Compare commits
15 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
2d2051e9b0 | ||
|
53551178b0 | ||
|
f02e9fb10e | ||
|
4a7cefbbee | ||
|
c84176a39b | ||
|
9a4054fb1c | ||
|
35f33eadc0 | ||
|
2572c167e1 | ||
|
8768d236a0 | ||
|
af00b6d03c | ||
|
0fa4f490e8 | ||
|
9bc6276234 | ||
|
e229c7b688 | ||
|
133f7eab29 | ||
|
83affdbaa1 |
@ -1,28 +0,0 @@
|
||||
From bf4d21655b4331c9f01e0ccca30a736e0503ce71 Mon Sep 17 00:00:00 2001
|
||||
From: Gustavo Luiz Duarte <gustavold@linux.vnet.ibm.com>
|
||||
Date: Tue, 25 Sep 2012 18:40:55 -0400
|
||||
Subject: [PATCH 01/85] Fix crash on http
|
||||
|
||||
Don't free file->data on receiving FIN flag since it is used all over without
|
||||
checking. http_close() will be called later to free that memory.
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=860834
|
||||
---
|
||||
grub-core/net/http.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/net/http.c b/grub-core/net/http.c
|
||||
index 4684f8b..ef9538c 100644
|
||||
--- a/grub-core/net/http.c
|
||||
+++ b/grub-core/net/http.c
|
||||
@@ -393,7 +393,7 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial)
|
||||
|
||||
data->sock = grub_net_tcp_open (file->device->net->server,
|
||||
HTTP_PORT, http_receive,
|
||||
- http_err, http_err,
|
||||
+ http_err, NULL,
|
||||
file);
|
||||
if (!data->sock)
|
||||
{
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 93a6fae012cadae03cbf81ebf82ae17894026e2c Mon Sep 17 00:00:00 2001
|
||||
From e32c57d2abd034cbdea24a8f51de8dbef453bd96 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Thu, 20 Sep 2012 18:07:39 -0300
|
||||
Subject: [PATCH 07/85] IBM client architecture (CAS) reboot support
|
||||
Subject: [PATCH 01/90] IBM client architecture (CAS) reboot support
|
||||
|
||||
This is an implementation of IBM client architecture (CAS) reboot for GRUB.
|
||||
|
||||
@ -25,10 +25,10 @@ parameters
|
||||
4 files changed, 90 insertions(+)
|
||||
|
||||
diff --git a/grub-core/kern/ieee1275/openfw.c b/grub-core/kern/ieee1275/openfw.c
|
||||
index 5c12157..81276fa 100644
|
||||
index ddb7783..6db8b98 100644
|
||||
--- a/grub-core/kern/ieee1275/openfw.c
|
||||
+++ b/grub-core/kern/ieee1275/openfw.c
|
||||
@@ -591,3 +591,65 @@ grub_ieee1275_canonicalise_devname (const char *path)
|
||||
@@ -561,3 +561,65 @@ grub_ieee1275_canonicalise_devname (const char *path)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -157,7 +157,7 @@ index a8502d9..ab78ca8 100644
|
||||
{
|
||||
char *line;
|
||||
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
|
||||
index 6d4e7d5..6a21f5d 100644
|
||||
index 8e42513..9f26c69 100644
|
||||
--- a/include/grub/ieee1275/ieee1275.h
|
||||
+++ b/include/grub/ieee1275/ieee1275.h
|
||||
@@ -234,6 +234,8 @@ int EXPORT_FUNC(grub_ieee1275_devalias_next) (struct grub_ieee1275_devalias *ali
|
||||
@ -166,9 +166,9 @@ index 6d4e7d5..6a21f5d 100644
|
||||
struct grub_ieee1275_devalias *alias);
|
||||
+int EXPORT_FUNC(grub_ieee1275_cas_reboot) (char *script);
|
||||
+int EXPORT_FUNC(grub_ieee1275_set_boot_last_label) (const char *text);
|
||||
int EXPORT_FUNC(grub_ieee1275_parse_net_options) (const char *path);
|
||||
|
||||
#define FOR_IEEE1275_DEVALIASES(alias) for (grub_ieee1275_devalias_init_iterator (&(alias)); grub_ieee1275_devalias_next (&(alias));)
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,16 +1,21 @@
|
||||
From 297d32d320c94cdea94d8be4d06e6c574a5221f3 Mon Sep 17 00:00:00 2001
|
||||
From 4f82466e3b1fcf3370d82432e406f51906e1fa46 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Wed, 24 Apr 2013 10:51:48 -0300
|
||||
Subject: [PATCH 08/85] for ppc, reset console display attr when clear screen
|
||||
Subject: [PATCH 02/90] for ppc, reset console display attr when clear screen
|
||||
|
||||
v2: Also use \x0c instead of a literal ^L to make future patches less
|
||||
awkward.
|
||||
|
||||
This should fix this bugzilla:
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=908519
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/term/terminfo.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c
|
||||
index f0d3e3d..7cb7909 100644
|
||||
index f0d3e3d..9bb75c1 100644
|
||||
--- a/grub-core/term/terminfo.c
|
||||
+++ b/grub-core/term/terminfo.c
|
||||
@@ -151,7 +151,7 @@ grub_terminfo_set_current (struct grub_term_output *term,
|
||||
@ -18,10 +23,10 @@ index f0d3e3d..7cb7909 100644
|
||||
* ANSI escape sequence. Using video console, Apple Open Firmware
|
||||
* (version 3.1.1) only recognizes the literal ^L. So use both. */
|
||||
- data->cls = grub_strdup ("\e[2J");
|
||||
+ data->cls = grub_strdup ("\e[2J\e[m");
|
||||
+ data->cls = grub_strdup ("\x0c\e[2J\e[m");
|
||||
data->reverse_video_on = grub_strdup ("\e[7m");
|
||||
data->reverse_video_off = grub_strdup ("\e[m");
|
||||
if (grub_strcmp ("ieee1275", str) == 0)
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 0ca5375206e061c0229301c19d1311f8b0499c11 Mon Sep 17 00:00:00 2001
|
||||
From 9cff6efa3a7e15a6968fed29a29f38713da864fd Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Tue, 11 Jun 2013 15:14:05 -0300
|
||||
Subject: [PATCH 09/85] Disable GRUB video support for IBM power machines
|
||||
Subject: [PATCH 03/90] Disable GRUB video support for IBM power machines
|
||||
|
||||
Should fix the problem in bugzilla:
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=973205
|
||||
@ -48,7 +48,7 @@ index 0b150ec..813ab38 100644
|
||||
|
||||
GRUB_MOD_FINI(ieee1275_fb)
|
||||
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
|
||||
index 6a21f5d..663935d 100644
|
||||
index 9f26c69..ab4f284 100644
|
||||
--- a/include/grub/ieee1275/ieee1275.h
|
||||
+++ b/include/grub/ieee1275/ieee1275.h
|
||||
@@ -146,6 +146,8 @@ enum grub_ieee1275_flag
|
||||
@ -61,5 +61,5 @@ index 6a21f5d..663935d 100644
|
||||
|
||||
extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,28 +0,0 @@
|
||||
From eaa05aa39e24bff667f48310871f64f367a78e3b Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Fri, 29 Jan 2016 14:49:24 -0500
|
||||
Subject: [PATCH 03/85] Failed config now returns exit code (#1252311)
|
||||
|
||||
Grub would notify the user if the new config was invalid, however, it
|
||||
did not exit properly with exit code 1. Added the proper exit code.
|
||||
|
||||
Resolves: rhbz#1252311
|
||||
---
|
||||
util/grub-mkconfig.in | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
|
||||
index 203b076..f8496d2 100644
|
||||
--- a/util/grub-mkconfig.in
|
||||
+++ b/util/grub-mkconfig.in
|
||||
@@ -273,6 +273,7 @@ Ensure that there are no errors in /etc/default/grub
|
||||
and /etc/grub.d/* files or please file a bug report with
|
||||
%s file attached." "${grub_cfg}.new" >&2
|
||||
echo >&2
|
||||
+ exit 1
|
||||
else
|
||||
# none of the children aborted with error, install the new grub.cfg
|
||||
mv -f ${grub_cfg}.new ${grub_cfg}
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
From e0bb91aa1752a0a2bc3c4b0bdc4c49430b470ebc Mon Sep 17 00:00:00 2001
|
||||
From 512fe6865738286c94f87da64ca6b475bc3e2f38 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 7 Jul 2015 10:13:14 -0400
|
||||
Subject: [PATCH 14/85] Fix bzr's ignore artificats in .gitignore
|
||||
Subject: [PATCH 04/90] Fix bzr's ignore artificats in .gitignore
|
||||
|
||||
We lost a man page because of incompatibilities between bzr's ignore
|
||||
system and .gitignore, so solve that slightly better.
|
||||
@ -367,5 +367,5 @@ index 18ab8e8..06c9f3a 100644
|
||||
-/grub-fs-tester
|
||||
+xzcompress_test
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 7401bf6fb1f319f6f910391f57680e9794678878 Mon Sep 17 00:00:00 2001
|
||||
From 7f1ea377390345b8ef7609ad0fa2952708b17e19 Mon Sep 17 00:00:00 2001
|
||||
From: Marcel Kolaja <mkolaja@redhat.com>
|
||||
Date: Tue, 21 Jan 2014 10:57:08 -0500
|
||||
Subject: [PATCH 18/85] Honor a symlink when generating configuration by
|
||||
Subject: [PATCH 05/90] Honor a symlink when generating configuration by
|
||||
grub2-mkconfig
|
||||
|
||||
Honor a symlink when generating configuration by grub2-mkconfig, so that
|
||||
@ -25,5 +25,5 @@ index f8496d2..3b070fd 100644
|
||||
fi
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
55
0006-Move-bash-completion-script-922997.patch
Normal file
55
0006-Move-bash-completion-script-922997.patch
Normal file
@ -0,0 +1,55 @@
|
||||
From 5b77e510eb6e4b649c53ab0790cdc9fdf0c85be9 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 3 Apr 2013 14:35:34 -0400
|
||||
Subject: [PATCH 06/90] Move bash completion script (#922997)
|
||||
|
||||
Apparently these go in a new place now.
|
||||
---
|
||||
configure.ac | 11 +++++++++++
|
||||
util/bash-completion.d/Makefile.am | 1 -
|
||||
2 files changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 9ddfc53..ab9134c 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -287,6 +287,14 @@ AC_SUBST(grubdirname)
|
||||
AC_DEFINE_UNQUOTED(GRUB_DIR_NAME, "$grubdirname",
|
||||
[Default grub directory name])
|
||||
|
||||
+PKG_PROG_PKG_CONFIG
|
||||
+AS_IF([$($PKG_CONFIG --exists bash-completion)], [
|
||||
+ bashcompletiondir=$($PKG_CONFIG --variable=completionsdir bash-completion)
|
||||
+] , [
|
||||
+ bashcompletiondir=${datadir}/bash-completion/completions
|
||||
+])
|
||||
+AC_SUBST(bashcompletiondir)
|
||||
+
|
||||
#
|
||||
# Checks for build programs.
|
||||
#
|
||||
@@ -476,6 +484,9 @@ HOST_CFLAGS="$HOST_CFLAGS $grub_cv_cc_w_extra_flags"
|
||||
# Check for target programs.
|
||||
#
|
||||
|
||||
+# This makes sure pkg.m4 is available.
|
||||
+m4_pattern_forbid([^_?PKG_[A-Z_]+$],[*** pkg.m4 missing, please install pkg-config])
|
||||
+
|
||||
# Find tools for the target.
|
||||
if test "x$target_alias" != x && test "x$host_alias" != "x$target_alias"; then
|
||||
tmp_ac_tool_prefix="$ac_tool_prefix"
|
||||
diff --git a/util/bash-completion.d/Makefile.am b/util/bash-completion.d/Makefile.am
|
||||
index 136287c..61108f0 100644
|
||||
--- a/util/bash-completion.d/Makefile.am
|
||||
+++ b/util/bash-completion.d/Makefile.am
|
||||
@@ -6,7 +6,6 @@ EXTRA_DIST = $(bash_completion_source)
|
||||
|
||||
CLEANFILES = $(bash_completion_script) config.log
|
||||
|
||||
-bashcompletiondir = $(sysconfdir)/bash_completion.d
|
||||
bashcompletion_DATA = $(bash_completion_script)
|
||||
|
||||
$(bash_completion_script): $(bash_completion_source) $(top_builddir)/config.status
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 78b35097d8647b555deb8ece7ef141587529923d Mon Sep 17 00:00:00 2001
|
||||
From 579ecb682efc5221b4a13b8009af1731f5349912 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 4 Dec 2014 15:36:09 -0500
|
||||
Subject: [PATCH 02/85] Update to minilzo-2.08
|
||||
Subject: [PATCH 07/90] Update to minilzo-2.08
|
||||
|
||||
This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow
|
||||
|
||||
@ -8786,5 +8786,5 @@ index 74fefa9..7937454 100644
|
||||
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From beee9fcaeb35cf95c6bcf272034d691235542121 Mon Sep 17 00:00:00 2001
|
||||
From de423b22780b0fd225a1ee476166777af29d53d0 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Tue, 30 Oct 2012 15:19:39 -0200
|
||||
Subject: [PATCH 06/85] Add vlan-tag support on IBM PPC machines
|
||||
Subject: [PATCH 08/90] Add vlan-tag support on IBM PPC machines
|
||||
|
||||
This patch adds support for virtual LAN (VLAN) tagging. VLAN tagging allows
|
||||
multiple VLANs in a bridged network to share the same physical network link but
|
||||
@ -32,7 +32,7 @@ index 1259022..5fa26e1 100644
|
||||
ptr = canon + grub_strlen (canon) - 1;
|
||||
while (ptr > canon && (*ptr == ',' || *ptr == ':'))
|
||||
diff --git a/grub-core/kern/ieee1275/openfw.c b/grub-core/kern/ieee1275/openfw.c
|
||||
index ddb7783..5c12157 100644
|
||||
index 6db8b98..81276fa 100644
|
||||
--- a/grub-core/kern/ieee1275/openfw.c
|
||||
+++ b/grub-core/kern/ieee1275/openfw.c
|
||||
@@ -23,6 +23,7 @@
|
||||
@ -159,22 +159,22 @@ index c397b1b..faaca67 100644
|
||||
return err;
|
||||
|
||||
diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h
|
||||
index 8e42513..6d4e7d5 100644
|
||||
index ab4f284..663935d 100644
|
||||
--- a/include/grub/ieee1275/ieee1275.h
|
||||
+++ b/include/grub/ieee1275/ieee1275.h
|
||||
@@ -234,6 +234,7 @@ int EXPORT_FUNC(grub_ieee1275_devalias_next) (struct grub_ieee1275_devalias *ali
|
||||
void EXPORT_FUNC(grub_ieee1275_children_peer) (struct grub_ieee1275_devalias *alias);
|
||||
void EXPORT_FUNC(grub_ieee1275_children_first) (const char *devpath,
|
||||
@@ -238,6 +238,7 @@ void EXPORT_FUNC(grub_ieee1275_children_first) (const char *devpath,
|
||||
struct grub_ieee1275_devalias *alias);
|
||||
int EXPORT_FUNC(grub_ieee1275_cas_reboot) (char *script);
|
||||
int EXPORT_FUNC(grub_ieee1275_set_boot_last_label) (const char *text);
|
||||
+int EXPORT_FUNC(grub_ieee1275_parse_net_options) (const char *path);
|
||||
|
||||
#define FOR_IEEE1275_DEVALIASES(alias) for (grub_ieee1275_devalias_init_iterator (&(alias)); grub_ieee1275_devalias_next (&(alias));)
|
||||
|
||||
diff --git a/include/grub/net.h b/include/grub/net.h
|
||||
index 4dc066a..96aa9fa 100644
|
||||
index 2192fa1..6ac9d72 100644
|
||||
--- a/include/grub/net.h
|
||||
+++ b/include/grub/net.h
|
||||
@@ -563,4 +563,6 @@ extern char *grub_net_default_server;
|
||||
@@ -561,4 +561,6 @@ extern char *grub_net_default_server;
|
||||
#define GRUB_NET_INTERVAL 400
|
||||
#define GRUB_NET_INTERVAL_ADDITION 20
|
||||
|
||||
@ -182,5 +182,5 @@ index 4dc066a..96aa9fa 100644
|
||||
+
|
||||
#endif /* ! GRUB_NET_HEADER */
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,21 +1,21 @@
|
||||
From bc5d351596ec8d95b837e23f9775db6d8bd7fd29 Mon Sep 17 00:00:00 2001
|
||||
From 196ae5abd961cd64b60d9ab41bfc02d340e8bb6f Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 5 Sep 2014 10:07:04 -0400
|
||||
Subject: [PATCH 17/85] Allow "fallback" to include entries by title, not just
|
||||
Subject: [PATCH 09/90] Allow "fallback" to include entries by title, not just
|
||||
number.
|
||||
|
||||
Resolves: rhbz#1026084
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/normal/menu.c | 76 +++++++++++++++++++++++++++++++------------------
|
||||
1 file changed, 49 insertions(+), 27 deletions(-)
|
||||
grub-core/normal/menu.c | 85 +++++++++++++++++++++++++++++++++----------------
|
||||
1 file changed, 58 insertions(+), 27 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
|
||||
index cd15f04..73a94aa 100644
|
||||
index 719e2fb..2e8a7bd 100644
|
||||
--- a/grub-core/normal/menu.c
|
||||
+++ b/grub-core/normal/menu.c
|
||||
@@ -163,12 +163,35 @@ grub_menu_set_timeout (int timeout)
|
||||
@@ -163,16 +163,41 @@ grub_menu_set_timeout (int timeout)
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,7 +28,7 @@ index cd15f04..73a94aa 100644
|
||||
+ while (1)
|
||||
+ {
|
||||
+ if (*ptr2 == '>' && ptr2[1] != '>' && *ptr1 == 0)
|
||||
+ return 1;
|
||||
+ return ptr2 - spec;
|
||||
+ if (*ptr2 == '>' && ptr2[1] != '>')
|
||||
+ return 0;
|
||||
+ if (*ptr2 == '>')
|
||||
@ -36,10 +36,11 @@ index cd15f04..73a94aa 100644
|
||||
+ if (*ptr1 != *ptr2)
|
||||
+ return 0;
|
||||
+ if (*ptr1 == 0)
|
||||
+ return 1;
|
||||
+ return ptr1 - id;
|
||||
+ ptr1++;
|
||||
+ ptr2++;
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
/* Get the first entry number from the value of the environment variable NAME,
|
||||
@ -52,7 +53,12 @@ index cd15f04..73a94aa 100644
|
||||
{
|
||||
const char *val;
|
||||
char *tail;
|
||||
@@ -182,9 +205,32 @@ get_and_remove_first_entry_number (const char *name)
|
||||
int entry;
|
||||
+ int sz = 0;
|
||||
|
||||
val = grub_env_get (name);
|
||||
if (! val)
|
||||
@@ -182,9 +207,39 @@ get_and_remove_first_entry_number (const char *name)
|
||||
|
||||
entry = (int) grub_strtoul (val, &tail, 0);
|
||||
|
||||
@ -62,12 +68,13 @@ index cd15f04..73a94aa 100644
|
||||
+ grub_menu_entry_t e = menu->entry_list;
|
||||
+ int i;
|
||||
+
|
||||
+ grub_errno = GRUB_ERR_NONE;
|
||||
+
|
||||
+ for (i = 0; e; i++)
|
||||
+ {
|
||||
+ if (menuentry_eq (e->title, val)
|
||||
+ || menuentry_eq (e->id, val))
|
||||
+ sz = menuentry_eq (e->title, val);
|
||||
+ if (sz < 1)
|
||||
+ sz = menuentry_eq (e->id, val);
|
||||
+
|
||||
+ if (sz >= 1)
|
||||
+ {
|
||||
+ entry = i;
|
||||
+ break;
|
||||
@ -75,6 +82,9 @@ index cd15f04..73a94aa 100644
|
||||
+ e = e->next;
|
||||
+ }
|
||||
+
|
||||
+ if (sz > 0)
|
||||
+ grub_errno = GRUB_ERR_NONE;
|
||||
+
|
||||
+ if (! e)
|
||||
+ entry = -1;
|
||||
+ }
|
||||
@ -82,11 +92,14 @@ index cd15f04..73a94aa 100644
|
||||
if (grub_errno == GRUB_ERR_NONE)
|
||||
{
|
||||
- /* Skip whitespace to find the next digit. */
|
||||
+ if (sz > 0)
|
||||
+ tail += sz;
|
||||
+
|
||||
+ /* Skip whitespace to find the next entry. */
|
||||
while (*tail && grub_isspace (*tail))
|
||||
tail++;
|
||||
grub_env_set (name, tail);
|
||||
@@ -347,7 +393,7 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
|
||||
@@ -347,7 +402,7 @@ grub_menu_execute_with_fallback (grub_menu_t menu,
|
||||
grub_menu_execute_entry (entry, 1);
|
||||
|
||||
/* Deal with fallback entries. */
|
||||
@ -95,7 +108,7 @@ index cd15f04..73a94aa 100644
|
||||
>= 0)
|
||||
{
|
||||
grub_print_error ();
|
||||
@@ -465,30 +511,6 @@ grub_menu_register_viewer (struct grub_menu_viewer *viewer)
|
||||
@@ -465,30 +520,6 @@ grub_menu_register_viewer (struct grub_menu_viewer *viewer)
|
||||
viewers = viewer;
|
||||
}
|
||||
|
||||
@ -127,5 +140,5 @@ index cd15f04..73a94aa 100644
|
||||
static int
|
||||
get_entry_number (grub_menu_t menu, const char *name)
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 73545c78c604559e2af231f1b526265ba15c3839 Mon Sep 17 00:00:00 2001
|
||||
From 8f405e93871ad51cd9ab4dfdea844042a33fa7f0 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 4 Sep 2014 16:49:25 -0400
|
||||
Subject: [PATCH 20/85] Add GRUB_DISABLE_UUID.
|
||||
Subject: [PATCH 10/90] Add GRUB_DISABLE_UUID.
|
||||
|
||||
This will cause "search --fs-uuid --set=root ..." not to be generated by
|
||||
grub2-mkconfig, and instead simply attempt to use the grub device name
|
||||
@ -95,5 +95,5 @@ index 60b31ca..cf35e41 100644
|
||||
else
|
||||
echo $device |sed 's, ,_,g'
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 1f1a695cc6dedd19ecb7ff50c66a8f57d50e362b Mon Sep 17 00:00:00 2001
|
||||
From 6879936079d17ace35cebcab787f7fb9f8cd205e Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 26 Feb 2014 21:49:12 -0500
|
||||
Subject: [PATCH 12/85] Make "exit" take a return code.
|
||||
Subject: [PATCH 11/90] Make "exit" take a return code.
|
||||
|
||||
This adds "exit" with a return code. With this patch, any "exit"
|
||||
command /may/ include a return code, and on platforms that support
|
||||
@ -12,6 +12,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/commands/minicmd.c | 20 ++++++++++++++++----
|
||||
grub-core/kern/efi/efi.c | 9 +++++++--
|
||||
grub-core/kern/emu/main.c | 2 +-
|
||||
grub-core/kern/emu/misc.c | 5 +++--
|
||||
grub-core/kern/i386/coreboot/init.c | 2 +-
|
||||
grub-core/kern/i386/qemu/init.c | 2 +-
|
||||
@ -23,7 +24,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
grub-core/kern/uboot/init.c | 6 +++---
|
||||
grub-core/kern/xen/init.c | 2 +-
|
||||
include/grub/misc.h | 2 +-
|
||||
13 files changed, 38 insertions(+), 20 deletions(-)
|
||||
14 files changed, 39 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/grub-core/commands/minicmd.c b/grub-core/commands/minicmd.c
|
||||
index a3a1182..b25ca4b 100644
|
||||
@ -81,6 +82,19 @@ index caf9bcc..101307f 100644
|
||||
for (;;) ;
|
||||
}
|
||||
|
||||
diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c
|
||||
index f91280f..34634d3 100644
|
||||
--- a/grub-core/kern/emu/main.c
|
||||
+++ b/grub-core/kern/emu/main.c
|
||||
@@ -66,7 +66,7 @@ grub_reboot (void)
|
||||
}
|
||||
|
||||
void
|
||||
-grub_exit (void)
|
||||
+grub_exit (int retval __attribute__((unused)))
|
||||
{
|
||||
grub_reboot ();
|
||||
}
|
||||
diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
|
||||
index d361feb..331fa62 100644
|
||||
--- a/grub-core/kern/emu/misc.c
|
||||
@ -241,5 +255,5 @@ index 2a9f87c..0620814 100644
|
||||
grub_uint64_t d,
|
||||
grub_uint64_t *r);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From cb62c40cb96d103e5675dc25ca17a38226e91305 Mon Sep 17 00:00:00 2001
|
||||
From ef756db92dd4f47ed4bb4aede86d33326b0b9188 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 22 Jul 2015 11:21:01 -0400
|
||||
Subject: [PATCH 13/85] Mark po/exclude.pot as binary so git won't try to diff
|
||||
Subject: [PATCH 12/90] Mark po/exclude.pot as binary so git won't try to diff
|
||||
nonprintables.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
@ -18,5 +18,5 @@ index 0000000..33ffaa4
|
||||
@@ -0,0 +1 @@
|
||||
+po/exclude.pot binary
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 05f2dc34ddf1bd0ce75edfedfa68236c51165350 Mon Sep 17 00:00:00 2001
|
||||
From e14c5369fea76d1e067ca9f7e5e55bfe615cb639 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 7 Dec 2015 14:20:49 -0500
|
||||
Subject: [PATCH 11/85] Make efi machines load an env block from a variable
|
||||
Subject: [PATCH 13/90] Make efi machines load an env block from a variable
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
@ -80,5 +80,5 @@ index e9c85de..a5b6c1d 100644
|
||||
char **path);
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 836b528eed2671f3014f4d0983377ca69dc0fec1 Mon Sep 17 00:00:00 2001
|
||||
From 12fb24b4d8a8f0fd7f79bc224157c290ebab31f4 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Tue, 27 Nov 2012 17:18:53 -0200
|
||||
Subject: [PATCH 04/85] DHCP client ID and UUID options added.
|
||||
Subject: [PATCH 14/90] DHCP client ID and UUID options added.
|
||||
|
||||
---
|
||||
grub-core/net/bootp.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++-----
|
||||
@ -9,7 +9,7 @@ Subject: [PATCH 04/85] DHCP client ID and UUID options added.
