From 276c58bae584cff0721b085e5a0f8069d7db625b Mon Sep 17 00:00:00 2001 From: Qiumiao Zhang Date: Wed, 22 Mar 2023 20:06:42 +0800 Subject: [PATCH] backport some patches from upstream Signed-off-by: Qiumiao Zhang --- ...kfilter-Check-calloc-result-for-NULL.patch | 37 + ...Don-t-make-a-RAID-array-with-more-th.patch | 45 + ...emory-leaks-in-grub_iso9660_susp_ite.patch | 48 + ...emory-leaks-in-grub_squash_iterate_d.patch | 67 ++ ...s-xfs-Fix-memory-leaks-in-XFS-module.patch | 53 ++ ...le-NULL-input-pointer-in-grub_buffer.patch | 42 + ...Fix-error-handling-in-grub_file_open.patch | 41 + ...ure-the-newc-pathname-is-NULL-termin.patch | 157 ++++ ...ader-multiboot_elfxx-Fix-memory-leak.patch | 94 ++ ...e-Fix-two-related-integer-underflows.patch | 83 ++ ..._text-Prevent-out-of-bounds-writes-t.patch | 36 + grub.patches | 863 +++++++++--------- grub2.spec | 18 +- 13 files changed, 1157 insertions(+), 427 deletions(-) create mode 100644 backport-disk-diskfilter-Check-calloc-result-for-NULL.patch create mode 100644 backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch create mode 100644 backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch create mode 100644 backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch create mode 100644 backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch create mode 100644 backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch create mode 100644 backport-kern-file-Fix-error-handling-in-grub_file_open.patch create mode 100644 backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch create mode 100644 backport-loader-multiboot_elfxx-Fix-memory-leak.patch create mode 100644 backport-normal-cmdline-Fix-two-related-integer-underflows.patch create mode 100644 backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch diff --git a/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch b/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch new file mode 100644 index 0000000..fc392f2 --- /dev/null +++ b/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch @@ -0,0 +1,37 @@ +From 12e20a6a695f4967b30a95bb52e4e2e0a10c9094 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Sun, 21 Aug 2022 22:22:35 +1000 +Subject: [PATCH] disk/diskfilter: Check calloc() result for NULL + +With wildly corrupt inputs, we can end up trying to calloc a very +large amount of memory, which will fail and give us a NULL pointer. +We need to check that to avoid a crash. (And, even if we blocked +such inputs, it is good practice to check the results of allocations +anyway.) + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=12e20a6a695f4967b30a95bb52e4e2e0a10c9094 +Conflict:NA + +Signed-off-by: Daniel Axtens +Reviewed-by: Daniel Kiper +--- + grub-core/disk/diskfilter.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c +index 2edcff6e8..4ac50320e 100644 +--- a/grub-core/disk/diskfilter.c ++++ b/grub-core/disk/diskfilter.c +@@ -1163,6 +1163,9 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb, + array->lvs->segments->raid_member_size = disk_size; + array->lvs->segments->nodes + = grub_calloc (nmemb, sizeof (array->lvs->segments->nodes[0])); ++ if (array->lvs->segments->nodes == NULL) ++ goto fail; ++ + array->lvs->segments->stripe_size = stripe_size; + for (i = 0; i < nmemb; i++) + { +-- +2.28.0.windows.1 + diff --git a/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch b/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch new file mode 100644 index 0000000..4326f32 --- /dev/null +++ b/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch @@ -0,0 +1,45 @@ +From 2a5e3c1f2aed88c2289fb595da8308e898b87915 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Wed, 19 Oct 2022 20:23:22 +1100 +Subject: [PATCH] disk/diskfilter: Don't make a RAID array with more than 1024 + disks + +This is "belt and braces" with commit 12e20a6a695f (disk/diskfilter: +Check calloc() result for NULL): we end up trying to use too much memory +in situations like corrupted Linux software RAID setups purporting to +use a huge number of disks. Simply refuse to permit such configurations. + +1024 is a bit arbitrary, yes, and I feel a bit like I'm tempting fate +here, but I think 1024 disks in an array (that GRUB has to read to boot!) +should be enough for anyone. + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=2a5e3c1f2aed88c2289fb595da8308e898b87915 +Conflict:NA + +Signed-off-by: Daniel Axtens +Reviewed-by: Daniel Kiper +--- + grub-core/disk/diskfilter.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c +index 4ac50320e..1c568927b 100644 +--- a/grub-core/disk/diskfilter.c ++++ b/grub-core/disk/diskfilter.c +@@ -1046,6 +1046,13 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb, + struct grub_diskfilter_pv *pv; + grub_err_t err; + ++ /* We choose not to support more than 1024 disks. */ ++ if (nmemb < 1 || nmemb > 1024) ++ { ++ grub_free (uuid); ++ return NULL; ++ } ++ + switch (level) + { + case 1: +-- +2.28.0.windows.1 + diff --git a/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch b/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch new file mode 100644 index 0000000..545a1e3 --- /dev/null +++ b/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch @@ -0,0 +1,48 @@ +From 7338cbe91a24ee9639597a0d8bebc32b8b46c26c Mon Sep 17 00:00:00 2001 +From: "t.feng" +Date: Tue, 29 Nov 2022 17:14:13 +0800 +Subject: [PATCH] fs/iso9660: Fix memory leaks in grub_iso9660_susp_iterate() + +Fixes: 99373ce47 (* grub-core/fs/iso9660.c: Remove nested functions) + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=7338cbe91a24ee9639597a0d8bebc32b8b46c26c +Conflict:NA + +Signed-off-by: t.feng +Reviewed-by: Thomas Schmitt +Reviewed-by: Daniel Kiper +--- + grub-core/fs/iso9660.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c +index 5ec4433..5633be7 100644 +--- a/grub-core/fs/iso9660.c ++++ b/grub-core/fs/iso9660.c +@@ -279,7 +279,10 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, + /* Load a part of the System Usage Area. */ + err = read_node (node, off, sua_size, sua); + if (err) +- return err; ++ { ++ grub_free (sua); ++ return err; ++ } + + for (entry = (struct grub_iso9660_susp_entry *) sua; (char *) entry < (char *) sua + sua_size - 1 && entry->len > 0; + entry = (struct grub_iso9660_susp_entry *) +@@ -309,7 +312,10 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, + err = grub_disk_read (node->data->disk, ce_block, off, + sua_size, sua); + if (err) +- return err; ++ { ++ grub_free (sua); ++ return err; ++ } + + entry = (struct grub_iso9660_susp_entry *) sua; + } +-- +2.19.1 + diff --git a/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch b/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch new file mode 100644 index 0000000..0a3f90f --- /dev/null +++ b/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch @@ -0,0 +1,67 @@ +From 98ae234000abdabf9db125c87a2db8b81157af72 Mon Sep 17 00:00:00 2001 +From: "t.feng" +Date: Tue, 29 Nov 2022 17:14:14 +0800 +Subject: [PATCH] fs/squash4: Fix memory leaks in grub_squash_iterate_dir() + +Fixes: 20dd511c8 (Handle "." and ".." on squashfs) + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=98ae234000abdabf9db125c87a2db8b81157af72 +Conflict:NA + +Signed-off-by: t.feng +Reviewed-by: Daniel Kiper +--- + grub-core/fs/squash4.c | 20 ++++++++++++++++---- + 1 file changed, 16 insertions(+), 4 deletions(-) + +diff --git a/grub-core/fs/squash4.c b/grub-core/fs/squash4.c +index a5f35c1..8295b88 100644 +--- a/grub-core/fs/squash4.c ++++ b/grub-core/fs/squash4.c +@@ -550,7 +550,10 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, + + node->stack[node->stsize - 1].ino_chunk, + node->stack[node->stsize - 1].ino_offset); + if (err) +- return 0; ++ { ++ grub_free (node); ++ return 0; ++ } + + if (hook ("..", GRUB_FSHELP_DIR, node, hook_data)) + return 1; +@@ -600,7 +603,10 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, + grub_le_to_cpu64 (dir->data->sb.diroffset) + + chunk, off); + if (err) +- return 0; ++ { ++ grub_free (buf); ++ return 0; ++ } + + off += grub_le_to_cpu16 (di.namelen) + 1; + buf[grub_le_to_cpu16 (di.namelen) + 1] = 0; +@@ -612,11 +618,17 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, + if (grub_add (dir->stsize, 1, &sz) || + grub_mul (sz, sizeof (dir->stack[0]), &sz) || + grub_add (sz, sizeof (*node), &sz)) +- return 0; ++ { ++ grub_free (buf); ++ return 0; ++ } + + node = grub_malloc (sz); + if (! node) +- return 0; ++ { ++ grub_free (buf); ++ return 0; ++ } + + grub_memcpy (node, dir, sz - sizeof(dir->stack[0])); + +-- +2.19.1 + diff --git a/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch b/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch new file mode 100644 index 0000000..d6da20f --- /dev/null +++ b/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch @@ -0,0 +1,53 @@ +From 2e32d2357443d596d8d9067116152ec49be02a4a Mon Sep 17 00:00:00 2001 +From: "t.feng" +Date: Tue, 29 Nov 2022 17:14:15 +0800 +Subject: [PATCH] fs/xfs: Fix memory leaks in XFS module + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=2e32d2357443d596d8d9067116152ec49be02a4a +Conflict:NA + +Signed-off-by: t.feng +Reviewed-by: Daniel Kiper +--- + grub-core/fs/xfs.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c +index ea65902..a601a4c 100644 +--- a/grub-core/fs/xfs.c ++++ b/grub-core/fs/xfs.c +@@ -557,7 +557,10 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) + if (grub_disk_read (node->data->disk, + GRUB_XFS_FSB_TO_BLOCK (node->data, get_fsb (keys, i - 1 + recoffset)) << (node->data->sblock.log2_bsize - GRUB_DISK_SECTOR_BITS), + 0, node->data->bsize, leaf)) +- return 0; ++ { ++ grub_free (leaf); ++ return 0; ++ } + + if ((!node->data->hascrc && + grub_strncmp ((char *) leaf->magic, "BMAP", 4)) || +@@ -723,6 +726,7 @@ static int iterate_dir_call_hook (grub_uint64_t ino, const char *filename, + if (err) + { + grub_print_error (); ++ grub_free (fdiro); + return 0; + } + +@@ -833,7 +837,10 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir, + blk << dirblk_log2, + dirblk_size, dirblock, 0); + if (numread != dirblk_size) +- return 0; ++ { ++ grub_free (dirblock); ++ return 0; ++ } + + entries = (grub_be_to_cpu32 (tail->leaf_count) + - grub_be_to_cpu32 (tail->leaf_stale)); +-- +2.19.1 + diff --git a/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch b/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch new file mode 100644 index 0000000..bca97f3 --- /dev/null +++ b/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch @@ -0,0 +1,42 @@ +From 82ff9faa5bff5b3669bc4144bfc9b2279d344483 Mon Sep 17 00:00:00 2001 +From: Jagannathan Raman +Date: Mon, 17 Oct 2022 14:04:39 +0000 +Subject: [PATCH] kern/buffer: Handle NULL input pointer in grub_buffer_free() + +The grub_buffer_free() should handle NULL input pointer, similar to +grub_free(). If the pointer is not referencing any memory location, +grub_buffer_free() need not perform any function. + +Fixes: CID 396931 + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=82ff9faa5bff5b3669bc4144bfc9b2279d344483 +Conflict:NA + +Signed-off-by: Jagannathan Raman +Reviewed-by: Ross Philipson +Reviewed-by: Daniel Kiper +--- + grub-core/kern/buffer.