kernel = {
common = kern/rescue_parser.c;
common = kern/rescue_reader.c;
common = kern/term.c;
+ common = kern/tpm.c;
noemu = kern/compiler-rt.c;
noemu = kern/mm.c;
@@ -177,6 +178,7 @@ kernel = {
efi = kern/acpi.c;
efi = kern/efi/acpi.c;
efi = lib/envblk.c;
+ efi = kern/efi/tpm.c;
i386_coreboot = kern/i386/pc/acpi.c;
i386_multiboot = kern/i386/pc/acpi.c;
i386_coreboot = kern/acpi.c;
@@ -222,6 +224,7 @@ kernel = {
i386_pc = kern/i386/pc/init.c;
i386_pc = kern/i386/pc/mmap.c;
+ i386_pc = kern/i386/pc/tpm.c;
i386_pc = term/i386/pc/console.c;
i386_qemu = bus/pci.c;
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
index 04e804d..247cd0a 100644
--- a/grub-core/kern/dl.c
+++ b/grub-core/kern/dl.c
@@ -32,6 +32,7 @@
#include <grub/env.h>
#include <grub/cache.h>
#include <grub/i18n.h>
+#include <grub/tpm.h>
/* Platforms where modules are in a readonly area of memory. */
#if defined(GRUB_MACHINE_QEMU)
@@ -733,6 +734,8 @@ grub_dl_load_file (const char *filename)
opens of the same device. */
grub_file_close (file);
+ grub_tpm_measure(core, size, GRUB_TPM_PCR, filename);
+
mod = grub_dl_load_core (core, size);
grub_free (core);
if (! mod)
diff --git a/grub-core/kern/efi/tpm.c b/grub-core/kern/efi/tpm.c
new file mode 100644
index 0000000..c9fb3c1
--- /dev/null
+++ b/grub-core/kern/efi/tpm.c
@@ -0,0 +1,282 @@
+#include <grub/err.h>
+#include <grub/i18n.h>
+#include <grub/efi/api.h>
+#include <grub/efi/efi.h>
+#include <grub/efi/tpm.h>
+#include <grub/mm.h>
+#include <grub/tpm.h>
+#include <grub/term.h>
+
+static grub_efi_guid_t tpm_guid = EFI_TPM_GUID;
+static grub_efi_guid_t tpm2_guid = EFI_TPM2_GUID;
+
+static grub_efi_boolean_t grub_tpm_present(grub_efi_tpm_protocol_t *tpm)
+{
+ grub_efi_status_t status;
+ TCG_EFI_BOOT_SERVICE_CAPABILITY caps;
+ grub_uint32_t flags;
+ grub_efi_physical_address_t eventlog, lastevent;
+
+ caps.Size = (grub_uint8_t)sizeof(caps);
+
+ status = efi_call_5(tpm->status_check, tpm, &caps, &flags, &eventlog,
+ &lastevent);
+
+ if (status != GRUB_EFI_SUCCESS || caps.TPMDeactivatedFlag
+ || !caps.TPMPresentFlag)
+ return 0;
+
+ return 1;
+}
+
+static grub_efi_boolean_t grub_tpm2_present(grub_efi_tpm2_protocol_t *tpm)
+{
+ grub_efi_status_t status;
+ EFI_TCG2_BOOT_SERVICE_CAPABILITY caps;
+
+ caps.Size = (grub_uint8_t)sizeof(caps);
+
+ status = efi_call_2(tpm->get_capability, tpm, &caps);
+
+ if (status != GRUB_EFI_SUCCESS || !caps.TPMPresentFlag)
+ return 0;
+
+ return 1;
+}
+
+static grub_efi_boolean_t grub_tpm_handle_find(grub_efi_handle_t *tpm_handle,
+ grub_efi_uint8_t *protocol_version)
+{
+ grub_efi_handle_t *handles;
+ grub_efi_uintn_t num_handles;
+
+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm_guid, NULL,
+ &num_handles);
+ if (handles && num_handles > 0) {
+ *tpm_handle = handles[0];
+ *protocol_version = 1;
+ return 1;
+ }
+
+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm2_guid, NULL,
+ &num_handles);
+ if (handles && num_handles > 0) {
+ *tpm_handle = handles[0];
+ *protocol_version = 2;
+ return 1;
+ }
+
+ return 0;
+}
+
+static grub_err_t
+grub_tpm1_execute(grub_efi_handle_t tpm_handle,
+ PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf)
+{
+ grub_efi_status_t status;
+ grub_efi_tpm_protocol_t *tpm;
+ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn);
+ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut);
+
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid,
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+
+ if (!grub_tpm_present(tpm))
+ return 0;
+
+ /* UEFI TPM protocol takes the raw operand block, no param block header */
+ status = efi_call_5 (tpm->pass_through_to_tpm, tpm,
+ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn,
+ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut);
+
+ switch (status) {
+ case GRUB_EFI_SUCCESS:
+ return 0;
+ case GRUB_EFI_DEVICE_ERROR:
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
+ case GRUB_EFI_INVALID_PARAMETER:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
+ case GRUB_EFI_BUFFER_TOO_SMALL:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
+ case GRUB_EFI_NOT_FOUND:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
+ default:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ }
+}
+
+static grub_err_t
+grub_tpm2_execute(grub_efi_handle_t tpm_handle,
+ PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf)
+{
+ grub_efi_status_t status;
+ grub_efi_tpm2_protocol_t *tpm;
+ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn);
+ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut);
+
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid,
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+
+ if (!grub_tpm2_present(tpm))
+ return 0;
+
+ /* UEFI TPM protocol takes the raw operand block, no param block header */
+ status = efi_call_5 (tpm->submit_command, tpm,
+ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn,
+ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut);
+
+ switch (status) {
+ case GRUB_EFI_SUCCESS:
+ return 0;
+ case GRUB_EFI_DEVICE_ERROR:
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
+ case GRUB_EFI_INVALID_PARAMETER:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
+ case GRUB_EFI_BUFFER_TOO_SMALL:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
+ case GRUB_EFI_NOT_FOUND:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
+ default:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ }
+}
+
+grub_err_t
+grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf)
+{
+ grub_efi_handle_t tpm_handle;
+ grub_uint8_t protocol_version;
+
+ /* It's not a hard failure for there to be no TPM */
+ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version))
+ return 0;
+
+ if (protocol_version == 1) {
+ return grub_tpm1_execute(tpm_handle, inbuf, outbuf);
+ } else {
+ return grub_tpm2_execute(tpm_handle, inbuf, outbuf);
+ }
+}
+
+typedef struct {
+ grub_uint32_t pcrindex;
+ grub_uint32_t eventtype;
+ grub_uint8_t digest[20];
+ grub_uint32_t eventsize;
+ grub_uint8_t event[1];
+} Event;
+
+
+static grub_err_t
+grub_tpm1_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf,
+ grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ Event *event;
+ grub_efi_status_t status;
+ grub_efi_tpm_protocol_t *tpm;
+ grub_efi_physical_address_t lastevent;
+ grub_uint32_t algorithm;
+ grub_uint32_t eventnum = 0;
+
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid,
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+
+ if (!grub_tpm_present(tpm))
+ return 0;
+
+ event = grub_zalloc(sizeof (Event) + grub_strlen(description) + 1);
+ if (!event)
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ N_("cannot allocate TPM event buffer"));
+
+ event->pcrindex = pcr;
+ event->eventtype = EV_IPL;
+ event->eventsize = grub_strlen(description) + 1;
+ grub_memcpy(event->event, description, event->eventsize);
+
+ algorithm = TCG_ALG_SHA;
+ status = efi_call_7 (tpm->log_extend_event, tpm, buf, (grub_uint64_t) size,
+ algorithm, event, &eventnum, &lastevent);
+
+ switch (status) {
+ case GRUB_EFI_SUCCESS:
+ return 0;
+ case GRUB_EFI_DEVICE_ERROR:
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
+ case GRUB_EFI_INVALID_PARAMETER:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
+ case GRUB_EFI_BUFFER_TOO_SMALL:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
+ case GRUB_EFI_NOT_FOUND:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
+ default:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ }
+}
+
+static grub_err_t
+grub_tpm2_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf,
+ grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ EFI_TCG2_EVENT *event;
+ grub_efi_status_t status;
+ grub_efi_tpm2_protocol_t *tpm;
+
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid,
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+
+ if (!grub_tpm2_present(tpm))
+ return 0;
+
+ event = grub_zalloc(sizeof (EFI_TCG2_EVENT) + grub_strlen(description) + 1);
+ if (!event)
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ N_("cannot allocate TPM event buffer"));
+
+ event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
+ event->Header.HeaderVersion = 1;
+ event->Header.PCRIndex = pcr;
+ event->Header.EventType = EV_IPL;
+ event->Size = sizeof(*event) - sizeof(event->Event) + grub_strlen(description) + 1;
+ grub_memcpy(event->Event, description, grub_strlen(description) + 1);
+
+ status = efi_call_5 (tpm->hash_log_extend_event, tpm, 0, buf,
+ (grub_uint64_t) size, event);
+
+ switch (status) {
+ case GRUB_EFI_SUCCESS:
+ return 0;
+ case GRUB_EFI_DEVICE_ERROR:
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
+ case GRUB_EFI_INVALID_PARAMETER:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
+ case GRUB_EFI_BUFFER_TOO_SMALL:
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
+ case GRUB_EFI_NOT_FOUND:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
+ default:
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
+ }
+}
+
+grub_err_t
+grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ grub_efi_handle_t tpm_handle;
+ grub_efi_uint8_t protocol_version;
+
+ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version))
+ return 0;
+
+ if (protocol_version == 1) {
+ return grub_tpm1_log_event(tpm_handle, buf, size, pcr, description);
+ } else {
+ return grub_tpm2_log_event(tpm_handle, buf, size, pcr, description);
+ }
+}
diff --git a/grub-core/kern/i386/pc/tpm.c b/grub-core/kern/i386/pc/tpm.c
new file mode 100644
index 0000000..8c6c1e6
--- /dev/null
+++ b/grub-core/kern/i386/pc/tpm.c
@@ -0,0 +1,132 @@
+#include <grub/err.h>
+#include <grub/i18n.h>
+#include <grub/mm.h>
+#include <grub/tpm.h>
+#include <grub/misc.h>
+#include <grub/i386/pc/int.h>
+
+#define TCPA_MAGIC 0x41504354
+
+int tpm_present(void);
+
+int tpm_present(void)
+{
+ struct grub_bios_int_registers regs;
+
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
+ regs.eax = 0xbb00;
+ regs.ebx = TCPA_MAGIC;
+ grub_bios_interrupt (0x1a, &regs);
+
+ if (regs.eax == 0)
+ return 1;
+
+ return 0;
+}
+
+grub_err_t
+grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf)
+{
+ struct grub_bios_int_registers regs;
+ grub_addr_t inaddr, outaddr;
+
+ if (!tpm_present())
+ return 0;
+
+ inaddr = (grub_addr_t) inbuf;
+ outaddr = (grub_addr_t) outbuf;
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
+ regs.eax = 0xbb02;
+ regs.ebx = TCPA_MAGIC;
+ regs.ecx = 0;
+ regs.edx = 0;