|
||||
2 files changed, 81 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
|
||||
index a088244..4532177 100644
|
||||
index 189551a..a9c8f47 100644
|
||||
--- a/grub-core/net/bootp.c
|
||||
+++ b/grub-core/net/bootp.c
|
||||
@@ -25,6 +25,49 @@
|
||||
@ -112,7 +112,7 @@ index a088244..4532177 100644
|
||||
/* If you need any other options please contact GRUB
|
||||
development team. */
|
||||
}
|
||||
@@ -295,14 +374,6 @@ grub_net_process_dhcp (struct grub_net_buff *nb,
|
||||
@@ -298,14 +377,6 @@ grub_net_process_dhcp (struct grub_net_buff *nb,
|
||||
}
|
||||
}
|
||||
|
||||
@ -128,7 +128,7 @@ index a088244..4532177 100644
|
||||
grub_cmd_dhcpopt (struct grub_command *cmd __attribute__ ((unused)),
|
||||
int argc, char **args)
|
||||
diff --git a/include/grub/net.h b/include/grub/net.h
|
||||
index 2192fa1..4dc066a 100644
|
||||
index 6ac9d72..96aa9fa 100644
|
||||
--- a/include/grub/net.h
|
||||
+++ b/include/grub/net.h
|
||||
@@ -456,6 +456,8 @@ enum
|
||||
@ -141,5 +141,5 @@ index 2192fa1..4dc066a 100644
|
||||
};
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,80 +0,0 @@
|
||||
From ecaecc9bc12a86a64bffeb64879c621da10d5136 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 7 Jul 2015 12:04:28 -0400
|
||||
Subject: [PATCH 15/85] Add some __unused__ where gcc 5.x is more picky about
|
||||
it.
|
||||
|
||||
With some build flags, gcc 5.x throws more warnings about __unused__ not
|
||||
being present than older compilers did. This patch adds the annotation.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/gettext/gettext.c | 10 +++++-----
|
||||
grub-core/normal/menu.c | 2 +-
|
||||
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
|
||||
index 4880cef..1b1986f 100644
|
||||
--- a/grub-core/gettext/gettext.c
|
||||
+++ b/grub-core/gettext/gettext.c
|
||||
@@ -434,7 +434,7 @@ static char *
|
||||
grub_gettext_env_write_lang (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, val, grub_env_get ("locale_dir"),
|
||||
grub_env_get ("prefix"));
|
||||
if (err)
|
||||
@@ -451,7 +451,7 @@ grub_gettext_env_write_lang (struct grub_env_var *var
|
||||
void
|
||||
grub_gettext_reread_prefix (const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"),
|
||||
grub_env_get ("locale_dir"),
|
||||
val);
|
||||
@@ -463,7 +463,7 @@ static char *
|
||||
read_main (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"), val,
|
||||
grub_env_get ("prefix"));
|
||||
if (err)
|
||||
@@ -475,7 +475,7 @@ static char *
|
||||
read_secondary (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&secondary_context, grub_env_get ("lang"), val,
|
||||
0);
|
||||
if (err)
|
||||
@@ -500,7 +500,7 @@ grub_cmd_translate (grub_command_t cmd __attribute__ ((unused)),
|
||||
GRUB_MOD_INIT (gettext)
|
||||
{
|
||||
const char *lang;
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
|
||||
lang = grub_env_get ("lang");
|
||||
|
||||
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
|
||||
index 719e2fb..cd15f04 100644
|
||||
--- a/grub-core/normal/menu.c
|
||||
+++ b/grub-core/normal/menu.c
|
||||
@@ -807,7 +807,7 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
|
||||
|
||||
/* Callback invoked immediately before a menu entry is executed. */
|
||||
static void
|
||||
-notify_booting (grub_menu_entry_t entry,
|
||||
+notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
|
||||
void *userdata __attribute__((unused)))
|
||||
{
|
||||
grub_printf (" ");
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
From eb1adf51b18aaa62078bddf91439ca054b6f7965 Mon Sep 17 00:00:00 2001
|
||||
From a6f4624278357f853e3e8888e538eb0ef3654556 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Wed, 5 Feb 2014 09:42:42 -0200
|
||||
Subject: [PATCH 05/85] trim arp packets with abnormal size
|
||||
Subject: [PATCH 15/90] trim arp packets with abnormal size
|
||||
|
||||
GRUB uses arp request to create the arp response. If the incoming packet
|
||||
is foobared, GRUB needs to trim the arp response packet before sending it.
|
||||
@ -27,5 +27,5 @@ index 4b68c41..f7c59d3 100644
|
||||
struct grub_net_buff nb_reply;
|
||||
struct arppkt *arp_reply;
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 5212412d2c54f112cb68aa5dfc4711abdec9ce94 Mon Sep 17 00:00:00 2001
|
||||
From c22139b340f1a306ad718646a4cd4bc1d4039d7b Mon Sep 17 00:00:00 2001
|
||||
From: Prarit Bhargava <prarit@redhat.com>
|
||||
Date: Wed, 12 Mar 2014 10:58:16 -0400
|
||||
Subject: [PATCH 19/85] Fix bad test on GRUB_DISABLE_SUBMENU.
|
||||
Subject: [PATCH 16/90] Fix bad test on GRUB_DISABLE_SUBMENU.
|
||||
|
||||
The file /etc/grub.d/10_linux does
|
||||
|
||||
@ -20,7 +20,7 @@ Resolves: rhbz#1063414
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 5a78513..6f835b7 100644
|
||||
index de9044c..cf6331f 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -224,7 +224,11 @@ while [ "x$list" != "x" ] ; do
|
||||
@ -37,5 +37,5 @@ index 5a78513..6f835b7 100644
|
||||
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,26 +0,0 @@
|
||||
From e704140ffbdc0bbe0cf9ddc66f1ffe51018078ae Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 3 Apr 2013 14:35:34 -0400
|
||||
Subject: [PATCH 16/85] Move bash completion script (#922997)
|
||||
|
||||
Apparently these go in a new place now.
|
||||
---
|
||||
util/bash-completion.d/Makefile.am | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/bash-completion.d/Makefile.am b/util/bash-completion.d/Makefile.am
|
||||
index 136287c..0bcdb06 100644
|
||||
--- a/util/bash-completion.d/Makefile.am
|
||||
+++ b/util/bash-completion.d/Makefile.am
|
||||
@@ -6,7 +6,7 @@ EXTRA_DIST = $(bash_completion_source)
|
||||
|
||||
CLEANFILES = $(bash_completion_script) config.log
|
||||
|
||||
-bashcompletiondir = $(sysconfdir)/bash_completion.d
|
||||
+bashcompletiondir = $(datarootdir)/bash-completion/completions
|
||||
bashcompletion_DATA = $(bash_completion_script)
|
||||
|
||||
$(bash_completion_script): $(bash_completion_source) $(top_builddir)/config.status
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 2f3c6669c5f8d0255e6103508eb71667d8dec158 Mon Sep 17 00:00:00 2001
|
||||
From f0daa044a90c508f8f60d23e5ef39597ec80c2cc Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 12 Jun 2013 11:51:49 -0400
|
||||
Subject: [PATCH 10/85] Add support for UEFI operating systems returned by
|
||||
Subject: [PATCH 17/90] Add support for UEFI operating systems returned by
|
||||
os-prober
|
||||
|
||||
os-prober returns UEFI operating systems in the form:
|
||||
@ -46,5 +46,5 @@ index 515a68c..9b8f596 100644
|
||||
esac
|
||||
done
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From c6addd5bf471e6596f6c180a8d83a31df59c6d69 Mon Sep 17 00:00:00 2001
|
||||
From 0e433858169473aa7a042c28dd6f0d4e1adab8d7 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Hamzy <hamzy@us.ibm.com>
|
||||
Date: Wed, 28 Mar 2012 14:46:41 -0500
|
||||
Subject: [PATCH 22/85] Migrate PPC from Yaboot to Grub2
|
||||
Subject: [PATCH 18/90] Migrate PPC from Yaboot to Grub2
|
||||
|
||||
Add configuration support for serial terminal consoles. This will set the
|
||||
maximum screen size so that text is not overwritten.
|
||||
@ -12,7 +12,7 @@ maximum screen size so that text is not overwritten.
|
||||
create mode 100644 util/grub.d/20_ppc_terminfo.in
|
||||
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index ed9b4c6..dfd48fc 100644
|
||||
index f9caccb..6d452da 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -487,6 +487,13 @@ script = {
|
||||
@ -150,5 +150,5 @@ index 0000000..10d6658
|
||||
+ terminfo -g ${X}x${Y} ${TERMINAL}
|
||||
+EOF
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a0c5493ead025948d40154dde08cb8504a1c840c Mon Sep 17 00:00:00 2001
|
||||
From fdc52554d998170f56ed45856082f4a3bfeb3e2a Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Wed, 19 Sep 2012 21:22:55 -0300
|
||||
Subject: [PATCH 23/85] Add fw_path variable (revised)
|
||||
Subject: [PATCH 19/90] Add fw_path variable (revised)
|
||||
|
||||
This patch makes grub look for its config file on efi where the app was
|
||||
found. It was originally written by Matthew Garrett, and adapted to fix the
|
||||
@ -77,5 +77,5 @@ index 249e19b..759c475 100644
|
||||
prefix = grub_env_get ("prefix");
|
||||
if (prefix)
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From e7f9069fb31f0b112d7cd56872253287ab8c99a5 Mon Sep 17 00:00:00 2001
|
||||
From a64179016df64b72cc956fd6085ca3ed1a41baac Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg@redhat.com>
|
||||
Date: Tue, 10 Jul 2012 11:58:52 -0400
|
||||
Subject: [PATCH 24/85] Add support for linuxefi
|
||||
Subject: [PATCH 20/90] Add support for linuxefi
|
||||
|
||||
---
|
||||
grub-core/Makefile.core.def | 8 +
|
||||
@ -478,5 +478,5 @@ index da0ca3b..fc36bda 100644
|
||||
|
||||
/* Boot parameters for Linux based on 2.6.12. This is used by the setup
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,14 +1,14 @@
|
||||
From 8c186e1142ec99ecde320a673cb72cbbcaa98936 Mon Sep 17 00:00:00 2001
|
||||
From 5894e3bfaf055554c786b4c1a9452d4e3bb9f568 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 16 Jul 2012 18:57:11 -0400
|
||||
Subject: [PATCH 25/85] Use "linuxefi" and "initrdefi" where appropriate.
|
||||
Subject: [PATCH 21/90] Use "linuxefi" and "initrdefi" where appropriate.
|
||||
|
||||
---
|
||||
util/grub.d/10_linux.in | 18 ++++++++++++++++--
|
||||
1 file changed, 16 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 6f835b7..c41a9ca 100644
|
||||
index cf6331f..8ccf012 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -129,17 +129,31 @@ linux_entry ()
|
||||
@ -46,5 +46,5 @@ index 6f835b7..c41a9ca 100644
|
||||
sed "s/^/$submenu_indentation/" << EOF
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From b231f595542985cba4fb6c079e0d1ee82fc5983c Mon Sep 17 00:00:00 2001
|
||||
From 9d70f7f9a356d965ed48963e2ead12af8de97615 Mon Sep 17 00:00:00 2001
|
||||
From: Colin Watson <cjwatson@ubuntu.com>
|
||||
Date: Tue, 23 Oct 2012 10:40:49 -0400
|
||||
Subject: [PATCH 26/85] Don't allow insmod when secure boot is enabled.
|
||||
Subject: [PATCH 22/90] Don't allow insmod when secure boot is enabled.
|
||||
|
||||
Hi,
|
||||
|
||||
@ -17,16 +17,23 @@ I'm currently test-building this patch (replacing your current
|
||||
grub-2.00-no-insmod-on-sb.patch), but this should be more correct. It
|
||||
moves the check into grub_dl_load_file.
|
||||
---
|
||||
grub-core/kern/dl.c | 21 +++++++++++++++++++++
|
||||
grub-core/kern/dl.c | 22 ++++++++++++++++++++++
|
||||
grub-core/kern/efi/efi.c | 28 ++++++++++++++++++++++++++++
|
||||
include/grub/efi/efi.h | 1 +
|
||||
3 files changed, 50 insertions(+)
|
||||
3 files changed, 51 insertions(+)
|
||||
|
||||
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
|
||||
index e394cd9..04e804d 100644
|
||||
index e394cd9..6210709 100644
|
||||
--- a/grub-core/kern/dl.c
|
||||
+++ b/grub-core/kern/dl.c
|
||||
@@ -38,6 +38,14 @@
|
||||
@@ -32,12 +32,21 @@
|
||||
#include <grub/env.h>
|
||||
#include <grub/cache.h>
|
||||
#include <grub/i18n.h>
|
||||
+#include <grub/efi/sb.h>
|
||||
|
||||
/* Platforms where modules are in a readonly area of memory. */
|
||||
#if defined(GRUB_MACHINE_QEMU)
|
||||
#define GRUB_MODULES_MACHINE_READONLY
|
||||
#endif
|
||||
|
||||
@ -41,7 +48,7 @@ index e394cd9..04e804d 100644
|
||||
|
||||
|
||||
#pragma GCC diagnostic ignored "-Wcast-align"
|
||||
@@ -686,6 +694,19 @@ grub_dl_load_file (const char *filename)
|
||||
@@ -686,6 +695,19 @@ grub_dl_load_file (const char *filename)
|
||||
void *core = 0;
|
||||
grub_dl_t mod = 0;
|
||||
|
||||
@ -113,5 +120,5 @@ index 9a2da0e..2245632 100644
|
||||
EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1,
|
||||
const grub_efi_device_path_t *dp2);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From ed9658a2d5f703e68e098b19726ef162e6c755b7 Mon Sep 17 00:00:00 2001
|
||||
From c2a19ee447623af8765254b87ff83cbb5b8253bc Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 1 Oct 2012 13:24:37 -0400
|
||||
Subject: [PATCH 27/85] Pass "\x[[:hex:]][[:hex:]]" straight through
|
||||
Subject: [PATCH 23/90] Pass "\x[[:hex:]][[:hex:]]" straight through
|
||||
unmolested.
|
||||
|
||||
---
|
||||
@ -179,5 +179,5 @@ index ab78ca8..cf6cd66 100644
|
||||
case '$':
|
||||
if (escaped)
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 356b0c4cb947c5f7983cfe8a4cc1e89e8118f4c2 Mon Sep 17 00:00:00 2001
|
||||
From c482ec700b2ba4b1fabccaa5848cccae466d3a12 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Tue, 27 Nov 2012 16:58:39 -0200
|
||||
Subject: [PATCH 21/85] Add %X option to printf functions.
|
||||
Subject: [PATCH 24/90] Add %X option to printf functions.
|
||||
|
||||
---
|
||||
grub-core/kern/misc.c | 7 +++++--
|
||||
@ -54,5 +54,5 @@ index 6bb0351..81be344 100644
|
||||
case 'd':
|
||||
{
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a4b155fe619747aeb5eac12ca02d3cec83532756 Mon Sep 17 00:00:00 2001
|
||||
From 70a8c5e075d59ec13fdee4c3868b3862a8cd8aa4 Mon Sep 17 00:00:00 2001
|
||||
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
|
||||
Date: Tue, 27 Nov 2012 17:22:07 -0200
|
||||
Subject: [PATCH 28/85] Search for specific config file for netboot
|
||||
Subject: [PATCH 25/90] Search for specific config file for netboot
|
||||
|
||||
This patch implements a search for a specific configuration when the config
|
||||
file is on a remoteserver. It uses the following order:
|
||||
@ -22,10 +22,10 @@ https://bugzilla.redhat.com/show_bug.cgi?id=873406
|
||||
3 files changed, 135 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
|
||||
index 9424595..e53d9a0 100644
|
||||
index 10773fc..0769bf8 100644
|
||||
--- a/grub-core/net/net.c
|
||||
+++ b/grub-core/net/net.c
|
||||
@@ -1725,6 +1725,124 @@ grub_net_restore_hw (void)
|
||||
@@ -1735,6 +1735,124 @@ grub_net_restore_hw (void)
|
||||
return GRUB_ERR_NONE;
|
||||
}
|
||||
|
||||
@ -199,5 +199,5 @@ index 96aa9fa..e13ae1e 100644
|
||||
+
|
||||
#endif /* ! GRUB_NET_HEADER */
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 14812d576121fdc90b05ede5d1f30075b4ab2396 Mon Sep 17 00:00:00 2001
|
||||
From 8992c2812e1e914e803429314b9164a19af4398b Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Tue, 22 Jan 2013 06:31:38 +0100
|
||||
Subject: [PATCH 29/85] blscfg: add blscfg module to parse Boot Loader
|
||||
Subject: [PATCH 26/90] blscfg: add blscfg module to parse Boot Loader
|
||||
Specification snippets
|
||||
|
||||
http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
|
||||
@ -247,5 +247,5 @@ index 0000000..4274aca
|
||||
+ grub_unregister_extcmd (cmd);
|
||||
+}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 83a711aa32c98578a9a38c71eef6659fe4cc90a7 Mon Sep 17 00:00:00 2001
|
||||
From 3e83ff704af9a967fa55d60cc3917bc4ccd85f32 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Wed, 15 May 2013 13:30:20 -0400
|
||||
Subject: [PATCH 30/85] Don't write messages to the screen
|
||||
Subject: [PATCH 27/90] Don't write messages to the screen
|
||||
|
||||
Writing messages to the screen before the menus or boot splash
|
||||
happens so quickly it looks like something is wrong and isn't
|
||||
@ -9,10 +9,10 @@ very appealing.
|
||||
---
|
||||
grub-core/boot/i386/pc/boot.S | 3 ---
|
||||
grub-core/boot/i386/pc/diskboot.S | 5 -----
|
||||
grub-core/gettext/gettext.c | 15 ---------------
|
||||
grub-core/gettext/gettext.c | 25 +++++--------------------
|
||||
grub-core/kern/main.c | 5 -----
|
||||
util/grub.d/10_linux.in | 7 -------
|
||||
5 files changed, 35 deletions(-)
|
||||
5 files changed, 5 insertions(+), 40 deletions(-)
|
||||
|
||||
diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S
|
||||
index 2bd0b2d..ea167fe 100644
|
||||
@ -45,11 +45,15 @@ index 1ee4cf5..c8b87ed 100644
|
||||
movw $LOCAL(firstlist), %di
|
||||
|
||||
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
|
||||
index 1b1986f..b22e1bc 100644
|
||||
index 4880cef..b22e1bc 100644
|
||||
--- a/grub-core/gettext/gettext.c
|
||||
+++ b/grub-core/gettext/gettext.c
|
||||
@@ -437,13 +437,9 @@ grub_gettext_env_write_lang (struct grub_env_var *var
|
||||
grub_err_t __attribute__((__unused__)) err;
|
||||
@@ -434,16 +434,12 @@ static char *
|
||||
grub_gettext_env_write_lang (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, val, grub_env_get ("locale_dir"),
|
||||
grub_env_get ("prefix"));
|
||||
- if (err)
|
||||
@ -62,7 +66,12 @@ index 1b1986f..b22e1bc 100644
|
||||
|
||||
return grub_strdup (val);
|
||||
}
|
||||
@@ -455,8 +451,6 @@ grub_gettext_reread_prefix (const char *val)
|
||||
@@ -451,23 +447,19 @@ grub_gettext_env_write_lang (struct grub_env_var *var
|
||||
void
|
||||
grub_gettext_reread_prefix (const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"),
|
||||
grub_env_get ("locale_dir"),
|
||||
val);
|
||||
@ -71,8 +80,11 @@ index 1b1986f..b22e1bc 100644
|
||||
}
|
||||
|
||||
static char *
|
||||
@@ -466,8 +460,6 @@ read_main (struct grub_env_var *var
|
||||
grub_err_t __attribute__((__unused__)) err;
|
||||
read_main (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&main_context, grub_env_get ("lang"), val,
|
||||
grub_env_get ("prefix"));
|
||||
- if (err)
|
||||
@ -80,8 +92,12 @@ index 1b1986f..b22e1bc 100644
|
||||
return grub_strdup (val);
|
||||
}
|
||||
|
||||
@@ -478,9 +470,6 @@ read_secondary (struct grub_env_var *var
|
||||
grub_err_t __attribute__((__unused__)) err;
|
||||
@@ -475,12 +467,9 @@ static char *
|
||||
read_secondary (struct grub_env_var *var
|
||||
__attribute__ ((unused)), const char *val)
|
||||
{
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
err = grub_gettext_init_ext (&secondary_context, grub_env_get ("lang"), val,
|
||||
0);
|
||||
- if (err)
|
||||
@ -90,7 +106,14 @@ index 1b1986f..b22e1bc 100644
|
||||
return grub_strdup (val);
|
||||
}
|
||||
|
||||
@@ -506,12 +495,8 @@ GRUB_MOD_INIT (gettext)
|
||||
@@ -500,18 +489,14 @@ grub_cmd_translate (grub_command_t cmd __attribute__ ((unused)),
|
||||
GRUB_MOD_INIT (gettext)
|
||||
{
|
||||
const char *lang;
|
||||
- grub_err_t err;
|
||||
+ grub_err_t __attribute__((__unused__)) err;
|
||||
|
||||
lang = grub_env_get ("lang");
|
||||
|
||||
err = grub_gettext_init_ext (&main_context, lang, grub_env_get ("locale_dir"),
|
||||
grub_env_get ("prefix"));
|
||||
@ -120,7 +143,7 @@ index 8ab7794..da47b18 100644
|
||||
|
||||
grub_boot_time ("Before loading embedded modules.");
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index c41a9ca..74f5f29 100644
|
||||
index 8ccf012..a3d9711 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -128,29 +128,22 @@ linux_entry ()
|
||||
@ -154,5 +177,5 @@ index c41a9ca..74f5f29 100644
|
||||
EOF
|
||||
fi
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
45
0028-Don-t-print-GNU-GRUB-header.patch
Normal file
45
0028-Don-t-print-GNU-GRUB-header.patch
Normal file
@ -0,0 +1,45 @@
|
||||
From 9bd3d2fb49a6b8e3807ce7275876fd4b416545c9 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Wed, 15 May 2013 13:53:48 -0400
|
||||
Subject: [PATCH 28/90] Don't print GNU GRUB header
|
||||
|
||||
No one cares.
|
||||
---
|
||||
grub-core/normal/main.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index b2654ef..f57b750 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -202,15 +202,16 @@ read_config_file (const char *config)
|
||||
/* Initialize the screen. */
|
||||
void
|
||||
grub_normal_init_page (struct grub_term_output *term,
|
||||
- int y)
|
||||
+ int y __attribute__((__unused__)))
|
||||
{
|
||||
+ grub_term_cls (term);
|
||||
+
|
||||
+#if 0
|
||||
grub_ssize_t msg_len;
|
||||
int posx;
|
||||
char *msg_formatted;
|
||||
grub_uint32_t *unicode_msg;
|
||||
grub_uint32_t *last_position;
|
||||
-
|
||||
- grub_term_cls (term);
|
||||
|
||||
msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION);
|
||||
if (!msg_formatted)
|
||||
@@ -235,6 +236,7 @@ grub_normal_init_page (struct grub_term_output *term,
|
||||
grub_putcode ('\n', term);
|
||||
grub_putcode ('\n', term);
|
||||
grub_free (unicode_msg);
|
||||
+#endif
|
||||
}
|
||||
|
||||
static void
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From b8293967f7455f70a3f586f5583d7a9e5cc6772c Mon Sep 17 00:00:00 2001
|
||||
From dd2c80ddd0e5e57b33a9d06894225e629b1b8b5e Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Wed, 15 May 2013 17:49:45 -0400
|
||||
Subject: [PATCH 32/85] Don't add '*' to highlighted row
|
||||
Subject: [PATCH 29/90] Don't add '*' to highlighted row
|
||||
|
||||
It is already highlighted.
|
||||
---
|
||||
@ -22,5 +22,5 @@ index e22bb91..a3d1f23 100644
|
||||
grub_print_ucs4_menu (unicode_title,
|
||||
unicode_title + len,
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 6b0f11d8c752b5a7b5030e2cd19ba3b78b7dd901 Mon Sep 17 00:00:00 2001
|
||||
From 4cc90ad7d495b896e0b6b2677285ced8ce70cee1 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 11:09:04 -0400
|
||||
Subject: [PATCH 33/85] Message string cleanups
|
||||
Subject: [PATCH 30/90] Message string cleanups
|
||||
|
||||
Make use of terminology consistent. Remove jargon.
|
||||
---
|
||||
@ -67,5 +67,5 @@ index a3d1f23..64a8386 100644
|
||||
{
|
||||
grub_print_error ();
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,33 +0,0 @@
|
||||
From 4a5b10c4083c9b99aed2e98577e7634b74c250d9 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Wed, 15 May 2013 13:53:48 -0400
|
||||
Subject: [PATCH 31/85] Don't print GNU GRUB header
|
||||
|
||||
No one cares.
|
||||
---
|
||||
grub-core/normal/main.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index b2654ef..3af349d 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -212,6 +212,7 @@ grub_normal_init_page (struct grub_term_output *term,
|
||||
|
||||
grub_term_cls (term);
|
||||
|
||||
+#if 0
|
||||
msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION);
|
||||
if (!msg_formatted)
|
||||
return;
|
||||
@@ -235,6 +236,7 @@ grub_normal_init_page (struct grub_term_output *term,
|
||||
grub_putcode ('\n', term);
|
||||
grub_putcode ('\n', term);
|
||||
grub_free (unicode_msg);
|
||||
+#endif
|
||||
}
|
||||
|
||||
static void
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a31995777db4d7603e0cd901a4a643812e023f51 Mon Sep 17 00:00:00 2001
|
||||
From ee01481e906071d01649b61925eaac0348f9a9a7 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 14:08:23 -0400
|
||||
Subject: [PATCH 34/85] Fix border spacing now that we aren't displaying it
|
||||
Subject: [PATCH 31/90] Fix border spacing now that we aren't displaying it
|
||||
|
||||
---
|
||||
grub-core/normal/menu_text.c | 6 +++---
|
||||
@ -28,5 +28,5 @@ index 64a8386..1062d64 100644
|
||||
geo->timeout_lines = 2;
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 2a01b399c5c73096ae372eb1f342b8a0f8f47030 Mon Sep 17 00:00:00 2001
|
||||
From 748c629f47f4191c66011646e010cdf5ab506b90 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 14:08:49 -0400
|
||||
Subject: [PATCH 35/85] Use the correct indentation for the term help text
|
||||
Subject: [PATCH 32/90] Use the correct indentation for the term help text
|
||||
|
||||
That is consistent with the menu help text
|
||||
---
|
||||
@ -9,7 +9,7 @@ That is consistent with the menu help text
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index 3af349d..d98e868 100644
|
||||
index f57b750..0ce59fd 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -426,8 +426,8 @@ grub_normal_reader_init (int nested)
|
||||
@ -24,5 +24,5 @@ index 3af349d..d98e868 100644
|
||||
grub_print_message_indented (msg_formatted, 0, 0, term);
|
||||
grub_putcode ('\n', term);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From f670c1c2e4a55188b3654aaac307e20a6c896796 Mon Sep 17 00:00:00 2001
|
||||
From 93092c8a33db0cb36392c9684a60c12fbc823554 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 14:30:55 -0400
|
||||
Subject: [PATCH 36/85] Indent menu entries
|
||||
Subject: [PATCH 33/90] Indent menu entries
|
||||
|
||||
---
|
||||
grub-core/normal/menu_text.c | 3 ++-
|
||||
@ -22,5 +22,5 @@ index 1062d64..ecc60f9 100644
|
||||
grub_print_ucs4_menu (unicode_title,
|
||||
unicode_title + len,
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 397d978c51b6ac1db63e05de786334ceb6a40636 Mon Sep 17 00:00:00 2001
|
||||
From ee7064d8667cf51d12f2cc5ead9b428446c563ad Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 14:59:36 -0400
|
||||
Subject: [PATCH 37/85] Fix margins
|
||||
Subject: [PATCH 34/90] Fix margins
|
||||
|
||||
---
|
||||
grub-core/normal/menu_text.c | 8 +++-----
|
||||
@ -33,5 +33,5 @@ index ecc60f9..0e43f2c 100644
|
||||
- geo->timeout_lines /* timeout */
|
||||
- 1 /* empty final line */;
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From b5566d5a3ee9ada0c397102bd51887c7e0d7305f Mon Sep 17 00:00:00 2001
|
||||
From 712f456d542ec913c4a5bc13f86443f79912cbf3 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 21 Jun 2013 14:44:08 -0400
|
||||
Subject: [PATCH 38/85] Use -2 instead of -1 for our right-hand margin, so
|
||||
Subject: [PATCH 35/90] Use -2 instead of -1 for our right-hand margin, so
|
||||
linewrapping works (#976643).
