diff --git a/0501-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch b/0501-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch new file mode 100644 index 0000000000000000000000000000000000000000..a2d6ebc22d379cddb130e179de42b30635a43d33 --- /dev/null +++ b/0501-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch @@ -0,0 +1,221 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Sun, 15 Mar 2020 12:37:10 -0400 +Subject: [PATCH] ibmvtpm: Add support for trusted boot using a vTPM 2.0 + +Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275 +PowerPC platform. With this patch grub now measures text and binary data +into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform +does. + +This patch requires Daniel Axtens's patches for claiming more memory. + +For vTPM support to work on PowerVM, system driver levels 1010.30 +or 1020.00 are required. + +Note: Previous versions of firmware levels with the 2hash-ext-log +API call have a bug that, once this API call is invoked, has the +effect of disabling the vTPM driver under Linux causing an error +message to be displayed in the Linux kernel log. Those users will +have to update their machines to the firmware levels mentioned +above. + +Cc: Eric Snowberg +Signed-off-by: Stefan Berger +--- + grub-core/Makefile.core.def | 7 ++ + grub-core/commands/ieee1275/ibmvtpm.c | 152 ++++++++++++++++++++++++++++++++++ + include/grub/ieee1275/ieee1275.h | 3 + + 3 files changed, 162 insertions(+) + create mode 100644 grub-core/commands/ieee1275/ibmvtpm.c + +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index ef06f8c95a..b11f74e6b2 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -1104,6 +1104,13 @@ module = { + enable = powerpc_ieee1275; + }; + ++module = { ++ name = tpm; ++ common = commands/tpm.c; ++ ieee1275 = commands/ieee1275/ibmvtpm.c; ++ enable = powerpc_ieee1275; ++}; ++ + module = { + name = terminal; + common = commands/terminal.c; +diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c +new file mode 100644 +index 0000000000..e68b8448bc +--- /dev/null ++++ b/grub-core/commands/ieee1275/ibmvtpm.c +@@ -0,0 +1,152 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2021 Free Software Foundation, Inc. ++ * Copyright (C) 2021 IBM Corporation ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ * ++ * IBM vTPM support code. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static grub_ieee1275_ihandle_t tpm_ihandle; ++static grub_uint8_t tpm_version; ++ ++#define IEEE1275_IHANDLE_INVALID ((grub_ieee1275_ihandle_t)0) ++ ++static void ++tpm_get_tpm_version (void) ++{ ++ grub_ieee1275_phandle_t vtpm; ++ char buffer[20]; ++ ++ if (!grub_ieee1275_finddevice ("/vdevice/vtpm", &vtpm) && ++ !grub_ieee1275_get_property (vtpm, "compatible", buffer, ++ sizeof (buffer), NULL) && ++ !grub_strcmp (buffer, "IBM,vtpm20")) ++ tpm_version = 2; ++} ++ ++static grub_err_t ++tpm_init (void) ++{ ++ static int init_success = 0; ++ ++ if (!init_success) ++ { ++ if (grub_ieee1275_open ("/vdevice/vtpm", &tpm_ihandle) < 0) { ++ tpm_ihandle = IEEE1275_IHANDLE_INVALID; ++ return GRUB_ERR_UNKNOWN_DEVICE; ++ } ++ ++ init_success = 1; ++ ++ tpm_get_tpm_version (); ++ } ++ ++ return GRUB_ERR_NONE; ++} ++ ++static int ++ibmvtpm_2hash_ext_log (grub_uint8_t pcrindex, ++ grub_uint32_t eventtype, ++ const char *description, ++ grub_size_t description_size, ++ void *buf, grub_size_t size) ++{ ++ struct tpm_2hash_ext_log ++ { ++ struct grub_ieee1275_common_hdr common; ++ grub_ieee1275_cell_t method; ++ grub_ieee1275_cell_t ihandle; ++ grub_ieee1275_cell_t size; ++ grub_ieee1275_cell_t buf; ++ grub_ieee1275_cell_t description_size; ++ grub_ieee1275_cell_t description; ++ grub_ieee1275_cell_t eventtype; ++ grub_ieee1275_cell_t pcrindex; ++ grub_ieee1275_cell_t catch_result; ++ grub_ieee1275_cell_t rc; ++ } ++ args; ++ ++ INIT_IEEE1275_COMMON (&args.common, "call-method", 8, 2); ++ args.method = (grub_ieee1275_cell_t) "2hash-ext-log"; ++ args.ihandle = tpm_ihandle; ++ args.pcrindex = pcrindex; ++ args.eventtype = eventtype; ++ args.description = (grub_ieee1275_cell_t) description; ++ args.description_size = description_size; ++ args.buf = (grub_ieee1275_cell_t) buf; ++ args.size = (grub_ieee1275_cell_t) size; ++ ++ if (IEEE1275_CALL_ENTRY_FN (&args) == -1) ++ return -1; ++ ++ /* ++ * catch_result is set if firmware does not support 2hash-ext-log ++ * rc is GRUB_IEEE1275_CELL_FALSE (0) on failure ++ */ ++ if ((args.catch_result) || args.rc == GRUB_IEEE1275_CELL_FALSE) ++ return -1; ++ ++ return 0; ++} ++ ++static grub_err_t ++tpm2_log_event (unsigned char *buf, ++ grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ static int error_displayed = 0; ++ int err; ++ ++ err = ibmvtpm_2hash_ext_log (pcr, EV_IPL, ++ description, ++ grub_strlen(description) + 1, ++ buf, size); ++ if (err && !error_displayed) ++ { ++ error_displayed++; ++ return grub_error (GRUB_ERR_BAD_DEVICE, ++ "2HASH-EXT-LOG failed: Firmware is likely too old.\n"); ++ } ++ ++ return GRUB_ERR_NONE; ++} ++ ++grub_err_t ++grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, ++ const char *description) ++{ ++ grub_err_t err = tpm_init(); ++ ++ /* Absence of a TPM isn't a failure. */ ++ if (err != GRUB_ERR_NONE) ++ return GRUB_ERR_NONE; ++ ++ grub_dprintf ("tpm", "log_event, pcr = %d, size = 0x%" PRIxGRUB_SIZE ", %s\n", ++ pcr, size, description); ++ ++ if (tpm_version == 2) ++ return tpm2_log_event (buf, size, pcr, description); ++ ++ return GRUB_ERR_NONE; ++} +diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h +index 131808d619..87b9f95d34 100644 +--- a/include/grub/ieee1275/ieee1275.h ++++ b/include/grub/ieee1275/ieee1275.h +@@ -24,6 +24,9 @@ + #include + #include + ++#define GRUB_IEEE1275_CELL_FALSE ((grub_ieee1275_cell_t) 0) ++#define GRUB_IEEE1275_CELL_TRUE ((grub_ieee1275_cell_t) -1) ++ + struct grub_ieee1275_mem_region + { + unsigned int start; diff --git a/0502-ibmvtpm-Backport-ibmvtpm-support-to-grub-2.02.patch b/0502-ibmvtpm-Backport-ibmvtpm-support-to-grub-2.02.patch new file mode 100644 index 0000000000000000000000000000000000000000..ba6a869a2c1accec46e508dac79905bda1a15700 --- /dev/null +++ b/0502-ibmvtpm-Backport-ibmvtpm-support-to-grub-2.02.patch @@ -0,0 +1,94 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Fri, 11 Feb 2022 16:34:23 -0500 +Subject: [PATCH] ibmvtpm: Backport ibmvtpm support to grub 2.02 + +Backport ibmvtpm support to grub 2.02 by making as few changes to the +source as possible and building it into the core. + +Since ibmvtpm support is built into grub 2.02 do not print the error +message we would typically print if it was a module and the user had +a choice to not use vTPM support if there was no vTPM by avoiding +to use the module. + +Signed-off-by: Stefan Berger +--- + grub-core/Makefile.core.def | 8 +------- + grub-core/commands/ieee1275/ibmvtpm.c | 13 ++++++++++--- + include/grub/tpm.h | 2 +- + 3 files changed, 12 insertions(+), 11 deletions(-) + +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index b11f74e6b2..637d7203e3 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -298,6 +298,7 @@ kernel = { + powerpc_ieee1275 = kern/powerpc/cache.S; + powerpc_ieee1275 = kern/powerpc/dl.c; + powerpc_ieee1275 = kern/powerpc/compiler-rt.S; ++ powerpc_ieee1275 = commands/ieee1275/ibmvtpm.c; + + sparc64_ieee1275 = kern/sparc64/cache.S; + sparc64_ieee1275 = kern/sparc64/dl.c; +@@ -1104,13 +1105,6 @@ module = { + enable = powerpc_ieee1275; + }; + +-module = { +- name = tpm; +- common = commands/tpm.c; +- ieee1275 = commands/ieee1275/ibmvtpm.c; +- enable = powerpc_ieee1275; +-}; +- + module = { + name = terminal; + common = commands/terminal.c; +diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c +index e68b8448bc..728b2cbdcd 100644 +--- a/grub-core/commands/ieee1275/ibmvtpm.c ++++ b/grub-core/commands/ieee1275/ibmvtpm.c +@@ -115,7 +115,8 @@ tpm2_log_event (unsigned char *buf, + grub_size_t size, grub_uint8_t pcr, + const char *description) + { +- static int error_displayed = 0; ++ /* Do not print error since vTPM support is built-in */ ++ static int error_displayed = 1; + int err; + + err = ibmvtpm_2hash_ext_log (pcr, EV_IPL, +@@ -132,8 +133,8 @@ tpm2_log_event (unsigned char *buf, + return GRUB_ERR_NONE; + } + +-grub_err_t +-grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, ++static grub_err_t ++_grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, + const char *description) + { + grub_err_t err = tpm_init(); +@@ -150,3 +151,9 @@ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, + + return GRUB_ERR_NONE; + } ++ ++grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size, ++ grub_uint8_t pcr, const char *description) ++{ ++ return _grub_tpm_measure(buf, size, pcr, description); ++} +diff --git a/include/grub/tpm.h b/include/grub/tpm.h +index ce52be4ff7..52af2b8448 100644 +--- a/include/grub/tpm.h ++++ b/include/grub/tpm.h +@@ -69,7 +69,7 @@ typedef struct { + grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size, + grub_uint8_t pcr, const char *kind, + const char *description); +-#if defined (GRUB_MACHINE_EFI) ++#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_IEEE1275) + grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf, + PassThroughToTPM_OutputParamBlock *outbuf); + grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size, diff --git a/0503-powerpc-do-CAS-in-a-more-compatible-way.patch b/0503-powerpc-do-CAS-in-a-more-compatible-way.patch new file mode 100644 index 0000000000000000000000000000000000000000..b33cab3257287e55d7369f66cdb30a733b97b7fa --- /dev/null +++ b/0503-powerpc-do-CAS-in-a-more-compatible-way.patch @@ -0,0 +1,112 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Fri, 8 Apr 2022 12:35:28 +1000 +Subject: [PATCH] powerpc: do CAS in a more compatible way + +I wrongly assumed that the most compatible way to perform CAS +negotiation was to only set the minimum number of vectors required +to ask for more memory. It turns out that this messes up booting +if the minimum VP capacity would be less than the default 10% in +vector 4. + +Linux configures the minimum capacity to be 1%, so copy it for that +and for vector 3 which we now need to specify as well. + +Signed-off-by: Daniel Axtens +(cherry picked from commit e6f02ad4e75cd995a8ee2954d28949c415b6cbfe) +(cherry picked from commit 9f825ebc319c56ca503741e6dc1a0f27ff36fe2d) +--- + grub-core/kern/ieee1275/init.c | 54 ++++++++++++++++++++++++------------------ + 1 file changed, 31 insertions(+), 23 deletions(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index adf4bd5a88..1414695cc6 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -294,33 +294,37 @@ grub_ieee1275_total_mem (grub_uint64_t *total) + + /* Based on linux - arch/powerpc/kernel/prom_init.c */ + struct option_vector2 { +- grub_uint8_t byte1; +- grub_uint16_t reserved; +- grub_uint32_t real_base; +- grub_uint32_t real_size; +- grub_uint32_t virt_base; +- grub_uint32_t virt_size; +- grub_uint32_t load_base; +- grub_uint32_t min_rma; +- grub_uint32_t min_load; +- grub_uint8_t min_rma_percent; +- grub_uint8_t max_pft_size; ++ grub_uint8_t byte1; ++ grub_uint16_t reserved; ++ grub_uint32_t real_base; ++ grub_uint32_t real_size; ++ grub_uint32_t virt_base; ++ grub_uint32_t virt_size; ++ grub_uint32_t load_base; ++ grub_uint32_t min_rma; ++ grub_uint32_t min_load; ++ grub_uint8_t min_rma_percent; ++ grub_uint8_t max_pft_size; + } __attribute__((packed)); + + struct pvr_entry { +- grub_uint32_t mask; +- grub_uint32_t entry; ++ grub_uint32_t mask; ++ grub_uint32_t entry; + }; + + struct cas_vector { +- struct { +- struct pvr_entry terminal; +- } pvr_list; +- grub_uint8_t num_vecs; +- grub_uint8_t vec1_size; +- grub_uint8_t vec1; +- grub_uint8_t vec2_size; +- struct option_vector2 vec2; ++ struct { ++ struct pvr_entry terminal; ++ } pvr_list; ++ grub_uint8_t num_vecs; ++ grub_uint8_t vec1_size; ++ grub_uint8_t vec1; ++ grub_uint8_t vec2_size; ++ struct option_vector2 vec2; ++ grub_uint8_t vec3_size; ++ grub_uint16_t vec3; ++ grub_uint8_t vec4_size; ++ grub_uint16_t vec4; + } __attribute__((packed)); + + /* Call ibm,client-architecture-support to try to get more RMA. +@@ -341,13 +345,17 @@ grub_ieee1275_ibm_cas (void) + } args; + struct cas_vector vector = { + .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */ +- .num_vecs = 2 - 1, ++ .num_vecs = 4 - 1, + .vec1_size = 0, + .vec1 = 0x80, /* ignore */ + .vec2_size = 1 + sizeof(struct option_vector2) - 2, + .vec2 = { + 0, 0, -1, -1, -1, -1, -1, 512, -1, 0, 48 + }, ++ .vec3_size = 2 - 1, ++ .vec3 = 0x00e0, // ask for FP + VMX + DFP but don't halt if unsatisfied ++ .vec4_size = 2 - 1, ++ .vec4 = 0x0001, // set required minimum capacity % to the lowest value + }; + + INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2); +@@ -360,7 +368,7 @@ grub_ieee1275_ibm_cas (void) + args.ihandle = root; + args.cas_addr = (grub_ieee1275_cell_t)&vector; + +- grub_printf("Calling ibm,client-architecture-support..."); ++ grub_printf("Calling ibm,client-architecture-support from grub..."); + IEEE1275_CALL_ENTRY_FN (&args); + grub_printf("done\n"); + diff --git a/0504-powerpc-prefix-detection-support-device-names-with-c.patch b/0504-powerpc-prefix-detection-support-device-names-with-c.patch new file mode 100644 index 0000000000000000000000000000000000000000..50a5d64e1b3a55672b1a24ac49a356909f7f4235 --- /dev/null +++ b/0504-powerpc-prefix-detection-support-device-names-with-c.patch @@ -0,0 +1,73 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Thu, 24 Mar 2022 14:34:32 +1100 +Subject: [PATCH] powerpc: prefix detection: support device names with commas + +Frustratingly, the device name itself can contain an embedded comma: +e.g /pci@800000020000015/pci1014,034A@0/sas/disk@5000c50098a0ee8b + +So my previous approach was wrong: we cannot rely upon the presence +of a comma to say that a partition has been specified! + +It turns out for prefixes like (,gpt2)/grub2 we really want to make +up a full (device,partition)/patch prefix, because root discovery code +in 10_linux will reset the root variable and use search to fill it again. +If you have run grub-install, you probably don't have search built in, +and if you don't have prefix containing (device,partition), grub will +construct ($root)$prefix/powerpc-ieee1275/search.mod - but because $root +has just been changed, this will no longer work, and the boot will fail! + +Retain the gist of the logic, but instead of looking for a comma, look for +a leading '('. This matches the earlier code better anyway. + +There's certainly a better fix to be had. But any time you chose to build +with a bare prefix like '/grub2', you're almost certainly going to build in +search anyway, so this will do. + +Signed-off-by: Daniel Axtens +(cherry picked from commit 80b6eb5e55e6d1a4c9896361e61de31c29e6939d) +(cherry picked from commit f3df9f1c2335df22d020e80583d932e254594f0e) +--- + grub-core/kern/main.