diff --git a/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch b/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch deleted file mode 100644 index fcc78251bdddae408b96d354061a322d4721d694..0000000000000000000000000000000000000000 --- a/0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Fri, 11 Jun 2021 12:10:45 +0200 -Subject: [PATCH] Revert "templates: Fix user-facing typo with an incorrect use - of "it's"" - -This reverts commit 722737630889607c3b5761f1f5a48f1674cd2821. ---- - util/grub.d/30_os-prober.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 5984e92d291..94622481284 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -36,7 +36,7 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n - exit 0 - fi - --grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIts output will be used to detect bootable binaries on them and create new boot entries.")" -+grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")" - - OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`" - if [ -z "${OSPROBED}" ] ; then diff --git a/0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch b/0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch deleted file mode 100644 index 4187765fb6bd501b572e08283f95550b6989a6af..0000000000000000000000000000000000000000 --- a/0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Fri, 11 Jun 2021 12:10:54 +0200 -Subject: [PATCH] Revert "templates: Properly disable the os-prober by default" - -This reverts commit 54e0a1bbf1e9106901a557195bb35e5e20fb3925. ---- - util/grub-mkconfig.in | 5 +---- - util/grub.d/30_os-prober.in | 8 ++++---- - 2 files changed, 5 insertions(+), 8 deletions(-) - -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index f8cbb8d7a2b..d3e879b8e5c 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -140,9 +140,6 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2 - GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`" - GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true - --# Disable os-prober by default due to security reasons. --GRUB_DISABLE_OS_PROBER="true" -- - # Filesystem for the device containing our userland. Used for stuff like - # choosing Hurd filesystem module. - GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`" -@@ -204,7 +201,6 @@ export GRUB_DEVICE \ - GRUB_DEVICE_PARTUUID \ - GRUB_DEVICE_BOOT \ - GRUB_DEVICE_BOOT_UUID \ -- GRUB_DISABLE_OS_PROBER \ - GRUB_FS \ - GRUB_FONT \ - GRUB_PRELOAD_MODULES \ -@@ -246,6 +242,7 @@ export GRUB_DEFAULT \ - GRUB_BACKGROUND \ - GRUB_THEME \ - GRUB_GFXPAYLOAD_LINUX \ -+ GRUB_DISABLE_OS_PROBER \ - GRUB_INIT_TUNE \ - GRUB_SAVEDEFAULT \ - GRUB_ENABLE_CRYPTODISK \ -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 94622481284..80685b15f4d 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -26,8 +26,8 @@ export TEXTDOMAINDIR="@localedir@" - - . "$pkgdatadir/grub-mkconfig_lib" - --if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then -- grub_warn "$(gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.")" -+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then -+ gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n" - exit 0 - fi - -@@ -36,12 +36,12 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n - exit 0 - fi - --grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")" -- - OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`" - if [ -z "${OSPROBED}" ] ; then - # empty os-prober output, nothing doing - exit 0 -+else -+ grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")" - fi - - osx_entry() { diff --git a/0003-Revert-templates-Disable-the-os-prober-by-default.patch b/0003-Revert-templates-Disable-the-os-prober-by-default.patch deleted file mode 100644 index 68cacfca1bead3a89fecede8564df9c71cb49f7b..0000000000000000000000000000000000000000 --- a/0003-Revert-templates-Disable-the-os-prober-by-default.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Fri, 11 Jun 2021 12:10:58 +0200 -Subject: [PATCH] Revert "templates: Disable the os-prober by default" - -This reverts commit e346414725a70e5c74ee87ca14e580c66f517666. ---- - docs/grub.texi | 18 ++++++++---------- - util/grub.d/30_os-prober.in | 5 +---- - 2 files changed, 9 insertions(+), 14 deletions(-) - -diff --git a/docs/grub.texi b/docs/grub.texi -index f8b4b3b21a7..69f08d289f9 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -1519,13 +1519,10 @@ boot sequence. If you have problems, set this option to @samp{text} and - GRUB will tell Linux to boot in normal text mode. - - @item GRUB_DISABLE_OS_PROBER --The @command{grub-mkconfig} has a feature to use the external --@command{os-prober} program to discover other operating systems installed on --the same machine and generate appropriate menu entries for them. It is disabled --by default since automatic and silent execution of @command{os-prober}, and --creating boot entries based on that data, is a potential attack vector. Set --this option to @samp{false} to enable this feature in the --@command{grub-mkconfig} command. -+Normally, @command{grub-mkconfig} will try to use the external -+@command{os-prober} program, if installed, to discover other operating -+systems installed on the same system and generate appropriate menu entries -+for them. Set this option to @samp{true} to disable this. - - @item GRUB_OS_PROBER_SKIP_LIST - List of space-separated FS UUIDs of filesystems to be ignored from os-prober -@@ -1853,9 +1850,10 @@ than zero; otherwise 0. - @section Multi-boot manual config - - Currently autogenerating config files for multi-boot environments depends on --os-prober and has several shortcomings. Due to that it is disabled by default. --It is advised to use the power of GRUB syntax and do it yourself. A possible --configuration is detailed here, feel free to adjust to your needs. -+os-prober and has several shortcomings. While fixing it is scheduled for the -+next release, meanwhile you can make use of the power of GRUB syntax and do it -+yourself. A possible configuration is detailed here, feel free to adjust to your -+needs. - - First create a separate GRUB partition, big enough to hold GRUB. Some of the - following entries show how to load OS installer images from this same partition, -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 80685b15f4d..1b91c102f35 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -26,8 +26,7 @@ export TEXTDOMAINDIR="@localedir@" - - . "$pkgdatadir/grub-mkconfig_lib" - --if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then -- gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n" -+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then - exit 0 - fi - -@@ -40,8 +39,6 @@ OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`" - if [ -z "${OSPROBED}" ] ; then - # empty os-prober output, nothing doing - exit 0 --else -- grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")" - fi - - osx_entry() { diff --git a/0004-Add-support-for-Linux-EFI-stub-loading.patch b/0004-Add-support-for-Linux-EFI-stub-loading.patch deleted file mode 100644 index 73d231a266b93cd52db2c667279f01c3559f764a..0000000000000000000000000000000000000000 --- a/0004-Add-support-for-Linux-EFI-stub-loading.patch +++ /dev/null @@ -1,983 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Tue, 10 Jul 2012 11:58:52 -0400 -Subject: [PATCH] Add support for Linux EFI stub loading. - -Also: - -commit 71c843745f22f81e16d259e2e19c99bf3c1855c1 -Author: Colin Watson -Date: Tue Oct 23 10:40:49 2012 -0400 - -Don't allow insmod when secure boot is enabled. - -Hi, - -Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine -as far as it goes. However, the insmod command is not the only way that -modules can be loaded. In particular, the 'normal' command, which -implements the usual GRUB menu and the fully-featured command prompt, -will implicitly load commands not currently loaded into memory. This -permits trivial Secure Boot violations by writing commands implementing -whatever you want to do and pointing $prefix at the malicious code. - -I'm currently test-building this patch (replacing your current -grub-2.00-no-insmod-on-sb.patch), but this should be more correct. It -moves the check into grub_dl_load_file. ---- - grub-core/Makefile.core.def | 16 +- - grub-core/kern/dl.c | 21 +++ - grub-core/kern/efi/efi.c | 28 ++++ - grub-core/kern/efi/mm.c | 32 ++++ - grub-core/loader/arm64/linux.c | 118 +++++++------- - grub-core/loader/arm64/xen_boot.c | 1 - - grub-core/loader/efi/linux.c | 70 ++++++++ - grub-core/loader/i386/efi/linux.c | 335 ++++++++++++++++++++++++++++++++++++++ - grub-core/loader/i386/pc/linux.c | 10 +- - include/grub/arm/linux.h | 9 + - include/grub/arm64/linux.h | 9 + - include/grub/efi/efi.h | 7 +- - include/grub/efi/linux.h | 31 ++++ - 13 files changed, 618 insertions(+), 69 deletions(-) - create mode 100644 grub-core/loader/efi/linux.c - create mode 100644 grub-core/loader/i386/efi/linux.c - create mode 100644 include/grub/efi/linux.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 8022e1c0a79..45d3edaa4dc 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1734,13 +1734,6 @@ module = { - enable = i386_pc; - }; - -- --module = { -- name = linux16; -- common = loader/i386/pc/linux.c; -- enable = x86; --}; -- - module = { - name = ntldr; - i386_pc = loader/i386/pc/ntldr.c; -@@ -1796,7 +1789,9 @@ module = { - - module = { - name = linux; -- x86 = loader/i386/linux.c; -+ i386_pc = loader/i386/pc/linux.c; -+ x86_64_efi = loader/i386/efi/linux.c; -+ i386_efi = loader/i386/efi/linux.c; - i386_xen_pvh = loader/i386/linux.c; - xen = loader/i386/xen.c; - i386_pc = lib/i386/pc/vesa_modes_table.c; -@@ -1811,9 +1806,14 @@ module = { - arm64 = loader/arm64/linux.c; - riscv32 = loader/riscv/linux.c; - riscv64 = loader/riscv/linux.c; -+ emu = loader/emu/linux.c; -+ fdt = lib/fdt.c; -+ - common = loader/linux.c; - common = lib/cmdline.c; - enable = noemu; -+ -+ efi = loader/efi/linux.c; - }; - - module = { -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index 48f8a79073d..b7149370950 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -38,6 +38,14 @@ - #define GRUB_MODULES_MACHINE_READONLY - #endif - -+#ifdef GRUB_MACHINE_EMU -+#include -+#endif -+ -+#ifdef GRUB_MACHINE_EFI -+#include -+#endif -+ - - - #pragma GCC diagnostic ignored "-Wcast-align" -@@ -695,6 +703,19 @@ grub_dl_load_file (const char *filename) - void *core = 0; - grub_dl_t mod = 0; - -+#ifdef GRUB_MACHINE_EFI -+ if (grub_efi_secure_boot ()) -+ { -+#if 0 -+ /* This is an error, but grub2-mkconfig still generates a pile of -+ * insmod commands, so emitting it would be mostly just obnoxious. */ -+ grub_error (GRUB_ERR_ACCESS_DENIED, -+ "Secure Boot forbids loading module from %s", filename); -+#endif -+ return 0; -+ } -+#endif -+ - grub_boot_time ("Loading module %s", filename); - - file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE); -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 8cff7be0289..35b8f670602 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -286,6 +286,34 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, - return grub_efi_get_variable_with_attributes (var, guid, datasize_out, data_out, NULL); - } - -+grub_efi_boolean_t -+grub_efi_secure_boot (void) -+{ -+ grub_efi_guid_t efi_var_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID; -+ grub_size_t datasize; -+ char *secure_boot = NULL; -+ char *setup_mode = NULL; -+ grub_efi_boolean_t ret = 0; -+ -+ secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -+ -+ if (datasize != 1 || !secure_boot) -+ goto out; -+ -+ setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -+ -+ if (datasize != 1 || !setup_mode) -+ goto out; -+ -+ if (*secure_boot && !*setup_mode) -+ ret = 1; -+ -+ out: -+ grub_free (secure_boot); -+ grub_free (setup_mode); -+ return ret; -+} -+ - #pragma GCC diagnostic ignored "-Wcast-align" - - /* Search the mods section from the PE32/PE32+ image. This code uses -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 9838fb2f50d..f6aef0ef649 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -113,6 +113,38 @@ grub_efi_drop_alloc (grub_efi_physical_address_t address, - } - } - -+/* Allocate pages below a specified address */ -+void * -+grub_efi_allocate_pages_max (grub_efi_physical_address_t max, -+ grub_efi_uintn_t pages) -+{ -+ grub_efi_status_t status; -+ grub_efi_boot_services_t *b; -+ grub_efi_physical_address_t address = max; -+ -+ if (max > 0xffffffff) -+ return 0; -+ -+ b = grub_efi_system_table->boot_services; -+ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ if (address == 0) -+ { -+ /* Uggh, the address 0 was allocated... This is too annoying, -+ so reallocate another one. */ -+ address = max; -+ status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_MAX_ADDRESS, GRUB_EFI_LOADER_DATA, pages, &address); -+ grub_efi_free_pages (0, pages); -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ } -+ -+ return (void *) ((grub_addr_t) address); -+} -+ - /* Allocate pages. Return the pointer to the first of allocated pages. */ - void * - grub_efi_allocate_pages_real (grub_efi_physical_address_t address, -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index ef3e9f9444c..a312c668685 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -29,6 +29,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -41,6 +42,7 @@ static int loaded; - - static void *kernel_addr; - static grub_uint64_t kernel_size; -+static grub_uint32_t handover_offset; - - static char *linux_args; - static grub_uint32_t cmdline_size; -@@ -67,7 +69,8 @@ grub_arch_efi_linux_check_image (struct linux_arch_kernel_header * lh) - static grub_err_t - finalize_params_linux (void) - { -- int node, retval; -+ grub_efi_loaded_image_t *loaded_image = NULL; -+ int node, retval, len; - - void *fdt; - -@@ -102,79 +105,70 @@ finalize_params_linux (void) - if (grub_fdt_install() != GRUB_ERR_NONE) - goto failure; - -- return GRUB_ERR_NONE; -- --failure: -- grub_fdt_unload(); -- return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); --} -- --grub_err_t --grub_arch_efi_linux_boot_image (grub_addr_t addr, grub_size_t size, char *args) --{ -- grub_efi_memory_mapped_device_path_t *mempath; -- grub_efi_handle_t image_handle; -- grub_efi_boot_services_t *b; -- grub_efi_status_t status; -- grub_efi_loaded_image_t *loaded_image; -- int len; -- -- mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t)); -- if (!mempath) -- return grub_errno; -- -- mempath[0].header.type = GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE; -- mempath[0].header.subtype = GRUB_EFI_MEMORY_MAPPED_DEVICE_PATH_SUBTYPE; -- mempath[0].header.length = grub_cpu_to_le16_compile_time (sizeof (*mempath)); -- mempath[0].memory_type = GRUB_EFI_LOADER_DATA; -- mempath[0].start_address = addr; -- mempath[0].end_address = addr + size; -- -- mempath[1].header.type = GRUB_EFI_END_DEVICE_PATH_TYPE; -- mempath[1].header.subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -- mempath[1].header.length = sizeof (grub_efi_device_path_t); -- -- b = grub_efi_system_table->boot_services; -- status = b->load_image (0, grub_efi_image_handle, -- (grub_efi_device_path_t *) mempath, -- (void *) addr, size, &image_handle); -- if (status != GRUB_EFI_SUCCESS) -- return grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -- -- grub_dprintf ("linux", "linux command line: '%s'\n", args); -+ grub_dprintf ("linux", "Installed/updated FDT configuration table @ %p\n", -+ fdt); - - /* Convert command line to UCS-2 */ -- loaded_image = grub_efi_get_loaded_image (image_handle); -+ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!loaded_image) -+ goto failure; -+ - loaded_image->load_options_size = len = -- (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t); -+ (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t); - loaded_image->load_options = - grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); - if (!loaded_image->load_options) -- return grub_errno; -+ return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters"); - - loaded_image->load_options_size = - 2 * grub_utf8_to_utf16 (loaded_image->load_options, len, -- (grub_uint8_t *) args, len, NULL); -+ (grub_uint8_t *) linux_args, len, NULL); - -- grub_dprintf ("linux", "starting image %p\n", image_handle); -- status = b->start_image (image_handle, 0, NULL); -+ return GRUB_ERR_NONE; - -- /* When successful, not reached */ -- b->unload_image (image_handle); -- grub_efi_free_pages ((grub_addr_t) loaded_image->load_options, -- GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+failure: -+ grub_fdt_unload(); -+ return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+} - -- return grub_errno; -+static void -+free_params (void) -+{ -+ grub_efi_loaded_image_t *loaded_image = NULL; -+ -+ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (loaded_image) -+ { -+ if (loaded_image->load_options) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_efi_uintn_t)loaded_image->load_options, -+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+ loaded_image->load_options = NULL; -+ loaded_image->load_options_size = 0; -+ } -+} -+ -+grub_err_t -+grub_arch_efi_linux_boot_image (grub_addr_t addr, char *args) -+{ -+ grub_err_t retval; -+ -+ retval = finalize_params_linux (); -+ if (retval != GRUB_ERR_NONE) -+ return grub_errno; -+ -+ grub_dprintf ("linux", "linux command line: '%s'\n", args); -+ -+ retval = grub_efi_linux_boot ((char *)addr, handover_offset, (void *)addr); -+ -+ /* Never reached... */ -+ free_params(); -+ return retval; - } - - static grub_err_t - grub_linux_boot (void) - { -- if (finalize_params_linux () != GRUB_ERR_NONE) -- return grub_errno; -- -- return (grub_arch_efi_linux_boot_image((grub_addr_t)kernel_addr, -- kernel_size, linux_args)); -+ return (grub_arch_efi_linux_boot_image((grub_addr_t)kernel_addr, linux_args)); - } - - static grub_err_t -@@ -288,6 +282,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - grub_file_t file = 0; - struct linux_arch_kernel_header lh; -+ struct grub_armxx_linux_pe_header *pe; - grub_err_t err; - - grub_dl_ref (my_mod); -@@ -333,6 +328,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - -+ if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); -+ goto fail; -+ } -+ -+ pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); -+ handover_offset = pe->opt.entry_addr; -+ - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); - linux_args = grub_malloc (cmdline_size); - if (!linux_args) -diff --git a/grub-core/loader/arm64/xen_boot.c b/grub-core/loader/arm64/xen_boot.c -index 22cc25eccd9..d9b7a9ba400 100644 ---- a/grub-core/loader/arm64/xen_boot.c -+++ b/grub-core/loader/arm64/xen_boot.c -@@ -266,7 +266,6 @@ xen_boot (void) - return err; - - return grub_arch_efi_linux_boot_image (xen_hypervisor->start, -- xen_hypervisor->size, - xen_hypervisor->cmdline); - } - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -new file mode 100644 -index 00000000000..c24202a5dd1 ---- /dev/null -+++ b/grub-core/loader/efi/linux.c -@@ -0,0 +1,70 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2014 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define SHIM_LOCK_GUID \ -+ { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } -+ -+struct grub_efi_shim_lock -+{ -+ grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); -+}; -+typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -+ -+grub_efi_boolean_t -+grub_linuxefi_secure_validate (void *data, grub_uint32_t size) -+{ -+ grub_efi_guid_t guid = SHIM_LOCK_GUID; -+ grub_efi_shim_lock_t *shim_lock; -+ -+ shim_lock = grub_efi_locate_protocol(&guid, NULL); -+ -+ if (!shim_lock) -+ return 1; -+ -+ if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -+ return 1; -+ -+ return 0; -+} -+ -+#pragma GCC diagnostic push -+#pragma GCC diagnostic ignored "-Wcast-align" -+ -+typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); -+ -+grub_err_t -+grub_efi_linux_boot (void *kernel_addr, grub_off_t offset, -+ void *kernel_params) -+{ -+ handover_func hf; -+ -+ hf = (handover_func)((char *)kernel_addr + offset); -+ hf (grub_efi_image_handle, grub_efi_system_table, kernel_params); -+ -+ return GRUB_ERR_BUG; -+} -+ -+#pragma GCC diagnostic pop -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -new file mode 100644 -index 00000000000..bb2616a8092 ---- /dev/null -+++ b/grub-core/loader/i386/efi/linux.c -@@ -0,0 +1,335 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2012 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_dl_t my_mod; -+static int loaded; -+static void *kernel_mem; -+static grub_uint64_t kernel_size; -+static grub_uint8_t *initrd_mem; -+static grub_uint32_t handover_offset; -+struct linux_kernel_params *params; -+static char *linux_cmdline; -+ -+#define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) -+ -+static grub_err_t -+grub_linuxefi_boot (void) -+{ -+ int offset = 0; -+ -+#ifdef __x86_64__ -+ offset = 512; -+#endif -+ asm volatile ("cli"); -+ -+ return grub_efi_linux_boot ((char *)kernel_mem, handover_offset + offset, -+ params); -+} -+ -+static grub_err_t -+grub_linuxefi_unload (void) -+{ -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ if (initrd_mem) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -+ BYTES_TO_PAGES(params->ramdisk_size)); -+ if (linux_cmdline) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -+ linux_cmdline, -+ BYTES_TO_PAGES(params->cmdline_size + 1)); -+ if (kernel_mem) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -+ BYTES_TO_PAGES(kernel_size)); -+ if (params) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -+ BYTES_TO_PAGES(16384)); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ grub_file_t *files = 0; -+ int i, nfiles = 0; -+ grub_size_t size = 0; -+ grub_uint8_t *ptr; -+ -+ if (argc == 0) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ if (!loaded) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("you need to load the kernel first")); -+ goto fail; -+ } -+ -+ files = grub_zalloc (argc * sizeof (files[0])); -+ if (!files) -+ goto fail; -+ -+ for (i = 0; i < argc; i++) -+ { -+ files[i] = grub_file_open (argv[i], GRUB_FILE_TYPE_LINUX_INITRD | GRUB_FILE_TYPE_NO_DECOMPRESS); -+ if (! files[i]) -+ goto fail; -+ nfiles++; -+ size += ALIGN_UP (grub_file_size (files[i]), 4); -+ } -+ -+ initrd_mem = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(size)); -+ if (!initrd_mem) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate initrd")); -+ goto fail; -+ } -+ -+ params->ramdisk_size = size; -+ params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; -+ -+ ptr = initrd_mem; -+ -+ for (i = 0; i < nfiles; i++) -+ { -+ grub_ssize_t cursize = grub_file_size (files[i]); -+ if (grub_file_read (files[i], ptr, cursize) != cursize) -+ { -+ if (!grub_errno) -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), -+ argv[i]); -+ goto fail; -+ } -+ ptr += cursize; -+ grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); -+ ptr += ALIGN_UP_OVERHEAD (cursize, 4); -+ } -+ -+ params->ramdisk_size = size; -+ -+ fail: -+ for (i = 0; i < nfiles; i++) -+ grub_file_close (files[i]); -+ grub_free (files); -+ -+ if (initrd_mem && grub_errno) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -+ BYTES_TO_PAGES(size)); -+ -+ return grub_errno; -+} -+ -+static grub_err_t -+grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ grub_file_t file = 0; -+ struct linux_i386_kernel_header lh; -+ grub_ssize_t len, start, filelen; -+ void *kernel = NULL; -+ -+ grub_dl_ref (my_mod); -+ -+ if (argc == 0) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL); -+ if (! file) -+ goto fail; -+ -+ filelen = grub_file_size (file); -+ -+ kernel = grub_malloc(filelen); -+ -+ if (!kernel) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); -+ goto fail; -+ } -+ -+ if (grub_file_read (file, kernel, filelen) != filelen) -+ { -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); -+ goto fail; -+ } -+ -+ if (! grub_linuxefi_secure_validate (kernel, filelen)) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), -+ argv[0]); -+ goto fail; -+ } -+ -+ params = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(16384)); -+ -+ if (! params) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -+ goto fail; -+ } -+ -+ grub_memset (params, 0, 16384); -+ -+ grub_memcpy (&lh, kernel, sizeof (lh)); -+ -+ if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("invalid magic number")); -+ goto fail; -+ } -+ -+ if (lh.setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("too many setup sectors")); -+ goto fail; -+ } -+ -+ if (lh.version < grub_cpu_to_le16 (0x020b)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); -+ goto fail; -+ } -+ -+ if (!lh.handover_offset) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support EFI handover")); -+ goto fail; -+ } -+ -+ grub_dprintf ("linux", "setting up cmdline\n"); -+ linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, -+ BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ -+ if (!linux_cmdline) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); -+ goto fail; -+ } -+ -+ grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); -+ grub_create_loader_cmdline (argc, argv, -+ linux_cmdline + sizeof (LINUX_IMAGE) - 1, -+ lh.cmdline_size - (sizeof (LINUX_IMAGE) - 1), -+ GRUB_VERIFY_KERNEL_CMDLINE); -+ -+ lh.cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; -+ -+ handover_offset = lh.handover_offset; -+ -+ start = (lh.setup_sects + 1) * 512; -+ len = grub_file_size(file) - start; -+ -+ kernel_mem = grub_efi_allocate_pages_max(lh.pref_address, -+ BYTES_TO_PAGES(lh.init_size)); -+ -+ if (!kernel_mem) -+ kernel_mem = grub_efi_allocate_pages_max(0x3fffffff, -+ BYTES_TO_PAGES(lh.init_size)); -+ -+ if (!kernel_mem) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); -+ goto fail; -+ } -+ -+ grub_memcpy (kernel_mem, (char *)kernel + start, len); -+ grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -+ loaded=1; -+ -+ lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; -+ grub_memcpy (params, &lh, 2 * 512); -+ -+ params->type_of_loader = 0x21; -+ -+ fail: -+ -+ if (file) -+ grub_file_close (file); -+ -+ if (kernel) -+ grub_free (kernel); -+ -+ if (grub_errno != GRUB_ERR_NONE) -+ { -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ } -+ -+ if (linux_cmdline && !loaded) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -+ linux_cmdline, -+ BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ -+ if (kernel_mem && !loaded) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -+ BYTES_TO_PAGES(kernel_size)); -+ -+ if (params && !loaded) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -+ BYTES_TO_PAGES(16384)); -+ -+ return grub_errno; -+} -+ -+static grub_command_t cmd_linux, cmd_initrd; -+static grub_command_t cmd_linuxefi, cmd_initrdefi; -+ -+GRUB_MOD_INIT(linux) -+{ -+ cmd_linux = -+ grub_register_command ("linux", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_linuxefi = -+ grub_register_command ("linuxefi", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_initrd = -+ grub_register_command ("initrd", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ cmd_initrdefi = -+ grub_register_command ("initrdefi", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ my_mod = mod; -+} -+ -+GRUB_MOD_FINI(linux) -+{ -+ grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_linuxefi); -+ grub_unregister_command (cmd_initrd); -+ grub_unregister_command (cmd_initrdefi); -+} -diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 2a299520160..8be4c3b3f48 100644 ---- a/grub-core/loader/i386/pc/linux.c -+++ b/grub-core/loader/i386/pc/linux.c -@@ -474,14 +474,20 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - --static grub_command_t cmd_linux, cmd_initrd; -+static grub_command_t cmd_linux, cmd_linux16, cmd_initrd, cmd_initrd16; - - GRUB_MOD_INIT(linux16) - { - cmd_linux = -+ grub_register_command ("linux", grub_cmd_linux, -+ 0, N_("Load Linux.")); -+ cmd_linux16 = - grub_register_command ("linux16", grub_cmd_linux, - 0, N_("Load Linux.")); - cmd_initrd = -+ grub_register_command ("initrd", grub_cmd_initrd, -+ 0, N_("Load initrd.")); -+ cmd_initrd16 = - grub_register_command ("initrd16", grub_cmd_initrd, - 0, N_("Load initrd.")); - my_mod = mod; -@@ -490,5 +496,7 @@ GRUB_MOD_INIT(linux16) - GRUB_MOD_FINI(linux16) - { - grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_linux16); - grub_unregister_command (cmd_initrd); -+ grub_unregister_command (cmd_initrd16); - } -diff --git a/include/grub/arm/linux.h b/include/grub/arm/linux.h -index bcd5a7eb186..b582f67f661 100644 ---- a/include/grub/arm/linux.h -+++ b/include/grub/arm/linux.h -@@ -20,6 +20,7 @@ - #ifndef GRUB_ARM_LINUX_HEADER - #define GRUB_ARM_LINUX_HEADER 1 - -+#include - #include "system.h" - - #define GRUB_LINUX_ARM_MAGIC_SIGNATURE 0x016f2818 -@@ -34,9 +35,17 @@ struct linux_arm_kernel_header { - grub_uint32_t hdr_offset; - }; - -+struct grub_arm_linux_pe_header -+{ -+ grub_uint32_t magic; -+ struct grub_pe32_coff_header coff; -+ struct grub_pe32_optional_header opt; -+}; -+ - #if defined(__arm__) - # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM_MAGIC_SIGNATURE - # define linux_arch_kernel_header linux_arm_kernel_header -+# define grub_armxx_linux_pe_header grub_arm_linux_pe_header - #endif - - #if defined GRUB_MACHINE_UBOOT -diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h -index 7e22b4ab699..ea030312df3 100644 ---- a/include/grub/arm64/linux.h -+++ b/include/grub/arm64/linux.h -@@ -19,6 +19,7 @@ - #ifndef GRUB_ARM64_LINUX_HEADER - #define GRUB_ARM64_LINUX_HEADER 1 - -+#include - #include - - #define GRUB_LINUX_ARM64_MAGIC_SIGNATURE 0x644d5241 /* 'ARM\x64' */ -@@ -38,9 +39,17 @@ struct linux_arm64_kernel_header - grub_uint32_t hdr_offset; /* Offset of PE/COFF header */ - }; - -+struct grub_arm64_linux_pe_header -+{ -+ grub_uint32_t magic; -+ struct grub_pe32_coff_header coff; -+ struct grub_pe64_optional_header opt; -+}; -+ - #if defined(__aarch64__) - # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM64_MAGIC_SIGNATURE - # define linux_arch_kernel_header linux_arm64_kernel_header -+# define grub_armxx_linux_pe_header grub_arm64_linux_pe_header - #endif - - #endif /* ! GRUB_ARM64_LINUX_HEADER */ -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 83d958f9945..6295df85f3f 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -47,6 +47,9 @@ EXPORT_FUNC(grub_efi_allocate_fixed) (grub_efi_physical_address_t address, - grub_efi_uintn_t pages); - void * - EXPORT_FUNC(grub_efi_allocate_any_pages) (grub_efi_uintn_t pages); -+void * -+EXPORT_FUNC(grub_efi_allocate_pages_max) (grub_efi_physical_address_t max, -+ grub_efi_uintn_t pages); - void EXPORT_FUNC(grub_efi_free_pages) (grub_efi_physical_address_t address, - grub_efi_uintn_t pages); - grub_efi_uintn_t EXPORT_FUNC(grub_efi_find_mmap_size) (void); -@@ -88,6 +91,7 @@ EXPORT_FUNC (grub_efi_set_variable) (const char *var, - const grub_efi_guid_t *guid, - void *data, - grub_size_t datasize); -+grub_efi_boolean_t EXPORT_FUNC (grub_efi_secure_boot) (void); - int - EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1, - const grub_efi_device_path_t *dp2); -@@ -101,8 +105,7 @@ void *EXPORT_FUNC(grub_efi_get_firmware_fdt)(void); - grub_err_t EXPORT_FUNC(grub_efi_get_ram_base)(grub_addr_t *); - #include - grub_err_t grub_arch_efi_linux_check_image(struct linux_arch_kernel_header *lh); --grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, grub_size_t size, -- char *args); -+grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, char *args); - #endif - - grub_addr_t grub_efi_modules_addr (void); -diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h -new file mode 100644 -index 00000000000..d9ede36773b ---- /dev/null -+++ b/include/grub/efi/linux.h -@@ -0,0 +1,31 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2014 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+#ifndef GRUB_EFI_LINUX_HEADER -+#define GRUB_EFI_LINUX_HEADER 1 -+ -+#include -+#include -+#include -+ -+grub_efi_boolean_t -+EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); -+grub_err_t -+EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, -+ void *kernel_param); -+ -+#endif /* ! GRUB_EFI_LINUX_HEADER */ diff --git a/0005-Rework-linux-command.patch b/0005-Rework-linux-command.patch deleted file mode 100644 index 9954dd0a61c6f3dcbb997241ac69e293bf3f0138..0000000000000000000000000000000000000000 --- a/0005-Rework-linux-command.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Sun, 9 Aug 2015 16:12:39 -0700 -Subject: [PATCH] Rework linux command - -We want a single buffer that contains the entire kernel image in order to -perform a TPM measurement. Allocate one and copy the entire kernel into it -before pulling out the individual blocks later on. - -Signed-off-by: Matthew Garrett ---- - grub-core/loader/i386/linux.c | 35 +++++++++++++++++++++++------------ - 1 file changed, 23 insertions(+), 12 deletions(-) - -diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index 9f74a96b19a..dccf3bb3005 100644 ---- a/grub-core/loader/i386/linux.c -+++ b/grub-core/loader/i386/linux.c -@@ -649,13 +649,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - grub_file_t file = 0; - struct linux_i386_kernel_header lh; -+ grub_uint8_t *linux_params_ptr; - grub_uint8_t setup_sects; -- grub_size_t real_size, prot_size, prot_file_size; -+ grub_size_t real_size, prot_size, prot_file_size, kernel_offset; - grub_ssize_t len; - int i; - grub_size_t align, min_align; - int relocatable; - grub_uint64_t preferred_address = GRUB_LINUX_BZIMAGE_ADDR; -+ grub_uint8_t *kernel = NULL; - - grub_dl_ref (my_mod); - -@@ -669,7 +671,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (! file) - goto fail; - -- if (grub_file_read (file, &lh, sizeof (lh)) != sizeof (lh)) -+ len = grub_file_size (file); -+ kernel = grub_malloc (len); -+ if (!kernel) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); -+ goto fail; -+ } -+ -+ if (grub_file_read (file, kernel, len) != len) - { - if (!grub_errno) - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -677,6 +687,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_memcpy (&lh, kernel, sizeof (lh)); -+ kernel_offset = sizeof (lh); -+ - if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55)) - { - grub_error (GRUB_ERR_BAD_OS, "invalid magic number"); -@@ -784,13 +797,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - /* We've already read lh so there is no need to read it second time. */ - len -= sizeof(lh); - -- if ((len > 0) && -- (grub_file_read (file, (char *) &linux_params + sizeof (lh), len) != len)) -+ linux_params_ptr = (void *)&linux_params; -+ if (len > 0) - { -- if (!grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -- goto fail; -+ grub_memcpy (linux_params_ptr + sizeof (lh), kernel + kernel_offset, len); -+ kernel_offset += len; - } - - linux_params.code32_start = prot_mode_target + lh.code32_start - GRUB_LINUX_BZIMAGE_ADDR; -@@ -853,7 +864,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - /* The other parameters are filled when booting. */ - -- grub_file_seek (file, real_size + GRUB_DISK_SECTOR_SIZE); -+ kernel_offset = real_size + GRUB_DISK_SECTOR_SIZE; - - grub_dprintf ("linux", "bzImage, setup=0x%x, size=0x%x\n", - (unsigned) real_size, (unsigned) prot_size); -@@ -1007,9 +1018,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - len = prot_file_size; -- if (grub_file_read (file, prot_mode_mem, len) != len && !grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -+ grub_memcpy (prot_mode_mem, kernel + kernel_offset, len); - - if (grub_errno == GRUB_ERR_NONE) - { -@@ -1020,6 +1029,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - fail: - -+ grub_free (kernel); -+ - if (file) - grub_file_close (file); - diff --git a/0006-Rework-linux16-command.patch b/0006-Rework-linux16-command.patch deleted file mode 100644 index 2c2d6f0ba6ccf41ad7df6f9e96fa054d3535baad..0000000000000000000000000000000000000000 --- a/0006-Rework-linux16-command.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Sun, 9 Aug 2015 16:20:58 -0700 -Subject: [PATCH] Rework linux16 command - -We want a single buffer that contains the entire kernel image in order to -perform a TPM measurement. Allocate one and copy the entire kernel int it -before pulling out the individual blocks later on. - -Signed-off-by: Matthew Garrett ---- - grub-core/loader/i386/pc/linux.c | 33 +++++++++++++++++++++------------ - 1 file changed, 21 insertions(+), 12 deletions(-) - -diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 8be4c3b3f48..4b1750e360e 100644 ---- a/grub-core/loader/i386/pc/linux.c -+++ b/grub-core/loader/i386/pc/linux.c -@@ -124,13 +124,14 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_file_t file = 0; - struct linux_i386_kernel_header lh; - grub_uint8_t setup_sects; -- grub_size_t real_size; -+ grub_size_t real_size, kernel_offset = 0; - grub_ssize_t len; - int i; - char *grub_linux_prot_chunk; - int grub_linux_is_bzimage; - grub_addr_t grub_linux_prot_target; - grub_err_t err; -+ grub_uint8_t *kernel = NULL; - - grub_dl_ref (my_mod); - -@@ -144,7 +145,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (! file) - goto fail; - -- if (grub_file_read (file, &lh, sizeof (lh)) != sizeof (lh)) -+ len = grub_file_size (file); -+ kernel = grub_malloc (len); -+ if (!kernel) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); -+ goto fail; -+ } -+ -+ if (grub_file_read (file, kernel, len) != len) - { - if (!grub_errno) - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -152,6 +161,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_memcpy (&lh, kernel, sizeof (lh)); -+ kernel_offset = sizeof (lh); -+ - if (lh.boot_flag != grub_cpu_to_le16_compile_time (0xaa55)) - { - grub_error (GRUB_ERR_BAD_OS, "invalid magic number"); -@@ -320,13 +332,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_memmove (grub_linux_real_chunk, &lh, sizeof (lh)); - - len = real_size + GRUB_DISK_SECTOR_SIZE - sizeof (lh); -- if (grub_file_read (file, grub_linux_real_chunk + sizeof (lh), len) != len) -- { -- if (!grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -- goto fail; -- } -+ grub_memcpy (grub_linux_real_chunk + sizeof (lh), kernel + kernel_offset, -+ len); -+ kernel_offset += len; - - if (lh.header != grub_cpu_to_le32_compile_time (GRUB_LINUX_I386_MAGIC_SIGNATURE) - || grub_le_to_cpu16 (lh.version) < 0x0200) -@@ -364,9 +372,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - len = grub_linux16_prot_size; -- if (grub_file_read (file, grub_linux_prot_chunk, len) != len && !grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -- argv[0]); -+ grub_memcpy (grub_linux_prot_chunk, kernel + kernel_offset, len); -+ kernel_offset += len; - - if (grub_errno == GRUB_ERR_NONE) - { -@@ -376,6 +383,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - fail: - -+ grub_free (kernel); -+ - if (file) - grub_file_close (file); - diff --git a/0007-Add-secureboot-support-on-efi-chainloader.patch b/0007-Add-secureboot-support-on-efi-chainloader.patch deleted file mode 100644 index 6826cce1e3986691913aa31ce63dc5fec2a24e73..0000000000000000000000000000000000000000 --- a/0007-Add-secureboot-support-on-efi-chainloader.patch +++ /dev/null @@ -1,1401 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Raymund Will -Date: Mon, 8 Jul 2019 11:55:18 +0200 -Subject: [PATCH] Add secureboot support on efi chainloader - -Expand the chainloader to be able to verify the image by means of shim -lock protocol. The PE/COFF image is loaded and relocated by the -chainloader instead of calling LoadImage and StartImage UEFI boot -Service as they require positive verification result from keys enrolled -in KEK or DB. The shim will use MOK in addition to firmware enrolled -keys to verify the image. - -The chainloader module could be used to load other UEFI bootloaders, -such as xen.efi, and could be signed by any of MOK, KEK or DB. - -Based on https://build.opensuse.org/package/view_file/openSUSE:Factory/grub2/grub2-secureboot-chainloader.patch - -Signed-off-by: Peter Jones - -Also: - -commit cd7a8984d4fda905877b5bfe466339100156b3bc -Author: Raymund Will -Date: Fri Apr 10 01:45:02 2015 -0400 - -Use device part of chainloader target, if present. - -Otherwise chainloading is restricted to '$root', which might not even -be readable by EFI! - -v1. use grub_file_get_device_name() to get device name - -Signed-off-by: Michael Chang -Signed-off-by: Peter Jones - -Also: - -commit 0872a2310a0eeac4ecfe9e1b49dd2d72ab373039 -Author: Peter Jones -Date: Fri Jun 10 14:06:15 2016 -0400 - -Rework even more of efi chainload so non-sb cases work right. - -This ensures that if shim protocol is not loaded, or is loaded but shim -is disabled, we will fall back to a correct load method for the efi -chain loader. - -Here's what I tested with this version: - -results expected actual ------------------------------------------------------------- -sb + enabled + shim + fedora success success -sb + enabled + shim + win success success -sb + enabled + grub + fedora fail fail -sb + enabled + grub + win fail fail - -sb + mokdisabled + shim + fedora success success -sb + mokdisabled + shim + win success success -sb + mokdisabled + grub + fedora fail fail -sb + mokdisabled + grub + win fail fail - -sb disabled + shim + fedora success success* -sb disabled + shim + win success success* -sb disabled + grub + fedora success success -sb disabled + grub + win success success - -nosb + shim + fedora success success* -nosb + shim + win success success* -nosb + grub + fedora success success -nosb + grub + win success success - -* for some reason shim protocol is being installed in these cases, and I - can't see why, but I think it may be this firmware build returning an - erroneous value. But this effectively falls back to the mokdisabled - behavior, which works correctly, and the presence of the "grub" (i.e. - no shim) tests effectively tests the desired behavior here. - -Resolves: rhbz#1344512 - -Signed-off-by: Peter Jones - -Also: - -commit ff7b1cb7f69487870211aeb69ff4f54470fbcb58 -Author: Laszlo Ersek -Date: Mon Nov 21 15:34:00 2016 +0100 - -efi/chainloader: fix wrong sanity check in relocate_coff() - -In relocate_coff(), the relocation entries are parsed from the original -image (not the section-wise copied image). The original image is -pointed-to by the "orig" pointer. The current check - - (void *)reloc_end < data - -compares the addresses of independent memory allocations. "data" is a typo -here, it should be "orig". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 -Signed-off-by: Laszlo Ersek -Tested-by: Bogdan Costescu -Tested-by: Juan Orti - -Also: - -commit ab4ba9997ad4832449e54d930fa2aac6a160d0e9 -Author: Laszlo Ersek -Date: Wed Nov 23 06:27:09 2016 +0100 - -efi/chainloader: truncate overlong relocation section - -The UEFI Windows 7 boot loader ("EFI/Microsoft/Boot/bootmgfw.efi", SHA1 -31b410e029bba87d2068c65a80b88882f9f8ea25) has inconsistent headers. - -Compare: - -> The Data Directory -> ... -> Entry 5 00000000000d9000 00000574 Base Relocation Directory [.reloc] - -Versus: - -> Sections: -> Idx Name Size VMA LMA File off ... -> ... -> 10 .reloc 00000e22 00000000100d9000 00000000100d9000 000a1800 ... - -That is, the size reported by the RelocDir entry (0x574) is smaller than -the virtual size of the .reloc section (0xe22). - -Quoting the grub2 debug log for the same: - -> chainloader.c:595: reloc_dir: 0xd9000 reloc_size: 0x00000574 -> chainloader.c:603: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 -> ... -> chainloader.c:620: Section 10 ".reloc" at 0x7d208000..0x7d208e21 -> chainloader.c:661: section is not reloc section? -> chainloader.c:663: rds: 0x00001000, vs: 00000e22 -> chainloader.c:664: base: 0x7d208000 end: 0x7d208e21 -> chainloader.c:666: reloc_base: 0x7d208000 reloc_base_end: 0x7d208573 -> chainloader.c:671: Section characteristics are 42000040 -> chainloader.c:673: Section virtual size: 00000e22 -> chainloader.c:675: Section raw_data size: 00001000 -> chainloader.c:678: Discarding section - -After hexdumping "bootmgfw.efi" and manually walking its relocation blocks -(yes, really), I determined that the (smaller) RelocDir value is correct. -The remaining area that extends up to the .reloc section size (== 0xe22 - -0x574 == 0x8ae bytes) exists as zero padding in the file. - -This zero padding shouldn't be passed to relocate_coff() for parsing. In -order to cope with it, split the handling of .reloc sections into the -following branches: - -- original case (equal size): original behavior (--> relocation - attempted), - -- overlong .reloc section (longer than reported by RelocDir): truncate the - section to the RelocDir size for the purposes of relocate_coff(), and - attempt relocation, - -- .reloc section is too short, or other checks fail: original behavior - (--> relocation not attempted). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 -Signed-off-by: Laszlo Ersek - -Also: - -commit cc06f149fbd2d8c1da1e83173d21629ba97e0d92 -Author: Raymund Will - -chainloader: Define machine types for RISC-V - -The commit "Add secureboot support on efi chainloader" didn't add machine -types for RISC-V, so this patch adds them. - -Note, that grub-core/loader/riscv/linux.c is skipped because Linux is not -supported yet. This patch might need a new revision once that's the case. - -Signed-off-by: David Abdurachmanov ---- - grub-core/kern/efi/efi.c | 14 +- - grub-core/loader/arm64/linux.c | 4 +- - grub-core/loader/efi/chainloader.c | 820 +++++++++++++++++++++++++++++++++---- - grub-core/loader/efi/linux.c | 25 +- - grub-core/loader/i386/efi/linux.c | 17 +- - include/grub/efi/linux.h | 2 +- - include/grub/efi/pe32.h | 52 ++- - 7 files changed, 844 insertions(+), 90 deletions(-) - -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 35b8f670602..4a2259aa1c7 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -296,14 +296,20 @@ grub_efi_secure_boot (void) - grub_efi_boolean_t ret = 0; - - secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -- - if (datasize != 1 || !secure_boot) -- goto out; -+ { -+ grub_dprintf ("secureboot", "No SecureBoot variable\n"); -+ goto out; -+ } -+ grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); - - setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -- - if (datasize != 1 || !setup_mode) -- goto out; -+ { -+ grub_dprintf ("secureboot", "No SetupMode variable\n"); -+ goto out; -+ } -+ grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); - - if (*secure_boot && !*setup_mode) - ret = 1; -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index a312c668685..04994d5c67d 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -284,6 +284,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - struct linux_arch_kernel_header lh; - struct grub_armxx_linux_pe_header *pe; - grub_err_t err; -+ int rc; - - grub_dl_ref (my_mod); - -@@ -328,7 +329,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - -- if (!grub_linuxefi_secure_validate (kernel_addr, kernel_size)) -+ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -+ if (rc < 0) - { - grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); - goto fail; -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 2bd80f4db3d..e6a8d4ad0e9 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -32,6 +32,8 @@ - #include - #include - #include -+#include -+#include - #include - #include - #include -@@ -46,9 +48,14 @@ static grub_dl_t my_mod; - - static grub_efi_physical_address_t address; - static grub_efi_uintn_t pages; -+static grub_ssize_t fsize; - static grub_efi_device_path_t *file_path; - static grub_efi_handle_t image_handle; - static grub_efi_char16_t *cmdline; -+static grub_ssize_t cmdline_len; -+static grub_efi_handle_t dev_handle; -+ -+static grub_efi_status_t (*entry_point) (grub_efi_handle_t image_handle, grub_efi_system_table_t *system_table); - - static grub_err_t - grub_chainloader_unload (void) -@@ -63,6 +70,7 @@ grub_chainloader_unload (void) - grub_free (cmdline); - cmdline = 0; - file_path = 0; -+ dev_handle = 0; - - grub_dl_unref (my_mod); - return GRUB_ERR_NONE; -@@ -213,20 +221,694 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) - return file_path; - } - -+#define SHIM_LOCK_GUID \ -+ { 0x605dab50, 0xe046, 0x4300, { 0xab,0xb6,0x3d,0xd8,0x10,0xdd,0x8b,0x23 } } -+ -+typedef union -+{ -+ struct grub_pe32_header_32 pe32; -+ struct grub_pe32_header_64 pe32plus; -+} grub_pe_header_t; -+ -+struct pe_coff_loader_image_context -+{ -+ grub_efi_uint64_t image_address; -+ grub_efi_uint64_t image_size; -+ grub_efi_uint64_t entry_point; -+ grub_efi_uintn_t size_of_headers; -+ grub_efi_uint16_t image_type; -+ grub_efi_uint16_t number_of_sections; -+ grub_efi_uint32_t section_alignment; -+ struct grub_pe32_section_table *first_section; -+ struct grub_pe32_data_directory *reloc_dir; -+ struct grub_pe32_data_directory *sec_dir; -+ grub_efi_uint64_t number_of_rva_and_sizes; -+ grub_pe_header_t *pe_hdr; -+}; -+ -+typedef struct pe_coff_loader_image_context pe_coff_loader_image_context_t; -+ -+struct grub_efi_shim_lock -+{ -+ grub_efi_status_t (*verify)(void *buffer, -+ grub_efi_uint32_t size); -+ grub_efi_status_t (*hash)(void *data, -+ grub_efi_int32_t datasize, -+ pe_coff_loader_image_context_t *context, -+ grub_efi_uint8_t *sha256hash, -+ grub_efi_uint8_t *sha1hash); -+ grub_efi_status_t (*context)(void *data, -+ grub_efi_uint32_t size, -+ pe_coff_loader_image_context_t *context); -+}; -+ -+typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -+ -+static grub_efi_boolean_t -+read_header (void *data, grub_efi_uint32_t size, -+ pe_coff_loader_image_context_t *context) -+{ -+ grub_efi_guid_t guid = SHIM_LOCK_GUID; -+ grub_efi_shim_lock_t *shim_lock; -+ grub_efi_status_t status; -+ -+ shim_lock = grub_efi_locate_protocol (&guid, NULL); -+ if (!shim_lock) -+ { -+ grub_dprintf ("chain", "no shim lock protocol"); -+ return 0; -+ } -+ -+ status = shim_lock->context (data, size, context); -+ -+ if (status == GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf ("chain", "context success\n"); -+ return 1; -+ } -+ -+ switch (status) -+ { -+ case GRUB_EFI_UNSUPPORTED: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error unsupported"); -+ break; -+ case GRUB_EFI_INVALID_PARAMETER: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error invalid parameter"); -+ break; -+ default: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "context error code"); -+ break; -+ } -+ -+ return -1; -+} -+ -+static void* -+image_address (void *image, grub_efi_uint64_t sz, grub_efi_uint64_t adr) -+{ -+ if (adr > sz) -+ return NULL; -+ -+ return ((grub_uint8_t*)image + adr); -+} -+ -+static int -+image_is_64_bit (grub_pe_header_t *pe_hdr) -+{ -+ /* .Magic is the same offset in all cases */ -+ if (pe_hdr->pe32plus.optional_header.magic == GRUB_PE32_PE64_MAGIC) -+ return 1; -+ return 0; -+} -+ -+static const grub_uint16_t machine_type __attribute__((__unused__)) = -+#if defined(__x86_64__) -+ GRUB_PE32_MACHINE_X86_64; -+#elif defined(__aarch64__) -+ GRUB_PE32_MACHINE_ARM64; -+#elif defined(__arm__) -+ GRUB_PE32_MACHINE_ARMTHUMB_MIXED; -+#elif defined(__i386__) || defined(__i486__) || defined(__i686__) -+ GRUB_PE32_MACHINE_I386; -+#elif defined(__ia64__) -+ GRUB_PE32_MACHINE_IA64; -+#elif defined(__riscv) && (__riscv_xlen == 32) -+ GRUB_PE32_MACHINE_RISCV32; -+#elif defined(__riscv) && (__riscv_xlen == 64) -+ GRUB_PE32_MACHINE_RISCV64; -+#else -+#error this architecture is not supported by grub2 -+#endif -+ -+static grub_efi_status_t -+relocate_coff (pe_coff_loader_image_context_t *context, -+ struct grub_pe32_section_table *section, -+ void *orig, void *data) -+{ -+ struct grub_pe32_data_directory *reloc_base, *reloc_base_end; -+ grub_efi_uint64_t adjust; -+ struct grub_pe32_fixup_block *reloc, *reloc_end; -+ char *fixup, *fixup_base, *fixup_data = NULL; -+ grub_efi_uint16_t *fixup_16; -+ grub_efi_uint32_t *fixup_32; -+ grub_efi_uint64_t *fixup_64; -+ grub_efi_uint64_t size = context->image_size; -+ void *image_end = (char *)orig + size; -+ int n = 0; -+ -+ if (image_is_64_bit (context->pe_hdr)) -+ context->pe_hdr->pe32plus.optional_header.image_base = -+ (grub_uint64_t)(unsigned long)data; -+ else -+ context->pe_hdr->pe32.optional_header.image_base = -+ (grub_uint32_t)(unsigned long)data; -+ -+ /* Alright, so here's how this works: -+ * -+ * context->reloc_dir gives us two things: -+ * - the VA the table of base relocation blocks are (maybe) to be -+ * mapped at (reloc_dir->rva) -+ * - the virtual size (reloc_dir->size) -+ * -+ * The .reloc section (section here) gives us some other things: -+ * - the name! kind of. (section->name) -+ * - the virtual size (section->virtual_size), which should be the same -+ * as RelocDir->Size -+ * - the virtual address (section->virtual_address) -+ * - the file section size (section->raw_data_size), which is -+ * a multiple of optional_header->file_alignment. Only useful for image -+ * validation, not really useful for iteration bounds. -+ * - the file address (section->raw_data_offset) -+ * - a bunch of stuff we don't use that's 0 in our binaries usually -+ * - Flags (section->characteristics) -+ * -+ * and then the thing that's actually at the file address is an array -+ * of struct grub_pe32_fixup_block structs with some values packed behind -+ * them. The block_size field of this structure includes the -+ * structure itself, and adding it to that structure's address will -+ * yield the next entry in the array. -+ */ -+ -+ reloc_base = image_address (orig, size, section->raw_data_offset); -+ reloc_base_end = image_address (orig, size, section->raw_data_offset -+ + section->virtual_size); -+ -+ grub_dprintf ("chain", "relocate_coff(): reloc_base %p reloc_base_end %p\n", -+ reloc_base, reloc_base_end); -+ -+ if (!reloc_base && !reloc_base_end) -+ return GRUB_EFI_SUCCESS; -+ -+ if (!reloc_base || !reloc_base_end) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc table overflows binary"); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ adjust = (grub_uint64_t)(grub_efi_uintn_t)data - context->image_address; -+ if (adjust == 0) -+ return GRUB_EFI_SUCCESS; -+ -+ while (reloc_base < reloc_base_end) -+ { -+ grub_uint16_t *entry; -+ reloc = (struct grub_pe32_fixup_block *)((char*)reloc_base); -+ -+ if ((reloc_base->size == 0) || -+ (reloc_base->size > context->reloc_dir->size)) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Reloc %d block size %d is invalid\n", n, -+ reloc_base->size); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ entry = &reloc->entries[0]; -+ reloc_end = (struct grub_pe32_fixup_block *) -+ ((char *)reloc_base + reloc_base->size); -+ -+ if ((void *)reloc_end < orig || (void *)reloc_end > image_end) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc entry %d overflows binary", -+ n); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ fixup_base = image_address(data, size, reloc_base->rva); -+ -+ if (!fixup_base) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc %d Invalid fixupbase", n); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ -+ while ((void *)entry < (void *)reloc_end) -+ { -+ fixup = fixup_base + (*entry & 0xFFF); -+ switch ((*entry) >> 12) -+ { -+ case GRUB_PE32_REL_BASED_ABSOLUTE: -+ break; -+ case GRUB_PE32_REL_BASED_HIGH: -+ fixup_16 = (grub_uint16_t *)fixup; -+ *fixup_16 = (grub_uint16_t) -+ (*fixup_16 + ((grub_uint16_t)((grub_uint32_t)adjust >> 16))); -+ if (fixup_data != NULL) -+ { -+ *(grub_uint16_t *) fixup_data = *fixup_16; -+ fixup_data = fixup_data + sizeof (grub_uint16_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_LOW: -+ fixup_16 = (grub_uint16_t *)fixup; -+ *fixup_16 = (grub_uint16_t) (*fixup_16 + (grub_uint16_t)adjust); -+ if (fixup_data != NULL) -+ { -+ *(grub_uint16_t *) fixup_data = *fixup_16; -+ fixup_data = fixup_data + sizeof (grub_uint16_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_HIGHLOW: -+ fixup_32 = (grub_uint32_t *)fixup; -+ *fixup_32 = *fixup_32 + (grub_uint32_t)adjust; -+ if (fixup_data != NULL) -+ { -+ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint32_t)); -+ *(grub_uint32_t *) fixup_data = *fixup_32; -+ fixup_data += sizeof (grub_uint32_t); -+ } -+ break; -+ case GRUB_PE32_REL_BASED_DIR64: -+ fixup_64 = (grub_uint64_t *)fixup; -+ *fixup_64 = *fixup_64 + (grub_uint64_t)adjust; -+ if (fixup_data != NULL) -+ { -+ fixup_data = (char *)ALIGN_UP ((grub_addr_t)fixup_data, sizeof (grub_uint64_t)); -+ *(grub_uint64_t *) fixup_data = *fixup_64; -+ fixup_data += sizeof (grub_uint64_t); -+ } -+ break; -+ default: -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Reloc %d unknown relocation type %d", -+ n, (*entry) >> 12); -+ return GRUB_EFI_UNSUPPORTED; -+ } -+ entry += 1; -+ } -+ reloc_base = (struct grub_pe32_data_directory *)reloc_end; -+ n++; -+ } -+ -+ return GRUB_EFI_SUCCESS; -+} -+ -+static grub_efi_device_path_t * -+grub_efi_get_media_file_path (grub_efi_device_path_t *dp) -+{ -+ while (1) -+ { -+ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); -+ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); -+ -+ if (type == GRUB_EFI_END_DEVICE_PATH_TYPE) -+ break; -+ else if (type == GRUB_EFI_MEDIA_DEVICE_PATH_TYPE -+ && subtype == GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE) -+ return dp; -+ -+ dp = GRUB_EFI_NEXT_DEVICE_PATH (dp); -+ } -+ -+ return NULL; -+} -+ -+static grub_efi_boolean_t -+handle_image (void *data, grub_efi_uint32_t datasize) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_loaded_image_t *li, li_bak; -+ grub_efi_status_t efi_status; -+ char *buffer = NULL; -+ char *buffer_aligned = NULL; -+ grub_efi_uint32_t i; -+ struct grub_pe32_section_table *section; -+ char *base, *end; -+ pe_coff_loader_image_context_t context; -+ grub_uint32_t section_alignment; -+ grub_uint32_t buffer_size; -+ int found_entry_point = 0; -+ int rc; -+ -+ b = grub_efi_system_table->boot_services; -+ -+ rc = read_header (data, datasize, &context); -+ if (rc < 0) -+ { -+ grub_dprintf ("chain", "Failed to read header\n"); -+ goto error_exit; -+ } -+ else if (rc == 0) -+ { -+ grub_dprintf ("chain", "Secure Boot is not enabled\n"); -+ return 0; -+ } -+ else -+ { -+ grub_dprintf ("chain", "Header read without error\n"); -+ } -+ -+ /* -+ * The spec says, uselessly, of SectionAlignment: -+ * ===== -+ * The alignment (in bytes) of sections when they are loaded into -+ * memory. It must be greater than or equal to FileAlignment. The -+ * default is the page size for the architecture. -+ * ===== -+ * Which doesn't tell you whose responsibility it is to enforce the -+ * "default", or when. It implies that the value in the field must -+ * be > FileAlignment (also poorly defined), but it appears visual -+ * studio will happily write 512 for FileAlignment (its default) and -+ * 0 for SectionAlignment, intending to imply PAGE_SIZE. -+ * -+ * We only support one page size, so if it's zero, nerf it to 4096. -+ */ -+ section_alignment = context.section_alignment; -+ if (section_alignment == 0) -+ section_alignment = 4096; -+ -+ buffer_size = context.image_size + section_alignment; -+ grub_dprintf ("chain", "image size is %08"PRIxGRUB_UINT64_T", datasize is %08x\n", -+ context.image_size, datasize); -+ -+ efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, -+ buffer_size, &buffer); -+ -+ if (efi_status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto error_exit; -+ } -+ -+ buffer_aligned = (char *)ALIGN_UP ((grub_addr_t)buffer, section_alignment); -+ if (!buffer_aligned) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto error_exit; -+ } -+ -+ grub_memcpy (buffer_aligned, data, context.size_of_headers); -+ -+ entry_point = image_address (buffer_aligned, context.image_size, -+ context.entry_point); -+ -+ grub_dprintf ("chain", "entry_point: %p\n", entry_point); -+ if (!entry_point) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid entry point"); -+ goto error_exit; -+ } -+ -+ char *reloc_base, *reloc_base_end; -+ grub_dprintf ("chain", "reloc_dir: %p reloc_size: 0x%08x\n", -+ (void *)(unsigned long)context.reloc_dir->rva, -+ context.reloc_dir->size); -+ reloc_base = image_address (buffer_aligned, context.image_size, -+ context.reloc_dir->rva); -+ /* RelocBaseEnd here is the address of the last byte of the table */ -+ reloc_base_end = image_address (buffer_aligned, context.image_size, -+ context.reloc_dir->rva -+ + context.reloc_dir->size - 1); -+ grub_dprintf ("chain", "reloc_base: %p reloc_base_end: %p\n", -+ reloc_base, reloc_base_end); -+ -+ struct grub_pe32_section_table *reloc_section = NULL, fake_reloc_section; -+ -+ section = context.first_section; -+ for (i = 0; i < context.number_of_sections; i++, section++) -+ { -+ char name[9]; -+ -+ base = image_address (buffer_aligned, context.image_size, -+ section->virtual_address); -+ end = image_address (buffer_aligned, context.image_size, -+ section->virtual_address + section->virtual_size -1); -+ -+ grub_strncpy(name, section->name, 9); -+ name[8] = '\0'; -+ grub_dprintf ("chain", "Section %d \"%s\" at %p..%p\n", i, -+ name, base, end); -+ -+ if (end < base) -+ { -+ grub_dprintf ("chain", " base is %p but end is %p... bad.\n", -+ base, end); -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Image has invalid negative size"); -+ goto error_exit; -+ } -+ -+ if (section->virtual_address <= context.entry_point && -+ (section->virtual_address + section->raw_data_size - 1) -+ > context.entry_point) -+ { -+ found_entry_point++; -+ grub_dprintf ("chain", " section contains entry point\n"); -+ } -+ -+ /* We do want to process .reloc, but it's often marked -+ * discardable, so we don't want to memcpy it. */ -+ if (grub_memcmp (section->name, ".reloc\0\0", 8) == 0) -+ { -+ if (reloc_section) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Image has multiple relocation sections"); -+ goto error_exit; -+ } -+ -+ /* If it has nonzero sizes, and our bounds check -+ * made sense, and the VA and size match RelocDir's -+ * versions, then we believe in this section table. */ -+ if (section->raw_data_size && section->virtual_size && -+ base && end && reloc_base == base) -+ { -+ if (reloc_base_end == end) -+ { -+ grub_dprintf ("chain", " section is relocation section\n"); -+ reloc_section = section; -+ } -+ else if (reloc_base_end && reloc_base_end < end) -+ { -+ /* Bogus virtual size in the reloc section -- RelocDir -+ * reported a smaller Base Relocation Directory. Decrease -+ * the section's virtual size so that it equal RelocDir's -+ * idea, but only for the purposes of relocate_coff(). */ -+ grub_dprintf ("chain", -+ " section is (overlong) relocation section\n"); -+ grub_memcpy (&fake_reloc_section, section, sizeof *section); -+ fake_reloc_section.virtual_size -= (end - reloc_base_end); -+ reloc_section = &fake_reloc_section; -+ } -+ } -+ -+ if (!reloc_section) -+ { -+ grub_dprintf ("chain", " section is not reloc section?\n"); -+ grub_dprintf ("chain", " rds: 0x%08x, vs: %08x\n", -+ section->raw_data_size, section->virtual_size); -+ grub_dprintf ("chain", " base: %p end: %p\n", base, end); -+ grub_dprintf ("chain", " reloc_base: %p reloc_base_end: %p\n", -+ reloc_base, reloc_base_end); -+ } -+ } -+ -+ grub_dprintf ("chain", " Section characteristics are %08x\n", -+ section->characteristics); -+ grub_dprintf ("chain", " Section virtual size: %08x\n", -+ section->virtual_size); -+ grub_dprintf ("chain", " Section raw_data size: %08x\n", -+ section->raw_data_size); -+ if (section->characteristics & GRUB_PE32_SCN_MEM_DISCARDABLE) -+ { -+ grub_dprintf ("chain", " Discarding section\n"); -+ continue; -+ } -+ -+ if (!base || !end) -+ { -+ grub_dprintf ("chain", " section is invalid\n"); -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid section size"); -+ goto error_exit; -+ } -+ -+ if (section->characteristics & GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA) -+ { -+ if (section->raw_data_size != 0) -+ grub_dprintf ("chain", " UNINITIALIZED_DATA section has data?\n"); -+ } -+ else if (section->virtual_address < context.size_of_headers || -+ section->raw_data_offset < context.size_of_headers) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ "Section %d is inside image headers", i); -+ goto error_exit; -+ } -+ -+ if (section->raw_data_size > 0) -+ { -+ grub_dprintf ("chain", " copying 0x%08x bytes to %p\n", -+ section->raw_data_size, base); -+ grub_memcpy (base, -+ (grub_efi_uint8_t*)data + section->raw_data_offset, -+ section->raw_data_size); -+ } -+ -+ if (section->raw_data_size < section->virtual_size) -+ { -+ grub_dprintf ("chain", " padding with 0x%08x bytes at %p\n", -+ section->virtual_size - section->raw_data_size, -+ base + section->raw_data_size); -+ grub_memset (base + section->raw_data_size, 0, -+ section->virtual_size - section->raw_data_size); -+ } -+ -+ grub_dprintf ("chain", " finished section %s\n", name); -+ } -+ -+ /* 5 == EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC */ -+ if (context.number_of_rva_and_sizes <= 5) -+ { -+ grub_dprintf ("chain", "image has no relocation entry\n"); -+ goto error_exit; -+ } -+ -+ if (context.reloc_dir->size && reloc_section) -+ { -+ /* run the relocation fixups */ -+ efi_status = relocate_coff (&context, reloc_section, data, -+ buffer_aligned); -+ -+ if (efi_status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "relocation failed"); -+ goto error_exit; -+ } -+ } -+ -+ if (!found_entry_point) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "entry point is not within sections"); -+ goto error_exit; -+ } -+ if (found_entry_point > 1) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "%d sections contain entry point", -+ found_entry_point); -+ goto error_exit; -+ } -+ -+ li = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!li) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "no loaded image available"); -+ goto error_exit; -+ } -+ -+ grub_memcpy (&li_bak, li, sizeof (grub_efi_loaded_image_t)); -+ li->image_base = buffer_aligned; -+ li->image_size = context.image_size; -+ li->load_options = cmdline; -+ li->load_options_size = cmdline_len; -+ li->file_path = grub_efi_get_media_file_path (file_path); -+ li->device_handle = dev_handle; -+ if (!li->file_path) -+ { -+ grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found"); -+ goto error_exit; -+ } -+ -+ grub_dprintf ("chain", "booting via entry point\n"); -+ efi_status = efi_call_2 (entry_point, grub_efi_image_handle, -+ grub_efi_system_table); -+ -+ grub_dprintf ("chain", "entry_point returned %ld\n", efi_status); -+ grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); -+ efi_status = efi_call_1 (b->free_pool, buffer); -+ -+ return 1; -+ -+error_exit: -+ grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno); -+ if (buffer) -+ efi_call_1 (b->free_pool, buffer); -+ -+ return 0; -+} -+ -+static grub_err_t -+grub_secureboot_chainloader_unload (void) -+{ -+ grub_efi_boot_services_t *b; -+ -+ b = grub_efi_system_table->boot_services; -+ efi_call_2 (b->free_pages, address, pages); -+ grub_free (file_path); -+ grub_free (cmdline); -+ cmdline = 0; -+ file_path = 0; -+ dev_handle = 0; -+ -+ grub_dl_unref (my_mod); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_load_and_start_image(void *boot_image) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_status_t status; -+ grub_efi_loaded_image_t *loaded_image; -+ -+ b = grub_efi_system_table->boot_services; -+ -+ status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -+ boot_image, fsize, &image_handle); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (status == GRUB_EFI_OUT_OF_RESOURCES) -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); -+ else -+ grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -+ return -1; -+ } -+ -+ /* LoadImage does not set a device handler when the image is -+ loaded from memory, so it is necessary to set it explicitly here. -+ This is a mess. */ -+ loaded_image = grub_efi_get_loaded_image (image_handle); -+ if (! loaded_image) -+ { -+ grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); -+ return -1; -+ } -+ loaded_image->device_handle = dev_handle; -+ -+ if (cmdline) -+ { -+ loaded_image->load_options = cmdline; -+ loaded_image->load_options_size = cmdline_len; -+ } -+ -+ return 0; -+} -+ -+static grub_err_t -+grub_secureboot_chainloader_boot (void) -+{ -+ int rc; -+ rc = handle_image ((void *)(unsigned long)address, fsize); -+ if (rc == 0) -+ { -+ grub_load_and_start_image((void *)(unsigned long)address); -+ } -+ -+ grub_loader_unset (); -+ return grub_errno; -+} -+ - static grub_err_t - grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- grub_ssize_t size; - grub_efi_status_t status; - grub_efi_boot_services_t *b; - grub_device_t dev = 0; - grub_efi_device_path_t *dp = 0; -- grub_efi_loaded_image_t *loaded_image; - char *filename; - void *boot_image = 0; -- grub_efi_handle_t dev_handle = 0; -+ int rc; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -238,15 +920,45 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - address = 0; - image_handle = 0; - file_path = 0; -+ dev_handle = 0; - - b = grub_efi_system_table->boot_services; - -+ if (argc > 1) -+ { -+ int i; -+ grub_efi_char16_t *p16; -+ -+ for (i = 1, cmdline_len = 0; i < argc; i++) -+ cmdline_len += grub_strlen (argv[i]) + 1; -+ -+ cmdline_len *= sizeof (grub_efi_char16_t); -+ cmdline = p16 = grub_malloc (cmdline_len); -+ if (! cmdline) -+ goto fail; -+ -+ for (i = 1; i < argc; i++) -+ { -+ char *p8; -+ -+ p8 = argv[i]; -+ while (*p8) -+ *(p16++) = *(p8++); -+ -+ *(p16++) = ' '; -+ } -+ *(--p16) = 0; -+ } -+ - file = grub_file_open (filename, GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE); - if (! file) - goto fail; - -- /* Get the root device's device path. */ -- dev = grub_device_open (0); -+ /* Get the device path from filename. */ -+ char *devname = grub_file_get_device_name (filename); -+ dev = grub_device_open (devname); -+ if (devname) -+ grub_free (devname); - if (! dev) - goto fail; - -@@ -283,17 +995,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (! file_path) - goto fail; - -- grub_printf ("file path: "); -- grub_efi_print_device_path (file_path); -- -- size = grub_file_size (file); -- if (!size) -+ fsize = grub_file_size (file); -+ if (!fsize) - { - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), - filename); - goto fail; - } -- pages = (((grub_efi_uintn_t) size + ((1 << 12) - 1)) >> 12); -+ pages = (((grub_efi_uintn_t) fsize + ((1 << 12) - 1)) >> 12); - - status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_ANY_PAGES, - GRUB_EFI_LOADER_CODE, -@@ -307,7 +1016,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - - boot_image = (void *) ((grub_addr_t) address); -- if (grub_file_read (file, boot_image, size) != size) -+ if (grub_file_read (file, boot_image, fsize) != fsize) - { - if (grub_errno == GRUB_ERR_NONE) - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -317,7 +1026,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - - #if defined (__i386__) || defined (__x86_64__) -- if (size >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) -+ if (fsize >= (grub_ssize_t) sizeof (struct grub_macho_fat_header)) - { - struct grub_macho_fat_header *head = boot_image; - if (head->magic -@@ -326,6 +1035,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_uint32_t i; - struct grub_macho_fat_arch *archs - = (struct grub_macho_fat_arch *) (head + 1); -+ -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ { -+ grub_error (GRUB_ERR_BAD_OS, -+ "MACHO binaries are forbidden with Secure Boot"); -+ goto fail; -+ } -+ - for (i = 0; i < grub_cpu_to_le32 (head->nfat_arch); i++) - { - if (GRUB_MACHO_CPUTYPE_IS_HOST_CURRENT (archs[i].cputype)) -@@ -340,79 +1057,39 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - > ~grub_cpu_to_le32 (archs[i].size) - || grub_cpu_to_le32 (archs[i].offset) - + grub_cpu_to_le32 (archs[i].size) -- > (grub_size_t) size) -+ > (grub_size_t) fsize) - { - grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), - filename); - goto fail; - } - boot_image = (char *) boot_image + grub_cpu_to_le32 (archs[i].offset); -- size = grub_cpu_to_le32 (archs[i].size); -+ fsize = grub_cpu_to_le32 (archs[i].size); - } - } - #endif - -- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -- boot_image, size, -- &image_handle); -- if (status != GRUB_EFI_SUCCESS) -+ rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); -+ grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); -+ if (rc > 0) - { -- if (status == GRUB_EFI_OUT_OF_RESOURCES) -- grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources"); -- else -- grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -- -- goto fail; -+ grub_file_close (file); -+ grub_device_close (dev); -+ grub_loader_set (grub_secureboot_chainloader_boot, -+ grub_secureboot_chainloader_unload, 0); -+ return 0; - } -- -- /* LoadImage does not set a device handler when the image is -- loaded from memory, so it is necessary to set it explicitly here. -- This is a mess. */ -- loaded_image = grub_efi_get_loaded_image (image_handle); -- if (! loaded_image) -+ else if (rc == 0) - { -- grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); -- goto fail; -- } -- loaded_image->device_handle = dev_handle; -- -- if (argc > 1) -- { -- int i, len; -- grub_efi_char16_t *p16; -- -- for (i = 1, len = 0; i < argc; i++) -- len += grub_strlen (argv[i]) + 1; -- -- len *= sizeof (grub_efi_char16_t); -- cmdline = p16 = grub_malloc (len); -- if (! cmdline) -- goto fail; -+ grub_load_and_start_image(boot_image); -+ grub_file_close (file); -+ grub_device_close (dev); -+ grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); - -- for (i = 1; i < argc; i++) -- { -- char *p8; -- -- p8 = argv[i]; -- while (*p8) -- *(p16++) = *(p8++); -- -- *(p16++) = ' '; -- } -- *(--p16) = 0; -- -- loaded_image->load_options = cmdline; -- loaded_image->load_options_size = len; -+ return 0; - } - -- grub_file_close (file); -- grub_device_close (dev); -- -- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); -- return 0; -- -- fail: -- -+fail: - if (dev) - grub_device_close (dev); - -@@ -424,6 +1101,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (address) - efi_call_2 (b->free_pages, address, pages); - -+ if (cmdline) -+ grub_free (cmdline); -+ - grub_dl_unref (my_mod); - - return grub_errno; -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index c24202a5dd1..c8ecce6dfd0 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -33,21 +33,34 @@ struct grub_efi_shim_lock - }; - typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; - --grub_efi_boolean_t -+int - grub_linuxefi_secure_validate (void *data, grub_uint32_t size) - { - grub_efi_guid_t guid = SHIM_LOCK_GUID; - grub_efi_shim_lock_t *shim_lock; -+ grub_efi_status_t status; - - shim_lock = grub_efi_locate_protocol(&guid, NULL); -- -+ grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock); - if (!shim_lock) -- return 1; -+ { -+ grub_dprintf ("secureboot", "shim not available\n"); -+ return 0; -+ } - -- if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) -- return 1; -+ grub_dprintf ("secureboot", "Asking shim to verify kernel signature\n"); -+ status = shim_lock->verify (data, size); -+ grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", (long int)status); -+ if (status == GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf ("secureboot", "Kernel signature verification passed\n"); -+ return 1; -+ } - -- return 0; -+ grub_dprintf ("secureboot", "Kernel signature verification failed (0x%lx)\n", -+ (unsigned long) status); -+ -+ return -1; - } - - #pragma GCC diagnostic push -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index bb2616a8092..6b24cbb9483 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -117,6 +117,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_dprintf ("linux", "initrd_mem = %lx\n", (unsigned long) initrd_mem); -+ - params->ramdisk_size = size; - params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; - -@@ -159,6 +161,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - struct linux_i386_kernel_header lh; - grub_ssize_t len, start, filelen; - void *kernel = NULL; -+ int rc; - - grub_dl_ref (my_mod); - -@@ -184,11 +187,13 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - if (grub_file_read (file, kernel, filelen) != filelen) - { -- grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), argv[0]); -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), -+ argv[0]); - goto fail; - } - -- if (! grub_linuxefi_secure_validate (kernel, filelen)) -+ rc = grub_linuxefi_secure_validate (kernel, filelen); -+ if (rc < 0) - { - grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), - argv[0]); -@@ -203,6 +208,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_dprintf ("linux", "params = %lx\n", (unsigned long) params); -+ - grub_memset (params, 0, 16384); - - grub_memcpy (&lh, kernel, sizeof (lh)); -@@ -241,6 +248,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -+ grub_dprintf ("linux", "linux_cmdline = %lx\n", -+ (unsigned long)linux_cmdline); -+ - grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); - grub_create_loader_cmdline (argc, argv, - linux_cmdline + sizeof (LINUX_IMAGE) - 1, -@@ -275,9 +285,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_memcpy (params, &lh, 2 * 512); - - params->type_of_loader = 0x21; -+ grub_dprintf("linux", "kernel_mem: %p handover_offset: %08x\n", -+ kernel_mem, handover_offset); - - fail: -- - if (file) - grub_file_close (file); - -diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h -index d9ede36773b..0033d9305a9 100644 ---- a/include/grub/efi/linux.h -+++ b/include/grub/efi/linux.h -@@ -22,7 +22,7 @@ - #include - #include - --grub_efi_boolean_t -+int - EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); - grub_err_t - EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, -diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h -index 0ed8781f037..a43adf27464 100644 ---- a/include/grub/efi/pe32.h -+++ b/include/grub/efi/pe32.h -@@ -223,7 +223,11 @@ struct grub_pe64_optional_header - struct grub_pe32_section_table - { - char name[8]; -- grub_uint32_t virtual_size; -+ union -+ { -+ grub_uint32_t physical_address; -+ grub_uint32_t virtual_size; -+ }; - grub_uint32_t virtual_address; - grub_uint32_t raw_data_size; - grub_uint32_t raw_data_offset; -@@ -234,12 +238,18 @@ struct grub_pe32_section_table - grub_uint32_t characteristics; - }; - -+#define GRUB_PE32_SCN_TYPE_NO_PAD 0x00000008 - #define GRUB_PE32_SCN_CNT_CODE 0x00000020 - #define GRUB_PE32_SCN_CNT_INITIALIZED_DATA 0x00000040 --#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 --#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 --#define GRUB_PE32_SCN_MEM_READ 0x40000000 --#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 -+#define GRUB_PE32_SCN_CNT_UNINITIALIZED_DATA 0x00000080 -+#define GRUB_PE32_SCN_LNK_OTHER 0x00000100 -+#define GRUB_PE32_SCN_LNK_INFO 0x00000200 -+#define GRUB_PE32_SCN_LNK_REMOVE 0x00000800 -+#define GRUB_PE32_SCN_LNK_COMDAT 0x00001000 -+#define GRUB_PE32_SCN_GPREL 0x00008000 -+#define GRUB_PE32_SCN_MEM_16BIT 0x00020000 -+#define GRUB_PE32_SCN_MEM_LOCKED 0x00040000 -+#define GRUB_PE32_SCN_MEM_PRELOAD 0x00080000 - - #define GRUB_PE32_SCN_ALIGN_1BYTES 0x00100000 - #define GRUB_PE32_SCN_ALIGN_2BYTES 0x00200000 -@@ -248,10 +258,28 @@ struct grub_pe32_section_table - #define GRUB_PE32_SCN_ALIGN_16BYTES 0x00500000 - #define GRUB_PE32_SCN_ALIGN_32BYTES 0x00600000 - #define GRUB_PE32_SCN_ALIGN_64BYTES 0x00700000 -+#define GRUB_PE32_SCN_ALIGN_128BYTES 0x00800000 -+#define GRUB_PE32_SCN_ALIGN_256BYTES 0x00900000 -+#define GRUB_PE32_SCN_ALIGN_512BYTES 0x00A00000 -+#define GRUB_PE32_SCN_ALIGN_1024BYTES 0x00B00000 -+#define GRUB_PE32_SCN_ALIGN_2048BYTES 0x00C00000 -+#define GRUB_PE32_SCN_ALIGN_4096BYTES 0x00D00000 -+#define GRUB_PE32_SCN_ALIGN_8192BYTES 0x00E00000 - - #define GRUB_PE32_SCN_ALIGN_SHIFT 20 - #define GRUB_PE32_SCN_ALIGN_MASK 7 - -+#define GRUB_PE32_SCN_LNK_NRELOC_OVFL 0x01000000 -+#define GRUB_PE32_SCN_MEM_DISCARDABLE 0x02000000 -+#define GRUB_PE32_SCN_MEM_NOT_CACHED 0x04000000 -+#define GRUB_PE32_SCN_MEM_NOT_PAGED 0x08000000 -+#define GRUB_PE32_SCN_MEM_SHARED 0x10000000 -+#define GRUB_PE32_SCN_MEM_EXECUTE 0x20000000 -+#define GRUB_PE32_SCN_MEM_READ 0x40000000 -+#define GRUB_PE32_SCN_MEM_WRITE 0x80000000 -+ -+ -+ - #define GRUB_PE32_SIGNATURE_SIZE 4 - - struct grub_pe32_header -@@ -274,6 +302,20 @@ struct grub_pe32_header - #endif - }; - -+struct grub_pe32_header_32 -+{ -+ char signature[GRUB_PE32_SIGNATURE_SIZE]; -+ struct grub_pe32_coff_header coff_header; -+ struct grub_pe32_optional_header optional_header; -+}; -+ -+struct grub_pe32_header_64 -+{ -+ char signature[GRUB_PE32_SIGNATURE_SIZE]; -+ struct grub_pe32_coff_header coff_header; -+ struct grub_pe64_optional_header optional_header; -+}; -+ - struct grub_pe32_fixup_block - { - grub_uint32_t page_rva; diff --git a/0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch b/0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch deleted file mode 100644 index 030c71c9599a53ceb786186ee5ebe932649ed837..0000000000000000000000000000000000000000 --- a/0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch +++ /dev/null @@ -1,390 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 6 Oct 2015 16:09:25 -0400 -Subject: [PATCH] Make any of the loaders that link in efi mode honor secure - boot. - -And in this case "honor" means "even if somebody does link this in, they -won't register commands if SB is enabled." - -Signed-off-by: Peter Jones ---- - grub-core/commands/iorw.c | 7 +++++++ - grub-core/commands/memrw.c | 7 +++++++ - grub-core/kern/dl.c | 3 ++- - grub-core/kern/efi/efi.c | 34 ---------------------------------- - grub-core/loader/efi/appleloader.c | 7 +++++++ - grub-core/loader/efi/chainloader.c | 1 + - grub-core/loader/i386/bsd.c | 7 +++++++ - grub-core/loader/i386/linux.c | 7 +++++++ - grub-core/loader/i386/pc/linux.c | 7 +++++++ - grub-core/loader/multiboot.c | 7 +++++++ - grub-core/loader/xnu.c | 7 +++++++ - include/grub/efi/efi.h | 1 - - include/grub/ia64/linux.h | 0 - include/grub/mips/linux.h | 0 - include/grub/powerpc/linux.h | 0 - include/grub/sparc64/linux.h | 0 - 16 files changed, 59 insertions(+), 36 deletions(-) - create mode 100644 include/grub/ia64/linux.h - create mode 100644 include/grub/mips/linux.h - create mode 100644 include/grub/powerpc/linux.h - create mode 100644 include/grub/sparc64/linux.h - -diff --git a/grub-core/commands/iorw.c b/grub-core/commands/iorw.c -index 584baec8f91..7b2999b14b5 100644 ---- a/grub-core/commands/iorw.c -+++ b/grub-core/commands/iorw.