|
||||
|
||||
Signed-off-by: Peter Jones <grub2-owner@fedoraproject.org>
|
||||
@ -23,5 +23,5 @@ index 0e43f2c..537d4bf 100644
|
||||
geo->first_entry_y = 3; /* three empty lines*/
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 2366e7d0b5915ca44930a682258a0a913269befc Mon Sep 17 00:00:00 2001
|
||||
From aedb9655a10717fe3678a9e2fc720b55f5b0ffbc Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 28 Oct 2013 10:05:07 -0400
|
||||
Subject: [PATCH 39/85] Use linux16 when appropriate (#880840)
|
||||
Subject: [PATCH 36/90] Use linux16 when appropriate (#880840)
|
||||
|
||||
The kernel group really would prefer that we use the 16 bit entry point
|
||||
on x86 bios machines.
|
||||
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 74f5f29..5b49dcb 100644
|
||||
index a3d9711..f3bf6ac 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -76,6 +76,11 @@ linux_entry ()
|
||||
@ -48,5 +48,5 @@ index 74f5f29..5b49dcb 100644
|
||||
fi
|
||||
fi
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 0c2e9a7c6f7f781542d3a94a5fc9b0b8ce435cd2 Mon Sep 17 00:00:00 2001
|
||||
From 0b72348759eaec7d1d488e9788e724a2d48ce3f7 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 28 Oct 2013 10:09:27 -0400
|
||||
Subject: [PATCH 40/85] Enable pager by default. (#985860)
|
||||
Subject: [PATCH 37/90] Enable pager by default. (#985860)
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
@ -22,5 +22,5 @@ index 93a9023..858b526 100644
|
||||
load_env
|
||||
fi
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 9cbaea1b39567552e4e103cb35a7c18fdc36395a Mon Sep 17 00:00:00 2001
|
||||
From 55d0f5f5fdecfab6c8439520491e08a0178bd5dc Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 28 Oct 2013 10:13:27 -0400
|
||||
Subject: [PATCH 41/85] F10 doesn't work on serial, so don't tell the user to
|
||||
Subject: [PATCH 38/90] F10 doesn't work on serial, so don't tell the user to
|
||||
hit it (#987443)
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
@ -23,5 +23,5 @@ index 537d4bf..452d55b 100644
|
||||
STANDARD_MARGIN, STANDARD_MARGIN,
|
||||
term, dry_run);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From af21e1092f7b99e1815b5a4653a15586580fd398 Mon Sep 17 00:00:00 2001
|
||||
From d110064c73c1604b07cdaa3d41751074b2701142 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 14 Mar 2011 14:27:42 -0400
|
||||
Subject: [PATCH 42/85] Don't say "GNU/Linux" in generated menus.
|
||||
Subject: [PATCH 39/90] Don't say "GNU/Linux" in generated menus.
|
||||
|
||||
---
|
||||
util/grub.d/10_linux.in | 4 ++--
|
||||
@ -9,7 +9,7 @@ Subject: [PATCH 42/85] Don't say "GNU/Linux" in generated menus.
|
||||
2 files changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 5b49dcb..d54b982 100644
|
||||
index f3bf6ac..ef52cf3 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
|
||||
@ -25,7 +25,7 @@ index 5b49dcb..d54b982 100644
|
||||
fi
|
||||
|
||||
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
|
||||
index 46045db..002e11d 100644
|
||||
index c48af94..25e3c41 100644
|
||||
--- a/util/grub.d/20_linux_xen.in
|
||||
+++ b/util/grub.d/20_linux_xen.in
|
||||
@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@"
|
||||
@ -41,5 +41,5 @@ index 46045db..002e11d 100644
|
||||
fi
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 7874cc5b2a72249ec7bdea308cc7f689428a8714 Mon Sep 17 00:00:00 2001
|
||||
From fbd9d8969c059d6e5572b1acfa42ba48bc4299e2 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Wed, 15 May 2013 16:47:33 -0400
|
||||
Subject: [PATCH 43/85] Don't draw a border around the menu
|
||||
Subject: [PATCH 40/90] Don't draw a border around the menu
|
||||
|
||||
It looks cleaner without it.
|
||||
---
|
||||
@ -70,5 +70,5 @@ index 452d55b..1ed2bd9 100644
|
||||
grub_term_highlight_color = old_color_highlight;
|
||||
geo->timeout_y = geo->first_entry_y + geo->num_entries
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From c18188e88655d8404dc1687b5a5c4e3ae1a01c7c Mon Sep 17 00:00:00 2001
|
||||
From 3aeba4760755b9b263ed4ba60dc0431352b63fe7 Mon Sep 17 00:00:00 2001
|
||||
From: William Jon McCann <william.jon.mccann@gmail.com>
|
||||
Date: Fri, 7 Jun 2013 10:52:32 -0400
|
||||
Subject: [PATCH 44/85] Use the standard margin for the timeout string
|
||||
Subject: [PATCH 41/90] Use the standard margin for the timeout string
|
||||
|
||||
So that it aligns with the other messages
|
||||
---
|
||||
@ -39,5 +39,5 @@ index 1ed2bd9..7681f7d 100644
|
||||
}
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 5baee32f7f9771fe64fa0cdf6e49cd4f6158487a Mon Sep 17 00:00:00 2001
|
||||
From 333159a74035a726841c6c888f43d983a40ed959 Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Mon, 13 Jan 2014 21:50:59 -0500
|
||||
Subject: [PATCH 45/85] Add .eh_frame to list of relocations stripped
|
||||
Subject: [PATCH 42/90] Add .eh_frame to list of relocations stripped
|
||||
|
||||
---
|
||||
conf/Makefile.common | 2 +-
|
||||
@ -21,5 +21,5 @@ index 11296b5..a476ab5 100644
|
||||
CFLAGS_MODULE = $(CFLAGS_PLATFORM) -ffreestanding
|
||||
LDFLAGS_MODULE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From ba2e29130c54c0082f2b9a6719e891c1a7397a03 Mon Sep 17 00:00:00 2001
|
||||
From 5fa65416bae89efb88015e72cb21c28fe3833fc8 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Jan 2014 13:12:23 -0500
|
||||
Subject: [PATCH 46/85] Make 10_linux work with our changes for linux16 and
|
||||
Subject: [PATCH 43/90] Make 10_linux work with our changes for linux16 and
|
||||
linuxefi on aarch64
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
@ -10,7 +10,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 28 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index d54b982..ab9d32d 100644
|
||||
index ef52cf3..191aebe 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -77,8 +77,18 @@ linux_entry ()
|
||||
@ -81,5 +81,5 @@ index d54b982..ab9d32d 100644
|
||||
for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
|
||||
if test -e "${i}" ; then
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 7c437680ba85ea5b1a7c98fd2b2e9ff8ddb00a1e Mon Sep 17 00:00:00 2001
|
||||
From e89fd78bb3f62064d930c82ad14cd490166d1a2c Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Jan 2014 16:15:46 -0500
|
||||
Subject: [PATCH 47/85] Don't print during fdt loading method.
|
||||
Subject: [PATCH 44/90] Don't print during fdt loading method.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
@ -9,7 +9,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index ab9d32d..04179d9 100644
|
||||
index 191aebe..452a9f6 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -164,9 +164,7 @@ EOF
|
||||
@ -23,5 +23,5 @@ index ab9d32d..04179d9 100644
|
||||
EOF
|
||||
fi
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 633be1409c09df43142eb1310234ff9ebfe0dc62 Mon Sep 17 00:00:00 2001
|
||||
From 7683e149c587abf2d35de11c39ddb0810572b2e4 Mon Sep 17 00:00:00 2001
|
||||
From: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Mon, 30 Jun 2014 14:16:46 -0400
|
||||
Subject: [PATCH 48/85] Don't munge raw spaces when we're doing our cmdline
|
||||
Subject: [PATCH 45/90] Don't munge raw spaces when we're doing our cmdline
|
||||
escaping (#923374)
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
@ -32,5 +32,5 @@ index 0a5b2af..970ea86 100644
|
||||
{
|
||||
*buf++ = *c++;
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 030328c1b5d1266d5f664dafd6af52d765dbe3b0 Mon Sep 17 00:00:00 2001
|
||||
From 8a11a21d904e7e823ee6f17faedbf45a8e28044a Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 11 Feb 2014 11:14:50 -0500
|
||||
Subject: [PATCH 49/85] Don't require a password to boot entries generated by
|
||||
Subject: [PATCH 46/90] Don't require a password to boot entries generated by
|
||||
grub-mkconfig.
|
||||
|
||||
When we set a password, we just want that to mean you can't /edit/ an entry.
|
||||
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 04179d9..a0e71fa 100644
|
||||
index 452a9f6..79a747e 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -26,7 +26,7 @@ datarootdir="@datarootdir@"
|
||||
@ -27,5 +27,5 @@ index 04179d9..a0e71fa 100644
|
||||
if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
|
||||
OS="$(sed 's, release .*$,,g' /etc/system-release)"
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 62ce77c55bb224f3c318d94cf45bf170d2fc806f Mon Sep 17 00:00:00 2001
|
||||
From 5468ac6eef409220e59741ccf1073d92916cdddf Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 18 Feb 2014 09:37:49 -0500
|
||||
Subject: [PATCH 50/85] Don't emit "Booting ..." message.
|
||||
Subject: [PATCH 47/90] Don't emit "Booting ..." message.
|
||||
|
||||
UI team still hates this stuff, so we're disabling it for RHEL 7.
|
||||
|
||||
@ -9,16 +9,20 @@ Resolves: rhbz#1023142
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/normal/menu.c | 2 ++
|
||||
grub-core/normal/menu.c | 4 +++-
|
||||
grub-core/normal/menu_entry.c | 3 ---
|
||||
2 files changed, 2 insertions(+), 3 deletions(-)
|
||||
2 files changed, 3 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
|
||||
index 73a94aa..e74cb56 100644
|
||||
index 2e8a7bd..004711d 100644
|
||||
--- a/grub-core/normal/menu.c
|
||||
+++ b/grub-core/normal/menu.c
|
||||
@@ -832,9 +832,11 @@ static void
|
||||
notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
|
||||
@@ -838,12 +838,14 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot)
|
||||
|
||||
/* Callback invoked immediately before a menu entry is executed. */
|
||||
static void
|
||||
-notify_booting (grub_menu_entry_t entry,
|
||||
+notify_booting (grub_menu_entry_t __attribute__((unused)) entry,
|
||||
void *userdata __attribute__((unused)))
|
||||
{
|
||||
+#if 0
|
||||
@ -44,5 +48,5 @@ index eeeee55..8349049 100644
|
||||
errs_before = grub_err_printed_errors;
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 07232bee88b91155ed2315db10d83e03e466efc6 Mon Sep 17 00:00:00 2001
|
||||
From cce065ff19272aa908a293632a265211201d7237 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 4 Mar 2014 11:00:23 -0500
|
||||
Subject: [PATCH 51/85] Replace a lot of man pages with slightly nicer ones.
|
||||
Subject: [PATCH 48/90] Replace a lot of man pages with slightly nicer ones.
|
||||
|
||||
Replace a bunch of machine generated ones with ones that look nicer.
|
||||
---
|
||||
@ -134,7 +134,7 @@ index b16bd92..39eb94b 100644
|
||||
EXTRA_DIST += docs/grub.cfg
|
||||
EXTRA_DIST += docs/osdetect.cfg
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index a85b134..4369bda 100644
|
||||
index ab9134c..9937a82 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -70,6 +70,29 @@ grub_TRANSFORM([grub-set-default])
|
||||
@ -1959,5 +1959,5 @@ index 0000000..37ea2dd
|
||||
+.SH SEE ALSO
|
||||
+.BR "info grub"
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a937e5533ae47be79d374fb99709282e16df4f0d Mon Sep 17 00:00:00 2001
|
||||
From c28ddef07d11d790d89ee6ec8e3a8cc7e1aace0d Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Wed, 19 Feb 2014 15:58:43 -0500
|
||||
Subject: [PATCH 52/85] use fw_path prefix when fallback searching for grub
|
||||
Subject: [PATCH 49/90] use fw_path prefix when fallback searching for grub
|
||||
config
|
||||
|
||||
When PXE booting via UEFI firmware, grub was searching for grub.cfg
|
||||
@ -18,7 +18,7 @@ Signed-off-by: Mark Salter <msalter@redhat.com>
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index d98e868..660238a 100644
|
||||
index 0ce59fd..a3713ef 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -343,7 +343,7 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
|
||||
@ -41,5 +41,5 @@ index d98e868..660238a 100644
|
||||
{
|
||||
grub_size_t config_len;
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 780862554b3ee8a44c9d0b7e77ba219377a6b39b Mon Sep 17 00:00:00 2001
|
||||
From 82812e4ade82c9aa4f2e8f091b60b714ecfd82e5 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 6 Mar 2014 11:51:33 -0500
|
||||
Subject: [PATCH 53/85] Try mac/guid/etc before grub.cfg on tftp config files.
|
||||
Subject: [PATCH 50/90] Try mac/guid/etc before grub.cfg on tftp config files.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
@ -9,7 +9,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 43 insertions(+), 37 deletions(-)
|
||||
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index 660238a..3ba1cdb 100644
|
||||
index a3713ef..7d9c4f0 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -341,53 +341,59 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
|
||||
@ -110,5 +110,5 @@ index 660238a..3ba1cdb 100644
|
||||
else
|
||||
grub_enter_normal_mode (argv[0]);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From f35eaf656ac008e23937d5a31ece0e41df9e69cf Mon Sep 17 00:00:00 2001
|
||||
From b954efc0812579f973031b24c68a2f593bd89ba1 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 18 Feb 2014 11:34:00 -0500
|
||||
Subject: [PATCH 54/85] Fix convert function to support NVMe devices
|
||||
Subject: [PATCH 51/90] Fix convert function to support NVMe devices
|
||||
|
||||
This is adapted from the patch at
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1019660 , which is against
|
||||
@ -55,5 +55,5 @@ index 92c0d70..bf317a2 100644
|
||||
return grub_util_devmapper_part_to_disk (&st, is_part, os_dev);
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 507dd275029deb504e0a7ffae3a7cd76f5701412 Mon Sep 17 00:00:00 2001
|
||||
From 6900527741a21097f57a72854944f3e078a0ee42 Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Mon, 10 Feb 2014 16:13:10 -0500
|
||||
Subject: [PATCH 55/85] Switch to use APM Mustang device tree, for hardware
|
||||
Subject: [PATCH 52/90] Switch to use APM Mustang device tree, for hardware
|
||||
testing.
|
||||
|
||||
Signed-off-by: David A. Marlin <d.marlin@redhat.com>
|
||||
@ -10,7 +10,7 @@ Signed-off-by: David A. Marlin <d.marlin@redhat.com>
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index a0e71fa..dc3d081 100644
|
||||
index 79a747e..462b461 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -232,8 +232,8 @@ while [ "x$list" != "x" ] ; do
|
||||
@ -25,5 +25,5 @@ index a0e71fa..dc3d081 100644
|
||||
fi
|
||||
done
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 30fa988875e7b218240ac2100f4bab768c80a7f6 Mon Sep 17 00:00:00 2001
|
||||
From 823290f622902f1ae06efa29efbe4ca15af1aafe Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Wed, 12 Feb 2014 14:54:04 -0500
|
||||
Subject: [PATCH 56/85] Use the default device tree from the grub default file
|
||||
Subject: [PATCH 53/90] Use the default device tree from the grub default file
|
||||
|
||||
instead of hardcoding a value.
|
||||
|
||||
@ -26,7 +26,7 @@ index c088b70..9d595ac 100644
|
||||
if test "x${grub_cfg}" != "x"; then
|
||||
rm -f "${grub_cfg}.new"
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index dc3d081..30e0e85 100644
|
||||
index 462b461..a9692a0 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -232,8 +232,8 @@ while [ "x$list" != "x" ] ; do
|
||||
@ -41,5 +41,5 @@ index dc3d081..30e0e85 100644
|
||||
fi
|
||||
done
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a3f2c756ce34c9666bddef35e3b3b85ccecdcffc Mon Sep 17 00:00:00 2001
|
||||
From e119353dad1eadc771a011f82bf90bd04fc00f9a Mon Sep 17 00:00:00 2001
|
||||
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
|
||||
Date: Sat, 15 Feb 2014 15:10:22 -0500
|
||||
Subject: [PATCH 57/85] reopen SNP protocol for exclusive use by grub
|
||||
Subject: [PATCH 54/90] reopen SNP protocol for exclusive use by grub
|
||||
|
||||
---
|
||||
grub-core/net/drivers/efi/efinet.c | 16 ++++++++++++++++
|
||||
@ -42,5 +42,5 @@ index 5388f95..ea0e0ca 100644
|
||||
}
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 5a6729292b36c493c81b4bfeef70434318a604f2 Mon Sep 17 00:00:00 2001
|
||||
From 5d47b56198754190c62179ae10ef175c00d1474d Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 4 Mar 2016 15:13:59 -0500
|
||||
Subject: [PATCH 58/85] Revert "reopen SNP protocol for exclusive use by grub"
|
||||
Subject: [PATCH 55/90] Revert "reopen SNP protocol for exclusive use by grub"
|
||||
|
||||
This reverts commit a3f2c756ce34c9666bddef35e3b3b85ccecdcffc , which is
|
||||
obsoleted by these:
|
||||
@ -50,5 +50,5 @@ index ea0e0ca..5388f95 100644
|
||||
}
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From deb910d72a3a8745ca207e75f5caa09b0264606c Mon Sep 17 00:00:00 2001
|
||||
From 5a69c7fbfff14bcea80e781fcd6acad07c904e22 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 3 Sep 2014 10:01:03 -0400
|
||||
Subject: [PATCH 59/85] Add grub_util_readlink()
|
||||
Subject: [PATCH 56/90] Add grub_util_readlink()
|
||||
|
||||
Add grub_util_readlink(). This requires pulling in stat and readlink from
|
||||
gnulib, which pulls in stat and related headers, but after that the
|
||||
@ -3730,5 +3730,5 @@ index 0000000..9852778
|
||||
+ REPLACE_LOCALTIME=0; AC_SUBST([REPLACE_LOCALTIME])
|
||||
+])
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 4c54fc0998ac13e7d38ba44cefcda9384d794475 Mon Sep 17 00:00:00 2001
|
||||
From a867dc42c711385634d86f04176cf3193d548f1d Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 3 Sep 2014 10:38:00 -0400
|
||||
Subject: [PATCH 60/85] Make editenv chase symlinks including those across
|
||||
Subject: [PATCH 57/90] Make editenv chase symlinks including those across
|
||||
devices.
|
||||
|
||||
This lets us make /boot/grub2/grubenv a symlink to
|
||||
@ -17,7 +17,7 @@ Reviewed-by: Adam Jackson <ajax@redhat.com>
|
||||
2 files changed, 53 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index dfd48fc..c123038 100644
|
||||
index 6d452da..2061104 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -230,8 +230,17 @@ program = {
|
||||
@ -102,5 +102,5 @@ index c6f8d22..d8d1dad 100644
|
||||
+ free (rename_target);
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 5006f4ecf73a3742f1441177072dd814cd63e9b5 Mon Sep 17 00:00:00 2001
|
||||
From 14b8db374bfc41fffa278ec33084324008384417 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 4 Sep 2014 14:23:23 -0400
|
||||
Subject: [PATCH 61/85] Generate OS and CLASS in 10_linux from /etc/os-release
|
||||
Subject: [PATCH 58/90] Generate OS and CLASS in 10_linux from /etc/os-release
|
||||
|
||||
This makes us use pretty names in the titles we generate in
|
||||
grub2-mkconfig when GRUB_DISTRIBUTOR isn't set.
|
||||
@ -14,7 +14,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 30e0e85..1881c73 100644
|
||||
index a9692a0..c662726 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -29,7 +29,8 @@ export TEXTDOMAINDIR="@localedir@"
|
||||
@ -28,5 +28,5 @@ index 30e0e85..1881c73 100644
|
||||
OS="${GRUB_DISTRIBUTOR}"
|
||||
CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From e6c8b26dece544383403a13019ad6d4991c72e4e Mon Sep 17 00:00:00 2001
|
||||
From 700c631b4c887778951503346afe5b7ee70bf7dd Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 4 Sep 2014 15:52:08 -0400
|
||||
Subject: [PATCH 62/85] Minimize the sort ordering for .debug and -rescue-
|
||||
Subject: [PATCH 59/90] Minimize the sort ordering for .debug and -rescue-
|
||||
kernels.
|
||||
|
||||
Resolves: rhbz#1065360
|
||||
@ -30,5 +30,5 @@ index cf35e41..10fabee 100644
|
||||
version_test_numeric "$version_test_gt_a" "$version_test_gt_cmp" "$version_test_gt_b"
|
||||
return "$?"
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From d0ea23d1dd262db1d131f1fb8bf3d1e6c67ec252 Mon Sep 17 00:00:00 2001
|
||||
From cae0d2cdb28017df75358e0839c60a9c2521cb82 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 18 Sep 2014 11:26:14 -0400
|
||||
Subject: [PATCH 63/85] Load arm with SB enabled.
|
||||
Subject: [PATCH 60/90] Load arm with SB enabled.
|
||||
|
||||
Make sure we actually try to validate secure boot on this platform (even
|
||||
though we're not shipping it enabled by default.)
|
||||
@ -42,7 +42,7 @@ index e79bb0c..7fba196 100644
|
||||
enable = x86_64_efi;
|
||||
};
|
||||
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
|
||||
index 9519d2e..9f425df 100644
|
||||
index 9519d2e..4756ef7 100644
|
||||
--- a/grub-core/loader/arm64/linux.c
|
||||
+++ b/grub-core/loader/arm64/linux.c
|
||||
@@ -28,6 +28,7 @@
|
||||
@ -87,7 +87,7 @@ index 9519d2e..9f425df 100644
|
||||
+ (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t);
|
||||
+ loaded_image->load_options =
|
||||
+ grub_efi_allocate_pages (0,
|
||||
+ BYTES_TO_PAGES (loaded_image->load_options_size));
|
||||
+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size));
|
||||
+ if (!loaded_image->load_options)
|
||||
+ return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters");
|
||||
+
|
||||
@ -142,7 +142,7 @@ index 9519d2e..9f425df 100644
|
||||
+ if (loaded_image->load_options)
|
||||
+ grub_efi_free_pages ((grub_efi_physical_address_t)
|
||||
+ loaded_image->load_options,
|
||||
+ BYTES_TO_PAGES (loaded_image->load_options_size));
|
||||
+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size));
|
||||
+ loaded_image->load_options = NULL;
|
||||
+ loaded_image->load_options_size = 0;
|
||||
+ }
|
||||
@ -424,5 +424,5 @@ index 0000000..d9ede36
|
||||
+
|
||||
+#endif /* ! GRUB_EFI_LINUX_HEADER */
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 240f6e49d239635f7ca8cd2ca6103df534c92507 Mon Sep 17 00:00:00 2001
|
||||
From d255a98813193eb2c23f9217106b121278843023 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 3 Oct 2014 11:08:03 -0400
|
||||
Subject: [PATCH 64/85] Try $prefix if $fw_path doesn't work.
|
||||
Subject: [PATCH 61/90] Try $prefix if $fw_path doesn't work.
|
||||
|
||||
Related: rhbz#1148652
|
||||
|
||||
@ -57,10 +57,10 @@ index 8a3ecd5..8efa1a6 100644
|
||||
}
|
||||
|
||||
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
|
||||
index e53d9a0..9af9a1f 100644
|
||||
index 0769bf8..16d2ce0 100644
|
||||
--- a/grub-core/net/net.c
|
||||
+++ b/grub-core/net/net.c
|
||||
@@ -1840,7 +1840,7 @@ grub_net_search_configfile (char *config)
|
||||
@@ -1850,7 +1850,7 @@ grub_net_search_configfile (char *config)
|
||||
/* Remove the remaining minus sign at the end. */
|
||||
config[config_len] = '\0';
|
||||
|
||||
@ -70,7 +70,7 @@ index e53d9a0..9af9a1f 100644
|
||||
|
||||
static struct grub_preboot *fini_hnd;
|
||||
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
|
||||
index 3ba1cdb..13d9eab 100644
|
||||
index 7d9c4f0..b69f9e7 100644
|
||||
--- a/grub-core/normal/main.c
|
||||
+++ b/grub-core/normal/main.c
|
||||
@@ -331,74 +331,72 @@ grub_enter_normal_mode (const char *config)
|
||||
@ -207,5 +207,5 @@ index 3ba1cdb..13d9eab 100644
|
||||
}
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From ce8210df5c25af8ce319f6cd5b7578beaf3e9a22 Mon Sep 17 00:00:00 2001
|
||||
From 8e6fc0ea14aa01817cc9103ffd5e328a78e56857 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 27 Oct 2014 09:22:55 -0400
|
||||
Subject: [PATCH 65/85] Try to emit linux16/initrd16 and linuxefi/initrdefi in
|
||||
Subject: [PATCH 62/90] Try to emit linux16/initrd16 and linuxefi/initrdefi in
|
||||
30-os_prober.
|
||||
|
||||
Resolves: rhbz#1108296
|
||||
@ -73,5 +73,5 @@ index 9b8f596..dc98eac 100644
|
||||
fi
|
||||
cat << EOF
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 91f9701082fe351aa221323fb684e08c6b466b87 Mon Sep 17 00:00:00 2001
|
||||
From b6e3ffe7ae7e4222cc15876cb72c691112f3c4b0 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 28 Apr 2015 11:15:03 -0400
|
||||
Subject: [PATCH 66/85] Make grub2-mkconfig construct titles that look like the
|
||||
Subject: [PATCH 63/90] Make grub2-mkconfig construct titles that look like the
|
||||
ones we want elsewhere.
|
||||
|
||||
Resolves: rhbz#1215839
|
||||
@ -12,7 +12,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
1 file changed, 11 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 1881c73..539ac65 100644
|
||||
index c662726..1215241 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -68,6 +68,15 @@ case x"$GRUB_FS" in
|
||||
@ -50,5 +50,5 @@ index 1881c73..539ac65 100644
|
||||
echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
|
||||
else
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 0fd74ec2eb69ee6147fbf2062a9eecceff24896b Mon Sep 17 00:00:00 2001
|
||||
From c4be6106eae8c1b479c325f531a1f81188f400e8 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Mon, 16 Mar 2015 16:34:51 -0400
|
||||
Subject: [PATCH 67/85] Update info with grub.cfg netboot selection order
|
||||
Subject: [PATCH 64/90] Update info with grub.cfg netboot selection order
|
||||
(#1148650)
|
||||
|
||||
Added documentation to the grub info page that specifies the order
|
||||
@ -66,5 +66,5 @@ index 98d4d0d..4c6323b 100644
|
||||
@samp{(tftp)} device.