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c +index 40a709117f..abbf8af9e6 100644 +--- a/grub-core/kern/main.c ++++ b/grub-core/kern/main.c +@@ -241,14 +241,29 @@ grub_set_prefix_and_root (void) + what sorts of paths represent disks with partition tables and those + without partition tables. + +- So we act unless there is a comma in the device, which would indicate +- a partition has already been specified. ++ - Frustratingly, the device name itself can contain an embedded comma: ++ /pci@800000020000015/pci1014,034A@0/sas/disk@5000c50098a0ee8b ++ So we cannot even rely upon the presence of a comma to say that a ++ partition has been specified! + +- (If we only have a path, the code in normal to discover config files +- will try both without partitions and then with any partitions so we +- will cover both CDs and HDs.) ++ If we only have a path in $prefix, the code in normal to discover ++ config files will try all disks, both without partitions and then with ++ any partitions so we will cover both CDs and HDs. ++ ++ However, it doesn't then set the prefix to be something like ++ (discovered partition)/path, and so it is fragile against runtime ++ changes to $root. For example some of the stuff done in 10_linux to ++ reload $root sets root differently and then uses search to find it ++ again. If the search module is not built in, when we change root, grub ++ will look in (new root)/path/powerpc-ieee1275, that won't work, and we ++ will not be able to load the search module and the boot will fail. ++ ++ This is particularly likely to hit us in the grub-install ++ (,msdos2)/grub2 case, so we act unless the supplied prefix starts with ++ '(', which would likely indicate a partition has already been ++ specified. + */ +- if (grub_strchr (device, ',') == NULL) ++ if (prefix && prefix[0] != '(') + grub_env_set ("prefix", path); + else + #endif diff --git a/0505-make-ofdisk_retries-optional.patch b/0505-make-ofdisk_retries-optional.patch new file mode 100644 index 0000000000000000000000000000000000000000..fce9702dfc76fa8b9e64d3178b853656ebac931b --- /dev/null +++ b/0505-make-ofdisk_retries-optional.patch @@ -0,0 +1,43 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Diego Domingos +Date: Thu, 24 Mar 2022 13:14:42 -0400 +Subject: [PATCH] make ofdisk_retries optional + +The feature Retry on Fail added to GRUB can cause a LPM to take +longer if the SAN is slow. + +When a LPM to external site occur, the path of the disk can change +and thus the disk search function on grub can take some time since +it is used as a hint. This can cause the Retry on Fail feature to +try to access the disk 20x times (since this is hardcoded number) +and, if the SAN is slow, the boot time can increase a lot. +In some situations not acceptable. + +The following patch enables a configuration at user space of the +maximum number of retries we want for this feature. + +The variable ofdisk_retries should be set using grub2-editenv +and will be checked by retry function. If the variable is not set, +so the default number of retries will be used instead. +--- + include/grub/ieee1275/ofdisk.h | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h +index 7d2d540930..0074d55eee 100644 +--- a/include/grub/ieee1275/ofdisk.h ++++ b/include/grub/ieee1275/ofdisk.h +@@ -25,7 +25,12 @@ extern void grub_ofdisk_fini (void); + #define MAX_RETRIES 20 + + +-#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \ ++#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) \ ++ unsigned max_retries = MAX_RETRIES; \ ++ if(grub_env_get("ofdisk_retries") != NULL) \ ++ max_retries = grub_strtoul(grub_env_get("ofdisk_retries"), 0, 10)+1; \ ++ grub_dprintf("ofdisk","MAX_RETRIES set to %u\n",max_retries); \ ++ unsigned retry_i=0;for(retry_i=0; retry_i < max_retries; retry_i++){ \ + if(!grub_ieee1275_open(device, last_ihandle)) \ + break; \ + grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); } diff --git a/0501-loader-efi-chainloader-grub_load_and_start_image-doe.patch b/0506-loader-efi-chainloader-grub_load_and_start_image-doe.patch similarity index 97% rename from 0501-loader-efi-chainloader-grub_load_and_start_image-doe.patch rename to 0506-loader-efi-chainloader-grub_load_and_start_image-doe.patch index 1383d29765b0f28f128628f7b5bc0c552b66ba46..647212991e481c01dcb19be8d551b18b31030f92 100644 --- a/0501-loader-efi-chainloader-grub_load_and_start_image-doe.patch +++ b/0506-loader-efi-chainloader-grub_load_and_start_image-doe.patch @@ -18,7 +18,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit b4d70820a65c00561045856b7b8355461a9545f6) (cherry picked from commit 05b16a6be50b1910609740a66b561276fa490538) (cherry picked from commit 16486a34f3aa41a94e334e86db1a1e21e9b0a45f) -(cherry picked from commit 4a23f40cb6400d94621de688a7e79dfe124f5a63) --- grub-core/loader/efi/chainloader.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/0502-loader-efi-chainloader-simplify-the-loader-state.patch b/0507-loader-efi-chainloader-simplify-the-loader-state.patch similarity index 99% rename from 0502-loader-efi-chainloader-simplify-the-loader-state.patch rename to 0507-loader-efi-chainloader-simplify-the-loader-state.patch index 4eb34ff241802bb87525e324c6edcf208cd845a2..83b8823b33bf4b41044839f0e3de8483f0c5b0d4 100644 --- a/0502-loader-efi-chainloader-simplify-the-loader-state.patch +++ b/0507-loader-efi-chainloader-simplify-the-loader-state.patch @@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit 6080ad5d91d6a80d5f67c592dd33b6dd413e9453) [rharwood: double frees and unintialized, context fuzz - orig_dp] Signed-off-by: Robbie Harwood -(cherry picked from commit b44b88ae45008611ec0469fb47139f4c0d1ee233) --- grub-core/loader/efi/chainloader.c | 160 +++++++++++++++++++++++-------------- 1 file changed, 102 insertions(+), 58 deletions(-) diff --git a/0503-commands-boot-Add-API-to-pass-context-to-loader.patch b/0508-commands-boot-Add-API-to-pass-context-to-loader.patch similarity index 98% rename from 0503-commands-boot-Add-API-to-pass-context-to-loader.patch rename to 0508-commands-boot-Add-API-to-pass-context-to-loader.patch index 4270078d2460ab6355882f5f95d4a121390e3bf2..a0365243f373f1bd760439076423a9718e6aad11 100644 --- a/0503-commands-boot-Add-API-to-pass-context-to-loader.patch +++ b/0508-commands-boot-Add-API-to-pass-context-to-loader.patch @@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit 4322a64dde7e8fedb58e50b79408667129d45dd3) (cherry picked from commit 937ad0e2159b6b8cb0d2ce3515da3a8b797c7927) (cherry picked from commit 873038ae7048f6cae8a3ebb2f97a8d361a080e13) -(cherry picked from commit 7eefe9ba7e8f1557705f0f854ab7a3014d6cb5e2) --- grub-core/commands/boot.c | 66 +++++++++++++++++++++++++++++++++++++++++------ include/grub/loader.h | 5 ++++ diff --git a/0504-loader-efi-chainloader-Use-grub_loader_set_ex.patch b/0509-loader-efi-chainloader-Use-grub_loader_set_ex.patch similarity index 98% rename from 0504-loader-efi-chainloader-Use-grub_loader_set_ex.patch rename to 0509-loader-efi-chainloader-Use-grub_loader_set_ex.patch index 4ccc6df1c881841088f7d3d0ca9222472d9a7c42..d494a85567f8d1ae88bc51a3644bf7a08e084896 100644 --- a/0504-loader-efi-chainloader-Use-grub_loader_set_ex.patch +++ b/0509-loader-efi-chainloader-Use-grub_loader_set_ex.patch @@ -11,7 +11,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit 4b7f0402b7cb0f67a93be736f2b75b818d7f44c9) (cherry picked from commit fc1a79bf0e0bc019362ace46d908a92b48dcd55b) (cherry picked from commit f5b653dfe00271384ff7fbd82db926ab95dbd80e) -(cherry picked from commit 535a9d787f71ed6eb43e7c3a136a149684ec62ea) [rharwood: context sludge from previous commit] Signed-off-by: Robbie Harwood --- diff --git a/0505-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch b/0510-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch similarity index 95% rename from 0505-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch rename to 0510-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch index cdbd769cebaa855d23f5d79ae83dc1c0908c2419..f8809e67f5fdfd281108eee2f05a5126febef5bb 100644 --- a/0505-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch +++ b/0510-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch @@ -14,7 +14,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit 8224f5a71af94bec8697de17e7e579792db9f9e2) (cherry picked from commit 4744b62e20d07674017213ac54d7442d679f9d1a) (cherry picked from commit 329633cb060957c3d2aca677ac733f07b213a63f) -(cherry picked from commit 47b839b0a801ee4852447a85fb5de91dc7d2c856) --- grub-core/loader/i386/efi/linux.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/0506-loader-i386-efi-linux-Use-grub_loader_set_ex.patch b/0511-loader-i386-efi-linux-Use-grub_loader_set_ex.patch similarity index 99% rename from 0506-loader-i386-efi-linux-Use-grub_loader_set_ex.patch rename to 0511-loader-i386-efi-linux-Use-grub_loader_set_ex.patch index a0f04a2fffd81f1299b8f692ae91f39a66c11542..981ea45132039aad4a2990d18f9d87ae0aaf1b12 100644 --- a/0506-loader-i386-efi-linux-Use-grub_loader_set_ex.patch +++ b/0511-loader-i386-efi-linux-Use-grub_loader_set_ex.patch @@ -20,7 +20,6 @@ Signed-off-by: Chris Coulson [rharwood: verifying twice] Signed-off-by: Robbie Harwood (cherry picked from commit df804892f1a754d88a9779320f9429bf40d2a1b3) -(cherry picked from commit d1b506f6c910b96ad47a20247b438c6402a74948) --- grub-core/loader/i386/efi/linux.c | 146 +++++++++++++++++++++++--------------- 1 file changed, 87 insertions(+), 59 deletions(-) diff --git a/0507-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch b/0512-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch similarity index 97% rename from 0507-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch rename to 0512-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch index 62363952ae6bb473ac6298e6ee8245ee12c8d546..1a8cae9478fd5b0234034775301fc5631be13aef 100644 --- a/0507-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch +++ b/0512-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch @@ -11,7 +11,6 @@ Signed-off-by: Chris Coulson (cherry picked from commit d98af31ce1e31bb22163960d53f5eb28c66582a0) (cherry picked from commit 62234d6a00e6d1dd8e017ff161d359feb5234082) (cherry picked from commit bda5a10716dc9676400dce1374232452f46d0bc4) -(cherry picked from commit b862299a8502282a09af8e6c6189edd5b0a368b0) --- grub-core/loader/i386/efi/linux.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/0508-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch b/0513-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch similarity index 95% rename from 0508-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch rename to 0513-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch index 3afccaf5dc49b56d790a2abd28f83377fdb38a8c..aff3231b8591fdbb096b9c120ac3c91dc8018886 100644 --- a/0508-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch +++ b/0513-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch @@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 1499a5068839fa37cb77ecef4b5bdacbd1ed12ea) (cherry picked from commit 2ec50b289d8b24922433439533113087f111f110) (cherry picked from commit 17c36ae88d7d6040cabc01cd4a21e71ff4731668) -(cherry picked from commit 723e7dbedb7669343e564d453d21b8ed2ab81216) --- grub-core/kern/file.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/0509-video-readers-png-Abort-sooner-if-a-read-operation-f.patch b/0514-video-readers-png-Abort-sooner-if-a-read-operation-f.patch similarity index 98% rename from 0509-video-readers-png-Abort-sooner-if-a-read-operation-f.patch rename to 0514-video-readers-png-Abort-sooner-if-a-read-operation-f.patch index db3764acaa88344cc6e11e23bbb2cfc220a875fa..12dba4dc19f8b0c36b9211bceb3778e655ffcb1f 100644 --- a/0509-video-readers-png-Abort-sooner-if-a-read-operation-f.patch +++ b/0514-video-readers-png-Abort-sooner-if-a-read-operation-f.patch @@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 882be97d1df6449b9fd4d593f0cb70005fde3494) (cherry picked from commit 3f6fc3ebfd58fcdb3fe6c2f7a5a4fa05772ae786) (cherry picked from commit aac5b8257d4078c3f764216aeae3367bdc19043f) -(cherry picked from commit e9e58c9711de334fcf48a651ee20c21f2855a4bd) --- grub-core/video/readers/png.c | 55 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 47 insertions(+), 8 deletions(-) diff --git a/0510-video-readers-png-Refuse-to-handle-multiple-image-he.patch b/0515-video-readers-png-Refuse-to-handle-multiple-image-he.patch similarity index 94% rename from 0510-video-readers-png-Refuse-to-handle-multiple-image-he.patch rename to 0515-video-readers-png-Refuse-to-handle-multiple-image-he.patch index f8823414b6cd296aa6dcee74dd740fb1b12fc390..e6bad788a433edba495eae817f39913901784046 100644 --- a/0510-video-readers-png-Refuse-to-handle-multiple-image-he.patch +++ b/0515-video-readers-png-Refuse-to-handle-multiple-image-he.patch @@ -10,7 +10,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 8ce433557adeadbc46429aabb9f850b02ad2bdfb) (cherry picked from commit 6e10bba6a4cbfd6c7bf116f41fd4e037465e19d8) (cherry picked from commit 812272d919ecfd368c008f15b677d369616ada54) -(cherry picked from commit c04569b35600aa29d5b4cd8990a8ee1dd1162c72) --- grub-core/video/readers/png.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/0511-video-readers-png-Drop-greyscale-support-to-fix-heap.patch b/0516-video-readers-png-Drop-greyscale-support-to-fix-heap.patch similarity index 98% rename from 0511-video-readers-png-Drop-greyscale-support-to-fix-heap.patch rename to 0516-video-readers-png-Drop-greyscale-support-to-fix-heap.patch index ba887822836b39fd7e91ef8399fada6e79b58fdb..5233539755790c7b2920a4bb350def2b93aa9a57 100644 --- a/0511-video-readers-png-Drop-greyscale-support-to-fix-heap.patch +++ b/0516-video-readers-png-Drop-greyscale-support-to-fix-heap.patch @@ -37,7 +37,6 @@ Reviewed-by: Daniel Kiper Signed-off-by: Robbie Harwood (cherry picked from commit 4c631c8119206b3178912df2905434d967661c3d) (cherry picked from commit 6d5d5f51266b8113c6ba560835500e3c135f3722) -(cherry picked from commit b20fc5589561a8c57a2071b2ae93fcdcf51a10d4) --- grub-core/video/readers/png.c | 85 +++---------------------------------------- 1 file changed, 6 insertions(+), 79 deletions(-) diff --git a/0512-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch b/0517-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch similarity index 95% rename from 0512-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch rename to 0517-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch index a25685c16149a68e8fd450fd16b3d9603b179f5a..8c593107c48833dcafcd6e6b42b19d0c470d37a7 100644 --- a/0512-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch +++ b/0517-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch @@ -18,7 +18,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 1ae9a91d42cb40da8a6f11fac65541858e340afa) (cherry picked from commit 132ccc681cf642ad748580f26b54c9259a7f43fd) (cherry picked from commit 3a70e1f6e69af6e0d3c3cf526faa44dc0c80ac19) -(cherry picked from commit 809d25ffa6b89d390a66d2f3cf3090196f07e2aa) --- grub-core/video/readers/png.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/0513-video-readers-png-Sanity-check-some-huffman-codes.patch b/0518-video-readers-png-Sanity-check-some-huffman-codes.patch similarity index 96% rename from 0513-video-readers-png-Sanity-check-some-huffman-codes.patch rename to 0518-video-readers-png-Sanity-check-some-huffman-codes.patch index 4ba2e4df153e506ad0f19a3bcef046b6dd6716cf..ca2e2098b68f3abc1a2433f77f89dd372b28308c 100644 --- a/0513-video-readers-png-Sanity-check-some-huffman-codes.patch +++ b/0518-video-readers-png-Sanity-check-some-huffman-codes.patch @@ -12,7 +12,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit c3a8ab0cbd24153ec7b1f84a96ddfdd72ef8d117) (cherry picked from commit 5d09addf58086aa11d5f9a91af5632ff87c2d2ee) (cherry picked from commit ff12584f9376a472f37d4ec14213fd29bf3b233a) -(cherry picked from commit ac8b5464a076d2e38ecf7f761be9cd1f5bbeb784) --- grub-core/video/readers/png.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/0514-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch b/0519-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch similarity index 99% rename from 0514-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch rename to 0519-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch index b5c2ca9c045fa96058e6a3c4cc1d258936666b91..5d71be6b30095e8ac31c133536730faa047fc274 100644 --- a/0514-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch +++ b/0519-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch @@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit ab2e5d2e4bff488bbb557ed435a61ae102ef9f0c) (cherry picked from commit 1ff8df0d2dea8ec7c8575241d5e7d6622c204ec3) (cherry picked from commit b07767383b74a0ce7135c09ba8701510d4ad32f0) -(cherry picked from commit 5f097165152d61d4aea02f26dc789d840147d50e) --- grub-core/video/readers/jpeg.c | 86 ++++++++++++++++++++++++++++++++++-------- 1 file changed, 70 insertions(+), 16 deletions(-) diff --git a/0515-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch b/0520-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch similarity index 94% rename from 0515-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch rename to 0520-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch index 7677c8dc1fe91a23a188f1925ce26859e5ff22ca..fb8919889e20806279207c210ca23f9077bd5aec 100644 --- a/0515-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch +++ b/0520-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch @@ -11,7 +11,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit bc06e12b4de55cc6f926af9f064170c82b1403e9) (cherry picked from commit 5298bf758ea39a90537f9a1c76541ff2f21b970b) (cherry picked from commit aae6bac7f26c6b848156ed7adcff83309b833664) -(cherry picked from commit bc58c0da3aed59486042759a03fe61a9782e36ce) --- grub-core/video/readers/jpeg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/0516-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch b/0521-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch similarity index 96% rename from 0516-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch rename to 0521-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch index bc4ef25c69a3669d8132e4f3b09226939d8778ba..b48464859e8a48ee867294ed5af786ae2b10972d 100644 --- a/0516-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch +++ b/0521-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch @@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit f3a854def3e281b7ad4bbea730cd3046de1da52f) (cherry picked from commit db0154828989a0a52ee59a4dda8c3803752bc827) (cherry picked from commit 75afb375ef46bc99a7faf5879d0283934e34db97) -(cherry picked from commit 82f8de94e19be775cdabd05528dc7acf0cb485a7) --- grub-core/video/readers/jpeg.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/0517-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch b/0522-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch similarity index 96% rename from 0517-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch rename to 0522-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch index 9434ba125a0cb54c76c5311cf79796f3d2f721d7..90decbcd6ad307ae5240201236d654268bf3a1b0 100644 --- a/0517-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch +++ b/0522-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch @@ -34,7 +34,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 41aeb2004db9924fecd9f2dd64bc2a5a5594a4b5) (cherry picked from commit 5f9582490792108306d047379fed2371bee286f8) (cherry picked from commit 7e4bf25d9bb5219fbf11c523296dc3bd78b80698) -(cherry picked from commit 397ecffe404b892470c41f4d24340526d3d33666) --- grub-core/video/readers/jpeg.