+ regs.es = (inaddr & 0xffff0000) >> 4;
+ regs.edi = inaddr & 0xffff;
+ regs.ds = outaddr >> 4;
+ regs.esi = outaddr & 0xf;
+
+ grub_bios_interrupt (0x1a, &regs);
+
+ if (regs.eax)
+ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax);
+
+ return 0;
+}
+
+typedef struct {
+ grub_uint32_t pcrindex;
+ grub_uint32_t eventtype;
+ grub_uint8_t digest[20];
+ grub_uint32_t eventdatasize;
+ grub_uint8_t event[0];
+} GRUB_PACKED Event;
+
+typedef struct {
+ grub_uint16_t ipblength;
+ grub_uint16_t reserved;
+ grub_uint32_t hashdataptr;
+ grub_uint32_t hashdatalen;
+ grub_uint32_t pcr;
+ grub_uint32_t reserved2;
+ grub_uint32_t logdataptr;
+ grub_uint32_t logdatalen;
+} GRUB_PACKED EventIncoming;
+
+typedef struct {
+ grub_uint16_t opblength;
+ grub_uint16_t reserved;
+ grub_uint32_t eventnum;
+ grub_uint8_t hashvalue[20];
+} GRUB_PACKED EventOutgoing;
+
+grub_err_t
+grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ struct grub_bios_int_registers regs;
+ EventIncoming incoming;
+ EventOutgoing outgoing;
+ Event *event;
+ grub_uint32_t datalength;
+
+ if (!tpm_present())
+ return 0;
+
+ datalength = grub_strlen(description);
+ event = grub_zalloc(datalength + sizeof(Event));
+ if (!event)
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ N_("cannot allocate TPM event buffer"));
+
+ event->pcrindex = pcr;
+ event->eventtype = 0x0d;
+ event->eventdatasize = grub_strlen(description);
+ grub_memcpy(event->event, description, datalength);
+
+ incoming.ipblength = sizeof(incoming);
+ incoming.hashdataptr = (grub_uint32_t)buf;
+ incoming.hashdatalen = size;
+ incoming.pcr = pcr;
+ incoming.logdataptr = (grub_uint32_t)event;
+ incoming.logdatalen = datalength + sizeof(Event);
+
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
+ regs.eax = 0xbb01;
+ regs.ebx = TCPA_MAGIC;
+ regs.ecx = 0;
+ regs.edx = 0;
+ regs.es = (((grub_addr_t) &incoming) & 0xffff0000) >> 4;
+ regs.edi = ((grub_addr_t) &incoming) & 0xffff;
+ regs.ds = (((grub_addr_t) &outgoing) & 0xffff0000) >> 4;
+ regs.esi = ((grub_addr_t) &outgoing) & 0xffff;
+
+ grub_bios_interrupt (0x1a, &regs);
+
+ grub_free(event);
+
+ if (regs.eax)
+ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax);
+
+ return 0;
+}
diff --git a/grub-core/kern/tpm.c b/grub-core/kern/tpm.c
new file mode 100644
index 0000000..1a99187
--- /dev/null
+++ b/grub-core/kern/tpm.c
@@ -0,0 +1,13 @@
+#include <grub/err.h>
+#include <grub/i18n.h>
+#include <grub/misc.h>
+#include <grub/mm.h>
+#include <grub/tpm.h>
+#include <grub/term.h>
+
+grub_err_t
+grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ const char *description)
+{
+ return grub_tpm_log_event(buf, size, pcr, description);
+}
diff --git a/include/grub/efi/tpm.h b/include/grub/efi/tpm.h
new file mode 100644
index 0000000..e2aff4a
--- /dev/null
+++ b/include/grub/efi/tpm.h
@@ -0,0 +1,153 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2015 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef GRUB_EFI_TPM_HEADER
+#define GRUB_EFI_TPM_HEADER 1
+
+#define EFI_TPM_GUID {0xf541796d, 0xa62e, 0x4954, {0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd }};
+#define EFI_TPM2_GUID {0x607f766c, 0x7455, 0x42be, {0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }};
+
+typedef struct {
+ grub_efi_uint8_t Major;
+ grub_efi_uint8_t Minor;
+ grub_efi_uint8_t RevMajor;
+ grub_efi_uint8_t RevMinor;
+} TCG_VERSION;
+
+typedef struct _TCG_EFI_BOOT_SERVICE_CAPABILITY {
+ grub_efi_uint8_t Size; /// Size of this structure.
+ TCG_VERSION StructureVersion;
+ TCG_VERSION ProtocolSpecVersion;
+ grub_efi_uint8_t HashAlgorithmBitmap; /// Hash algorithms .
+ char TPMPresentFlag; /// 00h = TPM not present.
+ char TPMDeactivatedFlag; /// 01h = TPM currently deactivated.
+} TCG_EFI_BOOT_SERVICE_CAPABILITY;
+
+typedef struct {
+ grub_efi_uint32_t PCRIndex;
+ grub_efi_uint32_t EventType;
+ grub_efi_uint8_t digest[20];
+ grub_efi_uint32_t EventSize;
+ grub_efi_uint8_t Event[1];
+} TCG_PCR_EVENT;
+
+struct grub_efi_tpm_protocol
+{
+ grub_efi_status_t (*status_check) (struct grub_efi_tpm_protocol *this,
+ TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability,
+ grub_efi_uint32_t *TCGFeatureFlags,
+ grub_efi_physical_address_t *EventLogLocation,
+ grub_efi_physical_address_t *EventLogLastEntry);
+ grub_efi_status_t (*hash_all) (struct grub_efi_tpm_protocol *this,
+ grub_efi_uint8_t *HashData,
+ grub_efi_uint64_t HashLen,
+ grub_efi_uint32_t AlgorithmId,
+ grub_efi_uint64_t *HashedDataLen,
+ grub_efi_uint8_t **HashedDataResult);
+ grub_efi_status_t (*log_event) (struct grub_efi_tpm_protocol *this,
+ TCG_PCR_EVENT *TCGLogData,
+ grub_efi_uint32_t *EventNumber,
+ grub_efi_uint32_t Flags);
+ grub_efi_status_t (*pass_through_to_tpm) (struct grub_efi_tpm_protocol *this,
+ grub_efi_uint32_t TpmInputParameterBlockSize,
+ grub_efi_uint8_t *TpmInputParameterBlock,
+ grub_efi_uint32_t TpmOutputParameterBlockSize,
+ grub_efi_uint8_t *TpmOutputParameterBlock);
+ grub_efi_status_t (*log_extend_event) (struct grub_efi_tpm_protocol *this,
+ grub_efi_physical_address_t HashData,
+ grub_efi_uint64_t HashDataLen,
+ grub_efi_uint32_t AlgorithmId,
+ TCG_PCR_EVENT *TCGLogData,
+ grub_efi_uint32_t *EventNumber,
+ grub_efi_physical_address_t *EventLogLastEntry);
+};
+
+typedef struct grub_efi_tpm_protocol grub_efi_tpm_protocol_t;
+
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_BITMAP;
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_FORMAT;
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_ALGORITHM_BITMAP;
+
+typedef struct tdEFI_TCG2_VERSION {
+ grub_efi_uint8_t Major;
+ grub_efi_uint8_t Minor;
+} GRUB_PACKED EFI_TCG2_VERSION;
+
+typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
+ grub_efi_uint8_t Size;
+ EFI_TCG2_VERSION StructureVersion;
+ EFI_TCG2_VERSION ProtocolVersion;
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
+ EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
+ grub_efi_boolean_t TPMPresentFlag;
+ grub_efi_uint16_t MaxCommandSize;
+ grub_efi_uint16_t MaxResponseSize;
+ grub_efi_uint32_t ManufacturerID;
+ grub_efi_uint32_t NumberOfPcrBanks;
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
+} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
+
+typedef grub_efi_uint32_t TCG_PCRINDEX;
+typedef grub_efi_uint32_t TCG_EVENTTYPE;
+
+typedef struct tdEFI_TCG2_EVENT_HEADER {
+ grub_efi_uint32_t HeaderSize;
+ grub_efi_uint16_t HeaderVersion;
+ TCG_PCRINDEX PCRIndex;
+ TCG_EVENTTYPE EventType;
+} GRUB_PACKED EFI_TCG2_EVENT_HEADER;
+
+typedef struct tdEFI_TCG2_EVENT {
+ grub_efi_uint32_t Size;
+ EFI_TCG2_EVENT_HEADER Header;
+ grub_efi_uint8_t Event[1];
+} GRUB_PACKED EFI_TCG2_EVENT;
+
+struct grub_efi_tpm2_protocol
+{
+ grub_efi_status_t (*get_capability) (struct grub_efi_tpm2_protocol *this,
+ EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability);
+ grub_efi_status_t (*get_event_log) (struct grub_efi_tpm2_protocol *this,
+ EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
+ grub_efi_physical_address_t *EventLogLocation,
+ grub_efi_physical_address_t *EventLogLastEntry,
+ grub_efi_boolean_t *EventLogTruncated);
+ grub_efi_status_t (*hash_log_extend_event) (struct grub_efi_tpm2_protocol *this,
+ grub_efi_uint64_t Flags,
+ grub_efi_physical_address_t *DataToHash,
+ grub_efi_uint64_t DataToHashLen,
+ EFI_TCG2_EVENT *EfiTcgEvent);
+ grub_efi_status_t (*submit_command) (struct grub_efi_tpm2_protocol *this,
+ grub_efi_uint32_t InputParameterBlockSize,
+ grub_efi_uint8_t *InputParameterBlock,
+ grub_efi_uint32_t OutputParameterBlockSize,
+ grub_efi_uint8_t *OutputParameterBlock);
+ grub_efi_status_t (*get_active_pcr_blanks) (struct grub_efi_tpm2_protocol *this,
+ grub_efi_uint32_t *ActivePcrBanks);
+ grub_efi_status_t (*set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this,
+ grub_efi_uint32_t ActivePcrBanks);
+ grub_efi_status_t (*get_result_of_set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this,
+ grub_efi_uint32_t *OperationPresent,
+ grub_efi_uint32_t *Response);
+};
+
+typedef struct grub_efi_tpm2_protocol grub_efi_tpm2_protocol_t;
+
+#define TCG_ALG_SHA 0x00000004
+
+#endif
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
new file mode 100644
index 0000000..40d3cf6
--- /dev/null
+++ b/include/grub/tpm.h
@@ -0,0 +1,91 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2015 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef GRUB_TPM_HEADER
+#define GRUB_TPM_HEADER 1
+
+#define SHA1_DIGEST_SIZE 20
+
+#define TPM_BASE 0x0
+#define TPM_SUCCESS TPM_BASE
+#define TPM_AUTHFAIL (TPM_BASE + 0x1)
+#define TPM_BADINDEX (TPM_BASE + 0x2)
+
+#define GRUB_TPM_PCR 9
+#define GRUB_KERNEL_PCR 10
+#define GRUB_INITRD_PCR 11
+#define GRUB_CMDLINE_PCR 12
+
+#define TPM_TAG_RQU_COMMAND 0x00C1
+#define TPM_ORD_Extend 0x14
+
+#define EV_IPL 0x0d
+
+/* TCG_PassThroughToTPM Input Parameter Block */
+typedef struct {
+ grub_uint16_t IPBLength;
+ grub_uint16_t Reserved1;
+ grub_uint16_t OPBLength;
+ grub_uint16_t Reserved2;
+ grub_uint8_t TPMOperandIn[1];
+} GRUB_PACKED PassThroughToTPM_InputParamBlock;
+
+/* TCG_PassThroughToTPM Output Parameter Block */
+typedef struct {
+ grub_uint16_t OPBLength;
+ grub_uint16_t Reserved;
+ grub_uint8_t TPMOperandOut[1];
+} GRUB_PACKED PassThroughToTPM_OutputParamBlock;
+
+typedef struct {
+ grub_uint16_t tag;
+ grub_uint32_t paramSize;
+ grub_uint32_t ordinal;
+ grub_uint32_t pcrNum;
+ grub_uint8_t inDigest[SHA1_DIGEST_SIZE]; /* The 160 bit value representing the event to be recorded. */
+} GRUB_PACKED ExtendIncoming;
+
+/* TPM_Extend Outgoing Operand */
+typedef struct {
+ grub_uint16_t tag;
+ grub_uint32_t paramSize;
+ grub_uint32_t returnCode;
+ grub_uint8_t outDigest[SHA1_DIGEST_SIZE]; /* The PCR value after execution of the command. */
+} GRUB_PACKED ExtendOutgoing;
+
+grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size,
+ grub_uint8_t pcr,
+ const char *description);
+#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_PCBIOS)
+grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf);
+grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,
+ grub_uint8_t pcr, const char *description);
+#else
+static inline grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
+ PassThroughToTPM_OutputParamBlock *outbuf) { return 0; };
+static inline grub_err_t grub_tpm_log_event(unsigned char *buf,
+ grub_size_t size,
+ grub_uint8_t pcr,
+ const char *description)
+{
+ return 0;
+};
+#endif
+
+#endif
--
2.5.0