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 368462b4c02b93431943242d069a13aaa3f7f410 Mon Sep 17 00:00:00 2001
|
||||
From 11abe391636d0819902357591aebf0ea01b88130 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Mon, 16 Mar 2015 14:14:19 -0400
|
||||
Subject: [PATCH 68/85] Use Distribution Package Sort for grub2-mkconfig
|
||||
Subject: [PATCH 65/90] Use Distribution Package Sort for grub2-mkconfig
|
||||
(#1124074)
|
||||
|
||||
Users reported that newly installed kernels on their systems installed
|
||||
@ -34,7 +34,7 @@ index 06c9f3a..7697877 100644
|
||||
grub-set-default
|
||||
grub-shell
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index c123038..1b0dc15 100644
|
||||
index 2061104..d846b81 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -684,6 +684,22 @@ program = {
|
||||
@ -61,7 +61,7 @@ index c123038..1b0dc15 100644
|
||||
name = grub-mkconfig;
|
||||
common = util/grub-mkconfig.in;
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 4369bda..127d91d 100644
|
||||
index 9937a82..d5e8d90 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -65,6 +65,7 @@ grub_TRANSFORM([grub-mkrelpath])
|
||||
@ -80,7 +80,7 @@ index 4369bda..127d91d 100644
|
||||
grub_TRANSFORM([grub-reboot.3])
|
||||
grub_TRANSFORM([grub-render-label.3])
|
||||
grub_TRANSFORM([grub-script-check.3])
|
||||
@@ -1731,6 +1733,33 @@ fi
|
||||
@@ -1743,6 +1745,33 @@ fi
|
||||
|
||||
AC_SUBST([LIBDEVMAPPER])
|
||||
|
||||
@ -456,5 +456,5 @@ index 0000000..f33bd1e
|
||||
+ return 0;
|
||||
+}
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From bcca98247da836509464b14549c34debb5b17bd3 Mon Sep 17 00:00:00 2001
|
||||
From f7574b40f89ded29d82e5cfdb7494f8884bc1cdb Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Thu, 25 Jun 2015 11:13:11 -0400
|
||||
Subject: [PATCH 69/85] Add friendly grub2 password config tool (#985962)
|
||||
Subject: [PATCH 66/90] Add friendly grub2 password config tool (#985962)
|
||||
|
||||
Provided a tool for users to reset the grub2 root user password
|
||||
without having to alter the grub.cfg. The hashed password now
|
||||
@ -34,7 +34,7 @@ index 7697877..53a391e 100644
|
||||
grub-shell-tester
|
||||
grub-sparc64-setup
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index 1b0dc15..5598b03 100644
|
||||
index d846b81..226c46b 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -440,6 +440,12 @@ script = {
|
||||
@ -65,7 +65,7 @@ index 1b0dc15..5598b03 100644
|
||||
common = util/grub-mkconfig_lib.in;
|
||||
installdir = noinst;
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 127d91d..d6ef6c3 100644
|
||||
index d5e8d90..67ff20c 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -65,6 +65,7 @@ grub_TRANSFORM([grub-mkrelpath])
|
||||
@ -270,5 +270,5 @@ index 0000000..db2f44b
|
||||
+fi
|
||||
+EOF
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 4cee6969015be92d0a4371f4ccae7f36c6b80dc6 Mon Sep 17 00:00:00 2001
|
||||
From a605e7af01dc697021b96fe6fbaf92ef3fca017c Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Tue, 14 Jul 2015 16:58:51 -0700
|
||||
Subject: [PATCH 70/85] Fix race in EFI validation
|
||||
Subject: [PATCH 67/90] Fix race in EFI validation
|
||||
|
||||
---
|
||||
grub-core/loader/i386/efi/linux.c | 44 ++++++++++-----------------------------
|
||||
@ -93,5 +93,5 @@ index e5b7785..7ccf32d 100644
|
||||
{
|
||||
grub_dl_unref (my_mod);
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 6ea648a482015d3379acbe4f6f78991e3e923c47 Mon Sep 17 00:00:00 2001
|
||||
From 63efe6a207f59ffa9e55cc10a0aed272f3571227 Mon Sep 17 00:00:00 2001
|
||||
From: Don Zickus <dzickus@redhat.com>
|
||||
Date: Wed, 22 Jul 2015 13:59:55 -0400
|
||||
Subject: [PATCH 71/85] ppc64le sync mkconfig to disk (#1212114)
|
||||
Subject: [PATCH 68/90] ppc64le sync mkconfig to disk (#1212114)
|
||||
|
||||
If creating a new grub2 entry using grub2-mkconfig, the entry is not
|
||||
immediately sync'd to disk. If a crash happens before the writeback,
|
||||
@ -38,5 +38,5 @@ index fb87247..73a18f7 100644
|
||||
+ sync && mountpoint -q /boot &&fsfreeze -f /boot && fsfreeze -u /boot
|
||||
+fi
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From bdc3eb0098b4b7d85423bb5674e50d78b01f3f49 Mon Sep 17 00:00:00 2001
|
||||
From 9d47b2c482b6db238c99fe106f4b2e3c612f3a91 Mon Sep 17 00:00:00 2001
|
||||
From: Raymund Will <rw@suse.com>
|
||||
Date: Fri, 10 Apr 2015 01:45:02 -0400
|
||||
Subject: [PATCH 72/85] Use device part of chainloader target, if present.
|
||||
Subject: [PATCH 69/90] Use device part of chainloader target, if present.
|
||||
|
||||
Otherwise chainloading is restricted to '$root', which might not even
|
||||
be readable by EFI!
|
||||
@ -33,5 +33,5 @@ index 522a716..6b47497 100644
|
||||
goto fail;
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 5a211adebc2362cb5d7767bd95fe204f0d5cb852 Mon Sep 17 00:00:00 2001
|
||||
From 9cbf35d19f4ffafdf2683acf7b6a320b55bbdfca Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 6 Oct 2015 13:04:37 -0400
|
||||
Subject: [PATCH 73/85] Add secureboot support on efi chainloader
|
||||
Subject: [PATCH 70/90] Add secureboot support on efi chainloader
|
||||
|
||||
Expand the chainloader to be able to verify the image by means of shim
|
||||
lock protocol. The PE/COFF image is loaded and relocated by the
|
||||
@ -796,5 +796,5 @@ index f79c36c..f79782e 100644
|
||||
{
|
||||
grub_uint32_t page_rva;
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From f1896dc881b276559079773ba666266979df2f74 Mon Sep 17 00:00:00 2001
|
||||
From c1d31b6a26e5542142d569c94a70f1dc8e07afd6 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 6 Oct 2015 16:09:25 -0400
|
||||
Subject: [PATCH 74/85] Make any of the loaders that link in efi mode honor
|
||||
Subject: [PATCH 71/90] Make any of the loaders that link in efi mode honor
|
||||
secure boot.
|
||||
|
||||
And in this case "honor" means "even if somebody does link this in, they
|
||||
@ -24,9 +24,17 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
grub-core/loader/xnu.c | 7 +++++
|
||||
include/grub/efi/efi.h | 1 -
|
||||
include/grub/efi/sb.h | 29 +++++++++++++++++++
|
||||
15 files changed, 146 insertions(+), 29 deletions(-)
|
||||
include/grub/ia64/linux.h | 0
|
||||
include/grub/mips/linux.h | 0
|
||||
include/grub/powerpc/linux.h | 0
|
||||
include/grub/sparc64/linux.h | 0
|
||||
19 files changed, 146 insertions(+), 29 deletions(-)
|
||||
create mode 100644 grub-core/kern/efi/sb.c
|
||||
create mode 100644 include/grub/efi/sb.h
|
||||
create mode 100644 include/grub/ia64/linux.h
|
||||
create mode 100644 include/grub/mips/linux.h
|
||||
create mode 100644 include/grub/powerpc/linux.h
|
||||
create mode 100644 include/grub/sparc64/linux.h
|
||||
|
||||
diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am
|
||||
index 04e9395..fd715a8 100644
|
||||
@ -469,6 +477,18 @@ index 0000000..9629fbb
|
||||
+int EXPORT_FUNC (grub_efi_secure_boot) (void);
|
||||
+
|
||||
+#endif /* ! GRUB_EFI_SB_HEADER */
|
||||
diff --git a/include/grub/ia64/linux.h b/include/grub/ia64/linux.h
|
||||
new file mode 100644
|
||||
index 0000000..e69de29
|
||||
diff --git a/include/grub/mips/linux.h b/include/grub/mips/linux.h
|
||||
new file mode 100644
|
||||
index 0000000..e69de29
|
||||
diff --git a/include/grub/powerpc/linux.h b/include/grub/powerpc/linux.h
|
||||
new file mode 100644
|
||||
index 0000000..e69de29
|
||||
diff --git a/include/grub/sparc64/linux.h b/include/grub/sparc64/linux.h
|
||||
new file mode 100644
|
||||
index 0000000..e69de29
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From a33e256429267872f469a2d3d1e36ac3721369b3 Mon Sep 17 00:00:00 2001
|
||||
From 5a0d703884a73f93a68753c6ed64bdf08797c82a Mon Sep 17 00:00:00 2001
|
||||
From: Hector Marco-Gisbert <hecmargi@upv.es>
|
||||
Date: Fri, 13 Nov 2015 16:21:09 +0100
|
||||
Subject: [PATCH 75/85] Fix security issue when reading username and password
|
||||
Subject: [PATCH 72/90] Fix security issue when reading username and password
|
||||
|
||||
This patch fixes two integer underflows at:
|
||||
* grub-core/lib/crypto.c
|
||||
@ -43,5 +43,5 @@ index 7338f82..6d6dc7d 100644
|
||||
if (cur_len)
|
||||
{
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 9e51bd34baf8c705380abb4dc4b3847c11c93829 Mon Sep 17 00:00:00 2001
|
||||
From c37a4f02e5fd0c3aa5f54baaeaf32eed0e3c110b Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 27 Jan 2016 09:22:42 -0500
|
||||
Subject: [PATCH 76/85] Make grub_fatal() also backtrace.
|
||||
Subject: [PATCH 73/90] Make grub_fatal() also backtrace.
|
||||
|
||||
---
|
||||
grub-core/Makefile.core.def | 3 ++
|
||||
@ -171,5 +171,5 @@ index c3e03c7..c67273d 100644
|
||||
#include <grub/term.h>
|
||||
#include <grub/backtrace.h>
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 6ef376d234cf06ef3e92d77b03fa4060516a218c Mon Sep 17 00:00:00 2001
|
||||
From 33d11870bbc2fa554fa9344c3c180279c258736a Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Sun, 9 Aug 2015 16:12:39 -0700
|
||||
Subject: [PATCH 80/85] Rework linux command
|
||||
Subject: [PATCH 74/90] Rework linux command
|
||||
|
||||
We want a single buffer that contains the entire kernel image in order to
|
||||
perform a TPM measurement. Allocate one and copy the entire kernel into it
|
||||
@ -103,5 +103,5 @@ index b0afcca..5eb7d17 100644
|
||||
grub_file_close (file);
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 9992eed98ad0d7d66444185a9cd2c81df5b4e1b2 Mon Sep 17 00:00:00 2001
|
||||
From 0b86b309de12b4f3ea920124faa60841ffedf472 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Sun, 9 Aug 2015 16:20:58 -0700
|
||||
Subject: [PATCH 81/85] Rework linux16 command
|
||||
Subject: [PATCH 75/90] Rework linux16 command
|
||||
|
||||
We want a single buffer that contains the entire kernel image in order to
|
||||
perform a TPM measurement. Allocate one and copy the entire kernel int it
|
||||
@ -97,5 +97,5 @@ index 9128315..b864e54 100644
|
||||
grub_file_close (file);
|
||||
|
||||
--
|
||||
2.5.0
|
||||
2.9.3
|
||||
|
30
0076-Make-grub-editenv-build-again.patch
Normal file
30
0076-Make-grub-editenv-build-again.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From edaa6c877917816d57603e26d660107c82ffbb5d Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 4 Mar 2016 16:29:13 -0500
|
||||
Subject: [PATCH 76/90] Make grub-editenv build again.
|
||||
|
||||
36212460d3565b18439a3a8130b28e6c97702c6a split how some of the mkimage
|
||||
utility functions are defined, and they wind up being linked into
|
||||
grub-editenv. Most utilities got fixed, but this one was missed.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
Makefile.util.def | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index 226c46b..8007de9 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -236,6 +236,8 @@ program = {
|
||||
extra_dist = grub-core/osdep/unix/compress.c;
|
||||
extra_dist = grub-core/osdep/basic/compress.c;
|
||||
common = util/mkimage.c;
|
||||
+ common = util/grub-mkimage32.c;
|
||||
+ common = util/grub-mkimage64.c;
|
||||
common = grub-core/osdep/config.c;
|
||||
common = util/config.c;
|
||||
common = util/resolve.c;
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,789 +0,0 @@
|
||||
From 59e54f473afa4e4f67dde8f11a33cb8490496086 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Tue, 14 Jul 2015 17:06:35 -0700
|
||||
Subject: [PATCH 77/85] Core TPM support
|
||||
|
||||
Add support for performing basic TPM measurements. Right now this only
|
||||
supports extending PCRs statically and only on UEFI and BIOS systems, but
|
||||
will measure all modules as they're loaded.
|
||||
---
|
||||
grub-core/Makefile.am | 1 +
|
||||
grub-core/Makefile.core.def | 3 +
|
||||
grub-core/kern/dl.c | 3 +
|
||||
grub-core/kern/efi/tpm.c | 282 +++++++++++++++++++++++++++++++++++++++++++
|
||||
grub-core/kern/i386/pc/tpm.c | 132 ++++++++++++++++++++
|
||||
grub-core/kern/tpm.c | 13 ++
|
||||
include/grub/efi/tpm.h | 153 +++++++++++++++++++++++
|
||||
include/grub/tpm.h | 91 ++++++++++++++
|
||||
8 files changed, 678 insertions(+)
|
||||
create mode 100644 grub-core/kern/efi/tpm.c
|
||||
create mode 100644 grub-core/kern/i386/pc/tpm.c
|
||||
create mode 100644 grub-core/kern/tpm.c
|
||||
create mode 100644 include/grub/efi/tpm.h
|
||||
create mode 100644 include/grub/tpm.h
|
||||
|
||||
diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am
|
||||
index fd715a8..d082933 100644
|
||||
--- a/grub-core/Makefile.am
|
||||
+++ b/grub-core/Makefile.am
|
||||
@@ -93,6 +93,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/term.h
|
||||
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/time.h
|
||||
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/mm_private.h
|
||||
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/net.h
|
||||
+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/tpm.h
|
||||
KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/memory.h
|
||||
|
||||
if COND_i386_pc
|
||||
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
|
||||
index 990e41b..9fa9790 100644
|
||||
--- a/grub-core/Makefile.core.def
|
||||
+++ b/grub-core/Makefile.core.def
|
||||
@@ -126,6 +126,7 @@ kernel = {
|
||||
common = kern/rescue_parser.c;
|
||||
common = kern/rescue_reader.c;
|
||||
common = kern/term.c;
|
||||
+ common = kern/tpm.c;
|
||||
|
||||
noemu = kern/compiler-rt.c;
|
||||
noemu = kern/mm.c;
|
||||
@@ -177,6 +178,7 @@ kernel = {
|
||||
efi = kern/acpi.c;
|
||||
efi = kern/efi/acpi.c;
|
||||
efi = lib/envblk.c;
|
||||
+ efi = kern/efi/tpm.c;
|
||||
i386_coreboot = kern/i386/pc/acpi.c;
|
||||
i386_multiboot = kern/i386/pc/acpi.c;
|
||||
i386_coreboot = kern/acpi.c;
|
||||
@@ -222,6 +224,7 @@ kernel = {
|
||||
|
||||
i386_pc = kern/i386/pc/init.c;
|
||||
i386_pc = kern/i386/pc/mmap.c;
|
||||
+ i386_pc = kern/i386/pc/tpm.c;
|
||||
i386_pc = term/i386/pc/console.c;
|
||||
|
||||
i386_qemu = bus/pci.c;
|
||||
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
|
||||
index 04e804d..247cd0a 100644
|
||||
--- a/grub-core/kern/dl.c
|
||||
+++ b/grub-core/kern/dl.c
|
||||
@@ -32,6 +32,7 @@
|
||||
#include <grub/env.h>
|
||||
#include <grub/cache.h>
|
||||
#include <grub/i18n.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
/* Platforms where modules are in a readonly area of memory. */
|
||||
#if defined(GRUB_MACHINE_QEMU)
|
||||
@@ -733,6 +734,8 @@ grub_dl_load_file (const char *filename)
|
||||
opens of the same device. */
|
||||
grub_file_close (file);
|
||||
|
||||
+ grub_tpm_measure(core, size, GRUB_TPM_PCR, filename);
|
||||
+
|
||||
mod = grub_dl_load_core (core, size);
|
||||
grub_free (core);
|
||||
if (! mod)
|
||||
diff --git a/grub-core/kern/efi/tpm.c b/grub-core/kern/efi/tpm.c
|
||||
new file mode 100644
|
||||
index 0000000..c9fb3c1
|
||||
--- /dev/null
|
||||
+++ b/grub-core/kern/efi/tpm.c
|
||||
@@ -0,0 +1,282 @@
|
||||
+#include <grub/err.h>
|
||||
+#include <grub/i18n.h>
|
||||
+#include <grub/efi/api.h>
|
||||
+#include <grub/efi/efi.h>
|
||||
+#include <grub/efi/tpm.h>
|
||||
+#include <grub/mm.h>
|
||||
+#include <grub/tpm.h>
|
||||
+#include <grub/term.h>
|
||||
+
|
||||
+static grub_efi_guid_t tpm_guid = EFI_TPM_GUID;
|
||||
+static grub_efi_guid_t tpm2_guid = EFI_TPM2_GUID;
|
||||
+
|
||||
+static grub_efi_boolean_t grub_tpm_present(grub_efi_tpm_protocol_t *tpm)
|
||||
+{
|
||||
+ grub_efi_status_t status;
|
||||
+ TCG_EFI_BOOT_SERVICE_CAPABILITY caps;
|
||||
+ grub_uint32_t flags;
|
||||
+ grub_efi_physical_address_t eventlog, lastevent;
|
||||
+
|
||||
+ caps.Size = (grub_uint8_t)sizeof(caps);
|
||||
+
|
||||
+ status = efi_call_5(tpm->status_check, tpm, &caps, &flags, &eventlog,
|
||||
+ &lastevent);
|
||||
+
|
||||
+ if (status != GRUB_EFI_SUCCESS || caps.TPMDeactivatedFlag
|
||||
+ || !caps.TPMPresentFlag)
|
||||
+ return 0;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static grub_efi_boolean_t grub_tpm2_present(grub_efi_tpm2_protocol_t *tpm)
|
||||
+{
|
||||
+ grub_efi_status_t status;
|
||||
+ EFI_TCG2_BOOT_SERVICE_CAPABILITY caps;
|
||||
+
|
||||
+ caps.Size = (grub_uint8_t)sizeof(caps);
|
||||
+
|
||||
+ status = efi_call_2(tpm->get_capability, tpm, &caps);
|
||||
+
|
||||
+ if (status != GRUB_EFI_SUCCESS || !caps.TPMPresentFlag)
|
||||
+ return 0;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static grub_efi_boolean_t grub_tpm_handle_find(grub_efi_handle_t *tpm_handle,
|
||||
+ grub_efi_uint8_t *protocol_version)
|
||||
+{
|
||||
+ grub_efi_handle_t *handles;
|
||||
+ grub_efi_uintn_t num_handles;
|
||||
+
|
||||
+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm_guid, NULL,
|
||||
+ &num_handles);
|
||||
+ if (handles && num_handles > 0) {
|
||||
+ *tpm_handle = handles[0];
|
||||
+ *protocol_version = 1;
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &tpm2_guid, NULL,
|
||||
+ &num_handles);
|
||||
+ if (handles && num_handles > 0) {
|
||||
+ *tpm_handle = handles[0];
|
||||
+ *protocol_version = 2;
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static grub_err_t
|
||||
+grub_tpm1_execute(grub_efi_handle_t tpm_handle,
|
||||
+ PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf)
|
||||
+{
|
||||
+ grub_efi_status_t status;
|
||||
+ grub_efi_tpm_protocol_t *tpm;
|
||||
+ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn);
|
||||
+ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut);
|
||||
+
|
||||
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid,
|
||||
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
|
||||
+
|
||||
+ if (!grub_tpm_present(tpm))
|
||||
+ return 0;
|
||||
+
|
||||
+ /* UEFI TPM protocol takes the raw operand block, no param block header */
|
||||
+ status = efi_call_5 (tpm->pass_through_to_tpm, tpm,
|
||||
+ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn,
|
||||
+ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut);
|
||||
+
|
||||
+ switch (status) {
|
||||
+ case GRUB_EFI_SUCCESS:
|
||||
+ return 0;
|
||||
+ case GRUB_EFI_DEVICE_ERROR:
|
||||
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
|
||||
+ case GRUB_EFI_INVALID_PARAMETER:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
|
||||
+ case GRUB_EFI_BUFFER_TOO_SMALL:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
|
||||
+ case GRUB_EFI_NOT_FOUND:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
|
||||
+ default:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static grub_err_t
|
||||
+grub_tpm2_execute(grub_efi_handle_t tpm_handle,
|
||||
+ PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf)
|
||||
+{
|
||||
+ grub_efi_status_t status;
|
||||
+ grub_efi_tpm2_protocol_t *tpm;
|
||||
+ grub_uint32_t inhdrsize = sizeof(*inbuf) - sizeof(inbuf->TPMOperandIn);
|
||||
+ grub_uint32_t outhdrsize = sizeof(*outbuf) - sizeof(outbuf->TPMOperandOut);
|
||||
+
|
||||
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid,
|
||||
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
|
||||
+
|
||||
+ if (!grub_tpm2_present(tpm))
|
||||
+ return 0;
|
||||
+
|
||||
+ /* UEFI TPM protocol takes the raw operand block, no param block header */
|
||||
+ status = efi_call_5 (tpm->submit_command, tpm,
|
||||
+ inbuf->IPBLength - inhdrsize, inbuf->TPMOperandIn,
|
||||
+ outbuf->OPBLength - outhdrsize, outbuf->TPMOperandOut);
|
||||
+
|
||||
+ switch (status) {
|
||||
+ case GRUB_EFI_SUCCESS:
|
||||
+ return 0;
|
||||
+ case GRUB_EFI_DEVICE_ERROR:
|
||||
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
|
||||
+ case GRUB_EFI_INVALID_PARAMETER:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
|
||||
+ case GRUB_EFI_BUFFER_TOO_SMALL:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
|
||||
+ case GRUB_EFI_NOT_FOUND:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
|
||||
+ default:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+grub_err_t
|
||||
+grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf)
|
||||
+{
|
||||
+ grub_efi_handle_t tpm_handle;
|
||||
+ grub_uint8_t protocol_version;
|
||||
+
|
||||
+ /* It's not a hard failure for there to be no TPM */
|
||||
+ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (protocol_version == 1) {
|
||||
+ return grub_tpm1_execute(tpm_handle, inbuf, outbuf);
|
||||
+ } else {
|
||||
+ return grub_tpm2_execute(tpm_handle, inbuf, outbuf);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_uint32_t pcrindex;
|
||||
+ grub_uint32_t eventtype;
|
||||
+ grub_uint8_t digest[20];
|
||||
+ grub_uint32_t eventsize;
|
||||
+ grub_uint8_t event[1];
|
||||
+} Event;
|
||||
+
|
||||
+
|
||||
+static grub_err_t
|
||||
+grub_tpm1_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf,
|
||||
+ grub_size_t size, grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ Event *event;
|
||||
+ grub_efi_status_t status;
|
||||
+ grub_efi_tpm_protocol_t *tpm;
|
||||
+ grub_efi_physical_address_t lastevent;
|
||||
+ grub_uint32_t algorithm;
|
||||
+ grub_uint32_t eventnum = 0;
|
||||
+
|
||||
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm_guid,
|
||||
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
|
||||
+
|
||||
+ if (!grub_tpm_present(tpm))
|
||||
+ return 0;
|
||||
+
|
||||
+ event = grub_zalloc(sizeof (Event) + grub_strlen(description) + 1);
|
||||
+ if (!event)
|
||||
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
|
||||
+ N_("cannot allocate TPM event buffer"));
|
||||
+
|
||||
+ event->pcrindex = pcr;
|
||||
+ event->eventtype = EV_IPL;
|
||||
+ event->eventsize = grub_strlen(description) + 1;
|
||||
+ grub_memcpy(event->event, description, event->eventsize);
|
||||
+
|
||||
+ algorithm = TCG_ALG_SHA;
|
||||
+ status = efi_call_7 (tpm->log_extend_event, tpm, buf, (grub_uint64_t) size,
|
||||
+ algorithm, event, &eventnum, &lastevent);
|
||||
+
|
||||
+ switch (status) {
|
||||
+ case GRUB_EFI_SUCCESS:
|
||||
+ return 0;
|
||||
+ case GRUB_EFI_DEVICE_ERROR:
|
||||
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
|
||||
+ case GRUB_EFI_INVALID_PARAMETER:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
|
||||