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/0518-normal-charset-Fix-array-out-of-bounds-formatting-un.patch b/0523-normal-charset-Fix-array-out-of-bounds-formatting-un.patch similarity index 95% rename from 0518-normal-charset-Fix-array-out-of-bounds-formatting-un.patch rename to 0523-normal-charset-Fix-array-out-of-bounds-formatting-un.patch index 2043b0525e2e1026645c427ee83a1d126664495d..6cbd3a5a29072d407772cebf2f2e1f59138eb4e6 100644 --- a/0518-normal-charset-Fix-array-out-of-bounds-formatting-un.patch +++ b/0523-normal-charset-Fix-array-out-of-bounds-formatting-un.patch @@ -17,7 +17,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit fdf32abc7a3928852422c0f291d8cd1dd6b34a8d) (cherry picked from commit f2c10aaf335b88a69885375c4d68ffab2429df77) (cherry picked from commit 4c942e1ba8d1f1199a58d2eb139022ae22f75cb2) -(cherry picked from commit 83efea59ad671d043b3a48fe0581f11beb63303c) --- grub-core/normal/charset.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/0519-net-netbuff-Block-overly-large-netbuff-allocs.patch b/0524-net-netbuff-Block-overly-large-netbuff-allocs.patch similarity index 95% rename from 0519-net-netbuff-Block-overly-large-netbuff-allocs.patch rename to 0524-net-netbuff-Block-overly-large-netbuff-allocs.patch index 6d590eecaad06fb3613405c83de7e64cbd42152f..5a59ff429774be9115245b69ce33536810e6c266 100644 --- a/0519-net-netbuff-Block-overly-large-netbuff-allocs.patch +++ b/0524-net-netbuff-Block-overly-large-netbuff-allocs.patch @@ -14,7 +14,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit ee9591103004cd13b4efadda671536090ca7fd57) (cherry picked from commit acde668bb9d9fa862a1a63e3bbd5fa47fdfa9183) (cherry picked from commit e47ad2eb4fe38ef2bdcab52245286f31170e73e3) -(cherry picked from commit 3517b6baf69ee77065f0216ff29190ad392a2c84) --- grub-core/net/netbuff.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/0520-net-ip-Do-IP-fragment-maths-safely.patch b/0525-net-ip-Do-IP-fragment-maths-safely.patch similarity index 95% rename from 0520-net-ip-Do-IP-fragment-maths-safely.patch rename to 0525-net-ip-Do-IP-fragment-maths-safely.patch index 433d703e3d1233df9c5dd4532658164ce470d80f..e4b8f45cccfa2d364d02e31a388d9c0d52dc45b3 100644 --- a/0520-net-ip-Do-IP-fragment-maths-safely.patch +++ b/0525-net-ip-Do-IP-fragment-maths-safely.patch @@ -12,7 +12,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit eb74e5743ca7e18a5e75c392fe0b21d1549a1936) (cherry picked from commit 552ad34583e788542e9ca08524a0d4bc8f98c297) (cherry picked from commit 2c8cb7e3b8b48b136a950e5692fa6251b76df90e) -(cherry picked from commit 17bb2fe79e6b9688cf2008b840af9022804204ec) --- grub-core/net/ip.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/0521-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch b/0526-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch similarity index 96% rename from 0521-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch rename to 0526-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch index 1fa2c3e79f99ade2e1027ea0ef479296a66a7f47..11f6cb6903818f502eccea1d690c290dc2c4d156 100644 --- a/0521-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch +++ b/0526-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch @@ -34,7 +34,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit eb2e69fcf51307757e43f55ee8c9354d1ee42dd1) (cherry picked from commit d801a27e7acec6c1a83067fab0bb975877eaf704) (cherry picked from commit 4d8b6e36ddfda4084e370b3b08c432e8a462e9be) -(cherry picked from commit ae133c18f304cb0a22c569c98abc62e15ccf56d0) --- grub-core/net/dns.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/0522-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch b/0527-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch similarity index 97% rename from 0522-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch rename to 0527-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch index bd7797a3e23849b62e4e1baa4084d17da5ed37bc..d641a9e95b925c3b2f9398083aecca4093d24495 100644 --- a/0522-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch +++ b/0527-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch @@ -13,7 +13,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 6a97b3f4b1d5173aa516edc6dedbc63de7306d21) (cherry picked from commit e0589624e86bc96666cbdb62f6e55cafec2871b3) (cherry picked from commit 95ecbc0b9aacfd43ba96cccc50daaf39eccd9f7f) -(cherry picked from commit 110eee925ecd9efeebb8d018b042fcf067a443c2) --- grub-core/net/dns.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/0523-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch b/0528-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch similarity index 98% rename from 0523-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch rename to 0528-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch index 6df1527760d60de38ee1b2580307fd7248442b93..dc4aab2a1e9b3a41066b724eac06b3fef2d5f80a 100644 --- a/0523-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch +++ b/0528-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch @@ -46,7 +46,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit dada1dda695439bb55b2848dddc2d89843552f81) (cherry picked from commit 352c5ae8a9fc715712e6ecbd7ccb6218122c748f) (cherry picked from commit 61a010085ab9f0ecf42677773a6fc212f1579b0a) -(cherry picked from commit 277d38531a47be78ac5062894e449726db2baf65) --- grub-core/net/net.c | 11 +++++++++-- grub-core/net/tftp.c | 1 + diff --git a/0524-misc-Format-string-for-grub_error-should-be-a-litera.patch b/0529-misc-Format-string-for-grub_error-should-be-a-litera.patch similarity index 96% rename from 0524-misc-Format-string-for-grub_error-should-be-a-litera.patch rename to 0529-misc-Format-string-for-grub_error-should-be-a-litera.patch index f4a4f3297731269d9796c6201d0057ea5c02f527..ae0ec538b052f5919365a96b30de216e50abeba9 100644 --- a/0524-misc-Format-string-for-grub_error-should-be-a-litera.patch +++ b/0529-misc-Format-string-for-grub_error-should-be-a-litera.patch @@ -6,7 +6,6 @@ Subject: [PATCH] misc: Format string for grub_error() should be a literal Signed-off-by: Glenn Washburn Reviewed-by: Daniel Kiper (cherry-picked from commit 60875f4e15d704b875969b415501802b531c4db3) -(cherry-picked from commit 6353cbd63cb3615a2b7aece183e3b177250d9415) --- grub-core/loader/efi/chainloader.c | 2 +- grub-core/net/tftp.c | 2 +- diff --git a/0525-net-tftp-Avoid-a-trivial-UAF.patch b/0530-net-tftp-Avoid-a-trivial-UAF.patch similarity index 95% rename from 0525-net-tftp-Avoid-a-trivial-UAF.patch rename to 0530-net-tftp-Avoid-a-trivial-UAF.patch index 8c44b1fd4489bfdb7ae5e3fbb3e7fb826c2e9796..f6f77f3ce2cac4c7c4d56f09b7e06700aefcc9cf 100644 --- a/0525-net-tftp-Avoid-a-trivial-UAF.patch +++ b/0530-net-tftp-Avoid-a-trivial-UAF.patch @@ -16,7 +16,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 956f4329cec23e4375182030ca9b2be631a61ba5) (cherry picked from commit dbe9abcdee6ce796811111b67e3f24eefe2135d1) (cherry picked from commit 72ae9c5d389d2c0337c44edead6e00db0bb84039) -(cherry picked from commit 6a367d5b45cee3b452319cbaba1052f045c68081) --- grub-core/net/tftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0526-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch b/0531-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch similarity index 96% rename from 0526-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch rename to 0531-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch index 75082a83c6834ab8d73dd88702108dc3300ac35a..6fcb3c63fb3fc8484fc5593b6c5999507bacf81b 100644 --- a/0526-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch +++ b/0531-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch @@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit ec233d3ecf995293304de443579aab5c46c49e85) (cherry picked from commit d39cf87ed701b9f0900daed7f672e07994d37ce8) (cherry picked from commit e0aa5c3acec70eac3489d6df1893a93726cbce3a) -(cherry picked from commit d29000397693cae279291b75ff89e5b9a5e2ed97) --- grub-core/net/http.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/0527-net-http-Fix-OOB-write-for-split-http-headers.patch b/0532-net-http-Fix-OOB-write-for-split-http-headers.patch similarity index 96% rename from 0527-net-http-Fix-OOB-write-for-split-http-headers.patch rename to 0532-net-http-Fix-OOB-write-for-split-http-headers.patch index eea35d6b768f1be2835d1a1303753fb1bf120751..daabc9e63ff2d5e038a27ef016feb228bdfe94e9 100644 --- a/0527-net-http-Fix-OOB-write-for-split-http-headers.patch +++ b/0532-net-http-Fix-OOB-write-for-split-http-headers.patch @@ -27,7 +27,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit e9fb459638811c12b0989dbf64e3e124974ef617) (cherry picked from commit b604916beb6c39e8ed27f72851eb16f3eaa293c5) (cherry picked from commit c3c6b1167a43275991efd6847160a46ce3839fae) -(cherry picked from commit 9b4ef71ed4f6fce00e868e3223cdbfb734e840d6) --- grub-core/net/http.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/0528-net-http-Error-out-on-headers-with-LF-without-CR.patch b/0533-net-http-Error-out-on-headers-with-LF-without-CR.patch similarity index 96% rename from 0528-net-http-Error-out-on-headers-with-LF-without-CR.patch rename to 0533-net-http-Error-out-on-headers-with-LF-without-CR.patch index a50904e6433dbefd78bc0d1fd86313023992ce29..86a3b280a1f45e0d5dc9850688727593705d7667 100644 --- a/0528-net-http-Error-out-on-headers-with-LF-without-CR.patch +++ b/0533-net-http-Error-out-on-headers-with-LF-without-CR.patch @@ -24,7 +24,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit d232ad41ac4979a9de4d746e5fdff9caf0e303de) (cherry picked from commit 8960e6d6137090a7e8c6592077da6e387a4ef972) (cherry picked from commit 9b6b9398c90dd76ce0b935d21c4ecb8954c4b2b7) -(cherry picked from commit 3eef2cc845f7ed34a89d8d0a7042d7768e43eaad) --- grub-core/net/http.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/0529-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch b/0534-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch similarity index 97% rename from 0529-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch rename to 0534-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch index 93637a48f690ca44ffeb6211796330f7d67a215b..684fc7569505bf286399fa88dcd0b0297a632acb 100644 --- a/0529-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch +++ b/0534-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch @@ -15,7 +15,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit a3988cb3f0a108dd67ac127a79a4c8479d23334e) (cherry picked from commit 7125978aa7d6068812ef6da0ab38ce521ae7eba1) (cherry picked from commit e488538cbf9fc63796c7047550b0598e1ef95c03) -(cherry picked from commit a2e520d7ced2ded854fb24f3718530e1e6d7dd5e) --- grub-core/fs/f2fs.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/0530-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch b/0535-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch similarity index 98% rename from 0530-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch rename to 0535-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch index 07de7cd39b2e67dc07c96a6e7ce8065a98a8eab8..30ea7c64cc120e738e5d88f7574f886bbf5078bb 100644 --- a/0530-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch +++ b/0535-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch @@ -23,7 +23,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 62d63d5e38c67a6e349148bf7cb87c560e935a7e) (cherry picked from commit 92219e6d379b5b4d30b05361830b72ab1d95d281) (cherry picked from commit c23d97e3b56594bf0f802d94062e14b221143115) -(cherry picked from commit e9536dd7fbdc632efbe3506386dbfb3bfc0465c8) --- grub-core/fs/f2fs.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/0531-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch b/0536-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch similarity index 95% rename from 0531-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch rename to 0536-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch index 3444e4fd774509c63e20eb891db8b245c27c56ba..5ab2414aab3febba9a3ff28e711ef131a3082574 100644 --- a/0531-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch +++ b/0536-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch @@ -19,7 +19,6 @@ Reviewed-by: Daniel Kiper (cherry picked from commit 9a891f638509e031d322c94e3cbcf38d36f3993a) (cherry picked from commit 13f9160ae0d2806baed459884999356817096cd7) (cherry picked from commit a48ba4d48b3c66431e6bbeb386078efc6602110c) -(cherry picked from commit f0440b61cebbab807638b90eb2ae86265d6cf49f) --- grub-core/fs/f2fs.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/0532-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch b/0537-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch similarity index 97% rename from 0532-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch rename to 0537-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch index 289f1398b0400a7eb54fb94138ac1cda13b82ec3..21e95cf788da0c7f020d4b0b3a7d386c23e3f9fb 100644 --- a/0532-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch +++ b/0537-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch @@ -24,7 +24,6 @@ Reviewed-by: Daniel Kiper Signed-off-by: Robbie Harwood (cherry picked from commit e3e21b9a81aea09dd43368cf097c1029a8380d82) (cherry picked from commit ab14a39777edb60c99751d4fdf1cc254a4faebf5) -(cherry picked from commit 90a9fbd5969325993e069ee5a04a802b59657920) --- grub-core/fs/btrfs.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/0533-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch b/0538-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch similarity index 98% rename from 0533-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch rename to 0538-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch index 0bc744f6ea76fe80c118080977e2326f31668349..184165bb7be4bfad24d43097aa0254f3668953d6 100644 --- a/0533-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch +++ b/0538-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch @@ -12,7 +12,6 @@ Signed-off-by: Marco A Benatto Signed-off-by: Javier Martinez Canillas Reviewed-by: Daniel Kiper (cherry picked from commit 04ae030d0eea8668d4417702d88bf2cf04713d80) -(cherry picked from commit ed33b47f00bc0d728197357b8ae632028f91599b) --- grub-core/commands/efi/efifwsetup.c | 8 ++++---- grub-core/kern/efi/efi.c | 16 +++++++++------- diff --git a/0534-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch b/0539-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch similarity index 97% rename from 0534-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch rename to 0539-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch index 8bc2666c4173f4953a40532e777e915a494562d3..526a123df2e8a302f7488cfba006ab681b8b62f7 100644 --- a/0534-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch +++ b/0539-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch @@ -12,7 +12,6 @@ Signed-off-by: Marco A Benatto Signed-off-by: Javier Martinez Canillas Reviewed-by: Daniel Kiper (cherry picked from commit ac5c9367548750e75ed1e7fc4354a3d20186d733) -(cherry picked from commit 51b11f8b3ab96c38efb1636d9c53b5a86503f1f2) --- grub-core/kern/efi/efi.c | 16 +++++++++++++--- include/grub/efi/efi.h | 5 +++++ diff --git a/0535-Define-GRUB_EFI_SHIM_LOCK_GUID.patch b/0540-Define-GRUB_EFI_SHIM_LOCK_GUID.patch similarity index 93% rename from 0535-Define-GRUB_EFI_SHIM_LOCK_GUID.patch rename to 0540-Define-GRUB_EFI_SHIM_LOCK_GUID.patch index 6b00c5cc02219e3d4ea47bb9f966767e9d5beb0c..354ec29fccfd2f58ae4e7c77797f81d45fd8fe19 100644 --- a/0535-Define-GRUB_EFI_SHIM_LOCK_GUID.patch +++ b/0540-Define-GRUB_EFI_SHIM_LOCK_GUID.patch @@ -9,7 +9,6 @@ lock protocol definition and some other guids we don't care about right now. Signed-off-by: Robbie Harwood -(cherry picked from commit e44d6f8e801fae4716dd2528d7194f759c52aa12) --- include/grub/efi/api.