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/grub-core/kern/buffer.c b/grub-core/kern/buffer.c +index 9f5f8b867..a2587729c 100644 +--- a/grub-core/kern/buffer.c ++++ b/grub-core/kern/buffer.c +@@ -49,8 +49,11 @@ grub_buffer_new (grub_size_t sz) + void + grub_buffer_free (grub_buffer_t buf) + { +- grub_free (buf->data); +- grub_free (buf); ++ if (buf != NULL) ++ { ++ grub_free (buf->data); ++ grub_free (buf); ++ } + } + + grub_err_t +-- +2.28.0.windows.1 + diff --git a/backport-kern-file-Fix-error-handling-in-grub_file_open.patch b/backport-kern-file-Fix-error-handling-in-grub_file_open.patch new file mode 100644 index 0000000..07d87ad --- /dev/null +++ b/backport-kern-file-Fix-error-handling-in-grub_file_open.patch @@ -0,0 +1,41 @@ +From e375394fb9233fb1da13f7fb38e38d8aa83d1443 Mon Sep 17 00:00:00 2001 +From: Steve McIntyre +Date: Tue, 6 Dec 2022 01:45:11 +0000 +Subject: kern/file: Fix error handling in grub_file_open() + +grub_file_open() calls grub_file_get_device_name(), but doesn't check +the return. Instead, it checks if grub_errno is set. + +However, nothing initialises grub_errno here when grub_file_open() +starts. This means that trying to open one file that doesn't exist and +then trying to open another file that does will (incorrectly) also +fail to open that second file. + +Let's fix that. + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=e375394fb9233fb1da13f7fb38e38d8aa83d1443 +Conflict:NA + +Signed-off-by: Steve McIntyre +Reviewed-by: Daniel Kiper +--- + grub-core/kern/file.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c +index ffdcaba..a5f2b9c 100644 +--- a/grub-core/kern/file.c ++++ b/grub-core/kern/file.c +@@ -66,6 +66,9 @@ grub_file_open (const char *name, enum grub_file_type type) + const char *file_name; + grub_file_filter_id_t filter; + ++ /* Reset grub_errno before we start. */ ++ grub_errno = GRUB_ERR_NONE; ++ + device_name = grub_file_get_device_name (name); + if (grub_errno) + goto fail; +-- +2.19.1 + diff --git a/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch b/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch new file mode 100644 index 0000000..6612272 --- /dev/null +++ b/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch @@ -0,0 +1,157 @@ +From 544fd63f0f7a6b1e270ec88c4ece2c3e76b206f5 Mon Sep 17 00:00:00 2001 +From: Gary Lin +Date: Fri, 25 Nov 2022 15:37:35 +0800 +Subject: [PATCH] loader/linux: Ensure the newc pathname is NULL-terminated + +Per "man 5 cpio", the namesize in the cpio header includes the trailing +NUL byte of the pathname and the pathname is followed by NUL bytes, but +the current implementation ignores the trailing NUL byte when making +the newc header. Although make_header() tries to pad the pathname string, +the padding won't happen when strlen(name) + sizeof(struct newc_head) +is a multiple of 4, and the non-NULL-terminated pathname may lead to +unexpected results. + +Assume that a file is created with 'echo -n aaaa > /boot/test12' and +loaded by grub2: + + linux /boot/vmlinuz + initrd newc:test12:/boot/test12 /boot/initrd + +The initrd command eventually invoked grub_initrd_load() and sent +'t''e''s''t''1''2' to make_header() to generate the header: + +00000070 30 37 30 37 30 31 33 30 31 43 41 30 44 45 30 30 |070701301CA0DE00| +00000080 30 30 38 31 41 34 30 30 30 30 30 33 45 38 30 30 |0081A4000003E800| +00000090 30 30 30 30 36 34 30 30 30 30 30 30 30 31 36 33 |0000640000000163| +000000a0 37 36 45 34 35 32 30 30 30 30 30 30 30 34 30 30 |76E4520000000400| +000000b0 30 30 30 30 30 38 30 30 30 30 30 30 31 33 30 30 |0000080000001300| +000000c0 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 |0000000000000000| +000000d0 30 30 30 30 30 36 30 30 30 30 30 30 30 30 74 65 |00000600000000te| + ^namesize +000000e0 73 74 31 32 61 61 61 61 30 37 30 37 30 31 30 30 |st12aaaa07070100| + ^^ end of the pathname + +Since strlen("test12") + sizeof(struct newc_head) is 116 = 29 * 4, +make_header() didn't pad the pathname, and the file content followed +"test12" immediately. This violates the cpio format and may trigger such +error during linux boot: + + Initramfs unpacking failed: ZSTD-compressed data is trunc + +To avoid the potential problems, this commit counts the trailing NUL byte +in when calling make_header() and adjusts the initrd size accordingly. + +Now the header becomes + +00000070 30 37 30 37 30 31 33 30 31 43 41 30 44 45 30 30 |070701301CA0DE00| +00000080 30 30 38 31 41 34 30 30 30 30 30 33 45 38 30 30 |0081A4000003E800| +00000090 30 30 30 30 36 34 30 30 30 30 30 30 30 31 36 33 |0000640000000163| +000000a0 37 36 45 34 35 32 30 30 30 30 30 30 30 34 30 30 |76E4520000000400| +000000b0 30 30 30 30 30 38 30 30 30 30 30 30 31 33 30 30 |0000080000001300| +000000c0 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 |0000000000000000| +000000d0 30 30 30 30 30 37 30 30 30 30 30 30 30 30 74 65 |00000700000000te| + ^namesize +000000e0 73 74 31 32 00 00 00 00 61 61 61 61 30 37 30 37 |st12....aaaa0707| + ^^ end of the pathname + +Besides the trailing NUL byte, make_header() pads 3 more NUL bytes, and +the user can safely read the pathname without a further check. + +To conform to the cpio format, the headers for "TRAILER!!!" are also +adjusted to include the trailing NUL byte, not ignore it. + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=544fd63f0f7a6b1e270ec88c4ece2c3e76b206f5 +Conflict:NA + +Signed-off-by: Gary Lin +Reviewed-by: Daniel Kiper +--- + grub-core/loader/linux.c | 27 +++++++++++++++++++-------- + 1 file changed, 19 insertions(+), 8 deletions(-) + +diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c +index 830360172..3948302d2 100644 +--- a/grub-core/loader/linux.c ++++ b/grub-core/loader/linux.c +@@ -127,12 +127,23 @@ insert_dir (const char *name, struct dir **root, + n->name = grub_strndup (cb, ce - cb); + if (ptr) + { ++ /* ++ * Create the substring with the trailing NUL byte ++ * to be included in the cpio header. ++ */ ++ char *tmp_name = grub_strndup (name, ce - name); ++ if (!tmp_name) { ++ grub_free (n->name); ++ grub_free (n); ++ return grub_errno; ++ } + grub_dprintf ("linux", "Creating directory %s, %s\n", name, ce); +- ptr = make_header (ptr, name, ce - name, ++ ptr = make_header (ptr, tmp_name, ce - name + 1, + 040777, 0); ++ grub_free (tmp_name); + } + if (grub_add (*size, +- ALIGN_UP ((ce - (char *) name) ++ ALIGN_UP ((ce - (char *) name + 1) + + sizeof (struct newc_head), 4), + size)) + { +@@ -191,7 +202,7 @@ grub_initrd_init (int argc, char *argv[], + grub_initrd_close (initrd_ctx); + return grub_errno; + } +- name_len = grub_strlen (initrd_ctx->components[i].newc_name); ++ name_len = grub_strlen (initrd_ctx->components[i].newc_name) + 1; + if (grub_add (initrd_ctx->size, + ALIGN_UP (sizeof (struct newc_head) + name_len, 4), + &initrd_ctx->size) || +@@ -205,7 +216,7 @@ grub_initrd_init (int argc, char *argv[], + { + if (grub_add (initrd_ctx->size, + ALIGN_UP (sizeof (struct newc_head) +- + sizeof ("TRAILER!!!") - 1, 4), ++ + sizeof ("TRAILER!!!"), 4), + &initrd_ctx->size)) + goto overflow; + free_dir (root); +@@ -233,7 +244,7 @@ grub_initrd_init (int argc, char *argv[], + initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4); + if (grub_add (initrd_ctx->size, + ALIGN_UP (sizeof (struct newc_head) +- + sizeof ("TRAILER!!!") - 1, 4), ++ + sizeof ("TRAILER!!!"), 4), + &initrd_ctx->size)) + goto overflow; + free_dir (root); +@@ -297,14 +308,14 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, + } + ptr += dir_size; + ptr = make_header (ptr, initrd_ctx->components[i].newc_name, +- grub_strlen (initrd_ctx->components[i].newc_name), ++ grub_strlen (initrd_ctx->components[i].newc_name) + 1, + 0100777, + initrd_ctx->components[i].size); + newc = 1; + } + else if (newc) + { +- ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!") - 1, ++ ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!"), + 0, 0); + free_dir (root); + root = 0; +@@ -327,7 +338,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, + { + grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); + ptr += ALIGN_UP_OVERHEAD (cursize, 4); +- ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!") - 1, 0, 0); ++ ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!"), 0, 0); + } + free_dir (root); + root = 0; +-- +2.28.0.windows.1 + diff --git a/backport-loader-multiboot_elfxx-Fix-memory-leak.patch b/backport-loader-multiboot_elfxx-Fix-memory-leak.patch new file mode 100644 index 0000000..4a7fb04 --- /dev/null +++ b/backport-loader-multiboot_elfxx-Fix-memory-leak.patch @@ -0,0 +1,94 @@ +From 113142939172bda9759d4d2e5a053911821d2faf Mon Sep 17 00:00:00 2001 +From: "t.feng" +Date: Thu, 10 Nov 2022 15:01:15 +0800 +Subject: loader/multiboot_elfxx: Fix memory leak + +The commit eb33e61b3 (multiboot: fix memory leak) did not fix all +issues. Fix all of them right now. + +Fixes: eb33e61b3 (multiboot: fix memory leak) + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=113142939172bda9759d4d2e5a053911821d2faf +Conflict:NA + +Signed-off-by: t.feng +Reviewed-by: Daniel Kiper +--- + grub-core/loader/multiboot_elfxx.c | 23 ++++++++++++++--------- + 1 file changed, 14 insertions(+), 9 deletions(-) + +diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c +index 87f6e31..57330a0 100644 +--- a/grub-core/loader/multiboot_elfxx.c ++++ b/grub-core/loader/multiboot_elfxx.c +@@ -220,10 +220,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) + return grub_errno; + + if (grub_file_seek (mld->file, ehdr->e_shoff) == (grub_off_t) -1) +- { +- grub_free (shdr); +- return grub_errno; +- } ++ goto fail; + + if (grub_file_read (mld->file, shdr, (grub_uint32_t) ehdr->e_shnum * ehdr->e_shentsize) + != (grub_ssize_t) ehdr->e_shnum * ehdr->e_shentsize) +@@ -231,7 +228,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) + if (!grub_errno) + grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), + mld->filename); +- return grub_errno; ++ goto fail; + } + + for (shdrptr = shdr, i = 0; i < ehdr->e_shnum; +@@ -242,7 +239,10 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) + grub_addr_t target; + + if (mld->mbi_ver >= 2 && (sh->sh_type == SHT_REL || sh->sh_type == SHT_RELA)) +- return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, "ELF files with relocs are not supported yet"); ++ { ++ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, "ELF files with relocs are not supported yet"); ++ goto fail; ++ } + + /* This section is a loaded section, + so we don't care. */ +@@ -261,13 +261,14 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) + if (err) + { + grub_dprintf ("multiboot_loader", "Error loading shdr %d\n", i); +- return err; ++ grub_errno = err; ++ goto fail; + } + src = get_virtual_current_address (ch); + target = get_physical_target_address (ch); + + if (grub_file_seek (mld->file, sh->sh_offset) == (grub_off_t) -1) +- return grub_errno; ++ goto fail; + + if (grub_file_read (mld->file, src, sh->sh_size) + != (grub_ssize_t) sh->sh_size) +@@ -275,12 +276,16 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) + if (!grub_errno) + grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), + mld->filename); +- return grub_errno; ++ goto fail; + } + sh->sh_addr = target; + } + GRUB_MULTIBOOT (add_elfsyms) (ehdr->e_shnum, ehdr->e_shentsize, + ehdr->e_shstrndx, shdr); ++ return GRUB_ERR_NONE; ++ ++fail: ++ grub_free (shdr); + } + + #undef phdr +-- +2.19.1 + diff --git a/backport-normal-cmdline-Fix-two-related-integer-underflows.patch b/backport-normal-cmdline-Fix-two-related-integer-underflows.patch new file mode 100644 index 0000000..f86b2b4 --- /dev/null +++ b/backport-normal-cmdline-Fix-two-related-integer-underflows.patch @@ -0,0 +1,83 @@ +From 77afd25f8065bfbf5cc7848855006cd5260aeb9f Mon Sep 17 00:00:00 2001 +From: Ryan Cohen +Date: Sat, 26 Nov 2022 17:22:52 -0500 +Subject: [PATCH] normal/cmdline: Fix two related integer underflows + +An unchecked decrement operation in cl_print() would cause a few +integers to underflow. Where an output terminal's state is stored in +cl_term, the values cl_term->ystart and cl_term->pos.y both underflow. + +This can be replicated with the following steps: + +1. Get to the GRUB command line +2. Hold down the "d" key (or any key that enters a visible character) + until it fills the entire row +3. Press "HOME" and then press "CTRL-k". This will clear every + character entered in step 2 +4. Continuously press "CTRL-y" until the terminal scrolls the original + prompt ("grub> ") passed the terminal's top row. Now, no prompt + should be visible. This step causes cl_term->ystart to underflow +5. Press "HOME" and then "d" (or any visible character). This can have + different visual effects for different systems, but it will always + cause cl_term->pos.y to underflow + +On BIOS systems, these underflows cause the output terminal to +completely stop displaying anything. Characters can still be +entered and commands can be run, but nothing will display on the +terminal. From here, you can only get the display working by running +a command to switch the current output terminal to a different type: + +terminal_output + +On UEFI systems, these replication steps do not break the output +terminal. Until you press "ENTER", the cursor stops responding to input, +but you can press "ENTER" after step 5 and the command line will +work properly again. This patch is mostly important for BIOS systems +where the output terminal is rendered unusable after the underflows +occur. + +This patch adds two checks, one for each variable. It ensures that +cl_term->ystart does not decrement passed 0. It also ensures that +cl_term->pos.y does not get set passed the terminal's bottom row. + +When the previously listed replication steps are followed with this +patch, the terminal's cursor will be set to the top row and the command +line is still usable, even on BIOS systems. + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=77afd25f8065bfbf5cc7848855006cd5260aeb9f +Conflict:NA + +Signed-off-by: Ryan Cohen +Reviewed-by: Daniel Kiper +--- + grub-core/normal/cmdline.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/grub-core/normal/cmdline.c b/grub-core/normal/cmdline.c +index 61f098244..9c6d9ade9 100644 +--- a/grub-core/normal/cmdline.c ++++ b/grub-core/normal/cmdline.c +@@ -219,6 +219,8 @@ cl_set_pos (struct cmdline_term *cl_term, grub_size_t lpos) + cl_term->pos.x = (cl_term->prompt_len + lpos) % cl_term->width; + cl_term->pos.y = cl_term->ystart + + (cl_term->prompt_len + lpos) / cl_term->width; ++ if (cl_term->pos.y >= cl_term->height) ++ cl_term->pos.y = cl_term->height - 1; + grub_term_gotoxy (cl_term->term, cl_term->pos); + } + +@@ -248,7 +250,10 @@ cl_print (struct cmdline_term *cl_term, grub_uint32_t c, + { + cl_term->pos.x = 0; + if (cl_term->pos.y >= (unsigned) (cl_term->height - 1)) +- cl_term->ystart--; ++ { ++ if (cl_term->ystart > 0) ++ cl_term->ystart--; ++ } + else + cl_term->pos.y++; + grub_putcode ('\n', cl_term->term); +-- +2.28.0.windows.1 + diff --git a/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch b/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch new file mode 100644 index 0000000..93b53f9 --- /dev/null +++ b/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch @@ -0,0 +1,36 @@ +From 108a3865f43330b581d35b9cf6ecb1e0a1da5d49 Mon Sep 17 00:00:00 2001 +From: Ryan Cohen +Date: Sat, 26 Nov 2022 17:22:51 -0500 +Subject: [PATCH] term/i386/pc/vga_text: Prevent out-of-bounds writes to VGA + text buffer + +Coordinates passed to screen_write_char() did not have any checks to +ensure they are not out-of-bounds. This adds an if statement to prevent +out-of-bounds writes to the VGA text buffer. + +Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=108a3865f43330b581d35b9cf6ecb1e0a1da5d49 +Conflict:NA + +Signed-off-by: Ryan Cohen +Reviewed-by: Daniel Kiper +--- + grub-core/term/i386/pc/vga_text.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/grub-core/term/i386/pc/vga_text.c b/grub-core/term/i386/pc/vga_text.c +index 669d06fad..b88fa9d2e 100644 +--- a/grub-core/term/i386/pc/vga_text.c ++++ b/grub-core/term/i386/pc/vga_text.c +@@ -63,7 +63,8 @@ static grub_uint8_t cur_color = 0x7; + static void + screen_write_char (int x, int y, short c) + { +- VGA_TEXT_SCREEN[y * COLS + x] = grub_cpu_to_le16 (c); ++ if (x < COLS && y < ROWS && x >= 0 && y >= 0) ++ VGA_TEXT_SCREEN[y * COLS + x] = grub_cpu_to_le16 (c); + } + + static short +-- +2.28.0.windows.1 + diff --git a/grub.patches b/grub.patches index 16c2665..aaceedd 100644 --- a/grub.patches +++ b/grub.patches @@ -1,426 +1,437 @@ -Patch0001: 0001-Add-support-for-Linux-EFI-stub-loading.patch -Patch0002: 0002-Rework-linux-command.patch -Patch0003: 0003-Rework-linux16-command.patch -Patch0004: 0004-Add-secureboot-support-on-efi-chainloader.patch -Patch0005: 0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch -Patch0006: 0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch -Patch0007: 0007-re-write-.gitignore.patch -Patch0008: 0008-IBM-client-architecture-CAS-reboot-support.patch -Patch0009: 0009-for-ppc-reset-console-display-attr-when-clear-screen.patch -Patch0010: 0010-Disable-GRUB-video-support-for-IBM-power-machines.patch -Patch0011: 0011-Honor-a-symlink-when-generating-configuration-by-gru.patch -Patch0012: 0012-Move-bash-completion-script-922997.patch -Patch0013: 0013-Update-to-minilzo-2.08.patch -Patch0014: 0014-Allow-fallback-to-include-entries-by-title-not-just-.patch -Patch0015: 0015-Add-GRUB_DISABLE_UUID.patch -Patch0016: 0016-Make-exit-take-a-return-code.patch -Patch0017: 0017-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch -Patch0018: 0018-Make-efi-machines-load-an-env-block-from-a-variable.patch -Patch0019: 0019-DHCP-client-ID-and-UUID-options-added.patch -Patch0020: 0020-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch -Patch0021: 0021-Add-support-for-UEFI-operating-systems-returned-by-o.patch -Patch0022: 0022-Migrate-PPC-from-Yaboot-to-Grub2.patch -Patch0023: 0023-Add-fw_path-variable-revised.patch -Patch0024: 0024-Pass-x-hex-hex-straight-through-unmolested.patch -Patch0025: 0025-Add-X-option-to-printf-functions.patch -Patch0026: 0026-Search-for-specific-config-file-for-netboot.patch -Patch0027: 0027-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch -Patch0028: 0028-Add-devicetree-loading.patch -Patch0029: 0029-Don-t-write-messages-to-the-screen.patch -Patch0030: 0030-Don-t-print-GNU-GRUB-header.patch -Patch0031: 0031-Don-t-add-to-highlighted-row.patch -Patch0032: 0032-Message-string-cleanups.patch -Patch0033: 0033-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch -Patch0034: 0034-Use-the-correct-indentation-for-the-term-help-text.patch -Patch0035: 0035-Indent-menu-entries.patch -Patch0036: 0036-Fix-margins.patch -Patch0037: 0037-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch -Patch0038: 0038-Enable-pager-by-default.-985860.patch -Patch0039: 0039-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch -Patch0040: 0040-Don-t-say-GNU-Linux-in-generated-menus.patch -Patch0041: 0041-Don-t-draw-a-border-around-the-menu.patch -Patch0042: 0042-Use-the-standard-margin-for-the-timeout-string.patch -Patch0043: 0043-Add-.eh_frame-to-list-of-relocations-stripped.patch -Patch0044: 0044-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch -Patch0045: 0045-Don-t-require-a-password-to-boot-entries-generated-b.patch -Patch0046: 0046-Don-t-emit-Booting-.-message.patch -Patch0047: 0047-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch -Patch0048: 0048-use-fw_path-prefix-when-fallback-searching-for-grub-.patch -Patch0049: 0049-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch -Patch0050: 0050-Fix-convert-function-to-support-NVMe-devices.patch -Patch0051: 0051-Add-grub_util_readlink.patch -Patch0052: 0052-Make-editenv-chase-symlinks-including-those-across-d.patch -Patch0053: 0053-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch -Patch0054: 0054-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch -Patch0055: 0055-Try-prefix-if-fw_path-doesn-t-work.patch -Patch0056: 0056-Update-info-with-grub.cfg-netboot-selection-order-11.patch -Patch0057: 0057-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch -Patch0058: 0058-Handle-rssd-storage-devices.patch -Patch0059: 0059-Make-grub2-mkconfig-construct-titles-that-look-like-.patch -Patch0060: 0060-Add-friendly-grub2-password-config-tool-985962.patch -Patch0061: 0061-tcp-add-window-scaling-support.patch -Patch0062: 0062-Fix-security-issue-when-reading-username-and-passwor.patch -Patch0063: 0063-Add-a-url-parser.patch -Patch0064: 0064-efinet-and-bootp-add-support-for-dhcpv6.patch -Patch0065: 0065-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch -Patch0066: 0066-Normalize-slashes-in-tftp-paths.patch -Patch0067: 0067-bz1374141-fix-incorrect-mask-for-ppc64.patch -Patch0068: 0068-Make-grub_fatal-also-backtrace.patch -Patch0069: 0069-Fix-up-some-man-pages-rpmdiff-noticed.patch -Patch0070: 0070-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch -Patch0071: 0071-Make-our-info-pages-say-grub2-where-appropriate.patch -Patch0072: 0072-print-more-debug-info-in-our-module-loader.patch -Patch0073: 0073-macos-just-build-chainloader-entries-don-t-try-any-x.patch -Patch0074: 0074-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch -Patch0075: 0075-export-btrfs_subvol-and-btrfs_subvolid.patch -Patch0076: 0076-grub2-btrfs-03-follow_default.patch -Patch0077: 0077-grub2-btrfs-04-grub2-install.patch -Patch0078: 0078-grub2-btrfs-05-grub2-mkconfig.patch -Patch0079: 0079-grub2-btrfs-06-subvol-mount.patch -Patch0080: 0080-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch -Patch0081: 0081-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch -Patch0082: 0082-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch -Patch0083: 0083-Use-grub_efi_.