View File

@ -0,0 +1,30 @@
From d2f552900d87b62ca0dbc740902d561bc32f32be Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Fri, 29 Jan 2016 17:34:02 -0500
Subject: [PATCH 77/90] Fix locale issue in grub-setpassword (#1294243)
A shell substitution was expecting non-translated output to grab the
hashed password and put it in the user.cfg file. Modified code to force
the generic C locale when this particular piece of code is run.
Resolves: rhbz#1294243
---
util/grub-setpassword.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
index dd76f00..2923f43 100644
--- a/util/grub-setpassword.in
+++ b/util/grub-setpassword.in
@@ -105,7 +105,7 @@ getpass() {
P1="$1" && shift
( echo ${P0} ; echo ${P1} ) | \
- ${grub_mkpasswd} | \
+ LC_ALL=C ${grub_mkpasswd} | \
grep -v '[eE]nter password:' | \
sed -e "s/PBKDF2 hash of your password is //"
}
--
2.9.3

View File

@ -0,0 +1,153 @@
From 216188f920d3ade19626d6e8fe450cea2c427e53 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 23 Sep 2014 09:58:49 -0400
Subject: [PATCH 78/90] Fix up some man pages rpmdiff noticed.
---
configure.ac | 2 ++
util/grub-macbless.8 | 26 +++++++++++++++++++
util/grub-mkimage.1 | 2 +-
util/grub-syslinux2cfg.1 | 65 ++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 94 insertions(+), 1 deletion(-)
create mode 100644 util/grub-macbless.8
create mode 100644 util/grub-syslinux2cfg.1
diff --git a/configure.ac b/configure.ac
index 67ff20c..25de2c1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -78,6 +78,7 @@ grub_TRANSFORM([grub-fstest.3])
grub_TRANSFORM([grub-glue-efi.3])
grub_TRANSFORM([grub-install.1])
grub_TRANSFORM([grub-kbdcomp.3])
+grub_TRANSFORM([grub-macbless.8])
grub_TRANSFORM([grub-menulst2cfg.1])
grub_TRANSFORM([grub-mkconfig.1])
grub_TRANSFORM([grub-mkfont.3])
@@ -96,6 +97,7 @@ grub_TRANSFORM([grub-render-label.3])
grub_TRANSFORM([grub-script-check.3])
grub_TRANSFORM([grub-set-default.1])
grub_TRANSFORM([grub-sparc64-setup.3])
+grub_TRANSFORM([grub-syslinux2cfg.1])
# Optimization flag. Allow user to override.
if test "x$TARGET_CFLAGS" = x; then
diff --git a/util/grub-macbless.8 b/util/grub-macbless.8
new file mode 100644
index 0000000..ae842f3
--- /dev/null
+++ b/util/grub-macbless.8
@@ -0,0 +1,26 @@
+.TH GRUB-MACBLESS 1 "Wed Feb 26 2014"
+.SH NAME
+\fBgrub-macbless\fR \(em Mac-style bless utility for HFS or HFS+
+
+.SH SYNOPSIS
+\fBgrub-macbless\fR [-p | --ppc] [-v | --verbose] [-x | --x86] \fIFILE\fR
+
+.SH DESCRIPTION
+\fBgrub-mkimage\fR blesses a file on an HFS or HFS+ file system, so that it
+can be used to boot a Mac.
+
+.SH OPTIONS
+.TP
+--ppc
+Bless the file for use on PPC-based Macs.
+
+.TP
+--verbose
+Print verbose messages.
+
+.TP
+--x86
+Bless the file for use on x86-based Macs.
+
+.SH SEE ALSO
+.BR "info grub"
diff --git a/util/grub-mkimage.1 b/util/grub-mkimage.1
index 4dea4f5..0eaaafe 100644
--- a/util/grub-mkimage.1
+++ b/util/grub-mkimage.1
@@ -17,7 +17,7 @@
[-v | --verbose] \fIMODULES\fR
.SH DESCRIPTION
-\fBgrub-mkimage\fI builds a bootable image of GRUB.
+\fBgrub-mkimage\fR builds a bootable image of GRUB.
.SH OPTIONS
.TP
diff --git a/util/grub-syslinux2cfg.1 b/util/grub-syslinux2cfg.1
new file mode 100644
index 0000000..8530948
--- /dev/null
+++ b/util/grub-syslinux2cfg.1
@@ -0,0 +1,65 @@
+.TH GRUB-SYSLINUX2CFG 1 "Wed Feb 26 2014"
+.SH NAME
+\fBgrub-syslinux2cfg\fR \(em Transform a syslinux config file into a GRUB config.
+
+.SH SYNOPSIS
+\fBgrub-syslinux2cfg\fR [-c | --cwd=\fRDIR\fI] [-r | --root=\fIDIR\fR] [-v | --verbose]
+.RE
+.RS 25
+[-t | --target-root=\fIDIR\fR] [-T | --target-cwd=\fIDIR\fR]
+.RE
+.RS 25
+[-o | --output=\fIFILE\fR] [[-i | --isolinux] |
+.RE
+.RS 46
+ [-s | --syslinux] |
+.RE
+.RS 46
+ [-p | --pxelinux]] \fIFILE\fR
+
+.SH DESCRIPTION
+\fBgrub-syslinux2cfg\fR builds a GRUB configuration file out of an existing
+syslinux configuration file.
+
+.SH OPTIONS
+.TP
+--cwd=\fIDIR\fR
+Set \fIDIR\fR as syslinux's working directory. The default is to use the
+parent directory of the input file.
+
+.TP
+--root=\fIDIR\fR
+Set \fIDIR\fR as the root directory of the syslinux disk. The default value
+is "/".
+
+.TP
+--verbose
+Print verbose messages.
+
+.TP
+--target-root=\fIDIR\fR
+Root directory as it will be seen at runtime. The default value is "/".
+
+.TP
+--target-cwd=\fIDIR\fR
+Working directory of syslinux as it will be seen at runtime. The default
+value is the parent directory of the input file.
+
+.TP
+--output=\fIFILE\fR
+Write the new config file to \fIFILE\fR. The default value is standard output.
+
+.TP
+--isolinux
+Assume that the input file is an isolinux configuration file.
+
+.TP
+--pxelinux
+Assume that the input file is a pxelinux configuration file.
+
+.TP
+--syslinux
+Assume that the input file is a syslinux configuration file.
+
+.SH SEE ALSO
+.BR "info grub"
--
2.9.3

View File

@ -1,42 +0,0 @@
From 878a4bed6479ccfbde4ba8dc3c2c029f12fba708 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Thu, 16 Jul 2015 15:22:34 -0700
Subject: [PATCH 78/85] Measure kernel + initrd
Measure the kernel and initrd when loaded on UEFI systems
---
grub-core/loader/i386/efi/linux.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 7ccf32d..4ee45e9 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -27,6 +27,7 @@
#include <grub/lib/cmdline.h>
#include <grub/efi/efi.h>
#include <grub/efi/linux.h>
+#include <grub/tpm.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -129,6 +130,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
argv[i]);
goto fail;
}
+ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "UEFI Linux initrd");
ptr += cursize;
grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4));
ptr += ALIGN_UP_OVERHEAD (cursize, 4);
@@ -184,6 +186,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
+ grub_tpm_measure (kernel, filelen, GRUB_KERNEL_PCR, "UEFI Linux kernel");
+
if (! grub_linuxefi_secure_validate (kernel, filelen))
{
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
--
2.5.0