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/0536-misc-Make-grub_min-and-grub_max-more-resilient.patch b/0541-misc-Make-grub_min-and-grub_max-more-resilient.patch similarity index 97% rename from 0536-misc-Make-grub_min-and-grub_max-more-resilient.patch rename to 0541-misc-Make-grub_min-and-grub_max-more-resilient.patch index 3cca336c58db9a7fb56c10b3842b7c4750a73197..bf1741bdb40742068d355766682f332e4ee46328 100644 --- a/0536-misc-Make-grub_min-and-grub_max-more-resilient.patch +++ b/0541-misc-Make-grub_min-and-grub_max-more-resilient.patch @@ -20,7 +20,6 @@ create uniquely named internal variables. Signed-off-by: Peter Jones (cherry picked from commit 2d6800450fa731d7b3ef9893986806e88e819eb6) (cherry picked from commit adaf6a5ae66fb8a23274e3030e9df2714d0fc396) -(cherry picked from commit 5282d19d1942d9c3470337a84aa4a92562ba1575) --- grub-core/loader/multiboot_elfxx.c | 4 +--- include/grub/misc.h | 25 +++++++++++++++++++++++-- diff --git a/0537-ReiserFS-switch-to-using-grub_min-grub_max.patch b/0542-ReiserFS-switch-to-using-grub_min-grub_max.patch similarity index 98% rename from 0537-ReiserFS-switch-to-using-grub_min-grub_max.patch rename to 0542-ReiserFS-switch-to-using-grub_min-grub_max.patch index c3baecf83ec22a7c3cbccf7704f9229ff1da8e52..e8688dc3e8d4d27f17681c479e4bc19a1df65fa5 100644 --- a/0537-ReiserFS-switch-to-using-grub_min-grub_max.patch +++ b/0542-ReiserFS-switch-to-using-grub_min-grub_max.patch @@ -10,7 +10,6 @@ instead. Signed-off-by: Peter Jones (cherry picked from commit 5fc601574fce99b32fe4dfb55bd8f3ab0175fd6a) (cherry picked from commit 31e581893c564582c729fd0c033d3ce021854be8) -(cherry picked from commit 2c46aae48eabcf91d7ed34a7bed2b59aa80c2c03) --- grub-core/fs/reiserfs.c | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) diff --git a/0538-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch b/0543-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch similarity index 96% rename from 0538-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch rename to 0543-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch index 9455dd198719bccdafd9b0dd7f5fccaafa6679cb..37cb0a8307aca408c6ab5106516964be0d9ec8b0 100644 --- a/0538-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch +++ b/0543-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch @@ -14,7 +14,6 @@ in DEBUG, regardless of BOOT_TIME_STATS. Signed-off-by: Peter Jones (cherry picked from commit 4fd282de00df05ce289467861deb7a0e186cfbd7) (cherry picked from commit cc7e60a9f3ad1fa74b9cd48a7e66b1976f9a554a) -(cherry picked from commit 9e78e5749d5c99a01c96c9c0d9ec3e98633a4cbd) --- grub-core/kern/misc.c | 3 ++- include/grub/misc.h | 2 +- diff --git a/0539-modules-make-.module_license-read-only.patch b/0544-modules-make-.module_license-read-only.patch similarity index 95% rename from 0539-modules-make-.module_license-read-only.patch rename to 0544-modules-make-.module_license-read-only.patch index 94dc8920ae4e525c74fe821abc3d01a42301ea83..e5af3e9663192a748cd4853152237041c5070fc9 100644 --- a/0539-modules-make-.module_license-read-only.patch +++ b/0544-modules-make-.module_license-read-only.patch @@ -13,7 +13,6 @@ set. Signed-off-by: Peter Jones (cherry picked from commit 2eff3e2c9d9e6b75daa81b840c96f112ef7d5de6) (cherry picked from commit 3c3c1858d1c056eee660d67888be80e7eae498ca) -(cherry picked from commit ebcce09e35ef6916a2d1ddbf0906e9f3f5c539ad) --- include/grub/dl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0540-modules-strip-.llvm_addrsig-sections-and-similar.patch b/0545-modules-strip-.llvm_addrsig-sections-and-similar.patch similarity index 95% rename from 0540-modules-strip-.llvm_addrsig-sections-and-similar.patch rename to 0545-modules-strip-.llvm_addrsig-sections-and-similar.patch index 51aba2948b81a884694bbeda7b2fa7978ba46ee6..c8a17de630203006497055dc8291f654175c4f00 100644 --- a/0540-modules-strip-.llvm_addrsig-sections-and-similar.patch +++ b/0545-modules-strip-.llvm_addrsig-sections-and-similar.patch @@ -18,7 +18,6 @@ failure is just reversion to the status quo, so that's not a big problem. Signed-off-by: Peter Jones (cherry picked from commit e85d1c4d795f8135ad0acfa36d64760d12d6fed1) (cherry picked from commit d3024204b2e2c69ecb91392eeb87c1e6835c3743) -(cherry picked from commit f729241a34394b1019d83d75ffe6bfe0986ab274) --- grub-core/genmod.sh.in | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/0541-modules-Don-t-allocate-space-for-non-allocable-secti.patch b/0546-modules-Don-t-allocate-space-for-non-allocable-secti.patch similarity index 95% rename from 0541-modules-Don-t-allocate-space-for-non-allocable-secti.patch rename to 0546-modules-Don-t-allocate-space-for-non-allocable-secti.patch index 12c1a5976d22e4b0cacc29808bbdc91092ab34cb..2f3bc0cb5b7b30479f48c204a51f77a508d1912b 100644 --- a/0541-modules-Don-t-allocate-space-for-non-allocable-secti.patch +++ b/0546-modules-Don-t-allocate-space-for-non-allocable-secti.patch @@ -17,7 +17,6 @@ loop does. Signed-off-by: Peter Jones (cherry picked from commit 03215e342f552396ab08125ea769b1e166417ec1) (cherry picked from commit 91518751b9bcba078e3f4385f4b2f6c39cab49cd) -(cherry picked from commit ee945970425488bd5b72d837706764a6a0fde46c) --- grub-core/kern/dl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/0542-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch b/0547-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch similarity index 97% rename from 0542-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch rename to 0547-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch index 8cc3da5a6014c7b13b20d81299449f86f360d0ad..f9c22343caff39c8185335640f966e9039b8b8ad 100644 --- a/0542-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch +++ b/0547-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch @@ -17,7 +17,6 @@ define, and adds defines for the actual PE magic. Signed-off-by: Peter Jones (cherry picked from commit 955f47aa8300387eecf18b0866d21dde7720593d) (cherry picked from commit 662744c2e986cb770fe49e71e019aaf33a66272d) -(cherry picked from commit 4b541b7e76b77d131ff534e537a622551e774a2b) --- grub-core/loader/arm64/linux.c | 2 +- include/grub/efi/pe32.h | 28 ++++++++++++++++++++++++++-- diff --git a/0543-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch b/0548-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch similarity index 98% rename from 0543-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch rename to 0548-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch index 7d7a44a5719c96b6d5183d94d6ff36362f004523..8644e51db2a7d33307b9b46a47e8aa04812d979c 100644 --- a/0543-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch +++ b/0548-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch @@ -16,7 +16,6 @@ Signed-off-by: Peter Jones Signed-off-by: Robbie Harwood (cherry picked from commit 8b31058a12d3e85f0f0180ac90b98d6465fccbb7) (cherry picked from commit 460df66aab9b3a57fc0d14a21a595cd467c4b13e) -(cherry picked from commit 2380ad45c78ed12710f1186eda9f2ba38c20f6ba) --- grub-core/loader/i386/efi/linux.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/0544-modules-load-module-sections-at-page-aligned-address.patch b/0549-modules-load-module-sections-at-page-aligned-address.patch similarity index 99% rename from 0544-modules-load-module-sections-at-page-aligned-address.patch rename to 0549-modules-load-module-sections-at-page-aligned-address.patch index 5cc42b1471d13aa11c0095102ce00c86b6dc85d3..44ecd2b8e7334e536ba91a81199e4004809f86e9 100644 --- a/0544-modules-load-module-sections-at-page-aligned-address.patch +++ b/0549-modules-load-module-sections-at-page-aligned-address.patch @@ -58,7 +58,6 @@ Signed-off-by: Peter Jones (cherry picked from commit 04f1df6b665493e38de66018aebe377fdac4ceec) [rharwood: not risc-v yet] Signed-off-by: Robbie Harwood -(cherry picked from commit 62c48da3ef51fc4f98746fbc35791ec2beab0426) --- grub-core/kern/arm/dl.c | 13 +++++++++++++ grub-core/kern/arm64/dl.c | 13 +++++++++++++ diff --git a/0545-nx-add-memory-attribute-get-set-API.patch b/0550-nx-add-memory-attribute-get-set-API.patch similarity index 99% rename from 0545-nx-add-memory-attribute-get-set-API.patch rename to 0550-nx-add-memory-attribute-get-set-API.patch index eec3160d4b104a4241c6e64c301bc12b8d352d64..41ae1d04e945963d406aab67f2e7186c493209b4 100644 --- a/0545-nx-add-memory-attribute-get-set-API.patch +++ b/0550-nx-add-memory-attribute-get-set-API.patch @@ -23,7 +23,6 @@ Signed-off-by: Peter Jones (cherry picked from commit 46cb4f9557bdba1db0a17d012df705d94d81a9f6) [rharwood: context fuzz, guids] Signed-off-by: Robbie Harwood -(cherry picked from commit 7d8eea48e82c4ef572cc0f9d3252487c1d7e5729) --- grub-core/kern/efi/efi.c | 36 +++++++++++++ grub-core/kern/efi/mm.c | 131 +++++++++++++++++++++++++++++++++++++++++++++++ diff --git a/0546-nx-set-page-permissions-for-loaded-modules.patch b/0551-nx-set-page-permissions-for-loaded-modules.patch similarity index 99% rename from 0546-nx-set-page-permissions-for-loaded-modules.patch rename to 0551-nx-set-page-permissions-for-loaded-modules.patch index 0d40b911b82cc107d5b4806c22408ac791ee45aa..1032ea64bb37b3ef0913695ba740b7bc1c940f85 100644 --- a/0546-nx-set-page-permissions-for-loaded-modules.patch +++ b/0551-nx-set-page-permissions-for-loaded-modules.patch @@ -17,7 +17,6 @@ Signed-off-by: Peter Jones Signed-off-by: Robbie Harwood (cherry-picked from commit ca74904ede0406b594cbedc52ce8e38a6633d2ae) (cherry picked from commit 2e2e72026f41cf7cffeb46a6a47f3c67d0b3be45) -(cherry picked from commit 736e5ccd9175d31ebea848f3b627f3e99988bb0a) --- grub-core/kern/dl.c | 120 +++++++++++++++++++++++++++++++++++++++------------- include/grub/dl.h | 44 +++++++++++++++++++ diff --git a/0547-nx-set-attrs-in-our-kernel-loaders.patch b/0552-nx-set-attrs-in-our-kernel-loaders.patch similarity index 99% rename from 0547-nx-set-attrs-in-our-kernel-loaders.patch rename to 0552-nx-set-attrs-in-our-kernel-loaders.patch index 3fddaae52b3ccd7a26ba1bc41d3ff6f86aa00584..e4c4c3eb27b126b7a795722da4e40bf41f635995 100644 --- a/0547-nx-set-attrs-in-our-kernel-loaders.patch +++ b/0552-nx-set-attrs-in-our-kernel-loaders.patch @@ -15,7 +15,6 @@ Signed-off-by: Peter Jones (cherry picked from commit daba852bd3e4d7b7784b19cf7acf107dc3c0dce4) [rharwood: stack_attrs initialization, no risc-v, arm renames, arm age] Signed-off-by: Robbie Harwood -(cherry picked from commit 3a402a2e54b3468b20eae182d98913600a6b68dd) --- grub-core/kern/efi/mm.c | 78 ++++++++++++++++++ grub-core/loader/arm64/linux.c | 16 +++- diff --git a/0548-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch b/0553-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch similarity index 93% rename from 0548-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch rename to 0553-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch index 801efca7bc3d448abc02de3def0d9be88fc82de9..662de5dffb0c18c92b5d98207f557a9cb12011a5 100644 --- a/0548-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch +++ b/0553-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch @@ -18,7 +18,8 @@ GRUB_PE32_NX_COMPAT, and changes grub-mkimage to set that flag. Signed-off-by: Peter Jones (cherry picked from commit 0c7f1aed5a87f75051b421903a900ccb4bbd795a) (cherry picked from commit 2f9446d488da96de963f4ffe03b0a1c60a4664f5) -(cherry picked from commit f56671343622b0e0216340cd07e77dfc4e88a97a) +[rharwood: fix uninitialized use of stack_attrs] +Signed-off-by: Robbie Harwood --- util/mkimage.c | 1 + 1 file changed, 1 insertion(+) diff --git a/0549-Fixup-grub_efi_get_variable-type-in-our-loaders.patch b/0554-Fixup-grub_efi_get_variable-type-in-our-loaders.patch similarity index 96% rename from 0549-Fixup-grub_efi_get_variable-type-in-our-loaders.patch rename to 0554-Fixup-grub_efi_get_variable-type-in-our-loaders.patch index 8ec08c8d7d74dfc92b2fb414c5944f439a233cf2..7d0ca72ec5aa1625a5c02e200637c4a2a64c8997 100644 --- a/0549-Fixup-grub_efi_get_variable-type-in-our-loaders.patch +++ b/0554-Fixup-grub_efi_get_variable-type-in-our-loaders.patch @@ -7,7 +7,6 @@ Has a new type now that we have 04ae030d0eea8668d4417702d88bf2cf04713d80 ("efi: Return grub_efi_status_t from grub_efi_get_variable()"). Signed-off-by: Robbie Harwood -(cherry picked from commit d27cee05d31a9612f0b877d2de727b22cc3ec51a) --- grub-core/kern/efi/init.c | 4 ++-- grub-core/kern/efi/sb.c | 4 ++-- diff --git a/0555-Make-debug-file-show-which-file-filters-get-run.patch b/0555-Make-debug-file-show-which-file-filters-get-run.patch new file mode 100644 index 0000000000000000000000000000000000000000..b614ef39588b4955fb5fd22e2443b7985137a2e7 --- /dev/null +++ b/0555-Make-debug-file-show-which-file-filters-get-run.patch @@ -0,0 +1,47 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Fri, 29 Jul 2022 15:56:00 -0400 +Subject: [PATCH] Make debug=file show which file filters get run. + +If one of the file filters breaks things, it's hard to figure out where +it has happened. + +This makes grub log which filter is being run, which makes it easier to +figure out where you are in the sequence of events. + +Signed-off-by: Peter Jones +(cherry picked from commit d3d6518a13b5440a3be6c66b0ae47447182f2891) +(cherry picked from commit d197e70761b1383827e9008e21ee41c6c7015776) +--- + grub-core/kern/file.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c +index f062fc21e7..5e1f29d0dd 100644 +--- a/grub-core/kern/file.c ++++ b/grub-core/kern/file.c +@@ -30,6 +30,14 @@ void (*EXPORT_VAR (grub_grubnet_fini)) (void); + + grub_file_filter_t grub_file_filters[GRUB_FILE_FILTER_MAX]; + ++static char *filter_names[] = { ++ [GRUB_FILE_FILTER_VERIFY] = "GRUB_FILE_FILTER_VERIFY", ++ [GRUB_FILE_FILTER_GZIO] = "GRUB_FILE_FILTER_GZIO", ++ [GRUB_FILE_FILTER_XZIO] = "GRUB_FILE_FILTER_XZIO", ++ [GRUB_FILE_FILTER_LZOPIO] = "GRUB_FILE_FILTER_LZOPIO", ++ [GRUB_FILE_FILTER_MAX] = "GRUB_FILE_FILTER_MAX" ++}; ++ + /* Get the device part of the filename NAME. It is enclosed by parentheses. */ + char * + grub_file_get_device_name (const char *name) +@@ -121,6 +129,9 @@ grub_file_open (const char *name, enum grub_file_type type) + if (grub_file_filters[filter]) + { + last_file = file; ++ if (filter < GRUB_FILE_FILTER_MAX) ++ grub_dprintf ("file", "Running %s file filter\n", ++ filter_names[filter]); + file = grub_file_filters[filter] (file, type); + if (file && file != last_file) + { diff --git a/0556-efi-use-enumerated-array-positions-for-our-allocatio.patch b/0556-efi-use-enumerated-array-positions-for-our-allocatio.patch new file mode 100644 index 0000000000000000000000000000000000000000..6f1bfc77d0b59e7b8a5d3fc037ba01a47b432951 --- /dev/null +++ b/0556-efi-use-enumerated-array-positions-for-our-allocatio.patch @@ -0,0 +1,83 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 1 Aug 2022 14:06:30 -0400 +Subject: [PATCH] efi: use enumerated array positions for our allocation + choices + +In our kernel allocator on EFI systems, we currently have a growing +amount of code that references the various allocation policies by +position in the array, and of course maintenance of this code scales +very poorly. + +This patch changes them to be enumerated, so they're easier to refer to +farther along in the code without confusion. + +Signed-off-by: Peter Jones +(cherry picked from commit 6768026270cca015d7fef0ecc8a4119e9b3d3923) +(cherry picked from commit 50b2ca3274b6950393a4ffc7edde04a1a3de594e) +--- + grub-core/loader/i386/efi/linux.c | 31 ++++++++++++++++++++----------- + 1 file changed, 20 insertions(+), 11 deletions(-) + +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index d80d6ec312..23b27f6507 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -60,17 +60,26 @@ struct allocation_choice { + grub_efi_allocate_type_t alloc_type; + }; + +-static struct allocation_choice max_addresses[4] = ++enum { ++ KERNEL_PREF_ADDRESS, ++ KERNEL_4G_LIMIT, ++ KERNEL_NO_LIMIT, ++}; ++ ++static struct allocation_choice max_addresses[] = + { + /* the kernel overrides this one with pref_address and + * GRUB_EFI_ALLOCATE_ADDRESS */ +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ [KERNEL_PREF_ADDRESS] = ++ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ /* If the flag in params is set, this one gets changed to be above 4GB. */ ++ [KERNEL_4G_LIMIT] = ++ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, + /* this one is always below 4GB, which we still *prefer* even if the flag + * is set. */ +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, +- /* If the flag in params is set, this one gets changed to be above 4GB. */ +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, +- { 0, 0 } ++ [KERNEL_NO_LIMIT] = ++ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ { NO_MEM, 0, 0 } + }; + static struct allocation_choice saved_addresses[4]; + +@@ -423,7 +432,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + if (lh->xloadflags & LINUX_XLF_CAN_BE_LOADED_ABOVE_4G) + { + grub_dprintf ("linux", "Loading kernel above 4GB is supported; enabling.\n"); +- max_addresses[2].addr = GRUB_EFI_MAX_USABLE_ADDRESS; ++ max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_USABLE_ADDRESS; + } + else + { +@@ -495,11 +504,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + grub_dprintf ("linux", "lh->pref_address: %p\n", (void *)(grub_addr_t)lh->pref_address); + if (lh->pref_address < (grub_uint64_t)GRUB_EFI_MAX_ALLOCATION_ADDRESS) + { +- max_addresses[0].addr = lh->pref_address; +- max_addresses[0].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS; ++ max_addresses[KERNEL_PREF_ADDRESS].addr = lh->pref_address; ++ max_addresses[KERNEL_PREF_ADDRESS].