-memory-helpers-where-reasonable.patch -Patch0084: 0084-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch -Patch0085: 0085-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch -Patch0086: 0086-don-t-ignore-const.patch -Patch0087: 0087-don-t-use-int-for-efi-status.patch -Patch0088: 0088-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch -Patch0089: 0089-editenv-handle-relative-symlinks.patch -Patch0090: 0090-Make-libgrub.pp-depend-on-config-util.h.patch -Patch0091: 0091-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch -Patch0092: 0092-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch -Patch0093: 0093-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch -Patch0094: 0094-align-struct-efi_variable-better.patch -Patch0095: 0095-Add-BLS-support-to-grub-mkconfig.patch -Patch0096: 0096-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch -Patch0097: 0097-Add-linux-and-initrd-commands-for-grub-emu.patch -Patch0098: 0098-Add-grub2-switch-to-blscfg.patch -Patch0099: 0099-Add-grub_debug_enabled.patch -Patch0100: 0100-make-better-backtraces.patch -Patch0101: 0101-normal-don-t-draw-our-startup-message-if-debug-is-se.patch -Patch0102: 0102-Work-around-some-minor-include-path-weirdnesses.patch -Patch0103: 0103-Make-it-possible-to-enabled-build-id-sha1.patch -Patch0104: 0104-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch -Patch0105: 0105-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch -Patch0106: 0106-Fixup-for-newer-compiler.patch -Patch0107: 0107-Don-t-attempt-to-export-the-start-and-_start-symbols.patch -Patch0108: 0108-Fixup-for-newer-compiler.patch -Patch0109: 0109-Add-support-for-non-Ethernet-network-cards.patch -Patch0110: 0110-misc-fix-invalid-character-recongition-in-strto-l.patch -Patch0111: 0111-net-read-bracketed-ipv6-addrs-and-port-numbers.patch -Patch0112: 0112-bootp-New-net_bootp6-command.patch -Patch0113: 0113-efinet-UEFI-IPv6-PXE-support.patch -Patch0114: 0114-grub.texi-Add-net_bootp6-doument.patch -Patch0115: 0115-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch -Patch0116: 0116-efinet-Setting-network-from-UEFI-device-path.patch -Patch0117: 0117-efinet-Setting-DNS-server-from-UEFI-protocol.patch -Patch0118: 0118-Fix-one-more-coverity-complaint.patch -Patch0119: 0119-Support-UEFI-networking-protocols.patch -Patch0120: 0120-AUDIT-0-http-boot-tracker-bug.patch -Patch0121: 0121-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch -Patch0122: 0122-efi-uga-use-64-bit-for-fb_base.patch -Patch0123: 0123-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch -Patch0124: 0124-EFI-console-Add-grub_console_read_key_stroke-helper-.patch -Patch0125: 0125-EFI-console-Implement-getkeystatus-support.patch -Patch0126: 0126-Make-grub_getkeystatus-helper-funtion-available-ever.patch -Patch0127: 0127-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch -Patch0128: 0128-grub-editenv-Add-incr-command-to-increment-integer-v.patch -Patch0129: 0129-Add-auto-hide-menu-support.patch -Patch0130: 0130-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch -Patch0131: 0131-Add-grub-set-bootflag-utility.patch -Patch0132: 0132-docs-Add-grub-boot-indeterminate.service-example.patch -Patch0133: 0133-gentpl-add-disable-support.patch -Patch0134: 0134-gentpl-add-pc-firmware-type.patch -Patch0135: 0135-efinet-also-use-the-firmware-acceleration-for-http.patch -Patch0136: 0136-efi-http-Make-root_url-reflect-the-protocol-hostname.patch -Patch0137: 0137-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch -Patch0138: 0138-module-verifier-make-it-possible-to-run-checkers-on-.patch -Patch0139: 0139-Rework-how-the-fdt-command-builds.patch -Patch0140: 0140-Disable-non-wordsize-allocations-on-arm.patch -Patch0141: 0141-strip-R-.note.gnu.property-at-more-places.patch -Patch0142: 0142-Prepend-prefix-when-HTTP-path-is-relative.patch -Patch0143: 0143-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch -Patch0144: 0144-Make-grub_error-more-verbose.patch -Patch0145: 0145-Make-reset-an-alias-for-the-reboot-command.patch -Patch0146: 0146-EFI-more-debug-output-on-GOP-and-UGA-probing.patch -Patch0147: 0147-Add-a-version-command.patch -Patch0148: 0148-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch -Patch0149: 0149-arm-arm64-loader-Better-memory-allocation-and-error-.patch -Patch0150: 0150-Try-to-pick-better-locations-for-kernel-and-initrd.patch -Patch0151: 0151-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch -Patch0152: 0152-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch -Patch0153: 0153-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch -Patch0154: 0154-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch -Patch0155: 0155-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch -Patch0156: 0156-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch -Patch0157: 0157-Fix-getroot.c-s-trampolines.patch -Patch0158: 0158-Do-not-allow-stack-trampolines-anywhere.patch -Patch0159: 0159-Reimplement-boot_counter.patch -Patch0160: 0160-Make-grub_strtol-end-pointers-have-safer-const-quali.patch -Patch0161: 0161-Fix-menu-entry-selection-based-on-ID-and-title.patch -Patch0162: 0162-Make-the-menu-entry-users-option-argument-to-be-opti.patch -Patch0163: 0163-Add-efi-export-env-and-efi-load-env-commands.patch -Patch0164: 0164-Make-it-possible-to-subtract-conditions-from-debug.patch -Patch0165: 0165-Export-all-variables-from-the-initial-context-when-c.patch -Patch0166: 0166-Fix-the-looking-up-grub.cfg-XXX-while-tftp-booting.patch -Patch0167: 0167-Don-t-make-grub_strtoull-print-an-error-if-no-conver.patch -Patch0168: 0168-Fix-the-type-of-grub_efi_status_t.patch -Patch0169: 0169-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch -Patch0170: 0170-Fix-systemctl-kexec-exit-status-check.patch -Patch0171: 0171-Print-grub-emu-linux-loader-messages-as-debug.patch -Patch0172: 0172-Don-t-assume-that-boot-commands-will-only-return-on-.patch -Patch0173: 0173-Fix-undefined-references-for-fdt-when-building-with-.patch -Patch0174: 0174-autogen.sh-use-find-wholename-for-long-path-matches.patch -Patch0175: 0175-Fix-build-error-with-the-fdt-module-on-risc-v.patch -Patch0176: 0176-RISC-V-Fix-computation-of-pc-relative-relocation-off.patch -Patch0177: 0177-blscfg-Add-support-for-the-devicetree-field.patch -Patch0178: 0178-Set-a-devicetree-var-in-a-BLS-config-if-GRUB_DEFAULT.patch -Patch0179: 0179-Don-t-add-a-class-option-to-menu-entries-generated-f.patch -Patch0180: 0180-10_linux.in-Also-use-GRUB_CMDLINE_LINUX_DEFAULT-to-s.patch -Patch0181: 0181-blscfg-Don-t-hardcode-an-env-var-as-fallback-for-the.patch -Patch0182: 0182-grub-set-bootflag-Update-comment-about-running-as-ro.patch -Patch0183: 0183-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch -Patch0184: 0184-blscfg-add-a-space-char-when-appending-fields-for-va.patch -Patch0185: 0185-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch -Patch0186: 0186-blscfg-Add-support-for-sorting-the-plus-higher-than-.patch -Patch0187: 0187-Fix-savedefault-with-blscfg.patch -Patch0188: 0188-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch -Patch0189: 0189-chainloader-Define-machine-types-for-RISC-V.patch -Patch0190: 0190-Add-start-symbol-for-RISC-V.patch -Patch0191: 0191-RISC-V-Add-__clzdi2-symbol.patch -Patch0192: 0192-grub-install-Define-default-platform-for-RISC-V.patch -Patch0193: 0193-blscfg-Always-use-the-root-variable-to-search-for-BL.patch -Patch0194: 0194-efi-http-Export-fw-http-_path-variables-to-make-them.patch -Patch0195: 0195-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch -Patch0196: 0196-efi-net-Allow-to-specify-a-port-number-in-addresses.patch -Patch0197: 0197-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch -Patch0198: 0198-efi-net-Print-a-debug-message-if-parsing-the-address.patch -Patch0199: 0199-blscfg-return-NULL-instead-of-a-zero-length-array-in.patch -Patch0200: 0200-grub-switch-to-blscfg-Update-grub2-binary-in-ESP-for.patch -Patch0201: 0201-grub-switch-to-blscfg-Only-mark-GRUB-as-BLS-supporte.patch -Patch0202: 0202-10_linux.in-Merge-logic-from-10_linux_bls-and-drop-t.patch -Patch0203: 0203-grub-switch-to-blscfg-Use-install-to-copy-GRUB-binar.patch -Patch0204: 0204-10_linux.in-Enable-BLS-configuration-if-new-kernel-p.patch -Patch0205: 0205-efi-Set-image-base-address-before-jumping-to-the-PE-.patch -Patch0206: 0206-blscfg-Lookup-default_kernelopts-variable-as-fallbac.patch -Patch0207: 0207-10_linux.in-fix-early-exit-due-error-when-reading-pe.patch -Patch0208: 0208-envblk-Fix-buffer-overrun-when-attempting-to-shrink-.patch -Patch0209: 0209-10_linux.in-Store-cmdline-in-BLS-snippets-instead-of.patch -Patch0210: 0210-10_linux.in-restore-existence-check-in-get_sorted_bl.patch -Patch0211: 0211-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch -Patch0212: 0212-tpm-Enable-module-for-all-EFI-platforms.patch -Patch0213: 0213-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch -Patch0214: 0214-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch -Patch0215: 0215-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch -Patch0216: 0216-fix-build-with-rpm-4.16.patch -Patch0217: 0217-Only-mark-GRUB-as-BLS-supported-in-OSTree-systems-wi.patch -Patch0218: 0218-support-TPM2.0-in-grub2-both-legacy-and-efi.patch -Patch0219: 0219-Workaround-for-EFI-Bug-Plan3.patch -Patch0220: 0220-bugfix-remove-excess-qutos.patch -Patch0221: 0221-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch -Patch0222: 0222-safemath-Add-some-arithmetic-primitives-that-check-f.patch -Patch0223: 0223-calloc-Make-sure-we-always-have-an-overflow-checking.patch -Patch0224: 0224-calloc-Use-calloc-at-most-places.patch -Patch0225: 0225-malloc-Use-overflow-checking-primitives-where-we-do-.patch -Patch0226: 0226-iso9660-Don-t-leak-memory-on-realloc-failures.patch -Patch0227: 0227-font-Do-not-load-more-than-one-NAME-section.patch -Patch0228: 0228-gfxmenu-Fix-double-free-in-load_image.patch -Patch0229: 0229-xnu-Fix-double-free-in-grub_xnu_devprop_add_property.patch -Patch0230: 0230-lzma-Make-sure-we-don-t-dereference-past-array.patch -Patch0231: 0231-term-Fix-overflow-on-user-inputs.patch -Patch0232: 0232-udf-Fix-memory-leak.patch -Patch0233: 0233-multiboot2-Fix-memory-leak-if-grub_create_loader_cmd.patch -Patch0234: 0234-tftp-Do-not-use-priority-queue.patch -Patch0235: 0235-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch -Patch0236: 0236-multiboot2-Set-min-address-for-mbi-allocation-to-0x1.patch -Patch0237: 0237-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch -Patch0238: 0238-script-Remove-unused-fields-from-grub_script_functio.patch -Patch0239: 0239-script-Avoid-a-use-after-free-when-redefining-a-func.patch -Patch0240: 0240-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch -Patch0241: 0241-hfsplus-Fix-two-more-overflows.patch -Patch0242: 0242-lvm-Fix-two-more-potential-data-dependent-alloc-over.patch -Patch0243: 0243-efi-Fix-some-malformed-device-path-arithmetic-errors.patch -Patch0244: 0244-efi-chainloader-Propagate-errors-from-copy_file_path.patch -Patch0245: 0245-efi-Fix-use-after-free-in-halt-reboot-path.patch -Patch0246: 0246-loader-linux-Avoid-overflow-on-initrd-size-calculati.patch -Patch0247: 0247-linux-Fix-integer-overflows-in-initrd-size-handling.patch -Patch0248: 0248-linuxefi-fail-kernel-validation-without-shim-protoco.patch -Patch0249: 0249-remove-08_fallback_counting.in-apply-grubby.patch -Patch0250: 0250-tftp-roll-over-block-counter-to-prevent-timeouts-wit.patch -Patch0251: backport-CVE-2020-25632.patch -Patch0252: backport-CVE-2020-25647.patch -Patch0253: backport-0001-CVE-2020-27749.patch -Patch0254: backport-0002-CVE-2020-27749.patch -Patch0255: backport-0003-CVE-2020-27749.patch -Patch0256: backport-0004-CVE-2020-27749.patch -Patch0257: backport-0005-CVE-2020-27749.patch -Patch0258: backport-0006-CVE-2020-27749.patch -Patch0259: backport-0007-CVE-2020-27749.patch -Patch0260: backport-CVE-2021-20225.patch -Patch0261: backport-CVE-2021-20233.patch -Patch0262: backport-0001-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0263: backport-0002-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0264: backport-0003-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0265: backport-0004-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0266: backport-0005-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0267: backport-0006-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0268: backport-0007-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0269: backport-0008-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0270: backport-0009-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0271: backport-0010-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0272: backport-0011-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0273: backport-0012-CVE-2020-27779-and-CVE-2020-14372.patch -Patch0274: backport-0001-mmap-Fix-memory-leak-when-iterating-over-mapped-memo.patch -Patch0275: backport-0002-net-net-Fix-possible-dereference-to-of-a-NULL-pointe.patch -Patch0276: backport-0003-net-tftp-Fix-dangling-memory-pointer.patch -Patch0277: backport-0004-kern-efi-Fix-memory-leak-on-failure.patch -Patch0278: backport-0005-kern-efi-mm-Fix-possible-NULL-pointer-dereference.patch -Patch0279: backport-0006-zstd-Initialize-seq_t-structure-fully.patch -Patch0280: backport-0007-kern-partition-Check-for-NULL-before-dereferencing-i.patch -Patch0281: backport-0008-disk-ldm-Make-sure-comp-data-is-freed-before-exiting.patch -Patch0282: backport-0009-disk-ldm-If-failed-then-free-vg-variable-too.patch -Patch0283: backport-0010-disk-ldm-Fix-memory-leak-on-uninserted-lv-references.patch -Patch0284: backport-0011-hfsplus-Check-that-the-volume-name-length-is-valid.patch -Patch0285: backport-0012-zfs-Fix-possible-negative-shift-operation.patch -Patch0286: backport-0013-zfs-Fix-resource-leaks-while-constructing-path.patch -Patch0287: backport-0014-zfs-Fix-possible-integer-overflows.patch -Patch0288: backport-0015-zfsinfo-Correct-a-check-for-error-allocating-memory.patch -Patch0289: backport-0016-affs-Fix-memory-leaks.patch -Patch0290: backport-0017-libgcrypt-mpi-Fix-possible-unintended-sign-extension.patch -Patch0291: backport-0018-libgcrypt-mpi-Fix-possible-NULL-dereference.patch -Patch0292: backport-0019-syslinux-Fix-memory-leak-while-parsing.patch -Patch0293: backport-0020-normal-completion-Fix-leaking-of-memory-when-process.patch -Patch0294: backport-0021-commands-hashsum-Fix-a-memory-leak.patch -Patch0295: backport-0022-video-efi_gop-Remove-unnecessary-return-value-of-gru.patch -Patch0296: backport-0023-video-fb-fbfill-Fix-potential-integer-overflow.patch -Patch0297: backport-0024-video-fb-video_fb-Fix-multiple-integer-overflows.patch -Patch0298: backport-0025-video-fb-video_fb-Fix-possible-integer-overflow.patch -Patch0299: backport-0026-video-readers-jpeg-Test-for-an-invalid-next-marker-r.patch -Patch0300: backport-0027-gfxmenu-gui_list-Remove-code-that-coverity-is-flaggi.patch -Patch0301: backport-0028-loader-bsd-Check-for-NULL-arg-up-front.patch -Patch0302: backport-0029-loader-xnu-Fix-memory-leak.patch -Patch0303: backport-0030-loader-xnu-Free-driverkey-data-when-an-error-is-dete.patch -Patch0304: backport-0031-loader-xnu-Check-if-pointer-is-NULL-before-using-it.patch -Patch0305: backport-0032-util-grub-install-Fix-NULL-pointer-dereferences.patch -Patch0306: backport-0033-util-grub-editenv-Fix-incorrect-casting-of-a-signed-.patch -Patch0307: backport-0034-util-glue-efi-Fix-incorrect-use-of-a-possibly-negati.patch -Patch0308: backport-0035-script-execute-Fix-NULL-dereference-in-grub_script_e.patch -Patch0309: backport-0036-commands-ls-Require-device_name-is-not-NULL-before-p.patch -Patch0310: backport-0037-script-execute-Avoid-crash-when-using-outside-a-func.patch -Patch0311: backport-0038-script-execute-Don-t-crash-on-a-for-loop-with-no-ite.patch -Patch0312: backport-0039-kern-misc-Always-set-end-in-grub_strtoull.patch -Patch0313: backport-0040-video-readers-jpeg-Catch-files-with-unsupported-quan.patch -Patch0314: backport-0041-video-readers-jpeg-Catch-OOB-reads-writes-in-grub_jp.patch -Patch0315: backport-0042-video-readers-jpeg-Don-t-decode-data-before-start-of.patch -Patch0316: backport-0043-term-gfxterm-Don-t-set-up-a-font-with-glyphs-that-ar.patch -Patch0317: backport-0044-fs-fshelp-Catch-impermissibly-large-block-sizes-in-r.patch -Patch0318: backport-0045-fs-hfsplus-Don-t-fetch-a-key-beyond-the-end-of-the-n.patch -Patch0319: backport-0046-fs-hfsplus-Don-t-use-uninitialized-data-on-corrupt-f.patch -Patch0320: backport-0047-fs-hfs-Disable-under-lockdown.patch -Patch0321: backport-0048-fs-sfs-Fix-over-read-of-root-object-name.patch -Patch0322: backport-0049-fs-jfs-Do-not-move-to-leaf-level-if-name-length-is-n.patch -Patch0323: backport-0050-fs-jfs-Limit-the-extents-that-getblk-can-consider.patch -Patch0324: backport-0051-fs-jfs-Catch-infinite-recursion.patch -Patch0325: backport-0052-fs-nilfs2-Reject-too-large-keys.patch -Patch0326: backport-0053-fs-nilfs2-Don-t-search-children-if-provided-number-i.patch -Patch0327: backport-0054-fs-nilfs2-Properly-bail-on-errors-in-grub_nilfs2_btr.patch -Patch0328: backport-0055-io-gzio-Bail-if-gzio-tl-td-is-NULL.patch -Patch0329: backport-0056-io-gzio-Add-init_dynamic_block-clean-up-if-unpacking.patch -Patch0330: backport-0057-io-gzio-Catch-missing-values-in-huft_build-and-bail.patch -Patch0331: backport-0058-io-gzio-Zero-gzio-tl-td-in-init_dynamic_block-if-huf.patch -Patch0332: backport-0059-disk-lvm-Don-t-go-beyond-the-end-of-the-data-we-read.patch -Patch0333: backport-0060-disk-lvm-Don-t-blast-past-the-end-of-the-circular-me.patch -Patch0334: backport-0061-disk-lvm-Bail-on-missing-PV-list.patch -Patch0335: backport-0062-disk-lvm-Do-not-crash-if-an-expected-string-is-not-f.patch -Patch0336: backport-0063-lvm-Add-LVM-cache-logical-volume-handling.patch -Patch0337: backport-0064-disk-lvm-Do-not-overread-metadata.patch -Patch0338: backport-0065-disk-lvm-Sanitize-rlocn-offset-to-prevent-wild-read.patch -Patch0339: backport-0066-disk-lvm-Do-not-allow-a-LV-to-be-it-s-own-segment-s-.patch -Patch0340: backport-0067-fs-btrfs-Validate-the-number-of-stripes-parities-in-.patch -Patch0341: backport-0068-fs-btrfs-Squash-some-uninitialized-reads.patch -Patch0342: backport-0069-kern-efi-Add-initial-stack-protector-implementation.patch -Patch0343: backport-0070-util-mkimage-Remove-unused-code-to-add-BSS-section.patch -Patch0344: backport-0071-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch -Patch0345: backport-0072-kern-mm-Fix-grub_debug_calloc-compilation-error.patch -Patch0346: backport-0073-grub-mkconfig-Fix-typo-in-help-output.patch -Patch0347: backport-0074-at_keyboard-Fix-unreliable-key-presses.patch -Patch0348: backport-0075-hostdisk-Set-linux-file-descriptor-to-O_CLOEXEC-as-d.patch -Patch0349: backport-0076-squash4-Fix-an-uninitialized-variable.patch -Patch0350: backport-0077-efi-tpm-Fix-memory-leak-in-grub_tpm1-2_log_event.patch -Patch0351: backport-0078-powerpc-mkimage-Fix-CHRP-note-descsz.patch -Patch0352: backport-0079-efi-tpm-Fix-typo-in-grub_efi_tpm2_protocol-struct.patch -Patch0353: backport-0080-misc-Add-parentheses-around-ALIGN_UP-and-ALIGN_DOWN-.patch -Patch0354: backport-0081-verifiers-Fix-calling-uninitialized-function-pointer.patch -Patch0355: backport-templates-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch -Patch0356: backport-CVE-2021-3981-restore-umask-for-the-grub.patch -Patch0357: backport-0081-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis-2.patch -Patch0358: backport-disk-cryptodisk-Fix-potential-integer-overflow.patch -Patch0359: backport-efi-The-device-tree-must-be-in-EfiACPIReclaimMemory.patch -Patch0360: backport-fs-ext2-Fix-a-file-not-found-error-when-a-symlink-filesize-is-equal-to-60.patch -Patch0361: backport-io-lzopio-Resolve-unnecessary-self-assignment-errors.patch -Patch0362: backport-loader-i386-linux-Do-not-use-grub_le_to_cpu32-for-relocatable-variable.patch -Patch0363: backport-util-mkimage-Fix-wrong-PE32-section-sizes-for-some-arches.patch -Patch0364: backport-enable-http-and-https-boot.patch -Patch0365: backport-support-TPM2.0.patch -Patch0366: backport-use-default-timestamp.patch -Patch0367: backport-fix-CVE-2020-15705.patch -Patch0368: backport-grub2-set-password-prompts-to-enter-the-current-pass.patch -Patch0369: backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch -Patch0370: backport-disk-ldm-Fix-resource-leak.patch -Patch0371: backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch -Patch0372: backport-osdep-linux-Fix-md-array-device-enumeration.patch -Patch0373: backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch -Patch0374: backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch -Patch0375: backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch -Patch0376: backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch -Patch0377: bugfix-double-grub-x86_64-efi-mm-pool.patch -Patch0378: bugfix-net-fix-null-pointer-dereference-when-parsing-ICMP6_.patch -Patch0379: backport-correct-closing-of-SNP-protocol.patch -Patch0380: backport-fix-misspelled-variable-BUILD_LDFAGS.patch -Patch0381: backport-Fix-partmap_test-for-arm-efi.patch -Patch0382: backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch -Patch0383: backport-loader-efi-chainloader-Simplify-the-loader-state.patch -Patch0384: backport-commands-boot-Add-API-to-pass-context-to-loader.patch -Patch0385: backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch -Patch0386: backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch -Patch0387: backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch -Patch0388: backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch -Patch0389: backport-kern-file-Do-not-leak-device_name-on-error-in.patch -Patch0390: backport-video-readers-png-Abort-sooner-if-a-read.patch -Patch0391: backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch -Patch0392: backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch -Patch0393: backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch -Patch0394: backport-video-readers-png-Sanity-check-some-huffman-codes.patch -Patch0395: backport-video-readers-jpeg-Abort-sooner-if-a-read.patch -Patch0396: backport-video-readers-jpeg-Do-not-reallocate-a-given.patch -Patch0397: backport-video-readers-jpeg-Refuse-to-handle-multiple.patch -Patch0398: backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch -Patch0399: backport-normal-charset-Fix-array-out-of-bounds-formatting.patch -Patch0400: backport-net-ip-Do-IP-fragment-maths-safely.patch -Patch0401: backport-net-netbuff-Block-overly-large-netbuff-allocs.patch -Patch0402: backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch -Patch0403: backport-net-dns-Dont-read-past-the-end-of-the-string.patch -Patch0404: backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch -Patch0405: backport-net-tftp-Avoid-a-trivial-UAF.patch -Patch0406: backport-net-http-Do-not-tear-down-socket-if-its-already.patch -Patch0407: backport-net-http-Fix-OOB-write-for-split-http-headers.patch -Patch0408: backport-net-http-Error-out-on-headers-with-LF-without-CR.patch -Patch0409: backport-tests-Disable-blkid-cache-usage.patch -Patch0410: backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch -Patch0411: backport-video-readers-Add-artificial-limit-to-image-dimensio.patch -Patch0412: backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch -Patch0413: backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch -Patch0414: backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch -Patch0415: backport-font-Remove-grub_font_dup_glyph.patch -Patch0416: backport-font-Fix-integer-overflow-in-ensure_comb_space.patch -Patch0417: backport-font-Fix-integer-overflow-in-BMP-index.patch -Patch0418: backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch -Patch0419: backport-kern-efi-sb-Enforce-verification-of-font-files.patch -Patch0420: backport-fbutil-Fix-integer-overflow.patch -Patch0421: backport-font-Fix-an-integer-underflow-in-blit_comb.patch -Patch0422: backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch -Patch0423: backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch -Patch0424: backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch -Patch0425: backport-fs-minix-Avoid-mistakenly-probing-ext2-filesystems.patch -Patch0426: add-tpcm-support-with-ipmi-channel.patch +Patch0001: 0001-Add-support-for-Linux-EFI-stub-loading.patch +Patch0002: 0002-Rework-linux-command.patch +Patch0003: 0003-Rework-linux16-command.patch +Patch0004: 0004-Add-secureboot-support-on-efi-chainloader.patch +Patch0005: 0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +Patch0006: 0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +Patch0007: 0007-re-write-.gitignore.patch +Patch0008: 0008-IBM-client-architecture-CAS-reboot-support.patch +Patch0009: 0009-for-ppc-reset-console-display-attr-when-clear-screen.patch +Patch0010: 0010-Disable-GRUB-video-support-for-IBM-power-machines.patch +Patch0011: 0011-Honor-a-symlink-when-generating-configuration-by-gru.patch +Patch0012: 0012-Move-bash-completion-script-922997.patch +Patch0013: 0013-Update-to-minilzo-2.08.patch +Patch0014: 0014-Allow-fallback-to-include-entries-by-title-not-just-.patch +Patch0015: 0015-Add-GRUB_DISABLE_UUID.patch +Patch0016: 0016-Make-exit-take-a-return-code.patch +Patch0017: 0017-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch +Patch0018: 0018-Make-efi-machines-load-an-env-block-from-a-variable.patch +Patch0019: 0019-DHCP-client-ID-and-UUID-options-added.patch +Patch0020: 0020-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch +Patch0021: 0021-Add-support-for-UEFI-operating-systems-returned-by-o.patch +Patch0022: 0022-Migrate-PPC-from-Yaboot-to-Grub2.patch +Patch0023: 0023-Add-fw_path-variable-revised.patch +Patch0024: 0024-Pass-x-hex-hex-straight-through-unmolested.patch +Patch0025: 0025-Add-X-option-to-printf-functions.patch +Patch0026: 0026-Search-for-specific-config-file-for-netboot.patch +Patch0027: 0027-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +Patch0028: 0028-Add-devicetree-loading.patch +Patch0029: 0029-Don-t-write-messages-to-the-screen.patch +Patch0030: 0030-Don-t-print-GNU-GRUB-header.patch +Patch0031: 0031-Don-t-add-to-highlighted-row.patch +Patch0032: 0032-Message-string-cleanups.patch +Patch0033: 0033-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch +Patch0034: 0034-Use-the-correct-indentation-for-the-term-help-text.patch +Patch0035: 0035-Indent-menu-entries.patch +Patch0036: 0036-Fix-margins.patch +Patch0037: 0037-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch +Patch0038: 0038-Enable-pager-by-default.-985860.patch +Patch0039: 0039-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch +Patch0040: 0040-Don-t-say-GNU-Linux-in-generated-menus.patch +Patch0041: 0041-Don-t-draw-a-border-around-the-menu.patch +Patch0042: 0042-Use-the-standard-margin-for-the-timeout-string.patch +Patch0043: 0043-Add-.eh_frame-to-list-of-relocations-stripped.patch +Patch0044: 0044-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch +Patch0045: 0045-Don-t-require-a-password-to-boot-entries-generated-b.patch +Patch0046: 0046-Don-t-emit-Booting-.-message.patch +Patch0047: 0047-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +Patch0048: 0048-use-fw_path-prefix-when-fallback-searching-for-grub-.patch +Patch0049: 0049-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch +Patch0050: 0050-Fix-convert-function-to-support-NVMe-devices.patch +Patch0051: 0051-Add-grub_util_readlink.patch +Patch0052: 0052-Make-editenv-chase-symlinks-including-those-across-d.patch +Patch0053: 0053-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +Patch0054: 0054-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch +Patch0055: 0055-Try-prefix-if-fw_path-doesn-t-work.patch +Patch0056: 0056-Update-info-with-grub.cfg-netboot-selection-order-11.patch +Patch0057: 0057-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch +Patch0058: 0058-Handle-rssd-storage-devices.patch +Patch0059: 0059-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +Patch0060: 0060-Add-friendly-grub2-password-config-tool-985962.patch +Patch0061: 0061-tcp-add-window-scaling-support.patch +Patch0062: 0062-Fix-security-issue-when-reading-username-and-passwor.patch +Patch0063: 0063-Add-a-url-parser.patch +Patch0064: 0064-efinet-and-bootp-add-support-for-dhcpv6.patch +Patch0065: 0065-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +Patch0066: 0066-Normalize-slashes-in-tftp-paths.patch +Patch0067: 0067-bz1374141-fix-incorrect-mask-for-ppc64.patch +Patch0068: 0068-Make-grub_fatal-also-backtrace.patch +Patch0069: 0069-Fix-up-some-man-pages-rpmdiff-noticed.patch +Patch0070: 0070-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch +Patch0071: 0071-Make-our-info-pages-say-grub2-where-appropriate.patch +Patch0072: 0072-print-more-debug-info-in-our-module-loader.patch +Patch0073: 0073-macos-just-build-chainloader-entries-don-t-try-any-x.patch +Patch0074: 0074-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch +Patch0075: 0075-export-btrfs_subvol-and-btrfs_subvolid.patch +Patch0076: 0076-grub2-btrfs-03-follow_default.patch +Patch0077: 0077-grub2-btrfs-04-grub2-install.patch +Patch0078: 0078-grub2-btrfs-05-grub2-mkconfig.patch +Patch0079: 0079-grub2-btrfs-06-subvol-mount.patch +Patch0080: 0080-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch +Patch0081: 0081-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch +Patch0082: 0082-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch +Patch0083: 0083-Use-grub_efi_.-memory-helpers-where-reasonable.patch +Patch0084: 0084-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +Patch0085: 0085-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch +Patch0086: 0086-don-t-ignore-const.patch +Patch0087: 0087-don-t-use-int-for-efi-status.patch +Patch0088: 0088-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch +Patch0089: 0089-editenv-handle-relative-symlinks.patch +Patch0090: 0090-Make-libgrub.pp-depend-on-config-util.h.patch +Patch0091: 0091-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +Patch0092: 0092-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch +Patch0093: 0093-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch +Patch0094: 0094-align-struct-efi_variable-better.patch +Patch0095: 0095-Add-BLS-support-to-grub-mkconfig.patch +Patch0096: 0096-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch +Patch0097: 0097-Add-linux-and-initrd-commands-for-grub-emu.patch +Patch0098: 0098-Add-grub2-switch-to-blscfg.patch +Patch0099: 0099-Add-grub_debug_enabled.patch +Patch0100: 0100-make-better-backtraces.patch +Patch0101: 0101-normal-don-t-draw-our-startup-message-if-debug-is-se.patch +Patch0102: 0102-Work-around-some-minor-include-path-weirdnesses.patch +Patch0103: 0103-Make-it-possible-to-enabled-build-id-sha1.patch +Patch0104: 0104-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch +Patch0105: 0105-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch +Patch0106: 0106-Fixup-for-newer-compiler.patch +Patch0107: 0107-Don-t-attempt-to-export-the-start-and-_start-symbols.patch +Patch0108: 0108-Fixup-for-newer-compiler.patch +Patch0109: 0109-Add-support-for-non-Ethernet-network-cards.patch +Patch0110: 0110-misc-fix-invalid-character-recongition-in-strto-l.patch +Patch0111: 0111-net-read-bracketed-ipv6-addrs-and-port-numbers.patch +Patch0112: 0112-bootp-New-net_bootp6-command.patch +Patch0113: 0113-efinet-UEFI-IPv6-PXE-support.patch +Patch0114: 0114-grub.texi-Add-net_bootp6-doument.patch +Patch0115: 0115-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch +Patch0116: 0116-efinet-Setting-network-from-UEFI-device-path.patch +Patch0117: 0117-efinet-Setting-DNS-server-from-UEFI-protocol.patch +Patch0118: 0118-Fix-one-more-coverity-complaint.patch +Patch0119: 0119-Support-UEFI-networking-protocols.patch +Patch0120: 0120-AUDIT-0-http-boot-tracker-bug.patch +Patch0121: 0121-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch +Patch0122: 0122-efi-uga-use-64-bit-for-fb_base.patch +Patch0123: 0123-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch +Patch0124: 0124-EFI-console-Add-grub_console_read_key_stroke-helper-.patch +Patch0125: 0125-EFI-console-Implement-getkeystatus-support.patch +Patch0126: 0126-Make-grub_getkeystatus-helper-funtion-available-ever.patch +Patch0127: 0127-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch +Patch0128: 0128-grub-editenv-Add-incr-command-to-increment-integer-v.patch +Patch0129: 0129-Add-auto-hide-menu-support.patch +Patch0130: 0130-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch +Patch0131: 0131-Add-grub-set-bootflag-utility.patch +Patch0132: 0132-docs-Add-grub-boot-indeterminate.service-example.patch +Patch0133: 0133-gentpl-add-disable-support.patch +Patch0134: 0134-gentpl-add-pc-firmware-type.patch +Patch0135: 0135-efinet-also-use-the-firmware-acceleration-for-http.patch +Patch0136: 0136-efi-http-Make-root_url-reflect-the-protocol-hostname.patch +Patch0137: 0137-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch +Patch0138: 0138-module-verifier-make-it-possible-to-run-checkers-on-.patch +Patch0139: 0139-Rework-how-the-fdt-command-builds.patch +Patch0140: 0140-Disable-non-wordsize-allocations-on-arm.patch +Patch0141: 0141-strip-R-.note.gnu.property-at-more-places.patch +Patch0142: 0142-Prepend-prefix-when-HTTP-path-is-relative.patch +Patch0143: 0143-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch +Patch0144: 0144-Make-grub_error-more-verbose.patch +Patch0145: 0145-Make-reset-an-alias-for-the-reboot-command.patch +Patch0146: 