View File

@ -1,179 +0,0 @@
From b727ffaee53c9f3ee9ab1497441e378d77a5af6d Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 15:48:51 -0700
Subject: [PATCH 79/85] Add BIOS boot measurement
Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware
can't do this stage for us.
---
grub-core/boot/i386/pc/boot.S | 30 +++++++++++++++++++++++++-
grub-core/boot/i386/pc/diskboot.S | 44 +++++++++++++++++++++++++++++++++++++++
2 files changed, 73 insertions(+), 1 deletion(-)
diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S
index ea167fe..c1df86d 100644
--- a/grub-core/boot/i386/pc/boot.S
+++ b/grub-core/boot/i386/pc/boot.S
@@ -24,11 +24,14 @@
* defines for the code go here
*/
+#define TPM 1
+
/* Print message string */
#define MSG(x) movw $x, %si; call LOCAL(message)
#define ERR(x) movw $x, %si; jmp LOCAL(error_message)
.macro floppy
+#ifndef TPM
part_start:
LOCAL(probe_values):
@@ -85,6 +88,7 @@ fd_probe_error_string: .asciz "Floppy"
movb MACRO_DOLLAR(79), %ch
jmp LOCAL(final_init)
+#endif
.endm
.macro scratch
@@ -252,6 +256,7 @@ real_start:
/* set %si to the disk address packet */
movw $disk_address_packet, %si
+#ifndef TPM
/* check if LBA is supported */
movb $0x41, %ah
movw $0x55aa, %bx
@@ -271,6 +276,7 @@ real_start:
andw $1, %cx
jz LOCAL(chs_mode)
+#endif
LOCAL(lba_mode):
xorw %ax, %ax
@@ -314,6 +320,9 @@ LOCAL(lba_mode):
jmp LOCAL(copy_buffer)
LOCAL(chs_mode):
+#ifdef TPM
+ jmp LOCAL(general_error)
+#else
/*
* Determine the hard disk geometry from the BIOS!
* We do this first, so that LS-120 IDE floppies work correctly.
@@ -425,7 +434,7 @@ setup_sectors:
jc LOCAL(read_error)
movw %es, %bx
-
+#endif /* TPM */
LOCAL(copy_buffer):
/*
* We need to save %cx and %si because the startup code in
@@ -448,6 +457,25 @@ LOCAL(copy_buffer):
popw %ds
popa
+#ifdef TPM
+ pusha
+
+ movw $0xBB00, %ax /* TCG_StatusCheck */
+ int $0x1A
+ test %eax, %eax
+ jnz boot /* No TPM or TPM deactivated */
+
+ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */
+ movw $GRUB_BOOT_MACHINE_KERNEL_ADDR, %di
+ xorl %esi, %esi
+ movl $0x41504354, %ebx /* TCPA */
+ movl $0x200, %ecx /* Measure 512 bytes */
+ movl $0x8, %edx /* PCR 8 */
+ int $0x1A
+
+ popa
+#endif
+boot:
/* boot kernel */
jmp *(LOCAL(kernel_address))
diff --git a/grub-core/boot/i386/pc/diskboot.S b/grub-core/boot/i386/pc/diskboot.S
index c8b87ed..05dd7fa 100644
--- a/grub-core/boot/i386/pc/diskboot.S
+++ b/grub-core/boot/i386/pc/diskboot.S
@@ -19,6 +19,8 @@
#include <grub/symbol.h>
#include <grub/machine/boot.h>
+#define TPM 1
+
/*
* defines for the code go here
*/
@@ -53,6 +55,21 @@ _start:
/* this sets up for the first run through "bootloop" */
movw $LOCAL(firstlist), %di
+#ifdef TPM
+ /* clear EAX to remove potential garbage */
+ xorl %eax, %eax
+ /* 8(%di) = number of sectors to read */
+ movw 8(%di), %ax
+
+ /* Multiply number of sectors to read with 512 bytes. EAX is 32bit
+ * which is large enough to hold values of up to 4GB. I doubt there
+ * will ever be a core.img larger than that. ;-) */
+ shll $9, %eax
+
+ /* write result to bytes_to_measure var */
+ movl %eax, bytes_to_measure
+#endif
+
/* save the sector number of the second sector in %ebp */
movl (%di), %ebp
@@ -290,6 +307,29 @@ LOCAL(copy_buffer):
/* END OF MAIN LOOP */
LOCAL(bootit):
+#ifdef TPM
+ pusha
+ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */
+
+ movw $0x0, %bx
+ movw %bx, %es
+
+ /* We've already measured the first 512 bytes, now measure the rest */
+ xorl %edi, %edi
+ movw $(GRUB_BOOT_MACHINE_KERNEL_ADDR + 0x200), %di
+
+ movl $0x41504354, %ebx /* EBX = "TCPA" */
+
+ /* %ecx = The length, in bytes, of the buffer to measure */
+ movl $bytes_to_measure, %esi
+ movl (%esi), %ecx
+ xorl %esi, %esi
+ movl $0x9, %edx /* PCR 9 */
+
+ int $0x1A
+
+ popa
+#endif
/* print a newline */
MSG(notification_done)
popw %dx /* this makes sure %dl is our "boot" drive */
@@ -324,6 +364,10 @@ geometry_error_string: .asciz "Geom"
read_error_string: .asciz "Read"
general_error_string: .asciz " Error"
+#ifdef TPM
+bytes_to_measure: .long 0
+#endif
+
/*
* message: write the string pointed to by %si
*
--
2.5.0

View File

@ -0,0 +1,39 @@
From 90e2d3fbb161d494cdfc0ad0da740a6a4f651d70 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 30 Jun 2015 15:50:41 -0400
Subject: [PATCH 79/90] Handle rssd storage devices.
Resolves: rhbz#1087962
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/osdep/linux/getroot.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c
index 09e7e6e..ad7b774 100644
--- a/grub-core/osdep/linux/getroot.c
+++ b/grub-core/osdep/linux/getroot.c
@@ -898,6 +898,19 @@ grub_util_part_to_disk (const char *os_dev, struct stat *st,
return path;
}
+ /* If this is an rssd device. */
+ if ((strncmp ("rssd", p, 4) == 0) && p[4] >= 'a' && p[4] <= 'z')
+ {
+ char *pp = p + 4;
+ while (*pp >= 'a' && *pp <= 'z')
+ pp++;
+ if (*pp)
+ *is_part = 1;
+ /* /dev/rssd[a-z]+[0-9]* */
+ *pp = '\0';
+ return path;
+ }
+
/* If this is a loop device */
if ((strncmp ("loop", p, 4) == 0) && p[4] >= '0' && p[4] <= '9')
{
--
2.9.3

View File

@ -0,0 +1,31 @@
From f46e9b0378cfaced22f0de5e8061ddb0c6829ee8 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Mon, 22 Feb 2016 15:30:05 -0500
Subject: [PATCH 80/90] Warn if grub password will not be read (#1290803)
It is possible for a system to have never run grub-mkconfig and add the
section that reads the user.cfg file which contains a user set GRUB
password. Users in that scenario will now be warned that grub-mkconfig
must be run prior to their newly set password taking effect.
Resolves: rhbz#1290803
---
util/grub-setpassword.in | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
index 2923f43..dd7b793 100644
--- a/util/grub-setpassword.in
+++ b/util/grub-setpassword.in
@@ -121,3 +121,8 @@ fi
install -m 0600 /dev/null "${grubdir}/user.cfg" 2>/dev/null || :
chmod 0600 "${grubdir}/user.cfg" 2>/dev/null || :
echo "GRUB2_PASSWORD=${MYPASS}" > "${grubdir}/user.cfg"
+
+if ! grep -q "^### BEGIN /etc/grub.d/01_users ###$" "${grubdir}/grub.cfg"; then
+ echo "WARNING: The current configuration lacks password support!"
+ echo "Update your configuration with @grub_mkconfig@ to support this feature."
+fi
--
2.9.3

View File

@ -0,0 +1,58 @@
From f41adcd85164ef8a0d0918f0508f29dcf3c7467d Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Tue, 26 Jan 2016 10:28:35 -0500
Subject: [PATCH 81/90] Clean up grub-setpassword documentation (#1290799)
The output for --help had some errors. Corrected those and polished the
text to be a little easier to follow. Carried verbage over to man page
to maintain internal consistency.
Resolves: rhbz#1290799
---
util/grub-setpassword.8 | 2 +-
util/grub-setpassword.in | 15 +++++++--------
2 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/util/grub-setpassword.8 b/util/grub-setpassword.8
index 49200a8..dc91dd6 100644
--- a/util/grub-setpassword.8
+++ b/util/grub-setpassword.8
@@ -19,7 +19,7 @@ Display program usage and exit.
-v, --version
Display the current version.
.TP
--o, --output[=\fIDIRECTORY PATH\fR]
+-o, --output=<\fIDIRECTORY\fR>
Choose the file path to which user.cfg will be written.
.SH SEE ALSO
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
index dd7b793..d7924af 100644
--- a/util/grub-setpassword.in
+++ b/util/grub-setpassword.in
@@ -16,15 +16,14 @@ grub_mkpasswd="${bindir}/@grub_mkpasswd_pbkdf2@"
# Print the usage.
usage () {
cat <<EOF
-Usage: $0 [OPTION] [SOURCE]
-Run GRUB script in a Qemu instance.
-
- -h, --help print this message and exit
- -v, --version print the version information and exit
- -o, --output_path choose a custom output path for user.cfg
-
+Usage: $0 [OPTION]
$0 prompts the user to set a password on the grub bootloader. The password
-is written to a file named user.cfg.
+is written to a file named user.cfg which lives in the GRUB directory
+located by default at ${grubdir}.
+
+ -h, --help print this message and exit
+ -v, --version print the version information and exit
+ -o, --output_path <DIRECTORY> put user.cfg in a user-selected directory
Report bugs at https://bugzilla.redhat.com.
EOF
--
2.9.3

View File

@ -1,87 +0,0 @@
From f4d862215e8d693018f419be33a0a3a7c3e79d29 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 16:28:29 -0700
Subject: [PATCH 82/85] Measure kernel and initrd on BIOS systems
Measure the kernel and initrd when loaded on BIOS systems
---
grub-core/loader/i386/linux.c | 5 +++++
grub-core/loader/i386/pc/linux.c | 3 +++
grub-core/loader/linux.c | 2 ++
3 files changed, 10 insertions(+)
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 5eb7d17..342c9fe 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -36,6 +36,7 @@
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
#include <grub/efi/sb.h>
+#include <grub/tpm.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -717,7 +718,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
+ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "Linux Kernel");
+
grub_memcpy (&lh, kernel, sizeof (lh));
+
kernel_offset = sizeof (lh);
if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55))
@@ -1026,6 +1030,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
len = prot_file_size;
grub_memcpy (prot_mode_mem, kernel + kernel_offset, len);
+ kernel_offset += len;
if (grub_errno == GRUB_ERR_NONE)
{
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index b864e54..6b8f365 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -36,6 +36,7 @@
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
#include <grub/efi/sb.h>
+#include <grub/tpm.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -161,6 +162,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
+ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "BIOS Linux Kernel");
+
grub_memcpy (&lh, kernel, sizeof (lh));
kernel_offset = sizeof (lh);
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index be6fa0f..3005c0d 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -4,6 +4,7 @@
#include <grub/misc.h>
#include <grub/file.h>
#include <grub/mm.h>
+#include <grub/tpm.h>
struct newc_head
{
@@ -288,6 +289,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx,
grub_initrd_close (initrd_ctx);
return grub_errno;
}
+ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "Linux Initrd");
ptr += cursize;
}
if (newc)
--
2.5.0