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -119,6 +120,9 @@ grub_cmd_write (grub_command_t cmd, int argc, char **argv) - - GRUB_MOD_INIT(memrw) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_read_byte = - grub_register_extcmd ("inb", grub_cmd_read, 0, - N_("PORT"), N_("Read 8-bit value from PORT."), -@@ -147,6 +151,9 @@ GRUB_MOD_INIT(memrw) - - GRUB_MOD_FINI(memrw) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_extcmd (cmd_read_byte); - grub_unregister_extcmd (cmd_read_word); - grub_unregister_extcmd (cmd_read_dword); -diff --git a/grub-core/commands/memrw.c b/grub-core/commands/memrw.c -index d401a6db0ef..39cf3a06dbd 100644 ---- a/grub-core/commands/memrw.c -+++ b/grub-core/commands/memrw.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -121,6 +122,9 @@ grub_cmd_write (grub_command_t cmd, int argc, char **argv) - - GRUB_MOD_INIT(memrw) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_read_byte = - grub_register_extcmd ("read_byte", grub_cmd_read, 0, - N_("ADDR"), N_("Read 8-bit value from ADDR."), -@@ -149,6 +153,9 @@ GRUB_MOD_INIT(memrw) - - GRUB_MOD_FINI(memrw) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_extcmd (cmd_read_byte); - grub_unregister_extcmd (cmd_read_word); - grub_unregister_extcmd (cmd_read_dword); -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index b7149370950..7afb9e6f724 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -32,6 +32,7 @@ - #include - #include - #include -+#include - - /* Platforms where modules are in a readonly area of memory. */ - #if defined(GRUB_MACHINE_QEMU) -@@ -704,7 +705,7 @@ grub_dl_load_file (const char *filename) - grub_dl_t mod = 0; - - #ifdef GRUB_MACHINE_EFI -- if (grub_efi_secure_boot ()) -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { - #if 0 - /* This is an error, but grub2-mkconfig still generates a pile of -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 4a2259aa1c7..8cff7be0289 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -286,40 +286,6 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, - return grub_efi_get_variable_with_attributes (var, guid, datasize_out, data_out, NULL); - } - --grub_efi_boolean_t --grub_efi_secure_boot (void) --{ -- grub_efi_guid_t efi_var_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID; -- grub_size_t datasize; -- char *secure_boot = NULL; -- char *setup_mode = NULL; -- grub_efi_boolean_t ret = 0; -- -- secure_boot = grub_efi_get_variable("SecureBoot", &efi_var_guid, &datasize); -- if (datasize != 1 || !secure_boot) -- { -- grub_dprintf ("secureboot", "No SecureBoot variable\n"); -- goto out; -- } -- grub_dprintf ("secureboot", "SecureBoot: %d\n", *secure_boot); -- -- setup_mode = grub_efi_get_variable("SetupMode", &efi_var_guid, &datasize); -- if (datasize != 1 || !setup_mode) -- { -- grub_dprintf ("secureboot", "No SetupMode variable\n"); -- goto out; -- } -- grub_dprintf ("secureboot", "SetupMode: %d\n", *setup_mode); -- -- if (*secure_boot && !*setup_mode) -- ret = 1; -- -- out: -- grub_free (secure_boot); -- grub_free (setup_mode); -- return ret; --} -- - #pragma GCC diagnostic ignored "-Wcast-align" - - /* Search the mods section from the PE32/PE32+ image. This code uses -diff --git a/grub-core/loader/efi/appleloader.c b/grub-core/loader/efi/appleloader.c -index 74888c463ba..585f2b57385 100644 ---- a/grub-core/loader/efi/appleloader.c -+++ b/grub-core/loader/efi/appleloader.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - #include - #include - -@@ -227,6 +228,9 @@ static grub_command_t cmd; - - GRUB_MOD_INIT(appleloader) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd = grub_register_command ("appleloader", grub_cmd_appleloader, - N_("[OPTS]"), - /* TRANSLATORS: This command is used on EFI to -@@ -238,5 +242,8 @@ GRUB_MOD_INIT(appleloader) - - GRUB_MOD_FINI(appleloader) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_command (cmd); - } -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index e6a8d4ad0e9..07c4937898d 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -34,6 +34,7 @@ - #include - #include - #include -+#include - #include - #include - #include -diff --git a/grub-core/loader/i386/bsd.c b/grub-core/loader/i386/bsd.c -index 5f3290ce17b..54befc26626 100644 ---- a/grub-core/loader/i386/bsd.c -+++ b/grub-core/loader/i386/bsd.c -@@ -40,6 +40,7 @@ - #ifdef GRUB_MACHINE_PCBIOS - #include - #endif -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -2137,6 +2138,9 @@ static grub_command_t cmd_netbsd_module_elf, cmd_openbsd_ramdisk; - - GRUB_MOD_INIT (bsd) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - /* Net and OpenBSD kernels are often compressed. */ - grub_dl_load ("gzio"); - -@@ -2176,6 +2180,9 @@ GRUB_MOD_INIT (bsd) - - GRUB_MOD_FINI (bsd) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_extcmd (cmd_freebsd); - grub_unregister_extcmd (cmd_openbsd); - grub_unregister_extcmd (cmd_netbsd); -diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c -index dccf3bb3005..4aeb0e4b9a6 100644 ---- a/grub-core/loader/i386/linux.c -+++ b/grub-core/loader/i386/linux.c -@@ -37,6 +37,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -1138,6 +1139,9 @@ static grub_command_t cmd_linux, cmd_initrd; - - GRUB_MOD_INIT(linux) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_linux = grub_register_command ("linux", grub_cmd_linux, - 0, N_("Load Linux.")); - cmd_initrd = grub_register_command ("initrd", grub_cmd_initrd, -@@ -1147,6 +1151,9 @@ GRUB_MOD_INIT(linux) - - GRUB_MOD_FINI(linux) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_command (cmd_linux); - grub_unregister_command (cmd_initrd); - } -diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index 4b1750e360e..e3fa1221e81 100644 ---- a/grub-core/loader/i386/pc/linux.c -+++ b/grub-core/loader/i386/pc/linux.c -@@ -36,6 +36,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -487,6 +488,9 @@ static grub_command_t cmd_linux, cmd_linux16, cmd_initrd, cmd_initrd16; - - GRUB_MOD_INIT(linux16) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_linux = - grub_register_command ("linux", grub_cmd_linux, - 0, N_("Load Linux.")); -@@ -504,6 +508,9 @@ GRUB_MOD_INIT(linux16) - - GRUB_MOD_FINI(linux16) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_command (cmd_linux); - grub_unregister_command (cmd_linux16); - grub_unregister_command (cmd_initrd); -diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c -index facb13f3d36..47e481f4576 100644 ---- a/grub-core/loader/multiboot.c -+++ b/grub-core/loader/multiboot.c -@@ -50,6 +50,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -444,6 +445,9 @@ static grub_command_t cmd_multiboot, cmd_module; - - GRUB_MOD_INIT(multiboot) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_multiboot = - #ifdef GRUB_USE_MULTIBOOT2 - grub_register_command ("multiboot2", grub_cmd_multiboot, -@@ -464,6 +468,9 @@ GRUB_MOD_INIT(multiboot) - - GRUB_MOD_FINI(multiboot) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - grub_unregister_command (cmd_multiboot); - grub_unregister_command (cmd_module); - } -diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c -index 1c0cf6a430a..baa54e652ab 100644 ---- a/grub-core/loader/xnu.c -+++ b/grub-core/loader/xnu.c -@@ -35,6 +35,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -1497,6 +1498,9 @@ static grub_extcmd_t cmd_splash; - - GRUB_MOD_INIT(xnu) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - cmd_kernel = grub_register_command ("xnu_kernel", grub_cmd_xnu_kernel, 0, - N_("Load XNU image.")); - cmd_kernel64 = grub_register_command ("xnu_kernel64", grub_cmd_xnu_kernel64, -@@ -1540,6 +1544,9 @@ GRUB_MOD_INIT(xnu) - - GRUB_MOD_FINI(xnu) - { -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -+ return; -+ - #ifndef GRUB_MACHINE_EMU - grub_unregister_command (cmd_resume); - #endif -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 6295df85f3f..585fa6662b6 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -91,7 +91,6 @@ EXPORT_FUNC (grub_efi_set_variable) (const char *var, - const grub_efi_guid_t *guid, - void *data, - grub_size_t datasize); --grub_efi_boolean_t EXPORT_FUNC (grub_efi_secure_boot) (void); - int - EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1, - const grub_efi_device_path_t *dp2); -diff --git a/include/grub/ia64/linux.h b/include/grub/ia64/linux.h -new file mode 100644 -index 00000000000..e69de29bb2d -diff --git a/include/grub/mips/linux.h b/include/grub/mips/linux.h -new file mode 100644 -index 00000000000..e69de29bb2d -diff --git a/include/grub/powerpc/linux.h b/include/grub/powerpc/linux.h -new file mode 100644 -index 00000000000..e69de29bb2d -diff --git a/include/grub/sparc64/linux.h b/include/grub/sparc64/linux.h -new file mode 100644 -index 00000000000..e69de29bb2d diff --git a/0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch b/0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch deleted file mode 100644 index f3aae38990761f1ebbfbf16e0d2c98b73cdf185f..0000000000000000000000000000000000000000 --- a/0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch +++ /dev/null @@ -1,264 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 8 Jul 2019 12:32:37 +0200 -Subject: [PATCH] Handle multi-arch (64-on-32) boot in linuxefi loader. - -Allow booting 64-bit kernels on 32-bit EFI on x86. - -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/linux.c | 9 +++- - grub-core/loader/i386/efi/linux.c | 110 ++++++++++++++++++++++++++------------ - include/grub/i386/linux.h | 7 ++- - 3 files changed, 89 insertions(+), 37 deletions(-) - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index c8ecce6dfd0..0622dfa48d4 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -69,12 +69,17 @@ grub_linuxefi_secure_validate (void *data, grub_uint32_t size) - typedef void (*handover_func) (void *, grub_efi_system_table_t *, void *); - - grub_err_t --grub_efi_linux_boot (void *kernel_addr, grub_off_t offset, -+grub_efi_linux_boot (void *kernel_addr, grub_off_t handover_offset, - void *kernel_params) - { - handover_func hf; -+ int offset = 0; - -- hf = (handover_func)((char *)kernel_addr + offset); -+#ifdef __x86_64__ -+ offset = 512; -+#endif -+ -+ hf = (handover_func)((char *)kernel_addr + handover_offset + offset); - hf (grub_efi_image_handle, grub_efi_system_table, kernel_params); - - return GRUB_ERR_BUG; -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 6b24cbb9483..3017d0f3e52 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -44,14 +44,10 @@ static char *linux_cmdline; - static grub_err_t - grub_linuxefi_boot (void) - { -- int offset = 0; -- --#ifdef __x86_64__ -- offset = 512; --#endif - asm volatile ("cli"); - -- return grub_efi_linux_boot ((char *)kernel_mem, handover_offset + offset, -+ return grub_efi_linux_boot ((char *)kernel_mem, -+ handover_offset, - params); - } - -@@ -153,14 +149,20 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - -+#define MIN(a, b) \ -+ ({ typeof (a) _a = (a); \ -+ typeof (b) _b = (b); \ -+ _a < _b ? _a : _b; }) -+ - static grub_err_t - grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- struct linux_i386_kernel_header lh; -- grub_ssize_t len, start, filelen; -+ struct linux_i386_kernel_header *lh = NULL; -+ grub_ssize_t start, filelen; - void *kernel = NULL; -+ int setup_header_end_offset; - int rc; - - grub_dl_ref (my_mod); -@@ -200,48 +202,79 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- params = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(16384)); -- -+ params = grub_efi_allocate_pages_max (0x3fffffff, -+ BYTES_TO_PAGES(sizeof(*params))); - if (! params) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); - goto fail; - } - -- grub_dprintf ("linux", "params = %lx\n", (unsigned long) params); -+ grub_dprintf ("linux", "params = %p\n", params); - -- grub_memset (params, 0, 16384); -+ grub_memset (params, 0, sizeof(*params)); - -- grub_memcpy (&lh, kernel, sizeof (lh)); -- -- if (lh.boot_flag != grub_cpu_to_le16 (0xaa55)) -+ setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); -+ grub_dprintf ("linux", "copying %lu bytes from %p to %p\n", -+ MIN((grub_size_t)0x202+setup_header_end_offset, -+ sizeof (*params)) - 0x1f1, -+ (grub_uint8_t *)kernel + 0x1f1, -+ (grub_uint8_t *)params + 0x1f1); -+ grub_memcpy ((grub_uint8_t *)params + 0x1f1, -+ (grub_uint8_t *)kernel + 0x1f1, -+ MIN((grub_size_t)0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -+ lh = (struct linux_i386_kernel_header *)params; -+ grub_dprintf ("linux", "lh is at %p\n", lh); -+ grub_dprintf ("linux", "checking lh->boot_flag\n"); -+ if (lh->boot_flag != grub_cpu_to_le16 (0xaa55)) - { - grub_error (GRUB_ERR_BAD_OS, N_("invalid magic number")); - goto fail; - } - -- if (lh.setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) -+ grub_dprintf ("linux", "checking lh->setup_sects\n"); -+ if (lh->setup_sects > GRUB_LINUX_MAX_SETUP_SECTS) - { - grub_error (GRUB_ERR_BAD_OS, N_("too many setup sectors")); - goto fail; - } - -- if (lh.version < grub_cpu_to_le16 (0x020b)) -+ grub_dprintf ("linux", "checking lh->version\n"); -+ if (lh->version < grub_cpu_to_le16 (0x020b)) - { - grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); - goto fail; - } - -- if (!lh.handover_offset) -+ grub_dprintf ("linux", "checking lh->handover_offset\n"); -+ if (!lh->handover_offset) - { - grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support EFI handover")); - goto fail; - } - -+#if defined(__x86_64__) || defined(__aarch64__) -+ grub_dprintf ("linux", "checking lh->xloadflags\n"); -+ if (!(lh->xloadflags & LINUX_XLF_KERNEL_64)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, N_("kernel doesn't support 64-bit CPUs")); -+ goto fail; -+ } -+#endif -+ -+#if defined(__i386__) -+ if ((lh->xloadflags & LINUX_XLF_KERNEL_64) && -+ !(lh->xloadflags & LINUX_XLF_EFI_HANDOVER_32)) -+ { -+ grub_error (GRUB_ERR_BAD_OS, -+ N_("kernel doesn't support 32-bit handover")); -+ goto fail; -+ } -+#endif -+ - grub_dprintf ("linux", "setting up cmdline\n"); - linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, -- BYTES_TO_PAGES(lh.cmdline_size + 1)); -- -+ BYTES_TO_PAGES(lh->cmdline_size + 1)); - if (!linux_cmdline) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); -@@ -254,22 +287,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); - grub_create_loader_cmdline (argc, argv, - linux_cmdline + sizeof (LINUX_IMAGE) - 1, -- lh.cmdline_size - (sizeof (LINUX_IMAGE) - 1), -+ lh->cmdline_size - (sizeof (LINUX_IMAGE) - 1), - GRUB_VERIFY_KERNEL_CMDLINE); - -- lh.cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; -+ grub_dprintf ("linux", "cmdline:%s\n", linux_cmdline); -+ grub_dprintf ("linux", "setting lh->cmd_line_ptr\n"); -+ lh->cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; - -- handover_offset = lh.handover_offset; -+ grub_dprintf ("linux", "computing handover offset\n"); -+ handover_offset = lh->handover_offset; - -- start = (lh.setup_sects + 1) * 512; -- len = grub_file_size(file) - start; -+ start = (lh->setup_sects + 1) * 512; - -- kernel_mem = grub_efi_allocate_pages_max(lh.pref_address, -- BYTES_TO_PAGES(lh.init_size)); -+ kernel_mem = grub_efi_allocate_pages_max(lh->pref_address, -+ BYTES_TO_PAGES(lh->init_size)); - - if (!kernel_mem) - kernel_mem = grub_efi_allocate_pages_max(0x3fffffff, -- BYTES_TO_PAGES(lh.init_size)); -+ BYTES_TO_PAGES(lh->init_size)); - - if (!kernel_mem) - { -@@ -277,14 +312,21 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- grub_memcpy (kernel_mem, (char *)kernel + start, len); -+ grub_dprintf ("linux", "kernel_mem = %lx\n", (unsigned long) kernel_mem); -+ - grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); - loaded=1; -+ grub_dprintf ("linux", "setting lh->code32_start to %p\n", kernel_mem); -+ lh->code32_start = (grub_uint32_t)(grub_addr_t) kernel_mem; - -- lh.code32_start = (grub_uint32_t)(grub_uint64_t) kernel_mem; -- grub_memcpy (params, &lh, 2 * 512); -+ grub_memcpy (kernel_mem, (char *)kernel + start, filelen - start); - -- params->type_of_loader = 0x21; -+ grub_dprintf ("linux", "setting lh->type_of_loader\n"); -+ lh->type_of_loader = 0x6; -+ -+ grub_dprintf ("linux", "setting lh->ext_loader_{type,ver}\n"); -+ params->ext_loader_type = 0; -+ params->ext_loader_ver = 2; - grub_dprintf("linux", "kernel_mem: %p handover_offset: %08x\n", - kernel_mem, handover_offset); - -@@ -301,10 +343,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - loaded = 0; - } - -- if (linux_cmdline && !loaded) -+ if (linux_cmdline && lh && !loaded) - grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) - linux_cmdline, -- BYTES_TO_PAGES(lh.cmdline_size + 1)); -+ BYTES_TO_PAGES(lh->cmdline_size + 1)); - - if (kernel_mem && !loaded) - grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -diff --git a/include/grub/i386/linux.h b/include/grub/i386/linux.h -index eddf9251d9a..25ef52c04eb 100644 ---- a/include/grub/i386/linux.h -+++ b/include/grub/i386/linux.h -@@ -138,7 +138,12 @@ struct linux_i386_kernel_header - grub_uint32_t kernel_alignment; - grub_uint8_t relocatable; - grub_uint8_t min_alignment; -- grub_uint8_t pad[2]; -+#define LINUX_XLF_KERNEL_64 (1<<0) -+#define LINUX_XLF_CAN_BE_LOADED_ABOVE_4G (1<<1) -+#define LINUX_XLF_EFI_HANDOVER_32 (1<<2) -+#define LINUX_XLF_EFI_HANDOVER_64 (1<<3) -+#define LINUX_XLF_EFI_KEXEC (1<<4) -+ grub_uint16_t xloadflags; - grub_uint32_t cmdline_size; - grub_uint32_t hardware_subarch; - grub_uint64_t hardware_subarch_data; diff --git a/0010-re-write-.gitignore.patch b/0010-re-write-.gitignore.patch deleted file mode 100644 index 74cb0dae950ba4bd29c6e61f4f72de2dc25fb1f9..0000000000000000000000000000000000000000 --- a/0010-re-write-.gitignore.patch +++ /dev/null @@ -1,248 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 8 Jul 2019 12:55:29 +0200 -Subject: [PATCH] re-write .gitignore - ---- - .gitignore | 152 ++++++++++++++++++++++++++++++++++++++ - docs/.gitignore | 5 ++ - grub-core/.gitignore | 16 ++++ - grub-core/lib/.gitignore | 1 + - include/grub/gcrypt/.gitignore | 2 + - po/.gitignore | 5 ++ - util/bash-completion.d/.gitignore | 2 + - 7 files changed, 183 insertions(+) - create mode 100644 docs/.gitignore - create mode 100644 grub-core/.gitignore - create mode 100644 grub-core/lib/.gitignore - create mode 100644 include/grub/gcrypt/.gitignore - create mode 100644 po/.gitignore - create mode 100644 util/bash-completion.d/.gitignore - -diff --git a/.gitignore b/.gitignore -index f6a1bd05175..594d0134d33 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -275,3 +275,155 @@ widthspec.bin - /xfs_test - /xzcompress_test - /zfs_test -+======= -+# things ./autogen.sh will create -+/Makefile.utilgcry.def -+/ABOUT-NLS -+/aclocal.m4 -+/autom4te.cache -+/build-aux -+/configure -+/gnulib -+/grub-core/lib/gnulib/ -+/Makefile -+ -+# things very common editors create that we never want -+*~ -+.*.sw? -+*.patch -+ -+# stuff you're likely to make while building test trees -+grub.cfg -+/build*/ -+ -+# built objects across the whole tree -+Makefile.in -+*.a -+*.am -+*.efi -+*.exec -+*.image -+*.img -+*.info -+*.lst -+*.marker -+/m4 -+*.mod -+*.module -+*.o -+*.pf2 -+*.yy.[ch] -+.deps/ -+.deps-core/ -+.deps-util/ -+.dirstamp -+ -+# next are things you get if you do ./configure in the topdir (for e.g. -+# "make dist" invocation. -+/config-util.h -+/config.h -+/include/grub/cpu -+/include/grub/machine -+/INSTALL -+/INSTALL.grub -+/po/Makefile.in.in -+/po/Makevars -+/po/Makevars.template -+/po/POTFILES -+/po/Rules-quot -+/stamp-h -+/stamp-h1 -+bootstrap.log -+config.log -+config.status -+ -+# stuff "make dist" creates -+ChangeLog -+grub-*.tar -+grub-*.tar.* -+ -+# stuff "make" creates -+/[[:digit:]][[:digit:]]_?* -+/ascii.h -+/build-grub-gen-asciih -+/build-grub-gen-widthspec -+/build-grub-mkfont -+/config-util.h.in -+/garbage-gen -+/grub*-bios-setup -+/grub*-bios-setup.8 -+/grub*-editenv -+/grub*-editenv.1 -+/grub*-file -+/grub*-file.1 -+/grub*-fs-tester -+/grub*-fstest -+/grub*-fstest.1 -+/grub*-get-kernel-settings -+/grub*-get-kernel-settings.3 -+/grub*-glue-efi -+/grub*-glue-efi.1 -+/grub*-install -+/grub*-install.8 -+/grub*-kbdcomp -+/grub*-kbdcomp.1 -+/grub*-macbless -+/grub*-macbless.8 -+/grub*-menulst2cfg -+/grub*-menulst2cfg.1 -+/grub*-mount -+/grub*-mount.1 -+/grub*-mkconfig -+/grub*-mkconfig.8 -+/grub*-mkconfig_lib -+/grub*-mkfont -+/grub*-mkfont.1 -+/grub*-mkimage -+/grub*-mkimage.1 -+/grub*-mklayout -+/grub*-mklayout.1 -+/grub*-mknetdir -+/grub*-mknetdir.1 -+/grub*-mkpasswd-pbkdf2 -+/grub*-mkpasswd-pbkdf2.1 -+/grub*-mkrelpath -+/grub*-mkrelpath.1 -+/grub*-mkrescue -+/grub*-mkrescue.1 -+/grub*-mkstandalone -+/grub*-mkstandalone.1 -+/grub*-ofpathname -+/grub*-ofpathname.8 -+/grub*-probe -+/grub*-probe.8 -+/grub*-reboot -+/grub*-reboot.8 -+/grub*-render-label -+/grub*-render-label.1 -+/grub*-rpm-sort -+/grub*-rpm-sort.8 -+/grub*-script-check -+/grub*-script-check.1 -+/grub*-set-bootflag -+/grub*-set-bootflag.1 -+/grub*-set-default -+/grub*-set-default.8 -+/grub*-set-password -+/grub*-set-password.8 -+/grub*-shell -+/grub*-shell-tester -+/grub*-sparc64-setup -+/grub*-sparc64-setup.8 -+/grub*-syslinux2cfg -+/grub*-syslinux2cfg.1 -+/grub*-switch-to-blscfg -+/grub*-switch-to-blscfg.8 -+/grub_fstest.pp -+/grub_fstest_init.c -+/grub_fstest_init.lst -+/grub_script.tab.[ch] -+/libgrub.pp -+/libgrub_a_init.c -+/libgrub_a_init.lst -+/stamp-h.in -+/widthspec.h -diff --git a/docs/.gitignore b/docs/.gitignore -new file mode 100644 -index 00000000000..e1d849ef95b ---- /dev/null -+++ b/docs/.gitignore -@@ -0,0 +1,5 @@ -+/*.in -+/Makefile -+/stamp-1 -+/stamp-vti -+/version*.texi -diff --git a/grub-core/.gitignore b/grub-core/.gitignore -new file mode 100644 -index 00000000000..2acce281159 ---- /dev/null -+++ b/grub-core/.gitignore -@@ -0,0 +1,16 @@ -+/*.lst -+/Makefile -+/Makefile.gcry.def -+/unidata.c -+/build-grub-module-verifier -+/gdb_grub -+/genmod.sh -+/gensyminfo.sh -+/gentrigtables -+/gmodule.pl -+/grub_script.tab.[ch] -+/modinfo.sh -+/rs_decoder.h -+/symlist.c -+/symlist.h -+/trigtables.c -diff --git a/grub-core/lib/.gitignore b/grub-core/lib/.gitignore -new file mode 100644 -index 00000000000..68154591404 ---- /dev/null -+++ b/grub-core/lib/.gitignore -@@ -0,0 +1 @@ -+/libgcrypt-grub/ -diff --git a/include/grub/gcrypt/.gitignore b/include/grub/gcrypt/.gitignore -new file mode 100644 -index 00000000000..8fbf5646246 ---- /dev/null -+++ b/include/grub/gcrypt/.gitignore -@@ -0,0 +1,2 @@ -+g10lib.h -+gcrypt.h -diff --git a/po/.gitignore b/po/.gitignore -new file mode 100644 -index 00000000000..f507e7741e3 ---- /dev/null -+++ b/po/.gitignore -@@ -0,0 +1,5 @@ -+/Makefile -+/POTFILES*.in -+/grub.pot -+/remove-potcdate.sed -+/stamp-po -diff --git a/util/bash-completion.d/.gitignore b/util/bash-completion.d/.gitignore -new file mode 100644 -index 00000000000..6813a527ad3 ---- /dev/null -+++ b/util/bash-completion.d/.gitignore -@@ -0,0 +1,2 @@ -+Makefile -+grub diff --git a/0011-IBM-client-architecture-CAS-reboot-support.patch b/0011-IBM-client-architecture-CAS-reboot-support.patch deleted file mode 100644 index 431a443b46db46845bbe2aff100f6f5e7cccfc10..0000000000000000000000000000000000000000 --- a/0011-IBM-client-architecture-CAS-reboot-support.patch +++ /dev/null @@ -1,176 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Paulo Flabiano Smorigo -Date: Thu, 20 Sep 2012 18:07:39 -0300 -Subject: [PATCH] IBM client architecture (CAS) reboot support - -This is an implementation of IBM client architecture (CAS) reboot for GRUB. - -There are cases where the POWER firmware must reboot in order to support -specific features requested by a kernel. The kernel calls -ibm,client-architecture-support and it may either return or reboot with -the new feature set. eg: - -Calling ibm,client-architecture-support.../ -Elapsed time since release of system processors: 70959 mins 50 secs -Welcome to GRUB! - -Instead of return to the GRUB menu, it will check if the flag for CAS -reboot is set. If so, grub will automatically boot the last booted -kernel using the same parameters - -Signed-off-by: Paulo Flabiano Smorigo -[rharwood@redhat.com: commit message rewrap] -Signed-off-by: Robbie Harwood ---- - grub-core/kern/ieee1275/openfw.c | 63 ++++++++++++++++++++++++++++++++++++++++ - grub-core/normal/main.c | 19 ++++++++++++ - grub-core/script/execute.c | 7 +++++ - include/grub/ieee1275/ieee1275.h | 2 ++ - 4 files changed, 91 insertions(+) - -diff --git a/grub-core/kern/ieee1275/openfw.c b/grub-core/kern/ieee1275/openfw.c -index 4d493ab7661..3a6689abb11 100644 ---- a/grub-core/kern/ieee1275/openfw.c -+++ b/grub-core/kern/ieee1275/openfw.c -@@ -591,3 +591,66 @@ grub_ieee1275_get_boot_dev (void) - - return bootpath; - } -+ -+/* Check if it's a CAS reboot. If so, set the script to be executed. */ -+int -+grub_ieee1275_cas_reboot (char *script) -+{ -+ grub_uint32_t ibm_ca_support_reboot; -+ grub_uint32_t ibm_fw_nbr_reboots; -+ char property_value[10]; -+ grub_ssize_t actual; -+ grub_ieee1275_ihandle_t options; -+ -+ if (grub_ieee1275_finddevice ("/options", &options) < 0) -+ return -1; -+ -+ /* Check two properties, one is enough to get cas reboot value */ -+ ibm_ca_support_reboot = 0; -+ if (grub_ieee1275_get_integer_property (grub_ieee1275_chosen, -+ "ibm,client-architecture-support-reboot", -+ &ibm_ca_support_reboot, -+ sizeof (ibm_ca_support_reboot), -+ &actual) >= 0) -+ grub_dprintf("ieee1275", "ibm,client-architecture-support-reboot: %u\n", -+ ibm_ca_support_reboot); -+ -+ ibm_fw_nbr_reboots = 0; -+ if (grub_ieee1275_get_property (options, "ibm,fw-nbr-reboots", -+ property_value, sizeof (property_value), -+ &actual) >= 0) -+ { -+ property_value[sizeof (property_value) - 1] = 0; -+ ibm_fw_nbr_reboots = (grub_uint8_t) grub_strtoul (property_value, 0, 10); -+ grub_dprintf("ieee1275", "ibm,fw-nbr-reboots: %u\n", ibm_fw_nbr_reboots); -+ } -+ -+ if (ibm_ca_support_reboot || ibm_fw_nbr_reboots) -+ { -+ if (! grub_ieee1275_get_property_length (options, "boot-last-label", &actual)) -+ { -+ if (actual > 1024) -+ script = grub_realloc (script, actual + 1); -+ grub_ieee1275_get_property (options, "boot-last-label", script, actual, -+ &actual); -+ return 0; -+ } -+ } -+ -+ grub_ieee1275_set_boot_last_label (""); -+ -+ return -1; -+} -+ -+int grub_ieee1275_set_boot_last_label (const char *text) -+{ -+ grub_ieee1275_ihandle_t options; -+ grub_ssize_t actual; -+ -+ grub_dprintf("ieee1275", "set boot_last_label (size: %u)\n", grub_strlen(text)); -+ if (! grub_ieee1275_finddevice ("/options", &options) && -+ options != (grub_ieee1275_ihandle_t) -1) -+ grub_ieee1275_set_property (options, "boot-last-label", text, -+ grub_strlen (text), &actual); -+ return 0; -+} -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index c4ebe9e22ad..70614de1565 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -34,6 +34,9 @@ - #include - #include - #include -+#ifdef GRUB_MACHINE_IEEE1275 -+#include -+#endif - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -276,6 +279,22 @@ grub_normal_execute (const char *config, int nested, int batch) - { - menu = read_config_file (config); - -+#ifdef GRUB_MACHINE_IEEE1275 -+ int boot; -+ boot = 0; -+ char *script; -+ script = grub_malloc (1024); -+ if (! grub_ieee1275_cas_reboot (script)) -+ { -+ char *dummy[1] = { NULL }; -+ if (! grub_script_execute_sourcecode (script)) -+ boot = 1; -+ } -+ grub_free (script); -+ if (boot) -+ grub_command_execute ("boot", 0, 0); -+#endif -+ - /* Ignore any error. */ - grub_errno = GRUB_ERR_NONE; - } -diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c -index 25158407dd8..ad80399246a 100644 ---- a/grub-core/script/execute.c -+++ b/grub-core/script/execute.c -@@ -28,6 +28,9 @@ - #include - #include - #include -+#ifdef GRUB_MACHINE_IEEE1275 -+#include -+#endif - - /* Max digits for a char is 3 (0xFF is 255), similarly for an int it - is sizeof (int) * 3, and one extra for a possible -ve sign. */ -@@ -883,6 +886,10 @@ grub_script_execute_sourcecode (const char *source) - grub_err_t ret = 0; - struct grub_script *parsed_script; - -+#ifdef GRUB_MACHINE_IEEE1275 -+ grub_ieee1275_set_boot_last_label (source); -+#endif -+ - while (source) - { - char *line; -diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h -index 73e2f464475..0a599607f31 100644 ---- a/include/grub/ieee1275/ieee1275.h -+++ b/include/grub/ieee1275/ieee1275.h -@@ -254,6 +254,8 @@ int EXPORT_FUNC(grub_ieee1275_devalias_next) (struct grub_ieee1275_devalias *ali - void EXPORT_FUNC(grub_ieee1275_children_peer) (struct grub_ieee1275_devalias *alias); - void EXPORT_FUNC(grub_ieee1275_children_first) (const char *devpath, - struct grub_ieee1275_devalias *alias); -+int EXPORT_FUNC(grub_ieee1275_cas_reboot) (char *script); -+int EXPORT_FUNC(grub_ieee1275_set_boot_last_label) (const char *text); - - char *EXPORT_FUNC(grub_ieee1275_get_boot_dev) (void); - diff --git a/0012-for-ppc-reset-console-display-attr-when-clear-screen.patch b/0012-for-ppc-reset-console-display-attr-when-clear-screen.patch deleted file mode 100644 index c8ccc7e22eb7d6d76fb845064d34c9161d62c081..0000000000000000000000000000000000000000 --- a/0012-for-ppc-reset-console-display-attr-when-clear-screen.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Paulo Flabiano Smorigo -Date: Wed, 24 Apr 2013 10:51:48 -0300 -Subject: [PATCH] for ppc, reset console display attr when clear screen - -v2: Also use \x0c instead of a literal ^L to make future patches less -awkward. - -This should fix this bugzilla: -https://bugzilla.redhat.com/show_bug.cgi?id=908519 - -Signed-off-by: Peter Jones -Signed-off-by: Paulo Flabiano Smorigo -Signed-off-by: Robbie Harwood ---- - grub-core/term/terminfo.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c -index 85ecf06b4df..05c88dcf49e 100644 ---- a/grub-core/term/terminfo.c -+++ b/grub-core/term/terminfo.c -@@ -151,7 +151,7 @@ grub_terminfo_set_current (struct grub_term_output *term, - /* Clear the screen. Using serial console, screen(1) only recognizes the - * ANSI escape sequence. Using video console, Apple Open Firmware - * (version 3.1.1) only recognizes the literal ^L. So use both. */ -- data->cls = grub_strdup (" \e[2J"); -+ data->cls = grub_strdup ("\x0c\e[2J\e[m"); - data->reverse_video_on = grub_strdup ("\e[7m"); - data->reverse_video_off = grub_strdup ("\e[m"); - if (grub_strcmp ("ieee1275", str) == 0) diff --git a/0013-Disable-GRUB-video-support-for-IBM-power-machines.patch b/0013-Disable-GRUB-video-support-for-IBM-power-machines.patch deleted file mode 100644 index e8aa3678c386011b42e82c429c2a16af07930c4a..0000000000000000000000000000000000000000 --- a/0013-Disable-GRUB-video-support-for-IBM-power-machines.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Paulo Flabiano Smorigo -Date: Tue, 11 Jun 2013 15:14:05 -0300 -Subject: [PATCH] Disable GRUB video support for IBM power machines - -Should fix the problem in bugzilla: -https://bugzilla.redhat.com/show_bug.cgi?id=973205 - -Signed-off-by: Paulo Flabiano Smorigo -Signed-off-by: Robbie Harwood ---- - grub-core/kern/ieee1275/cmain.c | 5 ++++- - grub-core/video/ieee1275.c | 9 ++++++--- - include/grub/ieee1275/ieee1275.h | 2 ++ - 3 files changed, 12 insertions(+), 4 deletions(-) - -diff --git a/grub-core/kern/ieee1275/cmain.c b/grub-core/kern/ieee1275/cmain.c -index 20cbbd761ec..04df9d2c667 100644 ---- a/grub-core/kern/ieee1275/cmain.c -+++ b/grub-core/kern/ieee1275/cmain.c -@@ -90,7 +90,10 @@ grub_ieee1275_find_options (void) - } - - if (rc >= 0 && grub_strncmp (tmp, "IBM", 3) == 0) -- grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_NO_TREE_SCANNING_FOR_DISKS); -+ { -+ grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_NO_TREE_SCANNING_FOR_DISKS); -+ grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT); -+ } - - /* Old Macs have no key repeat, newer ones have fully working one. - The ones inbetween when repeated key generates an escaoe sequence -diff --git a/grub-core/video/ieee1275.c b/grub-core/video/ieee1275.c -index 17a3dbbb575..b8e4b3feb32 100644 ---- a/grub-core/video/ieee1275.c -+++ b/grub-core/video/ieee1275.c -@@ -352,9 +352,12 @@ static struct grub_video_adapter grub_video_ieee1275_adapter = - - GRUB_MOD_INIT(ieee1275_fb) - { -- find_display (); -- if (display) -- grub_video_register (&grub_video_ieee1275_adapter); -+ if (! grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT)) -+ { -+ find_display (); -+ if (display) -+ grub_video_register (&grub_video_ieee1275_adapter); -+ } - } - - GRUB_MOD_FINI(ieee1275_fb) -diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h -index 0a599607f31..b5a1d49bbc3 100644 ---- a/include/grub/ieee1275/ieee1275.h -+++ b/include/grub/ieee1275/ieee1275.h -@@ -148,6 +148,8 @@ enum grub_ieee1275_flag - GRUB_IEEE1275_FLAG_CURSORONOFF_ANSI_BROKEN, - - GRUB_IEEE1275_FLAG_RAW_DEVNAMES, -+ -+ GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT - }; - - extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag); diff --git a/0014-Move-bash-completion-script-922997.patch b/0014-Move-bash-completion-script-922997.patch deleted file mode 100644 index 6bf0b4b9aeb1f09b932ea55125144c05274cb3d0..0000000000000000000000000000000000000000 --- a/0014-Move-bash-completion-script-922997.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 3 Apr 2013 14:35:34 -0400 -Subject: [PATCH] Move bash completion script (#922997) - -Apparently these go in a new place now. ---- - configure.ac | 11 +++++++++++ - util/bash-completion.d/Makefile.am | 1 - - 2 files changed, 11 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 7517fc49d98..8331f95b645 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -314,6 +314,14 @@ AC_SUBST(grubdirname) - AC_DEFINE_UNQUOTED(GRUB_DIR_NAME, "$grubdirname", - [Default grub directory name]) - -+PKG_PROG_PKG_CONFIG -+AS_IF([$($PKG_CONFIG --exists bash-completion)], [ -+ bashcompletiondir=$($PKG_CONFIG --variable=completionsdir bash-completion) -+] , [ -+ bashcompletiondir=${datadir}/bash-completion/completions -+]) -+AC_SUBST(bashcompletiondir) -+ - # - # Checks for build programs. - # -@@ -525,6 +533,9 @@ HOST_CFLAGS="$HOST_CFLAGS $grub_cv_cc_w_extra_flags" - # Check for target programs. - # - -+# This makes sure pkg.m4 is available. -+m4_pattern_forbid([^_?PKG_[A-Z_]+$],[*** pkg.m4 missing, please install pkg-config]) -+ - # Find tools for the target. - if test "x$target_alias" != x && test "x$host_alias" != "x$target_alias"; then - tmp_ac_tool_prefix="$ac_tool_prefix" -diff --git a/util/bash-completion.d/Makefile.am b/util/bash-completion.d/Makefile.am -index 136287cf1bf..61108f05429 100644 ---- a/util/bash-completion.d/Makefile.am -+++ b/util/bash-completion.d/Makefile.am -@@ -6,7 +6,6 @@ EXTRA_DIST = $(bash_completion_source) - - CLEANFILES = $(bash_completion_script) config.log - --bashcompletiondir = $(sysconfdir)/bash_completion.d - bashcompletion_DATA = $(bash_completion_script) - - $(bash_completion_script): $(bash_completion_source) $(top_builddir)/config.status diff --git a/0015-Allow-fallback-to-include-entries-by-title-not-just-.patch b/0015-Allow-fallback-to-include-entries-by-title-not-just-.patch deleted file mode 100644 index f2a4a82c1199a076368b6dbac4c7d6be4ad442c5..0000000000000000000000000000000000000000 --- a/0015-Allow-fallback-to-include-entries-by-title-not-just-.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 5 Sep 2014 10:07:04 -0400 -Subject: [PATCH] Allow "fallback" to include entries by title, not just - number. - -Resolves: rhbz#1026084 - -Signed-off-by: Peter Jones ---- - grub-core/normal/menu.c | 85 +++++++++++++++++++++++++++++++++---------------- - 1 file changed, 58 insertions(+), 27 deletions(-) - -diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c -index 8397886fa05..d7a222e681b 100644 ---- a/grub-core/normal/menu.c -+++ b/grub-core/normal/menu.c -@@ -163,15 +163,40 @@ grub_menu_set_timeout (int timeout) - } - } - -+static int -+menuentry_eq (const char *id, const char *spec) -+{ -+ const char *ptr1, *ptr2; -+ ptr1 = id; -+ ptr2 = spec; -+ while (1) -+ { -+ if (*ptr2 == '>' && ptr2[1] != '>' && *ptr1 == 0) -+ return ptr2 - spec; -+ if (*ptr2 == '>' && ptr2[1] != '>') -+ return 0; -+ if (*ptr2 == '>') -+ ptr2++; -+ if (*ptr1 != *ptr2) -+ return 0; -+ if (*ptr1 == 0) -+ return ptr1 - id; -+ ptr1++; -+ ptr2++; -+ } -+ return 0; -+} -+ - /* Get the first entry number from the value of the environment variable NAME, - which is a space-separated list of non-negative integers. The entry number - which is returned is stripped from the value of NAME. If no entry number - can be found, -1 is returned. */ - static int --get_and_remove_first_entry_number (const char *name) -+get_and_remove_first_entry_number (grub_menu_t menu, const char *name) - { - const char *val, *tail; - int entry; -+ int sz = 0; - - val = grub_env_get (name); - if (! val) -@@ -181,9 +206,39 @@ get_and_remove_first_entry_number (const char *name) - - entry = (int) grub_strtoul (val, &tail, 0); - -+ if (grub_errno == GRUB_ERR_BAD_NUMBER) -+ { -+ /* See if the variable matches the title of a menu entry. */ -+ grub_menu_entry_t e = menu->entry_list; -+ int i; -+ -+ for (i = 0; e; i++) -+ { -+ sz = menuentry_eq (e->title, val); -+ if (sz < 1) -+ sz = menuentry_eq (e->id, val); -+ -+ if (sz >= 1) -+ { -+ entry = i; -+ break; -+ } -+ e = e->next; -+ } -+ -+ if (sz > 0) -+ grub_errno = GRUB_ERR_NONE; -+ -+ if (! e) -+ entry = -1; -+ } -+ - if (grub_errno == GRUB_ERR_NONE) - { -- /* Skip whitespace to find the next digit. */ -+ if (sz > 0) -+ tail += sz; -+ -+ /* Skip whitespace to find the next entry. */ - while (*tail && grub_isspace (*tail)) - tail++; - grub_env_set (name, tail); -@@ -346,7 +401,7 @@ grub_menu_execute_with_fallback (grub_menu_t menu, - grub_menu_execute_entry (entry, 1); - - /* Deal with fallback entries. */ -- while ((fallback_entry = get_and_remove_first_entry_number ("fallback")) -+ while ((fallback_entry = get_and_remove_first_entry_number (menu, "fallback")) - >= 0) - { - grub_print_error (); -@@ -464,30 +519,6 @@ grub_menu_register_viewer (struct grub_menu_viewer *viewer) - viewers = viewer; - } - --static int --menuentry_eq (const char *id, const char *spec) --{ -- const char *ptr1, *ptr2; -- ptr1 = id; -- ptr2 = spec; -- while (1) -- { -- if (*ptr2 == '>' && ptr2[1] != '>' && *ptr1 == 0) -- return 1; -- if (*ptr2 == '>' && ptr2[1] != '>') -- return 0; -- if (*ptr2 == '>') -- ptr2++; -- if (*ptr1 != *ptr2) -- return 0; -- if (*ptr1 == 0) -- return 1; -- ptr1++; -- ptr2++; -- } --} -- -- - /* Get the entry number from the variable NAME. */ - static int - get_entry_number (grub_menu_t menu, const char *name) diff --git a/0016-Make-exit-take-a-return-code.patch b/0016-Make-exit-take-a-return-code.patch deleted file mode 100644 index 39d70573676e088028c053f8e5bdca2f6f2cb422..0000000000000000000000000000000000000000 --- a/0016-Make-exit-take-a-return-code.patch +++ /dev/null @@ -1,267 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 26 Feb 2014 21:49:12 -0500 -Subject: [PATCH] Make "exit" take a return code. - -This adds "exit" with a return code. With this patch, any "exit" -command /may/ include a return code, and on platforms that support -returning with an exit status, we will do so. By default we return the -same exit status we did before this patch. - -Signed-off-by: Peter Jones ---- - grub-core/commands/minicmd.c | 20 ++++++++++++++++---- - grub-core/kern/efi/efi.c | 9 +++++++-- - grub-core/kern/emu/main.c | 2 +- - grub-core/kern/emu/misc.c | 5 +++-- - grub-core/kern/i386/coreboot/init.c | 2 +- - grub-core/kern/i386/qemu/init.c | 2 +- - grub-core/kern/ieee1275/init.c | 2 +- - grub-core/kern/mips/arc/init.c | 2 +- - grub-core/kern/mips/loongson/init.c | 2 +- - grub-core/kern/mips/qemu_mips/init.c | 2 +- - grub-core/kern/misc.c | 11 ++++++++++- - grub-core/kern/uboot/init.c | 6 +++--- - grub-core/kern/xen/init.c | 2 +- - include/grub/misc.h | 2 +- - 14 files changed, 48 insertions(+), 21 deletions(-) - -diff --git a/grub-core/commands/minicmd.c b/grub-core/commands/minicmd.c -index fa498931ed2..2bd3ac76f2d 100644 ---- a/grub-core/commands/minicmd.c -+++ b/grub-core/commands/minicmd.c -@@ -182,12 +182,24 @@ grub_mini_cmd_lsmod (struct grub_command *cmd __attribute__ ((unused)), - } - - /* exit */ --static grub_err_t __attribute__ ((noreturn)) -+static grub_err_t - grub_mini_cmd_exit (struct grub_command *cmd __attribute__ ((unused)), -- int argc __attribute__ ((unused)), -- char *argv[] __attribute__ ((unused))) -+ int argc, char *argv[]) - { -- grub_exit (); -+ int retval = -1; -+ unsigned long n; -+ -+ if (argc < 0 || argc > 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected")); -+ -+ if (argc == 1) -+ { -+ n = grub_strtoul (argv[0], 0, 10); -+ if (n != ~0UL) -+ retval = n; -+ } -+ -+ grub_exit (retval); - /* Not reached. */ - } - -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 8cff7be0289..05d8237a9b2 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -165,11 +165,16 @@ grub_reboot (void) - } - - void --grub_exit (void) -+grub_exit (int retval) - { -+ int rc = GRUB_EFI_LOAD_ERROR; -+ -+ if (retval == 0) -+ rc = GRUB_EFI_SUCCESS; -+ - grub_machine_fini (GRUB_LOADER_FLAG_NORETURN); - efi_call_4 (grub_efi_system_table->boot_services->exit, -- grub_efi_image_handle, GRUB_EFI_SUCCESS, 0, 0); -+ grub_efi_image_handle, rc, 0, 0); - for (;;) ; - } - -diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c -index 425bb960347..55ea5a11ccd 100644 ---- a/grub-core/kern/emu/main.c -+++ b/grub-core/kern/emu/main.c -@@ -67,7 +67,7 @@ grub_reboot (void) - } - - void --grub_exit (void) -+grub_exit (int retval __attribute__((unused))) - { - grub_reboot (); - } -diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c -index dfd8a8ec488..0ff13bcaf8c 100644 ---- a/grub-core/kern/emu/misc.c -+++ b/grub-core/kern/emu/misc.c -@@ -151,9 +151,10 @@ xasprintf (const char *fmt, ...) - - #if !defined (GRUB_MACHINE_EMU) || defined (GRUB_UTIL) - void --grub_exit (void) -+__attribute__ ((noreturn)) -+grub_exit (int rc) - { -- exit (1); -+ exit (rc < 0 ? 