+ case GRUB_EFI_BUFFER_TOO_SMALL:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
|
||||
+ case GRUB_EFI_NOT_FOUND:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
|
||||
+ default:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static grub_err_t
|
||||
+grub_tpm2_log_event(grub_efi_handle_t tpm_handle, unsigned char *buf,
|
||||
+ grub_size_t size, grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ EFI_TCG2_EVENT *event;
|
||||
+ grub_efi_status_t status;
|
||||
+ grub_efi_tpm2_protocol_t *tpm;
|
||||
+
|
||||
+ tpm = grub_efi_open_protocol (tpm_handle, &tpm2_guid,
|
||||
+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL);
|
||||
+
|
||||
+ if (!grub_tpm2_present(tpm))
|
||||
+ return 0;
|
||||
+
|
||||
+ event = grub_zalloc(sizeof (EFI_TCG2_EVENT) + grub_strlen(description) + 1);
|
||||
+ if (!event)
|
||||
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
|
||||
+ N_("cannot allocate TPM event buffer"));
|
||||
+
|
||||
+ event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
|
||||
+ event->Header.HeaderVersion = 1;
|
||||
+ event->Header.PCRIndex = pcr;
|
||||
+ event->Header.EventType = EV_IPL;
|
||||
+ event->Size = sizeof(*event) - sizeof(event->Event) + grub_strlen(description) + 1;
|
||||
+ grub_memcpy(event->Event, description, grub_strlen(description) + 1);
|
||||
+
|
||||
+ status = efi_call_5 (tpm->hash_log_extend_event, tpm, 0, buf,
|
||||
+ (grub_uint64_t) size, event);
|
||||
+
|
||||
+ switch (status) {
|
||||
+ case GRUB_EFI_SUCCESS:
|
||||
+ return 0;
|
||||
+ case GRUB_EFI_DEVICE_ERROR:
|
||||
+ return grub_error (GRUB_ERR_IO, N_("Command failed"));
|
||||
+ case GRUB_EFI_INVALID_PARAMETER:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Invalid parameter"));
|
||||
+ case GRUB_EFI_BUFFER_TOO_SMALL:
|
||||
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Output buffer too small"));
|
||||
+ case GRUB_EFI_NOT_FOUND:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("TPM unavailable"));
|
||||
+ default:
|
||||
+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("Unknown TPM error"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+grub_err_t
|
||||
+grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ grub_efi_handle_t tpm_handle;
|
||||
+ grub_efi_uint8_t protocol_version;
|
||||
+
|
||||
+ if (!grub_tpm_handle_find(&tpm_handle, &protocol_version))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (protocol_version == 1) {
|
||||
+ return grub_tpm1_log_event(tpm_handle, buf, size, pcr, description);
|
||||
+ } else {
|
||||
+ return grub_tpm2_log_event(tpm_handle, buf, size, pcr, description);
|
||||
+ }
|
||||
+}
|
||||
diff --git a/grub-core/kern/i386/pc/tpm.c b/grub-core/kern/i386/pc/tpm.c
|
||||
new file mode 100644
|
||||
index 0000000..8c6c1e6
|
||||
--- /dev/null
|
||||
+++ b/grub-core/kern/i386/pc/tpm.c
|
||||
@@ -0,0 +1,132 @@
|
||||
+#include <grub/err.h>
|
||||
+#include <grub/i18n.h>
|
||||
+#include <grub/mm.h>
|
||||
+#include <grub/tpm.h>
|
||||
+#include <grub/misc.h>
|
||||
+#include <grub/i386/pc/int.h>
|
||||
+
|
||||
+#define TCPA_MAGIC 0x41504354
|
||||
+
|
||||
+int tpm_present(void);
|
||||
+
|
||||
+int tpm_present(void)
|
||||
+{
|
||||
+ struct grub_bios_int_registers regs;
|
||||
+
|
||||
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
|
||||
+ regs.eax = 0xbb00;
|
||||
+ regs.ebx = TCPA_MAGIC;
|
||||
+ grub_bios_interrupt (0x1a, ®s);
|
||||
+
|
||||
+ if (regs.eax == 0)
|
||||
+ return 1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+grub_err_t
|
||||
+grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf)
|
||||
+{
|
||||
+ struct grub_bios_int_registers regs;
|
||||
+ grub_addr_t inaddr, outaddr;
|
||||
+
|
||||
+ if (!tpm_present())
|
||||
+ return 0;
|
||||
+
|
||||
+ inaddr = (grub_addr_t) inbuf;
|
||||
+ outaddr = (grub_addr_t) outbuf;
|
||||
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
|
||||
+ regs.eax = 0xbb02;
|
||||
+ regs.ebx = TCPA_MAGIC;
|
||||
+ regs.ecx = 0;
|
||||
+ regs.edx = 0;
|
||||
+ regs.es = (inaddr & 0xffff0000) >> 4;
|
||||
+ regs.edi = inaddr & 0xffff;
|
||||
+ regs.ds = outaddr >> 4;
|
||||
+ regs.esi = outaddr & 0xf;
|
||||
+
|
||||
+ grub_bios_interrupt (0x1a, ®s);
|
||||
+
|
||||
+ if (regs.eax)
|
||||
+ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_uint32_t pcrindex;
|
||||
+ grub_uint32_t eventtype;
|
||||
+ grub_uint8_t digest[20];
|
||||
+ grub_uint32_t eventdatasize;
|
||||
+ grub_uint8_t event[0];
|
||||
+} GRUB_PACKED Event;
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_uint16_t ipblength;
|
||||
+ grub_uint16_t reserved;
|
||||
+ grub_uint32_t hashdataptr;
|
||||
+ grub_uint32_t hashdatalen;
|
||||
+ grub_uint32_t pcr;
|
||||
+ grub_uint32_t reserved2;
|
||||
+ grub_uint32_t logdataptr;
|
||||
+ grub_uint32_t logdatalen;
|
||||
+} GRUB_PACKED EventIncoming;
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_uint16_t opblength;
|
||||
+ grub_uint16_t reserved;
|
||||
+ grub_uint32_t eventnum;
|
||||
+ grub_uint8_t hashvalue[20];
|
||||
+} GRUB_PACKED EventOutgoing;
|
||||
+
|
||||
+grub_err_t
|
||||
+grub_tpm_log_event(unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ struct grub_bios_int_registers regs;
|
||||
+ EventIncoming incoming;
|
||||
+ EventOutgoing outgoing;
|
||||
+ Event *event;
|
||||
+ grub_uint32_t datalength;
|
||||
+
|
||||
+ if (!tpm_present())
|
||||
+ return 0;
|
||||
+
|
||||
+ datalength = grub_strlen(description);
|
||||
+ event = grub_zalloc(datalength + sizeof(Event));
|
||||
+ if (!event)
|
||||
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
|
||||
+ N_("cannot allocate TPM event buffer"));
|
||||
+
|
||||
+ event->pcrindex = pcr;
|
||||
+ event->eventtype = 0x0d;
|
||||
+ event->eventdatasize = grub_strlen(description);
|
||||
+ grub_memcpy(event->event, description, datalength);
|
||||
+
|
||||
+ incoming.ipblength = sizeof(incoming);
|
||||
+ incoming.hashdataptr = (grub_uint32_t)buf;
|
||||
+ incoming.hashdatalen = size;
|
||||
+ incoming.pcr = pcr;
|
||||
+ incoming.logdataptr = (grub_uint32_t)event;
|
||||
+ incoming.logdatalen = datalength + sizeof(Event);
|
||||
+
|
||||
+ regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
|
||||
+ regs.eax = 0xbb01;
|
||||
+ regs.ebx = TCPA_MAGIC;
|
||||
+ regs.ecx = 0;
|
||||
+ regs.edx = 0;
|
||||
+ regs.es = (((grub_addr_t) &incoming) & 0xffff0000) >> 4;
|
||||
+ regs.edi = ((grub_addr_t) &incoming) & 0xffff;
|
||||
+ regs.ds = (((grub_addr_t) &outgoing) & 0xffff0000) >> 4;
|
||||
+ regs.esi = ((grub_addr_t) &outgoing) & 0xffff;
|
||||
+
|
||||
+ grub_bios_interrupt (0x1a, ®s);
|
||||
+
|
||||
+ grub_free(event);
|
||||
+
|
||||
+ if (regs.eax)
|
||||
+ return grub_error (GRUB_ERR_IO, N_("TPM error %x\n"), regs.eax);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
diff --git a/grub-core/kern/tpm.c b/grub-core/kern/tpm.c
|
||||
new file mode 100644
|
||||
index 0000000..1a99187
|
||||
--- /dev/null
|
||||
+++ b/grub-core/kern/tpm.c
|
||||
@@ -0,0 +1,13 @@
|
||||
+#include <grub/err.h>
|
||||
+#include <grub/i18n.h>
|
||||
+#include <grub/misc.h>
|
||||
+#include <grub/mm.h>
|
||||
+#include <grub/tpm.h>
|
||||
+#include <grub/term.h>
|
||||
+
|
||||
+grub_err_t
|
||||
+grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ return grub_tpm_log_event(buf, size, pcr, description);
|
||||
+}
|
||||
diff --git a/include/grub/efi/tpm.h b/include/grub/efi/tpm.h
|
||||
new file mode 100644
|
||||
index 0000000..e2aff4a
|
||||
--- /dev/null
|
||||
+++ b/include/grub/efi/tpm.h
|
||||
@@ -0,0 +1,153 @@
|
||||
+/*
|
||||
+ * GRUB -- GRand Unified Bootloader
|
||||
+ * Copyright (C) 2015 Free Software Foundation, Inc.
|
||||
+ *
|
||||
+ * GRUB is free software: you can redistribute it and/or modify
|
||||
+ * it under the terms of the GNU General Public License as published by
|
||||
+ * the Free Software Foundation, either version 3 of the License, or
|
||||
+ * (at your option) any later version.
|
||||
+ *
|
||||
+ * GRUB is distributed in the hope that it will be useful,
|
||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+ * GNU General Public License for more details.
|
||||
+ *
|
||||
+ * You should have received a copy of the GNU General Public License
|
||||
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
||||
+ */
|
||||
+
|
||||
+#ifndef GRUB_EFI_TPM_HEADER
|
||||
+#define GRUB_EFI_TPM_HEADER 1
|
||||
+
|
||||
+#define EFI_TPM_GUID {0xf541796d, 0xa62e, 0x4954, {0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd }};
|
||||
+#define EFI_TPM2_GUID {0x607f766c, 0x7455, 0x42be, {0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }};
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_efi_uint8_t Major;
|
||||
+ grub_efi_uint8_t Minor;
|
||||
+ grub_efi_uint8_t RevMajor;
|
||||
+ grub_efi_uint8_t RevMinor;
|
||||
+} TCG_VERSION;
|
||||
+
|
||||
+typedef struct _TCG_EFI_BOOT_SERVICE_CAPABILITY {
|
||||
+ grub_efi_uint8_t Size; /// Size of this structure.
|
||||
+ TCG_VERSION StructureVersion;
|
||||
+ TCG_VERSION ProtocolSpecVersion;
|
||||
+ grub_efi_uint8_t HashAlgorithmBitmap; /// Hash algorithms .
|
||||
+ char TPMPresentFlag; /// 00h = TPM not present.
|
||||
+ char TPMDeactivatedFlag; /// 01h = TPM currently deactivated.
|
||||
+} TCG_EFI_BOOT_SERVICE_CAPABILITY;
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_efi_uint32_t PCRIndex;
|
||||
+ grub_efi_uint32_t EventType;
|
||||
+ grub_efi_uint8_t digest[20];
|
||||
+ grub_efi_uint32_t EventSize;
|
||||
+ grub_efi_uint8_t Event[1];
|
||||
+} TCG_PCR_EVENT;
|
||||
+
|
||||
+struct grub_efi_tpm_protocol
|
||||
+{
|
||||
+ grub_efi_status_t (*status_check) (struct grub_efi_tpm_protocol *this,
|
||||
+ TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability,
|
||||
+ grub_efi_uint32_t *TCGFeatureFlags,
|
||||
+ grub_efi_physical_address_t *EventLogLocation,
|
||||
+ grub_efi_physical_address_t *EventLogLastEntry);
|
||||
+ grub_efi_status_t (*hash_all) (struct grub_efi_tpm_protocol *this,
|
||||
+ grub_efi_uint8_t *HashData,
|
||||
+ grub_efi_uint64_t HashLen,
|
||||
+ grub_efi_uint32_t AlgorithmId,
|
||||
+ grub_efi_uint64_t *HashedDataLen,
|
||||
+ grub_efi_uint8_t **HashedDataResult);
|
||||
+ grub_efi_status_t (*log_event) (struct grub_efi_tpm_protocol *this,
|
||||
+ TCG_PCR_EVENT *TCGLogData,
|
||||
+ grub_efi_uint32_t *EventNumber,
|
||||
+ grub_efi_uint32_t Flags);
|
||||
+ grub_efi_status_t (*pass_through_to_tpm) (struct grub_efi_tpm_protocol *this,
|
||||
+ grub_efi_uint32_t TpmInputParameterBlockSize,
|
||||
+ grub_efi_uint8_t *TpmInputParameterBlock,
|
||||
+ grub_efi_uint32_t TpmOutputParameterBlockSize,
|
||||
+ grub_efi_uint8_t *TpmOutputParameterBlock);
|
||||
+ grub_efi_status_t (*log_extend_event) (struct grub_efi_tpm_protocol *this,
|
||||
+ grub_efi_physical_address_t HashData,
|
||||
+ grub_efi_uint64_t HashDataLen,
|
||||
+ grub_efi_uint32_t AlgorithmId,
|
||||
+ TCG_PCR_EVENT *TCGLogData,
|
||||
+ grub_efi_uint32_t *EventNumber,
|
||||
+ grub_efi_physical_address_t *EventLogLastEntry);
|
||||
+};
|
||||
+
|
||||
+typedef struct grub_efi_tpm_protocol grub_efi_tpm_protocol_t;
|
||||
+
|
||||
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_BITMAP;
|
||||
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_LOG_FORMAT;
|
||||
+typedef grub_efi_uint32_t EFI_TCG2_EVENT_ALGORITHM_BITMAP;
|
||||
+
|
||||
+typedef struct tdEFI_TCG2_VERSION {
|
||||
+ grub_efi_uint8_t Major;
|
||||
+ grub_efi_uint8_t Minor;
|
||||
+} GRUB_PACKED EFI_TCG2_VERSION;
|
||||
+
|
||||
+typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
|
||||
+ grub_efi_uint8_t Size;
|
||||
+ EFI_TCG2_VERSION StructureVersion;
|
||||
+ EFI_TCG2_VERSION ProtocolVersion;
|
||||
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
|
||||
+ EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
|
||||
+ grub_efi_boolean_t TPMPresentFlag;
|
||||
+ grub_efi_uint16_t MaxCommandSize;
|
||||
+ grub_efi_uint16_t MaxResponseSize;
|
||||
+ grub_efi_uint32_t ManufacturerID;
|
||||
+ grub_efi_uint32_t NumberOfPcrBanks;
|
||||
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
|
||||
+} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
|
||||
+
|
||||
+typedef grub_efi_uint32_t TCG_PCRINDEX;
|
||||
+typedef grub_efi_uint32_t TCG_EVENTTYPE;
|
||||
+
|
||||
+typedef struct tdEFI_TCG2_EVENT_HEADER {
|
||||
+ grub_efi_uint32_t HeaderSize;
|
||||
+ grub_efi_uint16_t HeaderVersion;
|
||||
+ TCG_PCRINDEX PCRIndex;
|
||||
+ TCG_EVENTTYPE EventType;
|
||||
+} GRUB_PACKED EFI_TCG2_EVENT_HEADER;
|
||||
+
|
||||
+typedef struct tdEFI_TCG2_EVENT {
|
||||
+ grub_efi_uint32_t Size;
|
||||
+ EFI_TCG2_EVENT_HEADER Header;
|
||||
+ grub_efi_uint8_t Event[1];
|
||||
+} GRUB_PACKED EFI_TCG2_EVENT;
|
||||
+
|
||||
+struct grub_efi_tpm2_protocol
|
||||
+{
|
||||
+ grub_efi_status_t (*get_capability) (struct grub_efi_tpm2_protocol *this,
|
||||
+ EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability);
|
||||
+ grub_efi_status_t (*get_event_log) (struct grub_efi_tpm2_protocol *this,
|
||||
+ EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
|
||||
+ grub_efi_physical_address_t *EventLogLocation,
|
||||
+ grub_efi_physical_address_t *EventLogLastEntry,
|
||||
+ grub_efi_boolean_t *EventLogTruncated);
|
||||
+ grub_efi_status_t (*hash_log_extend_event) (struct grub_efi_tpm2_protocol *this,
|
||||
+ grub_efi_uint64_t Flags,
|
||||
+ grub_efi_physical_address_t *DataToHash,
|
||||
+ grub_efi_uint64_t DataToHashLen,
|
||||
+ EFI_TCG2_EVENT *EfiTcgEvent);
|
||||
+ grub_efi_status_t (*submit_command) (struct grub_efi_tpm2_protocol *this,
|
||||
+ grub_efi_uint32_t InputParameterBlockSize,
|
||||
+ grub_efi_uint8_t *InputParameterBlock,
|
||||
+ grub_efi_uint32_t OutputParameterBlockSize,
|
||||
+ grub_efi_uint8_t *OutputParameterBlock);
|
||||
+ grub_efi_status_t (*get_active_pcr_blanks) (struct grub_efi_tpm2_protocol *this,
|
||||
+ grub_efi_uint32_t *ActivePcrBanks);
|
||||
+ grub_efi_status_t (*set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this,
|
||||
+ grub_efi_uint32_t ActivePcrBanks);
|
||||
+ grub_efi_status_t (*get_result_of_set_active_pcr_banks) (struct grub_efi_tpm2_protocol *this,
|
||||
+ grub_efi_uint32_t *OperationPresent,
|
||||
+ grub_efi_uint32_t *Response);
|
||||
+};
|
||||
+
|
||||
+typedef struct grub_efi_tpm2_protocol grub_efi_tpm2_protocol_t;
|
||||
+
|
||||
+#define TCG_ALG_SHA 0x00000004
|
||||
+
|
||||
+#endif
|
||||
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
|
||||
new file mode 100644
|
||||
index 0000000..40d3cf6
|
||||
--- /dev/null
|
||||
+++ b/include/grub/tpm.h
|
||||
@@ -0,0 +1,91 @@
|
||||
+/*
|
||||
+ * GRUB -- GRand Unified Bootloader
|
||||
+ * Copyright (C) 2015 Free Software Foundation, Inc.
|
||||
+ *
|
||||
+ * GRUB is free software: you can redistribute it and/or modify
|
||||
+ * it under the terms of the GNU General Public License as published by
|
||||
+ * the Free Software Foundation, either version 3 of the License, or
|
||||
+ * (at your option) any later version.
|
||||
+ *
|
||||
+ * GRUB is distributed in the hope that it will be useful,
|
||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+ * GNU General Public License for more details.
|
||||
+ *
|
||||
+ * You should have received a copy of the GNU General Public License
|
||||
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
||||
+ */
|
||||
+
|
||||
+#ifndef GRUB_TPM_HEADER
|
||||
+#define GRUB_TPM_HEADER 1
|
||||
+
|
||||
+#define SHA1_DIGEST_SIZE 20
|
||||
+
|
||||
+#define TPM_BASE 0x0
|
||||
+#define TPM_SUCCESS TPM_BASE
|
||||
+#define TPM_AUTHFAIL (TPM_BASE + 0x1)
|
||||
+#define TPM_BADINDEX (TPM_BASE + 0x2)
|
||||
+
|
||||
+#define GRUB_TPM_PCR 9
|
||||
+#define GRUB_KERNEL_PCR 10
|
||||
+#define GRUB_INITRD_PCR 11
|
||||
+#define GRUB_CMDLINE_PCR 12
|
||||
+
|
||||
+#define TPM_TAG_RQU_COMMAND 0x00C1
|
||||
+#define TPM_ORD_Extend 0x14
|
||||
+
|
||||
+#define EV_IPL 0x0d
|
||||
+
|
||||
+/* TCG_PassThroughToTPM Input Parameter Block */
|
||||
+typedef struct {
|
||||
+ grub_uint16_t IPBLength;
|
||||
+ grub_uint16_t Reserved1;
|
||||
+ grub_uint16_t OPBLength;
|
||||
+ grub_uint16_t Reserved2;
|
||||
+ grub_uint8_t TPMOperandIn[1];
|
||||
+} GRUB_PACKED PassThroughToTPM_InputParamBlock;
|
||||
+
|
||||
+/* TCG_PassThroughToTPM Output Parameter Block */
|
||||
+typedef struct {
|
||||
+ grub_uint16_t OPBLength;
|
||||
+ grub_uint16_t Reserved;
|
||||
+ grub_uint8_t TPMOperandOut[1];
|
||||
+} GRUB_PACKED PassThroughToTPM_OutputParamBlock;
|
||||
+
|
||||
+typedef struct {
|
||||
+ grub_uint16_t tag;
|
||||
+ grub_uint32_t paramSize;
|
||||
+ grub_uint32_t ordinal;
|
||||
+ grub_uint32_t pcrNum;
|
||||
+ grub_uint8_t inDigest[SHA1_DIGEST_SIZE]; /* The 160 bit value representing the event to be recorded. */
|
||||
+} GRUB_PACKED ExtendIncoming;
|
||||
+
|
||||
+/* TPM_Extend Outgoing Operand */
|
||||
+typedef struct {
|
||||
+ grub_uint16_t tag;
|
||||
+ grub_uint32_t paramSize;
|
||||
+ grub_uint32_t returnCode;
|
||||
+ grub_uint8_t outDigest[SHA1_DIGEST_SIZE]; /* The PCR value after execution of the command. */
|
||||
+} GRUB_PACKED ExtendOutgoing;
|
||||
+
|
||||
+grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size,
|
||||
+ grub_uint8_t pcr,
|
||||
+ const char *description);
|
||||
+#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_PCBIOS)
|
||||
+grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf);
|
||||
+grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,
|
||||
+ grub_uint8_t pcr, const char *description);
|
||||
+#else
|
||||
+static inline grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
|
||||
+ PassThroughToTPM_OutputParamBlock *outbuf) { return 0; };
|
||||
+static inline grub_err_t grub_tpm_log_event(unsigned char *buf,
|
||||
+ grub_size_t size,
|
||||
+ grub_uint8_t pcr,
|
||||
+ const char *description)
|
||||
+{
|
||||
+ return 0;
|
||||
+};
|
||||
+#endif
|
||||
+
|
||||
+#endif
|
||||
--
|
||||
2.5.0
|
||||
|
30
0077-Fix-locale-issue-in-grub-setpassword-1294243.patch
Normal file
30
0077-Fix-locale-issue-in-grub-setpassword-1294243.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From d2f552900d87b62ca0dbc740902d561bc32f32be Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Fri, 29 Jan 2016 17:34:02 -0500
|
||||
Subject: [PATCH 77/90] Fix locale issue in grub-setpassword (#1294243)
|
||||
|
||||
A shell substitution was expecting non-translated output to grab the
|
||||
hashed password and put it in the user.cfg file. Modified code to force
|
||||
the generic C locale when this particular piece of code is run.
|
||||
|
||||
Resolves: rhbz#1294243
|
||||
---
|
||||
util/grub-setpassword.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
|
||||
index dd76f00..2923f43 100644
|
||||
--- a/util/grub-setpassword.in
|
||||
+++ b/util/grub-setpassword.in
|
||||
@@ -105,7 +105,7 @@ getpass() {
|
||||
P1="$1" && shift
|
||||
|
||||
( echo ${P0} ; echo ${P1} ) | \
|
||||
- ${grub_mkpasswd} | \
|
||||
+ LC_ALL=C ${grub_mkpasswd} | \
|
||||
grep -v '[eE]nter password:' | \
|
||||
sed -e "s/PBKDF2 hash of your password is //"
|
||||
}
|
||||
--
|
||||
2.9.3
|
||||
|
153
0078-Fix-up-some-man-pages-rpmdiff-noticed.patch
Normal file
153
0078-Fix-up-some-man-pages-rpmdiff-noticed.patch
Normal file
@ -0,0 +1,153 @@
|
||||
From 216188f920d3ade19626d6e8fe450cea2c427e53 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 23 Sep 2014 09:58:49 -0400
|
||||
Subject: [PATCH 78/90] Fix up some man pages rpmdiff noticed.
|
||||
|
||||
---
|
||||
configure.ac | 2 ++
|
||||
util/grub-macbless.8 | 26 +++++++++++++++++++
|
||||
util/grub-mkimage.1 | 2 +-
|
||||
util/grub-syslinux2cfg.1 | 65 ++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
4 files changed, 94 insertions(+), 1 deletion(-)
|
||||
create mode 100644 util/grub-macbless.8
|
||||
create mode 100644 util/grub-syslinux2cfg.1
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 67ff20c..25de2c1 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -78,6 +78,7 @@ grub_TRANSFORM([grub-fstest.3])
|
||||
grub_TRANSFORM([grub-glue-efi.3])
|
||||
grub_TRANSFORM([grub-install.1])
|
||||
grub_TRANSFORM([grub-kbdcomp.3])
|
||||
+grub_TRANSFORM([grub-macbless.8])
|
||||
grub_TRANSFORM([grub-menulst2cfg.1])
|
||||
grub_TRANSFORM([grub-mkconfig.1])
|
||||
grub_TRANSFORM([grub-mkfont.3])
|
||||
@@ -96,6 +97,7 @@ grub_TRANSFORM([grub-render-label.3])
|
||||
grub_TRANSFORM([grub-script-check.3])
|
||||
grub_TRANSFORM([grub-set-default.1])
|
||||
grub_TRANSFORM([grub-sparc64-setup.3])
|
||||
+grub_TRANSFORM([grub-syslinux2cfg.1])
|
||||
|
||||
# Optimization flag. Allow user to override.
|
||||
if test "x$TARGET_CFLAGS" = x; then
|
||||
diff --git a/util/grub-macbless.8 b/util/grub-macbless.8
|
||||
new file mode 100644
|
||||
index 0000000..ae842f3
|
||||
--- /dev/null
|
||||
+++ b/util/grub-macbless.8
|
||||
@@ -0,0 +1,26 @@
|
||||
+.TH GRUB-MACBLESS 1 "Wed Feb 26 2014"
|
||||
+.SH NAME
|
||||
+\fBgrub-macbless\fR \(em Mac-style bless utility for HFS or HFS+
|
||||
+
|
||||
+.SH SYNOPSIS
|
||||
+\fBgrub-macbless\fR [-p | --ppc] [-v | --verbose] [-x | --x86] \fIFILE\fR
|
||||
+
|
||||
+.SH DESCRIPTION
|
||||
+\fBgrub-mkimage\fR blesses a file on an HFS or HFS+ file system, so that it
|
||||
+can be used to boot a Mac.
|
||||
+
|
||||
+.SH OPTIONS
|
||||
+.TP
|
||||
+--ppc
|
||||
+Bless the file for use on PPC-based Macs.
|
||||
+
|
||||
+.TP
|
||||
+--verbose
|
||||
+Print verbose messages.
|
||||
+
|
||||
+.TP
|
||||
+--x86
|
||||
+Bless the file for use on x86-based Macs.
|
||||
+
|
||||
+.SH SEE ALSO
|
||||
+.BR "info grub"
|
||||
diff --git a/util/grub-mkimage.1 b/util/grub-mkimage.1
|
||||
index 4dea4f5..0eaaafe 100644
|
||||
--- a/util/grub-mkimage.1
|
||||
+++ b/util/grub-mkimage.1
|
||||
@@ -17,7 +17,7 @@
|
||||
[-v | --verbose] \fIMODULES\fR
|
||||
|
||||
.SH DESCRIPTION
|
||||
-\fBgrub-mkimage\fI builds a bootable image of GRUB.
|
||||
+\fBgrub-mkimage\fR builds a bootable image of GRUB.