View File

@ -0,0 +1,353 @@
From e2b22111a8ec58091603fc785f54b1b998888735 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 9 Jun 2016 12:22:29 -0400
Subject: [PATCH 82/90] Re-work some intricacies of PE loading.
The PE spec is not a well written document, and awesomely every place
where there's an ambiguous way to read something, Windows' bootmgfw.efi
takes a different read than either of them.
---
grub-core/loader/efi/chainloader.c | 156 +++++++++++++++++++++++++++++--------
include/grub/efi/pe32.h | 32 +++++++-
2 files changed, 152 insertions(+), 36 deletions(-)
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index c4184fa..323f873 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -297,7 +297,7 @@ image_is_64_bit (grub_pe_header_t *pe_hdr)
return 0;
}
-static const grub_uint16_t machine_type =
+static const grub_uint16_t machine_type __attribute__((__unused__)) =
#if defined(__x86_64__)
GRUB_PE32_MACHINE_X86_64;
#elif defined(__aarch64__)
@@ -363,10 +363,10 @@ relocate_coff (pe_coff_loader_image_context_t *context,
reloc_base = image_address (orig, size, section->raw_data_offset);
reloc_base_end = image_address (orig, size, section->raw_data_offset
- + section->virtual_size - 1);
+ + section->virtual_size);
- grub_dprintf ("chain", "reloc_base %p reloc_base_end %p\n", reloc_base,
- reloc_base_end);
+ grub_dprintf ("chain", "relocate_coff(): reloc_base %p reloc_base_end %p\n",
+ reloc_base, reloc_base_end);
if (!reloc_base && !reloc_base_end)
return GRUB_EFI_SUCCESS;
@@ -503,12 +503,13 @@ handle_image (void *data, grub_efi_uint32_t datasize)
grub_efi_status_t efi_status;
char *buffer = NULL;
char *buffer_aligned = NULL;
- grub_efi_uint32_t i, size;
+ grub_efi_uint32_t i;
struct grub_pe32_section_table *section;
char *base, *end;
pe_coff_loader_image_context_t context;
grub_uint32_t section_alignment;
grub_uint32_t buffer_size;
+ int found_entry_point = 0;
b = grub_efi_system_table->boot_services;
@@ -522,8 +523,28 @@ handle_image (void *data, grub_efi_uint32_t datasize)
goto error_exit;
}
+ /*
+ * The spec says, uselessly, of SectionAlignment:
+ * =====
+ * The alignment (in bytes) of sections when they are loaded into
+ * memory. It must be greater than or equal to FileAlignment. The
+ * default is the page size for the architecture.
+ * =====
+ * Which doesn't tell you whose responsibility it is to enforce the
+ * "default", or when. It implies that the value in the field must
+ * be > FileAlignment (also poorly defined), but it appears visual
+ * studio will happily write 512 for FileAlignment (its default) and
+ * 0 for SectionAlignment, intending to imply PAGE_SIZE.
+ *
+ * We only support one page size, so if it's zero, nerf it to 4096.
+ */
section_alignment = context.section_alignment;
+ if (section_alignment == 0)
+ section_alignment = 4096;
+
buffer_size = context.image_size + section_alignment;
+ grub_dprintf ("chain", "image size is %08lx, datasize is %08x\n",
+ context.image_size, datasize);
efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA,
buffer_size, &buffer);
@@ -535,7 +556,6 @@ handle_image (void *data, grub_efi_uint32_t datasize)
}
buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment);
-
if (!buffer_aligned)
{
grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
@@ -544,27 +564,62 @@ handle_image (void *data, grub_efi_uint32_t datasize)
grub_memcpy (buffer_aligned, data, context.size_of_headers);
+ entry_point = image_address (buffer_aligned, context.image_size,
+ context.entry_point);
+
+ grub_dprintf ("chain", "entry_point: %p\n", entry_point);
+ if (!entry_point)
+ {
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point");
+ goto error_exit;
+ }
+
char *reloc_base, *reloc_base_end;
- reloc_base = image_address (buffer_aligned, datasize,
+ grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n",
+ (void *)(unsigned long long)context.reloc_dir->rva,
+ context.reloc_dir->size);
+ reloc_base = image_address (buffer_aligned, context.image_size,
context.reloc_dir->rva);
/* RelocBaseEnd here is the address of the last byte of the table */
- reloc_base_end = image_address (buffer_aligned, datasize,
+ reloc_base_end = image_address (buffer_aligned, context.image_size,
context.reloc_dir->rva
+ context.reloc_dir->size - 1);
+ grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n",
+ reloc_base, reloc_base_end);
+
struct grub_pe32_section_table *reloc_section = NULL;
section = context.first_section;
for (i = 0; i < context.number_of_sections; i++, section++)
{
- size = section->virtual_size;
- if (size > section->raw_data_size)
- size = section->raw_data_size;
+ char name[9];
base = image_address (buffer_aligned, context.image_size,
section->virtual_address);
end = image_address (buffer_aligned, context.image_size,
- section->virtual_address + size - 1);
+ section->virtual_address + section->virtual_size -1);
+ grub_strncpy(name, section->name, 9);
+ name[8] = '\0';
+ grub_dprintf ("chain", "Section %d \"%s\" at %p..%p\n", i,
+ name, base, end);
+
+ if (end < base)
+ {
+ grub_dprintf ("chain", " base is %p but end is %p... bad.\n",
+ base, end);
+ grub_error (GRUB_ERR_BAD_ARGUMENT,
+ "Image has invalid negative size");
+ goto error_exit;
+ }
+
+ if (section->virtual_address <= context.entry_point &&
+ (section->virtual_address + section->raw_data_size - 1)
+ > context.entry_point)
+ {
+ found_entry_point++;
+ grub_dprintf ("chain", " section contains entry point\n");
+ }
/* We do want to process .reloc, but it's often marked
* discardable, so we don't want to memcpy it. */
@@ -583,21 +638,46 @@ handle_image (void *data, grub_efi_uint32_t datasize)
if (section->raw_data_size && section->virtual_size &&
base && end && reloc_base == base && reloc_base_end == end)
{
+ grub_dprintf ("chain", " section is relocation section\n");
reloc_section = section;
}
+ else
+ {
+ grub_dprintf ("chain", " section is not reloc section?\n");
+ grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n",
+ section->raw_data_size, section->virtual_size);
+ grub_dprintf ("chain", " base: %p end: %p\n", base, end);
+ grub_dprintf ("chain", " reloc_base: %p reloc_base_end: %p\n",
+ reloc_base, reloc_base_end);
+ }
}
- if (section->characteristics && GRUB_PE32_SCN_MEM_DISCARDABLE)
- continue;
+ grub_dprintf ("chain", " Section characteristics are %08x\n",
+ section->characteristics);
+ grub_dprintf ("chain", " Section virtual size: %08x\n",
+ section->virtual_size);
+ grub_dprintf ("chain", " Section raw_data size: %08x\n",
+ section->raw_data_size);
+ if (section->characteristics & GRUB_PE32_SCN_MEM_DISCARDABLE)
+ {
+ grub_dprintf ("chain", " Discarding section\n");
+ continue;
+ }
if (!base || !end)
{
+ grub_dprintf ("chain", " section is invalid\n");
grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size");
goto error_exit;
}
- if (section->virtual_address < context.size_of_headers ||
- section->raw_data_offset < context.size_of_headers)
+ if (section->characteristics & GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA)
+ {
+ if (section->raw_data_size != 0)
+ grub_dprintf ("chain", " UNINITIALIZED_DATA section has data?\n");
+ }
+ else if (section->virtual_address < context.size_of_headers ||
+ section->raw_data_offset < context.size_of_headers)
{
grub_error (GRUB_ERR_BAD_ARGUMENT,
"Section %d is inside image headers", i);
@@ -605,13 +685,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
}
if (section->raw_data_size > 0)
- grub_memcpy (base, (grub_efi_uint8_t*)data + section->raw_data_offset,
- size);
+ {
+ grub_dprintf ("chain", " copying 0x%08x bytes to %p\n",
+ section->raw_data_size, base);
+ grub_memcpy (base,
+ (grub_efi_uint8_t*)data + section->raw_data_offset,
+ section->raw_data_size);
+ }
- if (size < section->virtual_size)
- grub_memset (base + size, 0, section->virtual_size - size);
+ if (section->raw_data_size < section->virtual_size)
+ {
+ grub_dprintf ("chain", " padding with 0x%08x bytes at %p\n",
+ section->virtual_size - section->raw_data_size,
+ base + section->raw_data_size);
+ grub_memset (base + section->raw_data_size, 0,
+ section->virtual_size - section->raw_data_size);
+ }
- grub_dprintf ("chain", "copied section %s\n", section->name);
+ grub_dprintf ("chain", " finished section %s\n", name);
}
/* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */
@@ -634,12 +725,15 @@ handle_image (void *data, grub_efi_uint32_t datasize)
}
}
- entry_point = image_address (buffer_aligned, context.image_size,
- context.entry_point);
-
- if (!entry_point)
+ if (!found_entry_point)
{
- grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point");
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "entry point is not within sections");
+ goto error_exit;
+ }
+ if (found_entry_point > 1)
+ {
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "%d sections contain entry point",
+ found_entry_point);
goto error_exit;
}
@@ -657,26 +751,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
li->load_options_size = cmdline_len;
li->file_path = grub_efi_get_media_file_path (file_path);
li->device_handle = dev_handle;
- if (li->file_path)
- {
- grub_printf ("file path: ");
- grub_efi_print_device_path (li->file_path);
- }
- else
+ if (!li->file_path)
{
grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found");
goto error_exit;
}
+ grub_dprintf ("chain", "booting via entry point\n");
efi_status = efi_call_2 (entry_point, grub_efi_image_handle,
grub_efi_system_table);
+ grub_dprintf ("chain", "entry_point returned %ld\n", efi_status);
grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t));
efi_status = efi_call_1 (b->free_pool, buffer);
return 1;
error_exit:
+ grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno);
if (buffer)
efi_call_1 (b->free_pool, buffer);
diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
index f79782e..8396bde 100644
--- a/include/grub/efi/pe32.h
+++ b/include/grub/efi/pe32.h
@@ -227,12 +227,18 @@ struct grub_pe32_section_table
grub_uint32_t characteristics;
};
+#define GRUB_PE32_SCN_TYPE_NO_PAD 0x00000008
#define GRUB_PE32_SCN_CNT_CODE 0x00000020
#define GRUB_PE32_SCN_CNT_INITIALIZED_DATA 0x00000040
-#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000
-#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000
-#define GRUB_PE32_SCN_MEM_READ 0x40000000
-#define GRUB_PE32_SCN_MEM_WRITE 0x80000000
+#define GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA 0x00000080
+#define GRUB_PE32_SCN_LNK_OTHER 0x00000100
+#define GRUB_PE32_SCN_LNK_INFO 0x00000200
+#define GRUB_PE32_SCN_LNK_REMOVE 0x00000800
+#define GRUB_PE32_SCN_LNK_COMDAT 0x00001000
+#define GRUB_PE32_SCN_GPREL 0x00008000
+#define GRUB_PE32_SCN_MEM_16BIT 0x00020000
+#define GRUB_PE32_SCN_MEM_LOCKED 0x00040000
+#define GRUB_PE32_SCN_MEM_PRELOAD 0x00080000
#define GRUB_PE32_SCN_ALIGN_1BYTES 0x00100000
#define GRUB_PE32_SCN_ALIGN_2BYTES 0x00200000
@@ -241,10 +247,28 @@ struct grub_pe32_section_table
#define GRUB_PE32_SCN_ALIGN_16BYTES 0x00500000
#define GRUB_PE32_SCN_ALIGN_32BYTES 0x00600000
#define GRUB_PE32_SCN_ALIGN_64BYTES 0x00700000
+#define GRUB_PE32_SCN_ALIGN_128BYTES 0x00800000
+#define GRUB_PE32_SCN_ALIGN_256BYTES 0x00900000
+#define GRUB_PE32_SCN_ALIGN_512BYTES 0x00A00000
+#define GRUB_PE32_SCN_ALIGN_1024BYTES 0x00B00000
+#define GRUB_PE32_SCN_ALIGN_2048BYTES 0x00C00000
+#define GRUB_PE32_SCN_ALIGN_4096BYTES 0x00D00000
+#define GRUB_PE32_SCN_ALIGN_8192BYTES 0x00E00000
#define GRUB_PE32_SCN_ALIGN_SHIFT 20
#define GRUB_PE32_SCN_ALIGN_MASK 7
+#define GRUB_PE32_SCN_LNK_NRELOC_OVFL 0x01000000
+#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000
+#define GRUB_PE32_SCN_MEM_NOT_CACHED 0x04000000
+#define GRUB_PE32_SCN_MEM_NOT_PAGED 0x08000000
+#define GRUB_PE32_SCN_MEM_SHARED 0x10000000
+#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000
+#define GRUB_PE32_SCN_MEM_READ 0x40000000
+#define GRUB_PE32_SCN_MEM_WRITE 0x80000000
+
+
+
#define GRUB_PE32_SIGNATURE_SIZE 4
struct grub_pe32_header
--
2.9.3