1 : rc); - } - #endif - -diff --git a/grub-core/kern/i386/coreboot/init.c b/grub-core/kern/i386/coreboot/init.c -index 3314f027fec..36f9134b7b7 100644 ---- a/grub-core/kern/i386/coreboot/init.c -+++ b/grub-core/kern/i386/coreboot/init.c -@@ -41,7 +41,7 @@ extern grub_uint8_t _end[]; - extern grub_uint8_t _edata[]; - - void __attribute__ ((noreturn)) --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - /* We can't use grub_fatal() in this function. This would create an infinite - loop, since grub_fatal() calls grub_abort() which in turn calls grub_exit(). */ -diff --git a/grub-core/kern/i386/qemu/init.c b/grub-core/kern/i386/qemu/init.c -index 271b6fbfabd..9fafe98f015 100644 ---- a/grub-core/kern/i386/qemu/init.c -+++ b/grub-core/kern/i386/qemu/init.c -@@ -42,7 +42,7 @@ extern grub_uint8_t _end[]; - extern grub_uint8_t _edata[]; - - void __attribute__ ((noreturn)) --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - /* We can't use grub_fatal() in this function. This would create an infinite - loop, since grub_fatal() calls grub_abort() which in turn calls grub_exit(). */ -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index d483e35eed2..e71d1584164 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -71,7 +71,7 @@ grub_addr_t grub_ieee1275_original_stack; - #endif - - void --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - grub_ieee1275_exit (); - } -diff --git a/grub-core/kern/mips/arc/init.c b/grub-core/kern/mips/arc/init.c -index 2ed3ff3191e..5c40c34078d 100644 ---- a/grub-core/kern/mips/arc/init.c -+++ b/grub-core/kern/mips/arc/init.c -@@ -276,7 +276,7 @@ grub_halt (void) - } - - void --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - GRUB_ARC_FIRMWARE_VECTOR->exit (); - -diff --git a/grub-core/kern/mips/loongson/init.c b/grub-core/kern/mips/loongson/init.c -index 7b96531b983..dff598ca7b0 100644 ---- a/grub-core/kern/mips/loongson/init.c -+++ b/grub-core/kern/mips/loongson/init.c -@@ -304,7 +304,7 @@ grub_halt (void) - } - - void --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - grub_halt (); - } -diff --git a/grub-core/kern/mips/qemu_mips/init.c b/grub-core/kern/mips/qemu_mips/init.c -index be88b77d22d..8b6c55ffc01 100644 ---- a/grub-core/kern/mips/qemu_mips/init.c -+++ b/grub-core/kern/mips/qemu_mips/init.c -@@ -75,7 +75,7 @@ grub_machine_fini (int flags __attribute__ ((unused))) - } - - void --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - grub_halt (); - } -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 3af336ee227..63b586d09cb 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -1209,9 +1209,18 @@ grub_abort (void) - grub_getkey (); - } - -- grub_exit (); -+ grub_exit (1); - } - -+#if defined (__clang__) && !defined (GRUB_UTIL) -+/* clang emits references to abort(). */ -+void __attribute__ ((noreturn)) -+abort (void) -+{ -+ grub_abort (); -+} -+#endif -+ - void - grub_fatal (const char *fmt, ...) - { -diff --git a/grub-core/kern/uboot/init.c b/grub-core/kern/uboot/init.c -index 3e338645c57..be2a5be1d07 100644 ---- a/grub-core/kern/uboot/init.c -+++ b/grub-core/kern/uboot/init.c -@@ -39,9 +39,9 @@ extern grub_size_t grub_total_module_size; - static unsigned long timer_start; - - void --grub_exit (void) -+grub_exit (int rc) - { -- grub_uboot_return (0); -+ grub_uboot_return (rc < 0 ? 1 : rc); - } - - static grub_uint64_t -@@ -78,7 +78,7 @@ grub_machine_init (void) - if (!ver) - { - /* Don't even have a console to log errors to... */ -- grub_exit (); -+ grub_exit (-1); - } - else if (ver > API_SIG_VERSION) - { -diff --git a/grub-core/kern/xen/init.c b/grub-core/kern/xen/init.c -index 782ca72952a..708b060f324 100644 ---- a/grub-core/kern/xen/init.c -+++ b/grub-core/kern/xen/init.c -@@ -584,7 +584,7 @@ grub_machine_init (void) - } - - void --grub_exit (void) -+grub_exit (int rc __attribute__((unused))) - { - struct sched_shutdown arg; - -diff --git a/include/grub/misc.h b/include/grub/misc.h -index 7d2b5519690..fd18e6320b8 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -353,7 +353,7 @@ int EXPORT_FUNC(grub_vsnprintf) (char *str, grub_size_t n, const char *fmt, - char *EXPORT_FUNC(grub_xasprintf) (const char *fmt, ...) - __attribute__ ((format (GNU_PRINTF, 1, 2))) WARN_UNUSED_RESULT; - char *EXPORT_FUNC(grub_xvasprintf) (const char *fmt, va_list args) WARN_UNUSED_RESULT; --void EXPORT_FUNC(grub_exit) (void) __attribute__ ((noreturn)); -+void EXPORT_FUNC(grub_exit) (int rc) __attribute__ ((noreturn)); - grub_uint64_t EXPORT_FUNC(grub_divmod64) (grub_uint64_t n, - grub_uint64_t d, - grub_uint64_t *r); diff --git a/0017-Make-efi-machines-load-an-env-block-from-a-variable.patch b/0017-Make-efi-machines-load-an-env-block-from-a-variable.patch deleted file mode 100644 index d0614611df668de8ada17698ea556fe8cbac5a14..0000000000000000000000000000000000000000 --- a/0017-Make-efi-machines-load-an-env-block-from-a-variable.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 7 Dec 2015 14:20:49 -0500 -Subject: [PATCH] Make efi machines load an env block from a variable - -Signed-off-by: Peter Jones ---- - grub-core/Makefile.core.def | 1 + - grub-core/kern/efi/init.c | 36 +++++++++++++++++++++++++++++++++++- - 2 files changed, 36 insertions(+), 1 deletion(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 45d3edaa4dc..c865a08b027 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -207,6 +207,7 @@ kernel = { - efi = kern/efi/acpi.c; - efi = kern/efi/sb.c; - efi = kern/lockdown.c; -+ efi = lib/envblk.c; - i386_coreboot = kern/i386/pc/acpi.c; - i386_multiboot = kern/i386/pc/acpi.c; - i386_coreboot = kern/acpi.c; -diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c -index 7facacf09c7..6d39bd3ad29 100644 ---- a/grub-core/kern/efi/init.c -+++ b/grub-core/kern/efi/init.c -@@ -27,8 +27,11 @@ - #include - #include - #include -+ - #include - -+#include -+ - #ifdef GRUB_STACK_PROTECTOR - - static grub_efi_guid_t rng_protocol_guid = GRUB_EFI_RNG_PROTOCOL_GUID; -@@ -82,6 +85,36 @@ stack_protector_init (void) - - grub_addr_t grub_modbase; - -+#define GRUB_EFI_GRUB_VARIABLE_GUID \ -+ { 0x91376aff, 0xcba6, 0x42be, \ -+ { 0x94, 0x9d, 0x06, 0xfd, 0xe8, 0x11, 0x28, 0xe8 } \ -+ } -+ -+/* Helper for grub_efi_env_init */ -+static int -+set_var (const char *name, const char *value, -+ void *whitelist __attribute__((__unused__))) -+{ -+ grub_env_set (name, value); -+ return 0; -+} -+ -+static void -+grub_efi_env_init (void) -+{ -+ grub_efi_guid_t efi_grub_guid = GRUB_EFI_GRUB_VARIABLE_GUID; -+ struct grub_envblk envblk_s = { NULL, 0 }; -+ grub_envblk_t envblk = &envblk_s; -+ -+ grub_efi_get_variable ("GRUB_ENV", &efi_grub_guid, &envblk_s.size, -+ (void **) &envblk_s.buf); -+ if (!envblk_s.buf || envblk_s.size < 1) -+ return; -+ -+ grub_envblk_iterate (envblk, NULL, set_var); -+ grub_free (envblk_s.buf); -+} -+ - void - grub_efi_init (void) - { -@@ -108,10 +141,11 @@ grub_efi_init (void) - efi_call_4 (grub_efi_system_table->boot_services->set_watchdog_timer, - 0, 0, 0, NULL); - -+ grub_efi_env_init (); - grub_efidisk_init (); - } - --void (*grub_efi_net_config) (grub_efi_handle_t hnd, -+void (*grub_efi_net_config) (grub_efi_handle_t hnd, - char **device, - char **path); - diff --git a/0018-Migrate-PPC-from-Yaboot-to-Grub2.patch b/0018-Migrate-PPC-from-Yaboot-to-Grub2.patch deleted file mode 100644 index 5cbe731bc19d9ab85e9b79613dcc82761cb14765..0000000000000000000000000000000000000000 --- a/0018-Migrate-PPC-from-Yaboot-to-Grub2.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Mark Hamzy -Date: Wed, 28 Mar 2012 14:46:41 -0500 -Subject: [PATCH] Migrate PPC from Yaboot to Grub2 - -Add configuration support for serial terminal consoles. This will set -the maximum screen size so that text is not overwritten. - -Signed-off-by: Mark Hamzy -Signed-off-by: Robbie Harwood ---- - Makefile.util.def | 7 +++ - util/grub.d/20_ppc_terminfo.in | 114 +++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 121 insertions(+) - create mode 100644 util/grub.d/20_ppc_terminfo.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index f8b356cc1fa..2c9b283a230 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -508,6 +508,13 @@ script = { - condition = COND_HOST_LINUX; - }; - -+script = { -+ name = '20_ppc_terminfo'; -+ common = util/grub.d/20_ppc_terminfo.in; -+ installdir = grubconf; -+ condition = COND_HOST_LINUX; -+}; -+ - script = { - name = '30_os-prober'; - common = util/grub.d/30_os-prober.in; -diff --git a/util/grub.d/20_ppc_terminfo.in b/util/grub.d/20_ppc_terminfo.in -new file mode 100644 -index 00000000000..10d66586820 ---- /dev/null -+++ b/util/grub.d/20_ppc_terminfo.in -@@ -0,0 +1,114 @@ -+#! /bin/sh -+set -e -+ -+# grub-mkconfig helper script. -+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc. -+# -+# GRUB is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# GRUB is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GRUB. If not, see . -+ -+prefix=@prefix@ -+exec_prefix=@exec_prefix@ -+bindir=@bindir@ -+libdir=@libdir@ -+. "@datadir@/@PACKAGE@/grub-mkconfig_lib" -+ -+export TEXTDOMAIN=@PACKAGE@ -+export TEXTDOMAINDIR=@localedir@ -+ -+X=80 -+Y=24 -+TERMINAL=ofconsole -+ -+argument () { -+ opt=$1 -+ shift -+ -+ if test $# -eq 0; then -+ echo "$0: option requires an argument -- '$opt'" 1>&2 -+ exit 1 -+ fi -+ echo $1 -+} -+ -+check_terminfo () { -+ -+ while test $# -gt 0 -+ do -+ option=$1 -+ shift -+ -+ case "$option" in -+ terminfo | TERMINFO) -+ ;; -+ -+ -g) -+ NEWXY=`argument $option "$@"` -+ NEWX=`echo $NEWXY | cut -d x -f 1` -+ NEWY=`echo $NEWXY | cut -d x -f 2` -+ -+ if [ ${NEWX} -ge 80 ] ; then -+ X=${NEWX} -+ else -+ echo "Warning: ${NEWX} is less than the minimum size of 80" -+ fi -+ -+ if [ ${NEWY} -ge 24 ] ; then -+ Y=${NEWY} -+ else -+ echo "Warning: ${NEWY} is less than the minimum size of 24" -+ fi -+ -+ shift -+ ;; -+ -+ *) -+# # accept console or ofconsole -+# if [ "$option" != "console" -a "$option" != "ofconsole" ] ; then -+# echo "Error: GRUB_TERMINFO unknown console: $option" -+# exit 1 -+# fi -+# # perfer console -+# TERMINAL=console -+ # accept ofconsole -+ if [ "$option" != "ofconsole" ] ; then -+ echo "Error: GRUB_TERMINFO unknown console: $option" -+ exit 1 -+ fi -+ # perfer console -+ TERMINAL=ofconsole -+ ;; -+ esac -+ -+ done -+ -+} -+ -+if ! uname -m | grep -q ppc ; then -+ exit 0 -+fi -+ -+if [ "x${GRUB_TERMINFO}" != "x" ] ; then -+ F1=`echo ${GRUB_TERMINFO} | cut -d " " -f 1` -+ -+ if [ "${F1}" != "terminfo" ] ; then -+ echo "Error: GRUB_TERMINFO is set to \"${GRUB_TERMINFO}\" The first word should be terminfo." -+ exit 1 -+ fi -+ -+ check_terminfo ${GRUB_TERMINFO} -+fi -+ -+cat << EOF -+ terminfo -g ${X}x${Y} ${TERMINAL} -+EOF diff --git a/0019-Add-fw_path-variable-revised.patch b/0019-Add-fw_path-variable-revised.patch deleted file mode 100644 index a8491e8c083d23bd27540ff1e5e16db2509a2579..0000000000000000000000000000000000000000 --- a/0019-Add-fw_path-variable-revised.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Paulo Flabiano Smorigo -Date: Wed, 19 Sep 2012 21:22:55 -0300 -Subject: [PATCH] Add fw_path variable (revised) - -This patch makes grub look for its config file on efi where the app was -found. It was originally written by Matthew Garrett, and adapted to fix the -"No modules are loaded on grub2 network boot" issue: - -https://bugzilla.redhat.com/show_bug.cgi?id=857936 - -Signed-off-by: Paulo Flabiano Smorigo -Signed-off-by: Robbie Harwood ---- - grub-core/kern/main.c | 13 ++++++------- - grub-core/normal/main.c | 25 ++++++++++++++++++++++++- - 2 files changed, 30 insertions(+), 8 deletions(-) - -diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c -index 73967e2f5b0..d1de9fa6873 100644 ---- a/grub-core/kern/main.c -+++ b/grub-core/kern/main.c -@@ -128,16 +128,15 @@ grub_set_prefix_and_root (void) - - grub_machine_get_bootlocation (&fwdevice, &fwpath); - -- if (fwdevice) -+ if (fwdevice && fwpath) - { -- char *cmdpath; -+ char *fw_path; - -- cmdpath = grub_xasprintf ("(%s)%s", fwdevice, fwpath ? : ""); -- if (cmdpath) -+ fw_path = grub_xasprintf ("(%s)/%s", fwdevice, fwpath); -+ if (fw_path) - { -- grub_env_set ("cmdpath", cmdpath); -- grub_env_export ("cmdpath"); -- grub_free (cmdpath); -+ grub_env_set ("fw_path", fw_path); -+ grub_free (fw_path); - } - } - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 70614de1565..62571e6dfcc 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -339,7 +339,30 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - /* Guess the config filename. It is necessary to make CONFIG static, - so that it won't get broken by longjmp. */ - char *config; -- const char *prefix; -+ const char *prefix, *fw_path; -+ -+ fw_path = grub_env_get ("fw_path"); -+ if (fw_path) -+ { -+ config = grub_xasprintf ("%s/grub.cfg", fw_path); -+ if (config) -+ { -+ grub_file_t file; -+ -+ file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -+ if (file) -+ { -+ grub_file_close (file); -+ grub_enter_normal_mode (config); -+ } -+ else -+ { -+ /* Ignore all errors. */ -+ grub_errno = 0; -+ } -+ grub_free (config); -+ } -+ } - - prefix = grub_env_get ("prefix"); - if (prefix) diff --git a/0020-Pass-x-hex-hex-straight-through-unmolested.patch b/0020-Pass-x-hex-hex-straight-through-unmolested.patch deleted file mode 100644 index b81abb54583a157bcffbd037a88f4282f550001b..0000000000000000000000000000000000000000 --- a/0020-Pass-x-hex-hex-straight-through-unmolested.patch +++ /dev/null @@ -1,173 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 1 Oct 2012 13:24:37 -0400 -Subject: [PATCH] Pass "\x[[:hex:]][[:hex:]]" straight through unmolested. - -Don't munge raw spaces when we're doing our cmdline escaping (#923374) - -Signed-off-by: Peter Jones ---- - grub-core/commands/wildcard.c | 16 +++++++++++++++- - grub-core/lib/cmdline.c | 25 +++++++++++++++++++++++-- - grub-core/script/execute.c | 43 +++++++++++++++++++++++++++++++++++++------ - 3 files changed, 75 insertions(+), 9 deletions(-) - -diff --git a/grub-core/commands/wildcard.c b/grub-core/commands/wildcard.c -index cc3290311f0..8f67a4be7f0 100644 ---- a/grub-core/commands/wildcard.c -+++ b/grub-core/commands/wildcard.c -@@ -488,6 +488,12 @@ check_file (const char *dir, const char *basename) - return ctx.found; - } - -+static int -+is_hex(char c) -+{ -+ return ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F')); -+} -+ - static void - unescape (char *out, const char *in, const char *end) - { -@@ -496,7 +502,15 @@ unescape (char *out, const char *in, const char *end) - - for (optr = out, iptr = in; iptr < end;) - { -- if (*iptr == '\\' && iptr + 1 < end) -+ if (*iptr == '\\' && iptr + 3 < end && iptr[1] == 'x' && is_hex(iptr[2]) && is_hex(iptr[3])) -+ { -+ *optr++ = *iptr++; -+ *optr++ = *iptr++; -+ *optr++ = *iptr++; -+ *optr++ = *iptr++; -+ continue; -+ } -+ else if (*iptr == '\\' && iptr + 1 < end) - { - *optr++ = iptr[1]; - iptr += 2; -diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c -index ed0b149dca5..8e2294d8ff6 100644 ---- a/grub-core/lib/cmdline.c -+++ b/grub-core/lib/cmdline.c -@@ -20,6 +20,12 @@ - #include - #include - -+static int -+is_hex(char c) -+{ -+ return ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F')); -+} -+ - static unsigned int check_arg (char *c, int *has_space) - { - int space = 0; -@@ -27,7 +33,13 @@ static unsigned int check_arg (char *c, int *has_space) - - while (*c) - { -- if (*c == '\\' || *c == '\'' || *c == '"') -+ if (*c == '\\' && *(c+1) == 'x' && is_hex(*(c+2)) && is_hex(*(c+3))) -+ { -+ size += 4; -+ c += 4; -+ continue; -+ } -+ else if (*c == '\\' || *c == '\'' || *c == '"') - size++; - else if (*c == ' ') - space = 1; -@@ -86,7 +98,16 @@ grub_create_loader_cmdline (int argc, char *argv[], char *buf, - - while (*c) - { -- if (*c == '\\' || *c == '\'' || *c == '"') -+ if (*c == '\\' && *(c+1) == 'x' && -+ is_hex(*(c+2)) && is_hex(*(c+3))) -+ { -+ *buf++ = *c++; -+ *buf++ = *c++; -+ *buf++ = *c++; -+ *buf++ = *c++; -+ continue; -+ } -+ else if (*c == '\\' || *c == '\'' || *c == '"') - *buf++ = '\\'; - - *buf++ = *c; -diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c -index ad80399246a..0c6dd9c5201 100644 ---- a/grub-core/script/execute.c -+++ b/grub-core/script/execute.c -@@ -56,6 +56,12 @@ static struct grub_script_scope *scope = 0; - /* Wildcard translator for GRUB script. */ - struct grub_script_wildcard_translator *grub_wildcard_translator; - -+static int -+is_hex(char c) -+{ -+ return ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F')); -+} -+ - static char* - wildcard_escape (const char *s) - { -@@ -72,7 +78,15 @@ wildcard_escape (const char *s) - i = 0; - while ((ch = *s++)) - { -- if (ch == '*' || ch == '\\' || ch == '?') -+ if (ch == '\\' && s[0] == 'x' && is_hex(s[1]) && is_hex(s[2])) -+ { -+ p[i++] = ch; -+ p[i++] = *s++; -+ p[i++] = *s++; -+ p[i++] = *s++; -+ continue; -+ } -+ else if (ch == '*' || ch == '\\' || ch == '?') - p[i++] = '\\'; - p[i++] = ch; - } -@@ -96,7 +110,14 @@ wildcard_unescape (const char *s) - i = 0; - while ((ch = *s++)) - { -- if (ch == '\\') -+ if (ch == '\\' && s[0] == 'x' && is_hex(s[1]) && is_hex(s[2])) -+ { -+ p[i++] = '\\'; -+ p[i++] = *s++; -+ p[i++] = *s++; -+ p[i++] = *s++; -+ } -+ else if (ch == '\\') - p[i++] = *s++; - else - p[i++] = ch; -@@ -398,10 +419,20 @@ parse_string (const char *str, - switch (*ptr) - { - case '\\': -- escaped = !escaped; -- if (!escaped && put) -- *(put++) = '\\'; -- ptr++; -+ if (!escaped && put && *(ptr+1) == 'x' && is_hex(*(ptr+2)) && is_hex(*(ptr+3))) -+ { -+ *(put++) = *ptr++; -+ *(put++) = *ptr++; -+ *(put++) = *ptr++; -+ *(put++) = *ptr++; -+ } -+ else -+ { -+ escaped = !escaped; -+ if (!escaped && put) -+ *(put++) = '\\'; -+ ptr++; -+ } - break; - case '$': - if (escaped) diff --git a/0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch b/0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch deleted file mode 100644 index da65e1876863ad1c1066796714836ff9beb630b7..0000000000000000000000000000000000000000 --- a/0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch +++ /dev/null @@ -1,1609 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 22 Jan 2013 06:31:38 +0100 -Subject: [PATCH] blscfg: add blscfg module to parse Boot Loader Specification - snippets - -The BootLoaderSpec (BLS) defines a scheme where different bootloaders can -share a format for boot items and a configuration directory that accepts -these common configurations as drop-in files. - -Signed-off-by: Peter Jones -Signed-off-by: Javier Martinez Canillas -[wjt: some cleanups and fixes] -Signed-off-by: Will Thompson ---- - grub-core/Makefile.core.def | 11 + - grub-core/commands/blscfg.c | 1177 ++++++++++++++++++++++++++++++++++++++++ - grub-core/commands/legacycfg.c | 5 +- - grub-core/commands/loadenv.c | 77 +-- - grub-core/commands/menuentry.c | 20 +- - grub-core/normal/main.c | 6 + - grub-core/commands/loadenv.h | 93 ++++ - include/grub/compiler.h | 2 + - include/grub/menu.h | 13 + - include/grub/normal.h | 2 +- - 10 files changed, 1324 insertions(+), 82 deletions(-) - create mode 100644 grub-core/commands/blscfg.c - create mode 100644 grub-core/commands/loadenv.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index c865a08b027..c15e91943b9 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -814,6 +814,16 @@ module = { - common = commands/blocklist.c; - }; - -+module = { -+ name = blscfg; -+ common = commands/blscfg.c; -+ common = commands/loadenv.h; -+ enable = powerpc_ieee1275; -+ enable = efi; -+ enable = i386_pc; -+ enable = emu; -+}; -+ - module = { - name = boot; - common = commands/boot.c; -@@ -980,6 +990,7 @@ module = { - module = { - name = loadenv; - common = commands/loadenv.c; -+ common = commands/loadenv.h; - common = lib/envblk.c; - }; - -diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c -new file mode 100644 -index 00000000000..e907a6a5d28 ---- /dev/null -+++ b/grub-core/commands/blscfg.c -@@ -0,0 +1,1177 @@ -+/*-*- Mode: C; c-basic-offset: 2; indent-tabs-mode: t -*-*/ -+ -+/* bls.c - implementation of the boot loader spec */ -+ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+#include "loadenv.h" -+ -+#define GRUB_BLS_CONFIG_PATH "/loader/entries/" -+#ifdef GRUB_MACHINE_EMU -+#define GRUB_BOOT_DEVICE "/boot" -+#else -+#define GRUB_BOOT_DEVICE "($root)" -+#endif -+ -+struct keyval -+{ -+ const char *key; -+ char *val; -+}; -+ -+static struct bls_entry *entries = NULL; -+ -+#define FOR_BLS_ENTRIES(var) FOR_LIST_ELEMENTS (var, entries) -+ -+static int bls_add_keyval(struct bls_entry *entry, char *key, char *val) -+{ -+ char *k, *v; -+ struct keyval **kvs, *kv; -+ int new_n = entry->nkeyvals + 1; -+ -+ kvs = grub_realloc (entry->keyvals, new_n * sizeof (struct keyval *)); -+ if (!kvs) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't find space for BLS entry"); -+ entry->keyvals = kvs; -+ -+ kv = grub_malloc (sizeof (struct keyval)); -+ if (!kv) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't find space for BLS entry"); -+ -+ k = grub_strdup (key); -+ if (!k) -+ { -+ grub_free (kv); -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't find space for BLS entry"); -+ } -+ -+ v = grub_strdup (val); -+ if (!v) -+ { -+ grub_free (k); -+ grub_free (kv); -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't find space for BLS entry"); -+ } -+ -+ kv->key = k; -+ kv->val = v; -+ -+ entry->keyvals[entry->nkeyvals] = kv; -+ grub_dprintf("blscfg", "new keyval at %p:%s:%s\n", entry->keyvals[entry->nkeyvals], k, v); -+ entry->nkeyvals = new_n; -+ -+ return 0; -+} -+ -+/* Find they value of the key named by keyname. If there are allowed to be -+ * more than one, pass a pointer to an int set to -1 the first time, and pass -+ * the same pointer through each time after, and it'll return them in sorted -+ * order as defined in the BLS fragment file */ -+static char *bls_get_val(struct bls_entry *entry, const char *keyname, int *last) -+{ -+ int idx, start = 0; -+ struct keyval *kv = NULL; -+ -+ if (last) -+ start = *last + 1; -+ -+ for (idx = start; idx < entry->nkeyvals; idx++) { -+ kv = entry->keyvals[idx]; -+ -+ if (!grub_strcmp (keyname, kv->key)) -+ break; -+ } -+ -+ if (idx == entry->nkeyvals) { -+ if (last) -+ *last = -1; -+ return NULL; -+ } -+ -+ if (last) -+ *last = idx; -+ -+ return kv->val; -+} -+ -+#define goto_return(x) ({ ret = (x); goto finish; }) -+ -+/* compare alpha and numeric segments of two versions */ -+/* return 1: a is newer than b */ -+/* 0: a and b are the same version */ -+/* -1: b is newer than a */ -+static int vercmp(const char * a, const char * b) -+{ -+ char oldch1, oldch2; -+ char *abuf, *bbuf; -+ char *str1, *str2; -+ char * one, * two; -+ int rc; -+ int isnum; -+ int ret = 0; -+ -+ grub_dprintf("blscfg", "%s comparing %s and %s\n", __func__, a, b); -+ if (!grub_strcmp(a, b)) -+ return 0; -+ -+ abuf = grub_malloc(grub_strlen(a) + 1); -+ bbuf = grub_malloc(grub_strlen(b) + 1); -+ str1 = abuf; -+ str2 = bbuf; -+ grub_strcpy(str1, a); -+ grub_strcpy(str2, b); -+ -+ one = str1; -+ two = str2; -+ -+ /* loop through each version segment of str1 and str2 and compare them */ -+ while (*one || *two) { -+ while (*one && !grub_isalnum(*one) && *one != '~' && *one != '+') one++; -+ while (*two && !grub_isalnum(*two) && *two != '~' && *two != '+') two++; -+ -+ /* handle the tilde separator, it sorts before everything else */ -+ if (*one == '~' || *two == '~') { -+ if (*one != '~') goto_return (1); -+ if (*two != '~') goto_return (-1); -+ one++; -+ two++; -+ continue; -+ } -+ -+ /* -+ * Handle plus separator. Concept is the same as tilde, -+ * except that if one of the strings ends (base version), -+ * the other is considered as higher version. -+ */ -+ if (*one == '+' || *two == '+') { -+ if (!*one) return -1; -+ if (!*two) return 1; -+ if (*one != '+') goto_return (1); -+ if (*two != '+') goto_return (-1); -+ one++; -+ two++; -+ continue; -+ } -+ -+ /* If we ran to the end of either, we are finished with the loop */ -+ if (!(*one && *two)) break; -+ -+ str1 = one; -+ str2 = two; -+ -+ /* grab first completely alpha or completely numeric segment */ -+ /* leave one and two pointing to the start of the alpha or numeric */ -+ /* segment and walk str1 and str2 to end of segment */ -+ if (grub_isdigit(*str1)) { -+ while (*str1 && grub_isdigit(*str1)) str1++; -+ while (*str2 && grub_isdigit(*str2)) str2++; -+ isnum = 1; -+ } else { -+ while (*str1 && grub_isalpha(*str1)) str1++; -+ while (*str2 && grub_isalpha(*str2)) str2++; -+ isnum = 0; -+ } -+ -+ /* save character at the end of the alpha or numeric segment */ -+ /* so that they can be restored after the comparison */ -+ oldch1 = *str1; -+ *str1 = '\0'; -+ oldch2 = *str2; -+ *str2 = '\0'; -+ -+ /* this cannot happen, as we previously tested to make sure that */ -+ /* the first string has a non-null segment */ -+ if (one == str1) goto_return(-1); /* arbitrary */ -+ -+ /* take care of the case where the two version segments are */ -+ /* different types: one numeric, the other alpha (i.e. empty) */ -+ /* numeric segments are always newer than alpha segments */ -+ /* XXX See patch #60884 (and details) from bugzilla #50977. */ -+ if (two == str2) goto_return (isnum ? 1 : -1); -+ -+ if (isnum) { -+ grub_size_t onelen, twolen; -+ /* this used to be done by converting the digit segments */ -+ /* to ints using atoi() - it's changed because long */ -+ /* digit segments can overflow an int - this should fix that. */ -+ -+ /* throw away any leading zeros - it's a number, right? */ -+ while (*one == '0') one++; -+ while (*two == '0') two++; -+ -+ /* whichever number has more digits wins */ -+ onelen = grub_strlen(one); -+ twolen = grub_strlen(two); -+ if (onelen > twolen) goto_return (1); -+ if (twolen > onelen) goto_return (-1); -+ } -+ -+ /* grub_strcmp will return which one is greater - even if the two */ -+ /* segments are alpha or if they are numeric. don't return */ -+ /* if they are equal because there might be more segments to */ -+ /* compare */ -+ rc = grub_strcmp(one, two); -+ if (rc) goto_return (rc < 1 ? -1 : 1); -+ -+ /* restore character that was replaced by null above */ -+ *str1 = oldch1; -+ one = str1; -+ *str2 = oldch2; -+ two = str2; -+ } -+ -+ /* this catches the case where all numeric and alpha segments have */ -+ /* compared identically but the segment sepparating characters were */ -+ /* different */ -+ if ((!*one) && (!*two)) goto_return (0); -+ -+ /* whichever version still has characters left over wins */ -+ if (!*one) goto_return (-1); else goto_return (1); -+ -+finish: -+ grub_free (abuf); -+ grub_free (bbuf); -+ return ret; -+} -+ -+/* returns name/version/release */ -+/* NULL string pointer returned if nothing found */ -+static void -+split_package_string (char *package_string, char **name, -+ char **version, char **release) -+{ -+ char *package_version, *package_release; -+ -+ /* Release */ -+ package_release = grub_strrchr (package_string, '-'); -+ -+ if (package_release != NULL) -+ *package_release++ = '\0'; -+ -+ *release = package_release; -+ -+ if (name == NULL) -+ { -+ *version = package_string; -+ } -+ else -+ { -+ /* Version */ -+ package_version = grub_strrchr(package_string, '-'); -+ -+ if (package_version != NULL) -+ *package_version++ = '\0'; -+ -+ *version = package_version; -+ /* Name */ -+ *name = package_string; -+ } -+ -+ /* Bubble up non-null values from release to name */ -+ if (name != NULL && *name == NULL) -+ { -+ *name = (*version == NULL ? *release : *version); -+ *version = *release; -+ *release = NULL; -+ } -+ if (*version == NULL) -+ { -+ *version = *release; -+ *release = NULL; -+ } -+} -+ -+static int -+split_cmp(char *nvr0, char *nvr1, int has_name) -+{ -+ int ret = 0; -+ char *name0, *version0, *release0; -+ char *name1, *version1, *release1; -+ -+ split_package_string(nvr0, has_name ? &name0 : NULL, &version0, &release0); -+ split_package_string(nvr1, has_name ? &name1 : NULL, &version1, &release1); -+ -+ if (has_name) -+ { -+ ret = vercmp(name0 == NULL ? "" : name0, -+ name1 == NULL ? "" : name1); -+ if (ret != 0) -+ return ret; -+ } -+ -+ ret = vercmp(version0 == NULL ? "" : version0, -+ version1 == NULL ? "" : version1); -+ if (ret != 0) -+ return ret; -+ -+ ret = vercmp(release0 == NULL ? "" : release0, -+ release1 == NULL ? "" : release1); -+ return ret; -+} -+ -+/* return 1: e0 is newer than e1 */ -+/* 0: e0 and e1 are the same version */ -+/* -1: e1 is newer than e0 */ -+static int bls_cmp(const struct bls_entry *e0, const struct bls_entry *e1) -+{ -+ char *id0, *id1; -+ int r; -+ -+ id0 = grub_strdup(e0->filename); -+ id1 = grub_strdup(e1->filename); -+ -+ r = split_cmp(id0, id1, 1); -+ -+ grub_free(id0); -+ grub_free(id1); -+ -+ return r; -+} -+ -+static void list_add_tail(struct bls_entry *head, struct bls_entry *item) -+{ -+ item->next = head; -+ if (head->prev) -+ head->prev->next = item; -+ item->prev = head->prev; -+ head->prev = item; -+} -+ -+static int bls_add_entry(struct bls_entry *entry) -+{ -+ struct bls_entry *e, *last = NULL; -+ int rc; -+ -+ if (!entries) { -+ grub_dprintf ("blscfg", "Add entry with id \"%s\"\n", entry->filename); -+ entries = entry; -+ return 0; -+ } -+ -+ FOR_BLS_ENTRIES(e) { -+ rc = bls_cmp(entry, e); -+ -+ if (!rc) -+ return GRUB_ERR_BAD_ARGUMENT; -+ -+ if (rc == 1) { -+ grub_dprintf ("blscfg", "Add entry with id \"%s\"\n", entry->filename); -+ list_add_tail (e, entry); -+ if (e == entries) { -+ entries = entry; -+ entry->prev = NULL; -+ } -+ return 0; -+ } -+ last = e; -+ } -+ -+ if (last) { -+ grub_dprintf ("blscfg", "Add entry with id \"%s\"\n", entry->filename); -+ last->next = entry; -+ entry->prev = last; -+ } -+ -+ return 0; -+} -+ -+struct read_entry_info { -+ const char *devid; -+ const char *dirname; -+ grub_file_t file; -+}; -+ -+static int read_entry ( -+ const char *filename, -+ const struct grub_dirhook_info *dirhook_info UNUSED, -+ void *data) -+{ -+ grub_size_t m = 0, n, clip = 0; -+ int rc = 0; -+ char *p = NULL; -+ grub_file_t f = NULL; -+ struct bls_entry *entry; -+ struct read_entry_info *info = (struct read_entry_info *)data; -+ -+ grub_dprintf ("blscfg", "filename: \"%s\"\n", filename); -+ -+ n = grub_strlen (filename); -+ -+ if (info->file) -+ { -+ f = info->file; -+ } -+ else -+ { -+ if (filename[0] == '.') -+ return 0; -+ -+ if (n <= 5) -+ return 0; -+ -+ if (grub_strcmp (filename + n - 5, ".conf") != 0) -+ return 0; -+ -+ p = grub_xasprintf ("(%s)%s/%s", info->devid, info->dirname, filename); -+ -+ f = grub_file_open (p, GRUB_FILE_TYPE_CONFIG); -+ if (!f) -+ goto finish; -+ } -+ -+ entry = grub_zalloc (sizeof (*entry)); -+ if (!entry) -+ goto finish; -+ -+ if (info->file) -+ { -+ char *slash; -+ -+ if (n > 5 && !grub_strcmp (filename + n - 5, ".conf") == 0) -+ clip = 5; -+ -+ slash = grub_strrchr (filename, '/'); -+ if (!slash) -+ slash = grub_strrchr (filename, '\\'); -+ -+ while (*slash == '/' || *slash == '\\') -+ slash++; -+ -+ m = slash ? slash - filename : 0; -+ } -+ else -+ { -+ m = 0; -+ clip = 5; -+ } -+ n -= m; -+ -+ entry->filename = grub_strndup(filename + m, n - clip); -+ if (!entry->filename) -+ goto finish; -+ -+ entry->filename[n - 5] = '\0'; -+ -+ for (;;) -+ { -+ char *buf; -+ char *separator; -+ -+ buf = grub_file_getline (f); -+ if (!buf) -+ break; -+ -+ while (buf && buf[0] && (buf[0] == ' ' || buf[0] == '\t')) -+ buf++; -+ if (buf[0] == '#') -+ continue; -+ -+ separator = grub_strchr (buf, ' '); -+ -+ if (!separator) -+ separator = grub_strchr (buf, '\t'); -+ -+ if (!separator || separator[1] == '\0') -+ { -+ grub_free (buf); -+ break; -+ } -+ -+ separator[0] = '\0'; -+ -+ do { -+ separator++; -+ } while (*separator == ' ' || *separator == '\t'); -+ -+ rc = bls_add_keyval (entry, buf, separator); -+ grub_free (buf); -+ if (rc < 0) -+ break; -+ } -+ -+ if (!rc) -+ bls_add_entry(entry); -+ -+finish: -+ if (p) -+ grub_free (p); -+ -+ if (f) -+ grub_file_close (f); -+ -+ return 0; -+} -+ -+static grub_envblk_t saved_env = NULL; -+ -+static int UNUSED -+save_var (const char *name, const char *value, void *whitelist UNUSED) -+{ -+ const char *val = grub_env_get (name); -+ grub_dprintf("blscfg", "saving \"%s\"\n", name); -+ -+ if (val) -+ grub_envblk_set (saved_env, name, value); -+ -+ return 0; -+} -+ -+static int UNUSED -+unset_var (const char *name, const char *value UNUSED, void *whitelist) -+{ -+ grub_dprintf("blscfg", "restoring \"%s\"\n", name); -+ if (! whitelist) -+ { -+ grub_env_unset (name); -+ return 0; -+ } -+ -+ if (test_whitelist_membership (name, -+ (const grub_env_whitelist_t *) whitelist)) -+ grub_env_unset (name); -+ -+ return 0; -+} -+ -+static char **bls_make_list (struct bls_entry *entry, const char *key, int *num) -+{ -+ int last = -1; -+ char *val; -+ -+ int nlist = 0; -+ char **list = NULL; -+ -+ list = grub_malloc (sizeof (char *)); -+ if (!list) -+ return NULL; -+ list[0] = NULL; -+ -+ while (1) -+ { -+ char **new; -+ -+ val = bls_get_val (entry, key, &last); -+ if (!val) -+ break; -+ -+ new = grub_realloc (list, (nlist + 2) * sizeof (char *)); -+ if (!new) -+ break; -+ -+ list = new; -+ list[nlist++] = val; -+ list[nlist] = NULL; -+ } -+ -+ if (!nlist) -+ { -+ grub_free (list); -+ return NULL; -+ } -+ -+ if (num) -+ *num = nlist; -+ -+ return list; -+} -+ -+static char *field_append(bool is_var, char *buffer, const char *start, const char *end) -+{ -+ char *tmp = grub_strndup(start, end - start + 1); -+ const char *field = tmp; -+ int term = is_var ? 2 : 1; -+ -+ if (is_var) { -+ field = grub_env_get (tmp); -+ if (!field) -+ return buffer; -+ } -+ -+ if (!buffer) -+ buffer = grub_zalloc (grub_strlen(field) + term); -+ else -+ buffer = grub_realloc (buffer, grub_strlen(buffer) + grub_strlen(field) + term); -+ -+ if (!buffer) -+ return NULL; -+ -+ tmp = buffer + grub_strlen(buffer); -+ tmp = grub_stpcpy (tmp, field); -+ -+ if (is_var) -+ tmp = grub_stpcpy (tmp, " "); -+ -+ return buffer; -+} -+ -+static char *expand_val(const char *value) -+{ -+ char *buffer = NULL; -+ const char *start = value; -+ const char *end = value; -+ bool is_var = false; -+ -+ if (!value) -+ return NULL; -+ -+ while (*value) { -+ if (*value == '$') { -+ if (start != end) { -+ buffer = field_append(is_var, buffer, start, end); -+ if (!buffer) -+ return NULL; -+ } -+ -+ is_var = true; -+ start = value + 1; -+ } else if (is_var) { -+ if (!grub_isalnum(*value) && *value != '_') { -+ buffer = field_append(is_var, buffer, start, end); -+ is_var = false; -+ start = value; -+ if (*start == ' ') -+ start++; -+ } -+ } -+ -+ end = value; -+ value++; -+ } -+ -+ if (start != end) { -+ buffer = field_append(is_var, buffer, start, end); -+ if (!buffer) -+ return NULL; -+ } -+ -+ return buffer; -+} -+ -+static char **early_initrd_list (const char *initrd) -+{ -+ int nlist = 0; -+ char **list = NULL; -+ char *separator; -+ -+ while ((separator = grub_strchr (initrd, ' '))) -+ { -+ list = grub_realloc (list, (nlist + 2) * sizeof (char *)); -+ if (!list) -+ return NULL; -+ -+ list[nlist++] = grub_strndup(initrd, separator - initrd); -+ list[nlist] = NULL; -+ initrd = separator + 1; -+ } -+ -+ list = grub_realloc (list, (nlist + 2) * sizeof (char *)); -+ if (!list) -+ return NULL; -+ -+ list[nlist++] = grub_strndup(initrd, grub_strlen(initrd)); -+ list[nlist] = NULL; -+ -+ return list; -+} -+ -+static void create_entry (struct bls_entry *entry) -+{ -+ int argc = 0; -+ const char **argv = NULL; -+ -+ char *title = NULL; -+ char *clinux = NULL; -+ char *options = NULL; -+ char **initrds = NULL; -+ char *initrd = NULL; -+ const char *early_initrd = NULL; -+ char **early_initrds = NULL; -+ char *initrd_prefix = NULL; -+ char *devicetree = NULL; -+ char *dt = NULL; -+ char *id = entry->filename; -+ char *dotconf = id; -+ char *hotkey = NULL; -+ -+ char *users = NULL; -+ char **classes = NULL; -+ -+ char **args = NULL; -+ -+ char *src = NULL; -+ int i, index; -+ bool add_dt_prefix = false; -+ -+ grub_dprintf("blscfg", "%s got here\n", __func__); -+ clinux = bls_get_val (entry, "linux", NULL); -+ if (!clinux) -+ { -+ grub_dprintf ("blscfg", "Skipping file %s with no 'linux' key.