0146-EFI-more-debug-output-on-GOP-and-UGA-probing.patch +Patch0147: 0147-Add-a-version-command.patch +Patch0148: 0148-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch +Patch0149: 0149-arm-arm64-loader-Better-memory-allocation-and-error-.patch +Patch0150: 0150-Try-to-pick-better-locations-for-kernel-and-initrd.patch +Patch0151: 0151-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch +Patch0152: 0152-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch +Patch0153: 0153-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch +Patch0154: 0154-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch +Patch0155: 0155-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch +Patch0156: 0156-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch +Patch0157: 0157-Fix-getroot.c-s-trampolines.patch +Patch0158: 0158-Do-not-allow-stack-trampolines-anywhere.patch +Patch0159: 0159-Reimplement-boot_counter.patch +Patch0160: 0160-Make-grub_strtol-end-pointers-have-safer-const-quali.patch +Patch0161: 0161-Fix-menu-entry-selection-based-on-ID-and-title.patch +Patch0162: 0162-Make-the-menu-entry-users-option-argument-to-be-opti.patch +Patch0163: 0163-Add-efi-export-env-and-efi-load-env-commands.patch +Patch0164: 0164-Make-it-possible-to-subtract-conditions-from-debug.patch +Patch0165: 0165-Export-all-variables-from-the-initial-context-when-c.patch +Patch0166: 0166-Fix-the-looking-up-grub.cfg-XXX-while-tftp-booting.patch +Patch0167: 0167-Don-t-make-grub_strtoull-print-an-error-if-no-conver.patch +Patch0168: 0168-Fix-the-type-of-grub_efi_status_t.patch +Patch0169: 0169-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch +Patch0170: 0170-Fix-systemctl-kexec-exit-status-check.patch +Patch0171: 0171-Print-grub-emu-linux-loader-messages-as-debug.patch +Patch0172: 0172-Don-t-assume-that-boot-commands-will-only-return-on-.patch +Patch0173: 0173-Fix-undefined-references-for-fdt-when-building-with-.patch +Patch0174: 0174-autogen.sh-use-find-wholename-for-long-path-matches.patch +Patch0175: 0175-Fix-build-error-with-the-fdt-module-on-risc-v.patch +Patch0176: 0176-RISC-V-Fix-computation-of-pc-relative-relocation-off.patch +Patch0177: 0177-blscfg-Add-support-for-the-devicetree-field.patch +Patch0178: 0178-Set-a-devicetree-var-in-a-BLS-config-if-GRUB_DEFAULT.patch +Patch0179: 0179-Don-t-add-a-class-option-to-menu-entries-generated-f.patch +Patch0180: 0180-10_linux.in-Also-use-GRUB_CMDLINE_LINUX_DEFAULT-to-s.patch +Patch0181: 0181-blscfg-Don-t-hardcode-an-env-var-as-fallback-for-the.patch +Patch0182: 0182-grub-set-bootflag-Update-comment-about-running-as-ro.patch +Patch0183: 0183-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch +Patch0184: 0184-blscfg-add-a-space-char-when-appending-fields-for-va.patch +Patch0185: 0185-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch +Patch0186: 0186-blscfg-Add-support-for-sorting-the-plus-higher-than-.patch +Patch0187: 0187-Fix-savedefault-with-blscfg.patch +Patch0188: 0188-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch +Patch0189: 0189-chainloader-Define-machine-types-for-RISC-V.patch +Patch0190: 0190-Add-start-symbol-for-RISC-V.patch +Patch0191: 0191-RISC-V-Add-__clzdi2-symbol.patch +Patch0192: 0192-grub-install-Define-default-platform-for-RISC-V.patch +Patch0193: 0193-blscfg-Always-use-the-root-variable-to-search-for-BL.patch +Patch0194: 0194-efi-http-Export-fw-http-_path-variables-to-make-them.patch +Patch0195: 0195-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch +Patch0196: 0196-efi-net-Allow-to-specify-a-port-number-in-addresses.patch +Patch0197: 0197-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch +Patch0198: 0198-efi-net-Print-a-debug-message-if-parsing-the-address.patch +Patch0199: 0199-blscfg-return-NULL-instead-of-a-zero-length-array-in.patch +Patch0200: 0200-grub-switch-to-blscfg-Update-grub2-binary-in-ESP-for.patch +Patch0201: 0201-grub-switch-to-blscfg-Only-mark-GRUB-as-BLS-supporte.patch +Patch0202: 0202-10_linux.in-Merge-logic-from-10_linux_bls-and-drop-t.patch +Patch0203: 0203-grub-switch-to-blscfg-Use-install-to-copy-GRUB-binar.patch +Patch0204: 0204-10_linux.in-Enable-BLS-configuration-if-new-kernel-p.patch +Patch0205: 0205-efi-Set-image-base-address-before-jumping-to-the-PE-.patch +Patch0206: 0206-blscfg-Lookup-default_kernelopts-variable-as-fallbac.patch +Patch0207: 0207-10_linux.in-fix-early-exit-due-error-when-reading-pe.patch +Patch0208: 0208-envblk-Fix-buffer-overrun-when-attempting-to-shrink-.patch +Patch0209: 0209-10_linux.in-Store-cmdline-in-BLS-snippets-instead-of.patch +Patch0210: 0210-10_linux.in-restore-existence-check-in-get_sorted_bl.patch +Patch0211: 0211-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch +Patch0212: 0212-tpm-Enable-module-for-all-EFI-platforms.patch +Patch0213: 0213-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch +Patch0214: 0214-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch +Patch0215: 0215-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch +Patch0216: 0216-fix-build-with-rpm-4.16.patch +Patch0217: 0217-Only-mark-GRUB-as-BLS-supported-in-OSTree-systems-wi.patch +Patch0218: 0218-support-TPM2.0-in-grub2-both-legacy-and-efi.patch +Patch0219: 0219-Workaround-for-EFI-Bug-Plan3.patch +Patch0220: 0220-bugfix-remove-excess-qutos.patch +Patch0221: 0221-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch +Patch0222: 0222-safemath-Add-some-arithmetic-primitives-that-check-f.patch +Patch0223: 0223-calloc-Make-sure-we-always-have-an-overflow-checking.patch +Patch0224: 0224-calloc-Use-calloc-at-most-places.patch +Patch0225: 0225-malloc-Use-overflow-checking-primitives-where-we-do-.patch +Patch0226: 0226-iso9660-Don-t-leak-memory-on-realloc-failures.patch +Patch0227: 0227-font-Do-not-load-more-than-one-NAME-section.patch +Patch0228: 0228-gfxmenu-Fix-double-free-in-load_image.patch +Patch0229: 0229-xnu-Fix-double-free-in-grub_xnu_devprop_add_property.patch +Patch0230: 0230-lzma-Make-sure-we-don-t-dereference-past-array.patch +Patch0231: 0231-term-Fix-overflow-on-user-inputs.patch +Patch0232: 0232-udf-Fix-memory-leak.patch +Patch0233: 0233-multiboot2-Fix-memory-leak-if-grub_create_loader_cmd.patch +Patch0234: 0234-tftp-Do-not-use-priority-queue.patch +Patch0235: 0235-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch +Patch0236: 0236-multiboot2-Set-min-address-for-mbi-allocation-to-0x1.patch +Patch0237: 0237-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch +Patch0238: 0238-script-Remove-unused-fields-from-grub_script_functio.patch +Patch0239: 0239-script-Avoid-a-use-after-free-when-redefining-a-func.patch +Patch0240: 0240-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch +Patch0241: 0241-hfsplus-Fix-two-more-overflows.patch +Patch0242: 0242-lvm-Fix-two-more-potential-data-dependent-alloc-over.patch +Patch0243: 0243-efi-Fix-some-malformed-device-path-arithmetic-errors.patch +Patch0244: 0244-efi-chainloader-Propagate-errors-from-copy_file_path.patch +Patch0245: 0245-efi-Fix-use-after-free-in-halt-reboot-path.patch +Patch0246: 0246-loader-linux-Avoid-overflow-on-initrd-size-calculati.patch +Patch0247: 0247-linux-Fix-integer-overflows-in-initrd-size-handling.patch +Patch0248: 0248-linuxefi-fail-kernel-validation-without-shim-protoco.patch +Patch0249: 0249-remove-08_fallback_counting.in-apply-grubby.patch +Patch0250: 0250-tftp-roll-over-block-counter-to-prevent-timeouts-wit.patch +Patch0251: backport-CVE-2020-25632.patch +Patch0252: backport-CVE-2020-25647.patch +Patch0253: backport-0001-CVE-2020-27749.patch +Patch0254: backport-0002-CVE-2020-27749.patch +Patch0255: backport-0003-CVE-2020-27749.patch +Patch0256: backport-0004-CVE-2020-27749.patch +Patch0257: backport-0005-CVE-2020-27749.patch +Patch0258: backport-0006-CVE-2020-27749.patch +Patch0259: backport-0007-CVE-2020-27749.patch +Patch0260: backport-CVE-2021-20225.patch +Patch0261: backport-CVE-2021-20233.patch +Patch0262: backport-0001-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0263: backport-0002-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0264: backport-0003-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0265: backport-0004-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0266: backport-0005-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0267: backport-0006-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0268: backport-0007-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0269: backport-0008-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0270: backport-0009-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0271: backport-0010-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0272: backport-0011-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0273: backport-0012-CVE-2020-27779-and-CVE-2020-14372.patch +Patch0274: backport-0001-mmap-Fix-memory-leak-when-iterating-over-mapped-memo.patch +Patch0275: backport-0002-net-net-Fix-possible-dereference-to-of-a-NULL-pointe.patch +Patch0276: backport-0003-net-tftp-Fix-dangling-memory-pointer.patch +Patch0277: backport-0004-kern-efi-Fix-memory-leak-on-failure.patch +Patch0278: backport-0005-kern-efi-mm-Fix-possible-NULL-pointer-dereference.patch +Patch0279: backport-0006-zstd-Initialize-seq_t-structure-fully.patch +Patch0280: backport-0007-kern-partition-Check-for-NULL-before-dereferencing-i.patch +Patch0281: backport-0008-disk-ldm-Make-sure-comp-data-is-freed-before-exiting.patch +Patch0282: backport-0009-disk-ldm-If-failed-then-free-vg-variable-too.patch +Patch0283: backport-0010-disk-ldm-Fix-memory-leak-on-uninserted-lv-references.patch +Patch0284: backport-0011-hfsplus-Check-that-the-volume-name-length-is-valid.patch +Patch0285: backport-0012-zfs-Fix-possible-negative-shift-operation.patch +Patch0286: backport-0013-zfs-Fix-resource-leaks-while-constructing-path.patch +Patch0287: backport-0014-zfs-Fix-possible-integer-overflows.patch +Patch0288: backport-0015-zfsinfo-Correct-a-check-for-error-allocating-memory.patch +Patch0289: backport-0016-affs-Fix-memory-leaks.patch +Patch0290: backport-0017-libgcrypt-mpi-Fix-possible-unintended-sign-extension.patch +Patch0291: backport-0018-libgcrypt-mpi-Fix-possible-NULL-dereference.patch +Patch0292: backport-0019-syslinux-Fix-memory-leak-while-parsing.patch +Patch0293: backport-0020-normal-completion-Fix-leaking-of-memory-when-process.patch +Patch0294: backport-0021-commands-hashsum-Fix-a-memory-leak.patch +Patch0295: backport-0022-video-efi_gop-Remove-unnecessary-return-value-of-gru.patch +Patch0296: backport-0023-video-fb-fbfill-Fix-potential-integer-overflow.patch +Patch0297: backport-0024-video-fb-video_fb-Fix-multiple-integer-overflows.patch +Patch0298: backport-0025-video-fb-video_fb-Fix-possible-integer-overflow.patch +Patch0299: backport-0026-video-readers-jpeg-Test-for-an-invalid-next-marker-r.patch +Patch0300: backport-0027-gfxmenu-gui_list-Remove-code-that-coverity-is-flaggi.patch +Patch0301: backport-0028-loader-bsd-Check-for-NULL-arg-up-front.patch +Patch0302: backport-0029-loader-xnu-Fix-memory-leak.patch +Patch0303: backport-0030-loader-xnu-Free-driverkey-data-when-an-error-is-dete.patch +Patch0304: backport-0031-loader-xnu-Check-if-pointer-is-NULL-before-using-it.patch +Patch0305: backport-0032-util-grub-install-Fix-NULL-pointer-dereferences.patch +Patch0306: backport-0033-util-grub-editenv-Fix-incorrect-casting-of-a-signed-.patch +Patch0307: backport-0034-util-glue-efi-Fix-incorrect-use-of-a-possibly-negati.patch +Patch0308: backport-0035-script-execute-Fix-NULL-dereference-in-grub_script_e.patch +Patch0309: backport-0036-commands-ls-Require-device_name-is-not-NULL-before-p.patch +Patch0310: backport-0037-script-execute-Avoid-crash-when-using-outside-a-func.patch +Patch0311: backport-0038-script-execute-Don-t-crash-on-a-for-loop-with-no-ite.patch +Patch0312: backport-0039-kern-misc-Always-set-end-in-grub_strtoull.patch +Patch0313: backport-0040-video-readers-jpeg-Catch-files-with-unsupported-quan.patch +Patch0314: backport-0041-video-readers-jpeg-Catch-OOB-reads-writes-in-grub_jp.patch +Patch0315: backport-0042-video-readers-jpeg-Don-t-decode-data-before-start-of.patch +Patch0316: backport-0043-term-gfxterm-Don-t-set-up-a-font-with-glyphs-that-ar.patch +Patch0317: backport-0044-fs-fshelp-Catch-impermissibly-large-block-sizes-in-r.patch +Patch0318: backport-0045-fs-hfsplus-Don-t-fetch-a-key-beyond-the-end-of-the-n.patch +Patch0319: backport-0046-fs-hfsplus-Don-t-use-uninitialized-data-on-corrupt-f.patch +Patch0320: backport-0047-fs-hfs-Disable-under-lockdown.patch +Patch0321: backport-0048-fs-sfs-Fix-over-read-of-root-object-name.patch +Patch0322: backport-0049-fs-jfs-Do-not-move-to-leaf-level-if-name-length-is-n.patch +Patch0323: backport-0050-fs-jfs-Limit-the-extents-that-getblk-can-consider.patch +Patch0324: backport-0051-fs-jfs-Catch-infinite-recursion.patch +Patch0325: backport-0052-fs-nilfs2-Reject-too-large-keys.patch +Patch0326: backport-0053-fs-nilfs2-Don-t-search-children-if-provided-number-i.patch +Patch0327: backport-0054-fs-nilfs2-Properly-bail-on-errors-in-grub_nilfs2_btr.patch +Patch0328: backport-0055-io-gzio-Bail-if-gzio-tl-td-is-NULL.patch +Patch0329: backport-0056-io-gzio-Add-init_dynamic_block-clean-up-if-unpacking.patch +Patch0330: backport-0057-io-gzio-Catch-missing-values-in-huft_build-and-bail.patch +Patch0331: backport-0058-io-gzio-Zero-gzio-tl-td-in-init_dynamic_block-if-huf.patch +Patch0332: backport-0059-disk-lvm-Don-t-go-beyond-the-end-of-the-data-we-read.patch +Patch0333: backport-0060-disk-lvm-Don-t-blast-past-the-end-of-the-circular-me.patch +Patch0334: backport-0061-disk-lvm-Bail-on-missing-PV-list.patch +Patch0335: backport-0062-disk-lvm-Do-not-crash-if-an-expected-string-is-not-f.patch +Patch0336: backport-0063-lvm-Add-LVM-cache-logical-volume-handling.patch +Patch0337: backport-0064-disk-lvm-Do-not-overread-metadata.patch +Patch0338: backport-0065-disk-lvm-Sanitize-rlocn-offset-to-prevent-wild-read.patch +Patch0339: backport-0066-disk-lvm-Do-not-allow-a-LV-to-be-it-s-own-segment-s-.patch +Patch0340: backport-0067-fs-btrfs-Validate-the-number-of-stripes-parities-in-.patch +Patch0341: backport-0068-fs-btrfs-Squash-some-uninitialized-reads.patch +Patch0342: backport-0069-kern-efi-Add-initial-stack-protector-implementation.patch +Patch0343: backport-0070-util-mkimage-Remove-unused-code-to-add-BSS-section.patch +Patch0344: backport-0071-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch +Patch0345: backport-0072-kern-mm-Fix-grub_debug_calloc-compilation-error.patch +Patch0346: backport-0073-grub-mkconfig-Fix-typo-in-help-output.patch +Patch0347: backport-0074-at_keyboard-Fix-unreliable-key-presses.patch +Patch0348: backport-0075-hostdisk-Set-linux-file-descriptor-to-O_CLOEXEC-as-d.patch +Patch0349: backport-0076-squash4-Fix-an-uninitialized-variable.patch +Patch0350: backport-0077-efi-tpm-Fix-memory-leak-in-grub_tpm1-2_log_event.patch +Patch0351: backport-0078-powerpc-mkimage-Fix-CHRP-note-descsz.patch +Patch0352: backport-0079-efi-tpm-Fix-typo-in-grub_efi_tpm2_protocol-struct.patch +Patch0353: backport-0080-misc-Add-parentheses-around-ALIGN_UP-and-ALIGN_DOWN-.patch +Patch0354: backport-0081-verifiers-Fix-calling-uninitialized-function-pointer.patch +Patch0355: backport-templates-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch +Patch0356: backport-CVE-2021-3981-restore-umask-for-the-grub.patch +Patch0357: backport-0081-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis-2.patch +Patch0358: backport-disk-cryptodisk-Fix-potential-integer-overflow.patch +Patch0359: backport-efi-The-device-tree-must-be-in-EfiACPIReclaimMemory.patch +Patch0360: backport-fs-ext2-Fix-a-file-not-found-error-when-a-symlink-filesize-is-equal-to-60.patch +Patch0361: backport-io-lzopio-Resolve-unnecessary-self-assignment-errors.patch +Patch0362: backport-loader-i386-linux-Do-not-use-grub_le_to_cpu32-for-relocatable-variable.patch +Patch0363: backport-util-mkimage-Fix-wrong-PE32-section-sizes-for-some-arches.patch +Patch0364: backport-enable-http-and-https-boot.patch +Patch0365: backport-support-TPM2.0.patch +Patch0366: backport-use-default-timestamp.patch +Patch0367: backport-fix-CVE-2020-15705.patch +Patch0368: backport-grub2-set-password-prompts-to-enter-the-current-pass.patch +Patch0369: backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch +Patch0370: backport-disk-ldm-Fix-resource-leak.patch +Patch0371: backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch +Patch0372: backport-osdep-linux-Fix-md-array-device-enumeration.patch +Patch0373: backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch +Patch0374: backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch +Patch0375: backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch +Patch0376: backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch +Patch0377: bugfix-double-grub-x86_64-efi-mm-pool.patch +Patch0378: bugfix-net-fix-null-pointer-dereference-when-parsing-ICMP6_.patch +Patch0379: backport-correct-closing-of-SNP-protocol.patch +Patch0380: backport-fix-misspelled-variable-BUILD_LDFAGS.patch +Patch0381: backport-Fix-partmap_test-for-arm-efi.patch +Patch0382: backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch +Patch0383: backport-loader-efi-chainloader-Simplify-the-loader-state.patch +Patch0384: backport-commands-boot-Add-API-to-pass-context-to-loader.patch +Patch0385: backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch +Patch0386: backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch +Patch0387: backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch +Patch0388: backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch +Patch0389: backport-kern-file-Do-not-leak-device_name-on-error-in.patch +Patch0390: backport-video-readers-png-Abort-sooner-if-a-read.patch +Patch0391: backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch +Patch0392: backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch +Patch0393: backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch +Patch0394: backport-video-readers-png-Sanity-check-some-huffman-codes.patch +Patch0395: backport-video-readers-jpeg-Abort-sooner-if-a-read.patch +Patch0396: backport-video-readers-jpeg-Do-not-reallocate-a-given.patch +Patch0397: backport-video-readers-jpeg-Refuse-to-handle-multiple.patch +Patch0398: backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch +Patch0399: backport-normal-charset-Fix-array-out-of-bounds-formatting.patch +Patch0400: backport-net-ip-Do-IP-fragment-maths-safely.patch +Patch0401: backport-net-netbuff-Block-overly-large-netbuff-allocs.patch +Patch0402: backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch +Patch0403: backport-net-dns-Dont-read-past-the-end-of-the-string.patch +Patch0404: backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch +Patch0405: backport-net-tftp-Avoid-a-trivial-UAF.patch +Patch0406: backport-net-http-Do-not-tear-down-socket-if-its-already.patch +Patch0407: backport-net-http-Fix-OOB-write-for-split-http-headers.patch +Patch0408: backport-net-http-Error-out-on-headers-with-LF-without-CR.patch +Patch0409: backport-tests-Disable-blkid-cache-usage.patch +Patch0410: backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch +Patch0411: backport-video-readers-Add-artificial-limit-to-image-dimensio.patch +Patch0412: backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch +Patch0413: backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch +Patch0414: backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch +Patch0415: backport-font-Remove-grub_font_dup_glyph.patch +Patch0416: backport-font-Fix-integer-overflow-in-ensure_comb_space.patch +Patch0417: backport-font-Fix-integer-overflow-in-BMP-index.patch +Patch0418: backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch +Patch0419: backport-kern-efi-sb-Enforce-verification-of-font-files.patch +Patch0420: backport-fbutil-Fix-integer-overflow.patch +Patch0421: backport-font-Fix-an-integer-underflow-in-blit_comb.patch +Patch0422: backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch +Patch0423: backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch +Patch0424: backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch +Patch0425: backport-fs-minix-Avoid-mistakenly-probing-ext2-filesystems.patch +Patch0426: add-tpcm-support-with-ipmi-channel.patch +Patch0427: backport-disk-diskfilter-Check-calloc-result-for-NULL.patch +Patch0428: backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch +Patch0429: backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch +Patch0430: backport-loader-multiboot_elfxx-Fix-memory-leak.patch +Patch0431: backport-normal-cmdline-Fix-two-related-integer-underflows.patch +Patch0432: backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch +Patch0433: backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch +Patch0434: backport-kern-file-Fix-error-handling-in-grub_file_open.patch +Patch0435: backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch +Patch0436: backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch +Patch0437: backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch diff --git a/grub2.spec b/grub2.spec index 9fd697f..705f604 100644 --- a/grub2.spec +++ b/grub2.spec @@ -8,7 +8,7 @@ Name: grub2 Epoch: 1 Version: 2.04 -Release: 30 +Release: 31 Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -442,6 +442,22 @@ rm -r /boot/grub2.tmp/ || : %{_datadir}/man/man* %changelog +* Wed Mar 22 2023 zhangqiumiao - 1:2.04-31 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:disk/diskfilter: Check calloc() result for NULL + kern/buffer: Handle NULL input pointer in grub_buffer_free() + disk/diskfilter: Don't make a RAID array with more than 1024 disks + loader/multiboot_elfxx: Fix memory leak + loader/linux: Ensure the newc pathname is NULL-terminated + term/i386/pc/vga_text: Prevent out-of-bounds writes to VGA text buffer + normal/cmdline: Fix two related integer underflows + fs/iso9660: Fix memory leaks in grub_iso9660_susp_iterate() + fs/squash4: Fix memory leaks in grub_squash_iterate_dir() + fs/xfs: Fix memory leaks in XFS module + kern/file: Fix error handling in grub_file_open() + * Tue Feb 28 2023 fengtao - 1:2.04-30 - Type:feature - CVE:NA -- Gitee