View File

@ -1,43 +0,0 @@
From 6bcfc6f286d099a26cc0c7a00a6458d1d7993485 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 16:32:29 -0700
Subject: [PATCH 83/85] Measure the kernel commandline
Measure the kernel commandline to ensure that it hasn't been modified
---
grub-core/lib/cmdline.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c
index 970ea86..6b56304 100644
--- a/grub-core/lib/cmdline.c
+++ b/grub-core/lib/cmdline.c
@@ -19,6 +19,7 @@
#include <grub/lib/cmdline.h>
#include <grub/misc.h>
+#include <grub/tpm.h>
static int
is_hex(char c)
@@ -79,7 +80,7 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
{
int i, space;
unsigned int arg_size;
- char *c;
+ char *c, *orig = buf;
for (i = 0; i < argc; i++)
{
@@ -125,5 +126,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
*buf = 0;
+ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_CMDLINE_PCR,
+ "Kernel Commandline");
+
return i;
}
--
2.5.0

View File

@ -0,0 +1,386 @@
From 8b4deb97529ba7ff689a11639f2a5bfdb29ad2ea Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 10 Jun 2016 14:06:15 -0400
Subject: [PATCH 83/90] Rework even more of efi chainload so non-sb cases work
right.
This ensures that if shim protocol is not loaded, or is loaded but shim
is disabled, we will fall back to a correct load method for the efi
chain loader.
Here's what I tested with this version:
results expected actual
------------------------------------------------------------
sb + enabled + shim + fedora success success
sb + enabled + shim + win success success
sb + enabled + grub + fedora fail fail
sb + enabled + grub + win fail fail
sb + mokdisabled + shim + fedora success success
sb + mokdisabled + shim + win success success
sb + mokdisabled + grub + fedora fail fail
sb + mokdisabled + grub + win fail fail
sb disabled + shim + fedora success success*
sb disabled + shim + win success success*
sb disabled + grub + fedora success success
sb disabled + grub + win success success
nosb + shim + fedora success success*
nosb + shim + win success success*
nosb + grub + fedora success success
nosb + grub + win success success
* for some reason shim protocol is being installed in these cases, and I
can't see why, but I think it may be this firmware build returning an
erroneous value. But this effectively falls back to the mokdisabled
behavior, which works correctly, and the presence of the "grub" (i.e.
no shim) tests effectively tests the desired behavior here.
Resolves: rhbz#1344512
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/kern/efi/sb.c | 14 +++--
grub-core/loader/arm64/linux.c | 4 +-
grub-core/loader/efi/chainloader.c | 115 ++++++++++++++++++++++---------------
grub-core/loader/efi/linux.c | 13 +++--
grub-core/loader/i386/efi/linux.c | 10 +++-
include/grub/efi/linux.h | 2 +-
6 files changed, 99 insertions(+), 59 deletions(-)
diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
index a41b6c5..d74778b 100644
--- a/grub-core/kern/efi/sb.c
+++ b/grub-core/kern/efi/sb.c
@@ -36,14 +36,20 @@ grub_efi_secure_boot (void)
grub_efi_boolean_t ret = 0;
secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize);
-
if (datasize != 1 || !secure_boot)
- goto out;
+ {
+ grub_dprintf ("secureboot", "No SecureBoot variable\n");
+ goto out;
+ }
+ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot);
setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize);
-
if (datasize != 1 || !setup_mode)
- goto out;
+ {
+ grub_dprintf ("secureboot", "No SetupMode variable\n");
+ goto out;
+ }
+ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode);
if (*secure_boot && !*setup_mode)
ret = 1;
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index 4756ef7..f83820e 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -251,6 +251,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_file_t file = 0;
struct grub_arm64_linux_kernel_header lh;
struct grub_arm64_linux_pe_header *pe;
+ int rc;
grub_dl_ref (my_mod);
@@ -295,7 +296,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
- if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size))
+ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size);
+ if (rc < 0)
{
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
goto fail;
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index 323f873..49a7662 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -178,7 +178,6 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
/* Fill the file path for the directory. */
d = (grub_efi_device_path_t *) ((char *) file_path
+ ((char *) d - (char *) dp));
- grub_efi_print_device_path (d);
copy_file_path ((grub_efi_file_path_device_path_t *) d,
dir_start, dir_end - dir_start);
@@ -248,10 +247,9 @@ read_header (void *data, grub_efi_uint32_t size,
grub_efi_status_t status;
shim_lock = grub_efi_locate_protocol (&guid, NULL);
-
if (!shim_lock)
{
- grub_error (GRUB_ERR_BAD_ARGUMENT, "no shim lock protocol");
+ grub_dprintf ("chain", "no shim lock protocol");
return 0;
}
@@ -276,7 +274,7 @@ read_header (void *data, grub_efi_uint32_t size,
break;
}
- return 0;
+ return -1;
}
static void*
@@ -510,17 +508,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
grub_uint32_t section_alignment;
grub_uint32_t buffer_size;
int found_entry_point = 0;
+ int rc;
b = grub_efi_system_table->boot_services;
- if (read_header (data, datasize, &context))
+ rc = read_header (data, datasize, &context);
+ if (rc < 0)
{
- grub_dprintf ("chain", "Succeed to read header\n");
+ grub_dprintf ("chain", "Failed to read header\n");
+ goto error_exit;
+ }
+ else if (rc == 0)
+ {
+ grub_dprintf ("chain", "Secure Boot is not enabled\n");
+ return 0;
}
else
{
- grub_dprintf ("chain", "Failed to read header\n");
- goto error_exit;
+ grub_dprintf ("chain", "Header read without error\n");
}
/*
@@ -793,9 +798,55 @@ grub_secureboot_chainloader_unload (void)
}
static grub_err_t
+grub_load_and_start_image(void *boot_image)
+{
+ grub_efi_boot_services_t *b;
+ grub_efi_status_t status;
+ grub_efi_loaded_image_t *loaded_image;
+
+ b = grub_efi_system_table->boot_services;
+
+ status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path,
+ boot_image, fsize, &image_handle);
+ if (status != GRUB_EFI_SUCCESS)
+ {
+ if (status == GRUB_EFI_OUT_OF_RESOURCES)
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources");
+ else
+ grub_error (GRUB_ERR_BAD_OS, "cannot load image");
+ return -1;
+ }
+
+ /* LoadImage does not set a device handler when the image is
+ loaded from memory, so it is necessary to set it explicitly here.
+ This is a mess. */
+ loaded_image = grub_efi_get_loaded_image (image_handle);
+ if (! loaded_image)
+ {
+ grub_error (GRUB_ERR_BAD_OS, "no loaded image available");
+ return -1;
+ }
+ loaded_image->device_handle = dev_handle;
+
+ if (cmdline)
+ {
+ loaded_image->load_options = cmdline;
+ loaded_image->load_options_size = cmdline_len;
+ }
+
+ return 0;
+}
+
+static grub_err_t
grub_secureboot_chainloader_boot (void)
{
- handle_image ((void *)address, fsize);
+ int rc;
+ rc = handle_image ((void *)address, fsize);
+ if (rc == 0)
+ {
+ grub_load_and_start_image((void *)address);
+ }
+
grub_loader_unset ();
return grub_errno;
}
@@ -809,9 +860,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
grub_efi_boot_services_t *b;
grub_device_t dev = 0;
grub_efi_device_path_t *dp = 0;
- grub_efi_loaded_image_t *loaded_image;
char *filename;
void *boot_image = 0;
+ int rc;
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
@@ -898,9 +949,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
if (! file_path)
goto fail;
- grub_printf ("file path: ");
- grub_efi_print_device_path (file_path);
-
fsize = grub_file_size (file);
if (!fsize)
{
@@ -975,51 +1023,28 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
}
#endif
- if (grub_linuxefi_secure_validate((void *)address, fsize))
+ rc = grub_linuxefi_secure_validate((void *)address, fsize);
+ grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc);
+ if (rc > 0)
{
grub_file_close (file);
grub_loader_set (grub_secureboot_chainloader_boot,
grub_secureboot_chainloader_unload, 0);
return 0;
}
-
- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path,
- boot_image, fsize, &image_handle);
- if (status != GRUB_EFI_SUCCESS)
+ else if (rc == 0)
{
- if (status == GRUB_EFI_OUT_OF_RESOURCES)
- grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources");
- else
- grub_error (GRUB_ERR_BAD_OS, "cannot load image");
-
- goto fail;
- }
-
- /* LoadImage does not set a device handler when the image is
- loaded from memory, so it is necessary to set it explicitly here.
- This is a mess. */
- loaded_image = grub_efi_get_loaded_image (image_handle);
- if (! loaded_image)
- {
- grub_error (GRUB_ERR_BAD_OS, "no loaded image available");
- goto fail;
- }
- loaded_image->device_handle = dev_handle;
+ grub_load_and_start_image(boot_image);
+ grub_file_close (file);
+ grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
- if (cmdline)
- {
- loaded_image->load_options = cmdline;
- loaded_image->load_options_size = cmdline_len;
+ return 0;
}
grub_file_close (file);
grub_device_close (dev);
- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
- return 0;
-
- fail:
-
+fail:
if (dev)
grub_device_close (dev);
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index aea378a..8890bdf 100644
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@@ -33,21 +33,24 @@ struct grub_efi_shim_lock
};
typedef struct grub_efi_shim_lock grub_efi_shim_lock_t;
-grub_efi_boolean_t
+int
grub_linuxefi_secure_validate (void *data, grub_uint32_t size)
{
grub_efi_guid_t guid = SHIM_LOCK_GUID;
grub_efi_shim_lock_t *shim_lock;
+ grub_efi_status_t status;
shim_lock = grub_efi_locate_protocol(&guid, NULL);
-
+ grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock);
if (!shim_lock)
- return 1;
+ return 0;
- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS)
+ status = shim_lock->verify(data, size);
+ grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", status);
+ if (status == GRUB_EFI_SUCCESS)
return 1;
- return 0;
+ return -1;
}
typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *);
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 7ccf32d..82f75b7 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -155,6 +155,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
struct linux_kernel_header lh;
grub_ssize_t len, start, filelen;
void *kernel = NULL;
+ int rc;
grub_dl_ref (my_mod);
@@ -180,13 +181,16 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
if (grub_file_read (file, kernel, filelen) != filelen)
{
- grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]);
+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"),
+ argv[0]);
goto fail;
}
- if (! grub_linuxefi_secure_validate (kernel, filelen))
+ rc = grub_linuxefi_secure_validate (kernel, filelen);
+ if (rc < 0)
{
- grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"),
+ argv[0]);
grub_free (kernel);
goto fail;
}
diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h
index d9ede36..0033d93 100644
--- a/include/grub/efi/linux.h
+++ b/include/grub/efi/linux.h
@@ -22,7 +22,7 @@
#include <grub/err.h>
#include <grub/symbol.h>
-grub_efi_boolean_t
+int
EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size);
grub_err_t
EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset,
--
2.9.3