|
||||
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
diff --git a/util/grub-syslinux2cfg.1 b/util/grub-syslinux2cfg.1
|
||||
new file mode 100644
|
||||
index 0000000..8530948
|
||||
--- /dev/null
|
||||
+++ b/util/grub-syslinux2cfg.1
|
||||
@@ -0,0 +1,65 @@
|
||||
+.TH GRUB-SYSLINUX2CFG 1 "Wed Feb 26 2014"
|
||||
+.SH NAME
|
||||
+\fBgrub-syslinux2cfg\fR \(em Transform a syslinux config file into a GRUB config.
|
||||
+
|
||||
+.SH SYNOPSIS
|
||||
+\fBgrub-syslinux2cfg\fR [-c | --cwd=\fRDIR\fI] [-r | --root=\fIDIR\fR] [-v | --verbose]
|
||||
+.RE
|
||||
+.RS 25
|
||||
+[-t | --target-root=\fIDIR\fR] [-T | --target-cwd=\fIDIR\fR]
|
||||
+.RE
|
||||
+.RS 25
|
||||
+[-o | --output=\fIFILE\fR] [[-i | --isolinux] |
|
||||
+.RE
|
||||
+.RS 46
|
||||
+ [-s | --syslinux] |
|
||||
+.RE
|
||||
+.RS 46
|
||||
+ [-p | --pxelinux]] \fIFILE\fR
|
||||
+
|
||||
+.SH DESCRIPTION
|
||||
+\fBgrub-syslinux2cfg\fR builds a GRUB configuration file out of an existing
|
||||
+syslinux configuration file.
|
||||
+
|
||||
+.SH OPTIONS
|
||||
+.TP
|
||||
+--cwd=\fIDIR\fR
|
||||
+Set \fIDIR\fR as syslinux's working directory. The default is to use the
|
||||
+parent directory of the input file.
|
||||
+
|
||||
+.TP
|
||||
+--root=\fIDIR\fR
|
||||
+Set \fIDIR\fR as the root directory of the syslinux disk. The default value
|
||||
+is "/".
|
||||
+
|
||||
+.TP
|
||||
+--verbose
|
||||
+Print verbose messages.
|
||||
+
|
||||
+.TP
|
||||
+--target-root=\fIDIR\fR
|
||||
+Root directory as it will be seen at runtime. The default value is "/".
|
||||
+
|
||||
+.TP
|
||||
+--target-cwd=\fIDIR\fR
|
||||
+Working directory of syslinux as it will be seen at runtime. The default
|
||||
+value is the parent directory of the input file.
|
||||
+
|
||||
+.TP
|
||||
+--output=\fIFILE\fR
|
||||
+Write the new config file to \fIFILE\fR. The default value is standard output.
|
||||
+
|
||||
+.TP
|
||||
+--isolinux
|
||||
+Assume that the input file is an isolinux configuration file.
|
||||
+
|
||||
+.TP
|
||||
+--pxelinux
|
||||
+Assume that the input file is a pxelinux configuration file.
|
||||
+
|
||||
+.TP
|
||||
+--syslinux
|
||||
+Assume that the input file is a syslinux configuration file.
|
||||
+
|
||||
+.SH SEE ALSO
|
||||
+.BR "info grub"
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,42 +0,0 @@
|
||||
From 878a4bed6479ccfbde4ba8dc3c2c029f12fba708 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Thu, 16 Jul 2015 15:22:34 -0700
|
||||
Subject: [PATCH 78/85] Measure kernel + initrd
|
||||
|
||||
Measure the kernel and initrd when loaded on UEFI systems
|
||||
---
|
||||
grub-core/loader/i386/efi/linux.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
|
||||
index 7ccf32d..4ee45e9 100644
|
||||
--- a/grub-core/loader/i386/efi/linux.c
|
||||
+++ b/grub-core/loader/i386/efi/linux.c
|
||||
@@ -27,6 +27,7 @@
|
||||
#include <grub/lib/cmdline.h>
|
||||
#include <grub/efi/efi.h>
|
||||
#include <grub/efi/linux.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
GRUB_MOD_LICENSE ("GPLv3+");
|
||||
|
||||
@@ -129,6 +130,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
|
||||
argv[i]);
|
||||
goto fail;
|
||||
}
|
||||
+ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "UEFI Linux initrd");
|
||||
ptr += cursize;
|
||||
grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4));
|
||||
ptr += ALIGN_UP_OVERHEAD (cursize, 4);
|
||||
@@ -184,6 +186,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
goto fail;
|
||||
}
|
||||
|
||||
+ grub_tpm_measure (kernel, filelen, GRUB_KERNEL_PCR, "UEFI Linux kernel");
|
||||
+
|
||||
if (! grub_linuxefi_secure_validate (kernel, filelen))
|
||||
{
|
||||
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
|
||||
--
|
||||
2.5.0
|
||||
|
@ -1,179 +0,0 @@
|
||||
From b727ffaee53c9f3ee9ab1497441e378d77a5af6d Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Sun, 9 Aug 2015 15:48:51 -0700
|
||||
Subject: [PATCH 79/85] Add BIOS boot measurement
|
||||
|
||||
Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware
|
||||
can't do this stage for us.
|
||||
---
|
||||
grub-core/boot/i386/pc/boot.S | 30 +++++++++++++++++++++++++-
|
||||
grub-core/boot/i386/pc/diskboot.S | 44 +++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 73 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/boot/i386/pc/boot.S b/grub-core/boot/i386/pc/boot.S
|
||||
index ea167fe..c1df86d 100644
|
||||
--- a/grub-core/boot/i386/pc/boot.S
|
||||
+++ b/grub-core/boot/i386/pc/boot.S
|
||||
@@ -24,11 +24,14 @@
|
||||
* defines for the code go here
|
||||
*/
|
||||
|
||||
+#define TPM 1
|
||||
+
|
||||
/* Print message string */
|
||||
#define MSG(x) movw $x, %si; call LOCAL(message)
|
||||
#define ERR(x) movw $x, %si; jmp LOCAL(error_message)
|
||||
|
||||
.macro floppy
|
||||
+#ifndef TPM
|
||||
part_start:
|
||||
|
||||
LOCAL(probe_values):
|
||||
@@ -85,6 +88,7 @@ fd_probe_error_string: .asciz "Floppy"
|
||||
movb MACRO_DOLLAR(79), %ch
|
||||
|
||||
jmp LOCAL(final_init)
|
||||
+#endif
|
||||
.endm
|
||||
|
||||
.macro scratch
|
||||
@@ -252,6 +256,7 @@ real_start:
|
||||
/* set %si to the disk address packet */
|
||||
movw $disk_address_packet, %si
|
||||
|
||||
+#ifndef TPM
|
||||
/* check if LBA is supported */
|
||||
movb $0x41, %ah
|
||||
movw $0x55aa, %bx
|
||||
@@ -271,6 +276,7 @@ real_start:
|
||||
|
||||
andw $1, %cx
|
||||
jz LOCAL(chs_mode)
|
||||
+#endif
|
||||
|
||||
LOCAL(lba_mode):
|
||||
xorw %ax, %ax
|
||||
@@ -314,6 +320,9 @@ LOCAL(lba_mode):
|
||||
jmp LOCAL(copy_buffer)
|
||||
|
||||
LOCAL(chs_mode):
|
||||
+#ifdef TPM
|
||||
+ jmp LOCAL(general_error)
|
||||
+#else
|
||||
/*
|
||||
* Determine the hard disk geometry from the BIOS!
|
||||
* We do this first, so that LS-120 IDE floppies work correctly.
|
||||
@@ -425,7 +434,7 @@ setup_sectors:
|
||||
jc LOCAL(read_error)
|
||||
|
||||
movw %es, %bx
|
||||
-
|
||||
+#endif /* TPM */
|
||||
LOCAL(copy_buffer):
|
||||
/*
|
||||
* We need to save %cx and %si because the startup code in
|
||||
@@ -448,6 +457,25 @@ LOCAL(copy_buffer):
|
||||
popw %ds
|
||||
popa
|
||||
|
||||
+#ifdef TPM
|
||||
+ pusha
|
||||
+
|
||||
+ movw $0xBB00, %ax /* TCG_StatusCheck */
|
||||
+ int $0x1A
|
||||
+ test %eax, %eax
|
||||
+ jnz boot /* No TPM or TPM deactivated */
|
||||
+
|
||||
+ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */
|
||||
+ movw $GRUB_BOOT_MACHINE_KERNEL_ADDR, %di
|
||||
+ xorl %esi, %esi
|
||||
+ movl $0x41504354, %ebx /* TCPA */
|
||||
+ movl $0x200, %ecx /* Measure 512 bytes */
|
||||
+ movl $0x8, %edx /* PCR 8 */
|
||||
+ int $0x1A
|
||||
+
|
||||
+ popa
|
||||
+#endif
|
||||
+boot:
|
||||
/* boot kernel */
|
||||
jmp *(LOCAL(kernel_address))
|
||||
|
||||
diff --git a/grub-core/boot/i386/pc/diskboot.S b/grub-core/boot/i386/pc/diskboot.S
|
||||
index c8b87ed..05dd7fa 100644
|
||||
--- a/grub-core/boot/i386/pc/diskboot.S
|
||||
+++ b/grub-core/boot/i386/pc/diskboot.S
|
||||
@@ -19,6 +19,8 @@
|
||||
#include <grub/symbol.h>
|
||||
#include <grub/machine/boot.h>
|
||||
|
||||
+#define TPM 1
|
||||
+
|
||||
/*
|
||||
* defines for the code go here
|
||||
*/
|
||||
@@ -53,6 +55,21 @@ _start:
|
||||
/* this sets up for the first run through "bootloop" */
|
||||
movw $LOCAL(firstlist), %di
|
||||
|
||||
+#ifdef TPM
|
||||
+ /* clear EAX to remove potential garbage */
|
||||
+ xorl %eax, %eax
|
||||
+ /* 8(%di) = number of sectors to read */
|
||||
+ movw 8(%di), %ax
|
||||
+
|
||||
+ /* Multiply number of sectors to read with 512 bytes. EAX is 32bit
|
||||
+ * which is large enough to hold values of up to 4GB. I doubt there
|
||||
+ * will ever be a core.img larger than that. ;-) */
|
||||
+ shll $9, %eax
|
||||
+
|
||||
+ /* write result to bytes_to_measure var */
|
||||
+ movl %eax, bytes_to_measure
|
||||
+#endif
|
||||
+
|
||||
/* save the sector number of the second sector in %ebp */
|
||||
movl (%di), %ebp
|
||||
|
||||
@@ -290,6 +307,29 @@ LOCAL(copy_buffer):
|
||||
/* END OF MAIN LOOP */
|
||||
|
||||
LOCAL(bootit):
|
||||
+#ifdef TPM
|
||||
+ pusha
|
||||
+ movw $0xBB07, %ax /* TCG_CompactHashLogExtendEvent */
|
||||
+
|
||||
+ movw $0x0, %bx
|
||||
+ movw %bx, %es
|
||||
+
|
||||
+ /* We've already measured the first 512 bytes, now measure the rest */
|
||||
+ xorl %edi, %edi
|
||||
+ movw $(GRUB_BOOT_MACHINE_KERNEL_ADDR + 0x200), %di
|
||||
+
|
||||
+ movl $0x41504354, %ebx /* EBX = "TCPA" */
|
||||
+
|
||||
+ /* %ecx = The length, in bytes, of the buffer to measure */
|
||||
+ movl $bytes_to_measure, %esi
|
||||
+ movl (%esi), %ecx
|
||||
+ xorl %esi, %esi
|
||||
+ movl $0x9, %edx /* PCR 9 */
|
||||
+
|
||||
+ int $0x1A
|
||||
+
|
||||
+ popa
|
||||
+#endif
|
||||
/* print a newline */
|
||||
MSG(notification_done)
|
||||
popw %dx /* this makes sure %dl is our "boot" drive */
|
||||
@@ -324,6 +364,10 @@ geometry_error_string: .asciz "Geom"
|
||||
read_error_string: .asciz "Read"
|
||||
general_error_string: .asciz " Error"
|
||||
|
||||
+#ifdef TPM
|
||||
+bytes_to_measure: .long 0
|
||||
+#endif
|
||||
+
|
||||
/*
|
||||
* message: write the string pointed to by %si
|
||||
*
|
||||
--
|
||||
2.5.0
|
||||
|
39
0079-Handle-rssd-storage-devices.patch
Normal file
39
0079-Handle-rssd-storage-devices.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From 90e2d3fbb161d494cdfc0ad0da740a6a4f651d70 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 30 Jun 2015 15:50:41 -0400
|
||||
Subject: [PATCH 79/90] Handle rssd storage devices.
|
||||
|
||||
Resolves: rhbz#1087962
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/osdep/linux/getroot.c | 13 +++++++++++++
|
||||
1 file changed, 13 insertions(+)
|
||||
|
||||
diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c
|
||||
index 09e7e6e..ad7b774 100644
|
||||
--- a/grub-core/osdep/linux/getroot.c
|
||||
+++ b/grub-core/osdep/linux/getroot.c
|
||||
@@ -898,6 +898,19 @@ grub_util_part_to_disk (const char *os_dev, struct stat *st,
|
||||
return path;
|
||||
}
|
||||
|
||||
+ /* If this is an rssd device. */
|
||||
+ if ((strncmp ("rssd", p, 4) == 0) && p[4] >= 'a' && p[4] <= 'z')
|
||||
+ {
|
||||
+ char *pp = p + 4;
|
||||
+ while (*pp >= 'a' && *pp <= 'z')
|
||||
+ pp++;
|
||||
+ if (*pp)
|
||||
+ *is_part = 1;
|
||||
+ /* /dev/rssd[a-z]+[0-9]* */
|
||||
+ *pp = '\0';
|
||||
+ return path;
|
||||
+ }
|
||||
+
|
||||
/* If this is a loop device */
|
||||
if ((strncmp ("loop", p, 4) == 0) && p[4] >= '0' && p[4] <= '9')
|
||||
{
|
||||
--
|
||||
2.9.3
|
||||
|
31
0080-Warn-if-grub-password-will-not-be-read-1290803.patch
Normal file
31
0080-Warn-if-grub-password-will-not-be-read-1290803.patch
Normal file
@ -0,0 +1,31 @@
|
||||
From f46e9b0378cfaced22f0de5e8061ddb0c6829ee8 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Mon, 22 Feb 2016 15:30:05 -0500
|
||||
Subject: [PATCH 80/90] Warn if grub password will not be read (#1290803)
|
||||
|
||||
It is possible for a system to have never run grub-mkconfig and add the
|
||||
section that reads the user.cfg file which contains a user set GRUB
|
||||
password. Users in that scenario will now be warned that grub-mkconfig
|
||||
must be run prior to their newly set password taking effect.
|
||||
|
||||
Resolves: rhbz#1290803
|
||||
---
|
||||
util/grub-setpassword.in | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
|
||||
index 2923f43..dd7b793 100644
|
||||
--- a/util/grub-setpassword.in
|
||||
+++ b/util/grub-setpassword.in
|
||||
@@ -121,3 +121,8 @@ fi
|
||||
install -m 0600 /dev/null "${grubdir}/user.cfg" 2>/dev/null || :
|
||||
chmod 0600 "${grubdir}/user.cfg" 2>/dev/null || :
|
||||
echo "GRUB2_PASSWORD=${MYPASS}" > "${grubdir}/user.cfg"
|
||||
+
|
||||
+if ! grep -q "^### BEGIN /etc/grub.d/01_users ###$" "${grubdir}/grub.cfg"; then
|
||||
+ echo "WARNING: The current configuration lacks password support!"
|
||||
+ echo "Update your configuration with @grub_mkconfig@ to support this feature."
|
||||
+fi
|
||||
--
|
||||
2.9.3
|
||||
|
58
0081-Clean-up-grub-setpassword-documentation-1290799.patch
Normal file
58
0081-Clean-up-grub-setpassword-documentation-1290799.patch
Normal file
@ -0,0 +1,58 @@
|
||||
From f41adcd85164ef8a0d0918f0508f29dcf3c7467d Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Tue, 26 Jan 2016 10:28:35 -0500
|
||||
Subject: [PATCH 81/90] Clean up grub-setpassword documentation (#1290799)
|
||||
|
||||
The output for --help had some errors. Corrected those and polished the
|
||||
text to be a little easier to follow. Carried verbage over to man page
|
||||
to maintain internal consistency.
|
||||
|
||||
Resolves: rhbz#1290799
|
||||
---
|
||||
util/grub-setpassword.8 | 2 +-
|
||||
util/grub-setpassword.in | 15 +++++++--------
|
||||
2 files changed, 8 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/util/grub-setpassword.8 b/util/grub-setpassword.8
|
||||
index 49200a8..dc91dd6 100644
|
||||
--- a/util/grub-setpassword.8
|
||||
+++ b/util/grub-setpassword.8
|
||||
@@ -19,7 +19,7 @@ Display program usage and exit.
|
||||
-v, --version
|
||||
Display the current version.
|
||||
.TP
|
||||
--o, --output[=\fIDIRECTORY PATH\fR]
|
||||
+-o, --output=<\fIDIRECTORY\fR>
|
||||
Choose the file path to which user.cfg will be written.
|
||||
|
||||
.SH SEE ALSO
|
||||
diff --git a/util/grub-setpassword.in b/util/grub-setpassword.in
|
||||
index dd7b793..d7924af 100644
|
||||
--- a/util/grub-setpassword.in
|
||||
+++ b/util/grub-setpassword.in
|
||||
@@ -16,15 +16,14 @@ grub_mkpasswd="${bindir}/@grub_mkpasswd_pbkdf2@"
|
||||
# Print the usage.
|
||||
usage () {
|
||||
cat <<EOF
|
||||
-Usage: $0 [OPTION] [SOURCE]
|
||||
-Run GRUB script in a Qemu instance.
|
||||
-
|
||||
- -h, --help print this message and exit
|
||||
- -v, --version print the version information and exit
|
||||
- -o, --output_path choose a custom output path for user.cfg
|
||||
-
|
||||
+Usage: $0 [OPTION]
|
||||
$0 prompts the user to set a password on the grub bootloader. The password
|
||||
-is written to a file named user.cfg.
|
||||
+is written to a file named user.cfg which lives in the GRUB directory
|
||||
+located by default at ${grubdir}.
|
||||
+
|
||||
+ -h, --help print this message and exit
|
||||
+ -v, --version print the version information and exit
|
||||
+ -o, --output_path <DIRECTORY> put user.cfg in a user-selected directory
|
||||
|
||||
Report bugs at https://bugzilla.redhat.com.
|
||||
EOF
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,87 +0,0 @@
|
||||
From f4d862215e8d693018f419be33a0a3a7c3e79d29 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Sun, 9 Aug 2015 16:28:29 -0700
|
||||
Subject: [PATCH 82/85] Measure kernel and initrd on BIOS systems
|
||||
|
||||
Measure the kernel and initrd when loaded on BIOS systems
|
||||
---
|
||||
grub-core/loader/i386/linux.c | 5 +++++
|
||||
grub-core/loader/i386/pc/linux.c | 3 +++
|
||||
grub-core/loader/linux.c | 2 ++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
|
||||
index 5eb7d17..342c9fe 100644
|
||||
--- a/grub-core/loader/i386/linux.c
|
||||
+++ b/grub-core/loader/i386/linux.c
|
||||
@@ -36,6 +36,7 @@
|
||||
#include <grub/lib/cmdline.h>
|
||||
#include <grub/linux.h>
|
||||
#include <grub/efi/sb.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
GRUB_MOD_LICENSE ("GPLv3+");
|
||||
|
||||
@@ -717,7 +718,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
goto fail;
|
||||
}
|
||||
|
||||
+ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "Linux Kernel");
|
||||
+
|
||||
grub_memcpy (&lh, kernel, sizeof (lh));
|
||||
+
|
||||
kernel_offset = sizeof (lh);
|
||||
|
||||
if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55))
|
||||
@@ -1026,6 +1030,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
|
||||
len = prot_file_size;
|
||||
grub_memcpy (prot_mode_mem, kernel + kernel_offset, len);
|
||||
+ kernel_offset += len;
|
||||
|
||||
if (grub_errno == GRUB_ERR_NONE)
|
||||
{
|
||||
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
|
||||
index b864e54..6b8f365 100644
|
||||
--- a/grub-core/loader/i386/pc/linux.c
|
||||
+++ b/grub-core/loader/i386/pc/linux.c
|
||||
@@ -36,6 +36,7 @@
|
||||
#include <grub/lib/cmdline.h>
|
||||
#include <grub/linux.h>
|
||||
#include <grub/efi/sb.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
GRUB_MOD_LICENSE ("GPLv3+");
|
||||
|
||||
@@ -161,6 +162,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
goto fail;
|
||||
}
|
||||
|
||||
+ grub_tpm_measure (kernel, len, GRUB_KERNEL_PCR, "BIOS Linux Kernel");
|
||||
+
|
||||
grub_memcpy (&lh, kernel, sizeof (lh));
|
||||
kernel_offset = sizeof (lh);
|
||||
|
||||
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
|
||||
index be6fa0f..3005c0d 100644
|
||||
--- a/grub-core/loader/linux.c
|
||||
+++ b/grub-core/loader/linux.c
|
||||
@@ -4,6 +4,7 @@
|
||||
#include <grub/misc.h>
|
||||
#include <grub/file.h>
|
||||
#include <grub/mm.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
struct newc_head
|
||||
{
|
||||
@@ -288,6 +289,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx,
|
||||
grub_initrd_close (initrd_ctx);
|
||||
return grub_errno;
|
||||
}
|
||||
+ grub_tpm_measure (ptr, cursize, GRUB_INITRD_PCR, "Linux Initrd");
|
||||
ptr += cursize;
|
||||
}
|
||||
if (newc)
|
||||
--
|
||||
2.5.0
|
||||
|
353
0082-Re-work-some-intricacies-of-PE-loading.patch
Normal file
353
0082-Re-work-some-intricacies-of-PE-loading.patch
Normal file
@ -0,0 +1,353 @@
|
||||
From e2b22111a8ec58091603fc785f54b1b998888735 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 9 Jun 2016 12:22:29 -0400
|
||||
Subject: [PATCH 82/90] Re-work some intricacies of PE loading.
|
||||
|
||||
The PE spec is not a well written document, and awesomely every place
|
||||
where there's an ambiguous way to read something, Windows' bootmgfw.efi
|
||||
takes a different read than either of them.
|
||||
---
|
||||
grub-core/loader/efi/chainloader.c | 156 +++++++++++++++++++++++++++++--------
|
||||
include/grub/efi/pe32.h | 32 +++++++-
|
||||
2 files changed, 152 insertions(+), 36 deletions(-)
|
||||
|
||||
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
|
||||
index c4184fa..323f873 100644
|
||||
--- a/grub-core/loader/efi/chainloader.c
|
||||
+++ b/grub-core/loader/efi/chainloader.c
|
||||
@@ -297,7 +297,7 @@ image_is_64_bit (grub_pe_header_t *pe_hdr)
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static const grub_uint16_t machine_type =
|
||||
+static const grub_uint16_t machine_type __attribute__((__unused__)) =
|
||||
#if defined(__x86_64__)
|
||||
GRUB_PE32_MACHINE_X86_64;
|
||||
#elif defined(__aarch64__)
|
||||
@@ -363,10 +363,10 @@ relocate_coff (pe_coff_loader_image_context_t *context,
|
||||
|
||||
reloc_base = image_address (orig, size, section->raw_data_offset);
|
||||
reloc_base_end = image_address (orig, size, section->raw_data_offset
|
||||
- + section->virtual_size - 1);
|
||||
+ + section->virtual_size);
|
||||
|
||||
- grub_dprintf ("chain", "reloc_base %p reloc_base_end %p\n", reloc_base,
|
||||
- reloc_base_end);
|
||||
+ grub_dprintf ("chain", "relocate_coff(): reloc_base %p reloc_base_end %p\n",
|
||||
+ reloc_base, reloc_base_end);
|
||||
|
||||
if (!reloc_base && !reloc_base_end)
|
||||
return GRUB_EFI_SUCCESS;
|
||||
@@ -503,12 +503,13 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
grub_efi_status_t efi_status;
|
||||
char *buffer = NULL;
|
||||
char *buffer_aligned = NULL;
|
||||
- grub_efi_uint32_t i, size;
|
||||
+ grub_efi_uint32_t i;
|
||||
struct grub_pe32_section_table *section;
|
||||
char *base, *end;
|
||||
pe_coff_loader_image_context_t context;
|
||||
grub_uint32_t section_alignment;
|
||||
grub_uint32_t buffer_size;
|
||||
+ int found_entry_point = 0;
|
||||
|
||||
b = grub_efi_system_table->boot_services;
|
||||
|
||||
@@ -522,8 +523,28 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
goto error_exit;
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * The spec says, uselessly, of SectionAlignment:
|
||||
+ * =====
|
||||
+ * The alignment (in bytes) of sections when they are loaded into
|
||||
+ * memory. It must be greater than or equal to FileAlignment. The
|
||||
+ * default is the page size for the architecture.
|
||||
+ * =====
|
||||
+ * Which doesn't tell you whose responsibility it is to enforce the
|
||||
+ * "default", or when. It implies that the value in the field must
|
||||
+ * be > FileAlignment (also poorly defined), but it appears visual
|
||||
+ * studio will happily write 512 for FileAlignment (its default) and
|
||||
+ * 0 for SectionAlignment, intending to imply PAGE_SIZE.
|
||||
+ *
|
||||
+ * We only support one page size, so if it's zero, nerf it to 4096.