\n", entry->filename); -+ goto finish; -+ } -+ -+ /* -+ * strip the ".conf" off the end before we make it our "id" field. -+ */ -+ do -+ { -+ dotconf = grub_strstr(dotconf, ".conf"); -+ } while (dotconf != NULL && dotconf[5] != '\0'); -+ if (dotconf) -+ dotconf[0] = '\0'; -+ -+ title = bls_get_val (entry, "title", NULL); -+ options = expand_val (bls_get_val (entry, "options", NULL)); -+ -+ if (!options) -+ options = expand_val (grub_env_get("default_kernelopts")); -+ -+ initrds = bls_make_list (entry, "initrd", NULL); -+ -+ devicetree = expand_val (bls_get_val (entry, "devicetree", NULL)); -+ -+ if (!devicetree) -+ { -+ devicetree = expand_val (grub_env_get("devicetree")); -+ add_dt_prefix = true; -+ } -+ -+ hotkey = bls_get_val (entry, "grub_hotkey", NULL); -+ users = expand_val (bls_get_val (entry, "grub_users", NULL)); -+ classes = bls_make_list (entry, "grub_class", NULL); -+ args = bls_make_list (entry, "grub_arg", &argc); -+ -+ argc += 1; -+ argv = grub_malloc ((argc + 1) * sizeof (char *)); -+ argv[0] = title ? title : clinux; -+ for (i = 1; i < argc; i++) -+ argv[i] = args[i-1]; -+ argv[argc] = NULL; -+ -+ early_initrd = grub_env_get("early_initrd"); -+ -+ grub_dprintf ("blscfg", "adding menu entry for \"%s\" with id \"%s\"\n", -+ title, id); -+ if (early_initrd) -+ { -+ early_initrds = early_initrd_list(early_initrd); -+ if (!early_initrds) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto finish; -+ } -+ -+ if (initrds != NULL && initrds[0] != NULL) -+ { -+ initrd_prefix = grub_strrchr (initrds[0], '/'); -+ initrd_prefix = grub_strndup(initrds[0], initrd_prefix - initrds[0] + 1); -+ } -+ else -+ { -+ initrd_prefix = grub_strrchr (clinux, '/'); -+ initrd_prefix = grub_strndup(clinux, initrd_prefix - clinux + 1); -+ } -+ -+ if (!initrd_prefix) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto finish; -+ } -+ } -+ -+ if (early_initrds || initrds) -+ { -+ int initrd_size = sizeof ("initrd"); -+ char *tmp; -+ -+ for (i = 0; early_initrds != NULL && early_initrds[i] != NULL; i++) -+ initrd_size += sizeof (" " GRUB_BOOT_DEVICE) \ -+ + grub_strlen(initrd_prefix) \ -+ + grub_strlen (early_initrds[i]) + 1; -+ -+ for (i = 0; initrds != NULL && initrds[i] != NULL; i++) -+ initrd_size += sizeof (" " GRUB_BOOT_DEVICE) \ -+ + grub_strlen (initrds[i]) + 1; -+ initrd_size += 1; -+ -+ initrd = grub_malloc (initrd_size); -+ if (!initrd) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto finish; -+ } -+ -+ tmp = grub_stpcpy(initrd, "initrd"); -+ for (i = 0; early_initrds != NULL && early_initrds[i] != NULL; i++) -+ { -+ grub_dprintf ("blscfg", "adding early initrd %s\n", early_initrds[i]); -+ tmp = grub_stpcpy (tmp, " " GRUB_BOOT_DEVICE); -+ tmp = grub_stpcpy (tmp, initrd_prefix); -+ tmp = grub_stpcpy (tmp, early_initrds[i]); -+ grub_free(early_initrds[i]); -+ } -+ -+ for (i = 0; initrds != NULL && initrds[i] != NULL; i++) -+ { -+ grub_dprintf ("blscfg", "adding initrd %s\n", initrds[i]); -+ tmp = grub_stpcpy (tmp, " " GRUB_BOOT_DEVICE); -+ tmp = grub_stpcpy (tmp, initrds[i]); -+ } -+ tmp = grub_stpcpy (tmp, "\n"); -+ } -+ -+ if (devicetree) -+ { -+ char *prefix = NULL; -+ int dt_size; -+ -+ if (add_dt_prefix) -+ { -+ prefix = grub_strrchr (clinux, '/'); -+ prefix = grub_strndup(clinux, prefix - clinux + 1); -+ if (!prefix) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto finish; -+ } -+ } -+ -+ dt_size = sizeof("devicetree " GRUB_BOOT_DEVICE) + grub_strlen(devicetree) + 1; -+ -+ if (add_dt_prefix) -+ { -+ dt_size += grub_strlen(prefix); -+ } -+ -+ dt = grub_malloc (dt_size); -+ if (!dt) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto finish; -+ } -+ char *tmp = dt; -+ tmp = grub_stpcpy (dt, "devicetree"); -+ tmp = grub_stpcpy (tmp, " " GRUB_BOOT_DEVICE); -+ if (add_dt_prefix) -+ tmp = grub_stpcpy (tmp, prefix); -+ tmp = grub_stpcpy (tmp, devicetree); -+ tmp = grub_stpcpy (tmp, "\n"); -+ -+ grub_free(prefix); -+ } -+ -+ grub_dprintf ("blscfg2", "devicetree %s for id:\"%s\"\n", dt, id); -+ -+ const char *sdval = grub_env_get("save_default"); -+ bool savedefault = ((NULL != sdval) && (grub_strcmp(sdval, "true") == 0)); -+ src = grub_xasprintf ("%sload_video\n" -+ "set gfxpayload=keep\n" -+ "insmod gzio\n" -+ "linux %s%s%s%s\n" -+ "%s%s", -+ savedefault ? "savedefault\n" : "", -+ GRUB_BOOT_DEVICE, clinux, options ? " " : "", options ? options : "", -+ initrd ? initrd : "", dt ? dt : ""); -+ -+ grub_normal_add_menu_entry (argc, argv, classes, id, users, hotkey, NULL, src, 0, &index, entry); -+ grub_dprintf ("blscfg", "Added entry %d id:\"%s\"\n", index, id); -+ -+finish: -+ grub_free (dt); -+ grub_free (initrd); -+ grub_free (initrd_prefix); -+ grub_free (early_initrds); -+ grub_free (devicetree); -+ grub_free (initrds); -+ grub_free (options); -+ grub_free (classes); -+ grub_free (args); -+ grub_free (argv); -+ grub_free (src); -+} -+ -+struct find_entry_info { -+ const char *dirname; -+ const char *devid; -+ grub_device_t dev; -+ grub_fs_t fs; -+}; -+ -+/* -+ * info: the filesystem object the file is on. -+ */ -+static int find_entry (struct find_entry_info *info) -+{ -+ struct read_entry_info read_entry_info; -+ grub_fs_t blsdir_fs = NULL; -+ grub_device_t blsdir_dev = NULL; -+ const char *blsdir = info->dirname; -+ int fallback = 0; -+ int r = 0; -+ -+ if (!blsdir) { -+ blsdir = grub_env_get ("blsdir"); -+ if (!blsdir) -+ blsdir = GRUB_BLS_CONFIG_PATH; -+ } -+ -+ read_entry_info.file = NULL; -+ read_entry_info.dirname = blsdir; -+ -+ grub_dprintf ("blscfg", "scanning blsdir: %s\n", blsdir); -+ -+ blsdir_dev = info->dev; -+ blsdir_fs = info->fs; -+ read_entry_info.devid = info->devid; -+ -+read_fallback: -+ r = blsdir_fs->fs_dir (blsdir_dev, read_entry_info.dirname, read_entry, -+ &read_entry_info); -+ if (r != 0) { -+ grub_dprintf ("blscfg", "read_entry returned error\n"); -+ grub_err_t e; -+ do -+ { -+ e = grub_error_pop(); -+ } while (e); -+ } -+ -+ if (r && !info->dirname && !fallback) { -+ read_entry_info.dirname = "/boot" GRUB_BLS_CONFIG_PATH; -+ grub_dprintf ("blscfg", "Entries weren't found in %s, fallback to %s\n", -+ blsdir, read_entry_info.dirname); -+ fallback = 1; -+ goto read_fallback; -+ } -+ -+ return 0; -+} -+ -+static grub_err_t -+bls_load_entries (const char *path) -+{ -+ grub_size_t len; -+ grub_fs_t fs; -+ grub_device_t dev; -+ static grub_err_t r; -+ const char *devid = NULL; -+ char *blsdir = NULL; -+ struct find_entry_info info = { -+ .dev = NULL, -+ .fs = NULL, -+ .dirname = NULL, -+ }; -+ struct read_entry_info rei = { -+ .devid = NULL, -+ .dirname = NULL, -+ }; -+ -+ if (path) { -+ len = grub_strlen (path); -+ if (grub_strcmp (path + len - 5, ".conf") == 0) { -+ rei.file = grub_file_open (path, GRUB_FILE_TYPE_CONFIG); -+ if (!rei.file) -+ return grub_errno; -+ /* -+ * read_entry() closes the file -+ */ -+ return read_entry(path, NULL, &rei); -+ } else if (path[0] == '(') { -+ devid = path + 1; -+ -+ blsdir = grub_strchr (path, ')'); -+ if (!blsdir) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("Filepath isn't correct")); -+ -+ *blsdir = '\0'; -+ blsdir = blsdir + 1; -+ } -+ } -+ -+ if (!devid) { -+#ifdef GRUB_MACHINE_EMU -+ devid = "host"; -+#else -+ devid = grub_env_get ("root"); -+#endif -+ if (!devid) -+ return grub_error (GRUB_ERR_FILE_NOT_FOUND, -+ N_("variable `%s' isn't set"), "root"); -+ } -+ -+ grub_dprintf ("blscfg", "opening %s\n", devid); -+ dev = grub_device_open (devid); -+ if (!dev) -+ return grub_errno; -+ -+ grub_dprintf ("blscfg", "probing fs\n"); -+ fs = grub_fs_probe (dev); -+ if (!fs) -+ { -+ r = grub_errno; -+ goto finish; -+ } -+ -+ info.dirname = blsdir; -+ info.devid = devid; -+ info.dev = dev; -+ info.fs = fs; -+ find_entry(&info); -+ -+finish: -+ if (dev) -+ grub_device_close (dev); -+ -+ return r; -+} -+ -+static bool -+is_default_entry(const char *def_entry, struct bls_entry *entry, int idx) -+{ -+ const char *title; -+ int def_idx; -+ -+ if (!def_entry) -+ return false; -+ -+ if (grub_strcmp(def_entry, entry->filename) == 0) -+ return true; -+ -+ title = bls_get_val(entry, "title", NULL); -+ -+ if (title && grub_strcmp(def_entry, title) == 0) -+ return true; -+ -+ def_idx = (int)grub_strtol(def_entry, NULL, 0); -+ if (grub_errno == GRUB_ERR_BAD_NUMBER) { -+ grub_errno = GRUB_ERR_NONE; -+ return false; -+ } -+ -+ if (def_idx == idx) -+ return true; -+ -+ return false; -+} -+ -+static grub_err_t -+bls_create_entries (bool show_default, bool show_non_default, char *entry_id) -+{ -+ const char *def_entry = NULL; -+ struct bls_entry *entry = NULL; -+ int idx = 0; -+ -+ def_entry = grub_env_get("default"); -+ -+ grub_dprintf ("blscfg", "%s Creating entries from bls\n", __func__); -+ FOR_BLS_ENTRIES(entry) { -+ if (entry->visible) { -+ idx++; -+ continue; -+ } -+ -+ if ((show_default && is_default_entry(def_entry, entry, idx)) || -+ (show_non_default && !is_default_entry(def_entry, entry, idx)) || -+ (entry_id && grub_strcmp(entry_id, entry->filename) == 0)) { -+ create_entry(entry); -+ entry->visible = 1; -+ } -+ idx++; -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_blscfg (grub_extcmd_context_t ctxt UNUSED, -+ int argc, char **args) -+{ -+ grub_err_t r; -+ char *path = NULL; -+ char *entry_id = NULL; -+ bool show_default = true; -+ bool show_non_default = true; -+ -+ if (argc == 1) { -+ if (grub_strcmp (args[0], "default") == 0) { -+ show_non_default = false; -+ } else if (grub_strcmp (args[0], "non-default") == 0) { -+ show_default = false; -+ } else if (args[0][0] == '(') { -+ path = args[0]; -+ } else { -+ entry_id = args[0]; -+ show_default = false; -+ show_non_default = false; -+ } -+ } -+ -+ r = bls_load_entries(path); -+ if (r) -+ return r; -+ -+ return bls_create_entries(show_default, show_non_default, entry_id); -+} -+ -+static grub_extcmd_t cmd; -+static grub_extcmd_t oldcmd; -+ -+GRUB_MOD_INIT(blscfg) -+{ -+ grub_dprintf("blscfg", "%s got here\n", __func__); -+ cmd = grub_register_extcmd ("blscfg", -+ grub_cmd_blscfg, -+ 0, -+ NULL, -+ N_("Import Boot Loader Specification snippets."), -+ NULL); -+ oldcmd = grub_register_extcmd ("bls_import", -+ grub_cmd_blscfg, -+ 0, -+ NULL, -+ N_("Import Boot Loader Specification snippets."), -+ NULL); -+} -+ -+GRUB_MOD_FINI(blscfg) -+{ -+ grub_unregister_extcmd (cmd); -+ grub_unregister_extcmd (oldcmd); -+} -diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c -index cc5971f4dbd..782761c31aa 100644 ---- a/grub-core/commands/legacycfg.c -+++ b/grub-core/commands/legacycfg.c -@@ -143,7 +143,7 @@ legacy_file (const char *filename) - args[0] = oldname; - grub_normal_add_menu_entry (1, args, NULL, NULL, "legacy", - NULL, NULL, -- entrysrc, 0); -+ entrysrc, 0, NULL, NULL); - grub_free (args); - entrysrc[0] = 0; - grub_free (oldname); -@@ -205,7 +205,8 @@ legacy_file (const char *filename) - } - args[0] = entryname; - grub_normal_add_menu_entry (1, args, NULL, NULL, NULL, -- NULL, NULL, entrysrc, 0); -+ NULL, NULL, entrysrc, 0, NULL, -+ NULL); - grub_free (args); - } - -diff --git a/grub-core/commands/loadenv.c b/grub-core/commands/loadenv.c -index 3fd664aac33..163b9a09042 100644 ---- a/grub-core/commands/loadenv.c -+++ b/grub-core/commands/loadenv.c -@@ -28,6 +28,8 @@ - #include - #include - -+#include "loadenv.h" -+ - GRUB_MOD_LICENSE ("GPLv3+"); - - static const struct grub_arg_option options[] = -@@ -79,81 +81,6 @@ open_envblk_file (char *filename, - return file; - } - --static grub_envblk_t --read_envblk_file (grub_file_t file) --{ -- grub_off_t offset = 0; -- char *buf; -- grub_size_t size = grub_file_size (file); -- grub_envblk_t envblk; -- -- buf = grub_malloc (size); -- if (! buf) -- return 0; -- -- while (size > 0) -- { -- grub_ssize_t ret; -- -- ret = grub_file_read (file, buf + offset, size); -- if (ret <= 0) -- { -- grub_free (buf); -- return 0; -- } -- -- size -= ret; -- offset += ret; -- } -- -- envblk = grub_envblk_open (buf, offset); -- if (! envblk) -- { -- grub_free (buf); -- grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid environment block"); -- return 0; -- } -- -- return envblk; --} -- --struct grub_env_whitelist --{ -- grub_size_t len; -- char **list; --}; --typedef struct grub_env_whitelist grub_env_whitelist_t; -- --static int --test_whitelist_membership (const char* name, -- const grub_env_whitelist_t* whitelist) --{ -- grub_size_t i; -- -- for (i = 0; i < whitelist->len; i++) -- if (grub_strcmp (name, whitelist->list[i]) == 0) -- return 1; /* found it */ -- -- return 0; /* not found */ --} -- --/* Helper for grub_cmd_load_env. */ --static int --set_var (const char *name, const char *value, void *whitelist) --{ -- if (! whitelist) -- { -- grub_env_set (name, value); -- return 0; -- } -- -- if (test_whitelist_membership (name, -- (const grub_env_whitelist_t *) whitelist)) -- grub_env_set (name, value); -- -- return 0; --} -- - static grub_err_t - grub_cmd_load_env (grub_extcmd_context_t ctxt, int argc, char **args) - { -diff --git a/grub-core/commands/menuentry.c b/grub-core/commands/menuentry.c -index 720e6d8ea3b..b194123eb67 100644 ---- a/grub-core/commands/menuentry.c -+++ b/grub-core/commands/menuentry.c -@@ -78,7 +78,7 @@ grub_normal_add_menu_entry (int argc, const char **args, - char **classes, const char *id, - const char *users, const char *hotkey, - const char *prefix, const char *sourcecode, -- int submenu) -+ int submenu, int *index, struct bls_entry *bls) - { - int menu_hotkey = 0; - char **menu_args = NULL; -@@ -149,9 +149,12 @@ grub_normal_add_menu_entry (int argc, const char **args, - if (! menu_title) - goto fail; - -+ grub_dprintf ("menu", "id:\"%s\"\n", id); -+ grub_dprintf ("menu", "title:\"%s\"\n", menu_title); - menu_id = grub_strdup (id ? : menu_title); - if (! menu_id) - goto fail; -+ grub_dprintf ("menu", "menu_id:\"%s\"\n", menu_id); - - /* Save argc, args to pass as parameters to block arg later. */ - menu_args = grub_calloc (argc + 1, sizeof (char *)); -@@ -170,8 +173,12 @@ grub_normal_add_menu_entry (int argc, const char **args, - } - - /* Add the menu entry at the end of the list. */ -+ int ind=0; - while (*last) -- last = &(*last)->next; -+ { -+ ind++; -+ last = &(*last)->next; -+ } - - *last = grub_zalloc (sizeof (**last)); - if (! *last) -@@ -188,8 +195,11 @@ grub_normal_add_menu_entry (int argc, const char **args, - (*last)->args = menu_args; - (*last)->sourcecode = menu_sourcecode; - (*last)->submenu = submenu; -+ (*last)->bls = bls; - - menu->size++; -+ if (index) -+ *index = ind; - return GRUB_ERR_NONE; - - fail: -@@ -286,7 +296,8 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args) - users, - ctxt->state[2].arg, 0, - ctxt->state[3].arg, -- ctxt->extcmd->cmd->name[0] == 's'); -+ ctxt->extcmd->cmd->name[0] == 's', -+ NULL, NULL); - - src = args[argc - 1]; - args[argc - 1] = NULL; -@@ -303,7 +314,8 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args) - ctxt->state[0].args, ctxt->state[4].arg, - users, - ctxt->state[2].arg, prefix, src + 1, -- ctxt->extcmd->cmd->name[0] == 's'); -+ ctxt->extcmd->cmd->name[0] == 's', NULL, -+ NULL); - - src[len - 1] = ch; - args[argc - 1] = src; -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 62571e6dfcc..7ca2e5400b1 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -21,6 +21,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -70,6 +71,11 @@ grub_normal_free_menu (grub_menu_t menu) - grub_free (entry->args); - } - -+ if (entry->bls) -+ { -+ entry->bls->visible = 0; -+ } -+ - grub_free ((void *) entry->id); - grub_free ((void *) entry->users); - grub_free ((void *) entry->title); -diff --git a/grub-core/commands/loadenv.h b/grub-core/commands/loadenv.h -new file mode 100644 -index 00000000000..952f46121bd ---- /dev/null -+++ b/grub-core/commands/loadenv.h -@@ -0,0 +1,93 @@ -+/* loadenv.c - command to load/save environment variable. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2008,2009,2010 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+static grub_envblk_t UNUSED -+read_envblk_file (grub_file_t file) -+{ -+ grub_off_t offset = 0; -+ char *buf; -+ grub_size_t size = grub_file_size (file); -+ grub_envblk_t envblk; -+ -+ buf = grub_malloc (size); -+ if (! buf) -+ return 0; -+ -+ while (size > 0) -+ { -+ grub_ssize_t ret; -+ -+ ret = grub_file_read (file, buf + offset, size); -+ if (ret <= 0) -+ { -+ grub_free (buf); -+ return 0; -+ } -+ -+ size -= ret; -+ offset += ret; -+ } -+ -+ envblk = grub_envblk_open (buf, offset); -+ if (! envblk) -+ { -+ grub_free (buf); -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid environment block"); -+ return 0; -+ } -+ -+ return envblk; -+} -+ -+struct grub_env_whitelist -+{ -+ grub_size_t len; -+ char **list; -+}; -+typedef struct grub_env_whitelist grub_env_whitelist_t; -+ -+static int UNUSED -+test_whitelist_membership (const char* name, -+ const grub_env_whitelist_t* whitelist) -+{ -+ grub_size_t i; -+ -+ for (i = 0; i < whitelist->len; i++) -+ if (grub_strcmp (name, whitelist->list[i]) == 0) -+ return 1; /* found it */ -+ -+ return 0; /* not found */ -+} -+ -+/* Helper for grub_cmd_load_env. */ -+static int UNUSED -+set_var (const char *name, const char *value, void *whitelist) -+{ -+ if (! whitelist) -+ { -+ grub_env_set (name, value); -+ return 0; -+ } -+ -+ if (test_whitelist_membership (name, -+ (const grub_env_whitelist_t *) whitelist)) -+ grub_env_set (name, value); -+ -+ return 0; -+} -diff --git a/include/grub/compiler.h b/include/grub/compiler.h -index 8f3be3ae706..ebafec68957 100644 ---- a/include/grub/compiler.h -+++ b/include/grub/compiler.h -@@ -56,4 +56,6 @@ - # define CLANG_PREREQ(maj,min) 0 - #endif - -+#define UNUSED __attribute__((__unused__)) -+ - #endif /* ! GRUB_COMPILER_HEADER */ -diff --git a/include/grub/menu.h b/include/grub/menu.h -index ee2b5e91045..0acdc2aa6bf 100644 ---- a/include/grub/menu.h -+++ b/include/grub/menu.h -@@ -20,6 +20,16 @@ - #ifndef GRUB_MENU_HEADER - #define GRUB_MENU_HEADER 1 - -+struct bls_entry -+{ -+ struct bls_entry *next; -+ struct bls_entry *prev; -+ struct keyval **keyvals; -+ int nkeyvals; -+ char *filename; -+ int visible; -+}; -+ - struct grub_menu_entry_class - { - char *name; -@@ -60,6 +70,9 @@ struct grub_menu_entry - - /* The next element. */ - struct grub_menu_entry *next; -+ -+ /* BLS used to populate the entry */ -+ struct bls_entry *bls; - }; - typedef struct grub_menu_entry *grub_menu_entry_t; - -diff --git a/include/grub/normal.h b/include/grub/normal.h -index 218cbabccaf..8839ad85a19 100644 ---- a/include/grub/normal.h -+++ b/include/grub/normal.h -@@ -145,7 +145,7 @@ grub_normal_add_menu_entry (int argc, const char **args, char **classes, - const char *id, - const char *users, const char *hotkey, - const char *prefix, const char *sourcecode, -- int submenu); -+ int submenu, int *index, struct bls_entry *bls); - - grub_err_t - grub_normal_set_password (const char *user, const char *password); diff --git a/0022-Add-devicetree-loading.patch b/0022-Add-devicetree-loading.patch deleted file mode 100644 index c0728a9890ea370610275f3d83e61e635c393eab..0000000000000000000000000000000000000000 --- a/0022-Add-devicetree-loading.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 14 Jan 2014 13:12:23 -0500 -Subject: [PATCH] Add devicetree loading - -Signed-off-by: Peter Jones - -Switch to use APM Mustang device tree, for hardware testing. - -Signed-off-by: David A. Marlin - -Use the default device tree from the grub default file - -instead of hardcoding a value. - -Signed-off-by: David A. Marlin ---- - util/grub-mkconfig.in | 3 ++- - util/grub.d/10_linux.in | 15 +++++++++++++++ - 2 files changed, 17 insertions(+), 1 deletion(-) - -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index d3e879b8e5c..8ea2315ebc2 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -248,7 +248,8 @@ export GRUB_DEFAULT \ - GRUB_ENABLE_CRYPTODISK \ - GRUB_BADRAM \ - GRUB_OS_PROBER_SKIP_LIST \ -- GRUB_DISABLE_SUBMENU -+ GRUB_DISABLE_SUBMENU \ -+ GRUB_DEFAULT_DTB - - if test "x${grub_cfg}" != "x"; then - rm -f "${grub_cfg}.new" -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index e8b01c0d0c7..dc75a1c30bf 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -153,6 +153,13 @@ EOF - sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' - initrd $(echo $initrd_path) -+EOF -+ fi -+ if test -n "${fdt}" ; then -+ message="$(gettext_printf "Loading fdt ...")" -+ sed "s/^/$submenu_indentation/" << EOF -+ echo '$(echo "$message" | grub_quote)' -+ devicetree ${rel_dirname}/${fdt} - EOF - fi - sed "s/^/$submenu_indentation/" << EOF -@@ -236,6 +243,14 @@ while [ "x$list" != "x" ] ; do - gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 - fi - -+ fdt= -+ for i in "dtb-${version}" "dtb-${alt_version}"; do -+ if test -f "${dirname}/${i}/${GRUB_DEFAULT_DTB}" ; then -+ fdt="${i}/${GRUB_DEFAULT_DTB}" -+ break -+ fi -+ done -+ - config= - for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do - if test -e "${i}" ; then diff --git a/0023-Enable-pager-by-default.-985860.patch b/0023-Enable-pager-by-default.-985860.patch deleted file mode 100644 index d92fbcc79a6b59f5b28483289647757b5e880c5b..0000000000000000000000000000000000000000 --- a/0023-Enable-pager-by-default.-985860.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 28 Oct 2013 10:09:27 -0400 -Subject: [PATCH] Enable pager by default. (#985860) - -Signed-off-by: Peter Jones ---- - util/grub.d/00_header.in | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/util/grub.d/00_header.in b/util/grub.d/00_header.in -index 93a90233ead..858b526c925 100644 ---- a/util/grub.d/00_header.in -+++ b/util/grub.d/00_header.in -@@ -43,6 +43,8 @@ if [ "x${GRUB_DEFAULT_BUTTON}" = "xsaved" ] ; then GRUB_DEFAULT_BUTTON='${saved_ - if [ "x${GRUB_TIMEOUT_BUTTON}" = "x" ] ; then GRUB_TIMEOUT_BUTTON="$GRUB_TIMEOUT" ; fi - - cat << EOF -+set pager=1 -+ - if [ -s \$prefix/grubenv ]; then - load_env - fi diff --git a/0024-Don-t-say-GNU-Linux-in-generated-menus.patch b/0024-Don-t-say-GNU-Linux-in-generated-menus.patch deleted file mode 100644 index f28809503b8bb177aedd17918869258a62e1dc0e..0000000000000000000000000000000000000000 --- a/0024-Don-t-say-GNU-Linux-in-generated-menus.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 14 Mar 2011 14:27:42 -0400 -Subject: [PATCH] Don't say "GNU/Linux" in generated menus. - ---- - util/grub.d/10_linux.in | 4 ++-- - util/grub.d/20_linux_xen.in | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index dc75a1c30bf..4a499c53a61 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@" - CLASS="--class gnu-linux --class gnu --class os" - - if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then -- OS=GNU/Linux -+ OS="$(sed 's, release .*$,,g' /etc/system-release)" - else -- OS="${GRUB_DISTRIBUTOR} GNU/Linux" -+ OS="${GRUB_DISTRIBUTOR}" - CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}" - fi - -diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in -index 3b1f4704921..ada20775a14 100644 ---- a/util/grub.d/20_linux_xen.in -+++ b/util/grub.d/20_linux_xen.in -@@ -29,9 +29,9 @@ export TEXTDOMAINDIR="@localedir@" - CLASS="--class gnu-linux --class gnu --class os --class xen" - - if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then -- OS=GNU/Linux -+ OS="$(sed 's, release .*$,,g' /etc/system-release)" - else -- OS="${GRUB_DISTRIBUTOR} GNU/Linux" -+ OS="${GRUB_DISTRIBUTOR}" - CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}" - fi - diff --git a/0025-Add-.eh_frame-to-list-of-relocations-stripped.patch b/0025-Add-.eh_frame-to-list-of-relocations-stripped.patch deleted file mode 100644 index ed48c5c7fe0b41c4a00c7611109ec8ee91223f41..0000000000000000000000000000000000000000 --- a/0025-Add-.eh_frame-to-list-of-relocations-stripped.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Fedora Ninjas -Date: Mon, 13 Jan 2014 21:50:59 -0500 -Subject: [PATCH] Add .eh_frame to list of relocations stripped - ---- - conf/Makefile.common | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 2a1a886f6d5..191b1a70c6b 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -38,7 +38,7 @@ CFLAGS_KERNEL = $(CFLAGS_PLATFORM) -ffreestanding - LDFLAGS_KERNEL = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) - CPPFLAGS_KERNEL = $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) -DGRUB_KERNEL=1 - CCASFLAGS_KERNEL = $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) --STRIPFLAGS_KERNEL = -R .rel.dyn -R .reginfo -R .note -R .comment -R .drectve -R .note.gnu.gold-version -R .MIPS.abiflags -R .ARM.exidx -+STRIPFLAGS_KERNEL = -R .eh_frame -R .rel.dyn -R .reginfo -R .note -R .comment -R .drectve -R .note.gnu.gold-version -R .MIPS.abiflags -R .ARM.exidx - - CFLAGS_MODULE = $(CFLAGS_PLATFORM) -ffreestanding - LDFLAGS_MODULE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d diff --git a/0026-Don-t-require-a-password-to-boot-entries-generated-b.patch b/0026-Don-t-require-a-password-to-boot-entries-generated-b.patch deleted file mode 100644 index ac9475e3f469b43cd7826c1f55b19439b87067f2..0000000000000000000000000000000000000000 --- a/0026-Don-t-require-a-password-to-boot-entries-generated-b.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 11 Feb 2014 11:14:50 -0500 -Subject: [PATCH] Don't require a password to boot entries generated by - grub-mkconfig. - -When we set a password, we just want that to mean you can't /edit/ an entry. - -Resolves: rhbz#1030176 - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 4a499c53a61..cf8d1186981 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -26,7 +26,7 @@ datarootdir="@datarootdir@" - export TEXTDOMAIN=@PACKAGE@ - export TEXTDOMAINDIR="@localedir@" - --CLASS="--class gnu-linux --class gnu --class os" -+CLASS="--class gnu-linux --class gnu --class os --unrestricted" - - if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then - OS="$(sed 's, release .*$,,g' /etc/system-release)" diff --git a/0027-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch b/0027-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch deleted file mode 100644 index daa6fae0742d89d1f4cd3c58f0b9c4a80dad388c..0000000000000000000000000000000000000000 --- a/0027-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch +++ /dev/null @@ -1,1959 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 4 Mar 2014 11:00:23 -0500 -Subject: [PATCH] Replace a lot of man pages with slightly nicer ones. - -Replace a bunch of machine generated ones with ones that look nicer. ---- - configure.ac | 23 ++++++ - conf/Makefile.extra-dist | 1 - - docs/Makefile.am | 2 - - docs/man/grub-bios-setup.h2m | 6 -- - docs/man/grub-editenv.h2m | 5 -- - docs/man/grub-emu.h2m | 6 -- - docs/man/grub-file.h2m | 2 - - docs/man/grub-fstest.h2m | 4 - - docs/man/grub-glue-efi.h2m | 4 - - docs/man/grub-install.h2m | 6 -- - docs/man/grub-kbdcomp.h2m | 10 --- - docs/man/grub-macbless.h2m | 4 - - docs/man/grub-macho2img.h2m | 4 - - docs/man/grub-menulst2cfg.h2m | 4 - - docs/man/grub-mkconfig.h2m | 4 - - docs/man/grub-mkfont.h2m | 4 - - docs/man/grub-mkimage.h2m | 6 -- - docs/man/grub-mklayout.h2m | 10 --- - docs/man/grub-mknetdir.h2m | 4 - - docs/man/grub-mkpasswd-pbkdf2.h2m | 4 - - docs/man/grub-mkrelpath.h2m | 4 - - docs/man/grub-mkrescue.h2m | 4 - - docs/man/grub-mkstandalone.h2m | 4 - - docs/man/grub-mount.h2m | 2 - - docs/man/grub-ofpathname.h2m | 4 - - docs/man/grub-pe2elf.h2m | 4 - - docs/man/grub-probe.h2m | 4 - - docs/man/grub-reboot.h2m | 5 -- - docs/man/grub-render-label.h2m | 3 - - docs/man/grub-script-check.h2m | 4 - - docs/man/grub-set-default.h2m | 5 -- - docs/man/grub-sparc64-setup.h2m | 6 -- - docs/man/grub-syslinux2cfg.h2m | 4 - - gentpl.py | 5 +- - util/grub-bios-setup.8 | 54 +++++++++++++ - util/grub-editenv.1 | 46 +++++++++++ - util/grub-file.1 | 165 ++++++++++++++++++++++++++++++++++++++ - util/grub-fstest.1 | 99 +++++++++++++++++++++++ - util/grub-glue-efi.1 | 31 +++++++ - util/grub-install.8 | 128 +++++++++++++++++++++++++++++ - util/grub-kbdcomp.1 | 19 +++++ - util/grub-macbless.1 | 22 +++++ - util/grub-menulst2cfg.1 | 12 +++ - util/grub-mkconfig.8 | 17 ++++ - util/grub-mkfont.1 | 87 ++++++++++++++++++++ - util/grub-mkimage.1 | 95 ++++++++++++++++++++++ - util/grub-mklayout.1 | 27 +++++++ - util/grub-mknetdir.1 | 12 +++ - util/grub-mkpasswd-pbkdf2.1 | 27 +++++++ - util/grub-mkrelpath.1 | 12 +++ - util/grub-mkrescue.1 | 123 ++++++++++++++++++++++++++++ - util/grub-mkstandalone.1 | 100 +++++++++++++++++++++++ - util/grub-ofpathname.8 | 12 +++ - util/grub-probe.8 | 80 ++++++++++++++++++ - util/grub-reboot.8 | 21 +++++ - util/grub-render-label.1 | 51 ++++++++++++ - util/grub-script-check.1 | 21 +++++ - util/grub-set-default.8 | 21 +++++ - util/grub-sparc64-setup.8 | 12 +++ - 59 files changed, 1318 insertions(+), 147 deletions(-) - delete mode 100644 docs/man/grub-bios-setup.h2m - delete mode 100644 docs/man/grub-editenv.h2m - delete mode 100644 docs/man/grub-emu.h2m - delete mode 100644 docs/man/grub-file.h2m - delete mode 100644 docs/man/grub-fstest.h2m - delete mode 100644 docs/man/grub-glue-efi.h2m - delete mode 100644 docs/man/grub-install.h2m - delete mode 100644 docs/man/grub-kbdcomp.h2m - delete mode 100644 docs/man/grub-macbless.h2m - delete mode 100644 docs/man/grub-macho2img.h2m - delete mode 100644 docs/man/grub-menulst2cfg.h2m - delete mode 100644 docs/man/grub-mkconfig.h2m - delete mode 100644 docs/man/grub-mkfont.h2m - delete mode 100644 docs/man/grub-mkimage.h2m - delete mode 100644 docs/man/grub-mklayout.h2m - delete mode 100644 docs/man/grub-mknetdir.h2m - delete mode 100644 docs/man/grub-mkpasswd-pbkdf2.h2m - delete mode 100644 docs/man/grub-mkrelpath.h2m - delete mode 100644 docs/man/grub-mkrescue.h2m - delete mode 100644 docs/man/grub-mkstandalone.h2m - delete mode 100644 docs/man/grub-mount.h2m - delete mode 100644 docs/man/grub-ofpathname.h2m - delete mode 100644 docs/man/grub-pe2elf.h2m - delete mode 100644 docs/man/grub-probe.h2m - delete mode 100644 docs/man/grub-reboot.h2m - delete mode 100644 docs/man/grub-render-label.h2m - delete mode 100644 docs/man/grub-script-check.h2m - delete mode 100644 docs/man/grub-set-default.h2m - delete mode 100644 docs/man/grub-sparc64-setup.h2m - delete mode 100644 docs/man/grub-syslinux2cfg.h2m - create mode 100644 util/grub-bios-setup.8 - create mode 100644 util/grub-editenv.1 - create mode 100644 util/grub-file.1 - create mode 100644 util/grub-fstest.1 - create mode 100644 util/grub-glue-efi.1 - create mode 100644 util/grub-install.8 - create mode 100644 util/grub-kbdcomp.1 - create mode 100644 util/grub-macbless.1 - create mode 100644 util/grub-menulst2cfg.1 - create mode 100644 util/grub-mkconfig.8 - create mode 100644 util/grub-mkfont.1 - create mode 100644 util/grub-mkimage.1 - create mode 100644 util/grub-mklayout.1 - create mode 100644 util/grub-mknetdir.1 - create mode 100644 util/grub-mkpasswd-pbkdf2.1 - create mode 100644 util/grub-mkrelpath.1 - create mode 100644 util/grub-mkrescue.1 - create mode 100644 util/grub-mkstandalone.1 - create mode 100644 util/grub-ofpathname.8 - create mode 100644 util/grub-probe.8 - create mode 100644 util/grub-reboot.8 - create mode 100644 util/grub-render-label.1 - create mode 100644 util/grub-script-check.1 - create mode 100644 util/grub-set-default.8 - create mode 100644 util/grub-sparc64-setup.8 - -diff --git a/configure.ac b/configure.ac -index 8331f95b645..bec8535af70 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -77,6 +77,29 @@ grub_TRANSFORM([grub-set-default]) - grub_TRANSFORM([grub-sparc64-setup]) - grub_TRANSFORM([grub-render-label]) - grub_TRANSFORM([grub-file]) -+grub_TRANSFORM([grub-bios-setup.3]) -+grub_TRANSFORM([grub-editenv.1]) -+grub_TRANSFORM([grub-fstest.3]) -+grub_TRANSFORM([grub-glue-efi.3]) -+grub_TRANSFORM([grub-install.1]) -+grub_TRANSFORM([grub-kbdcomp.3]) -+grub_TRANSFORM([grub-menulst2cfg.1]) -+grub_TRANSFORM([grub-mkconfig.1]) -+grub_TRANSFORM([grub-mkfont.3]) -+grub_TRANSFORM([grub-mkimage.1]) -+grub_TRANSFORM([grub-mklayout.3]) -+grub_TRANSFORM([grub-mknetdir.3]) -+grub_TRANSFORM([grub-mkpasswd-pbkdf2.3]) -+grub_TRANSFORM([grub-mkrelpath.3]) -+grub_TRANSFORM([grub-mkrescue.1]) -+grub_TRANSFORM([grub-mkstandalone.3]) -+grub_TRANSFORM([grub-ofpathname.3]) -+grub_TRANSFORM([grub-probe.3]) -+grub_TRANSFORM([grub-reboot.3]) -+grub_TRANSFORM([grub-render-label.3]) -+grub_TRANSFORM([grub-script-check.3]) -+grub_TRANSFORM([grub-set-default.1]) -+grub_TRANSFORM([grub-sparc64-setup.3]) - - # Optimization flag. Allow user to override. - if test "x$TARGET_CFLAGS" = x; then -diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist -index 8f1485d52a5..b909f2c073a 100644 ---- a/conf/Makefile.extra-dist -+++ b/conf/Makefile.extra-dist -@@ -11,7 +11,6 @@ EXTRA_DIST += unicode - EXTRA_DIST += util/import_gcry.py - EXTRA_DIST += util/import_unicode.py - --EXTRA_DIST += docs/man - EXTRA_DIST += docs/autoiso.cfg - EXTRA_DIST += docs/grub.cfg - EXTRA_DIST += docs/osdetect.cfg -diff --git a/docs/Makefile.am b/docs/Makefile.am -index 93eb3962765..ab28f199694 100644 ---- a/docs/Makefile.am -+++ b/docs/Makefile.am -@@ -5,5 +5,3 @@ info_TEXINFOS = grub.texi grub-dev.texi - grub_TEXINFOS = fdl.texi - - EXTRA_DIST = font_char_metrics.png font_char_metrics.txt -- -- -diff --git a/docs/man/grub-bios-setup.h2m b/docs/man/grub-bios-setup.h2m -deleted file mode 100644 -index ac6ede36296..00000000000 ---- a/docs/man/grub-bios-setup.h2m -+++ /dev/null -@@ -1,6 +0,0 @@ --[NAME] --grub-bios-setup \- set up a device to boot using GRUB --[SEE ALSO] --.BR grub-install (8), --.BR grub-mkimage (1), --.BR grub-mkrescue (1) -diff --git a/docs/man/grub-editenv.h2m b/docs/man/grub-editenv.h2m -deleted file mode 100644 -index 3859d3d4c4f..00000000000 ---- a/docs/man/grub-editenv.h2m -+++ /dev/null -@@ -1,5 +0,0 @@ --[NAME] --grub-editenv \- edit GRUB environment block --[SEE ALSO] --.BR grub-reboot (8), --.BR grub-set-default (8) -diff --git a/docs/man/grub-emu.h2m b/docs/man/grub-emu.h2m -deleted file mode 100644 -index ef1c000656a..00000000000 ---- a/docs/man/grub-emu.h2m -+++ /dev/null -@@ -1,6 +0,0 @@ --[NAME] --grub-emu \- GRUB emulator --[SEE ALSO] --If you are trying to install GRUB, then you should use --.BR grub-install (8) --rather than this program. -diff --git a/docs/man/grub-file.h2m b/docs/man/grub-file.h2m -deleted file mode 100644 -index e09bb4d3101..00000000000 ---- a/docs/man/grub-file.h2m -+++ /dev/null -@@ -1,2 +0,0 @@ --[NAME] --grub-file \- check file type -diff --git a/docs/man/grub-fstest.h2m b/docs/man/grub-fstest.h2m -deleted file mode 100644 -index 9676b159afd..00000000000 ---- a/docs/man/grub-fstest.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-fstest \- debug tool for GRUB filesystem drivers --[SEE ALSO] --.BR grub-probe (8) -diff --git a/docs/man/grub-glue-efi.h2m b/docs/man/grub-glue-efi.h2m -deleted file mode 100644 -index c1c6ded49ff..00000000000 ---- a/docs/man/grub-glue-efi.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-glue-efi \- generate a fat binary for EFI --[DESCRIPTION] --grub-glue-efi processes ia32 and amd64 EFI images and glues them according to Apple format. -diff --git a/docs/man/grub-install.h2m b/docs/man/grub-install.h2m -deleted file mode 100644 -index 8cbbc87a0f2..00000000000 ---- a/docs/man/grub-install.h2m -+++ /dev/null -@@ -1,6 +0,0 @@ --[NAME] --grub-install \- install GRUB to a device --[SEE ALSO] --.BR grub-mkconfig (8), --.BR grub-mkimage (1), --.BR grub-mkrescue (1) -diff --git a/docs/man/grub-kbdcomp.h2m b/docs/man/grub-kbdcomp.h2m -deleted file mode 100644 -index d81f9157e01..00000000000 ---- a/docs/man/grub-kbdcomp.h2m -+++ /dev/null -@@ -1,10 +0,0 @@ --[NAME] --grub-kbdcomp \- generate a GRUB keyboard layout file --[DESCRIPTION] --grub-kbdcomp processes a X keyboard layout description in --.BR keymaps (5) --format into a format that can be used by GRUB's --.B keymap --command. --[SEE ALSO] --.BR grub-mklayout (8) -diff --git a/docs/man/grub-macbless.h2m b/docs/man/grub-macbless.h2m -deleted file mode 100644 -index 0197c0087d7..00000000000 ---- a/docs/man/grub-macbless.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-macbless \- bless a mac file/directory --[SEE ALSO] --.BR grub-install (1) -diff --git a/docs/man/grub-macho2img.h2m b/docs/man/grub-macho2img.h2m -deleted file mode 100644 -index d79aaeed8f9..00000000000 ---- a/docs/man/grub-macho2img.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-macho2img \- convert Mach-O to raw image --[SEE ALSO] --.BR grub-mkimage (1) -diff --git a/docs/man/grub-menulst2cfg.h2m b/docs/man/grub-menulst2cfg.h2m -deleted file mode 100644 -index c2e0055ed7e..00000000000 ---- a/docs/man/grub-menulst2cfg.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-menulst2cfg \- transform legacy menu.lst into grub.cfg --[SEE ALSO] --.BR grub-mkconfig (8) -diff --git a/docs/man/grub-mkconfig.h2m b/docs/man/grub-mkconfig.h2m -deleted file mode 100644 -index 9b42f813010..00000000000 ---- a/docs/man/grub-mkconfig.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkconfig \- generate a GRUB configuration file --[SEE ALSO] --.BR grub-install (8) -diff --git a/docs/man/grub-mkfont.h2m b/docs/man/grub-mkfont.h2m -deleted file mode 100644 -index d46fe600eca..00000000000 ---- a/docs/man/grub-mkfont.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkfont \- make GRUB font files --[SEE ALSO] --.BR grub-mkconfig (8) -diff --git a/docs/man/grub-mkimage.h2m b/docs/man/grub-mkimage.h2m -deleted file mode 100644 -index f0fbc2bb197..00000000000 ---- a/docs/man/grub-mkimage.h2m -+++ /dev/null -@@ -1,6 +0,0 @@ --[NAME] --grub-mkimage \- make a bootable image of GRUB --[SEE ALSO] --.BR grub-install (8), --.BR grub-mkrescue (1), --.BR grub-mknetdir (8) -diff --git a/docs/man/grub-mklayout.h2m b/docs/man/grub-mklayout.h2m -deleted file mode 100644 -index 1e43409c0ab..00000000000 ---- a/docs/man/grub-mklayout.h2m -+++ /dev/null -@@ -1,10 +0,0 @@ --[NAME] --grub-mklayout \- generate a GRUB keyboard layout file --[DESCRIPTION] --grub-mklayout processes a keyboard layout description in --.BR keymaps (5) --format into a format that can be used by GRUB's --.B keymap --command. --[SEE ALSO] --.BR grub-mkconfig (8) -diff --git a/docs/man/grub-mknetdir.h2m b/docs/man/grub-mknetdir.h2m -deleted file mode 100644 -index a2ef13ec111..00000000000 ---- a/docs/man/grub-mknetdir.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mknetdir \- prepare a GRUB netboot directory. --[SEE ALSO] --.BR grub-mkimage (1) -diff --git a/docs/man/grub-mkpasswd-pbkdf2.h2m b/docs/man/grub-mkpasswd-pbkdf2.h2m -deleted file mode 100644 -index 4d202f3da7e..00000000000 ---- a/docs/man/grub-mkpasswd-pbkdf2.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkpasswd-pbkdf2 \- generate hashed password for GRUB --[SEE ALSO] --.BR grub-mkconfig (8) -diff --git a/docs/man/grub-mkrelpath.h2m b/docs/man/grub-mkrelpath.h2m -deleted file mode 100644 -index d01f3961e3f..00000000000 ---- a/docs/man/grub-mkrelpath.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkrelpath \- make a system path relative to its root --[SEE ALSO] --.BR grub-probe (8) -diff --git a/docs/man/grub-mkrescue.h2m b/docs/man/grub-mkrescue.h2m -deleted file mode 100644 -index a427f02e3c6..00000000000 ---- a/docs/man/grub-mkrescue.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkrescue \- make a GRUB rescue image --[SEE ALSO] --.BR grub-mkimage (1) -diff --git a/docs/man/grub-mkstandalone.h2m b/docs/man/grub-mkstandalone.h2m -deleted file mode 100644 -index c77313978ad..00000000000 ---- a/docs/man/grub-mkstandalone.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-mkstandalone \- make a memdisk-based GRUB image --[SEE ALSO] --.BR grub-mkimage (1) -diff --git a/docs/man/grub-mount.h2m b/docs/man/grub-mount.h2m -deleted file mode 100644 -index 8d168982d72..00000000000 ---- a/docs/man/grub-mount.h2m -+++ /dev/null -@@ -1,2 +0,0 @@ --[NAME] --grub-mount \- export GRUB filesystem with FUSE -diff --git a/docs/man/grub-ofpathname.h2m b/docs/man/grub-ofpathname.h2m -deleted file mode 100644 -index 74b43eea039..00000000000 ---- a/docs/man/grub-ofpathname.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-ofpathname \- find OpenBOOT path for a device --[SEE ALSO] --.BR grub-probe (8) -diff --git a/docs/man/grub-pe2elf.h2m b/docs/man/grub-pe2elf.h2m -deleted file mode 100644 -index 7ca29bd703c..00000000000 ---- a/docs/man/grub-pe2elf.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-pe2elf \- convert PE image to ELF --[SEE ALSO] --.BR grub-mkimage (1) -diff --git a/docs/man/grub-probe.h2m b/docs/man/grub-probe.h2m -deleted file mode 100644 -index 6e1ffdcf937..00000000000 ---- a/docs/man/grub-probe.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-probe \- probe device information for GRUB --[SEE ALSO] --.BR grub-fstest (1) -diff --git a/docs/man/grub-reboot.h2m b/docs/man/grub-reboot.h2m -deleted file mode 100644 -index e4acace65ce..00000000000 ---- a/docs/man/grub-reboot.h2m -+++ /dev/null -@@ -1,5 +0,0 @@ --[NAME] --grub-reboot \- set the default boot entry for GRUB, for the next boot only --[SEE ALSO] --.BR grub-set-default (8), --.BR grub-editenv (1) -diff --git a/docs/man/grub-render-label.h2m b/docs/man/grub-render-label.h2m -deleted file mode 100644 -index 50ae5247c05..00000000000 ---- a/docs/man/grub-render-label.h2m -+++ /dev/null -@@ -1,3 +0,0 @@ --[NAME] --grub-render-label \- generate a .disk_label for Apple Macs. -- -diff --git a/docs/man/grub-script-check.h2m b/docs/man/grub-script-check.h2m -deleted file mode 100644 -index 3653682671a..00000000000 ---- a/docs/man/grub-script-check.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-script-check \- check grub.cfg for syntax errors --[SEE ALSO] --.BR grub-mkconfig (8) -diff --git a/docs/man/grub-set-default.h2m b/docs/man/grub-set-default.h2m -deleted file mode 100644 -index 7945001c154..00000000000 ---- a/docs/man/grub-set-default.h2m -+++ /dev/null -@@ -1,5 +0,0 @@ --[NAME] --grub-set-default \- set the saved default boot entry for GRUB --[SEE ALSO] --.BR grub-reboot (8), --.BR grub-editenv (1) -diff --git a/docs/man/grub-sparc64-setup.h2m b/docs/man/grub-sparc64-setup.h2m -deleted file mode 100644 -index 18f803a50db..00000000000 ---- a/docs/man/grub-sparc64-setup.h2m -+++ /dev/null -@@ -1,6 +0,0 @@ --[NAME] --grub-sparc64-setup \- set up a device to boot using GRUB --[SEE ALSO] --.BR grub-install (8), --.BR grub-mkimage (1), --.BR grub-mkrescue (1) -diff --git a/docs/man/grub-syslinux2cfg.h2m b/docs/man/grub-syslinux2cfg.h2m -deleted file mode 100644 -index ad25c8ab753..00000000000 ---- a/docs/man/grub-syslinux2cfg.h2m -+++ /dev/null -@@ -1,4 +0,0 @@ --[NAME] --grub-syslinux2cfg \- transform syslinux config into grub.cfg --[SEE ALSO] --.BR grub-menulst2cfg (8) -diff --git a/gentpl.py b/gentpl.py -index c86550d4f9e..2cba0bbbd6f 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -805,10 +805,7 @@ def manpage(defn, adddeps): - - output("if COND_MAN_PAGES\n") - gvar_add("man_MANS", name + "." + mansection) -- rule(name + "." + mansection, name + " " + adddeps, """ --chmod a+x """ + name + """ --PATH=$(builddir):$$PATH pkgdatadir=$(builddir) $(HELP2MAN) --section=""" + mansection + """ -i $(top_srcdir)/docs/man/""" + name + """.h2m -o $@ """ + name + """ --""") -+ rule(name + "." + mansection, name + " " + adddeps, "cat $(top_srcdir)/util/" + name + "." + mansection + " | $(top_builddir)/config.status --file=$@:-") - gvar_add("CLEANFILES", name + "." + mansection) - output("endif\n") - -diff --git a/util/grub-bios-setup.8 b/util/grub-bios-setup.8 -new file mode 100644 -index 00000000000..56f582b3d75 ---- /dev/null -+++ b/util/grub-bios-setup.8 -@@ -0,0 +1,54 @@ -+.TH GRUB-BIOS-SETUP 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-bios-setup\fR \(em Set up images to boot from a device. -+ -+.SH SYNOPSIS -+\fBgrub-bios-setup\fR [-a | --allow-floppy] [-b | --boot-image=\fIFILE\fR] -+.RS 17 -+[-c | --core-image=\fIFILE\fR] [-d | --directory=\fIDIR\fR] -+.RE -+.RS 17 -+[-f | --force] [-m | --device-map=\fIFILE\fR] -+.RE -+.RS 17 -+[-s | --skip-fs-probe] [-v | --verbose] \fIDEVICE\fR -+ -+.SH DESCRIPTION -+You should not normally run this program directly. Use grub-install instead. -+ -+.SH OPTIONS -+.TP -+\fB--allow-floppy\fR -+Make the device also bootable as a floppy. This option is the default for -+/dev/fdX devices. Some BIOSes will not boot images created with this option. -+ -+.TP -+\fB--boot-image\fR=\fIFILE\fR -+Use FILE as the boot image. The default value is \fBboot.img\fR. -+ -+.TP -+\fB--core-image\fR=\fIFILE\fR -+Use FILE as ther core image. The default value is \fBcore.img\fR. -+ -+.TP -+\fB--directory\fR=\fIDIR\fR -+Use GRUB files in the directory DIR. The default value is \fB/boot/grub\fR. -+ -+.TP -+\fB--force\fR -+Install even if problems are detected. -+ -+.TP -+\fB--device-map\fR=\fIFILE\fR -+Use FILE as the device map. The default value is /boot/grub/device.map . -+ -+.TP -+\fB--skip-fs-probe\fR -+Do not probe DEVICE for filesystems. -+ -+.TP -+\fB--verbose\fR -+Print verbose messages. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-editenv.1 b/util/grub-editenv.1 -new file mode 100644 -index 00000000000..d28ba03ba42 ---- /dev/null -+++ b/util/grub-editenv.1 -@@ -0,0 +1,46 @@ -+.TH GRUB-EDITENV 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-editenv\fR \(em Manage the GRUB environment block. -+ -+.SH SYNOPSIS -+\fBgrub-editenv\fR [-v | --verbose] [\fIFILE\fR] -+.RS 14 -+ -+ -+.SH DESCRIPTION -+\fBgrub-editenv\fR is a command line tool to manage GRUB's stored environment. -+ -+.SH OPTIONS -+.TP -+\fB--verbose\fR -+Print verbose messages. -+ -+.TP -+\fBFILE\fR -+.RS 7 -+File name to use for grub environment. Default is /boot/grub/grubenv . -+.RE -+ -+.SH COMMANDS -+.TP -+\fBcreate\fR -+.RS 7 -+Create a blank environment block file. -+.RE -+ -+.TP -+\fBlist\fR -+.RS 7 -+List the current variables. -+.RE -+ -+.TP -+\fBset\fR [\fINAME\fR=\fIVALUE\fR ...] -+Set variables. -+ -+.TP -+\fBunset [\fINAME\fR ...] -+Delete variables. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-file.1 b/util/grub-file.1 -new file mode 100644 -index 00000000000..b29cb327889 ---- /dev/null -+++ b/util/grub-file.1 -@@ -0,0 +1,165 @@ -+.TH GRUB-FILE 1 "Web Feb 26 2014" -+.SH NAME -+\fBgrub-file\fR \(em Check if FILE is of specified type. -+ -+.SH SYNOPSIS -+\fBgrub-file\fR (--is-i386-xen-pae-domu | --is-x86_64-xen-domu | -+.RS 11 -+--is-x86-xen-dom0 | --is-x86-multiboot | -+.RE -+.RS 11 -+--is-x86-multiboot2 | --is-arm-linux | --is-arm64-linux | -+.RE -+.RS 11 -+--is-ia64-linux | --is-mips-linux | --is-mipsel-linux | -+.RE -+.RS 11 -+--is-sparc64-linux | --is-powerpc-linux | --is-x86-linux | -+.RE -+.RS 11 -+--is-x86-linux32 | --is-x86-kfreebsd | --is-i386-kfreebsd | -+.RE -+.RS 11 -+--is-x86_64-kfreebsd | --is-x86-knetbsd | -+.RE -+.RS 11 -+--is-i386-knetbsd | --is-x86_64-knetbsd | --is-i386-efi | -+.RE -+.RS 11 -+--is-x86_64-efi | --is-ia64-efi | --is-arm64-efi | -+.RE -+.RS 11 -+--is-arm-efi | --is-hibernated-hiberfil | --is-x86_64-xnu | -+.RE -+.RS 11 -+--is-i386-xnu | --is-xnu-hibr | --is-x86-bios-bootsector) -+.RE -+.RS 11 -+\fIFILE\fR -+ -+.SH DESCRIPTION -+\fBgrub-file\fR is used to check if \fIFILE\fR is of a specified type. -+ -+.SH OPTIONS -+.TP -+--is-i386-xen-pae-domu -+Check if FILE can be booted as i386 PAE Xen unprivileged guest kernel -+ -+.TP -+--is-x86_64-xen-domu -+Check if FILE can be booted as x86_64 Xen unprivileged guest kernel -+ -+.TP -+--is-x86-xen-dom0 -+Check if FILE can be used as Xen x86 privileged guest kernel -+ -+.TP -+--is-x86-multiboot -+Check if FILE can be used as x86 multiboot kernel -+ -+.TP -+--is-x86-multiboot2 -+Check if FILE can be used as x86 multiboot2 kernel -+ -+.TP -+--is-arm-linux -+Check if FILE is ARM Linux -+ -+.TP -+--is-arm64-linux -+Check if FILE is ARM64 Linux -+ -+.TP -+--is-ia64-linux -+Check if FILE is IA64 Linux -+ -+.TP -+--is-mips-linux -+Check if FILE is MIPS Linux -+ -+.TP -+--is-mipsel-linux -+Check if FILE is MIPSEL Linux -+ -+.TP -+--is-sparc64-linux -+Check if FILE is SPARC64 Linux -+ -+.TP -+--is-powerpc-linux -+Check if FILE is POWERPC Linux -+ -+.TP -+--is-x86-linux -+Check if FILE is x86 Linux -+ -+.TP -+--is-x86-linux32 -+Check if FILE is x86 Linux supporting 32-bit protocol -+ -+.TP -+--is-x86-kfreebsd -+Check if FILE is x86 kFreeBSD -+ -+.TP -+--is-i386-kfreebsd -+Check if FILE is i386 kFreeBSD -+ -+.TP -+--is-x86_64-kfreebsd -+Check if FILE is x86_64 kFreeBSD -+ -+.TP -+--is-x86-knetbsd -+Check if FILE is x86 kNetBSD -+ -+.TP -+--is-i386-knetbsd -+Check if FILE is i386 kNetBSD -+ -+.TP -+--is-x86_64-knetbsd -+Check if FILE is x86_64 kNetBSD -+ -+.TP -+--is-i386-efi -+Check if FILE is i386 EFI file -+ -+.TP -+--is-x86_64-efi -+Check if FILE is x86_64 EFI file -+ -+.TP -+--is-ia64-efi -+Check if FILE is IA64 EFI file -+ -+.TP -+--is-arm64-efi -+Check if FILE is ARM64 EFI file -+ -+.TP -+--is-arm-efi -+Check if FILE is ARM EFI file -+ -+.TP -+--is-hibernated-hiberfil -+Check if FILE is hiberfil.sys in hibernated state -+ -+.TP -+--is-x86_64-xnu -+Check if FILE is x86_64 XNU (Mac OS X kernel) -+ -+.TP -+--is-i386-xnu -+Check if FILE is i386 XNU (Mac OS X kernel) -+ -+.TP -+--is-xnu-hibr -+Check if FILE is XNU (Mac OS X kernel) hibernated image -+ -+.TP -+--is-x86-bios-bootsector -+Check if FILE is BIOS bootsector -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-fstest.1 b/util/grub-fstest.1 -new file mode 100644 -index 00000000000..792fa78634c ---- /dev/null -+++ b/util/grub-fstest.1 -@@ -0,0 +1,99 @@ -+.TH GRUB-FSTEST 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-fstest\fR — Debug tool for GRUB's filesystem driver. -+ -+.SH SYNOPSIS -+\fBgrub-fstest\fR [-c | --diskcount=\fINUM\fR] [-C | --crypto] -+.RS 13 -+[-d | --debug=\fISTRING\fR] [-K | --zfs-key=\fIFILE\fR|\fIprompt\fR] -+.RE -+.RS 13 -+[-n | --length=\fINUM\fR] [-r | --root=\fIDEVICE_NAME\fR] -+.RE -+.RS 13 -+[-s | --skip=\fINUM\fR] [-u | --uncompress] [-v | --verbose] -+.RE -+.RS 13 -+\fIIMAGE_PATH\fR -+ -+.SH DESCRIPTION -+\fBgrub-fstest\fR is a tool for testing GRUB's filesystem drivers. You should not normally need to run this program. -+ -+.SH OPTIONS -+.TP -+\fB--diskcount\fR=\fINUM\fR -+Specify the number of input files. -+ -+.TP -+\fB--crypto\fR -+Mount cryptographic devices. -+ -+.TP -+\fB--debug\fR=\fISTRING\fR -+Set debug environment variable. -+ -+.TP -+\fB--zfs-key\fR=\fIFILE\fR|\fIprompt\fR -+Load ZFS cryptographic key. -+ -+.TP -+\fB--length\fR=\fINUM\fR -+Handle NUM bytes in output file. -+ -+.TP -+\fB--root\fR=\fIDEVICE_NAME\fR -+Set root device. -+ -+.TP -+\fB--skip\fR=\fINUM\fR -+Skip NUM bytes from output file. -+ -+.TP -+\fB--uncompress\fR -+Uncompress data. -+ -+.TP -+\fB--verbose\fR -+Print verbose messages. -+ -+.SH COMMANDS -+.TP -+\fBblocklist\fR \fIFILE\fR -+Display block list of \fIFILE\fR. -+ -+.TP -+\fBcat\fR \fIFILE\fR -+Display \fIFILE\fR on standard output. -+ -+.TP -+\fBcmp\fR \fIFILE\fR \fILOCAL\fR -+Compare \fIFILE\fR with local file \fILOCAL\fR. -+ -+.TP -+\fBcp\fR \fIFILE\fR \fILOCAL\fR -+Copy \fIFILE\fR to local file \fILOCAL\fR. -+ -+.TP -+\fBcrc\fR \fIFILE\fR -+Display the CRC-32 checksum of \fIFILE\fR. -+ -+.TP -+\fBhex\fR \fIFILE\fR -+Display contents of \fIFILE\fR in hexidecimal. -+ -+.TP -+\fBls\fR \fIPATH\fR -+List files at \fIPATH\fR. -+ -+.TP -+\fBxnu_uuid\fR \fIDEVICE\fR -+Display the XNU UUID of \fIDEVICE\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-glue-efi.1 b/util/grub-glue-efi.1 -new file mode 100644 -index 00000000000..72bd555d577 ---- /dev/null -+++ b/util/grub-glue-efi.1 -@@ -0,0 +1,31 @@ -+.TH GRUB-GLUE-EFI 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-glue-efi\fR \(em Create an Apple fat EFI binary. -+ -+.SH SYNOPSIS -+\fBgrub-glue-efi\fR <-3 | --input32=\fIFILE\fR> <-6 | --input64=\fIFILE\fR> -+.RS 15 -+<-o | --output=\fIFILE\fR> [-v | --verbose] -+ -+.SH DESCRIPTION -+\fBgrub-glue-efi\fR creates an Apple fat EFI binary from two EFI binaries. -+ -+.SH OPTIONS -+.TP -+\fB--input32\fR=\fIFILE\fR -+Read 32-bit binary from \fIFILE\fR. -+ -+.TP -+\fB--input64\fR=\fIFILE\fR -+Read 64-bit binary from \fIFILE\fR. -+ -+.TP -+\fB--output\fR=\fIFILE\fR -+Write resulting fat binary to \fIFILE\fR. -+ -+.TP -+\fB--verbose\fR -+Print verbose messages. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-install.8 b/util/grub-install.8 -new file mode 100644 -index 00000000000..1db89e94b3b ---- /dev/null -+++ b/util/grub-install.8 -@@ -0,0 +1,128 @@ -+.TH GRUB-INSTALL 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-install\fR \(em Install GRUB on a device. -+ -+.SH SYNOPSIS -+\fBgrub-install\fR [--modules=\fIMODULES\fR] [--install-modules=\fIMODULES\fR] -+.RS 14 -+[--themes=\fITHEMES\fR] [--fonts=\fIFONTS\fR] [--locales=\fILOCALES\fR] -+.RE -+.RS 14 -+[--compress[=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR]] [-d | --directory=\fIDIR\fR] -+.RE -+.RS 14 -+[--grub-mkimage=\fIFILE\fR] [--boot-directory=\fIDIR\fR] -+.RE -+.RS 14 -+[--target=\fITARGET\fR] [--grub-setup=\fIFILE\fR] -+.RE -+.RS 14 -+[--grub-mkrelpath=\fIFILE\fR] [--grub-probe=\fIFILE\fR] -+.RE -+.RS 14 -+[--allow-floppy] [--recheck] [--force] [--force-file-id] -+.RE -+.RS 14 -+[--disk-module=\fIMODULE\fR] [--no-nvram] [--removable] -+.RE -+.RS 14 -+[--bootloader-id=\fIID\fR] [--efi-directory=\fIDIR\fR] \fIINSTALL_DEVICE\fR -+ -+.SH DESCRIPTION -+\fBgrub-install\fR installs GRUB onto a device. This includes copying GRUB images into the target directory (generally \fI/boot/grub\fR), and on some platforms may also include installing GRUB onto a boot sector. -+ -+.SH OPTIONS -+.TP -+\fB--modules\fR=\fIMODULES\fR\! -+Pre-load modules specified by \fIMODULES\fR. -+ -+.TP -+\fB--install-modules\fR=\fIMODULES\fR -+Install only \fIMODULES\fR and their dependencies. The default is to install all available modules. -+ -+.TP -+\fB--themes\fR=\fITHEMES\fR -+Install \fITHEMES\fR. The default is to install the \fIstarfield\fR theme, if available. -+ -+.TP -+\fB--fonts\fR=\fIFONTS\fR -+Install \fIFONTS\fR. The default is to install the \fIunicode\fR font. -+ -+.TP -+\fB--locales\fR=\fILOCALES\fR -+Install only locales listed in \fILOCALES\fR. The default is to install all available locales. -+ -+.TP -+\fB--compress\fR=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR -+Compress GRUB files using the specified compression algorithm. -+ -+.TP -+\fB--directory\fR=\fIDIR\fR -+Use images and modules in \fIDIR\fR. -+ -+.TP -+\fB--grub-mkimage\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-mkimage\fR. The default is \fI/usr/bin/grub-mkimage\fR. -+ -+.TP -+\fB--boot-directory\fR=\fIDIR\fR -+Use \fIDIR\fR as the boot directory. The default is \fI/boot\fR. GRUB will put its files in a subdirectory of this directory named \fIgrub\fR. -+ -+.TP -+\fB--target\fR=\fITARGET\fR -+Install GRUB for \fITARGET\fR platform. The default is the platform \fBgrub-install\fR is running on. -+ -+.TP -+\fB--grub-setup\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-setup\fR. The default is \fI/usr/bin/grub-setup\fR. -+ -+.TP -+\fB--grub-mkrelpath\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-mkrelpath\fR. The default is \fI/usr/bin/grub-mkrelpath\fR. -+ -+.TP -+\fB--grub-probe\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-probe\fR. The default is \fI/usr/bin/grub-mkrelpath\fR. -+ -+.TP -+\fB--allow-floppy -+Make the device also bootable as a floppy. This option is the default for /dev/fdX devices. Some BIOSes will not boot images created with this option. -+ -+.TP -+\fB--recheck -+Delete any existing device map and create a new one if necessary. -+ -+.TP -+\fB--force -+Install even if problems are detected. -+ -+.TP -+\fB--force-file-id -+Use identifier file even if UUID is available. -+ -+.TP -+\fB--disk-module\fR=\fIMODULE\fR -+Use \fIMODULE\fR for disk access. This allows you to manually specify either \fIbiosdisk\fR or \fInative\fR disk access. This option is only available on the BIOS target platform. -+ -+.TP -+\fB--no-nvram -+Do not update the \fIboot-device\fR NVRAM variable. This option is only available on IEEE1275 target platforms. -+ -+.TP -+\fB--removable -+Treat the target device as if it is removeable. This option is only available on the EFI target platform. -+ -+.TP -+\fB--bootloader-id\fR=\fIID\fR -+Use \fIID\fR as the bootloader ID. This option is only available on the EFI target platform. -+ -+.TP -+\fB--efi-directory\fR=\fIDIR\fR -+Use \fIDIR\fR as the EFI System Partition root. This option is only available on the EFI target platform. -+ -+.TP -+\fIINSTALL_DEVICE\fR -+Install GRUB to the block device \fIINSTALL_DEVICE\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-kbdcomp.1 b/util/grub-kbdcomp.1 -new file mode 100644 -index 00000000000..0bb969a5b43 ---- /dev/null -+++ b/util/grub-kbdcomp.1 -@@ -0,0 +1,19 @@ -+.TH GRUB-KBDCOMP 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-kbdcomp\fR \(em Generate a GRUB keyboard layout file. -+ -+.SH SYNOPSIS -+\fBgrub-kbdcomp\fR <-o | --output=\fIFILE\fR> \fICKBMAP_ARGUMENTS\fR -+ -+.SH DESCRIPTION -+\fBgrub-kbdcomp\fR processes an X keyboard layout description in -+\fBkeymaps\fR(5) format into a format that can be used by GRUB's \fBkeymap\fR -+command. -+ -+.SH OPTIONS -+.TP -+\fB--output\fR=\fIFILE\fR -+Write output to \fIFILE\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-macbless.1 b/util/grub-macbless.1 -new file mode 100644 -index 00000000000..41a96186f70 ---- /dev/null -+++ b/util/grub-macbless.1 -@@ -0,0 +1,22 @@ -+.TH GRUB-MACBLESS 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-macbless\fR \(em Mac-style bless on HFS or HFS+ -+ -+.SH SYNOPSIS -+\fBgrub-macbless\fR [-v | --verbose] [-p | --ppc] \fIFILE\fR | [-x | --x86] \fIFILE\fR -+ -+.SH OPTIONS -+.TP -+--x86 -+Bless for x86 based Macs. -+ -+.TP -+--ppc -+Bless for PPC based Macs. -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-menulst2cfg.1 b/util/grub-menulst2cfg.1 -new file mode 100644 -index 00000000000..91e2ef87113 ---- /dev/null -+++ b/util/grub-menulst2cfg.1 -@@ -0,0 +1,12 @@ -+.TH GRUB-MENULST2CFG 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-menulst2cfg\fR \(em Convert a configuration file from GRUB 0.xx to GRUB 2.xx format. -+ -+.SH SYNOPSIS -+\fBgrub-menulst2cfg\fR [\fIINFILE\fR [\fIOUTFILE\fR]] -+ -+.SH DESCRIPTION -+\fBgrub-menulst2cfg\fR converts a configuration file from GRUB 0.xx to the current format. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkconfig.8 b/util/grub-mkconfig.8 -new file mode 100644 -index 00000000000..a2d1f577b9b ---- /dev/null -+++ b/util/grub-mkconfig.8 -@@ -0,0 +1,17 @@ -+.TH GRUB-MKCONFIG 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkconfig\fR \(em Generate a GRUB configuration file. -+ -+.SH SYNOPSIS -+\fBgrub-mkconfig\fR [-o | --output=\fIFILE\fR] -+ -+.SH DESCRIPTION -+\fBgrub-mkconfig\fR generates a configuration file for GRUB. -+ -+.SH OPTIONS -+.TP -+\fB--output\fR=\fIFILE\fR -+Write generated output to \fIFILE\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkfont.1 b/util/grub-mkfont.1 -new file mode 100644 -index 00000000000..3494857987d ---- /dev/null -+++ b/util/grub-mkfont.1 -@@ -0,0 +1,87 @@ -+.TH GRUB-MKFONT 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkfont\fR \(em Convert common font file formats into the PF2 format. -+ -+.SH SYNOPSIS -+\fBgrub-mkfont\fR [--ascii-bitmaps] [-a | --force-autohint] -+.RS 13 -+[-b | --bold] [-c | --asce=\fINUM\fR] [-d | --desc=\fINUM\fR] -+.RE -+.RS 13 -+[-i | --index=\fINUM\fR] [-n | --name=\fINAME\fR] [--no-bitmap] -+.RE -+.RS 13 -+[--no-hinting] <-o | --output=\fIFILE\fR> -+.RE -+.RS 13 -+[-r | --range=\fIFROM-TO\fR[\fI,FROM-TO\fR]] [-s | --size=\fISIZE\fR] -+.RE -+.RS 13 -+[-v | --verbose] [--width-spec] \fIFONT_FILES\fR -+ -+.SH DESCRIPTION -+\fBgrub-mkfont\fR converts font files from common formats into the PF2 format used by GRUB. -+ -+.SH OPTIONS -+.TP -+--ascii-bitmaps -+Save only bitmaps for ASCII characters. -+ -+.TP -+--force-autohint -+Force generation of automatic hinting. -+ -+.TP -+--bold -+Convert font to bold. -+ -+.TP -+--asce=\fINUM\fR -+Set font ascent to \fINUM\fR. -+ -+.TP -+--desc=\fINUM\fR -+Set font descent to \fINUM\fR. -+ -+.TP -+--index=\fINUM\fR -+Select face index \fINUM\fR. -+ -+.TP -+--name=\fINAME\fR -+Set font family to \fINAME\fR. -+ -+.TP -+--no-bitmap -+Ignore bitmap strikes when loading. -+ -+.TP -+--no-hinting -+Disable hinting. -+ -+.TP -+--output=\fIFILE\fR -+Save ouptut to \fIFILE\fR. This argument is required. -+ -+.TP -+--range=\fIFROM-TO\fR\fI,FROM-TO\fR -+Set the font ranges to each pair of \fIFROM\fR,\fITO\fR. -+ -+.TP -+--size=\fISIZE\fR -+Set font size to \fISIZE\fR. -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.TP -+--width-spec -+Create a width summary file. -+ -+.TP -+\fIFONT_FILES\fR -+The input files to be converted. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkimage.1 b/util/grub-mkimage.1 -new file mode 100644 -index 00000000000..4dea4f54597 ---- /dev/null -+++ b/util/grub-mkimage.1 -@@ -0,0 +1,95 @@ -+.TH GRUB-MKIMAGE 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkimage\fR \(em Make a bootable GRUB image. -+ -+.SH SYNOPSIS -+\fBgrub-mkimage\fR [-c | --config=\fRFILE\fI] [-C | --compression=(\fIxz\fR,\fInone\fR,\fIauto\fR)] -+.RS 14 -+[-d | --directory=\fRDIR\fR] [-k | --pubkey=\fIFILE\fR] -+.RE -+.RS 14 -+[-m | --memdisk=\fIFILE\fR] [-n | --note] [-o | --output=\fIFILE\fR] -+.RE -+.RS 14 -+[-O | --format=\fIFORMAT\fR] [-p | --prefix=\fIDIR\fR] -+.RE -+.RS 14 -+[-v | --verbose] \fIMODULES\fR -+ -+.SH DESCRIPTION -+\fBgrub-mkimage\fI builds a bootable image of GRUB. -+ -+.SH OPTIONS -+.TP -+--config=\fIFILE\fR -+Embed \fIFILE\fR as the image's initial configuration file. -+ -+.TP -+--compression=(\fIxz\fR,\fInone\fR,\fIauto\fR) -+Use one of \fIxz\fR, \fInone\fR, or \fIauto\fR as the compression method for the core image. -+ -+.TP -+--directory=\fIDIR\fR -+Use images and modules from \fIDIR\fR. The default value is \fB/usr/lib/grub/\fR. -+ -+.TP -+--pubkey=\fIFILE\fR -+Embed the public key \fIFILE\fR for signature checking. -+ -+.TP -+--memdisk=\fIFILE\fR -+Embed the memdisk image \fIFILE\fR. If no \fB-p\fR option is also specified, this implies \fI-p (memdisk)/boot/grub\fR. -+ -+.TP -+--note -+Add a CHRP \fINOTE\fR section. This option is only valid on IEEE1275 platforms. -+ -+.TP -+--output=\fIFILE\fR -+Write the generated file to \fIFILE\fR. The default is to write to standard output. -+ -+.TP -+--format=\fIFORMAT\fR -+Generate an image in the specified \fIFORMAT\fR. Valid values are: -+.RS -+.RS 4 -+.P -+i386-coreboot, -+i386-multiboot, -+i386-pc, -+i386-pc-pxe, -+i386-efi, -+i386-ieee1275, -+i386-qemu, -+x86_64-efi, -+mipsel-yeeloong-flash, -+mipsel-fuloong2f-flash, -+mipself-loongson-elf, -+powerpc-ieee1275, -+sparc64-ieee1275-raw, -+sparc64-ieee1275-cdcore, -+sparc64-ieee1275-aout, -+ia64-efi, -+mips-arc, -+mipsel-arc, -+mipsel-qemu_mips-elf, -+mips-qemu_mips-flash, -+mipsel-qemu_mips-flash, -+mips-qemu_mips-elf -+.RE -+.RE -+ -+.TP -+--prefix=\fIDIR\fR -+Set prefix directory. The default value is \fI/boot/grub\fR. -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.TP -+\fIMODULES\fR -+Include \fIMODULES\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mklayout.1 b/util/grub-mklayout.1 -new file mode 100644 -index 00000000000..d1bbc2ec515 ---- /dev/null -+++ b/util/grub-mklayout.1 -@@ -0,0 +1,27 @@ -+.TH GRUB-MKLAYOUT 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mklayout\fR \(em Generate a GRUB keyboard layout file. -+ -+.SH SYNOPSIS -+\fBgrub-mklayout\fR [-i | --input=\fIFILE\fR] [-o | --output=\fIFILE\fR] -+.RS 15 -+[-v | --verbose] -+ -+.SH DESCRIPTION -+\fBgrub-mklayout\fR generates a GRUB keyboard layout description which corresponds with the Linux console layout description given as input. -+ -+.SH OPTIONS -+.TP -+--input=\fIFILE\fR -+Use \fIFILE\fR as the input. The default value is the standard input device. -+ -+.TP -+--output=\fIFILE\fR -+Use \fIFILE\fR as the output. The default value is the standard output device. -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mknetdir.1 b/util/grub-mknetdir.1 -new file mode 100644 -index 00000000000..fa7e8d4ef0d ---- /dev/null -+++ b/util/grub-mknetdir.1 -@@ -0,0 +1,12 @@ -+.TH GRUB-MKNETDIR 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mknetdir\fR \(em Prepare a GRUB netboot directory. -+ -+.SH SYNOPSIS -+\fBgrub-mknetdir\fR -+ -+.SH DESCRIPTION -+\fBgrub-mknetdir\fR prepares a directory for GRUB to be netbooted from. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkpasswd-pbkdf2.1 b/util/grub-mkpasswd-pbkdf2.1 -new file mode 100644 -index 00000000000..73c437c15d8 ---- /dev/null -+++ b/util/grub-mkpasswd-pbkdf2.1 -@@ -0,0 +1,27 @@ -+.TH GRUB-MKPASSWD-PBKDF2 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkpasswd-pbkdf2\fR \(em Generate a PBKDF2 password hash. -+ -+.SH SYNOPSIS -+\fBgrub-mkpasswd-pbkdf2\fR [-c | --iteration-count=\fINUM\fR] [-l | --buflen=\fINUM\fR] -+.RS 22 -+[-s | --salt=\fINUM\fR] -+ -+.SH DESCRIPTION -+\fBgrub-mkpasswd-pbkdf2\fR generates a PBKDF2 password string suitable for use in a GRUB configuration file. -+ -+.SH OPTIONS -+.TP -+--iteration-count=\fINUM\fR -+Number of PBKDF2 iterations. -+ -+.TP -+--buflen=\fINUM\fR -+Length of generated hash. -+ -+.TP -+--salt=\fINUM\fR -+Length of salt to use. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkrelpath.1 b/util/grub-mkrelpath.1 -new file mode 100644 -index 00000000000..85f1113621d ---- /dev/null -+++ b/util/grub-mkrelpath.1 -@@ -0,0 +1,12 @@ -+.TH GRUB-MKRELPATH 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkrelpath\fR \(em Generate a relative GRUB path given an OS path. -+ -+.SH SYNOPSIS -+\fBgrub-mkrelpath\fR \fIFILE\fR -+ -+.SH DESCRIPTION -+\fBgrub-mkrelpath\fR takes an OS filesystem path for \fIFILE\fR and returns a relative path suitable for use in a GRUB configuration file. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkrescue.1 b/util/grub-mkrescue.1 -new file mode 100644 -index 00000000000..4ed9fc723fd ---- /dev/null -+++ b/util/grub-mkrescue.1 -@@ -0,0 +1,123 @@ -+.TH GRUB-MKRESCUE 3 "Wed Feb 26 2014" -+.SH NAME -+grub-mkrescue \(em Generate a GRUB rescue image using GNU Xorriso. -+ -+.SH SYNOPSIS -+\fBgrub-mkrescue\fR [-o | --output=\fIFILE\fR] [--modules=\fIMODULES\fR] -+.RS 15 -+[--install-modules=\fIMODULES\fR] [--themes=\fITHEMES\fR] -+.RE -+.RS 15 -+[--fonts=\fIFONTS\fR] [--locales=\fILOCALES\fR] -+.RE -+.RS 15 -+[--compress[=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR]] [-d | --directory=\fIDIR\fR] -+.RE -+.RS 15 -+[--grub-mkimage=\fIFILE\fR] [--rom-directory=\fIDIR\fR] -+.RE -+.RS 15 -+[--xorriso=\fIFILE\fR] [--grub-glue-efi=\fIFILE\fR] -+.RE -+.RS 15 -+[--grub-render-label=\fIFILE\fR] [--label-font=\fIFILE\fR] -+.RE -+.RS 15 -+[--label-color=\fICOLOR\fR] [--label-bgcolor=\fIFILE\fR] -+.RE -+.RS 15 -+[--product-name=\fISTRING\fR] [--product-version=\fISTRING\fR] -+.RE -+.RS 15 -+[--sparc-boot] [--arcs-boot] -+ -+.SH DESCRIPTION -+\fBgrub-mkrescue\fR can be used to generate a rescue image with the GRUB bootloader. -+ -+.SH OPTIONS -+.TP -+\fB--output\fR=\fIFILE\fR -+Write the generated file to \fIFILE\fR. The default is to write to standard output. -+ -+.TP -+\fB--modules\fR=\fIMODULES\fR -+Pre-load modules specified by \fIMODULES\fR. -+ -+.TP -+\fB--install-modules\fR=\fIMODULES\fR -+Install only \fIMODULES\fR and their dependencies. The default is to install all available modules. -+ -+.TP -+\fB--themes\fR=\fITHEMES\fR -+Install \fITHEMES\fR. The default is to install the \fIstarfield\fR theme, if available. -+ -+.TP -+\fB--fonts\fR=\fIFONTS\fR -+Install \fIFONTS\fR. The default is to install the \fIunicode\fR font. -+ -+.TP -+\fB--locales\fR=\fILOCALES\fR -+Install only locales listed in \fILOCALES\fR. The default is to install all available locales. -+ -+.TP -+\fB--compress\fR[=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR] -+Compress GRUB files using the specified compression algorithm. -+ -+.TP -+\fB--directory\fR=\fIDIR\fR -+Use images and modules in \fIDIR\fR. -+ -+.TP -+\fB--grub-mkimage\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-mkimage\fR(1). The default is \fI/usr/bin/grub-mkimage\fR. -+ -+.TP -+\fB--rom-directory\fR=\fIDIR\fR -+Save ROM images in \fIDIR\fR. -+ -+.TP -+\fB--xorriso\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBxorriso\fI. -+ -+.TP -+\fB--grub-glue-efi\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-glue-efi\fR(3). -+ -+.TP -+\fB--grub-render-label\fR=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-render-label\fR(3). -+ -+.TP -+\fB--label-font\fR=\fIFILE\fR -+Use \fIFILE\fR as the font file for generated labels. -+ -+.TP -+\fB--label-color\fR=\fICOLOR\fR -+Use \fICOLOR\fI as the color for generated labels. -+ -+.TP -+\fB--label-bgcolor\fR=\fICOLOR\fR -+Use \fICOLOR\fR as the background color for generated labels. -+ -+.TP -+\fB--product-name\fR=\fISTRING\fR -+Use \fISTRING\fR as the product name in generated labels. -+ -+.TP -+\fB--product-version\fR=\fISTRING\fR -+Use \fISTRING\fR as the product version in generated labels. -+ -+.TP -+\fB--sparc-boot\fR -+Enable booting the SPARC platform. This disables HFS+, APM, ARCS, and "boot as disk image" on the \fIi386-pc\fR target platform. -+ -+.TP -+\fB--arcs-boot\fR -+Enable ARCS booting. This is typically for big-endian MIPS machines, and disables HFS+, APM, sparc64, and "boot as disk image" on the \fIi386-pc\fR target platform. -+ -+.TP -+\fB--\fR -+All options after a \fB--\fR will be passed directly to xorriso's command line when generating the image. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkstandalone.1 b/util/grub-mkstandalone.1 -new file mode 100644 -index 00000000000..ba2d2bdf279 ---- /dev/null -+++ b/util/grub-mkstandalone.1 -@@ -0,0 +1,100 @@ -+.TH GRUB-MKSTANDALONE 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-mkstandalone\fR \(em Generate a standalone image in the selected format. -+ -+.SH SYNOPSIS -+\fBgrub-mkstandalone\fR [-o | --output=\fIFILE\fR] [-O | --format=\fIFORMAT\fR] -+.RS 19 -+[-C | --compression=(\fIxz\fR|\fInone\fR|\fIauto\fR)] -+.RE -+.RS 19 -+[--modules=\fIMODULES\fR] [--install-modules=\fIMODULES\fR] -+.RE -+.RS 19 -+[--themes=\fITHEMES\fR] [--fonts=\fIFONTS\fR] -+.RE -+.RS 19 -+[--locales=\fILOCALES\fR] [--compress[=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR]] -+.RE -+.RS 19 -+[-d | --directory=\fIDIR\fR] [--grub-mkimage=\fIFILE\fR] -+.RE -+.RS 19 -+\fISOURCE...\fR -+ -+.SH DESCRIPTION -+ -+.SH OPTIONS -+.TP -+--output=\fIFILE\fR -+Write the generated file to \fIFILE\fR. The default is to write to standard output. -+ -+.TP -+--format=\fIFORMAT\fR -+Generate an image in the specified \fIFORMAT\fR. Valid values are: -+.RS -+.RS 4 -+.P -+i386-coreboot, -+i386-multiboot, -+i386-pc, -+i386-pc-pxe, -+i386-efi, -+i386-ieee1275, -+i386-qemu, -+x86_64-efi, -+mipsel-yeeloong-flash, -+mipsel-fuloong2f-flash, -+mipself-loongson-elf, -+powerpc-ieee1275, -+sparc64-ieee1275-raw, -+sparc64-ieee1275-cdcore, -+sparc64-ieee1275-aout, -+ia64-efi, -+mips-arc, -+mipsel-arc, -+mipsel-qemu_mips-elf, -+mips-qemu_mips-flash, -+mipsel-qemu_mips-flash, -+mips-qemu_mips-elf -+.RE -+.RE -+ -+.TP -+--compression=(\fIxz\fR|\fInone\fR|\fIauto\fR) -+Use one of \fIxz\fR, \fInone\fR, or \fIauto\fR as the compression method for the core image. -+ -+.TP -+--modules=\fIMODULES\fR -+Pre-load modules specified by \fIMODULES\fR. -+ -+.TP -+--install-modules=\fIMODULES\fR -+Install only \fIMODULES\fR and their dependencies. The default is to install all available modules. -+ -+.TP -+--themes=\fITHEMES\fR -+Install \fITHEMES\fR. The default is to install the \fIstarfield\fR theme, if available. -+ -+.TP -+--fonts=\fIFONTS\fR -+Install \fIFONTS\fR. The default is to install the \fIunicode\fR font. -+ -+.TP -+--locales=\fILOCALES\fR -+Install only locales listed in \fILOCALES\fR. The default is to install all available locales. -+ -+.TP -+--compress[=\fIno\fR,\fIxz\fR,\fIgz\fR,\fIlzo\fR] -+Compress GRUB files using the specified compression algorithm. -+ -+.TP -+--directory=\fIDIR\fR -+Use images and modules in \fIDIR\fR. -+ -+.TP -+--grub-mkimage=\fIFILE\fR -+Use \fIFILE\fR as \fBgrub-mkimage\fR. The default is \fI/usr/bin/grub-mkimage\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-ofpathname.8 b/util/grub-ofpathname.8 -new file mode 100644 -index 00000000000..bf3743aeba1 ---- /dev/null -+++ b/util/grub-ofpathname.8 -@@ -0,0 +1,12 @@ -+.TH GRUB-OFPATHNAME 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-ofpathname\fR \(em Generate an IEEE-1275 device path for a specified device. -+ -+.SH SYNOPSIS -+\fBgrub-ofpathname\fR \fIDEVICE\fR -+ -+.SH DESCRIPTION -+\fBgrub-ofpathname\fR generates an IEEE-1275 device path for the specified \fIDEVICE\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-probe.8 b/util/grub-probe.8 -new file mode 100644 -index 00000000000..04e26c832bb ---- /dev/null -+++ b/util/grub-probe.8 -@@ -0,0 +1,80 @@ -+.TH GRUB-PROBE 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-probe\fR \(em Probe device information for a given path. -+ -+.SH SYNOPSIS -+\fBgrub-probe\fR \[-d | --device] [-m | --device-map=\fIFILE\fR] -+.RS 12 -+[-t | --target=(fs|fs_uuid|fs_label|drive|device|partmap| -+.RE -+.RS 28 -+abstraction|cryptodisk_uuid| -+.RE -+.RS 28 -+msdos_parttype)] -+.RE -+.RS 12 -+[-v | --verbose] (PATH|DEVICE) -+ -+.SH DESCRIPTION -+\fBgrub-probe\fR probes a path or device for filesystem and related information. -+ -+.SH OPTIONS -+.TP -+--device -+Final option represents a \fIDEVICE\fR, rather than a filesystem \fIPATH\fR. -+.TP -+--device-map=\fIFILE\fR -+Use \fIFILE\fR as the device map. The default value is \fI/boot/grub/device.map\fR. -+ -+.TP -+--target=(fs|fs_uuid|fs_label|drive|device|partmap|msdos_parttype) -+Select among various output definitions. The default is \fIfs\fR. -+.RS -+.TP -+\fIfs\fR -+filesystem module -+ -+.TP -+\fIfs_uuid\fR -+filesystem UUID -+ -+.TP -+\fIfs_label\fR -+filesystem label -+ -+.TP -+\fIdrive\fR -+GRUB drive name -+ -+.TP -+\fIdevice\fR -+System device -+ -+.TP -+\fIpartmap\fR -+partition map module -+ -+.TP -+\fIabstraction\fR -+abstraction module -+ -+.TP -+\fIcryptodisk_uuid\fR -+cryptographic container -+ -+.TP -+\fImsdos_partmap\fR -+MS-DOS partition map -+.RE -+ -+.TP -+--verbose -+Print verbose output. -+ -+.TP -+(\fIPATH\fR|\fIDEVICE\fR) -+If --device is passed, a block \fIDEVICE\fR. Otherwise, the \fIPATH\fR of a file on the filesystem. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-reboot.8 b/util/grub-reboot.8 -new file mode 100644 -index 00000000000..faa5e4eece2 ---- /dev/null -+++ b/util/grub-reboot.8 -@@ -0,0 +1,21 @@ -+.TH GRUB-REBOOT 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-reboot\fR \(em Set the default boot menu entry for the next boot only. -+ -+.SH SYNOPSIS -+\fBgrub-reboot\fR [--boot-directory=\fIDIR\fR] \fIMENU_ENTRY\fR -+ -+.SH DESCRIPTION -+\fBgrub-reboot\fR sets the default boot menu entry for the next boot, but not further boots after that. This command only works for GRUB configuration files created with \fIGRUB_DEFAULT=saved\fR in \fI/etc/default/grub\fR. -+ -+.SH OPTIONS -+.TP -+--boot-directory=\fIDIR\fR -+Find GRUB images under \fIDIR/grub\fR. The default value is \fI/boot\fR, resulting in grub images being search for at \fI/boot/grub\fR. -+ -+.TP -+\fIMENU_ENTRY\fR -+A number, a menu item title or a menu item identifier. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-render-label.1 b/util/grub-render-label.1 -new file mode 100644 -index 00000000000..4d51c8abf01 ---- /dev/null -+++ b/util/grub-render-label.1 -@@ -0,0 +1,51 @@ -+.TH GRUB-RENDER-LABEL 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-render-label\fR \(em Render an Apple disk label. -+ -+.SH SYNOPSIS -+\fBgrub-render-label\fR [-b | --bgcolor=\fICOLOR\fR] [-c | --color=\fICOLOR\fR] -+.RS 19 -+[-f | --font=\fIFILE\fR] [-i | --input=\fIFILE\fR] -+.RE -+.RS 19 -+[-o | --output=\fIFILE\fR] [-t | --text=\fISTRING\fR] -+.RE -+.RS 19 -+[-v | --verbose] -+ -+.SH DESCRIPTION -+\fBgrub-render-label\fR renders an Apple disk label (.disk_label) file. -+ -+ -+.SH OPTIONS -+.TP -+\fB--color\fR=\fICOLOR\fR -+Use \fICOLOR\fI as the color for generated labels. -+ -+.TP -+\fB--bgcolor\fR=\fICOLOR\fR -+Use \fICOLOR\fR as the background color for generated labels. -+ -+.TP -+\fB--font\fR=\fIFILE\fR -+Use \fIFILE\fR as the font file for generated labels. -+ -+.TP -+--input=\fIFILE\fR -+Read input text from \fIFILE\fR. -+ -+.TP -+--output=\fIFILE\fR -+Render output to \fIFILE\fR. -+ -+.TP -+--text=\fISTRING\fR -+Use \fISTRING\fR as input text. -+ -+.TP -+--verbose -+Print verbose output. -+ -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-script-check.1 b/util/grub-script-check.1 -new file mode 100644 -index 00000000000..0f1f625b05d ---- /dev/null -+++ b/util/grub-script-check.1 -@@ -0,0 +1,21 @@ -+.TH GRUB-SCRIPT-CHECK 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-script-check\fR \(em Check GRUB configuration file for syntax errors. -+ -+.SH SYNOPSIS -+\fBgrub-script-check\fR [-v | --verbose] \fIPATH\fR -+ -+.SH DESCRIPTION -+\fBgrub-script-check\fR verifies that a specified GRUB configuration file does not contain syntax errors. -+ -+.SH OPTIONS -+.TP -+--verbose -+Print verbose output. -+ -+.TP -+\fIPATH\fR -+Path of the file to use as input. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-set-default.8 b/util/grub-set-default.8 -new file mode 100644 -index 00000000000..a96265a1509 ---- /dev/null -+++ b/util/grub-set-default.8 -@@ -0,0 +1,21 @@ -+.TH GRUB-SET-DEFAULT 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-set-default\fR \(em Set the default boot menu entry for GRUB. -+ -+.SH SYNOPSIS -+\fBgrub-set-default\fR [--boot-directory=\fIDIR\fR] \fIMENU_ENTRY\fR -+ -+.SH DESCRIPTION -+\fBgrub-set-default\fR sets the default boot menu entry for all subsequent boots. This command only works for GRUB configuration files created with \fIGRUB_DEFAULT=saved\fR in \fI/etc/default/grub\fR. -+ -+.SH OPTIONS -+.TP -+--boot-directory=\fIDIR\fR -+Find GRUB images under \fIDIR/grub\fR. The default value is \fI/boot\fR, resulting in grub images being search for at \fI/boot/grub\fR. -+ -+.TP -+\fIMENU_ENTRY\fR -+A number, a menu item title or a menu item identifier. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-sparc64-setup.8 b/util/grub-sparc64-setup.8 -new file mode 100644 -index 00000000000..37ea2dd5eaa ---- /dev/null -+++ b/util/grub-sparc64-setup.8 -@@ -0,0 +1,12 @@ -+.TH GRUB-SPARC64-SETUP 3 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-sparc64-setup\fR \(em Set up a device to boot a sparc64 GRUB image. -+ -+.SH SYNOPSIS -+\fBgrub-sparc64-setup\fR [OPTIONS]. -+ -+.SH DESCRIPTION -+You should not normally run this program directly. Use grub-install instead. -+ -+.SH SEE ALSO -+.BR "info grub" diff --git a/0028-use-fw_path-prefix-when-fallback-searching-for-grub-.patch b/0028-use-fw_path-prefix-when-fallback-searching-for-grub-.patch deleted file mode 100644 index 6b1580bb49c690b1ffa4aad1f94e3b1bc180bbed..0000000000000000000000000000000000000000 --- a/0028-use-fw_path-prefix-when-fallback-searching-for-grub-.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Fedora Ninjas -Date: Wed, 19 Feb 2014 15:58:43 -0500 -Subject: [PATCH] use fw_path prefix when fallback searching for grub config - -When PXE booting via UEFI firmware, grub was searching for grub.cfg -in the fw_path directory where the grub application was found. If -that didn't exist, a fallback search would look for config file names -based on MAC and IP address. However, the search would look in the -prefix directory which may not be the same fw_path. This patch -changes that behavior to use the fw_path directory for the fallback -search. Only if fw_path is NULL will the prefix directory be searched. - -Signed-off-by: Mark Salter ---- - grub-core/normal/main.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 7ca2e5400b1..02577502116 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -347,7 +347,7 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - char *config; - const char *prefix, *fw_path; - -- fw_path = grub_env_get ("fw_path"); -+ prefix = fw_path = grub_env_get ("fw_path"); - if (fw_path) - { - config = grub_xasprintf ("%s/grub.cfg", fw_path); -@@ -370,7 +370,8 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - } - } - -- prefix = grub_env_get ("prefix"); -+ if (! prefix) -+ prefix = grub_env_get ("prefix"); - if (prefix) - { - grub_size_t config_len; diff --git a/0029-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch b/0029-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch deleted file mode 100644 index ab49bb1919860b19c433734557991cf04e6cc75f..0000000000000000000000000000000000000000 --- a/0029-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 8 Jul 2019 17:33:22 +0200 -Subject: [PATCH] Try mac/guid/etc before grub.cfg on tftp config files. - -Signed-off-by: Peter Jones ---- - grub-core/normal/main.c | 97 ++++++++++++++++++++++++++----------------------- - 1 file changed, 51 insertions(+), 46 deletions(-) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 02577502116..880d0ebd454 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -345,61 +345,66 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - /* Guess the config filename. It is necessary to make CONFIG static, - so that it won't get broken by longjmp. */ - char *config; -- const char *prefix, *fw_path; -- -- prefix = fw_path = grub_env_get ("fw_path"); -- if (fw_path) -- { -- config = grub_xasprintf ("%s/grub.cfg", fw_path); -- if (config) -- { -- grub_file_t file; -- -- file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -- if (file) -- { -- grub_file_close (file); -- grub_enter_normal_mode (config); -- } -- else -- { -- /* Ignore all errors. */ -- grub_errno = 0; -- } -- grub_free (config); -- } -- } -+ const char *prefix; -+ const char *net_search_cfg; -+ int disable_net_search = 0; - -+ prefix = grub_env_get ("fw_path"); - if (! prefix) - prefix = grub_env_get ("prefix"); -+ -+ net_search_cfg = grub_env_get ("feature_net_search_cfg"); -+ if (net_search_cfg && net_search_cfg[0] == 'n') -+ disable_net_search = 1; -+ - if (prefix) - { -- grub_size_t config_len; -- int disable_net_search = 0; -- const char *net_search_cfg; -- -- config_len = grub_strlen (prefix) + -- sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"); -- config = grub_malloc (config_len); -- -- if (!config) -- goto quit; -- -- grub_snprintf (config, config_len, "%s/grub.cfg", prefix); -- -- net_search_cfg = grub_env_get ("feature_net_search_cfg"); -- if (net_search_cfg && net_search_cfg[0] == 'n') -- disable_net_search = 1; -- - if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 && - !disable_net_search) -- grub_net_search_config_file (config); -+ { -+ grub_size_t config_len; -+ config_len = grub_strlen (prefix) + -+ sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"); -+ config = grub_malloc (config_len); - -- grub_enter_normal_mode (config); -- grub_free (config); -- } -+ if (! config) -+ goto quit; -+ -+ grub_snprintf (config, config_len, "%s/grub.cfg", prefix); -+ -+ grub_net_search_configfile (config); -+ -+ grub_enter_normal_mode (config); -+ grub_free (config); -+ config = NULL; -+ } -+ -+ if (!config) -+ { -+ config = grub_xasprintf ("%s/grub.cfg", prefix); -+ if (config) -+ { -+ grub_file_t file; -+ -+ file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -+ if (file) -+ { -+ grub_file_close (file); -+ grub_enter_normal_mode (config); -+ } -+ else -+ { -+ /* Ignore all errors. */ -+ grub_errno = 0; -+ } -+ grub_free (config); -+ } -+ } -+ } - else -- grub_enter_normal_mode (0); -+ { -+ grub_enter_normal_mode (0); -+ } - } - else - grub_enter_normal_mode (argv[0]); diff --git a/0030-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch b/0030-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch deleted file mode 100644 index 245faf7ef547a9f0be5151acd58ba4bbe9fdd553..0000000000000000000000000000000000000000 --- a/0030-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 4 Sep 2014 14:23:23 -0400 -Subject: [PATCH] Generate OS and CLASS in 10_linux from /etc/os-release - -This makes us use pretty names in the titles we generate in -grub2-mkconfig when GRUB_DISTRIBUTOR isn't set. - -Resolves: rhbz#996794 - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index cf8d1186981..5f6d3c8d52d 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -29,7 +29,8 @@ export TEXTDOMAINDIR="@localedir@" - CLASS="--class gnu-linux --class gnu --class os --unrestricted" - - if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then -- OS="$(sed 's, release .