View File

@ -1,76 +0,0 @@
From 4f316cbb70563a26a8cb42ce5122c198cfd3636d Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@srcf.ucam.org>
Date: Mon, 10 Aug 2015 15:27:12 -0700
Subject: [PATCH 84/85] Measure commands
Measure each command executed by grub, which includes script execution.
---
grub-core/script/execute.c | 25 +++++++++++++++++++++++--
include/grub/tpm.h | 1 +
2 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
index cf6cd66..9ae04a0 100644
--- a/grub-core/script/execute.c
+++ b/grub-core/script/execute.c
@@ -30,6 +30,7 @@
#ifdef GRUB_MACHINE_IEEE1275
#include <grub/ieee1275/ieee1275.h>
#endif
+#include <grub/tpm.h>
/* Max digits for a char is 3 (0xFF is 255), similarly for an int it
is sizeof (int) * 3, and one extra for a possible -ve sign. */
@@ -967,8 +968,9 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd)
grub_err_t ret = 0;
grub_script_function_t func = 0;
char errnobuf[18];
- char *cmdname;
- int argc;
+ char *cmdname, *cmdstring;
+ int argc, offset = 0, cmdlen = 0;
+ unsigned int i;
char **args;
int invert;
struct grub_script_argv argv = { 0, 0, 0 };
@@ -977,6 +979,25 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd)
if (grub_script_arglist_to_argv (cmdline->arglist, &argv) || ! argv.args[0])
return grub_errno;
+ for (i = 0; i < argv.argc; i++) {
+ cmdlen += grub_strlen (argv.args[i]) + 1;
+ }
+
+ cmdstring = grub_malloc (cmdlen);
+ if (!cmdstring)
+ {
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ N_("cannot allocate command buffer"));
+ }
+
+ for (i = 0; i < argv.argc; i++) {
+ offset += grub_snprintf (cmdstring + offset, cmdlen - offset, "%s ",
+ argv.args[i]);
+ }
+ cmdstring[cmdlen-1]= '\0';
+ grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_COMMAND_PCR,
+ cmdstring);
+ grub_free(cmdstring);
invert = 0;
argc = argv.argc - 1;
args = argv.args + 1;
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
index 40d3cf6..7fc9d77 100644
--- a/include/grub/tpm.h
+++ b/include/grub/tpm.h
@@ -30,6 +30,7 @@
#define GRUB_KERNEL_PCR 10
#define GRUB_INITRD_PCR 11
#define GRUB_CMDLINE_PCR 12
+#define GRUB_COMMAND_PCR 13
#define TPM_TAG_RQU_COMMAND 0x00C1
#define TPM_ORD_Extend 0x14
--
2.5.0

View File

@ -0,0 +1,25 @@
From 0a3a4d0b69b5d68f3e4b6b74fe2e6b5d4dcace4f Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 14 Jun 2016 09:50:25 -0400
Subject: [PATCH 84/90] linuxefi: fix double free on verification failure.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/loader/i386/efi/linux.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index 82f75b7..010bf98 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -191,7 +191,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
{
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"),
argv[0]);
- grub_free (kernel);
goto fail;
}
--
2.9.3

View File

@ -1,76 +0,0 @@
From 85e100453d04e56088e4b9782d2f06dc0122587f Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Tue, 1 Sep 2015 16:02:55 -0700
Subject: [PATCH 85/85] Measure multiboot images and modules
---
grub-core/loader/i386/multiboot_mbi.c | 3 +++
grub-core/loader/multiboot.c | 2 ++
grub-core/loader/multiboot_mbi2.c | 3 +++
3 files changed, 8 insertions(+)
diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c
index f60b702..43a08e4 100644
--- a/grub-core/loader/i386/multiboot_mbi.c
+++ b/grub-core/loader/i386/multiboot_mbi.c
@@ -36,6 +36,7 @@
#include <grub/net.h>
#include <grub/i18n.h>
#include <grub/lib/cmdline.h>
+#include <grub/tpm.h>
#ifdef GRUB_MACHINE_EFI
#include <grub/efi/efi.h>
@@ -164,6 +165,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
return grub_errno;
}
+ grub_tpm_measure((unsigned char*)buffer, len, GRUB_KERNEL_PCR, filename);
+
header = find_header (buffer, len);
if (header == 0)
diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c
index 64a6513..58e6329 100644
--- a/grub-core/loader/multiboot.c
+++ b/grub-core/loader/multiboot.c
@@ -43,6 +43,7 @@
#include <grub/memory.h>
#include <grub/i18n.h>
#include <grub/efi/sb.h>
+#include <grub/tpm.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -385,6 +386,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
}
grub_file_close (file);
+ grub_tpm_measure (module, size, GRUB_KERNEL_PCR, argv[0]);
return GRUB_ERR_NONE;
}
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
index f147d67..8f163ea 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -36,6 +36,7 @@
#include <grub/i18n.h>
#include <grub/net.h>
#include <grub/lib/cmdline.h>
+#include <grub/tpm.h>
#if defined (GRUB_MACHINE_EFI)
#include <grub/efi/efi.h>
@@ -126,6 +127,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
COMPILE_TIME_ASSERT (MULTIBOOT_HEADER_ALIGN % 4 == 0);
+ grub_tpm_measure ((unsigned char *)buffer, len, GRUB_KERNEL_PCR, filename);
+
header = find_header (buffer, len);
if (header == 0)
--
2.5.0

View File

@ -0,0 +1,25 @@
From be4d338b0c086e9cbbd2d353cd88abad67c000c9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 11 Jul 2016 13:36:45 -0400
Subject: [PATCH 85/90] fix machine type test in 30_os-prober.in
Signed-off-by: Peter Jones <pjones@redhat.com>
---
util/grub.d/30_os-prober.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index dc98eac..e40274f 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -144,6 +144,7 @@ for OS in ${OSPROBED} ; do
sixteenbit=""
linuxefi="linux"
initrdefi="initrd"
+ machine=`uname -m`
case "$machine" in
i?86|x86_64)
sixteenbit="16"
--
2.9.3

View File

@ -0,0 +1,44 @@
From 12a2215a6f13f2503a9e38d84fff64789c6a34b7 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rmarshall@redhat.com>
Date: Fri, 17 Jun 2016 11:47:34 -0400
Subject: [PATCH 86/90] ppc64le has no separate /boot mount (#1261926)
The patch for rhbz#1212114 ensures that ppc64le systems sync grub config
changes to disk prior to grub-mkconfig completion and a reboot.
This patch required checking for /boot as its own mount point because
issuing fsfreeze to a root partition is unwise. For administrators who
configured a ppc64le system with no separate /boot partition, the failed
check results in an error message. The file is written and would work
most of the time, however, it also introduces a corner case where the
behavior manifested in rhbz#1212114 could re-appear on these systems.
The system call issued by fsfreeeze is being issued by methods within
the anaconda installer and can be removed from GRUB proper.
Related: rhbz#1315468
Resolves: rhbz#1261926
---
util/grub-mkconfig.in | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index 73a18f7..fb87247 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -294,12 +294,3 @@ fi
gettext "done" >&2
echo >&2
-
-# make sure changes make it to the disk.
-# if /boot is a mountpoint, force the meta data on disk
-# to by-pass writeback delay.
-# PPC64LE-only to deal with Petitboot issues
-ARCH=$(uname -m)
-if [ "${ARCH}" = "ppc64le" ]; then
- sync && mountpoint -q /boot &&fsfreeze -f /boot && fsfreeze -u /boot
-fi
--
2.9.3