|
||||
+ */
|
||||
section_alignment = context.section_alignment;
|
||||
+ if (section_alignment == 0)
|
||||
+ section_alignment = 4096;
|
||||
+
|
||||
buffer_size = context.image_size + section_alignment;
|
||||
+ grub_dprintf ("chain", "image size is %08lx, datasize is %08x\n",
|
||||
+ context.image_size, datasize);
|
||||
|
||||
efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA,
|
||||
buffer_size, &buffer);
|
||||
@@ -535,7 +556,6 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
}
|
||||
|
||||
buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment);
|
||||
-
|
||||
if (!buffer_aligned)
|
||||
{
|
||||
grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
|
||||
@@ -544,27 +564,62 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
|
||||
grub_memcpy (buffer_aligned, data, context.size_of_headers);
|
||||
|
||||
+ entry_point = image_address (buffer_aligned, context.image_size,
|
||||
+ context.entry_point);
|
||||
+
|
||||
+ grub_dprintf ("chain", "entry_point: %p\n", entry_point);
|
||||
+ if (!entry_point)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point");
|
||||
+ goto error_exit;
|
||||
+ }
|
||||
+
|
||||
char *reloc_base, *reloc_base_end;
|
||||
- reloc_base = image_address (buffer_aligned, datasize,
|
||||
+ grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n",
|
||||
+ (void *)(unsigned long long)context.reloc_dir->rva,
|
||||
+ context.reloc_dir->size);
|
||||
+ reloc_base = image_address (buffer_aligned, context.image_size,
|
||||
context.reloc_dir->rva);
|
||||
/* RelocBaseEnd here is the address of the last byte of the table */
|
||||
- reloc_base_end = image_address (buffer_aligned, datasize,
|
||||
+ reloc_base_end = image_address (buffer_aligned, context.image_size,
|
||||
context.reloc_dir->rva
|
||||
+ context.reloc_dir->size - 1);
|
||||
+ grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n",
|
||||
+ reloc_base, reloc_base_end);
|
||||
+
|
||||
struct grub_pe32_section_table *reloc_section = NULL;
|
||||
|
||||
section = context.first_section;
|
||||
for (i = 0; i < context.number_of_sections; i++, section++)
|
||||
{
|
||||
- size = section->virtual_size;
|
||||
- if (size > section->raw_data_size)
|
||||
- size = section->raw_data_size;
|
||||
+ char name[9];
|
||||
|
||||
base = image_address (buffer_aligned, context.image_size,
|
||||
section->virtual_address);
|
||||
end = image_address (buffer_aligned, context.image_size,
|
||||
- section->virtual_address + size - 1);
|
||||
+ section->virtual_address + section->virtual_size -1);
|
||||
|
||||
+ grub_strncpy(name, section->name, 9);
|
||||
+ name[8] = '\0';
|
||||
+ grub_dprintf ("chain", "Section %d \"%s\" at %p..%p\n", i,
|
||||
+ name, base, end);
|
||||
+
|
||||
+ if (end < base)
|
||||
+ {
|
||||
+ grub_dprintf ("chain", " base is %p but end is %p... bad.\n",
|
||||
+ base, end);
|
||||
+ grub_error (GRUB_ERR_BAD_ARGUMENT,
|
||||
+ "Image has invalid negative size");
|
||||
+ goto error_exit;
|
||||
+ }
|
||||
+
|
||||
+ if (section->virtual_address <= context.entry_point &&
|
||||
+ (section->virtual_address + section->raw_data_size - 1)
|
||||
+ > context.entry_point)
|
||||
+ {
|
||||
+ found_entry_point++;
|
||||
+ grub_dprintf ("chain", " section contains entry point\n");
|
||||
+ }
|
||||
|
||||
/* We do want to process .reloc, but it's often marked
|
||||
* discardable, so we don't want to memcpy it. */
|
||||
@@ -583,21 +638,46 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
if (section->raw_data_size && section->virtual_size &&
|
||||
base && end && reloc_base == base && reloc_base_end == end)
|
||||
{
|
||||
+ grub_dprintf ("chain", " section is relocation section\n");
|
||||
reloc_section = section;
|
||||
}
|
||||
+ else
|
||||
+ {
|
||||
+ grub_dprintf ("chain", " section is not reloc section?\n");
|
||||
+ grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n",
|
||||
+ section->raw_data_size, section->virtual_size);
|
||||
+ grub_dprintf ("chain", " base: %p end: %p\n", base, end);
|
||||
+ grub_dprintf ("chain", " reloc_base: %p reloc_base_end: %p\n",
|
||||
+ reloc_base, reloc_base_end);
|
||||
+ }
|
||||
}
|
||||
|
||||
- if (section->characteristics && GRUB_PE32_SCN_MEM_DISCARDABLE)
|
||||
- continue;
|
||||
+ grub_dprintf ("chain", " Section characteristics are %08x\n",
|
||||
+ section->characteristics);
|
||||
+ grub_dprintf ("chain", " Section virtual size: %08x\n",
|
||||
+ section->virtual_size);
|
||||
+ grub_dprintf ("chain", " Section raw_data size: %08x\n",
|
||||
+ section->raw_data_size);
|
||||
+ if (section->characteristics & GRUB_PE32_SCN_MEM_DISCARDABLE)
|
||||
+ {
|
||||
+ grub_dprintf ("chain", " Discarding section\n");
|
||||
+ continue;
|
||||
+ }
|
||||
|
||||
if (!base || !end)
|
||||
{
|
||||
+ grub_dprintf ("chain", " section is invalid\n");
|
||||
grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size");
|
||||
goto error_exit;
|
||||
}
|
||||
|
||||
- if (section->virtual_address < context.size_of_headers ||
|
||||
- section->raw_data_offset < context.size_of_headers)
|
||||
+ if (section->characteristics & GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA)
|
||||
+ {
|
||||
+ if (section->raw_data_size != 0)
|
||||
+ grub_dprintf ("chain", " UNINITIALIZED_DATA section has data?\n");
|
||||
+ }
|
||||
+ else if (section->virtual_address < context.size_of_headers ||
|
||||
+ section->raw_data_offset < context.size_of_headers)
|
||||
{
|
||||
grub_error (GRUB_ERR_BAD_ARGUMENT,
|
||||
"Section %d is inside image headers", i);
|
||||
@@ -605,13 +685,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
}
|
||||
|
||||
if (section->raw_data_size > 0)
|
||||
- grub_memcpy (base, (grub_efi_uint8_t*)data + section->raw_data_offset,
|
||||
- size);
|
||||
+ {
|
||||
+ grub_dprintf ("chain", " copying 0x%08x bytes to %p\n",
|
||||
+ section->raw_data_size, base);
|
||||
+ grub_memcpy (base,
|
||||
+ (grub_efi_uint8_t*)data + section->raw_data_offset,
|
||||
+ section->raw_data_size);
|
||||
+ }
|
||||
|
||||
- if (size < section->virtual_size)
|
||||
- grub_memset (base + size, 0, section->virtual_size - size);
|
||||
+ if (section->raw_data_size < section->virtual_size)
|
||||
+ {
|
||||
+ grub_dprintf ("chain", " padding with 0x%08x bytes at %p\n",
|
||||
+ section->virtual_size - section->raw_data_size,
|
||||
+ base + section->raw_data_size);
|
||||
+ grub_memset (base + section->raw_data_size, 0,
|
||||
+ section->virtual_size - section->raw_data_size);
|
||||
+ }
|
||||
|
||||
- grub_dprintf ("chain", "copied section %s\n", section->name);
|
||||
+ grub_dprintf ("chain", " finished section %s\n", name);
|
||||
}
|
||||
|
||||
/* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */
|
||||
@@ -634,12 +725,15 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
}
|
||||
}
|
||||
|
||||
- entry_point = image_address (buffer_aligned, context.image_size,
|
||||
- context.entry_point);
|
||||
-
|
||||
- if (!entry_point)
|
||||
+ if (!found_entry_point)
|
||||
{
|
||||
- grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point");
|
||||
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "entry point is not within sections");
|
||||
+ goto error_exit;
|
||||
+ }
|
||||
+ if (found_entry_point > 1)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_ARGUMENT, "%d sections contain entry point",
|
||||
+ found_entry_point);
|
||||
goto error_exit;
|
||||
}
|
||||
|
||||
@@ -657,26 +751,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
li->load_options_size = cmdline_len;
|
||||
li->file_path = grub_efi_get_media_file_path (file_path);
|
||||
li->device_handle = dev_handle;
|
||||
- if (li->file_path)
|
||||
- {
|
||||
- grub_printf ("file path: ");
|
||||
- grub_efi_print_device_path (li->file_path);
|
||||
- }
|
||||
- else
|
||||
+ if (!li->file_path)
|
||||
{
|
||||
grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found");
|
||||
goto error_exit;
|
||||
}
|
||||
|
||||
+ grub_dprintf ("chain", "booting via entry point\n");
|
||||
efi_status = efi_call_2 (entry_point, grub_efi_image_handle,
|
||||
grub_efi_system_table);
|
||||
|
||||
+ grub_dprintf ("chain", "entry_point returned %ld\n", efi_status);
|
||||
grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t));
|
||||
efi_status = efi_call_1 (b->free_pool, buffer);
|
||||
|
||||
return 1;
|
||||
|
||||
error_exit:
|
||||
+ grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno);
|
||||
if (buffer)
|
||||
efi_call_1 (b->free_pool, buffer);
|
||||
|
||||
diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
|
||||
index f79782e..8396bde 100644
|
||||
--- a/include/grub/efi/pe32.h
|
||||
+++ b/include/grub/efi/pe32.h
|
||||
@@ -227,12 +227,18 @@ struct grub_pe32_section_table
|
||||
grub_uint32_t characteristics;
|
||||
};
|
||||
|
||||
+#define GRUB_PE32_SCN_TYPE_NO_PAD 0x00000008
|
||||
#define GRUB_PE32_SCN_CNT_CODE 0x00000020
|
||||
#define GRUB_PE32_SCN_CNT_INITIALIZED_DATA 0x00000040
|
||||
-#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000
|
||||
-#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000
|
||||
-#define GRUB_PE32_SCN_MEM_READ 0x40000000
|
||||
-#define GRUB_PE32_SCN_MEM_WRITE 0x80000000
|
||||
+#define GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA 0x00000080
|
||||
+#define GRUB_PE32_SCN_LNK_OTHER 0x00000100
|
||||
+#define GRUB_PE32_SCN_LNK_INFO 0x00000200
|
||||
+#define GRUB_PE32_SCN_LNK_REMOVE 0x00000800
|
||||
+#define GRUB_PE32_SCN_LNK_COMDAT 0x00001000
|
||||
+#define GRUB_PE32_SCN_GPREL 0x00008000
|
||||
+#define GRUB_PE32_SCN_MEM_16BIT 0x00020000
|
||||
+#define GRUB_PE32_SCN_MEM_LOCKED 0x00040000
|
||||
+#define GRUB_PE32_SCN_MEM_PRELOAD 0x00080000
|
||||
|
||||
#define GRUB_PE32_SCN_ALIGN_1BYTES 0x00100000
|
||||
#define GRUB_PE32_SCN_ALIGN_2BYTES 0x00200000
|
||||
@@ -241,10 +247,28 @@ struct grub_pe32_section_table
|
||||
#define GRUB_PE32_SCN_ALIGN_16BYTES 0x00500000
|
||||
#define GRUB_PE32_SCN_ALIGN_32BYTES 0x00600000
|
||||
#define GRUB_PE32_SCN_ALIGN_64BYTES 0x00700000
|
||||
+#define GRUB_PE32_SCN_ALIGN_128BYTES 0x00800000
|
||||
+#define GRUB_PE32_SCN_ALIGN_256BYTES 0x00900000
|
||||
+#define GRUB_PE32_SCN_ALIGN_512BYTES 0x00A00000
|
||||
+#define GRUB_PE32_SCN_ALIGN_1024BYTES 0x00B00000
|
||||
+#define GRUB_PE32_SCN_ALIGN_2048BYTES 0x00C00000
|
||||
+#define GRUB_PE32_SCN_ALIGN_4096BYTES 0x00D00000
|
||||
+#define GRUB_PE32_SCN_ALIGN_8192BYTES 0x00E00000
|
||||
|
||||
#define GRUB_PE32_SCN_ALIGN_SHIFT 20
|
||||
#define GRUB_PE32_SCN_ALIGN_MASK 7
|
||||
|
||||
+#define GRUB_PE32_SCN_LNK_NRELOC_OVFL 0x01000000
|
||||
+#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000
|
||||
+#define GRUB_PE32_SCN_MEM_NOT_CACHED 0x04000000
|
||||
+#define GRUB_PE32_SCN_MEM_NOT_PAGED 0x08000000
|
||||
+#define GRUB_PE32_SCN_MEM_SHARED 0x10000000
|
||||
+#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000
|
||||
+#define GRUB_PE32_SCN_MEM_READ 0x40000000
|
||||
+#define GRUB_PE32_SCN_MEM_WRITE 0x80000000
|
||||
+
|
||||
+
|
||||
+
|
||||
#define GRUB_PE32_SIGNATURE_SIZE 4
|
||||
|
||||
struct grub_pe32_header
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,43 +0,0 @@
|
||||
From 6bcfc6f286d099a26cc0c7a00a6458d1d7993485 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Sun, 9 Aug 2015 16:32:29 -0700
|
||||
Subject: [PATCH 83/85] Measure the kernel commandline
|
||||
|
||||
Measure the kernel commandline to ensure that it hasn't been modified
|
||||
---
|
||||
grub-core/lib/cmdline.c | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c
|
||||
index 970ea86..6b56304 100644
|
||||
--- a/grub-core/lib/cmdline.c
|
||||
+++ b/grub-core/lib/cmdline.c
|
||||
@@ -19,6 +19,7 @@
|
||||
|
||||
#include <grub/lib/cmdline.h>
|
||||
#include <grub/misc.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
static int
|
||||
is_hex(char c)
|
||||
@@ -79,7 +80,7 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
||||
{
|
||||
int i, space;
|
||||
unsigned int arg_size;
|
||||
- char *c;
|
||||
+ char *c, *orig = buf;
|
||||
|
||||
for (i = 0; i < argc; i++)
|
||||
{
|
||||
@@ -125,5 +126,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
||||
|
||||
*buf = 0;
|
||||
|
||||
+ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_CMDLINE_PCR,
|
||||
+ "Kernel Commandline");
|
||||
+
|
||||
return i;
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
|
386
0083-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch
Normal file
386
0083-Rework-even-more-of-efi-chainload-so-non-sb-cases-wo.patch
Normal file
@ -0,0 +1,386 @@
|
||||
From 8b4deb97529ba7ff689a11639f2a5bfdb29ad2ea Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 10 Jun 2016 14:06:15 -0400
|
||||
Subject: [PATCH 83/90] Rework even more of efi chainload so non-sb cases work
|
||||
right.
|
||||
|
||||
This ensures that if shim protocol is not loaded, or is loaded but shim
|
||||
is disabled, we will fall back to a correct load method for the efi
|
||||
chain loader.
|
||||
|
||||
Here's what I tested with this version:
|
||||
|
||||
results expected actual
|
||||
------------------------------------------------------------
|
||||
sb + enabled + shim + fedora success success
|
||||
sb + enabled + shim + win success success
|
||||
sb + enabled + grub + fedora fail fail
|
||||
sb + enabled + grub + win fail fail
|
||||
|
||||
sb + mokdisabled + shim + fedora success success
|
||||
sb + mokdisabled + shim + win success success
|
||||
sb + mokdisabled + grub + fedora fail fail
|
||||
sb + mokdisabled + grub + win fail fail
|
||||
|
||||
sb disabled + shim + fedora success success*
|
||||
sb disabled + shim + win success success*
|
||||
sb disabled + grub + fedora success success
|
||||
sb disabled + grub + win success success
|
||||
|
||||
nosb + shim + fedora success success*
|
||||
nosb + shim + win success success*
|
||||
nosb + grub + fedora success success
|
||||
nosb + grub + win success success
|
||||
|
||||
* for some reason shim protocol is being installed in these cases, and I
|
||||
can't see why, but I think it may be this firmware build returning an
|
||||
erroneous value. But this effectively falls back to the mokdisabled
|
||||
behavior, which works correctly, and the presence of the "grub" (i.e.
|
||||
no shim) tests effectively tests the desired behavior here.
|
||||
|
||||
Resolves: rhbz#1344512
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/kern/efi/sb.c | 14 +++--
|
||||
grub-core/loader/arm64/linux.c | 4 +-
|
||||
grub-core/loader/efi/chainloader.c | 115 ++++++++++++++++++++++---------------
|
||||
grub-core/loader/efi/linux.c | 13 +++--
|
||||
grub-core/loader/i386/efi/linux.c | 10 +++-
|
||||
include/grub/efi/linux.h | 2 +-
|
||||
6 files changed, 99 insertions(+), 59 deletions(-)
|
||||
|
||||
diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
|
||||
index a41b6c5..d74778b 100644
|
||||
--- a/grub-core/kern/efi/sb.c
|
||||
+++ b/grub-core/kern/efi/sb.c
|
||||
@@ -36,14 +36,20 @@ grub_efi_secure_boot (void)
|
||||
grub_efi_boolean_t ret = 0;
|
||||
|
||||
secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize);
|
||||
-
|
||||
if (datasize != 1 || !secure_boot)
|
||||
- goto out;
|
||||
+ {
|
||||
+ grub_dprintf ("secureboot", "No SecureBoot variable\n");
|
||||
+ goto out;
|
||||
+ }
|
||||
+ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot);
|
||||
|
||||
setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize);
|
||||
-
|
||||
if (datasize != 1 || !setup_mode)
|
||||
- goto out;
|
||||
+ {
|
||||
+ grub_dprintf ("secureboot", "No SetupMode variable\n");
|
||||
+ goto out;
|
||||
+ }
|
||||
+ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode);
|
||||
|
||||
if (*secure_boot && !*setup_mode)
|
||||
ret = 1;
|
||||
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
|
||||
index 4756ef7..f83820e 100644
|
||||
--- a/grub-core/loader/arm64/linux.c
|
||||
+++ b/grub-core/loader/arm64/linux.c
|
||||
@@ -251,6 +251,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
grub_file_t file = 0;
|
||||
struct grub_arm64_linux_kernel_header lh;
|
||||
struct grub_arm64_linux_pe_header *pe;
|
||||
+ int rc;
|
||||
|
||||
grub_dl_ref (my_mod);
|
||||
|
||||
@@ -295,7 +296,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
|
||||
grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
|
||||
|
||||
- if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size))
|
||||
+ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size);
|
||||
+ if (rc < 0)
|
||||
{
|
||||
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
|
||||
goto fail;
|
||||
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
|
||||
index 323f873..49a7662 100644
|
||||
--- a/grub-core/loader/efi/chainloader.c
|
||||
+++ b/grub-core/loader/efi/chainloader.c
|
||||
@@ -178,7 +178,6 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
|
||||
/* Fill the file path for the directory. */
|
||||
d = (grub_efi_device_path_t *) ((char *) file_path
|
||||
+ ((char *) d - (char *) dp));
|
||||
- grub_efi_print_device_path (d);
|
||||
copy_file_path ((grub_efi_file_path_device_path_t *) d,
|
||||
dir_start, dir_end - dir_start);
|
||||
|
||||
@@ -248,10 +247,9 @@ read_header (void *data, grub_efi_uint32_t size,
|
||||
grub_efi_status_t status;
|
||||
|
||||
shim_lock = grub_efi_locate_protocol (&guid, NULL);
|
||||
-
|
||||
if (!shim_lock)
|
||||
{
|
||||
- grub_error (GRUB_ERR_BAD_ARGUMENT, "no shim lock protocol");
|
||||
+ grub_dprintf ("chain", "no shim lock protocol");
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -276,7 +274,7 @@ read_header (void *data, grub_efi_uint32_t size,
|
||||
break;
|
||||
}
|
||||
|
||||
- return 0;
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
static void*
|
||||
@@ -510,17 +508,24 @@ handle_image (void *data, grub_efi_uint32_t datasize)
|
||||
grub_uint32_t section_alignment;
|
||||
grub_uint32_t buffer_size;
|
||||
int found_entry_point = 0;
|
||||
+ int rc;
|
||||
|
||||
b = grub_efi_system_table->boot_services;
|
||||
|
||||
- if (read_header (data, datasize, &context))
|
||||
+ rc = read_header (data, datasize, &context);
|
||||
+ if (rc < 0)
|
||||
{
|
||||
- grub_dprintf ("chain", "Succeed to read header\n");
|
||||
+ grub_dprintf ("chain", "Failed to read header\n");
|
||||
+ goto error_exit;
|
||||
+ }
|
||||
+ else if (rc == 0)
|
||||
+ {
|
||||
+ grub_dprintf ("chain", "Secure Boot is not enabled\n");
|
||||
+ return 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
- grub_dprintf ("chain", "Failed to read header\n");
|
||||
- goto error_exit;
|
||||
+ grub_dprintf ("chain", "Header read without error\n");
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -793,9 +798,55 @@ grub_secureboot_chainloader_unload (void)
|
||||
}
|
||||
|
||||
static grub_err_t
|
||||
+grub_load_and_start_image(void *boot_image)
|
||||
+{
|
||||
+ grub_efi_boot_services_t *b;
|
||||
+ grub_efi_status_t status;
|
||||
+ grub_efi_loaded_image_t *loaded_image;
|
||||
+
|
||||
+ b = grub_efi_system_table->boot_services;
|
||||
+
|
||||
+ status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path,
|
||||
+ boot_image, fsize, &image_handle);
|
||||
+ if (status != GRUB_EFI_SUCCESS)
|
||||
+ {
|
||||
+ if (status == GRUB_EFI_OUT_OF_RESOURCES)
|
||||
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources");
|
||||
+ else
|
||||
+ grub_error (GRUB_ERR_BAD_OS, "cannot load image");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ /* LoadImage does not set a device handler when the image is
|
||||
+ loaded from memory, so it is necessary to set it explicitly here.
|
||||
+ This is a mess. */
|
||||
+ loaded_image = grub_efi_get_loaded_image (image_handle);
|
||||
+ if (! loaded_image)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_OS, "no loaded image available");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ loaded_image->device_handle = dev_handle;
|
||||
+
|
||||
+ if (cmdline)
|
||||
+ {
|
||||
+ loaded_image->load_options = cmdline;
|
||||
+ loaded_image->load_options_size = cmdline_len;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static grub_err_t
|
||||
grub_secureboot_chainloader_boot (void)
|
||||
{
|
||||
- handle_image ((void *)address, fsize);
|
||||
+ int rc;
|
||||
+ rc = handle_image ((void *)address, fsize);
|
||||
+ if (rc == 0)
|
||||
+ {
|
||||
+ grub_load_and_start_image((void *)address);
|
||||
+ }
|
||||
+
|
||||
grub_loader_unset ();
|
||||
return grub_errno;
|
||||
}
|
||||
@@ -809,9 +860,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
|
||||
grub_efi_boot_services_t *b;
|
||||
grub_device_t dev = 0;
|
||||
grub_efi_device_path_t *dp = 0;
|
||||
- grub_efi_loaded_image_t *loaded_image;
|
||||
char *filename;
|
||||
void *boot_image = 0;
|
||||
+ int rc;
|
||||
|
||||
if (argc == 0)
|
||||
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
|
||||
@@ -898,9 +949,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
|
||||
if (! file_path)
|
||||
goto fail;
|
||||
|
||||
- grub_printf ("file path: ");
|
||||
- grub_efi_print_device_path (file_path);
|
||||
-
|
||||
fsize = grub_file_size (file);
|
||||
if (!fsize)
|
||||
{
|
||||
@@ -975,51 +1023,28 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
|
||||
}
|
||||
#endif
|
||||
|
||||
- if (grub_linuxefi_secure_validate((void *)address, fsize))
|
||||
+ rc = grub_linuxefi_secure_validate((void *)address, fsize);
|
||||
+ grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc);
|
||||
+ if (rc > 0)
|
||||
{
|
||||
grub_file_close (file);
|
||||
grub_loader_set (grub_secureboot_chainloader_boot,
|
||||
grub_secureboot_chainloader_unload, 0);
|
||||
return 0;
|
||||
}
|
||||
-
|
||||
- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path,
|
||||
- boot_image, fsize, &image_handle);
|
||||
- if (status != GRUB_EFI_SUCCESS)
|
||||
+ else if (rc == 0)
|
||||
{
|
||||
- if (status == GRUB_EFI_OUT_OF_RESOURCES)
|
||||
- grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources");
|
||||
- else
|
||||
- grub_error (GRUB_ERR_BAD_OS, "cannot load image");
|
||||
-
|
||||
- goto fail;
|
||||
- }
|
||||
-
|
||||
- /* LoadImage does not set a device handler when the image is
|
||||
- loaded from memory, so it is necessary to set it explicitly here.
|
||||
- This is a mess. */
|
||||
- loaded_image = grub_efi_get_loaded_image (image_handle);
|
||||
- if (! loaded_image)
|
||||
- {
|
||||
- grub_error (GRUB_ERR_BAD_OS, "no loaded image available");
|
||||
- goto fail;
|
||||
- }
|
||||
- loaded_image->device_handle = dev_handle;
|
||||
+ grub_load_and_start_image(boot_image);
|
||||
+ grub_file_close (file);
|
||||
+ grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
|
||||
|
||||
- if (cmdline)
|
||||
- {
|
||||
- loaded_image->load_options = cmdline;
|
||||
- loaded_image->load_options_size = cmdline_len;
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
grub_file_close (file);
|
||||
grub_device_close (dev);
|
||||
|
||||
- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
|
||||
- return 0;
|
||||
-
|
||||
- fail:
|
||||
-
|
||||
+fail:
|
||||
if (dev)
|
||||
grub_device_close (dev);
|
||||
|
||||
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
|
||||
index aea378a..8890bdf 100644
|
||||
--- a/grub-core/loader/efi/linux.c
|
||||
+++ b/grub-core/loader/efi/linux.c
|
||||
@@ -33,21 +33,24 @@ struct grub_efi_shim_lock
|
||||
};
|
||||
typedef struct grub_efi_shim_lock grub_efi_shim_lock_t;
|
||||
|
||||
-grub_efi_boolean_t
|
||||
+int
|
||||
grub_linuxefi_secure_validate (void *data, grub_uint32_t size)
|
||||
{
|
||||
grub_efi_guid_t guid = SHIM_LOCK_GUID;
|
||||
grub_efi_shim_lock_t *shim_lock;
|
||||
+ grub_efi_status_t status;
|
||||
|
||||
shim_lock = grub_efi_locate_protocol(&guid, NULL);
|
||||
-
|
||||
+ grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock);
|
||||
if (!shim_lock)
|
||||
- return 1;
|
||||
+ return 0;
|
||||
|
||||
- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS)
|
||||
+ status = shim_lock->verify(data, size);
|
||||
+ grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", status);
|
||||
+ if (status == GRUB_EFI_SUCCESS)
|
||||
return 1;
|
||||
|
||||
- return 0;
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *);
|
||||
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
|
||||
index 7ccf32d..82f75b7 100644
|
||||
--- a/grub-core/loader/i386/efi/linux.c
|
||||
+++ b/grub-core/loader/i386/efi/linux.c
|
||||
@@ -155,6 +155,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
struct linux_kernel_header lh;
|
||||
grub_ssize_t len, start, filelen;
|
||||
void *kernel = NULL;
|
||||
+ int rc;
|
||||
|
||||
grub_dl_ref (my_mod);
|
||||
|
||||
@@ -180,13 +181,16 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
|
||||
if (grub_file_read (file, kernel, filelen) != filelen)
|
||||
{
|
||||
- grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]);
|
||||
+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"),
|
||||
+ argv[0]);
|
||||
goto fail;
|
||||
}
|
||||
|
||||
- if (! grub_linuxefi_secure_validate (kernel, filelen))
|
||||
+ rc = grub_linuxefi_secure_validate (kernel, filelen);
|
||||
+ if (rc < 0)
|
||||
{
|
||||
- grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]);
|
||||
+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"),
|
||||
+ argv[0]);
|
||||
grub_free (kernel);
|
||||
goto fail;
|
||||
}
|
||||
diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h
|
||||
index d9ede36..0033d93 100644
|
||||
--- a/include/grub/efi/linux.h
|
||||
+++ b/include/grub/efi/linux.h
|
||||
@@ -22,7 +22,7 @@
|
||||
#include <grub/err.h>
|
||||
#include <grub/symbol.h>
|
||||
|
||||
-grub_efi_boolean_t
|
||||
+int
|
||||
EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size);
|
||||
grub_err_t
|
||||
EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset,
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,76 +0,0 @@
|
||||
From 4f316cbb70563a26a8cb42ce5122c198cfd3636d Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Date: Mon, 10 Aug 2015 15:27:12 -0700
|
||||
Subject: [PATCH 84/85] Measure commands
|
||||
|
||||
Measure each command executed by grub, which includes script execution.