*$,,g' /etc/system-release)" -+ OS="$(eval $(grep PRETTY_NAME /etc/os-release) ; echo ${PRETTY_NAME})" -+ CLASS="--class $(eval $(grep '^ID_LIKE=\|^ID=' /etc/os-release) ; [ -n "${ID_LIKE}" ] && echo ${ID_LIKE} || echo ${ID}) ${CLASS}" - else - OS="${GRUB_DISTRIBUTOR}" - CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}" diff --git a/0031-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch b/0031-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch deleted file mode 100644 index 3e2d3ae5c821679b65918ca5cf2738d9fc0a3a8a..0000000000000000000000000000000000000000 --- a/0031-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 4 Sep 2014 15:52:08 -0400 -Subject: [PATCH] Minimize the sort ordering for .debug and -rescue- kernels. - -Resolves: rhbz#1065360 -Signed-off-by: Peter Jones ---- - util/grub-mkconfig_lib.in | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in -index 301d1ac229a..0f6505bf3b6 100644 ---- a/util/grub-mkconfig_lib.in -+++ b/util/grub-mkconfig_lib.in -@@ -253,6 +253,14 @@ version_test_gt () - *.old:*.old) ;; - *.old:*) version_test_gt_a="`echo "$version_test_gt_a" | sed -e 's/\.old$//'`" ; version_test_gt_cmp=gt ;; - *:*.old) version_test_gt_b="`echo "$version_test_gt_b" | sed -e 's/\.old$//'`" ; version_test_gt_cmp=ge ;; -+ *-rescue*:*-rescue*) ;; -+ *?debug:*?debug) ;; -+ *-rescue*:*?debug) return 1 ;; -+ *?debug:*-rescue*) return 0 ;; -+ *-rescue*:*) return 1 ;; -+ *:*-rescue*) return 0 ;; -+ *?debug:*) return 1 ;; -+ *:*?debug) return 0 ;; - esac - version_test_numeric "$version_test_gt_a" "$version_test_gt_cmp" "$version_test_gt_b" - return "$?" diff --git a/0032-Try-prefix-if-fw_path-doesn-t-work.patch b/0032-Try-prefix-if-fw_path-doesn-t-work.patch deleted file mode 100644 index 54a876ba87dec5a80a80d3c5906e17d4e99f585f..0000000000000000000000000000000000000000 --- a/0032-Try-prefix-if-fw_path-doesn-t-work.patch +++ /dev/null @@ -1,222 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 Jul 2019 10:35:16 +0200 -Subject: [PATCH] Try $prefix if $fw_path doesn't work. - -Related: rhbz#1148652 - -Signed-off-by: Peter Jones ---- - grub-core/kern/ieee1275/init.c | 28 +++++---- - grub-core/net/net.c | 2 +- - grub-core/normal/main.c | 134 ++++++++++++++++++++--------------------- - 3 files changed, 82 insertions(+), 82 deletions(-) - -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index e71d1584164..0cd2a627231 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -127,23 +127,25 @@ grub_machine_get_bootlocation (char **device, char **path) - grub_free (canon); - } - else -- *device = grub_ieee1275_encode_devname (bootpath); -- grub_free (type); -- -- filename = grub_ieee1275_get_filename (bootpath); -- if (filename) - { -- char *lastslash = grub_strrchr (filename, '\\'); -- -- /* Truncate at last directory. */ -- if (lastslash) -+ filename = grub_ieee1275_get_filename (bootpath); -+ if (filename) - { -- *lastslash = '\0'; -- grub_translate_ieee1275_path (filename); -+ char *lastslash = grub_strrchr (filename, '\\'); - -- *path = filename; -- } -+ /* Truncate at last directory. */ -+ if (lastslash) -+ { -+ *lastslash = '\0'; -+ grub_translate_ieee1275_path (filename); -+ -+ *path = filename; -+ } -+ } -+ *device = grub_ieee1275_encode_devname (bootpath); - } -+ -+ grub_free (type); - grub_free (bootpath); - } - -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 4d3eb5c1a52..0ef148f4adc 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -1869,7 +1869,7 @@ grub_net_search_config_file (char *config) - /* Remove the remaining minus sign at the end. */ - config[config_len] = '\0'; - -- return GRUB_ERR_NONE; -+ return GRUB_ERR_FILE_NOT_FOUND; - } - - static struct grub_preboot *fini_hnd; -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 880d0ebd454..d5df4f815b0 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -335,81 +335,79 @@ grub_enter_normal_mode (const char *config) - grub_boot_time ("Exiting normal mode"); - } - -+static grub_err_t -+grub_try_normal (const char *variable) -+{ -+ char *config; -+ const char *prefix; -+ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; -+ const char *net_search_cfg; -+ int disable_net_search = 0; -+ -+ prefix = grub_env_get (variable); -+ if (!prefix) -+ return GRUB_ERR_FILE_NOT_FOUND; -+ -+ net_search_cfg = grub_env_get ("feature_net_search_cfg"); -+ if (net_search_cfg && net_search_cfg[0] == 'n') -+ disable_net_search = 1; -+ -+ if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 && -+ !disable_net_search) -+ { -+ grub_size_t config_len; -+ config_len = grub_strlen (prefix) + -+ sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"); -+ config = grub_malloc (config_len); -+ -+ if (! config) -+ return GRUB_ERR_FILE_NOT_FOUND; -+ -+ grub_snprintf (config, config_len, "%s/grub.cfg", prefix); -+ err = grub_net_search_config_file (config); -+ } -+ -+ if (err != GRUB_ERR_NONE) -+ { -+ config = grub_xasprintf ("%s/grub.cfg", prefix); -+ if (config) -+ { -+ grub_file_t file; -+ file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -+ if (file) -+ { -+ grub_file_close (file); -+ err = GRUB_ERR_NONE; -+ } -+ } -+ } -+ -+ if (err == GRUB_ERR_NONE) -+ grub_enter_normal_mode (config); -+ -+ grub_errno = 0; -+ grub_free (config); -+ return err; -+} -+ - /* Enter normal mode from rescue mode. */ - static grub_err_t - grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - int argc, char *argv[]) - { -- if (argc == 0) -- { -- /* Guess the config filename. It is necessary to make CONFIG static, -- so that it won't get broken by longjmp. */ -- char *config; -- const char *prefix; -- const char *net_search_cfg; -- int disable_net_search = 0; -- -- prefix = grub_env_get ("fw_path"); -- if (! prefix) -- prefix = grub_env_get ("prefix"); -- -- net_search_cfg = grub_env_get ("feature_net_search_cfg"); -- if (net_search_cfg && net_search_cfg[0] == 'n') -- disable_net_search = 1; -- -- if (prefix) -- { -- if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 && -- !disable_net_search) -- { -- grub_size_t config_len; -- config_len = grub_strlen (prefix) + -- sizeof ("/grub.cfg-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"); -- config = grub_malloc (config_len); -- -- if (! config) -- goto quit; -- -- grub_snprintf (config, config_len, "%s/grub.cfg", prefix); -- -- grub_net_search_configfile (config); -- -- grub_enter_normal_mode (config); -- grub_free (config); -- config = NULL; -- } -- -- if (!config) -- { -- config = grub_xasprintf ("%s/grub.cfg", prefix); -- if (config) -- { -- grub_file_t file; -- -- file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -- if (file) -- { -- grub_file_close (file); -- grub_enter_normal_mode (config); -- } -- else -- { -- /* Ignore all errors. */ -- grub_errno = 0; -- } -- grub_free (config); -- } -- } -- } -- else -- { -- grub_enter_normal_mode (0); -- } -- } -- else -+ if (argc) - grub_enter_normal_mode (argv[0]); -+ else -+ { -+ /* Guess the config filename. */ -+ grub_err_t err; -+ err = grub_try_normal ("fw_path"); -+ if (err == GRUB_ERR_FILE_NOT_FOUND) -+ err = grub_try_normal ("prefix"); -+ if (err == GRUB_ERR_FILE_NOT_FOUND) -+ grub_enter_normal_mode (0); -+ } - --quit: - return 0; - } - diff --git a/0033-Use-rpm-s-sort-for-grub2-mkconfig.patch b/0033-Use-rpm-s-sort-for-grub2-mkconfig.patch deleted file mode 100644 index ff1c13ecac512d2deee72476b941561256f6662b..0000000000000000000000000000000000000000 --- a/0033-Use-rpm-s-sort-for-grub2-mkconfig.patch +++ /dev/null @@ -1,475 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Robert Marshall -Date: Mon, 16 Mar 2015 14:14:19 -0400 -Subject: [PATCH] Use rpm's sort for grub2-mkconfig - -Add an option for rpm-based systems to use the rpm-sort library to sort -kernels. This avoids problems due to discrepancies between `sort -V` -and rpm. - -Signed-off-by: Robert Marshall -[pjones: fix --enable-rpm-sort configure option] -Signed-off-by: Peter Jones -[thierry.vignaud: fix build with rpm-4.16] -Signed-off-by: Thierry Vignaud -[tim: fix disabling grub-rpm-sort by ./configure] -Signed-off-by: Tim Landscheidt -[javierm: don't check for rpmvercmp in librpm] -Signed-off-by: Javier Martinez Canillas -[rharwood: commit message] -Signed-off-by: Robbie Harwood ---- - configure.ac | 37 ++++++ - Makefile.util.def | 17 +++ - util/grub-rpm-sort.c | 281 ++++++++++++++++++++++++++++++++++++++++++++++ - util/grub-mkconfig_lib.in | 11 +- - util/grub-rpm-sort.8 | 12 ++ - 5 files changed, 357 insertions(+), 1 deletion(-) - create mode 100644 util/grub-rpm-sort.c - create mode 100644 util/grub-rpm-sort.8 - -diff --git a/configure.ac b/configure.ac -index bec8535af70..643a13f9147 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -72,6 +72,7 @@ grub_TRANSFORM([grub-mkrelpath]) - grub_TRANSFORM([grub-mkrescue]) - grub_TRANSFORM([grub-probe]) - grub_TRANSFORM([grub-reboot]) -+grub_TRANSFORM([grub-rpm-sort]) - grub_TRANSFORM([grub-script-check]) - grub_TRANSFORM([grub-set-default]) - grub_TRANSFORM([grub-sparc64-setup]) -@@ -95,6 +96,7 @@ grub_TRANSFORM([grub-mkrescue.1]) - grub_TRANSFORM([grub-mkstandalone.3]) - grub_TRANSFORM([grub-ofpathname.3]) - grub_TRANSFORM([grub-probe.3]) -+grub_TRANSFORM([grub-rpm-sort.8]) - grub_TRANSFORM([grub-reboot.3]) - grub_TRANSFORM([grub-render-label.3]) - grub_TRANSFORM([grub-script-check.3]) -@@ -1860,6 +1862,35 @@ fi - - AC_SUBST([LIBDEVMAPPER]) - -+AC_ARG_ENABLE([rpm-sort], -+ [AS_HELP_STRING([--enable-rpm-sort], -+ [enable native rpm sorting of kernels in grub (default=guessed)])]) -+if test x"$enable_rpm_sort" = xno ; then -+ rpm_sort_excuse="explicitly disabled" -+else -+ enable_rpm_sort=yes -+fi -+ -+if test x"$rpm_sort_excuse" = x ; then -+ # Check for rpmlib header. -+ AC_CHECK_HEADER([rpm/rpmlib.h], [], -+ [rpm_sort_excuse="need rpm/rpmlib header"]) -+fi -+ -+if test x"$rpm_sort_excuse" = x ; then -+ # Check for rpmio library. -+ AC_CHECK_LIB([rpmio], [rpmvercmp], [], -+ [rpm_sort_excuse="rpmio missing rpmvercmp"]) -+fi -+ -+if test x"$rpm_sort_excuse" = x ; then -+ LIBRPM="-lrpmio"; -+ AC_DEFINE([HAVE_RPMIO], [1], -+ [Define to 1 if you have the rpmio library.]) -+fi -+ -+AC_SUBST([LIBRPM]) -+ - LIBGEOM= - if test x$host_kernel = xkfreebsd; then - AC_CHECK_LIB([geom], [geom_gettree], [], -@@ -2047,6 +2078,7 @@ AM_CONDITIONAL([COND_GRUB_EMU_SDL], [test x$enable_grub_emu_sdl = xyes]) - AM_CONDITIONAL([COND_GRUB_EMU_PCI], [test x$enable_grub_emu_pci = xyes]) - AM_CONDITIONAL([COND_GRUB_MKFONT], [test x$enable_grub_mkfont = xyes]) - AM_CONDITIONAL([COND_GRUB_MOUNT], [test x$enable_grub_mount = xyes]) -+AM_CONDITIONAL([COND_GRUB_RPM_SORT], [test x$enable_rpm_sort = xyes]) - AM_CONDITIONAL([COND_HAVE_FONT_SOURCE], [test x$FONT_SOURCE != x]) - if test x$FONT_SOURCE != x ; then - HAVE_FONT_SOURCE=1 -@@ -2168,6 +2200,11 @@ echo grub-mount: Yes - else - echo grub-mount: No "($grub_mount_excuse)" - fi -+if [ x"$rpm_sort_excuse" = x ]; then -+echo grub-rpm-sort: Yes -+else -+echo grub-rpm-sort: No "($rpm_sort_excuse)" -+fi - if [ x"$starfield_excuse" = x ]; then - echo starfield theme: Yes - echo With DejaVuSans font from $DJVU_FONT_SOURCE -diff --git a/Makefile.util.def b/Makefile.util.def -index 2c9b283a230..bc10cc79722 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -703,6 +703,23 @@ program = { - ldadd = '$(LIBINTL) $(LIBDEVMAPPER) $(LIBUTIL) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; - }; - -+program = { -+ name = grub-rpm-sort; -+ mansection = 8; -+ installdir = sbin; -+ -+ common = grub-core/kern/emu/misc.c; -+ common = grub-core/kern/emu/argp_common.c; -+ common = grub-core/osdep/init.c; -+ common = util/misc.c; -+ common = util/grub-rpm-sort.c; -+ -+ ldadd = libgrubkern.a; -+ ldadd = grub-core/lib/gnulib/libgnu.a; -+ ldadd = '$(LIBDEVMAPPER) $(LIBRPM)'; -+ condition = COND_GRUB_RPM_SORT; -+}; -+ - script = { - name = grub-mkconfig; - common = util/grub-mkconfig.in; -diff --git a/util/grub-rpm-sort.c b/util/grub-rpm-sort.c -new file mode 100644 -index 00000000000..f33bd1ed568 ---- /dev/null -+++ b/util/grub-rpm-sort.c -@@ -0,0 +1,281 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static size_t -+read_file (const char *input, char **ret) -+{ -+ FILE *in; -+ size_t s; -+ size_t sz = 2048; -+ size_t offset = 0; -+ char *text; -+ -+ if (!strcmp(input, "-")) -+ in = stdin; -+ else -+ in = grub_util_fopen(input, "r"); -+ -+ text = xmalloc (sz); -+ -+ if (!in) -+ grub_util_error (_("cannot open `%s': %s"), input, strerror (errno)); -+ -+ while ((s = fread (text + offset, 1, sz - offset, in)) != 0) -+ { -+ offset += s; -+ if (sz - offset == 0) -+ { -+ sz += 2048; -+ text = xrealloc (text, sz); -+ } -+ } -+ -+ text[offset] = '\0'; -+ *ret = text; -+ -+ if (in != stdin) -+ fclose(in); -+ -+ return offset + 1; -+} -+ -+/* returns name/version/release */ -+/* NULL string pointer returned if nothing found */ -+static void -+split_package_string (char *package_string, char **name, -+ char **version, char **release) -+{ -+ char *package_version, *package_release; -+ -+ /* Release */ -+ package_release = strrchr (package_string, '-'); -+ -+ if (package_release != NULL) -+ *package_release++ = '\0'; -+ -+ *release = package_release; -+ -+ /* Version */ -+ package_version = strrchr(package_string, '-'); -+ -+ if (package_version != NULL) -+ *package_version++ = '\0'; -+ -+ *version = package_version; -+ /* Name */ -+ *name = package_string; -+ -+ /* Bubble up non-null values from release to name */ -+ if (*name == NULL) -+ { -+ *name = (*version == NULL ? *release : *version); -+ *version = *release; -+ *release = NULL; -+ } -+ if (*version == NULL) -+ { -+ *version = *release; -+ *release = NULL; -+ } -+} -+ -+/* -+ * package name-version-release comparator for qsort -+ * expects p, q which are pointers to character strings (char *) -+ * which will not be altered in this function -+ */ -+static int -+package_version_compare (const void *p, const void *q) -+{ -+ char *local_p, *local_q; -+ char *lhs_name, *lhs_version, *lhs_release; -+ char *rhs_name, *rhs_version, *rhs_release; -+ int vercmpflag = 0; -+ -+ local_p = alloca (strlen (*(char * const *)p) + 1); -+ local_q = alloca (strlen (*(char * const *)q) + 1); -+ -+ /* make sure these allocated */ -+ assert (local_p); -+ assert (local_q); -+ -+ strcpy (local_p, *(char * const *)p); -+ strcpy (local_q, *(char * const *)q); -+ -+ split_package_string (local_p, &lhs_name, &lhs_version, &lhs_release); -+ split_package_string (local_q, &rhs_name, &rhs_version, &rhs_release); -+ -+ /* Check Name and return if unequal */ -+ vercmpflag = rpmvercmp ((lhs_name == NULL ? "" : lhs_name), -+ (rhs_name == NULL ? "" : rhs_name)); -+ if (vercmpflag != 0) -+ return vercmpflag; -+ -+ /* Check version and return if unequal */ -+ vercmpflag = rpmvercmp ((lhs_version == NULL ? "" : lhs_version), -+ (rhs_version == NULL ? "" : rhs_version)); -+ if (vercmpflag != 0) -+ return vercmpflag; -+ -+ /* Check release and return the version compare value */ -+ vercmpflag = rpmvercmp ((lhs_release == NULL ? "" : lhs_release), -+ (rhs_release == NULL ? "" : rhs_release)); -+ -+ return vercmpflag; -+} -+ -+static void -+add_input (const char *filename, char ***package_names, size_t *n_package_names) -+{ -+ char *orig_input_buffer = NULL; -+ char *input_buffer; -+ char *position_of_newline; -+ char **names = *package_names; -+ char **new_names = NULL; -+ size_t n_names = *n_package_names; -+ -+ if (!*package_names) -+ new_names = names = xmalloc (sizeof (char *) * 2); -+ -+ if (read_file (filename, &orig_input_buffer) < 2) -+ { -+ if (new_names) -+ free (new_names); -+ if (orig_input_buffer) -+ free (orig_input_buffer); -+ return; -+ } -+ -+ input_buffer = orig_input_buffer; -+ while (input_buffer && *input_buffer && -+ (position_of_newline = strchrnul (input_buffer, '\n'))) -+ { -+ size_t sz = position_of_newline - input_buffer; -+ char *new; -+ -+ if (sz == 0) -+ { -+ input_buffer = position_of_newline + 1; -+ continue; -+ } -+ -+ new = xmalloc (sz+1); -+ strncpy (new, input_buffer, sz); -+ new[sz] = '\0'; -+ -+ names = xrealloc (names, sizeof (char *) * (n_names + 1)); -+ names[n_names] = new; -+ n_names++; -+ -+ /* move buffer ahead to next line */ -+ input_buffer = position_of_newline + 1; -+ if (*position_of_newline == '\0') -+ input_buffer = NULL; -+ } -+ -+ free (orig_input_buffer); -+ -+ *package_names = names; -+ *n_package_names = n_names; -+} -+ -+static char * -+help_filter (int key, const char *text, void *input __attribute__ ((unused))) -+{ -+ return (char *)text; -+} -+ -+static struct argp_option options[] = { -+ { 0, } -+}; -+ -+struct arguments -+{ -+ size_t ninputs; -+ size_t input_max; -+ char **inputs; -+}; -+ -+static error_t -+argp_parser (int key, char *arg, struct argp_state *state) -+{ -+ struct arguments *arguments = state->input; -+ switch (key) -+ { -+ case ARGP_KEY_ARG: -+ assert (arguments->ninputs < arguments->input_max); -+ arguments->inputs[arguments->ninputs++] = xstrdup (arg); -+ break; -+ default: -+ return ARGP_ERR_UNKNOWN; -+ } -+ return 0; -+} -+ -+static struct argp argp = { -+ options, argp_parser, N_("[INPUT_FILES]"), -+ N_("Sort a list of strings in RPM version sort order."), -+ NULL, help_filter, NULL -+}; -+ -+int -+main (int argc, char *argv[]) -+{ -+ struct arguments arguments; -+ char **package_names = NULL; -+ size_t n_package_names = 0; -+ int i; -+ -+ grub_util_host_init (&argc, &argv); -+ -+ memset (&arguments, 0, sizeof (struct arguments)); -+ arguments.input_max = argc+1; -+ arguments.inputs = xmalloc ((arguments.input_max + 1) -+ * sizeof (arguments.inputs[0])); -+ memset (arguments.inputs, 0, (arguments.input_max + 1) -+ * sizeof (arguments.inputs[0])); -+ -+ /* Parse our arguments */ -+ if (argp_parse (&argp, argc, argv, 0, 0, &arguments) != 0) -+ grub_util_error ("%s", _("Error in parsing command line arguments\n")); -+ -+ /* If there's no inputs in argv, add one for stdin */ -+ if (!arguments.ninputs) -+ { -+ arguments.ninputs = 1; -+ arguments.inputs[0] = xmalloc (2); -+ strcpy(arguments.inputs[0], "-"); -+ } -+ -+ for (i = 0; i < arguments.ninputs; i++) -+ add_input(arguments.inputs[i], &package_names, &n_package_names); -+ -+ if (package_names == NULL || n_package_names < 1) -+ grub_util_error ("%s", _("Invalid input\n")); -+ -+ qsort (package_names, n_package_names, sizeof (char *), -+ package_version_compare); -+ -+ /* send sorted list to stdout */ -+ for (i = 0; i < n_package_names; i++) -+ { -+ fprintf (stdout, "%s\n", package_names[i]); -+ free (package_names[i]); -+ } -+ -+ free (package_names); -+ for (i = 0; i < arguments.ninputs; i++) -+ free (arguments.inputs[i]); -+ -+ free (arguments.inputs); -+ -+ return 0; -+} -diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in -index 0f6505bf3b6..42c2ea9ba50 100644 ---- a/util/grub-mkconfig_lib.in -+++ b/util/grub-mkconfig_lib.in -@@ -33,6 +33,9 @@ fi - if test "x$grub_mkrelpath" = x; then - grub_mkrelpath="${bindir}/@grub_mkrelpath@" - fi -+if test "x$grub_rpm_sort" = x; then -+ grub_rpm_sort="${sbindir}/@grub_rpm_sort@" -+fi - - if command -v gettext >/dev/null; then - : -@@ -218,6 +221,12 @@ version_sort () - esac - } - -+if [ "x$grub_rpm_sort" != x -a -x "$grub_rpm_sort" ]; then -+ kernel_sort="$grub_rpm_sort" -+else -+ kernel_sort=version_sort -+fi -+ - version_test_numeric () - { - version_test_numeric_a="$1" -@@ -234,7 +243,7 @@ version_test_numeric () - version_test_numeric_a="$version_test_numeric_b" - version_test_numeric_b="$version_test_numeric_c" - fi -- if (echo "$version_test_numeric_a" ; echo "$version_test_numeric_b") | version_sort | head -n 1 | grep -qx "$version_test_numeric_b" ; then -+ if (echo "$version_test_numeric_a" ; echo "$version_test_numeric_b") | "$kernel_sort" | head -n 1 | grep -qx "$version_test_numeric_b" ; then - return 0 - else - return 1 -diff --git a/util/grub-rpm-sort.8 b/util/grub-rpm-sort.8 -new file mode 100644 -index 00000000000..8ce21488448 ---- /dev/null -+++ b/util/grub-rpm-sort.8 -@@ -0,0 +1,12 @@ -+.TH GRUB-RPM-SORT 8 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-rpm-sort\fR \(em Sort input according to RPM version compare. -+ -+.SH SYNOPSIS -+\fBgrub-rpm-sort\fR [OPTIONS]. -+ -+.SH DESCRIPTION -+You should not normally run this program directly. Use grub-mkconfig instead. -+ -+.SH SEE ALSO -+.BR "info grub" diff --git a/0034-Make-grub2-mkconfig-construct-titles-that-look-like-.patch b/0034-Make-grub2-mkconfig-construct-titles-that-look-like-.patch deleted file mode 100644 index 4eb37e1ed475938f4491959feae6650a5d4ab894..0000000000000000000000000000000000000000 --- a/0034-Make-grub2-mkconfig-construct-titles-that-look-like-.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Apr 2015 11:15:03 -0400 -Subject: [PATCH] Make grub2-mkconfig construct titles that look like the ones - we want elsewhere. - -Resolves: rhbz#1215839 - -Signed-off-by: Peter Jones ---- - util/grub.d/10_linux.in | 34 +++++++++++++++++++++++++++------- - 1 file changed, 27 insertions(+), 7 deletions(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 5f6d3c8d52d..786dbabb4a8 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -78,6 +78,32 @@ case x"$GRUB_FS" in - ;; - esac - -+mktitle () -+{ -+ local title_type -+ local version -+ local OS_NAME -+ local OS_VERS -+ -+ title_type=$1 && shift -+ version=$1 && shift -+ -+ OS_NAME="$(eval $(grep ^NAME= /etc/os-release) ; echo ${NAME})" -+ OS_VERS="$(eval $(grep ^VERSION= /etc/os-release) ; echo ${VERSION})" -+ -+ case $title_type in -+ recovery) -+ title=$(printf '%s (%s) %s (recovery mode)' \ -+ "${OS_NAME}" "${version}" "${OS_VERS}") -+ ;; -+ *) -+ title=$(printf '%s (%s) %s' \ -+ "${OS_NAME}" "${version}" "${OS_VERS}") -+ ;; -+ esac -+ echo -n ${title} -+} -+ - title_correction_code= - - linux_entry () -@@ -91,17 +117,11 @@ linux_entry () - boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" - fi - if [ x$type != xsimple ] ; then -- case $type in -- recovery) -- title="$(gettext_printf "%s, with Linux %s (recovery mode)" "${os}" "${version}")" ;; -- *) -- title="$(gettext_printf "%s, with Linux %s" "${os}" "${version}")" ;; -- esac -+ title=$(mktitle "$type" "$version") - if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then - replacement_title="$(echo "Advanced options for ${OS}" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')" - quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)" - title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;" -- grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")" - fi - echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/" - else diff --git a/0035-Add-friendly-grub2-password-config-tool-985962.patch b/0035-Add-friendly-grub2-password-config-tool-985962.patch deleted file mode 100644 index 2d6f18a62096a733d4f8318e57ec77008fe14f98..0000000000000000000000000000000000000000 --- a/0035-Add-friendly-grub2-password-config-tool-985962.patch +++ /dev/null @@ -1,269 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Robert Marshall -Date: Thu, 25 Jun 2015 11:13:11 -0400 -Subject: [PATCH] Add friendly grub2 password config tool (#985962) - -Provided a tool for users to reset the grub2 root user password -without having to alter the grub.cfg. The hashed password now -lives in a root-only-readable configuration file. - -Resolves: rhbz#985962 - -Signed-off-by: Robert Marshall -[pjones: fix the efidir in grub-setpassword and rename tool] -Signed-off-by: Peter Jones -[luto: fix grub-setpassword -o's output path] -Andy Lutomirski ---- - configure.ac | 1 + - Makefile.util.def | 13 +++++ - util/grub-mkconfig.in | 2 + - util/grub-set-password.8 | 28 ++++++++++ - util/grub-set-password.in | 128 ++++++++++++++++++++++++++++++++++++++++++++++ - util/grub.d/01_users.in | 11 ++++ - 6 files changed, 183 insertions(+) - create mode 100644 util/grub-set-password.8 - create mode 100644 util/grub-set-password.in - create mode 100644 util/grub.d/01_users.in - -diff --git a/configure.ac b/configure.ac -index 643a13f9147..25e1abb59b9 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -72,6 +72,7 @@ grub_TRANSFORM([grub-mkrelpath]) - grub_TRANSFORM([grub-mkrescue]) - grub_TRANSFORM([grub-probe]) - grub_TRANSFORM([grub-reboot]) -+grub_TRANSFORM([grub-set-password]) - grub_TRANSFORM([grub-rpm-sort]) - grub_TRANSFORM([grub-script-check]) - grub_TRANSFORM([grub-set-default]) -diff --git a/Makefile.util.def b/Makefile.util.def -index bc10cc79722..8ca4c14f0b9 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -452,6 +452,12 @@ script = { - installdir = grubconf; - }; - -+script = { -+ name = '01_users'; -+ common = util/grub.d/01_users.in; -+ installdir = grubconf; -+}; -+ - script = { - name = '10_windows'; - common = util/grub.d/10_windows.in; -@@ -741,6 +747,13 @@ script = { - installdir = sbin; - }; - -+script = { -+ name = grub-set-password; -+ common = util/grub-set-password.in; -+ mansection = 8; -+ installdir = sbin; -+}; -+ - script = { - name = grub-mkconfig_lib; - common = util/grub-mkconfig_lib.in; -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 8ea2315ebc2..ba14cf6261c 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -276,6 +276,8 @@ for i in "${grub_mkconfig_dir}"/* ; do - *~) ;; - # emacsen autosave files. FIXME: support other editors - */\#*\#) ;; -+ # rpm config files of yore. -+ *.rpmsave|*.rpmnew|*.rpmorig) ;; - *) - if grub_file_is_not_garbage "$i" && test -x "$i" ; then - echo -diff --git a/util/grub-set-password.8 b/util/grub-set-password.8 -new file mode 100644 -index 00000000000..9646546e43d ---- /dev/null -+++ b/util/grub-set-password.8 -@@ -0,0 +1,28 @@ -+.TH GRUB-SET-PASSWORD 3 "Thu Jun 25 2015" -+.SH NAME -+\fBgrub-set-password\fR \(em Generate the user.cfg file containing the hashed grub bootloader password. -+ -+.SH SYNOPSIS -+\fBgrub-set-password\fR [OPTION] -+ -+.SH DESCRIPTION -+\fBgrub-set-password\fR outputs the user.cfg file which contains the hashed GRUB bootloader password. This utility only supports configurations where there is a single root user. -+ -+The file has the format: -+GRUB2_PASSWORD=<\fIhashed password\fR>. -+ -+.SH OPTIONS -+.TP -+-h, --help -+Display program usage and exit. -+.TP -+-v, --version -+Display the current version. -+.TP -+-o, --output=<\fIDIRECTORY\fR> -+Choose the file path to which user.cfg will be written. -+ -+.SH SEE ALSO -+.BR "info grub" -+ -+.BR "info grub2-mkpasswd-pbkdf2" -diff --git a/util/grub-set-password.in b/util/grub-set-password.in -new file mode 100644 -index 00000000000..5ebf50576d6 ---- /dev/null -+++ b/util/grub-set-password.in -@@ -0,0 +1,128 @@ -+#!/bin/sh -e -+ -+EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/') -+if [ -d /sys/firmware/efi/efivars/ ]; then -+ grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'` -+else -+ grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'` -+fi -+ -+PACKAGE_VERSION="@PACKAGE_VERSION@" -+PACKAGE_NAME="@PACKAGE_NAME@" -+self=`basename $0` -+bindir="@bindir@" -+grub_mkpasswd="${bindir}/@grub_mkpasswd_pbkdf2@" -+ -+# Usage: usage -+# Print the usage. -+usage () { -+ cat < put user.cfg in a user-selected directory -+ -+Report bugs at https://bugzilla.redhat.com. -+EOF -+} -+ -+argument () { -+ opt=$1 -+ shift -+ -+ if test $# -eq 0; then -+ gettext_printf "%s: option requires an argument -- \`%s'\n" "$self" "$opt" 1>&2 -+ exit 1 -+ fi -+ echo $1 -+} -+ -+# Ensure that it's the root user running this script -+if [ "${EUID}" -ne 0 ]; then -+ echo "The grub bootloader password may only be set by root." -+ usage -+ exit 2 -+fi -+ -+# Check the arguments. -+while test $# -gt 0 -+do -+ option=$1 -+ shift -+ -+ case "$option" in -+ -h | --help) -+ usage -+ exit 0 ;; -+ -v | --version) -+ echo "$self (${PACKAGE_NAME}) ${PACKAGE_VERSION}" -+ exit 0 ;; -+ -o | --output) -+ OUTPUT_PATH=`argument $option "$@"`; shift ;; -+ --output=*) -+ OUTPUT_PATH=`echo "$option" | sed 's/--output=//'` ;; -+ -o=*) -+ OUTPUT_PATH=`echo "$option" | sed 's/-o=//'` ;; -+ esac -+done -+ -+# set user input or default path for user.cfg file -+if [ -z "${OUTPUT_PATH}" ]; then -+ OUTPUT_PATH="${grubdir}" -+fi -+ -+if [ ! -d "${OUTPUT_PATH}" ]; then -+ echo "${OUTPUT_PATH} does not exist." -+ usage -+ exit 2; -+fi -+ -+ttyopt=$(stty -g) -+fixtty() { -+ stty ${ttyopt} -+} -+ -+trap fixtty EXIT -+stty -echo -+ -+# prompt & confirm new grub2 root user password -+echo -n "Enter password: " -+read PASSWORD -+echo -+echo -n "Confirm password: " -+read PASSWORD_CONFIRM -+echo -+stty ${ttyopt} -+ -+getpass() { -+ local P0 -+ local P1 -+ P0="$1" && shift -+ P1="$1" && shift -+ -+ ( echo ${P0} ; echo ${P1} ) | \ -+ LC_ALL=C ${grub_mkpasswd} | \ -+ grep -v '[eE]nter password:' | \ -+ sed -e "s/PBKDF2 hash of your password is //" -+} -+ -+MYPASS="$(getpass "${PASSWORD}" "${PASSWORD_CONFIRM}")" -+if [ -z "${MYPASS}" ]; then -+ echo "${self}: error: empty password" 1>&2 -+ exit 1 -+fi -+ -+# on the ESP, these will fail to set the permissions, but it's okay because -+# the directory is protected. -+install -m 0600 /dev/null "${OUTPUT_PATH}/user.cfg" 2>/dev/null || : -+chmod 0600 "${OUTPUT_PATH}/user.cfg" 2>/dev/null || : -+echo "GRUB2_PASSWORD=${MYPASS}" > "${OUTPUT_PATH}/user.cfg" -+ -+if ! grep -q "^### BEGIN /etc/grub.d/01_users ###$" "${OUTPUT_PATH}/grub.cfg"; then -+ echo "WARNING: The current configuration lacks password support!" -+ echo "Update your configuration with @grub_mkconfig@ to support this feature." -+fi -diff --git a/util/grub.d/01_users.in b/util/grub.d/01_users.in -new file mode 100644 -index 00000000000..db2f44bfb78 ---- /dev/null -+++ b/util/grub.d/01_users.in -@@ -0,0 +1,11 @@ -+#!/bin/sh -e -+cat << EOF -+if [ -f \${prefix}/user.cfg ]; then -+ source \${prefix}/user.cfg -+ if [ -n "\${GRUB2_PASSWORD}" ]; then -+ set superusers="root" -+ export superusers -+ password_pbkdf2 root \${GRUB2_PASSWORD} -+ fi -+fi -+EOF diff --git a/0036-tcp-add-window-scaling-support.patch b/0036-tcp-add-window-scaling-support.patch deleted file mode 100644 index 7d1996c8fc233ece5afa67588ee79e6f95bd45bd..0000000000000000000000000000000000000000 --- a/0036-tcp-add-window-scaling-support.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Josef Bacik -Date: Wed, 12 Aug 2015 08:57:55 -0700 -Subject: [PATCH] tcp: add window scaling support - -Sometimes we have to provision boxes across regions, such as California to -Sweden. The http server has a 10 minute timeout, so if we can't get our 250mb -image transferred fast enough our provisioning fails, which is not ideal. So -add tcp window scaling on open connections and set the window size to 1mb. With -this change we're able to get higher sustained transfers between regions and can -transfer our image in well below 10 minutes. Without this patch we'd time out -every time halfway through the transfer. Thanks, - -Signed-off-by: Josef Bacik ---- - grub-core/net/tcp.c | 42 +++++++++++++++++++++++++++++------------- - 1 file changed, 29 insertions(+), 13 deletions(-) - -diff --git a/grub-core/net/tcp.c b/grub-core/net/tcp.c -index e8ad34b84d4..7d4b822626d 100644 ---- a/grub-core/net/tcp.c -+++ b/grub-core/net/tcp.c -@@ -106,6 +106,18 @@ struct tcphdr - grub_uint16_t urgent; - } GRUB_PACKED; - -+struct tcp_scale_opt { -+ grub_uint8_t kind; -+ grub_uint8_t length; -+ grub_uint8_t scale; -+} GRUB_PACKED; -+ -+struct tcp_synhdr { -+ struct tcphdr tcphdr; -+ struct tcp_scale_opt scale_opt; -+ grub_uint8_t padding; -+}; -+ - struct tcp_pseudohdr - { - grub_uint32_t src; -@@ -566,7 +578,7 @@ grub_net_tcp_open (char *server, - grub_net_tcp_socket_t socket; - static grub_uint16_t in_port = 21550; - struct grub_net_buff *nb; -- struct tcphdr *tcph; -+ struct tcp_synhdr *tcph; - int i; - grub_uint8_t *nbd; - grub_net_link_level_address_t ll_target_addr; -@@ -635,20 +647,24 @@ grub_net_tcp_open (char *server, - } - - tcph = (void *) nb->data; -+ grub_memset(tcph, 0, sizeof (*tcph)); - socket->my_start_seq = grub_get_time_ms (); - socket->my_cur_seq = socket->my_start_seq + 1; -- socket->my_window = 8192; -- tcph->seqnr = grub_cpu_to_be32 (socket->my_start_seq); -- tcph->ack = grub_cpu_to_be32_compile_time (0); -- tcph->flags = grub_cpu_to_be16_compile_time ((5 << 12) | TCP_SYN); -- tcph->window = grub_cpu_to_be16 (socket->my_window); -- tcph->urgent = 0; -- tcph->src = grub_cpu_to_be16 (socket->in_port); -- tcph->dst = grub_cpu_to_be16 (socket->out_port); -- tcph->checksum = 0; -- tcph->checksum = grub_net_ip_transport_checksum (nb, GRUB_NET_IP_TCP, -- &socket->inf->address, -- &socket->out_nla); -+ socket->my_window = 32768; -+ tcph->tcphdr.seqnr = grub_cpu_to_be32 (socket->my_start_seq); -+ tcph->tcphdr.ack = grub_cpu_to_be32_compile_time (0); -+ tcph->tcphdr.flags = grub_cpu_to_be16_compile_time ((6 << 12) | TCP_SYN); -+ tcph->tcphdr.window = grub_cpu_to_be16 (socket->my_window); -+ tcph->tcphdr.urgent = 0; -+ tcph->tcphdr.src = grub_cpu_to_be16 (socket->in_port); -+ tcph->tcphdr.dst = grub_cpu_to_be16 (socket->out_port); -+ tcph->tcphdr.checksum = 0; -+ tcph->scale_opt.kind = 3; -+ tcph->scale_opt.length = 3; -+ tcph->scale_opt.scale = 5; -+ tcph->tcphdr.checksum = grub_net_ip_transport_checksum (nb, GRUB_NET_IP_TCP, -+ &socket->inf->address, -+ &socket->out_nla); - - tcp_socket_register (socket); - diff --git a/0037-efinet-and-bootp-add-support-for-dhcpv6.patch b/0037-efinet-and-bootp-add-support-for-dhcpv6.patch deleted file mode 100644 index a9844b89c0caf2e3f0b25ec377f105ef9704fbed..0000000000000000000000000000000000000000 --- a/0037-efinet-and-bootp-add-support-for-dhcpv6.patch +++ /dev/null @@ -1,651 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 Jul 2019 11:47:37 +0200 -Subject: [PATCH] efinet and bootp: add support for dhcpv6 - -Signed-off-by: Peter Jones ---- - grub-core/net/bootp.c | 173 +++++++++++++++++++++++++++++++++++++ - grub-core/net/drivers/efi/efinet.c | 53 ++++++++++-- - grub-core/net/net.c | 72 +++++++++++++++ - grub-core/net/tftp.c | 4 + - include/grub/efi/api.h | 129 +++++++++++++++++++++++++-- - include/grub/net.h | 60 +++++++++++++ - 6 files changed, 477 insertions(+), 14 deletions(-) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 6fb5627025d..e28fb6a09f9 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -902,6 +902,179 @@ grub_cmd_bootp (struct grub_command *cmd __attribute__ ((unused)), - - static grub_command_t cmd_getdhcp, cmd_bootp, cmd_dhcp; - -+struct grub_net_network_level_interface * -+grub_net_configure_by_dhcpv6_ack (const char *name, -+ struct grub_net_card *card, -+ grub_net_interface_flags_t flags -+ __attribute__((__unused__)), -+ const grub_net_link_level_address_t *hwaddr, -+ const struct grub_net_dhcpv6_packet *packet, -+ int is_def, char **device, char **path) -+{ -+ struct grub_net_network_level_interface *inter = NULL; -+ struct grub_net_network_level_address addr; -+ int mask = -1; -+ -+ if (!device || !path) -+ return NULL; -+ -+ *device = 0; -+ *path = 0; -+ -+ grub_dprintf ("net", "mac address is %02x:%02x:%02x:%02x:%02x:%02x\n", -+ hwaddr->mac[0], hwaddr->mac[1], hwaddr->mac[2], -+ hwaddr->mac[3], hwaddr->mac[4], hwaddr->mac[5]); -+ -+ if (is_def) -+ grub_net_default_server = 0; -+ -+ if (is_def && !grub_net_default_server && packet) -+ { -+ const grub_uint8_t *options = packet->dhcp_options; -+ unsigned int option_max = 1024 - OFFSET_OF (dhcp_options, packet); -+ unsigned int i; -+ -+ for (i = 0; i < option_max - sizeof (grub_net_dhcpv6_option_t); ) -+ { -+ grub_uint16_t num, len; -+ grub_net_dhcpv6_option_t *opt = -+ (grub_net_dhcpv6_option_t *)(options + i); -+ -+ num = grub_be_to_cpu16(opt->option_num); -+ len = grub_be_to_cpu16(opt->option_len); -+ -+ grub_dprintf ("net", "got dhcpv6 option %d len %d\n", num, len); -+ -+ if (len == 0) -+ break; -+ -+ if (len + i > 1024) -+ break; -+ -+ if (num == GRUB_NET_DHCP6_BOOTFILE_URL) -+ { -+ char *scheme, *userinfo, *host, *file; -+ char *tmp; -+ int hostlen; -+ int port; -+ int rc = extract_url_info ((const char *)opt->option_data, -+ (grub_size_t)len, -+ &scheme, &userinfo, &host, &port, -+ &file); -+ if (rc < 0) -+ continue; -+ -+ /* right now this only handles tftp. */ -+ if (grub_strcmp("tftp", scheme)) -+ { -+ grub_free (scheme); -+ grub_free (userinfo); -+ grub_free (host); -+ grub_free (file); -+ continue; -+ } -+ grub_free (userinfo); -+ -+ hostlen = grub_strlen (host); -+ if (hostlen > 2 && host[0] == '[' && host[hostlen-1] == ']') -+ { -+ tmp = host+1; -+ host[hostlen-1] = '\0'; -+ } -+ else -+ tmp = host; -+ -+ *device = grub_xasprintf ("%s,%s", scheme, tmp); -+ grub_free (scheme); -+ grub_free (host); -+ -+ if (file && *file) -+ { -+ tmp = grub_strrchr (file, '/'); -+ if (tmp) -+ *(tmp+1) = '\0'; -+ else -+ file[0] = '\0'; -+ } -+ else if (!file) -+ file = grub_strdup (""); -+ -+ if (file[0] == '/') -+ { -+ *path = grub_strdup (file+1); -+ grub_free (file); -+ } -+ else -+ *path = file; -+ } -+ else if (num == GRUB_NET_DHCP6_IA_NA) -+ { -+ const grub_net_dhcpv6_option_t *ia_na_opt; -+ const grub_net_dhcpv6_opt_ia_na_t *ia_na = -+ (const grub_net_dhcpv6_opt_ia_na_t *)opt; -+ unsigned int left = len - OFFSET_OF (options, ia_na); -+ unsigned int j; -+ -+ if ((grub_uint8_t *)ia_na + left > -+ (grub_uint8_t *)options + option_max) -+ left -= ((grub_uint8_t *)ia_na + left) -+ - ((grub_uint8_t *)options + option_max); -+ -+ if (len < OFFSET_OF (option_data, opt) -+ + sizeof (grub_net_dhcpv6_option_t)) -+ { -+ grub_dprintf ("net", -+ "found dhcpv6 ia_na option with no address\n"); -+ continue; -+ } -+ -+ for (j = 0; left > sizeof (grub_net_dhcpv6_option_t); ) -+ { -+ ia_na_opt = (const grub_net_dhcpv6_option_t *) -+ (ia_na->options + j); -+ grub_uint16_t ia_na_opt_num, ia_na_opt_len; -+ -+ ia_na_opt_num = grub_be_to_cpu16 (ia_na_opt->option_num); -+ ia_na_opt_len = grub_be_to_cpu16 (ia_na_opt->option_len); -+ if (ia_na_opt_len == 0) -+ break; -+ if (j + ia_na_opt_len > left) -+ break; -+ if (ia_na_opt_num == GRUB_NET_DHCP6_IA_ADDRESS) -+ { -+ const grub_net_dhcpv6_opt_ia_address_t *ia_addr; -+ -+ ia_addr = (const grub_net_dhcpv6_opt_ia_address_t *) -+ ia_na_opt; -+ addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ grub_memcpy(addr.ipv6, ia_addr->ipv6_address, -+ sizeof (ia_addr->ipv6_address)); -+ inter = grub_net_add_addr (name, card, &addr, hwaddr, 0); -+ } -+ -+ j += ia_na_opt_len; -+ left -= ia_na_opt_len; -+ } -+ } -+ -+ i += len + 4; -+ } -+ -+ grub_print_error (); -+ } -+ -+ if (is_def) -+ { -+ grub_env_set ("net_default_interface", name); -+ grub_env_export ("net_default_interface"); -+ } -+ -+ if (inter) -+ grub_net_add_ipv6_local (inter, mask); -+ return inter; -+} -+ -+ - void - grub_bootp_init (void) - { -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 5388f952ba9..173fb63153c 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -18,11 +18,14 @@ - - #include - #include -+#include - #include - #include - #include - #include - #include -+#include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -329,7 +332,7 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - char **path) - { - struct grub_net_card *card; -- grub_efi_device_path_t *dp; -+ grub_efi_device_path_t *dp, *ldp = NULL; - - dp = grub_efi_get_device_path (hnd); - if (! dp) -@@ -340,14 +343,19 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - grub_efi_device_path_t *cdp; - struct grub_efi_pxe *pxe; - struct grub_efi_pxe_mode *pxe_mode; -+ - if (card->driver != &efidriver) - continue; -+ - cdp = grub_efi_get_device_path (card->efi_handle); - if (! cdp) - continue; -+ -+ ldp = grub_efi_find_last_device_path (dp); -+ - if (grub_efi_compare_device_paths (dp, cdp) != 0) - { -- grub_efi_device_path_t *ldp, *dup_dp, *dup_ldp; -+ grub_efi_device_path_t *dup_dp, *dup_ldp; - int match; - - /* EDK2 UEFI PXE driver creates pseudo devices with type IPv4/IPv6 -@@ -356,7 +364,6 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - devices. We skip them when enumerating cards, so here we need to - find matching MAC device. - */ -- ldp = grub_efi_find_last_device_path (dp); - if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE - || (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE - && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE)) -@@ -373,16 +380,46 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - if (!match) - continue; - } -+ - pxe = grub_efi_open_protocol (hnd, &pxe_io_guid, - GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); - if (! pxe) - continue; -+ - pxe_mode = pxe->mode; -- grub_net_configure_by_dhcp_ack (card->name, card, 0, -- (struct grub_net_bootp_packet *) -- &pxe_mode->dhcp_ack, -- sizeof (pxe_mode->dhcp_ack), -- 1, device, path); -+ if (pxe_mode->using_ipv6) -+ { -+ grub_net_link_level_address_t hwaddr; -+ struct grub_net_network_level_interface *intf; -+ -+ grub_dprintf ("efinet", "using ipv6 and dhcpv6\n"); -+ grub_dprintf ("efinet", "dhcp_ack_received: %s%s\n", -+ pxe_mode->dhcp_ack_received ? "yes" : "no", -+ pxe_mode->dhcp_ack_received ? "" : " cannot continue"); -+ if (!pxe_mode->dhcp_ack_received) -+ continue; -+ -+ hwaddr.