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS; + } +- max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; +- max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; ++ max_addresses[KERNEL_4G_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; ++ max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; + kernel_size = lh->init_size; + kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE, + N_("can't allocate kernel")); diff --git a/0557-efi-split-allocation-policy-for-kernel-vs-initrd-mem.patch b/0557-efi-split-allocation-policy-for-kernel-vs-initrd-mem.patch new file mode 100644 index 0000000000000000000000000000000000000000..08d2765b02d29c7268997d7d0c10c17ea72fae9a --- /dev/null +++ b/0557-efi-split-allocation-policy-for-kernel-vs-initrd-mem.patch @@ -0,0 +1,129 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 1 Aug 2022 14:24:39 -0400 +Subject: [PATCH] efi: split allocation policy for kernel vs initrd memories. + +Currently in our kernel allocator, we use the same set of choices for +all of our various kernel and initramfs allocations, though they do not +have exactly the same constraints. + +This patch adds the concept of an allocation purpose, which currently +can be KERNEL_MEM or INITRD_MEM, and updates kernel_alloc() calls +appropriately, but does not change any current policy decision. It +also adds a few debug prints. + +Signed-off-by: Peter Jones +(cherry picked from commit 36307bed28cd838116fc4af26a30719660d62d4c) +(cherry picked from commit dc1196350b0cbe89582832f44df0fce67e0c9fb2) +--- + grub-core/loader/i386/efi/linux.c | 35 +++++++++++++++++++++++++++-------- + 1 file changed, 27 insertions(+), 8 deletions(-) + +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 23b27f6507..09e7596064 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -55,7 +55,14 @@ struct grub_linuxefi_context { + + #define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) + ++typedef enum { ++ NO_MEM, ++ KERNEL_MEM, ++ INITRD_MEM, ++} kernel_alloc_purpose_t; ++ + struct allocation_choice { ++ kernel_alloc_purpose_t purpose; + grub_efi_physical_address_t addr; + grub_efi_allocate_type_t alloc_type; + }; +@@ -64,6 +71,7 @@ enum { + KERNEL_PREF_ADDRESS, + KERNEL_4G_LIMIT, + KERNEL_NO_LIMIT, ++ INITRD_MAX_ADDRESS, + }; + + static struct allocation_choice max_addresses[] = +@@ -71,14 +79,17 @@ static struct allocation_choice max_addresses[] = + /* the kernel overrides this one with pref_address and + * GRUB_EFI_ALLOCATE_ADDRESS */ + [KERNEL_PREF_ADDRESS] = +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, + /* If the flag in params is set, this one gets changed to be above 4GB. */ + [KERNEL_4G_LIMIT] = +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, + /* this one is always below 4GB, which we still *prefer* even if the flag + * is set. */ + [KERNEL_NO_LIMIT] = +- { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ { KERNEL_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, ++ /* this is for the initrd */ ++ [INITRD_MAX_ADDRESS] = ++ { INITRD_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, + { NO_MEM, 0, 0 } + }; + static struct allocation_choice saved_addresses[4]; +@@ -95,7 +106,8 @@ kernel_free(void *addr, grub_efi_uintn_t size) + } + + static void * +-kernel_alloc(grub_efi_uintn_t size, ++kernel_alloc(kernel_alloc_purpose_t purpose, ++ grub_efi_uintn_t size, + grub_efi_memory_type_t memtype, + const char * const errmsg) + { +@@ -108,6 +120,9 @@ kernel_alloc(grub_efi_uintn_t size, + grub_uint64_t max = max_addresses[i].addr; + grub_efi_uintn_t pages; + ++ if (purpose != max_addresses[i].purpose) ++ continue; ++ + /* + * When we're *not* loading the kernel, or >4GB allocations aren't + * supported, these entries are basically all the same, so don't re-try +@@ -262,7 +277,8 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) + } + } + +- initrd_mem = kernel_alloc(size, GRUB_EFI_RUNTIME_SERVICES_DATA, ++ grub_dprintf ("linux", "Trying to allocate initrd mem\n"); ++ initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_RUNTIME_SERVICES_DATA, + N_("can't allocate initrd")); + if (initrd_mem == NULL) + goto fail; +@@ -440,7 +456,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + } + #endif + +- params = kernel_alloc (sizeof(*params), GRUB_EFI_RUNTIME_SERVICES_DATA, ++ params = kernel_alloc (KERNEL_MEM, sizeof(*params), ++ GRUB_EFI_RUNTIME_SERVICES_DATA, + "cannot allocate kernel parameters"); + if (!params) + goto fail; +@@ -462,7 +479,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + grub_dprintf ("linux", "new lh is at %p\n", lh); + + grub_dprintf ("linux", "setting up cmdline\n"); +- cmdline = kernel_alloc (lh->cmdline_size + 1, ++ cmdline = kernel_alloc (KERNEL_MEM, lh->cmdline_size + 1, + GRUB_EFI_RUNTIME_SERVICES_DATA, + N_("can't allocate cmdline")); + if (!cmdline) +@@ -510,7 +527,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + max_addresses[KERNEL_4G_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; + max_addresses[KERNEL_NO_LIMIT].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; + kernel_size = lh->init_size; +- kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE, ++ grub_dprintf ("linux", "Trying to allocate kernel mem\n"); ++ kernel_mem = kernel_alloc (KERNEL_MEM, kernel_size, ++ GRUB_EFI_RUNTIME_SERVICES_CODE, + N_("can't allocate kernel")); + restore_addresses(); + if (!kernel_mem) diff --git a/0558-efi-use-EFI_LOADER_-CODE-DATA-for-kernel-and-initrd-.patch b/0558-efi-use-EFI_LOADER_-CODE-DATA-for-kernel-and-initrd-.patch new file mode 100644 index 0000000000000000000000000000000000000000..28f603e7fcbb6fc2deb2cd0ef9c9155bc46e59e3 --- /dev/null +++ b/0558-efi-use-EFI_LOADER_-CODE-DATA-for-kernel-and-initrd-.patch @@ -0,0 +1,63 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 1 Aug 2022 13:04:43 -0400 +Subject: [PATCH] efi: use EFI_LOADER_(CODE|DATA) for kernel and initrd + allocations + +At some point due to an erroneous kernel warning, we switched kernel and +initramfs to being loaded in EFI_RUNTIME_SERVICES_CODE and +EFI_RUNTIME_SERVICES_DATA memory pools. This doesn't appear to be +correct according to the spec, and that kernel warning has gone away. + +This patch puts them back in EFI_LOADER_CODE and EFI_LOADER_DATA +allocations, respectively. + +Resolves: rhbz#2108456 + +Signed-off-by: Peter Jones +(cherry picked from commit 35b5d5fa47bc394c76022e6595b173e68f53225e) +(cherry picked from commit 66e1c922b40957fca488435e06a2f875a219844b) +--- + grub-core/loader/i386/efi/linux.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 09e7596064..4d39023792 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -278,7 +278,7 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) + } + + grub_dprintf ("linux", "Trying to allocate initrd mem\n"); +- initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_RUNTIME_SERVICES_DATA, ++ initrd_mem = kernel_alloc(INITRD_MEM, size, GRUB_EFI_LOADER_DATA, + N_("can't allocate initrd")); + if (initrd_mem == NULL) + goto fail; +@@ -457,7 +457,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + #endif + + params = kernel_alloc (KERNEL_MEM, sizeof(*params), +- GRUB_EFI_RUNTIME_SERVICES_DATA, ++ GRUB_EFI_LOADER_DATA, + "cannot allocate kernel parameters"); + if (!params) + goto fail; +@@ -480,7 +480,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + + grub_dprintf ("linux", "setting up cmdline\n"); + cmdline = kernel_alloc (KERNEL_MEM, lh->cmdline_size + 1, +- GRUB_EFI_RUNTIME_SERVICES_DATA, ++ GRUB_EFI_LOADER_DATA, + N_("can't allocate cmdline")); + if (!cmdline) + goto fail; +@@ -529,7 +529,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), + kernel_size = lh->init_size; + grub_dprintf ("linux", "Trying to allocate kernel mem\n"); + kernel_mem = kernel_alloc (KERNEL_MEM, kernel_size, +- GRUB_EFI_RUNTIME_SERVICES_CODE, ++ GRUB_EFI_LOADER_CODE, + N_("can't allocate kernel")); + restore_addresses(); + if (!kernel_mem) diff --git a/0559-ieee1275-implement-vec5-for-cas-negotiation.patch b/0559-ieee1275-implement-vec5-for-cas-negotiation.patch new file mode 100644 index 0000000000000000000000000000000000000000..ff614f89b7f3fef238dada1391f4362523f793b5 --- /dev/null +++ b/0559-ieee1275-implement-vec5-for-cas-negotiation.patch @@ -0,0 +1,72 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Diego Domingos +Date: Thu, 25 Aug 2022 11:37:56 -0400 +Subject: [PATCH] ieee1275: implement vec5 for cas negotiation + +As a legacy support, if the vector 5 is not implemented, Power +Hypervisor will consider the max CPUs as 64 instead 256 currently +supported during client-architecture-support negotiation. + +This patch implements the vector 5 and set the MAX CPUs to 256 while +setting the others values to 0 (default). + +Signed-off-by: Diego Domingos +Signed-off-by: Robbie Harwood +(cherry picked from commit f735c65b6da8a9d4251242b37774e1a517511253) +(cherry picked from commit 1639f43b2db4ac405ac2a92e50ed4cff351c3baa) +--- + grub-core/kern/ieee1275/init.c | 20 +++++++++++++++++++- + 1 file changed, 19 insertions(+), 1 deletion(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index 1414695cc6..37f3098c39 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -307,6 +307,18 @@ struct option_vector2 { + grub_uint8_t max_pft_size; + } __attribute__((packed)); + ++struct option_vector5 { ++ grub_uint8_t byte1; ++ grub_uint8_t byte2; ++ grub_uint8_t byte3; ++ grub_uint8_t cmo; ++ grub_uint8_t associativity; ++ grub_uint8_t bin_opts; ++ grub_uint8_t micro_checkpoint; ++ grub_uint8_t reserved0; ++ grub_uint32_t max_cpus; ++} __attribute__((packed)); ++ + struct pvr_entry { + grub_uint32_t mask; + grub_uint32_t entry; +@@ -325,6 +337,8 @@ struct cas_vector { + grub_uint16_t vec3; + grub_uint8_t vec4_size; + grub_uint16_t vec4; ++ grub_uint8_t vec5_size; ++ struct option_vector5 vec5; + } __attribute__((packed)); + + /* Call ibm,client-architecture-support to try to get more RMA. +@@ -345,7 +359,7 @@ grub_ieee1275_ibm_cas (void) + } args; + struct cas_vector vector = { + .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */ +- .num_vecs = 4 - 1, ++ .num_vecs = 5 - 1, + .vec1_size = 0, + .vec1 = 0x80, /* ignore */ + .vec2_size = 1 + sizeof(struct option_vector2) - 2, +@@ -356,6 +370,10 @@ grub_ieee1275_ibm_cas (void) + .vec3 = 0x00e0, // ask for FP + VMX + DFP but don't halt if unsatisfied + .vec4_size = 2 - 1, + .vec4 = 0x0001, // set required minimum capacity % to the lowest value ++ .vec5_size = 1 + sizeof(struct option_vector5) - 2, ++ .vec5 = { ++ 0, 0, 0, 0, 0, 0, 0, 0, 256 ++ } + }; + + INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2); diff --git a/0560-x86-efi-Fix-an-incorrect-array-size-in-kernel-alloca.patch b/0560-x86-efi-Fix-an-incorrect-array-size-in-kernel-alloca.patch new file mode 100644 index 0000000000000000000000000000000000000000..a422b99f213c4048793a55ee08ae2c3c066db7d1 --- /dev/null +++ b/0560-x86-efi-Fix-an-incorrect-array-size-in-kernel-alloca.patch @@ -0,0 +1,38 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Tue, 11 Oct 2022 17:00:50 -0400 +Subject: [PATCH] x86-efi: Fix an incorrect array size in kernel allocation + +In 81a6ebf62bbe166ddc968463df2e8bd481bf697c ("efi: split allocation +policy for kernel vs initrd memories."), I introduced a split in the +kernel allocator to allow for different dynamic policies for the kernel +and the initrd allocations. + +Unfortunately, that change increased the size of the policy data used to +make decisions, but did not change the size of the temporary storage we +use to back it up and restore. This results in some of .data getting +clobbered at runtime, and hilarity ensues. + +This patch makes the size of the backup storage be based on the size of +the initial policy data. + +Signed-off-by: Peter Jones +(cherry picked from commit 37747b22342499a798ca3a8895770cd93b6e1258) +(cherry picked from commit 72713ce761720235c86bbda412480c97b2892e00) +--- + grub-core/loader/i386/efi/linux.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c +index 4d39023792..3d55f8b8d2 100644 +--- a/grub-core/loader/i386/efi/linux.c ++++ b/grub-core/loader/i386/efi/linux.c +@@ -92,7 +92,7 @@ static struct allocation_choice max_addresses[] = + { INITRD_MEM, GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, + { NO_MEM, 0, 0 } + }; +-static struct allocation_choice saved_addresses[4]; ++static struct allocation_choice saved_addresses[sizeof(max_addresses) / sizeof(max_addresses[0])]; + + #define save_addresses() grub_memcpy(saved_addresses, max_addresses, sizeof(max_addresses)) + #define restore_addresses() grub_memcpy(max_addresses, saved_addresses, sizeof(max_addresses)) diff --git a/0561-switch-to-blscfg-don-t-assume-newline-at-end-of-cfg.patch b/0561-switch-to-blscfg-don-t-assume-newline-at-end-of-cfg.patch new file mode 100644 index 0000000000000000000000000000000000000000..fee71eb0495ac4282af2e4f35c586978eee4240c --- /dev/null +++ b/0561-switch-to-blscfg-don-t-assume-newline-at-end-of-cfg.patch @@ -0,0 +1,25 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 18 Oct 2022 14:15:28 -0400 +Subject: [PATCH] switch-to-blscfg: don't assume newline at end of cfg + +Signed-off-by: Robbie Harwood +--- + util/grub-switch-to-blscfg.in | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/util/grub-switch-to-blscfg.in b/util/grub-switch-to-blscfg.in +index eeea130770..5a97954c39 100644 +--- a/util/grub-switch-to-blscfg.in ++++ b/util/grub-switch-to-blscfg.in +@@ -277,7 +277,9 @@ if grep '^GRUB_ENABLE_BLSCFG=.*' "${etcdefaultgrub}" \ + fi + GENERATE=1 + elif ! grep -q '^GRUB_ENABLE_BLSCFG=.*' "${etcdefaultgrub}" ; then +- if ! echo 'GRUB_ENABLE_BLSCFG=true' >> "${etcdefaultgrub}" ; then ++ # prepend in case admins have been bad at newlines ++ sed -i '1iGRUB_ENABLE_BLSCFG=true' "${etcdefaultgrub}" ++ if ! grep -q '^GRUB_ENABLE_BLSCFG=true' "${etcdefaultgrub}" ; then + gettext_printf "Updating %s failed\n" "${etcdefaultgrub}" + exit 1 + fi diff --git a/0562-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch b/0562-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch new file mode 100644 index 0000000000000000000000000000000000000000..e7f7a0c9369c276bc6c524476254a067e8256873 --- /dev/null +++ b/0562-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch @@ -0,0 +1,33 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Wed, 3 Aug 2022 19:45:33 +0800 +Subject: [PATCH] font: Reject glyphs exceeds font->max_glyph_width or + font->max_glyph_height + +Check glyph's width and height against limits specified in font's +metadata. Reject the glyph (and font) if such limits are exceeded. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit 5760fcfd466cc757540ea0d591bad6a08caeaa16) +(cherry picked from commit 3b410ef4bb95e607cadeba2193fa90ae9bddb98d) +(cherry picked from commit 8ebe587def61af7893ebcae87d45c883f3cfb713) +--- + grub-core/font/font.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index b67507fcc8..8d1a990401 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -760,7 +760,9 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) + || read_be_uint16 (font->file, &height) != 0 + || read_be_int16 (font->file, &xoff) != 0 + || read_be_int16 (font->file, &yoff) != 0 +- || read_be_int16 (font->file, &dwidth) != 0) ++ || read_be_int16 (font->file, &dwidth) != 0 ++ || width > font->max_char_width ++ || height > font->max_char_height) + { + remove_font (font); + return 0; diff --git a/0563-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch b/0563-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch new file mode 100644 index 0000000000000000000000000000000000000000..df3a70511d8dac49a77dba9a491752a408c6ec11 --- /dev/null +++ b/0563-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch @@ -0,0 +1,112 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 5 Aug 2022 00:51:20 +0800 +Subject: [PATCH] font: Fix size overflow in grub_font_get_glyph_internal() + +The length of memory allocation and file read may overflow. This patch +fixes the problem by using safemath macros. + +There is a lot of code repetition like "(x * y + 7) / 8". It is unsafe +if overflow happens. This patch introduces grub_video_bitmap_calc_1bpp_bufsz(). +It is safe replacement for such code. It has safemath-like prototype. + +This patch also introduces grub_cast(value, pointer), it casts value to +typeof(*pointer) then store the value to *pointer. It returns true when +overflow occurs or false if there is no overflow. The semantics of arguments +and return value are designed to be consistent with other safemath macros. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit 941d10ad6f1dcbd12fb613002249e29ba035f985) +(cherry picked from commit 6bca9693878bdf61dd62b8c784862a48e75f569a) +(cherry picked from commit edbbda5486cf8c3dc2b68fbd3dead822ab448022) +--- + grub-core/font/font.c | 17 +++++++++++++---- + include/grub/bitmap.h | 18 ++++++++++++++++++ + include/grub/safemath.h | 2 ++ + 3 files changed, 33 insertions(+), 4 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 8d1a990401..d6df79602d 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -739,7 +739,8 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) + grub_int16_t xoff; + grub_int16_t yoff; + grub_int16_t dwidth; +- int len; ++ grub_ssize_t len; ++ grub_size_t sz; + + if (index_entry->glyph) + /* Return cached glyph. */ +@@ -768,9 +769,17 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) + return 0; + } + +- len = (width * height + 7) / 8; +- glyph = grub_malloc (sizeof (struct grub_font_glyph) + len); +- if (!glyph) ++ /* Calculate real struct size of current glyph. */ ++ if (grub_video_bitmap_calc_1bpp_bufsz (width, height, &len) || ++ grub_add (sizeof (struct grub_font_glyph), len, &sz)) ++ { ++ remove_font (font); ++ return 0; ++ } ++ ++ /* Allocate and initialize the glyph struct. */ ++ glyph = grub_malloc (sz); ++ if (glyph == NULL) + { + remove_font (font); + return 0; +diff --git a/include/grub/bitmap.h b/include/grub/bitmap.h +index 5728f8ca3a..0d9603f619 100644 +--- a/include/grub/bitmap.h ++++ b/include/grub/bitmap.h +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + struct grub_video_bitmap + { +@@ -79,6 +80,23 @@ grub_video_bitmap_get_height (struct grub_video_bitmap *bitmap) + return bitmap->mode_info.height; + } + ++/* ++ * Calculate and store the size of data buffer of 1bit bitmap in result. ++ * Equivalent to "*result = (width * height + 7) / 8" if no overflow occurs. ++ * Return true when overflow occurs or false if there is no overflow. ++ * This function is intentionally implemented as a macro instead of ++ * an inline function. Although a bit awkward, it preserves data types for ++ * safemath macros and reduces macro side effects as much as possible. ++ * ++ * XXX: Will report false overflow if width * height > UINT64_MAX. ++ */ ++#define grub_video_bitmap_calc_1bpp_bufsz(width, height, result) \ ++({ \ ++ grub_uint64_t _bitmap_pixels; \ ++ grub_mul ((width), (height), &_bitmap_pixels) ? 1 : \ ++ grub_cast (_bitmap_pixels / GRUB_CHAR_BIT + !!(_bitmap_pixels % GRUB_CHAR_BIT), (result)); \ ++}) ++ + void EXPORT_FUNC (grub_video_bitmap_get_mode_info) (struct grub_video_bitmap *bitmap, + struct grub_video_mode_info *mode_info); + +diff --git a/include/grub/safemath.h b/include/grub/safemath.h +index 1ccac276b5..30800ad6a1 100644 +--- a/include/grub/safemath.h ++++ b/include/grub/safemath.h +@@ -30,6 +30,8 @@ + #define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res) + #define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res) + ++#define grub_cast(a, res) grub_add ((a), 0, (res)) ++ + #else + /* + * Copyright 2020 Rasmus Villemoes diff --git a/0564-font-Fix-several-integer-overflows-in-grub_font_cons.patch b/0564-font-Fix-several-integer-overflows-in-grub_font_cons.patch new file mode 100644 index 0000000000000000000000000000000000000000..0afdf93fe7cb9d4fefacabc1a2689c1a0fcc24ad --- /dev/null +++ b/0564-font-Fix-several-integer-overflows-in-grub_font_cons.patch @@ -0,0 +1,81 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 5 Aug 2022 01:58:27 +0800 +Subject: [PATCH] font: Fix several integer overflows in + grub_font_construct_glyph() + +This patch fixes several integer overflows in grub_font_construct_glyph(). +Glyphs of invalid size, zero or leading to an overflow, are rejected. +The inconsistency between "glyph" and "max_glyph_size" when grub_malloc() +returns NULL is fixed too. + +Fixes: CVE-2022-2601 + +Reported-by: Zhang Boyang +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit b1805f251b31a9d3cfae5c3572ddfa630145dbbf) +(cherry picked from commit b91eb9bd6c724339b7d7bb4765b9d36f1ee88b84) +(cherry picked from commit 1ebafd82dd19e522f0d753fd9828553fe8bcac78) +--- + grub-core/font/font.c | 29 +++++++++++++++++------------ + 1 file changed, 17 insertions(+), 12 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index d6df79602d..129aaa3838 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -1517,6 +1517,7 @@ grub_font_construct_glyph (grub_font_t hinted_font, + struct grub_video_signed_rect bounds; + static struct grub_font_glyph *glyph = 0; + static grub_size_t max_glyph_size = 0; ++ grub_size_t cur_glyph_size; + + ensure_comb_space (glyph_id); + +@@ -1533,29 +1534,33 @@ grub_font_construct_glyph (grub_font_t hinted_font, + if (!glyph_id->ncomb && !glyph_id->attributes) + return main_glyph; + +- if (max_glyph_size < sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT) ++ if (grub_video_bitmap_calc_1bpp_bufsz (bounds.width, bounds.height, &cur_glyph_size) || ++ grub_add (sizeof (*glyph), cur_glyph_size, &cur_glyph_size)) ++ return main_glyph; ++ ++ if (max_glyph_size < cur_glyph_size) + { + grub_free (glyph); +- max_glyph_size = (sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT) * 2; +- if (max_glyph_size < 8) +- max_glyph_size = 8; +- glyph = grub_malloc (max_glyph_size); ++ if (grub_mul (cur_glyph_size, 2, &max_glyph_size)) ++ max_glyph_size = 0; ++ glyph = max_glyph_size > 0 ? grub_malloc (max_glyph_size) : NULL; + } + if (!glyph) + { ++ max_glyph_size = 0; + grub_errno = GRUB_ERR_NONE; + return main_glyph; + } + +- grub_memset (glyph, 0, sizeof (*glyph) +- + (bounds.width * bounds.height +- + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT); ++ grub_memset (glyph, 0, cur_glyph_size); + + glyph->font = main_glyph->font; +- glyph->width = bounds.width; +- glyph->height = bounds.height; +- glyph->offset_x = bounds.x; +- glyph->offset_y = bounds.y; ++ if (bounds.width == 0 || bounds.height == 0 || ++ grub_cast (bounds.width, &glyph->width) || ++ grub_cast (bounds.height, &glyph->height) || ++ grub_cast (bounds.x, &glyph->offset_x) || ++ grub_cast (bounds.y, &glyph->offset_y)) ++ return main_glyph; + + if (glyph_id->attributes & GRUB_UNICODE_GLYPH_ATTRIBUTE_MIRROR) + grub_font_blit_glyph_mirror (glyph, main_glyph, diff --git a/0565-font-Remove-grub_font_dup_glyph.patch b/0565-font-Remove-grub_font_dup_glyph.patch new file mode 100644 index 0000000000000000000000000000000000000000..2f9a33eacc81ebf8f843fc2e4ec54250f455997b --- /dev/null +++ b/0565-font-Remove-grub_font_dup_glyph.patch @@ -0,0 +1,42 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 5 Aug 2022 02:13:29 +0800 +Subject: [PATCH] font: Remove grub_font_dup_glyph() + +Remove grub_font_dup_glyph() since nobody is using it since 2013, and +I'm too lazy to fix the integer overflow problem in it. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit 25ad31c19c331aaa2dbd9bd2b2e2655de5766a9d) +(cherry picked from commit ad950e1e033318bb50222ed268a6dcfb97389035) +(cherry picked from commit 71644fccc1d43309f0a379dcfe9341ec3bd9657d) +--- + grub-core/font/font.c | 14 -------------- + 1 file changed, 14 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 129aaa3838..347e9dfa29 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -1055,20 +1055,6 @@ grub_font_get_glyph_with_fallback (grub_font_t font, grub_uint32_t code) + return best_glyph; + } + +-#if 0 +-static struct grub_font_glyph * +-grub_font_dup_glyph (struct grub_font_glyph *glyph) +-{ +- static struct grub_font_glyph *ret; +- ret = grub_malloc (sizeof (*ret) + (glyph->width * glyph->height + 7) / 8); +- if (!ret) +- return NULL; +- grub_memcpy (ret, glyph, sizeof (*ret) +- + (glyph->width * glyph->height + 7) / 8); +- return ret; +-} +-#endif +- + /* FIXME: suboptimal. */ + static void + grub_font_blit_glyph (struct grub_font_glyph *target, diff --git a/0566-font-Fix-integer-overflow-in-ensure_comb_space.patch b/0566-font-Fix-integer-overflow-in-ensure_comb_space.patch new file mode 100644 index 0000000000000000000000000000000000000000..baa2d7455777338077028b54d649cd05d96c6d65 --- /dev/null +++ b/0566-font-Fix-integer-overflow-in-ensure_comb_space.patch @@ -0,0 +1,48 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 5 Aug 2022 02:27:05 +0800 +Subject: [PATCH] font: Fix integer overflow in ensure_comb_space() + +In fact it can't overflow at all because glyph_id->ncomb is only 8-bit +wide. But let's keep safe if somebody changes the width of glyph_id->ncomb +in the future. This patch also fixes the inconsistency between +render_max_comb_glyphs and render_combining_glyphs when grub_malloc() +returns NULL. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit b2740b7e4a03bb8331d48b54b119afea76bb9d5f) +(cherry picked from commit f66ea1e60c347408e92b6695d5105c7e0f24d568) +(cherry picked from commit 0e07159c24cdbb62a9d19fba8199065b049e03c7) +--- + grub-core/font/font.c | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 347e9dfa29..1367e44743 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -1468,14 +1468,18 @@ ensure_comb_space (const struct grub_unicode_glyph *glyph_id) + if (glyph_id->ncomb <= render_max_comb_glyphs) + return; + +- render_max_comb_glyphs = 2 * glyph_id->ncomb; +- if (render_max_comb_glyphs < 8) ++ if (grub_mul (glyph_id->ncomb, 2, &render_max_comb_glyphs)) ++ render_max_comb_glyphs = 0; ++ if (render_max_comb_glyphs > 0 && render_max_comb_glyphs < 8) + render_max_comb_glyphs = 8; + grub_free (render_combining_glyphs); +- render_combining_glyphs = grub_malloc (render_max_comb_glyphs +- * sizeof (render_combining_glyphs[0])); ++ render_combining_glyphs = (render_max_comb_glyphs > 0) ? ++ grub_calloc (render_max_comb_glyphs, sizeof (render_combining_glyphs[0])) : NULL; + if (!render_combining_glyphs) +- grub_errno = 0; ++ { ++ render_max_comb_glyphs = 0; ++ grub_errno = GRUB_ERR_NONE; ++ } + } + + int diff --git a/0567-font-Fix-integer-overflow-in-BMP-index.patch b/0567-font-Fix-integer-overflow-in-BMP-index.patch new file mode 100644 index 0000000000000000000000000000000000000000..c28337d9b49e17df726bbd077438b6d6a7346a0b --- /dev/null +++ b/0567-font-Fix-integer-overflow-in-BMP-index.patch @@ -0,0 +1,65 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Mon, 15 Aug 2022 02:04:58 +0800 +Subject: [PATCH] font: Fix integer overflow in BMP index + +The BMP index (font->bmp_idx) is designed as a reverse lookup table of +char entries (font->char_index), in order to speed up lookups for BMP +chars (i.e. code < 0x10000). The values in BMP index are the subscripts +of the corresponding char entries, stored in grub_uint16_t, while 0xffff +means not found. + +This patch fixes the problem of large subscript truncated to grub_uint16_t, +leading BMP index to return wrong char entry or report false miss. The +code now checks for bounds and uses BMP index as a hint, and fallbacks +to binary-search if necessary. + +On the occasion add a comment about BMP index is initialized to 0xffff. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit afda8b60ba0712abe01ae1e64c5f7a067a0e6492) +(cherry picked from commit 6d90568929e11739b56f09ebbce9185ca9c23519) +(cherry picked from commit b8c47c3dd6894b3135db861e3e563f661efad5c3) +--- + grub-core/font/font.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 1367e44743..059c23dff7 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -300,6 +300,8 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct + font->bmp_idx = grub_malloc (0x10000 * sizeof (grub_uint16_t)); + if (!font->bmp_idx) + return 1; ++ ++ /* Init the BMP index array to 0xffff. */ + grub_memset (font->bmp_idx, 0xff, 0x10000 * sizeof (grub_uint16_t)); + + +@@ -328,7 +330,7 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct + return 1; + } + +- if (entry->code < 0x10000) ++ if (entry->code < 0x10000 && i < 0xffff) + font->bmp_idx[entry->code] = i; + + last_code = entry->code; +@@ -696,9 +698,12 @@ find_glyph (const grub_font_t font, grub_uint32_t code) + /* Use BMP index if possible. */ + if (code < 0x10000 && font->bmp_idx) + { +- if (font->bmp_idx[code] == 0xffff) +- return 0; +- return &table[font->bmp_idx[code]]; ++ if (font->bmp_idx[code] < 0xffff) ++ return &table[font->bmp_idx[code]]; ++ /* ++ * When we are here then lookup in BMP index result in miss, ++ * fallthough to binary-search. ++ */ + } + + /* Do a binary search in `char_index', which is ordered by code point. */ diff --git a/0568-font-Fix-integer-underflow-in-binary-search-of-char-.patch b/0568-font-Fix-integer-underflow-in-binary-search-of-char-.patch new file mode 100644 index 0000000000000000000000000000000000000000..31b66afb4d0c6d8c0304b555d730afc9e31fbc32 --- /dev/null +++ b/0568-font-Fix-integer-underflow-in-binary-search-of-char-.patch @@ -0,0 +1,85 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Sun, 14 Aug 2022 18:09:38 +0800 +Subject: [PATCH] font: Fix integer underflow in binary search of char index + +If search target is less than all entries in font->index then "hi" +variable is set to -1, which translates to SIZE_MAX and leads to errors. + +This patch fixes the problem by replacing the entire binary search code +with the libstdc++'s std::lower_bound() implementation. + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit c140a086838e7c9af87842036f891b8393a8c4bc) +(cherry picked from commit e110997335b1744464ea232d57a7d86e16ca8dee) +(cherry picked from commit 403053a5116ae945f9515a82c37ff8cfb927362c) +--- + grub-core/font/font.c | 40 ++++++++++++++++++++++------------------ + 1 file changed, 22 insertions(+), 18 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 059c23dff7..31786ab339 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -688,12 +688,12 @@ read_be_int16 (grub_file_t file, grub_int16_t * value) + static inline struct char_index_entry * + find_glyph (const grub_font_t font, grub_uint32_t code) + { +- struct char_index_entry *table; +- grub_size_t lo; +- grub_size_t hi; +- grub_size_t mid; ++ struct char_index_entry *table, *first, *end; ++ grub_size_t len; + + table = font->char_index; ++ if (table == NULL) ++ return NULL; + + /* Use BMP index if possible. */ + if (code < 0x10000 && font->bmp_idx) +@@ -706,25 +706,29 @@ find_glyph (const grub_font_t font, grub_uint32_t code) + */ + } + +- /* Do a binary search in `char_index', which is ordered by code point. */ +- lo = 0; +- hi = font->num_chars - 1; ++ /* ++ * Do a binary search in char_index which is ordered by code point. ++ * The code below is the same as libstdc++'s std::lower_bound(). ++ */ ++ first = table; ++ len = font->num_chars; ++ end = first + len; + +- if (!table) +- return 0; +- +- while (lo <= hi) ++ while (len > 0) + { +- mid = lo + (hi - lo) / 2; +- if (code < table[mid].code) +- hi = mid - 1; +- else if (code > table[mid].code) +- lo = mid + 1; ++ grub_size_t half = len >> 1; ++ struct char_index_entry *middle = first + half; ++ ++ if (middle->code < code) ++ { ++ first = middle + 1; ++ len = len - half - 1; ++ } + else +- return &table[mid]; ++ len = half; + } + +- return 0; ++ return (first < end && first->code == code) ? first : NULL; + } + + /* Get a glyph for the Unicode character CODE in FONT. The glyph is loaded diff --git a/0569-fbutil-Fix-integer-overflow.patch b/0569-fbutil-Fix-integer-overflow.patch new file mode 100644 index 0000000000000000000000000000000000000000..885441005c948c9436c6f1be3e95cbfca0223a1c --- /dev/null +++ b/0569-fbutil-Fix-integer-overflow.patch @@ -0,0 +1,85 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Tue, 6 Sep 2022 03:03:21 +0800 +Subject: [PATCH] fbutil: Fix integer overflow + +Expressions like u64 = u32 * u32 are unsafe because their products are +truncated to u32 even if left hand side is u64. This patch fixes all +problems like that one in fbutil. + +To get right result not only left hand side have to be u64 but it's also +necessary to cast at least one of the operands of all leaf operators of +right hand side to u64, e.g. u64 = u32 * u32 + u32 * u32 should be +u64 = (u64)u32 * u32 + (u64)u32 * u32. + +For 1-bit bitmaps grub_uint64_t have to be used. It's safe because any +combination of values in (grub_uint64_t)u32 * u32 + u32 expression will +not overflow grub_uint64_t. + +Other expressions like ptr + u32 * u32 + u32 * u32 are also vulnerable. +They should be ptr + (grub_addr_t)u32 * u32 + (grub_addr_t)u32 * u32. + +This patch also adds a comment to grub_video_fb_get_video_ptr() which +says it's arguments must be valid and no sanity check is performed +(like its siblings in grub-core/video/fb/fbutil.c). + +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit 50a11a81bc842c58962244a2dc86bbd31a426e12) +(cherry picked from commit 8fa75d647362c938c4cc302cf5945b31fb92c078) +(cherry picked from commit 91005e39b3c8b6ca8dcc84ecb19ac9328966aaea) +--- + grub-core/video/fb/fbutil.c | 4 ++-- + include/grub/fbutil.h | 13 +++++++++---- + 2 files changed, 11 insertions(+), 6 deletions(-) + +diff --git a/grub-core/video/fb/fbutil.c b/grub-core/video/fb/fbutil.c +index b98bb51fe8..25ef39f47d 100644 +--- a/grub-core/video/fb/fbutil.c ++++ b/grub-core/video/fb/fbutil.c +@@ -67,7 +67,7 @@ get_pixel (struct grub_video_fbblit_info *source, + case 1: + if (source->mode_info->blit_format == GRUB_VIDEO_BLIT_FORMAT_1BIT_PACKED) + { +- int bit_index = y * source->mode_info->width + x; ++ grub_uint64_t bit_index = (grub_uint64_t) y * source->mode_info->width + x; + grub_uint8_t *ptr = source->data + bit_index / 8; + int bit_pos = 7 - bit_index % 8; + color = (*ptr >> bit_pos) & 0x01; +@@ -138,7 +138,7 @@ set_pixel (struct grub_video_fbblit_info *source, + case 1: + if (source->mode_info->blit_format == GRUB_VIDEO_BLIT_FORMAT_1BIT_PACKED) + { +- int bit_index = y * source->mode_info->width + x; ++ grub_uint64_t bit_index = (grub_uint64_t) y * source->mode_info->width + x; + grub_uint8_t *ptr = source->data + bit_index / 8; + int bit_pos = 7 - bit_index % 8; + *ptr = (*ptr & ~(1 << bit_pos)) | ((color & 0x01) << bit_pos); +diff --git a/include/grub/fbutil.h b/include/grub/fbutil.h +index 4205eb917f..78a1ab3b45 100644 +--- a/include/grub/fbutil.h ++++ b/include/grub/fbutil.h +@@ -31,14 +31,19 @@ struct grub_video_fbblit_info + grub_uint8_t *data; + }; + +-/* Don't use for 1-bit bitmaps, addressing needs to be done at the bit level +- and it doesn't make sense, in general, to ask for a pointer +- to a particular pixel's data. */ ++/* ++ * Don't use for 1-bit bitmaps, addressing needs to be done at the bit level ++ * and it doesn't make sense, in general, to ask for a pointer ++ * to a particular pixel's data. ++ * ++ * This function assumes that bounds checking has been done in previous phase ++ * and they are opted out in here. ++ */ + static inline void * + grub_video_fb_get_video_ptr (struct grub_video_fbblit_info *source, + unsigned int x, unsigned int y) + { +- return source->data + y * source->mode_info->pitch + x * source->mode_info->bytes_per_pixel; ++ return source->data + (grub_addr_t) y * source->mode_info->pitch + (grub_addr_t) x * source->mode_info->bytes_per_pixel; + } + + /* Advance pointer by VAL bytes. If there is no unaligned access available, diff --git a/0570-font-Fix-an-integer-underflow-in-blit_comb.patch b/0570-font-Fix-an-integer-underflow-in-blit_comb.patch new file mode 100644 index 0000000000000000000000000000000000000000..8da101f5092bc6fc19688f5dfb142e2700cb7a4a --- /dev/null +++ b/0570-font-Fix-an-integer-underflow-in-blit_comb.patch @@ -0,0 +1,91 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Mon, 24 Oct 2022 08:05:35 +0800 +Subject: [PATCH] font: Fix an integer underflow in blit_comb() + +The expression (ctx.bounds.height - combining_glyphs[i]->height) / 2 may +evaluate to a very big invalid value even if both ctx.bounds.height and +combining_glyphs[i]->height are small integers. For example, if +ctx.bounds.height is 10 and combining_glyphs[i]->height is 12, this +expression evaluates to 2147483647 (expected -1). This is because +coordinates are allowed to be negative but ctx.bounds.height is an +unsigned int. So, the subtraction operates on unsigned ints and +underflows to a very big value. The division makes things even worse. +The quotient is still an invalid value even if converted back to int. + +This patch fixes the problem by casting ctx.bounds.height to int. As +a result the subtraction will operate on int and grub_uint16_t which +will be promoted to an int. So, the underflow will no longer happen. Other +uses of ctx.bounds.height (and ctx.bounds.width) are also casted to int, +to ensure coordinates are always calculated on signed integers. + +Fixes: CVE-2022-3775 + +Reported-by: Daniel Axtens +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit 6d2668dea3774ed74c4cd1eadd146f1b846bc3d4) +(cherry picked from commit 05e532fb707bbf79aa4e1efbde4d208d7da89d6b) +(cherry picked from commit 0b2592fbb245d53c5c42885d695ece03ddb0eb12) +--- + grub-core/font/font.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index 31786ab339..fc9d92fce4 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -1203,12 +1203,12 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, + ctx.bounds.height = main_glyph->height; + + above_rightx = main_glyph->offset_x + main_glyph->width; +- above_righty = ctx.bounds.y + ctx.bounds.height; ++ above_righty = ctx.bounds.y + (int) ctx.bounds.height; + + above_leftx = main_glyph->offset_x; +- above_lefty = ctx.bounds.y + ctx.bounds.height; ++ above_lefty = ctx.bounds.y + (int) ctx.bounds.height; + +- below_rightx = ctx.bounds.x + ctx.bounds.width; ++ below_rightx = ctx.bounds.x + (int) ctx.bounds.width; + below_righty = ctx.bounds.y; + + comb = grub_unicode_get_comb (glyph_id); +@@ -1221,7 +1221,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, + + if (!combining_glyphs[i]) + continue; +- targetx = (ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x; ++ targetx = ((int) ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x; + /* CGJ is to avoid diacritics reordering. */ + if (comb[i].code + == GRUB_UNICODE_COMBINING_GRAPHEME_JOINER) +@@ -1231,8 +1231,8 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, + case GRUB_UNICODE_COMB_OVERLAY: + do_blit (combining_glyphs[i], + targetx, +- (ctx.bounds.height - combining_glyphs[i]->height) / 2 +- - (ctx.bounds.height + ctx.bounds.y), &ctx); ++ ((int) ctx.bounds.height - combining_glyphs[i]->height) / 2 ++ - ((int) ctx.bounds.height + ctx.bounds.y), &ctx); + if (min_devwidth < combining_glyphs[i]->width) + min_devwidth = combining_glyphs[i]->width; + break; +@@ -1305,7 +1305,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, + /* Fallthrough. */ + case GRUB_UNICODE_STACK_ATTACHED_ABOVE: + do_blit (combining_glyphs[i], targetx, +- -(ctx.bounds.height + ctx.bounds.y + space ++ -((int) ctx.bounds.height + ctx.bounds.y + space + + combining_glyphs[i]->height), &ctx); + if (min_devwidth < combining_glyphs[i]->width) + min_devwidth = combining_glyphs[i]->width; +@@ -1313,7 +1313,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, + + case GRUB_UNICODE_COMB_HEBREW_DAGESH: + do_blit (combining_glyphs[i], targetx, +- -(ctx.bounds.height / 2 + ctx.bounds.y ++ -((int) ctx.bounds.height / 2 + ctx.bounds.y + + combining_glyphs[i]->height / 2), &ctx); + if (min_devwidth < combining_glyphs[i]->width) + min_devwidth = combining_glyphs[i]->width; diff --git a/0571-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch b/0571-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch new file mode 100644 index 0000000000000000000000000000000000000000..87b8e3312ae6e0dfaf5fe391ee99cfe5c05c59b4 --- /dev/null +++ b/0571-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch @@ -0,0 +1,75 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Mon, 24 Oct 2022 07:15:41 +0800 +Subject: [PATCH] font: Harden grub_font_blit_glyph() and + grub_font_blit_glyph_mirror() + +As a mitigation and hardening measure add sanity checks to +grub_font_blit_glyph() and grub_font_blit_glyph_mirror(). This patch +makes these two functions do nothing if target blitting area isn't fully +contained in target bitmap. Therefore, if complex calculations in caller +overflows and malicious coordinates are given, we are still safe because +any coordinates which result in out-of-bound-write are rejected. However, +this patch only checks for invalid coordinates, and doesn't provide any +protection against invalid source glyph or destination glyph, e.g. +mismatch between glyph size and buffer size. + +This hardening measure is designed to mitigate possible overflows in +blit_comb(). If overflow occurs, it may return invalid bounding box +during dry run and call grub_font_blit_glyph() with malicious +coordinates during actual blitting. However, we are still safe because +the scratch glyph itself is valid, although its size makes no sense, and +any invalid coordinates are rejected. + +It would be better to call grub_fatal() if illegal parameter is detected. +However, doing this may end up in a dangerous recursion because grub_fatal() +would print messages to the screen and we are in the progress of drawing +characters on the screen. + +Reported-by: Daniel Axtens +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit fcd7aa0c278f7cf3fb9f93f1a3966e1792339eb6) +(cherry picked from commit 1d37ec63a1c76a14fdf70f548eada92667b42ddb) +(cherry picked from commit 686c72ea0a841343b7d8ab64e815751aa36e24b5) +--- + grub-core/font/font.c | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index fc9d92fce4..cfa4bd5096 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -1069,8 +1069,15 @@ static void + grub_font_blit_glyph (struct grub_font_glyph *target, + struct grub_font_glyph *src, unsigned dx, unsigned dy) + { ++ grub_uint16_t max_x, max_y; + unsigned src_bit, tgt_bit, src_byte, tgt_byte; + unsigned i, j; ++ ++ /* Harden against out-of-bound writes. */ ++ if ((grub_add (dx, src->width, &max_x) || max_x > target->width) || ++ (grub_add (dy, src->height, &max_y) || max_y > target->height)) ++ return; ++ + for (i = 0; i < src->height; i++) + { + src_bit = (src->width * i) % 8; +@@ -1102,9 +1109,16 @@ grub_font_blit_glyph_mirror (struct grub_font_glyph *target, + struct grub_font_glyph *src, + unsigned dx, unsigned dy) + { ++ grub_uint16_t max_x, max_y; + unsigned tgt_bit, src_byte, tgt_byte; + signed src_bit; + unsigned i, j; ++ ++ /* Harden against out-of-bound writes. */ ++ if ((grub_add (dx, src->width, &max_x) || max_x > target->width) || ++ (grub_add (dy, src->height, &max_y) || max_y > target->height)) ++ return; ++ + for (i = 0; i < src->height; i++) + { + src_bit = (src->width * i + src->width - 1) % 8; diff --git a/0572-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch b/0572-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch new file mode 100644 index 0000000000000000000000000000000000000000..981d5df9c8e7b01902e0adbe7aaf1e55090606b6 --- /dev/null +++ b/0572-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 28 Oct 2022 17:29:16 +0800 +Subject: [PATCH] font: Assign null_font to glyphs in ascii_font_glyph[] + +The calculations in blit_comb() need information from glyph's font, e.g. +grub_font_get_xheight(main_glyph->font). However, main_glyph->font is +NULL if main_glyph comes from ascii_font_glyph[]. Therefore +grub_font_get_*() crashes because of NULL pointer. + +There is already a solution, the null_font. So, assign it to those glyphs +in ascii_font_glyph[]. + +Reported-by: Daniel Axtens +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit dd539d695482069d28b40f2d3821f710cdcf6ee6) +(cherry picked from commit 87526376857eaceae474c9797e3cee5b50597332) +(cherry picked from commit b4807bbb09d9adf82fe9ae12a3af1c852dc4e32d) +--- + grub-core/font/font.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/font/font.c b/grub-core/font/font.c +index cfa4bd5096..30cd1fe07f 100644 +--- a/grub-core/font/font.c ++++ b/grub-core/font/font.c +@@ -137,7 +137,7 @@ ascii_glyph_lookup (grub_uint32_t code) + ascii_font_glyph[current]->offset_x = 0; + ascii_font_glyph[current]->offset_y = -2; + ascii_font_glyph[current]->device_width = 8; +- ascii_font_glyph[current]->font = NULL; ++ ascii_font_glyph[current]->font = &null_font; + + grub_memcpy (ascii_font_glyph[current]->bitmap, + &ascii_bitmaps[current * ASCII_BITMAP_SIZE], diff --git a/0573-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch b/0573-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch new file mode 100644 index 0000000000000000000000000000000000000000..283d5604adedccb645168f769e8d358380547e34 --- /dev/null +++ b/0573-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch @@ -0,0 +1,55 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Zhang Boyang +Date: Fri, 28 Oct 2022 21:31:39 +0800 +Subject: [PATCH] normal/charset: Fix an integer overflow in + grub_unicode_aglomerate_comb() + +The out->ncomb is a bit-field of 8 bits. So, the max possible value is 255. +However, code in grub_unicode_aglomerate_comb() doesn't check for an +overflow when incrementing out->ncomb. If out->ncomb is already 255, +after incrementing it will get 0 instead of 256, and cause illegal +memory access in subsequent processing. + +This patch introduces GRUB_UNICODE_NCOMB_MAX to represent the max +acceptable value of ncomb. The code now checks for this limit and +ignores additional combining characters when limit is reached. + +Reported-by: Daniel Axtens +Signed-off-by: Zhang Boyang +Reviewed-by: Daniel Kiper +(cherry picked from commit da90d62316a3b105d2fbd7334d6521936bd6dcf6) +(cherry picked from commit 26fafec86000b5322837722a115279ef03922ca6) +(cherry picked from commit 872fba1c44dee2ab5cb36b2c7a883847f91ed907) +--- + grub-core/normal/charset.c | 3 +++ + include/grub/unicode.h | 2 ++ + 2 files changed, 5 insertions(+) + +diff --git a/grub-core/normal/charset.c b/grub-core/normal/charset.c +index 7b2de12001..4849cf06f7 100644 +--- a/grub-core/normal/charset.c ++++ b/grub-core/normal/charset.c +@@ -472,6 +472,9 @@ grub_unicode_aglomerate_comb (const grub_uint32_t *in, grub_size_t inlen, + if (!haveout) + continue; + ++ if (out->ncomb == GRUB_UNICODE_NCOMB_MAX) ++ continue; ++ + if (comb_type == GRUB_UNICODE_COMB_MC + || comb_type == GRUB_UNICODE_COMB_ME + || comb_type == GRUB_UNICODE_COMB_MN) +diff --git a/include/grub/unicode.h b/include/grub/unicode.h +index 4de986a857..c4f6fca043 100644 +--- a/include/grub/unicode.h ++++ b/include/grub/unicode.h +@@ -147,7 +147,9 @@ struct grub_unicode_glyph + grub_uint8_t bidi_level:6; /* minimum: 6 */ + enum grub_bidi_type bidi_type:5; /* minimum: :5 */ + ++#define GRUB_UNICODE_NCOMB_MAX ((1 << 8) - 1) + unsigned ncomb:8; ++ + /* Hint by unicode subsystem how wide this character usually is. + Real width is determined by font. Set only in UTF-8 stream. */ + int estimated_width:8; diff --git a/1003-arm64-Fix-EFI-loader-kernel-image-allocation.patch b/1003-arm64-Fix-EFI-loader-kernel-image-allocation.patch deleted file mode 100644 index eb68c332054ec501ddcc1af1812d12e9f1386ed7..0000000000000000000000000000000000000000 --- a/1003-arm64-Fix-EFI-loader-kernel-image-allocation.patch +++ /dev/null @@ -1,185 +0,0 @@ -From c0d084eeea91ae5e4a6509716f9055fb75da1e03 Mon Sep 17 00:00:00 2001 -From: Fedora Ninjas -Date: Fri, 2 Sep 2022 15:24:10 +0800 -Subject: [PATCH] arm64: Fix EFI loader kernel image allocation - -backport from https://github.com/rhboot/grub2/ -commit/188f3f977341cdbd7ac582e794ca31c5415495ce - -Signed-off-by: Fedora Ninjas ---- - grub-core/loader/arm64/linux.c | 100 ++++++++++++++++++++++----------- - 1 file changed, 66 insertions(+), 34 deletions(-) - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index 37f5d0c..81261c0 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -41,6 +41,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - static grub_dl_t my_mod; - static int loaded; - -+static void *kernel_alloc_addr; -+static grub_uint32_t kernel_alloc_pages; - static void *kernel_addr; - static grub_uint64_t kernel_size; - static grub_uint32_t handover_offset; -@@ -229,9 +231,8 @@ grub_linux_unload (void) - GRUB_EFI_BYTES_TO_PAGES (initrd_end - initrd_start)); - initrd_start = initrd_end = 0; - grub_free (linux_args); -- if (kernel_addr) -- grub_efi_free_pages ((grub_addr_t) kernel_addr, -- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -+ if (kernel_alloc_addr) -+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); - grub_fdt_unload (); - return GRUB_ERR_NONE; - } -@@ -336,14 +337,35 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - -+static grub_err_t -+parse_pe_header (void *kernel, grub_uint64_t *total_size, -+ grub_uint32_t *entry_offset, -+ grub_uint32_t *alignment) -+{ -+ struct linux_armxx_kernel_header *lh = kernel; -+ struct grub_armxx_linux_pe_header *pe; -+ -+ pe = (void *)((unsigned long)kernel + lh->hdr_offset); -+ -+ if (pe->opt.magic != GRUB_PE32_PE64_MAGIC) -+ return grub_error(GRUB_ERR_BAD_OS, "Invalid PE optional header magic"); -+ -+ *total_size = pe->opt.image_size; -+ *entry_offset = pe->opt.entry_addr; -+ *alignment = pe->opt.section_alignment; -+ -+ return GRUB_ERR_NONE; -+} -+ - static grub_err_t - grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- struct linux_armxx_kernel_header lh; -- struct grub_armxx_linux_pe_header *pe; - int rc; -+ grub_off_t filelen; -+ grub_uint32_t align; -+ void *kernel = NULL; - grub_err_t err; - int nx_supported = 1; - -@@ -359,40 +381,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (!file) - goto fail; - -- kernel_size = grub_file_size (file); -- -- if (grub_file_read (file, &lh, sizeof (lh)) < (long) sizeof (lh)) -- return grub_errno; -- -- if (grub_armxx_efi_linux_check_image (&lh) != GRUB_ERR_NONE) -- goto fail; -- -- grub_loader_unset(); -- -- grub_dprintf ("linux", "kernel file size: %lld\n", (long long) kernel_size); -- kernel_addr = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -- grub_dprintf ("linux", "kernel numpages: %lld\n", -- (long long) GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -- if (!kernel_addr) -+ filelen = grub_file_size (file); -+ kernel = grub_malloc(filelen); -+ if (!kernel) - { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel load buffer")); - goto fail; - } - -- grub_file_seek (file, 0); -- if (grub_file_read (file, kernel_addr, kernel_size) -- < (grub_int64_t) kernel_size) -+ if (grub_file_read (file, kernel, filelen) < (grub_ssize_t)filelen) - { -- if (!grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), argv[0]); -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), -+ argv[0]); - goto fail; - } - -- grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); -- - if (grub_efi_secure_boot ()) - { -- rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -+ rc = grub_linuxefi_secure_validate (kernel, filelen); - if (rc <= 0) - { - grub_error (GRUB_ERR_INVALID_COMMAND, -@@ -405,8 +411,32 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (err != GRUB_ERR_NONE) - goto fail; - -- pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); -- handover_offset = pe->opt.entry_addr; -+ if (grub_armxx_efi_linux_check_image (kernel) != GRUB_ERR_NONE) -+ goto fail; -+ if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE) -+ goto fail; -+ grub_dprintf ("linux", "kernel mem size : %lld\n", (long long) kernel_size); -+ grub_dprintf ("linux", "kernel entry offset : %d\n", handover_offset); -+ grub_dprintf ("linux", "kernel alignment : 0x%x\n", align); -+ -+ grub_loader_unset(); -+ -+ kernel_alloc_pages = GRUB_EFI_BYTES_TO_PAGES (kernel_size + align - 1); -+ kernel_alloc_addr = grub_efi_allocate_any_pages (kernel_alloc_pages); -+ grub_dprintf ("linux", "kernel numpages: %d\n", kernel_alloc_pages); -+ if (!kernel_alloc_addr) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ kernel_addr = (void *)ALIGN_UP((grub_uint64_t)kernel_alloc_addr, align); -+ -+ grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); -+ grub_memcpy (kernel_addr, kernel, grub_min(filelen, kernel_size)); -+ if (kernel_size > filelen) -+ grub_memset ((char *)kernel_addr + filelen, 0, kernel_size - filelen); -+ grub_free(kernel); -+ kernel = NULL; - - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); - linux_args = grub_malloc (cmdline_size); -@@ -430,6 +460,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - fail: -+ if (kernel) -+ grub_free (kernel); -+ - if (file) - grub_file_close (file); - -@@ -442,9 +475,8 @@ fail: - if (linux_args && !loaded) - grub_free (linux_args); - -- if (kernel_addr && !loaded) -- grub_efi_free_pages ((grub_addr_t) kernel_addr, -- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -+ if (kernel_alloc_addr && !loaded) -+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); - - return grub_errno; - } --- -2.27.0 - diff --git a/dist b/dist new file mode 100644 index 0000000000000000000000000000000000000000..535c6900412d365bb0ff6de8d1f27110833b3ae3 --- /dev/null +++ b/dist @@ -0,0 +1 @@ +an8_7 diff --git a/grub.macros b/grub.macros index c610494abce335301de37b97c63bea1bde500d00..cc84169cf7c464cefd8d48dcc0719bf54cee9ab8 100644 --- a/grub.macros +++ b/grub.macros @@ -387,11 +387,11 @@ for x in grub-mkimage ; do \\\ done \ %{nil} -%global grub_modules " all_video boot blscfg \\\ +%global grub_modules " all_video boot blscfg \\\ cat configfile cryptodisk echo ext2 \\\ fat font gcry_rijndael gcry_rsa gcry_serpent \\\ gcry_sha256 gcry_twofish gcry_whirlpool \\\ - gfxmenu gfxterm gzio halt http \\\ + gfxmenu gfxterm gzio halt http \\\ increment iso9660 jpeg loadenv loopback linux \\\ lvm luks mdraid09 mdraid1x minicmd net \\\ normal part_apple part_msdos part_gpt \\\ @@ -604,7 +604,7 @@ touch ${RPM_BUILD_ROOT}/boot/%{name}/grub.cfg \ %{expand:%%files %{1}} \ %defattr(-,root,root,-) \ %config(noreplace) %{_sysconfdir}/%{name}.cfg \ -%ghost %config(noreplace) /boot/%{name}/grub.cfg \ +%ghost %config(noreplace) %attr(0700,root,root)/boot/%{name}/grub.cfg \ %dir %attr(0700,root,root)/boot/loader/entries \ %ifarch ppc64le \ %dir %{_libdir}/grub/%{2}/ \ diff --git a/grub.patches b/grub.patches index 4bc33e8e3da502a73e281a4b4b1edf1b3f70157b..ad599c3ce29a58b3dd0f501645c0d9384cd9a51d 100644 --- a/grub.patches +++ b/grub.patches @@ -498,55 +498,80 @@ Patch0497: 0497-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch Patch0498: 0498-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch Patch0499: 0499-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch Patch0500: 0500-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch -Patch0501: 0501-loader-efi-chainloader-grub_load_and_start_image-doe.patch -Patch0502: 0502-loader-efi-chainloader-simplify-the-loader-state.patch -Patch0503: 0503-commands-boot-Add-API-to-pass-context-to-loader.patch -Patch0504: 0504-loader-efi-chainloader-Use-grub_loader_set_ex.patch -Patch0505: 0505-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch -Patch0506: 0506-loader-i386-efi-linux-Use-grub_loader_set_ex.patch -Patch0507: 0507-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch -Patch0508: 0508-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch -Patch0509: 0509-video-readers-png-Abort-sooner-if-a-read-operation-f.patch -Patch0510: 0510-video-readers-png-Refuse-to-handle-multiple-image-he.patch -Patch0511: 0511-video-readers-png-Drop-greyscale-support-to-fix-heap.patch -Patch0512: 0512-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch -Patch0513: 0513-video-readers-png-Sanity-check-some-huffman-codes.patch -Patch0514: 0514-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch -Patch0515: 0515-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch -Patch0516: 0516-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch -Patch0517: 0517-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch -Patch0518: 0518-normal-charset-Fix-array-out-of-bounds-formatting-un.patch -Patch0519: 0519-net-netbuff-Block-overly-large-netbuff-allocs.patch -Patch0520: 0520-net-ip-Do-IP-fragment-maths-safely.patch -Patch0521: 0521-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch -Patch0522: 0522-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch -Patch0523: 0523-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch -Patch0524: 0524-misc-Format-string-for-grub_error-should-be-a-litera.patch -Patch0525: 0525-net-tftp-Avoid-a-trivial-UAF.patch -Patch0526: 0526-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch -Patch0527: 0527-net-http-Fix-OOB-write-for-split-http-headers.patch -Patch0528: 0528-net-http-Error-out-on-headers-with-LF-without-CR.patch -Patch0529: 0529-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch -Patch0530: 0530-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch -Patch0531: 0531-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch -Patch0532: 0532-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch -Patch0533: 0533-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch -Patch0534: 0534-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch -Patch0535: 0535-Define-GRUB_EFI_SHIM_LOCK_GUID.patch -Patch0536: 0536-misc-Make-grub_min-and-grub_max-more-resilient.patch -Patch0537: 0537-ReiserFS-switch-to-using-grub_min-grub_max.patch -Patch0538: 0538-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch -Patch0539: 0539-modules-make-.module_license-read-only.patch -Patch0540: 0540-modules-strip-.llvm_addrsig-sections-and-similar.patch -Patch0541: 0541-modules-Don-t-allocate-space-for-non-allocable-secti.patch -Patch0542: 0542-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch -Patch0543: 0543-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch -Patch0544: 0544-modules-load-module-sections-at-page-aligned-address.patch -Patch0545: 0545-nx-add-memory-attribute-get-set-API.patch -Patch0546: 0546-nx-set-page-permissions-for-loaded-modules.patch -Patch0547: 0547-nx-set-attrs-in-our-kernel-loaders.patch -Patch0548: 0548-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch -Patch0549: 0549-Fixup-grub_efi_get_variable-type-in-our-loaders.patch +Patch0501: 0501-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch +Patch0502: 0502-ibmvtpm-Backport-ibmvtpm-support-to-grub-2.02.patch +Patch0503: 0503-powerpc-do-CAS-in-a-more-compatible-way.patch +Patch0504: 0504-powerpc-prefix-detection-support-device-names-with-c.patch +Patch0505: 0505-make-ofdisk_retries-optional.patch +Patch0506: 0506-loader-efi-chainloader-grub_load_and_start_image-doe.patch +Patch0507: 0507-loader-efi-chainloader-simplify-the-loader-state.patch +Patch0508: 0508-commands-boot-Add-API-to-pass-context-to-loader.patch +Patch0509: 0509-loader-efi-chainloader-Use-grub_loader_set_ex.patch +Patch0510: 0510-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch +Patch0511: 0511-loader-i386-efi-linux-Use-grub_loader_set_ex.patch +Patch0512: 0512-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch +Patch0513: 0513-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch +Patch0514: 0514-video-readers-png-Abort-sooner-if-a-read-operation-f.patch +Patch0515: 0515-video-readers-png-Refuse-to-handle-multiple-image-he.patch +Patch0516: 0516-video-readers-png-Drop-greyscale-support-to-fix-heap.patch +Patch0517: 0517-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch +Patch0518: 0518-video-readers-png-Sanity-check-some-huffman-codes.patch +Patch0519: 0519-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch +Patch0520: 0520-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch +Patch0521: 0521-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch +Patch0522: 0522-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch +Patch0523: 0523-normal-charset-Fix-array-out-of-bounds-formatting-un.patch +Patch0524: 0524-net-netbuff-Block-overly-large-netbuff-allocs.patch +Patch0525: 0525-net-ip-Do-IP-fragment-maths-safely.patch +Patch0526: 0526-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch +Patch0527: 0527-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch +Patch0528: 0528-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch +Patch0529: 0529-misc-Format-string-for-grub_error-should-be-a-litera.patch +Patch0530: 0530-net-tftp-Avoid-a-trivial-UAF.patch +Patch0531: 0531-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch +Patch0532: 0532-net-http-Fix-OOB-write-for-split-http-headers.patch +Patch0533: 0533-net-http-Error-out-on-headers-with-LF-without-CR.patch +Patch0534: 0534-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch +Patch0535: 0535-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch +Patch0536: 0536-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch +Patch0537: 0537-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch +Patch0538: 0538-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch +Patch0539: 0539-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch +Patch0540: 0540-Define-GRUB_EFI_SHIM_LOCK_GUID.patch +Patch0541: 0541-misc-Make-grub_min-and-grub_max-more-resilient.patch +Patch0542: 0542-ReiserFS-switch-to-using-grub_min-grub_max.patch +Patch0543: 0543-misc-make-grub_boot_time-also-call-grub_dprintf-boot.patch +Patch0544: 0544-modules-make-.module_license-read-only.patch +Patch0545: 0545-modules-strip-.llvm_addrsig-sections-and-similar.patch +Patch0546: 0546-modules-Don-t-allocate-space-for-non-allocable-secti.patch +Patch0547: 0547-pe-add-the-DOS-header-struct-and-fix-some-bad-naming.patch +Patch0548: 0548-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch +Patch0549: 0549-modules-load-module-sections-at-page-aligned-address.patch +Patch0550: 0550-nx-add-memory-attribute-get-set-API.patch +Patch0551: 0551-nx-set-page-permissions-for-loaded-modules.patch +Patch0552: 0552-nx-set-attrs-in-our-kernel-loaders.patch +Patch0553: 0553-nx-set-the-nx-compatible-flag-in-EFI-grub-images.patch +Patch0554: 0554-Fixup-grub_efi_get_variable-type-in-our-loaders.patch +Patch0555: 0555-Make-debug-file-show-which-file-filters-get-run.patch +Patch0556: 0556-efi-use-enumerated-array-positions-for-our-allocatio.patch +Patch0557: 0557-efi-split-allocation-policy-for-kernel-vs-initrd-mem.patch +Patch0558: 0558-efi-use-EFI_LOADER_-CODE-DATA-for-kernel-and-initrd-.patch +Patch0559: 0559-ieee1275-implement-vec5-for-cas-negotiation.patch +Patch0560: 0560-x86-efi-Fix-an-incorrect-array-size-in-kernel-alloca.patch +Patch0561: 0561-switch-to-blscfg-don-t-assume-newline-at-end-of-cfg.patch +Patch0562: 0562-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch +Patch0563: 0563-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch +Patch0564: 0564-font-Fix-several-integer-overflows-in-grub_font_cons.patch +Patch0565: 0565-font-Remove-grub_font_dup_glyph.patch +Patch0566: 0566-font-Fix-integer-overflow-in-ensure_comb_space.patch +Patch0567: 0567-font-Fix-integer-overflow-in-BMP-index.patch +Patch0568: 0568-font-Fix-integer-underflow-in-binary-search-of-char-.patch +Patch0569: 0569-fbutil-Fix-integer-overflow.patch +Patch0570: 0570-font-Fix-an-integer-underflow-in-blit_comb.patch +Patch0571: 0571-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch +Patch0572: 0572-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch +Patch0573: 0573-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch +# Support loongarch64 +#Patch1000: 1000-loongarch64-add-support.patch Patch1001: 1001-bls-make-list.patch Patch1002: 1002-Add-LoongArch64-support-and-update-interface-to-v40.patch -Patch1003: 1003-arm64-Fix-EFI-loader-kernel-image-allocation.patch diff --git a/grub2.spec b/grub2.spec index 5db14b9af53dd46f50fd1c6431ae05e819a1ea76..e47595d4610a90c8cdf99c869e405776dc1db34b 100644 --- a/grub2.spec +++ b/grub2.spec @@ -1,4 +1,4 @@ -%define anolis_release .0.3 +%define anolis_release .0.1 %undefine _hardened_build %global tarversion 2.02 @@ -12,7 +12,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 123%{anolis_release}%{?dist}.8 +Release: 142%{anolis_release}%{?dist}.1 Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -33,8 +33,8 @@ Source13: redhatsecurebootca3.cer Source14: redhatsecureboot301.cer Source15: redhatsecurebootca5.cer Source16: redhatsecureboot502.cer -Source17: redhatsecureboot303.cer -Source18: redhatsecureboot601.cer +Source17: redhatsecureboot601.cer +Source18: redhatsecureboot701.cer Source19: sbat.csv.in %include %{SOURCE1} @@ -51,7 +51,7 @@ Source19: sbat.csv.in %ifarch ppc64le %define old_sb_cer %{SOURCE17} %define sb_cer %{SOURCE18} -%define sb_key redhatsecureboot602 +%define sb_key redhatsecureboot702 %endif # generate with do-rebase @@ -523,43 +523,77 @@ fi %endif %changelog -* Fri Sep 2 2022 Liwei Ge - 2.02-123.0.3.8 -- arm64: Fix EFI loader kernel image allocation - -* Thu Jul 7 2022 QiMing Yang - 2.02-123.0.2.8 -- Delete LoongArch64 support old version due to compile error -- Add LoongArch64 support -- LoongArch64 support fdt and phy-addr BIOS -- Remove dtb dir with correct argument (Liwei Ge) - -* Fri Jun 17 2022 Bo Ren - 2.02-123.0.1.8 +* Tue Jan 10 2023 Bo Ren - 2.02-142.0.1.1 - Build pc-modules package on x86_64 (geliwei@openanolis.org) - Add loongarch64 base support (zhangwenlong@loongson.cn)(chenguoqi@loongson.cn) - Fix a bug in bls_make_list, blscfg. (zhonglingh@linux.alibaba.com) +- Delete LoongArch64 support old version due to compile error(yangqiming@loongson.cn) +- Add LoongArch64 support(yangqiming@loongson.cn) +- LoongArch64 support fdt and phy-addr BIOS(yangqiming@loongson.cn) +- Remove dtb dir with correct argument (Liwei Ge) + +* Thu Nov 08 2022 Robbie Harwood - 2.02-142.el8_7.1 +- Sync with 8.8 (actually 2.02-145) +- Resolves: CVE-2022-2601 + +* Thu Sep 08 2022 Robbie Harwood - 2.02-142 +- Drop the arena size changes +- Resolves: #2118896 + +* Thu Aug 25 2022 Robbie Harwood - 2.02-141 +- Implement vec5 for cas negotiation +- Resolves: #2117914 -* Fri Jun 03 2022 Robbie Harwood - 2.06-123.el8_6.8 +* Wed Aug 24 2022 Robbie Harwood - 2.02-140 +- Or two, because I forgot the debug patch +- Resolves: #2118896 + +* Thu Aug 18 2022 Robbie Harwood - 2.02-139 +- Kernel allocator fixups (in one pass) +- Resolves: #2118896 + +* Wed Jul 20 2022 Robbie Harwood - 2.02-138 +- Rotate signing keys on ppc64le +- Resolves: #2074762 + +* Fri Jun 03 2022 Robbie Harwood - 2.02-137 - CVE fixes for 2022-06-07 - CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 - CVE-2021-3697 CVE-2021-3696 CVE-2021-3695 -- Resolves: #2031899 +- Resolves: #2070687 + +* Mon May 16 2022 Robbie Harwood - 2.02-129 +- ppc64le: Slow boot after LPM +- Resolves: #2070347 + +* Wed May 04 2022 Robbie Harwood - 2.02-127 +- ppc64le: CAS improvements, prefix detection, and vTPM support +- Resolves: #2076795 +- Resolves: #2026568 +- Resolves: #2051331 + +* Wed May 04 2022 Robbie Harwood - 2.02-126 +- Fix rpm verification error on grub.cfg permissions +- Resolves: #2071643 + +* Wed Apr 20 2022 Robbie Harwood - 2.02-125 +- RHEL 8.6.0 import; no code changes +- Resolves: #2062892 -* Mon Mar 28 2022 Robbie Harwood - 2.06-123 +* Mon Mar 28 2022 Robbie Harwood - 2.02-123 - Bump for signing -- Resolves: #2061252 -* Wed Mar 09 2022 Robbie Harwood - 2.06-122 +* Wed Mar 09 2022 Robbie Harwood - 2.02-122 - Fix initialization on efidisk patch -- Resolves: #2061252 -* Tue Mar 08 2022 Robbie Harwood - 2.06-121 +* Tue Mar 08 2022 Robbie Harwood - 2.02-121 - Backport support for loading initrd above 4GB -- Resolves: #2048433 -* Mon Feb 28 2022 Robbie Harwood - 2.06-120 +* Mon Feb 28 2022 Robbie Harwood - 2.02-120 - Bump signing - Resolves: #2032294 -* Mon Feb 28 2022 Robbie Harwood - 2.06-119 +* Mon Feb 28 2022 Robbie Harwood - 2.02-119 - Enable connectefi module - Resolves: #2032294 diff --git a/redhatsecureboot303.cer b/redhatsecureboot303.cer deleted file mode 100644 index 2c0087dbc5da376aef641bb23833401857c34940..0000000000000000000000000000000000000000 Binary files a/redhatsecureboot303.cer and /dev/null differ diff --git a/redhatsecureboot701.cer b/redhatsecureboot701.cer new file mode 100644 index 0000000000000000000000000000000000000000..25e3743e47c3c1f06da0124a1d99e99e4920f6e7 Binary files /dev/null and b/redhatsecureboot701.cer differ diff --git a/sbat.csv.in b/sbat.csv.in index 55b3d10d44d5fac32f75eae0625351a8618972a2..b338b5f58cb646e4d1892e941b4ba8c667d8a2c0 100755 --- a/sbat.csv.in +++ b/sbat.csv.in @@ -1,3 +1,3 @@ sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md -grub,2,Free Software Foundation,grub,@@VERSION@@,https//www.gnu.org/software/grub/ +grub,3,Free Software Foundation,grub,@@VERSION@@,https//www.gnu.org/software/grub/ grub.rh,2,Red Hat,grub2,@@VERSION_RELEASE@@,mailto:secalert@redhat.com