|
||||
---
|
||||
grub-core/script/execute.c | 25 +++++++++++++++++++++++--
|
||||
include/grub/tpm.h | 1 +
|
||||
2 files changed, 24 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
|
||||
index cf6cd66..9ae04a0 100644
|
||||
--- a/grub-core/script/execute.c
|
||||
+++ b/grub-core/script/execute.c
|
||||
@@ -30,6 +30,7 @@
|
||||
#ifdef GRUB_MACHINE_IEEE1275
|
||||
#include <grub/ieee1275/ieee1275.h>
|
||||
#endif
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
/* Max digits for a char is 3 (0xFF is 255), similarly for an int it
|
||||
is sizeof (int) * 3, and one extra for a possible -ve sign. */
|
||||
@@ -967,8 +968,9 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd)
|
||||
grub_err_t ret = 0;
|
||||
grub_script_function_t func = 0;
|
||||
char errnobuf[18];
|
||||
- char *cmdname;
|
||||
- int argc;
|
||||
+ char *cmdname, *cmdstring;
|
||||
+ int argc, offset = 0, cmdlen = 0;
|
||||
+ unsigned int i;
|
||||
char **args;
|
||||
int invert;
|
||||
struct grub_script_argv argv = { 0, 0, 0 };
|
||||
@@ -977,6 +979,25 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd)
|
||||
if (grub_script_arglist_to_argv (cmdline->arglist, &argv) || ! argv.args[0])
|
||||
return grub_errno;
|
||||
|
||||
+ for (i = 0; i < argv.argc; i++) {
|
||||
+ cmdlen += grub_strlen (argv.args[i]) + 1;
|
||||
+ }
|
||||
+
|
||||
+ cmdstring = grub_malloc (cmdlen);
|
||||
+ if (!cmdstring)
|
||||
+ {
|
||||
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
|
||||
+ N_("cannot allocate command buffer"));
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < argv.argc; i++) {
|
||||
+ offset += grub_snprintf (cmdstring + offset, cmdlen - offset, "%s ",
|
||||
+ argv.args[i]);
|
||||
+ }
|
||||
+ cmdstring[cmdlen-1]= '\0';
|
||||
+ grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_COMMAND_PCR,
|
||||
+ cmdstring);
|
||||
+ grub_free(cmdstring);
|
||||
invert = 0;
|
||||
argc = argv.argc - 1;
|
||||
args = argv.args + 1;
|
||||
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
|
||||
index 40d3cf6..7fc9d77 100644
|
||||
--- a/include/grub/tpm.h
|
||||
+++ b/include/grub/tpm.h
|
||||
@@ -30,6 +30,7 @@
|
||||
#define GRUB_KERNEL_PCR 10
|
||||
#define GRUB_INITRD_PCR 11
|
||||
#define GRUB_CMDLINE_PCR 12
|
||||
+#define GRUB_COMMAND_PCR 13
|
||||
|
||||
#define TPM_TAG_RQU_COMMAND 0x00C1
|
||||
#define TPM_ORD_Extend 0x14
|
||||
--
|
||||
2.5.0
|
||||
|
25
0084-linuxefi-fix-double-free-on-verification-failure.patch
Normal file
25
0084-linuxefi-fix-double-free-on-verification-failure.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From 0a3a4d0b69b5d68f3e4b6b74fe2e6b5d4dcace4f Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Jun 2016 09:50:25 -0400
|
||||
Subject: [PATCH 84/90] linuxefi: fix double free on verification failure.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/loader/i386/efi/linux.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
|
||||
index 82f75b7..010bf98 100644
|
||||
--- a/grub-core/loader/i386/efi/linux.c
|
||||
+++ b/grub-core/loader/i386/efi/linux.c
|
||||
@@ -191,7 +191,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
||||
{
|
||||
grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"),
|
||||
argv[0]);
|
||||
- grub_free (kernel);
|
||||
goto fail;
|
||||
}
|
||||
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,76 +0,0 @@
|
||||
From 85e100453d04e56088e4b9782d2f06dc0122587f Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Tue, 1 Sep 2015 16:02:55 -0700
|
||||
Subject: [PATCH 85/85] Measure multiboot images and modules
|
||||
|
||||
---
|
||||
grub-core/loader/i386/multiboot_mbi.c | 3 +++
|
||||
grub-core/loader/multiboot.c | 2 ++
|
||||
grub-core/loader/multiboot_mbi2.c | 3 +++
|
||||
3 files changed, 8 insertions(+)
|
||||
|
||||
diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c
|
||||
index f60b702..43a08e4 100644
|
||||
--- a/grub-core/loader/i386/multiboot_mbi.c
|
||||
+++ b/grub-core/loader/i386/multiboot_mbi.c
|
||||
@@ -36,6 +36,7 @@
|
||||
#include <grub/net.h>
|
||||
#include <grub/i18n.h>
|
||||
#include <grub/lib/cmdline.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
#ifdef GRUB_MACHINE_EFI
|
||||
#include <grub/efi/efi.h>
|
||||
@@ -164,6 +165,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
|
||||
return grub_errno;
|
||||
}
|
||||
|
||||
+ grub_tpm_measure((unsigned char*)buffer, len, GRUB_KERNEL_PCR, filename);
|
||||
+
|
||||
header = find_header (buffer, len);
|
||||
|
||||
if (header == 0)
|
||||
diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c
|
||||
index 64a6513..58e6329 100644
|
||||
--- a/grub-core/loader/multiboot.c
|
||||
+++ b/grub-core/loader/multiboot.c
|
||||
@@ -43,6 +43,7 @@
|
||||
#include <grub/memory.h>
|
||||
#include <grub/i18n.h>
|
||||
#include <grub/efi/sb.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
GRUB_MOD_LICENSE ("GPLv3+");
|
||||
|
||||
@@ -385,6 +386,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
|
||||
}
|
||||
|
||||
grub_file_close (file);
|
||||
+ grub_tpm_measure (module, size, GRUB_KERNEL_PCR, argv[0]);
|
||||
return GRUB_ERR_NONE;
|
||||
}
|
||||
|
||||
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
|
||||
index f147d67..8f163ea 100644
|
||||
--- a/grub-core/loader/multiboot_mbi2.c
|
||||
+++ b/grub-core/loader/multiboot_mbi2.c
|
||||
@@ -36,6 +36,7 @@
|
||||
#include <grub/i18n.h>
|
||||
#include <grub/net.h>
|
||||
#include <grub/lib/cmdline.h>
|
||||
+#include <grub/tpm.h>
|
||||
|
||||
#if defined (GRUB_MACHINE_EFI)
|
||||
#include <grub/efi/efi.h>
|
||||
@@ -126,6 +127,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
|
||||
|
||||
COMPILE_TIME_ASSERT (MULTIBOOT_HEADER_ALIGN % 4 == 0);
|
||||
|
||||
+ grub_tpm_measure ((unsigned char *)buffer, len, GRUB_KERNEL_PCR, filename);
|
||||
+
|
||||
header = find_header (buffer, len);
|
||||
|
||||
if (header == 0)
|
||||
--
|
||||
2.5.0
|
||||
|
25
0085-fix-machine-type-test-in-30_os-prober.in.patch
Normal file
25
0085-fix-machine-type-test-in-30_os-prober.in.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From be4d338b0c086e9cbbd2d353cd88abad67c000c9 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Mon, 11 Jul 2016 13:36:45 -0400
|
||||
Subject: [PATCH 85/90] fix machine type test in 30_os-prober.in
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
util/grub.d/30_os-prober.in | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
|
||||
index dc98eac..e40274f 100644
|
||||
--- a/util/grub.d/30_os-prober.in
|
||||
+++ b/util/grub.d/30_os-prober.in
|
||||
@@ -144,6 +144,7 @@ for OS in ${OSPROBED} ; do
|
||||
sixteenbit=""
|
||||
linuxefi="linux"
|
||||
initrdefi="initrd"
|
||||
+ machine=`uname -m`
|
||||
case "$machine" in
|
||||
i?86|x86_64)
|
||||
sixteenbit="16"
|
||||
--
|
||||
2.9.3
|
||||
|
44
0086-ppc64le-has-no-separate-boot-mount-1261926.patch
Normal file
44
0086-ppc64le-has-no-separate-boot-mount-1261926.patch
Normal file
@ -0,0 +1,44 @@
|
||||
From 12a2215a6f13f2503a9e38d84fff64789c6a34b7 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Marshall <rmarshall@redhat.com>
|
||||
Date: Fri, 17 Jun 2016 11:47:34 -0400
|
||||
Subject: [PATCH 86/90] ppc64le has no separate /boot mount (#1261926)
|
||||
|
||||
The patch for rhbz#1212114 ensures that ppc64le systems sync grub config
|
||||
changes to disk prior to grub-mkconfig completion and a reboot.
|
||||
|
||||
This patch required checking for /boot as its own mount point because
|
||||
issuing fsfreeze to a root partition is unwise. For administrators who
|
||||
configured a ppc64le system with no separate /boot partition, the failed
|
||||
check results in an error message. The file is written and would work
|
||||
most of the time, however, it also introduces a corner case where the
|
||||
behavior manifested in rhbz#1212114 could re-appear on these systems.
|
||||
|
||||
The system call issued by fsfreeeze is being issued by methods within
|
||||
the anaconda installer and can be removed from GRUB proper.
|
||||
|
||||
Related: rhbz#1315468
|
||||
Resolves: rhbz#1261926
|
||||
---
|
||||
util/grub-mkconfig.in | 9 ---------
|
||||
1 file changed, 9 deletions(-)
|
||||
|
||||
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
|
||||
index 73a18f7..fb87247 100644
|
||||
--- a/util/grub-mkconfig.in
|
||||
+++ b/util/grub-mkconfig.in
|
||||
@@ -294,12 +294,3 @@ fi
|
||||
|
||||
gettext "done" >&2
|
||||
echo >&2
|
||||
-
|
||||
-# make sure changes make it to the disk.
|
||||
-# if /boot is a mountpoint, force the meta data on disk
|
||||
-# to by-pass writeback delay.
|
||||
-# PPC64LE-only to deal with Petitboot issues
|
||||
-ARCH=$(uname -m)
|
||||
-if [ "${ARCH}" = "ppc64le" ]; then
|
||||
- sync && mountpoint -q /boot &&fsfreeze -f /boot && fsfreeze -u /boot
|
||||
-fi
|
||||
--
|
||||
2.9.3
|
||||
|
302
0087-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch
Normal file
302
0087-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch
Normal file
@ -0,0 +1,302 @@
|
||||
From d3d42740661dce4df12330e57a1681a3b296622e Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Thu, 23 Jun 2016 11:01:39 -0400
|
||||
Subject: [PATCH 87/90] Add grub-get-kernel-settings and use it in 10_linux
|
||||
|
||||
This patch adds grub-get-kernel-settings, which reads the system kernel
|
||||
installation configuration from /etc/sysconfig/kernel, and outputs
|
||||
${GRUB_...} variables suitable for evaluation by grub-mkconfig. Those
|
||||
variables are then used by 10_linux to choose whether or not to create
|
||||
debug stanzas.
|
||||
|
||||
Resolves: rhbz#1226325
|
||||
---
|
||||
.gitignore | 1 +
|
||||
Makefile.util.def | 7 +++
|
||||
configure.ac | 2 +
|
||||
util/bash-completion.d/grub-completion.bash.in | 22 ++++++++
|
||||
util/grub-get-kernel-settings.3 | 20 +++++++
|
||||
util/grub-get-kernel-settings.in | 78 ++++++++++++++++++++++++++
|
||||
util/grub-mkconfig.in | 3 +
|
||||
util/grub.d/10_linux.in | 23 ++++++--
|
||||
8 files changed, 151 insertions(+), 5 deletions(-)
|
||||
create mode 100644 util/grub-get-kernel-settings.3
|
||||
create mode 100644 util/grub-get-kernel-settings.in
|
||||
|
||||
diff --git a/.gitignore b/.gitignore
|
||||
index 53a391e..f2f1ef5 100644
|
||||
--- a/.gitignore
|
||||
+++ b/.gitignore
|
||||
@@ -112,6 +112,7 @@ grub-emu-lite
|
||||
grub-file
|
||||
grub-fs-tester
|
||||
grub-fstest
|
||||
+grub-get-kernel-settings
|
||||
grub-glue-efi
|
||||
grub-install
|
||||
grub-kbdcomp
|
||||
diff --git a/Makefile.util.def b/Makefile.util.def
|
||||
index 8007de9..38cdf4c 100644
|
||||
--- a/Makefile.util.def
|
||||
+++ b/Makefile.util.def
|
||||
@@ -716,6 +716,13 @@ script = {
|
||||
};
|
||||
|
||||
script = {
|
||||
+ name = grub-get-kernel-settings;
|
||||
+ common = util/grub-get-kernel-settings.in;
|
||||
+ mansection = 3;
|
||||
+ installdir = sbin;
|
||||
+};
|
||||
+
|
||||
+script = {
|
||||
name = grub-set-default;
|
||||
common = util/grub-set-default.in;
|
||||
mansection = 8;
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 25de2c1..1d8f7e7 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -58,6 +58,7 @@ grub_TRANSFORM([grub-install])
|
||||
grub_TRANSFORM([grub-mkconfig])
|
||||
grub_TRANSFORM([grub-mkfont])
|
||||
grub_TRANSFORM([grub-mkimage])
|
||||
+grub_TRANSFORM([grub-get-kernel-settings])
|
||||
grub_TRANSFORM([grub-glue-efi])
|
||||
grub_TRANSFORM([grub-mklayout])
|
||||
grub_TRANSFORM([grub-mkpasswd-pbkdf2])
|
||||
@@ -75,6 +76,7 @@ grub_TRANSFORM([grub-file])
|
||||
grub_TRANSFORM([grub-bios-setup.3])
|
||||
grub_TRANSFORM([grub-editenv.1])
|
||||
grub_TRANSFORM([grub-fstest.3])
|
||||
+grub_TRANSFORM([grub-get-kernel-settings.3])
|
||||
grub_TRANSFORM([grub-glue-efi.3])
|
||||
grub_TRANSFORM([grub-install.1])
|
||||
grub_TRANSFORM([grub-kbdcomp.3])
|
||||
diff --git a/util/bash-completion.d/grub-completion.bash.in b/util/bash-completion.d/grub-completion.bash.in
|
||||
index 44bf135..5c4acd4 100644
|
||||
--- a/util/bash-completion.d/grub-completion.bash.in
|
||||
+++ b/util/bash-completion.d/grub-completion.bash.in
|
||||
@@ -265,6 +265,28 @@ unset __grub_sparc64_setup_program
|
||||
|
||||
|
||||
#
|
||||
+# grub-get-kernel-settings
|
||||
+#
|
||||
+_grub_get_kernel_settings () {
|
||||
+ local cur
|
||||
+
|
||||
+ COMPREPLY=()
|
||||
+ cur=`_get_cword`
|
||||
+
|
||||
+ if [[ "$cur" == -* ]]; then
|
||||
+ __grubcomp "$(__grub_get_options_from_help)"
|
||||
+ else
|
||||
+ # Default complete with a filename
|
||||
+ _filedir
|
||||
+ fi
|
||||
+}
|
||||
+__grub_get_kernel_settings_program="@grub_get_kernel_settings@"
|
||||
+have ${__grub_get_kernel_settings_program} && \
|
||||
+ complete -F _grub_get_kernel_settings -o filenames ${__grub_get_kernel_settings_program}
|
||||
+unset __grub_get_kernel_settings_program
|
||||
+
|
||||
+
|
||||
+#
|
||||
# grub-install
|
||||
#
|
||||
_grub_install () {
|
||||
diff --git a/util/grub-get-kernel-settings.3 b/util/grub-get-kernel-settings.3
|
||||
new file mode 100644
|
||||
index 0000000..ba33330
|
||||
--- /dev/null
|
||||
+++ b/util/grub-get-kernel-settings.3
|
||||
@@ -0,0 +1,20 @@
|
||||
+.TH GRUB-GET-KERNEL-SETTINGS 3 "Thu Jun 25 2015"
|
||||
+.SH NAME
|
||||
+\fBgrub-get-kernel-settings\fR \(em Evaluate the system's kernel installation settings for use while making a grub configuration file.
|
||||
+
|
||||
+.SH SYNOPSIS
|
||||
+\fBgrub-get-kernel-settings\fR [OPTION]
|
||||
+
|
||||
+.SH DESCRIPTION
|
||||
+\fBgrub-get-kernel-settings\fR reads the kernel installation settings on the host system, and emits a set of grub settings suitable for use when creating a grub configuration file.
|
||||
+
|
||||
+.SH OPTIONS
|
||||
+.TP
|
||||
+-h, --help
|
||||
+Display program usage and exit.
|
||||
+.TP
|
||||
+-v, --version
|
||||
+Display the current version.
|
||||
+
|
||||
+.SH SEE ALSO
|
||||
+.BR "info grub"
|
||||
diff --git a/util/grub-get-kernel-settings.in b/util/grub-get-kernel-settings.in
|
||||
new file mode 100644
|
||||
index 0000000..1204621
|
||||
--- /dev/null
|
||||
+++ b/util/grub-get-kernel-settings.in
|
||||
@@ -0,0 +1,78 @@
|
||||
+#!/bin/sh
|
||||
+set -e
|
||||
+
|
||||
+# Evaluate new-kernel-pkg's configuration file.
|
||||
+# Copyright (C) 2016 Free Software Foundation, Inc.
|
||||
+#
|
||||
+# GRUB is free software: you can redistribute it and/or modify
|
||||
+# it under the terms of the GNU General Public License as published by
|
||||
+# the Free Software Foundation, either version 3 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+#
|
||||
+# GRUB is distributed in the hope that it will be useful,
|
||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+# GNU General Public License for more details.
|
||||
+#
|
||||
+# You should have received a copy of the GNU General Public License
|
||||
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
||||
+
|
||||
+PACKAGE_NAME=@PACKAGE_NAME@
|
||||
+PACKAGE_VERSION=@PACKAGE_VERSION@
|
||||
+datadir="@datadir@"
|
||||
+if [ "x$pkgdatadir" = x ]; then
|
||||
+ pkgdatadir="${datadir}/@PACKAGE@"
|
||||
+fi
|
||||
+
|
||||
+self=`basename $0`
|
||||
+
|
||||
+export TEXTDOMAIN=@PACKAGE@
|
||||
+export TEXTDOMAINDIR="@localedir@"
|
||||
+
|
||||
+. "${pkgdatadir}/grub-mkconfig_lib"
|
||||
+
|
||||
+# Usage: usage
|
||||
+# Print the usage.
|
||||
+usage () {
|
||||
+ gettext_printf "Usage: %s [OPTION]\n" "$self"
|
||||
+ gettext "Evaluate new-kernel-pkg configuration"; echo
|
||||
+ echo
|
||||
+ print_option_help "-h, --help" "$(gettext "print this message and exit")"
|
||||
+ print_option_help "-v, --version" "$(gettext "print the version information and exit")"
|
||||
+ echo
|
||||
+}
|
||||
+
|
||||
+# Check the arguments.
|
||||
+while test $# -gt 0
|
||||
+do
|
||||
+ option=$1
|
||||
+ shift
|
||||
+
|
||||
+ case "$option" in
|
||||
+ -h | --help)
|
||||
+ usage
|
||||
+ exit 0 ;;
|
||||
+ -v | --version)
|
||||
+ echo "$self (${PACKAGE_NAME}) ${PACKAGE_VERSION}"
|
||||
+ exit 0 ;;
|
||||
+ -*)
|
||||
+ gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2
|
||||
+ usage
|
||||
+ exit 1
|
||||
+ ;;
|
||||
+ # Explicitly ignore non-option arguments, for compatibility.
|
||||
+ esac
|
||||
+done
|
||||
+
|
||||
+if test -f /etc/sysconfig/kernel ; then
|
||||
+ . /etc/sysconfig/kernel
|
||||
+fi
|
||||
+
|
||||
+if [ "$MAKEDEBUG" = "yes" ]; then
|
||||
+ echo GRUB_LINUX_MAKE_DEBUG=true
|
||||
+ echo export GRUB_LINUX_MAKE_DEBUG
|
||||
+ echo GRUB_CMDLINE_LINUX_DEBUG=\"systemd.log_level=debug systemd.log_target=kmsg\"
|
||||
+ echo export GRUB_CMDLINE_LINUX_DEBUG
|
||||
+ echo GRUB_LINUX_DEBUG_TITLE_POSTFIX=\" with debugging\"
|
||||
+ echo export GRUB_LINUX_DEBUG_TITLE_POSTFIX
|
||||
+fi
|
||||
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
|
||||
index fb87247..e32de5e 100644
|
||||
--- a/util/grub-mkconfig.in
|
||||
+++ b/util/grub-mkconfig.in
|
||||
@@ -45,6 +45,7 @@ grub_probe="${sbindir}/@grub_probe@"
|
||||
grub_file="${bindir}/@grub_file@"
|
||||
grub_editenv="${bindir}/@grub_editenv@"
|
||||
grub_script_check="${bindir}/@grub_script_check@"
|
||||
+grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@"
|
||||
|
||||
export TEXTDOMAIN=@PACKAGE@
|
||||
export TEXTDOMAINDIR="@localedir@"
|
||||
@@ -151,6 +152,8 @@ if test -f ${sysconfdir}/default/grub ; then
|
||||
. ${sysconfdir}/default/grub
|
||||
fi
|
||||
|
||||
+eval "$("${grub_get_kernel_settings}")" || true
|
||||
+
|
||||
if [ "x$GRUB_DISABLE_UUID" != "xtrue" -a -z "$GRUB_DEVICE_UUID" ]; then
|
||||
GRUB_DEVICE_UUID="$GRUB_DEVICE_UUID_GENERATED"
|
||||
fi
|
||||
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
||||
index 1215241..0c5b227 100644
|
||||
--- a/util/grub.d/10_linux.in
|
||||
+++ b/util/grub.d/10_linux.in
|
||||
@@ -84,7 +84,8 @@ linux_entry ()
|
||||
os="$1"
|
||||
version="$2"
|
||||
type="$3"
|
||||
- args="$4"
|
||||
+ isdebug="$4"
|
||||
+ args="$5"
|
||||
|
||||
sixteenbit=""
|
||||
linuxefi="linux"
|
||||
@@ -116,6 +117,9 @@ linux_entry ()
|
||||
quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
|
||||
title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
|
||||
fi
|
||||
+ if [ x$isdebug = xdebug ]; then
|
||||
+ title="$title${GRUB_LINUX_DEBUG_TITLE_POSTFIX}"
|
||||
+ fi
|
||||
echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
|
||||
else
|
||||
echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
|
||||
@@ -273,11 +277,15 @@ while [ "x$list" != "x" ] ; do
|
||||
fi
|
||||
|
||||
if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xtrue ]; then
|
||||
- linux_entry "${OS}" "${version}" simple \
|
||||
+ linux_entry "${OS}" "${version}" simple standard \
|
||||
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
|
||||
+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then
|
||||
+ linux_entry "${OS}" "${version}" simple debug \
|
||||
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}"
|
||||
+ fi
|
||||
|
||||
submenu_indentation="$grub_tab"
|
||||
-
|
||||
+
|
||||
if [ -z "$boot_device_id" ]; then
|
||||
boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
|
||||
fi
|
||||
@@ -286,10 +294,15 @@ while [ "x$list" != "x" ] ; do
|
||||
is_top_level=false
|
||||
fi
|
||||
|
||||
- linux_entry "${OS}" "${version}" advanced \
|
||||
+ linux_entry "${OS}" "${version}" advanced standard \
|
||||
"${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
|
||||
+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then
|
||||
+ linux_entry "${OS}" "${version}" advanced debug \
|
||||
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}"
|
||||
+ fi
|
||||
+
|
||||
if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
|
||||
- linux_entry "${OS}" "${version}" recovery \
|
||||
+ linux_entry "${OS}" "${version}" recovery standard \
|
||||
"single ${GRUB_CMDLINE_LINUX}"
|
||||
fi
|
||||
|
||||
--
|
||||
2.9.3
|
||||
|
58
0088-Normalize-slashes-in-tftp-paths.patch
Normal file
58
0088-Normalize-slashes-in-tftp-paths.patch
Normal file
@ -0,0 +1,58 @@
|
||||
From 22d26153c1d92b8a42d1ec823b7f7c77c1cc0a8c Mon Sep 17 00:00:00 2001
|
||||
From: Lenny Szubowicz <lszubowi@redhat.com>
|
||||
Date: Mon, 29 Aug 2016 11:04:48 -0400
|
||||
Subject: [PATCH 88/90] Normalize slashes in tftp paths.
|
||||
|
||||
Some tftp servers do not handle multiple consecutive slashes correctly;
|
||||
this patch avoids sending tftp requests with non-normalized paths.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
grub-core/net/tftp.c | 24 +++++++++++++++++++++++-
|
||||
1 file changed, 23 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
|
||||
index 7d90bf6..63bbc28 100644
|
||||
--- a/grub-core/net/tftp.c
|
||||
+++ b/grub-core/net/tftp.c
|
||||
@@ -300,6 +300,25 @@ destroy_pq (tftp_data_t data)
|
||||
grub_priority_queue_destroy (data->pq);
|
||||
}
|
||||
|
||||
+/* Create a normalized copy of the filename.
|
||||
+ Compress any string of consecutive forward slashes to a single forward
|
||||
+ slash. */
|
||||
+static void
|
||||
+grub_normalize_filename (char *normalized, const char *filename)
|
||||
+{
|
||||
+ char *dest = normalized;
|
||||
+ char *src = filename;
|
||||
+
|
||||
+ while (*src != '\0')
|
||||
+ {
|
||||
+ if (src[0] == '/' && src[1] == '/')
|
||||
+ src++;
|
||||
+ else
|
||||
+ *dest++ = *src++;
|
||||
+ }
|
||||
+ *dest = '\0';
|
||||
+}
|
||||
+
|
||||
static grub_err_t
|
||||
tftp_open (struct grub_file *file, const char *filename)
|
||||
{
|
||||
@@ -337,7 +356,10 @@ tftp_open (struct grub_file *file, const char *filename)
|
||||
rrqlen = 0;
|
||||
|
||||
tftph->opcode = grub_cpu_to_be16_compile_time (TFTP_RRQ);
|
||||
- grub_strcpy (rrq, filename);
|
||||
+
|
||||
+ /* Copy and normalize the filename to work-around issues on some tftp
|
||||
+ servers when file names are being matched for remapping. */
|
||||
+ grub_normalize_filename (rrq, filename);
|
||||
rrqlen += grub_strlen (filename) + 1;
|
||||
rrq += grub_strlen (filename) + 1;
|
||||
|
||||
--
|
||||
2.9.3
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user