View File

@ -0,0 +1,302 @@
From d3d42740661dce4df12330e57a1681a3b296622e Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 23 Jun 2016 11:01:39 -0400
Subject: [PATCH 87/90] Add grub-get-kernel-settings and use it in 10_linux
This patch adds grub-get-kernel-settings, which reads the system kernel
installation configuration from /etc/sysconfig/kernel, and outputs
${GRUB_...} variables suitable for evaluation by grub-mkconfig. Those
variables are then used by 10_linux to choose whether or not to create
debug stanzas.
Resolves: rhbz#1226325
---
.gitignore | 1 +
Makefile.util.def | 7 +++
configure.ac | 2 +
util/bash-completion.d/grub-completion.bash.in | 22 ++++++++
util/grub-get-kernel-settings.3 | 20 +++++++
util/grub-get-kernel-settings.in | 78 ++++++++++++++++++++++++++
util/grub-mkconfig.in | 3 +
util/grub.d/10_linux.in | 23 ++++++--
8 files changed, 151 insertions(+), 5 deletions(-)
create mode 100644 util/grub-get-kernel-settings.3
create mode 100644 util/grub-get-kernel-settings.in
diff --git a/.gitignore b/.gitignore
index 53a391e..f2f1ef5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -112,6 +112,7 @@ grub-emu-lite
grub-file
grub-fs-tester
grub-fstest
+grub-get-kernel-settings
grub-glue-efi
grub-install
grub-kbdcomp
diff --git a/Makefile.util.def b/Makefile.util.def
index 8007de9..38cdf4c 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -716,6 +716,13 @@ script = {
};
script = {
+ name = grub-get-kernel-settings;
+ common = util/grub-get-kernel-settings.in;
+ mansection = 3;
+ installdir = sbin;
+};
+
+script = {
name = grub-set-default;
common = util/grub-set-default.in;
mansection = 8;
diff --git a/configure.ac b/configure.ac
index 25de2c1..1d8f7e7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -58,6 +58,7 @@ grub_TRANSFORM([grub-install])
grub_TRANSFORM([grub-mkconfig])
grub_TRANSFORM([grub-mkfont])
grub_TRANSFORM([grub-mkimage])
+grub_TRANSFORM([grub-get-kernel-settings])
grub_TRANSFORM([grub-glue-efi])
grub_TRANSFORM([grub-mklayout])
grub_TRANSFORM([grub-mkpasswd-pbkdf2])
@@ -75,6 +76,7 @@ grub_TRANSFORM([grub-file])
grub_TRANSFORM([grub-bios-setup.3])
grub_TRANSFORM([grub-editenv.1])
grub_TRANSFORM([grub-fstest.3])
+grub_TRANSFORM([grub-get-kernel-settings.3])
grub_TRANSFORM([grub-glue-efi.3])
grub_TRANSFORM([grub-install.1])
grub_TRANSFORM([grub-kbdcomp.3])
diff --git a/util/bash-completion.d/grub-completion.bash.in b/util/bash-completion.d/grub-completion.bash.in
index 44bf135..5c4acd4 100644
--- a/util/bash-completion.d/grub-completion.bash.in
+++ b/util/bash-completion.d/grub-completion.bash.in
@@ -265,6 +265,28 @@ unset __grub_sparc64_setup_program
#
+# grub-get-kernel-settings
+#
+_grub_get_kernel_settings () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_get_kernel_settings_program="@grub_get_kernel_settings@"
+have ${__grub_get_kernel_settings_program} && \
+ complete -F _grub_get_kernel_settings -o filenames ${__grub_get_kernel_settings_program}
+unset __grub_get_kernel_settings_program
+
+
+#
# grub-install
#
_grub_install () {
diff --git a/util/grub-get-kernel-settings.3 b/util/grub-get-kernel-settings.3
new file mode 100644
index 0000000..ba33330
--- /dev/null
+++ b/util/grub-get-kernel-settings.3
@@ -0,0 +1,20 @@
+.TH GRUB-GET-KERNEL-SETTINGS 3 "Thu Jun 25 2015"
+.SH NAME
+\fBgrub-get-kernel-settings\fR \(em Evaluate the system's kernel installation settings for use while making a grub configuration file.
+
+.SH SYNOPSIS
+\fBgrub-get-kernel-settings\fR [OPTION]
+
+.SH DESCRIPTION
+\fBgrub-get-kernel-settings\fR reads the kernel installation settings on the host system, and emits a set of grub settings suitable for use when creating a grub configuration file.
+
+.SH OPTIONS
+.TP
+-h, --help
+Display program usage and exit.
+.TP
+-v, --version
+Display the current version.
+
+.SH SEE ALSO
+.BR "info grub"
diff --git a/util/grub-get-kernel-settings.in b/util/grub-get-kernel-settings.in
new file mode 100644
index 0000000..1204621
--- /dev/null
+++ b/util/grub-get-kernel-settings.in
@@ -0,0 +1,78 @@
+#!/bin/sh
+set -e
+
+# Evaluate new-kernel-pkg's configuration file.
+# Copyright (C) 2016 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+PACKAGE_NAME=@PACKAGE_NAME@
+PACKAGE_VERSION=@PACKAGE_VERSION@
+datadir="@datadir@"
+if [ "x$pkgdatadir" = x ]; then
+ pkgdatadir="${datadir}/@PACKAGE@"
+fi
+
+self=`basename $0`
+
+export TEXTDOMAIN=@PACKAGE@
+export TEXTDOMAINDIR="@localedir@"
+
+. "${pkgdatadir}/grub-mkconfig_lib"
+
+# Usage: usage
+# Print the usage.
+usage () {
+ gettext_printf "Usage: %s [OPTION]\n" "$self"
+ gettext "Evaluate new-kernel-pkg configuration"; echo
+ echo
+ print_option_help "-h, --help" "$(gettext "print this message and exit")"
+ print_option_help "-v, --version" "$(gettext "print the version information and exit")"
+ echo
+}
+
+# Check the arguments.
+while test $# -gt 0
+do
+ option=$1
+ shift
+
+ case "$option" in
+ -h | --help)
+ usage
+ exit 0 ;;
+ -v | --version)
+ echo "$self (${PACKAGE_NAME}) ${PACKAGE_VERSION}"
+ exit 0 ;;
+ -*)
+ gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2
+ usage
+ exit 1
+ ;;
+ # Explicitly ignore non-option arguments, for compatibility.
+ esac
+done
+
+if test -f /etc/sysconfig/kernel ; then
+ . /etc/sysconfig/kernel
+fi
+
+if [ "$MAKEDEBUG" = "yes" ]; then
+ echo GRUB_LINUX_MAKE_DEBUG=true
+ echo export GRUB_LINUX_MAKE_DEBUG
+ echo GRUB_CMDLINE_LINUX_DEBUG=\"systemd.log_level=debug systemd.log_target=kmsg\"
+ echo export GRUB_CMDLINE_LINUX_DEBUG
+ echo GRUB_LINUX_DEBUG_TITLE_POSTFIX=\" with debugging\"
+ echo export GRUB_LINUX_DEBUG_TITLE_POSTFIX
+fi
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index fb87247..e32de5e 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -45,6 +45,7 @@ grub_probe="${sbindir}/@grub_probe@"
grub_file="${bindir}/@grub_file@"
grub_editenv="${bindir}/@grub_editenv@"
grub_script_check="${bindir}/@grub_script_check@"
+grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@"
export TEXTDOMAIN=@PACKAGE@
export TEXTDOMAINDIR="@localedir@"
@@ -151,6 +152,8 @@ if test -f ${sysconfdir}/default/grub ; then
. ${sysconfdir}/default/grub
fi
+eval "$("${grub_get_kernel_settings}")" || true
+
if [ "x$GRUB_DISABLE_UUID" != "xtrue" -a -z "$GRUB_DEVICE_UUID" ]; then
GRUB_DEVICE_UUID="$GRUB_DEVICE_UUID_GENERATED"
fi
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 1215241..0c5b227 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -84,7 +84,8 @@ linux_entry ()
os="$1"
version="$2"
type="$3"
- args="$4"
+ isdebug="$4"
+ args="$5"
sixteenbit=""
linuxefi="linux"
@@ -116,6 +117,9 @@ linux_entry ()
quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
fi
+ if [ x$isdebug = xdebug ]; then
+ title="$title${GRUB_LINUX_DEBUG_TITLE_POSTFIX}"
+ fi
echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
else
echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
@@ -273,11 +277,15 @@ while [ "x$list" != "x" ] ; do
fi
if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xtrue ]; then
- linux_entry "${OS}" "${version}" simple \
+ linux_entry "${OS}" "${version}" simple standard \
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then
+ linux_entry "${OS}" "${version}" simple debug \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}"
+ fi
submenu_indentation="$grub_tab"
-
+
if [ -z "$boot_device_id" ]; then
boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
fi
@@ -286,10 +294,15 @@ while [ "x$list" != "x" ] ; do
is_top_level=false
fi
- linux_entry "${OS}" "${version}" advanced \
+ linux_entry "${OS}" "${version}" advanced standard \
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then
+ linux_entry "${OS}" "${version}" advanced debug \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}"
+ fi
+
if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
- linux_entry "${OS}" "${version}" recovery \
+ linux_entry "${OS}" "${version}" recovery standard \
"single ${GRUB_CMDLINE_LINUX}"
fi
--
2.9.3

View File

@ -0,0 +1,58 @@
From 22d26153c1d92b8a42d1ec823b7f7c77c1cc0a8c Mon Sep 17 00:00:00 2001
From: Lenny Szubowicz <lszubowi@redhat.com>
Date: Mon, 29 Aug 2016 11:04:48 -0400
Subject: [PATCH 88/90] Normalize slashes in tftp paths.
Some tftp servers do not handle multiple consecutive slashes correctly;
this patch avoids sending tftp requests with non-normalized paths.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/net/tftp.c | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
index 7d90bf6..63bbc28 100644
--- a/grub-core/net/tftp.c
+++ b/grub-core/net/tftp.c
@@ -300,6 +300,25 @@ destroy_pq (tftp_data_t data)
grub_priority_queue_destroy (data->pq);
}
+/* Create a normalized copy of the filename.
+ Compress any string of consecutive forward slashes to a single forward
+ slash. */
+static void
+grub_normalize_filename (char *normalized, const char *filename)
+{
+ char *dest = normalized;
+ char *src = filename;
+
+ while (*src != '\0')
+ {
+ if (src[0] == '/' && src[1] == '/')
+ src++;
+ else
+ *dest++ = *src++;
+ }
+ *dest = '\0';
+}
+
static grub_err_t
tftp_open (struct grub_file *file, const char *filename)
{
@@ -337,7 +356,10 @@ tftp_open (struct grub_file *file, const char *filename)
rrqlen = 0;
tftph->opcode = grub_cpu_to_be16_compile_time (TFTP_RRQ);
- grub_strcpy (rrq, filename);
+
+ /* Copy and normalize the filename to work-around issues on some tftp
+ servers when file names are being matched for remapping. */
+ grub_normalize_filename (rrq, filename);
rrqlen += grub_strlen (filename) + 1;
rrq += grub_strlen (filename) + 1;
--
2.9.3

Some files were not shown because too many files have changed in this diff Show More