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ grub_memcpy (hwaddr.mac, -+ card->efi_net->mode->current_address, -+ sizeof (hwaddr.mac)); -+ -+ intf = grub_net_configure_by_dhcpv6_ack (card->name, card, 0, &hwaddr, -+ (const struct grub_net_dhcpv6_packet *)&pxe_mode->dhcp_ack.dhcpv6, -+ 1, device, path); -+ if (intf && device && path) -+ grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); -+ } -+ else -+ { -+ grub_dprintf ("efinet", "using ipv4 and dhcp\n"); -+ grub_net_configure_by_dhcp_ack (card->name, card, 0, -+ (struct grub_net_bootp_packet *) -+ &pxe_mode->dhcp_ack, -+ sizeof (pxe_mode->dhcp_ack), -+ 1, device, path); -+ grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); -+ } - return; - } - } -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 0ef148f4adc..22f2689aaeb 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -960,6 +960,78 @@ grub_net_network_level_interface_register (struct grub_net_network_level_interfa - grub_net_network_level_interfaces = inter; - } - -+int -+grub_ipv6_get_masksize (grub_uint16_t be_mask[8]) -+{ -+ grub_uint8_t *mask; -+ grub_uint16_t mask16[8]; -+ int x, y; -+ int ret = 128; -+ -+ grub_memcpy (mask16, be_mask, sizeof (mask16)); -+ for (x = 0; x < 8; x++) -+ mask16[x] = grub_be_to_cpu16 (mask16[x]); -+ -+ mask = (grub_uint8_t *)mask16; -+ -+ for (x = 15; x >= 0; x--) -+ { -+ grub_uint8_t octet = mask[x]; -+ if (!octet) -+ { -+ ret -= 8; -+ continue; -+ } -+ for (y = 0; y < 8; y++) -+ { -+ if (octet & (1 << y)) -+ break; -+ else -+ ret--; -+ } -+ break; -+ } -+ -+ return ret; -+} -+ -+grub_err_t -+grub_net_add_ipv6_local (struct grub_net_network_level_interface *inter, -+ int mask) -+{ -+ struct grub_net_route *route; -+ -+ if (inter->address.type != GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6) -+ return 0; -+ -+ if (mask == -1) -+ mask = grub_ipv6_get_masksize ((grub_uint16_t *)inter->address.ipv6); -+ -+ if (mask == -1) -+ return 0; -+ -+ route = grub_zalloc (sizeof (*route)); -+ if (!route) -+ return grub_errno; -+ -+ route->name = grub_xasprintf ("%s:local", inter->name); -+ if (!route->name) -+ { -+ grub_free (route); -+ return grub_errno; -+ } -+ -+ route->target.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ grub_memcpy (route->target.ipv6.base, inter->address.ipv6, -+ sizeof (inter->address.ipv6)); -+ route->target.ipv6.masksize = mask; -+ route->is_gateway = 0; -+ route->interface = inter; -+ -+ grub_net_route_register (route); -+ -+ return 0; -+} - - grub_err_t - grub_net_add_ipv4_local (struct grub_net_network_level_interface *inter, -diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c -index 7f44b30f521..4ab2f5c7357 100644 ---- a/grub-core/net/tftp.c -+++ b/grub-core/net/tftp.c -@@ -358,18 +358,22 @@ tftp_open (struct grub_file *file, const char *filename) - file->not_easily_seekable = 1; - file->data = data; - -+ grub_dprintf("tftp", "resolving address for %s\n", file->device->net->server); - err = grub_net_resolve_address (file->device->net->server, &addr); - if (err) - { -+ grub_dprintf("tftp", "Address resolution failed: %d\n", err); - grub_free (data); - return err; - } - -+ grub_dprintf("tftp", "opening connection\n"); - data->sock = grub_net_udp_open (addr, - TFTP_SERVER_PORT, tftp_receive, - file); - if (!data->sock) - { -+ grub_dprintf("tftp", "connection failed\n"); - grub_free (data); - return grub_errno; - } -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index f1a52210c0c..117469450d3 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -592,10 +592,16 @@ typedef void *grub_efi_handle_t; - typedef void *grub_efi_event_t; - typedef grub_efi_uint64_t grub_efi_lba_t; - typedef grub_efi_uintn_t grub_efi_tpl_t; --typedef grub_uint8_t grub_efi_mac_address_t[32]; --typedef grub_uint8_t grub_efi_ipv4_address_t[4]; --typedef grub_uint16_t grub_efi_ipv6_address_t[8]; --typedef grub_uint8_t grub_efi_ip_address_t[8] __attribute__ ((aligned(4))); -+typedef grub_efi_uint8_t grub_efi_mac_address_t[32]; -+typedef grub_efi_uint8_t grub_efi_ipv4_address_t[4]; -+typedef grub_efi_uint8_t grub_efi_ipv6_address_t[16]; -+typedef union -+{ -+ grub_efi_uint32_t addr[4]; -+ grub_efi_ipv4_address_t v4; -+ grub_efi_ipv6_address_t v6; -+} grub_efi_ip_address_t __attribute__ ((aligned(4))); -+ - typedef grub_efi_uint64_t grub_efi_physical_address_t; - typedef grub_efi_uint64_t grub_efi_virtual_address_t; - -@@ -1474,16 +1480,127 @@ struct grub_efi_simple_text_output_interface - }; - typedef struct grub_efi_simple_text_output_interface grub_efi_simple_text_output_interface_t; - --typedef grub_uint8_t grub_efi_pxe_packet_t[1472]; -+typedef struct grub_efi_pxe_dhcpv4_packet -+{ -+ grub_efi_uint8_t bootp_opcode; -+ grub_efi_uint8_t bootp_hwtype; -+ grub_efi_uint8_t bootp_hwaddr_len; -+ grub_efi_uint8_t bootp_gate_hops; -+ grub_efi_uint32_t bootp_ident; -+ grub_efi_uint16_t bootp_seconds; -+ grub_efi_uint16_t bootp_flags; -+ grub_efi_uint8_t bootp_ci_addr[4]; -+ grub_efi_uint8_t bootp_yi_addr[4]; -+ grub_efi_uint8_t bootp_si_addr[4]; -+ grub_efi_uint8_t bootp_gi_addr[4]; -+ grub_efi_uint8_t bootp_hw_addr[16]; -+ grub_efi_uint8_t bootp_srv_name[64]; -+ grub_efi_uint8_t bootp_boot_file[128]; -+ grub_efi_uint32_t dhcp_magik; -+ grub_efi_uint8_t dhcp_options[56]; -+} grub_efi_pxe_dhcpv4_packet_t; -+ -+struct grub_efi_pxe_dhcpv6_packet -+{ -+ grub_efi_uint32_t message_type:8; -+ grub_efi_uint32_t transaction_id:24; -+ grub_efi_uint8_t dhcp_options[1024]; -+} GRUB_PACKED; -+typedef struct grub_efi_pxe_dhcpv6_packet grub_efi_pxe_dhcpv6_packet_t; -+ -+typedef union -+{ -+ grub_efi_uint8_t raw[1472]; -+ grub_efi_pxe_dhcpv4_packet_t dhcpv4; -+ grub_efi_pxe_dhcpv6_packet_t dhcpv6; -+} grub_efi_pxe_packet_t; -+ -+#define GRUB_EFI_PXE_MAX_IPCNT 8 -+#define GRUB_EFI_PXE_MAX_ARP_ENTRIES 8 -+#define GRUB_EFI_PXE_MAX_ROUTE_ENTRIES 8 -+ -+typedef struct grub_efi_pxe_ip_filter -+{ -+ grub_efi_uint8_t filters; -+ grub_efi_uint8_t ip_count; -+ grub_efi_uint8_t reserved; -+ grub_efi_ip_address_t ip_list[GRUB_EFI_PXE_MAX_IPCNT]; -+} grub_efi_pxe_ip_filter_t; -+ -+typedef struct grub_efi_pxe_arp_entry -+{ -+ grub_efi_ip_address_t ip_addr; -+ grub_efi_mac_address_t mac_addr; -+} grub_efi_pxe_arp_entry_t; -+ -+typedef struct grub_efi_pxe_route_entry -+{ -+ grub_efi_ip_address_t ip_addr; -+ grub_efi_ip_address_t subnet_mask; -+ grub_efi_ip_address_t gateway_addr; -+} grub_efi_pxe_route_entry_t; -+ -+typedef struct grub_efi_pxe_icmp_error -+{ -+ grub_efi_uint8_t type; -+ grub_efi_uint8_t code; -+ grub_efi_uint16_t checksum; -+ union -+ { -+ grub_efi_uint32_t reserved; -+ grub_efi_uint32_t mtu; -+ grub_efi_uint32_t pointer; -+ struct -+ { -+ grub_efi_uint16_t identifier; -+ grub_efi_uint16_t sequence; -+ } echo; -+ } u; -+ grub_efi_uint8_t data[494]; -+} grub_efi_pxe_icmp_error_t; -+ -+typedef struct grub_efi_pxe_tftp_error -+{ -+ grub_efi_uint8_t error_code; -+ grub_efi_char8_t error_string[127]; -+} grub_efi_pxe_tftp_error_t; - - typedef struct grub_efi_pxe_mode - { -- grub_uint8_t unused[52]; -+ grub_efi_boolean_t started; -+ grub_efi_boolean_t ipv6_available; -+ grub_efi_boolean_t ipv6_supported; -+ grub_efi_boolean_t using_ipv6; -+ grub_efi_boolean_t bis_supported; -+ grub_efi_boolean_t bis_detected; -+ grub_efi_boolean_t auto_arp; -+ grub_efi_boolean_t send_guid; -+ grub_efi_boolean_t dhcp_discover_valid; -+ grub_efi_boolean_t dhcp_ack_received; -+ grub_efi_boolean_t proxy_offer_received; -+ grub_efi_boolean_t pxe_discover_valid; -+ grub_efi_boolean_t pxe_reply_received; -+ grub_efi_boolean_t pxe_bis_reply_received; -+ grub_efi_boolean_t icmp_error_received; -+ grub_efi_boolean_t tftp_error_received; -+ grub_efi_boolean_t make_callbacks; -+ grub_efi_uint8_t ttl; -+ grub_efi_uint8_t tos; -+ grub_efi_ip_address_t station_ip; -+ grub_efi_ip_address_t subnet_mask; - grub_efi_pxe_packet_t dhcp_discover; - grub_efi_pxe_packet_t dhcp_ack; - grub_efi_pxe_packet_t proxy_offer; - grub_efi_pxe_packet_t pxe_discover; - grub_efi_pxe_packet_t pxe_reply; -+ grub_efi_pxe_packet_t pxe_bis_reply; -+ grub_efi_pxe_ip_filter_t ip_filter; -+ grub_efi_uint32_t arp_cache_entries; -+ grub_efi_pxe_arp_entry_t arp_cache[GRUB_EFI_PXE_MAX_ARP_ENTRIES]; -+ grub_efi_uint32_t route_table_entries; -+ grub_efi_pxe_route_entry_t route_table[GRUB_EFI_PXE_MAX_ROUTE_ENTRIES]; -+ grub_efi_pxe_icmp_error_t icmp_error; -+ grub_efi_pxe_tftp_error_t tftp_error; - } grub_efi_pxe_mode_t; - - typedef struct grub_efi_pxe -diff --git a/include/grub/net.h b/include/grub/net.h -index 7ae4b6bd805..8a05ec4fe7a 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -447,6 +447,51 @@ struct grub_net_bootp_packet - grub_uint8_t vendor[0]; - } GRUB_PACKED; - -+enum -+ { -+ GRUB_NET_DHCP6_IA_NA = 3, -+ GRUB_NET_DHCP6_IA_ADDRESS = 5, -+ GRUB_NET_DHCP6_BOOTFILE_URL = 59, -+ }; -+ -+struct grub_net_dhcpv6_option -+{ -+ grub_uint16_t option_num; -+ grub_uint16_t option_len; -+ grub_uint8_t option_data[]; -+} GRUB_PACKED; -+typedef struct grub_net_dhcpv6_option grub_net_dhcpv6_option_t; -+ -+struct grub_net_dhcpv6_opt_ia_na -+{ -+ grub_uint16_t option_num; -+ grub_uint16_t option_len; -+ grub_uint32_t iaid; -+ grub_uint32_t t1; -+ grub_uint32_t t2; -+ grub_uint8_t options[]; -+} GRUB_PACKED; -+typedef struct grub_net_dhcpv6_opt_ia_na grub_net_dhcpv6_opt_ia_na_t; -+ -+struct grub_net_dhcpv6_opt_ia_address -+{ -+ grub_uint16_t option_num; -+ grub_uint16_t option_len; -+ grub_uint64_t ipv6_address[2]; -+ grub_uint32_t preferred_lifetime; -+ grub_uint32_t valid_lifetime; -+ grub_uint8_t options[]; -+} GRUB_PACKED; -+typedef struct grub_net_dhcpv6_opt_ia_address grub_net_dhcpv6_opt_ia_address_t; -+ -+struct grub_net_dhcpv6_packet -+{ -+ grub_uint32_t message_type:8; -+ grub_uint32_t transaction_id:24; -+ grub_uint8_t dhcp_options[1024]; -+} GRUB_PACKED; -+typedef struct grub_net_dhcpv6_packet grub_net_dhcpv6_packet_t; -+ - #define GRUB_NET_BOOTP_RFC1048_MAGIC_0 0x63 - #define GRUB_NET_BOOTP_RFC1048_MAGIC_1 0x82 - #define GRUB_NET_BOOTP_RFC1048_MAGIC_2 0x53 -@@ -482,6 +527,21 @@ grub_net_configure_by_dhcp_ack (const char *name, - grub_size_t size, - int is_def, char **device, char **path); - -+struct grub_net_network_level_interface * -+grub_net_configure_by_dhcpv6_ack (const char *name, -+ struct grub_net_card *card, -+ grub_net_interface_flags_t flags, -+ const grub_net_link_level_address_t *hwaddr, -+ const struct grub_net_dhcpv6_packet *packet, -+ int is_def, char **device, char **path); -+ -+int -+grub_ipv6_get_masksize(grub_uint16_t *mask); -+ -+grub_err_t -+grub_net_add_ipv6_local (struct grub_net_network_level_interface *inf, -+ int mask); -+ - grub_err_t - grub_net_add_ipv4_local (struct grub_net_network_level_interface *inf, - int mask); diff --git a/0038-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch b/0038-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch deleted file mode 100644 index bf78c8131abe6bc38d2f3d5630a1ff0abefcc74d..0000000000000000000000000000000000000000 --- a/0038-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch +++ /dev/null @@ -1,296 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 23 Jun 2016 11:01:39 -0400 -Subject: [PATCH] Add grub-get-kernel-settings and use it in 10_linux - -This patch adds grub-get-kernel-settings, which reads the system kernel -installation configuration from /etc/sysconfig/kernel, and outputs -${GRUB_...} variables suitable for evaluation by grub-mkconfig. Those -variables are then used by 10_linux to choose whether or not to create -debug stanzas. - -Resolves: rhbz#1226325 ---- - configure.ac | 2 + - Makefile.util.def | 7 ++ - util/bash-completion.d/grub-completion.bash.in | 22 +++++++ - util/grub-get-kernel-settings.3 | 20 ++++++ - util/grub-get-kernel-settings.in | 88 ++++++++++++++++++++++++++ - util/grub-mkconfig.in | 3 + - util/grub.d/10_linux.in | 23 +++++-- - 7 files changed, 160 insertions(+), 5 deletions(-) - create mode 100644 util/grub-get-kernel-settings.3 - create mode 100644 util/grub-get-kernel-settings.in - -diff --git a/configure.ac b/configure.ac -index 25e1abb59b9..58e57a745fa 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -65,6 +65,7 @@ grub_TRANSFORM([grub-install]) - grub_TRANSFORM([grub-mkconfig]) - grub_TRANSFORM([grub-mkfont]) - grub_TRANSFORM([grub-mkimage]) -+grub_TRANSFORM([grub-get-kernel-settings]) - grub_TRANSFORM([grub-glue-efi]) - grub_TRANSFORM([grub-mklayout]) - grub_TRANSFORM([grub-mkpasswd-pbkdf2]) -@@ -82,6 +83,7 @@ grub_TRANSFORM([grub-file]) - grub_TRANSFORM([grub-bios-setup.3]) - grub_TRANSFORM([grub-editenv.1]) - grub_TRANSFORM([grub-fstest.3]) -+grub_TRANSFORM([grub-get-kernel-settings.3]) - grub_TRANSFORM([grub-glue-efi.3]) - grub_TRANSFORM([grub-install.1]) - grub_TRANSFORM([grub-kbdcomp.3]) -diff --git a/Makefile.util.def b/Makefile.util.def -index 8ca4c14f0b9..43a1c7453b1 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -733,6 +733,13 @@ script = { - installdir = sbin; - }; - -+script = { -+ name = grub-get-kernel-settings; -+ common = util/grub-get-kernel-settings.in; -+ mansection = 3; -+ installdir = sbin; -+}; -+ - script = { - name = grub-set-default; - common = util/grub-set-default.in; -diff --git a/util/bash-completion.d/grub-completion.bash.in b/util/bash-completion.d/grub-completion.bash.in -index 44bf135b9f8..5c4acd496d4 100644 ---- a/util/bash-completion.d/grub-completion.bash.in -+++ b/util/bash-completion.d/grub-completion.bash.in -@@ -264,6 +264,28 @@ have ${__grub_sparc64_setup_program} && \ - unset __grub_sparc64_setup_program - - -+# -+# grub-get-kernel-settings -+# -+_grub_get_kernel_settings () { -+ local cur -+ -+ COMPREPLY=() -+ cur=`_get_cword` -+ -+ if [[ "$cur" == -* ]]; then -+ __grubcomp "$(__grub_get_options_from_help)" -+ else -+ # Default complete with a filename -+ _filedir -+ fi -+} -+__grub_get_kernel_settings_program="@grub_get_kernel_settings@" -+have ${__grub_get_kernel_settings_program} && \ -+ complete -F _grub_get_kernel_settings -o filenames ${__grub_get_kernel_settings_program} -+unset __grub_get_kernel_settings_program -+ -+ - # - # grub-install - # -diff --git a/util/grub-get-kernel-settings.3 b/util/grub-get-kernel-settings.3 -new file mode 100644 -index 00000000000..ba33330e28d ---- /dev/null -+++ b/util/grub-get-kernel-settings.3 -@@ -0,0 +1,20 @@ -+.TH GRUB-GET-KERNEL-SETTINGS 3 "Thu Jun 25 2015" -+.SH NAME -+\fBgrub-get-kernel-settings\fR \(em Evaluate the system's kernel installation settings for use while making a grub configuration file. -+ -+.SH SYNOPSIS -+\fBgrub-get-kernel-settings\fR [OPTION] -+ -+.SH DESCRIPTION -+\fBgrub-get-kernel-settings\fR reads the kernel installation settings on the host system, and emits a set of grub settings suitable for use when creating a grub configuration file. -+ -+.SH OPTIONS -+.TP -+-h, --help -+Display program usage and exit. -+.TP -+-v, --version -+Display the current version. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-get-kernel-settings.in b/util/grub-get-kernel-settings.in -new file mode 100644 -index 00000000000..7e87dfccc0e ---- /dev/null -+++ b/util/grub-get-kernel-settings.in -@@ -0,0 +1,88 @@ -+#!/bin/sh -+set -e -+ -+# Evaluate new-kernel-pkg's configuration file. -+# Copyright (C) 2016 Free Software Foundation, Inc. -+# -+# GRUB is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# GRUB is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GRUB. If not, see . -+ -+PACKAGE_NAME=@PACKAGE_NAME@ -+PACKAGE_VERSION=@PACKAGE_VERSION@ -+datadir="@datadir@" -+if [ "x$pkgdatadir" = x ]; then -+ pkgdatadir="${datadir}/@PACKAGE@" -+fi -+ -+self=`basename $0` -+ -+export TEXTDOMAIN=@PACKAGE@ -+export TEXTDOMAINDIR="@localedir@" -+ -+. "${pkgdatadir}/grub-mkconfig_lib" -+ -+# Usage: usage -+# Print the usage. -+usage () { -+ gettext_printf "Usage: %s [OPTION]\n" "$self" -+ gettext "Evaluate new-kernel-pkg configuration"; echo -+ echo -+ print_option_help "-h, --help" "$(gettext "print this message and exit")" -+ print_option_help "-v, --version" "$(gettext "print the version information and exit")" -+ echo -+} -+ -+# Check the arguments. -+while test $# -gt 0 -+do -+ option=$1 -+ shift -+ -+ case "$option" in -+ -h | --help) -+ usage -+ exit 0 ;; -+ -v | --version) -+ echo "$self (${PACKAGE_NAME}) ${PACKAGE_VERSION}" -+ exit 0 ;; -+ -*) -+ gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2 -+ usage -+ exit 1 -+ ;; -+ # Explicitly ignore non-option arguments, for compatibility. -+ esac -+done -+ -+if test -f /etc/sysconfig/kernel ; then -+ . /etc/sysconfig/kernel -+fi -+ -+if [ "$MAKEDEBUG" = "yes" ]; then -+ echo GRUB_LINUX_MAKE_DEBUG=true -+ echo export GRUB_LINUX_MAKE_DEBUG -+ echo GRUB_CMDLINE_LINUX_DEBUG=\"systemd.log_level=debug systemd.log_target=kmsg\" -+ echo export GRUB_CMDLINE_LINUX_DEBUG -+ echo GRUB_LINUX_DEBUG_TITLE_POSTFIX=\" with debugging\" -+ echo export GRUB_LINUX_DEBUG_TITLE_POSTFIX -+fi -+if [ "$DEFAULTDEBUG" = "yes" ]; then -+ echo GRUB_DEFAULT_TO_DEBUG=true -+else -+ echo GRUB_DEFAULT_TO_DEBUG=false -+fi -+echo export GRUB_DEFAULT_TO_DEBUG -+if [ "$UPDATEDEFAULT" = "yes" ]; then -+ echo GRUB_UPDATE_DEFAULT_KERNEL=true -+ echo export GRUB_UPDATE_DEFAULT_KERNEL -+fi -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index ba14cf6261c..005f093809b 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -45,6 +45,7 @@ grub_probe="${sbindir}/@grub_probe@" - grub_file="${bindir}/@grub_file@" - grub_editenv="${bindir}/@grub_editenv@" - grub_script_check="${bindir}/@grub_script_check@" -+grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@" - - export TEXTDOMAIN=@PACKAGE@ - export TEXTDOMAINDIR="@localedir@" -@@ -158,6 +159,8 @@ if test -f ${sysconfdir}/default/grub ; then - . ${sysconfdir}/default/grub - fi - -+eval "$("${grub_get_kernel_settings}")" || true -+ - if [ "x${GRUB_DISABLE_UUID}" = "xtrue" ]; then - if [ -z "${GRUB_DISABLE_LINUX_UUID}" ]; then - GRUB_DISABLE_LINUX_UUID="true" -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 786dbabb4a8..292e333324b 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -111,7 +111,8 @@ linux_entry () - os="$1" - version="$2" - type="$3" -- args="$4" -+ isdebug="$4" -+ args="$5" - - if [ -z "$boot_device_id" ]; then - boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" -@@ -123,6 +124,9 @@ linux_entry () - quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)" - title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;" - fi -+ if [ x$isdebug = xdebug ]; then -+ title="$title${GRUB_LINUX_DEBUG_TITLE_POSTFIX}" -+ fi - echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/" - else - echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/" -@@ -306,11 +310,15 @@ while [ "x$list" != "x" ] ; do - fi - - if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xtrue ]; then -- linux_entry "${OS}" "${version}" simple \ -+ linux_entry "${OS}" "${version}" simple standard \ - "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" -+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then -+ linux_entry "${OS}" "${version}" simple debug \ -+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}" -+ fi - - submenu_indentation="$grub_tab" -- -+ - if [ -z "$boot_device_id" ]; then - boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" - fi -@@ -319,10 +327,15 @@ while [ "x$list" != "x" ] ; do - is_top_level=false - fi - -- linux_entry "${OS}" "${version}" advanced \ -+ linux_entry "${OS}" "${version}" advanced standard \ - "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" -+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then -+ linux_entry "${OS}" "${version}" advanced debug \ -+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} ${GRUB_CMDLINE_LINUX_DEBUG}" -+ fi -+ - if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then -- linux_entry "${OS}" "${version}" recovery \ -+ linux_entry "${OS}" "${version}" recovery standard \ - "single ${GRUB_CMDLINE_LINUX}" - fi - diff --git a/0039-bz1374141-fix-incorrect-mask-for-ppc64.patch b/0039-bz1374141-fix-incorrect-mask-for-ppc64.patch deleted file mode 100644 index ef992f5dab33505802a3be9d76ef6476b566da70..0000000000000000000000000000000000000000 --- a/0039-bz1374141-fix-incorrect-mask-for-ppc64.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Masahiro Matsuya -Date: Sat, 29 Oct 2016 08:35:26 +0900 -Subject: [PATCH] bz1374141 fix incorrect mask for ppc64 - -The netmask configured in firmware is not respected on ppc64 (big endian). -When 255.255.252.0 is set as netmask in firmware, the following is the value of bootpath string in grub_ieee1275_parse_bootpath(). - - /vdevice/l-lan@30000002:speed=auto,duplex=auto,192.168.88.10,,192.168.89.113,192.168.88.1,5,5,255.255.252.0,512 - -The netmask in this bootpath is no problem, since it's a value specified in firmware. But, -The value of 'subnet_mask.ipv4' was set with 0xfffffc00, and __builtin_ctz (~grub_le_to_cpu32 (subnet_mask.ipv4)) returned 16 (not 22). -As a result, 16 was used for netmask wrongly. - -1111 1111 1111 1111 1111 1100 0000 0000 # subnet_mask.ipv4 (=0xfffffc00) -0000 0000 1111 1100 1111 1111 1111 1111 # grub_le_to_cpu32 (subnet_mask.ipv4) -1111 1111 0000 0011 0000 0000 0000 0000 # ~grub_le_to_cpu32 (subnet_mask.ipv4) - -And, the count of zero with __builtin_ctz can be 16. -This patch changes it as below. - -1111 1111 1111 1111 1111 1100 0000 0000 # subnet_mask.ipv4 (=0xfffffc00) -0000 0000 1111 1100 1111 1111 1111 1111 # grub_le_to_cpu32 (subnet_mask.ipv4) -1111 1111 1111 1111 1111 1100 0000 0000 # grub_swap_bytes32(grub_le_to_cpu32 (subnet_mask.ipv4)) -0000 0000 0000 0000 0000 0011 1111 1111 # ~grub_swap_bytes32(grub_le_to_cpu32 (subnet_mask.ipv4)) - -The count of zero with __builtin_clz can be 22. (clz counts the number of one bits preceding the most significant zero bit) - -Signed-off-by: Masahiro Matsuya -Signed-off-by: Robbie Harwood ---- - grub-core/net/drivers/ieee1275/ofnet.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/grub-core/net/drivers/ieee1275/ofnet.c b/grub-core/net/drivers/ieee1275/ofnet.c -index ac4e62a95c9..3860b6f78d8 100644 ---- a/grub-core/net/drivers/ieee1275/ofnet.c -+++ b/grub-core/net/drivers/ieee1275/ofnet.c -@@ -220,8 +220,7 @@ grub_ieee1275_parse_bootpath (const char *devpath, char *bootpath, - flags); - inter->vlantag = vlantag; - grub_net_add_ipv4_local (inter, -- __builtin_ctz (~grub_le_to_cpu32 (subnet_mask.ipv4))); -- -+ __builtin_clz (~grub_swap_bytes32(grub_le_to_cpu32 (subnet_mask.ipv4)))); - } - - if (gateway_addr.ipv4 != 0) diff --git a/0040-Make-grub_fatal-also-backtrace.patch b/0040-Make-grub_fatal-also-backtrace.patch deleted file mode 100644 index 3534b05a046c0d2225eceaaef773bcfbbfa4f497..0000000000000000000000000000000000000000 --- a/0040-Make-grub_fatal-also-backtrace.patch +++ /dev/null @@ -1,172 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 27 Jan 2016 09:22:42 -0500 -Subject: [PATCH] Make grub_fatal() also backtrace. - ---- - grub-core/Makefile.core.def | 3 ++ - grub-core/kern/misc.c | 8 +++++- - grub-core/lib/arm64/backtrace.c | 62 +++++++++++++++++++++++++++++++++++++++++ - grub-core/lib/backtrace.c | 2 ++ - grub-core/lib/i386/backtrace.c | 14 +++++++++- - 5 files changed, 87 insertions(+), 2 deletions(-) - create mode 100644 grub-core/lib/arm64/backtrace.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index c15e91943b9..058c88ac3af 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -188,6 +188,9 @@ kernel = { - - softdiv = lib/division.c; - -+ x86 = lib/i386/backtrace.c; -+ x86 = lib/backtrace.c; -+ - i386 = kern/i386/dl.c; - i386_xen = kern/i386/dl.c; - i386_xen_pvh = kern/i386/dl.c; -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 63b586d09cb..a3e215155bd 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - - union printf_arg - { -@@ -1199,8 +1200,13 @@ grub_printf_fmt_check (const char *fmt, const char *fmt_expected) - static void __attribute__ ((noreturn)) - grub_abort (void) - { -+#ifndef GRUB_UTIL -+#if defined(__i386__) || defined(__x86_64__) -+ grub_backtrace(); -+#endif -+#endif - grub_printf ("\nAborted."); -- -+ - #ifndef GRUB_UTIL - if (grub_term_inputs) - #endif -diff --git a/grub-core/lib/arm64/backtrace.c b/grub-core/lib/arm64/backtrace.c -new file mode 100644 -index 00000000000..1079b5380e1 ---- /dev/null -+++ b/grub-core/lib/arm64/backtrace.c -@@ -0,0 +1,62 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define MAX_STACK_FRAME 102400 -+ -+void -+grub_backtrace_pointer (int frame) -+{ -+ while (1) -+ { -+ void *lp = __builtin_return_address (frame); -+ if (!lp) -+ break; -+ -+ lp = __builtin_extract_return_addr (lp); -+ -+ grub_printf ("%p: ", lp); -+ grub_backtrace_print_address (lp); -+ grub_printf (" ("); -+ for (i = 0; i < 2; i++) -+ grub_printf ("%p,", ((void **)ptr) [i + 2]); -+ grub_printf ("%p)\n", ((void **)ptr) [i + 2]); -+ nptr = *(void **)ptr; -+ if (nptr < ptr || (void **) nptr - (void **) ptr > MAX_STACK_FRAME -+ || nptr == ptr) -+ { -+ grub_printf ("Invalid stack frame at %p (%p)\n", ptr, nptr); -+ break; -+ } -+ ptr = nptr; -+ } -+} -+ -+void -+grub_backtrace (void) -+{ -+ grub_backtrace_pointer (1); -+} -+ -diff --git a/grub-core/lib/backtrace.c b/grub-core/lib/backtrace.c -index 825a8800e25..c0ad6ab8be1 100644 ---- a/grub-core/lib/backtrace.c -+++ b/grub-core/lib/backtrace.c -@@ -29,6 +29,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); - void - grub_backtrace_print_address (void *addr) - { -+#ifndef GRUB_UTIL - grub_dl_t mod; - - FOR_DL_MODULES (mod) -@@ -44,6 +45,7 @@ grub_backtrace_print_address (void *addr) - } - } - -+#endif - grub_printf ("%p", addr); - } - -diff --git a/grub-core/lib/i386/backtrace.c b/grub-core/lib/i386/backtrace.c -index c3e03c7275c..c67273db3ae 100644 ---- a/grub-core/lib/i386/backtrace.c -+++ b/grub-core/lib/i386/backtrace.c -@@ -15,11 +15,23 @@ - * You should have received a copy of the GNU General Public License - * along with GRUB. If not, see . - */ -+#include -+#ifdef GRUB_UTIL -+#define REALLY_GRUB_UTIL GRUB_UTIL -+#undef GRUB_UTIL -+#endif -+ -+#include -+#include -+ -+#ifdef REALLY_GRUB_UTIL -+#define GRUB_UTIL REALLY_GRUB_UTIL -+#undef REALLY_GRUB_UTIL -+#endif - - #include - #include - #include --#include - #include - #include - #include diff --git a/0041-Fix-up-some-man-pages-rpmdiff-noticed.patch b/0041-Fix-up-some-man-pages-rpmdiff-noticed.patch deleted file mode 100644 index be5841754b5e021bbe42b7740e3b2e55945a5314..0000000000000000000000000000000000000000 --- a/0041-Fix-up-some-man-pages-rpmdiff-noticed.patch +++ /dev/null @@ -1,150 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 23 Sep 2014 09:58:49 -0400 -Subject: [PATCH] Fix up some man pages rpmdiff noticed. - ---- - configure.ac | 2 ++ - util/grub-macbless.8 | 26 +++++++++++++++++++ - util/grub-mkimage.1 | 2 +- - util/grub-syslinux2cfg.1 | 65 ++++++++++++++++++++++++++++++++++++++++++++++++ - 4 files changed, 94 insertions(+), 1 deletion(-) - create mode 100644 util/grub-macbless.8 - create mode 100644 util/grub-syslinux2cfg.1 - -diff --git a/configure.ac b/configure.ac -index 58e57a745fa..a0030632220 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -87,6 +87,7 @@ grub_TRANSFORM([grub-get-kernel-settings.3]) - grub_TRANSFORM([grub-glue-efi.3]) - grub_TRANSFORM([grub-install.1]) - grub_TRANSFORM([grub-kbdcomp.3]) -+grub_TRANSFORM([grub-macbless.8]) - grub_TRANSFORM([grub-menulst2cfg.1]) - grub_TRANSFORM([grub-mkconfig.1]) - grub_TRANSFORM([grub-mkfont.3]) -@@ -105,6 +106,7 @@ grub_TRANSFORM([grub-render-label.3]) - grub_TRANSFORM([grub-script-check.3]) - grub_TRANSFORM([grub-set-default.1]) - grub_TRANSFORM([grub-sparc64-setup.3]) -+grub_TRANSFORM([grub-syslinux2cfg.1]) - - # Optimization flag. Allow user to override. - if test "x$TARGET_CFLAGS" = x; then -diff --git a/util/grub-macbless.8 b/util/grub-macbless.8 -new file mode 100644 -index 00000000000..ae842f3a606 ---- /dev/null -+++ b/util/grub-macbless.8 -@@ -0,0 +1,26 @@ -+.TH GRUB-MACBLESS 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-macbless\fR \(em Mac-style bless utility for HFS or HFS+ -+ -+.SH SYNOPSIS -+\fBgrub-macbless\fR [-p | --ppc] [-v | --verbose] [-x | --x86] \fIFILE\fR -+ -+.SH DESCRIPTION -+\fBgrub-mkimage\fR blesses a file on an HFS or HFS+ file system, so that it -+can be used to boot a Mac. -+ -+.SH OPTIONS -+.TP -+--ppc -+Bless the file for use on PPC-based Macs. -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.TP -+--x86 -+Bless the file for use on x86-based Macs. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-mkimage.1 b/util/grub-mkimage.1 -index 4dea4f54597..0eaaafe505b 100644 ---- a/util/grub-mkimage.1 -+++ b/util/grub-mkimage.1 -@@ -17,7 +17,7 @@ - [-v | --verbose] \fIMODULES\fR - - .SH DESCRIPTION --\fBgrub-mkimage\fI builds a bootable image of GRUB. -+\fBgrub-mkimage\fR builds a bootable image of GRUB. - - .SH OPTIONS - .TP -diff --git a/util/grub-syslinux2cfg.1 b/util/grub-syslinux2cfg.1 -new file mode 100644 -index 00000000000..85309482718 ---- /dev/null -+++ b/util/grub-syslinux2cfg.1 -@@ -0,0 +1,65 @@ -+.TH GRUB-SYSLINUX2CFG 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-syslinux2cfg\fR \(em Transform a syslinux config file into a GRUB config. -+ -+.SH SYNOPSIS -+\fBgrub-syslinux2cfg\fR [-c | --cwd=\fRDIR\fI] [-r | --root=\fIDIR\fR] [-v | --verbose] -+.RE -+.RS 25 -+[-t | --target-root=\fIDIR\fR] [-T | --target-cwd=\fIDIR\fR] -+.RE -+.RS 25 -+[-o | --output=\fIFILE\fR] [[-i | --isolinux] | -+.RE -+.RS 46 -+ [-s | --syslinux] | -+.RE -+.RS 46 -+ [-p | --pxelinux]] \fIFILE\fR -+ -+.SH DESCRIPTION -+\fBgrub-syslinux2cfg\fR builds a GRUB configuration file out of an existing -+syslinux configuration file. -+ -+.SH OPTIONS -+.TP -+--cwd=\fIDIR\fR -+Set \fIDIR\fR as syslinux's working directory. The default is to use the -+parent directory of the input file. -+ -+.TP -+--root=\fIDIR\fR -+Set \fIDIR\fR as the root directory of the syslinux disk. The default value -+is "/". -+ -+.TP -+--verbose -+Print verbose messages. -+ -+.TP -+--target-root=\fIDIR\fR -+Root directory as it will be seen at runtime. The default value is "/". -+ -+.TP -+--target-cwd=\fIDIR\fR -+Working directory of syslinux as it will be seen at runtime. The default -+value is the parent directory of the input file. -+ -+.TP -+--output=\fIFILE\fR -+Write the new config file to \fIFILE\fR. The default value is standard output. -+ -+.TP -+--isolinux -+Assume that the input file is an isolinux configuration file. -+ -+.TP -+--pxelinux -+Assume that the input file is a pxelinux configuration file. -+ -+.TP -+--syslinux -+Assume that the input file is a syslinux configuration file. -+ -+.SH SEE ALSO -+.BR "info grub" diff --git a/0042-Make-our-info-pages-say-grub2-where-appropriate.patch b/0042-Make-our-info-pages-say-grub2-where-appropriate.patch deleted file mode 100644 index be28efd517f3d379a1c3ce9775f917ce83cbfefb..0000000000000000000000000000000000000000 --- a/0042-Make-our-info-pages-say-grub2-where-appropriate.patch +++ /dev/null @@ -1,1008 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 Jul 2019 12:59:58 +0200 -Subject: [PATCH] Make our info pages say "grub2" where appropriate. - -This needs to be hooked up to --program-transform=, but I haven't had -time. - -Signed-off-by: Peter Jones ---- - docs/grub-dev.texi | 4 +- - docs/grub.texi | 321 ++++++++++++++++++++++++++++------------------------- - 2 files changed, 171 insertions(+), 154 deletions(-) - -diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi -index 6c629a23e2d..19f708ee662 100644 ---- a/docs/grub-dev.texi -+++ b/docs/grub-dev.texi -@@ -1,7 +1,7 @@ - \input texinfo - @c -*-texinfo-*- - @c %**start of header --@setfilename grub-dev.info -+@setfilename grub2-dev.info - @include version-dev.texi - @settitle GNU GRUB Developers Manual @value{VERSION} - @c Unify all our little indices for now. -@@ -32,7 +32,7 @@ Invariant Sections. - - @dircategory Kernel - @direntry --* grub-dev: (grub-dev). The GRand Unified Bootloader Dev -+* grub2-dev: (grub2-dev). The GRand Unified Bootloader Dev - @end direntry - - @setchapternewpage odd -diff --git a/docs/grub.texi b/docs/grub.texi -index 69f08d289f9..0615d0ed97e 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -1,7 +1,7 @@ - \input texinfo - @c -*-texinfo-*- - @c %**start of header --@setfilename grub.info -+@setfilename grub2.info - @include version.texi - @settitle GNU GRUB Manual @value{VERSION} - @c Unify all our little indices for now. -@@ -32,15 +32,15 @@ Invariant Sections. - - @dircategory Kernel - @direntry --* GRUB: (grub). The GRand Unified Bootloader --* grub-install: (grub)Invoking grub-install. Install GRUB on your drive --* grub-mkconfig: (grub)Invoking grub-mkconfig. Generate GRUB configuration --* grub-mkpasswd-pbkdf2: (grub)Invoking grub-mkpasswd-pbkdf2. --* grub-mkrelpath: (grub)Invoking grub-mkrelpath. --* grub-mkrescue: (grub)Invoking grub-mkrescue. Make a GRUB rescue image --* grub-mount: (grub)Invoking grub-mount. Mount a file system using GRUB --* grub-probe: (grub)Invoking grub-probe. Probe device information --* grub-script-check: (grub)Invoking grub-script-check. -+* GRUB2: (grub2). The GRand Unified Bootloader -+* grub2-install: (grub2)Invoking grub2-install. Install GRUB on your drive -+* grub2-mkconfig: (grub2)Invoking grub2-mkconfig. Generate GRUB configuration -+* grub2-mkpasswd-pbkdf2: (grub2)Invoking grub2-mkpasswd-pbkdf2. -+* grub2-mkrelpath: (grub2)Invoking grub2-mkrelpath. -+* grub2-mkrescue: (grub2)Invoking grub2-mkrescue. Make a GRUB rescue image -+* grub2-mount: (grub2)Invoking grub2-mount. Mount a file system using GRUB -+* grub2-probe: (grub2)Invoking grub2-probe. Probe device information -+* grub2-script-check: (grub2)Invoking grub2-script-check. - @end direntry - - @setchapternewpage odd -@@ -103,15 +103,15 @@ This edition documents version @value{VERSION}. - * Platform-specific operations:: Platform-specific operations - * Supported kernels:: The list of supported kernels - * Troubleshooting:: Error messages produced by GRUB --* Invoking grub-install:: How to use the GRUB installer --* Invoking grub-mkconfig:: Generate a GRUB configuration file --* Invoking grub-mkpasswd-pbkdf2:: -+* Invoking grub2-install:: How to use the GRUB installer -+* Invoking grub2-mkconfig:: Generate a GRUB configuration file -+* Invoking grub2-mkpasswd-pbkdf2:: - Generate GRUB password hashes --* Invoking grub-mkrelpath:: Make system path relative to its root --* Invoking grub-mkrescue:: Make a GRUB rescue image --* Invoking grub-mount:: Mount a file system using GRUB --* Invoking grub-probe:: Probe device information for GRUB --* Invoking grub-script-check:: Check GRUB script file for syntax errors -+* Invoking grub2-mkrelpath:: Make system path relative to its root -+* Invoking grub2-mkrescue:: Make a GRUB rescue image -+* Invoking grub2-mount:: Mount a file system using GRUB -+* Invoking grub2-probe:: Probe device information for GRUB -+* Invoking grub2-script-check:: Check GRUB script file for syntax errors - * Obtaining and Building GRUB:: How to obtain and build GRUB - * Reporting bugs:: Where you should send a bug report - * Future:: Some future plans on GRUB -@@ -230,7 +230,7 @@ surprising. - - @item - @file{grub.cfg} is typically automatically generated by --@command{grub-mkconfig} (@pxref{Simple configuration}). This makes it -+@command{grub2-mkconfig} (@pxref{Simple configuration}). This makes it - easier to handle versioned kernel upgrades. - - @item -@@ -244,7 +244,7 @@ scripting language: variables, conditionals, and loops are available. - @item - A small amount of persistent storage is available across reboots, using the - @command{save_env} and @command{load_env} commands in GRUB and the --@command{grub-editenv} utility. This is not available in all configurations -+@command{grub2-editenv} utility. This is not available in all configurations - (@pxref{Environment block}). - - @item -@@ -549,7 +549,7 @@ On OS which have device nodes similar to Unix-like OS GRUB tools use the - OS name. E.g. for GNU/Linux: - - @example --# @kbd{grub-install /dev/sda} -+# @kbd{grub2-install /dev/sda} - @end example - - On AROS we use another syntax. For volumes: -@@ -572,7 +572,7 @@ For disks we use syntax: - E.g. - - @example --# @kbd{grub-install //:ata.device/0/0} -+# @kbd{grub2-install //:ata.device/0/0} - @end example - - On Windows we use UNC path. For volumes it's typically -@@ -599,7 +599,7 @@ For disks it's - E.g. - - @example --# @kbd{grub-install \\?\PhysicalDrive0} -+# @kbd{grub2-install \\?\PhysicalDrive0} - @end example - - Beware that you may need to further escape the backslashes depending on your -@@ -609,7 +609,7 @@ When compiled with cygwin support then cygwin drive names are automatically - when needed. E.g. - - @example --# @kbd{grub-install /dev/sda} -+# @kbd{grub2-install /dev/sda} - @end example - - @node Installation -@@ -622,7 +622,7 @@ from the source tarball, or as a package for your OS. - - After you have done that, you need to install the boot loader on a - drive (floppy or hard disk) by using the utility --@command{grub-install} (@pxref{Invoking grub-install}) on a UNIX-like OS. -+@command{grub2-install} (@pxref{Invoking grub2-install}) on a UNIX-like OS. - - GRUB comes with boot images, which are normally put in the directory - @file{/usr/lib/grub/-} (for BIOS-based machines -@@ -633,22 +633,22 @@ loader needs to find them (usually @file{/boot}) will be called - the @dfn{boot directory}. - - @menu --* Installing GRUB using grub-install:: -+* Installing GRUB using grub2-install:: - * Making a GRUB bootable CD-ROM:: - * Device map:: - * BIOS installation:: - @end menu - - --@node Installing GRUB using grub-install --@section Installing GRUB using grub-install -+@node Installing GRUB using grub2-install -+@section Installing GRUB using grub2-install - - For information on where GRUB should be installed on PC BIOS platforms, - @pxref{BIOS installation}. - - In order to install GRUB under a UNIX-like OS (such --as @sc{gnu}), invoke the program @command{grub-install} (@pxref{Invoking --grub-install}) as the superuser (@dfn{root}). -+as @sc{gnu}), invoke the program @command{grub2-install} (@pxref{Invoking -+grub2-install}) as the superuser (@dfn{root}). - - The usage is basically very simple. You only need to specify one - argument to the program, namely, where to install the boot loader. The -@@ -657,13 +657,13 @@ For example, under Linux the following will install GRUB into the MBR - of the first IDE disk: - - @example --# @kbd{grub-install /dev/sda} -+# @kbd{grub2-install /dev/sda} - @end example - - Likewise, under GNU/Hurd, this has the same effect: - - @example --# @kbd{grub-install /dev/hd0} -+# @kbd{grub2-install /dev/hd0} - @end example - - But all the above examples assume that GRUB should put images under -@@ -677,7 +677,7 @@ boot floppy with a filesystem. Here is an example: - # @kbd{mke2fs /dev/fd0} - # @kbd{mount -t ext2 /dev/fd0 /mnt} - # @kbd{mkdir /mnt/boot} --# @kbd{grub-install --boot-directory=/mnt/boot /dev/fd0} -+# @kbd{grub2-install --boot-directory=/mnt/boot /dev/fd0} - # @kbd{umount /mnt} - @end group - @end example -@@ -689,30 +689,37 @@ floppy instead of exposing the USB drive as a hard disk (they call it - @example - # @kbd{losetup /dev/loop0 /dev/sdb1} - # @kbd{mount /dev/loop0 /mnt/usb} --# @kbd{grub-install --boot-directory=/mnt/usb/bugbios --force --allow-floppy /dev/loop0} -+# @kbd{grub2-install --boot-directory=/mnt/usb/bugbios --force --allow-floppy /dev/loop0} - @end example - - This install doesn't conflict with standard install as long as they are in - separate directories. - -+Note that @command{grub2-install} is actually just a shell script and the -+real task is done by other tools such as @command{grub2-mkimage}. Therefore, -+you may run those commands directly to install GRUB, without using -+@command{grub2-install}. Don't do that, however, unless you are very familiar -+with the internals of GRUB. Installing a boot loader on a running OS may be -+extremely dangerous. -+ - On EFI systems for fixed disk install you have to mount EFI System Partition. - If you mount it at @file{/boot/efi} then you don't need any special arguments: - - @example --# @kbd{grub-install} -+# @kbd{grub2-install} - @end example - - Otherwise you need to specify where your EFI System partition is mounted: - - @example --# @kbd{grub-install --efi-directory=/mnt/efi} -+# @kbd{grub2-install --efi-directory=/mnt/efi} - @end example - - For removable installs you have to use @option{--removable} and specify both - @option{--boot-directory} and @option{--efi-directory}: - - @example --# @kbd{grub-install --efi-directory=/mnt/usb --boot-directory=/mnt/usb/boot --removable} -+# @kbd{grub2-install --efi-directory=/mnt/usb --boot-directory=/mnt/usb/boot --removable} - @end example - - @node Making a GRUB bootable CD-ROM -@@ -732,10 +739,10 @@ usually also need to include a configuration file @file{grub.cfg} and some - other GRUB modules. - - To make a simple generic GRUB rescue CD, you can use the --@command{grub-mkrescue} program (@pxref{Invoking grub-mkrescue}): -+@command{grub2-mkrescue} program (@pxref{Invoking grub2-mkrescue}): - - @example --$ @kbd{grub-mkrescue -o grub.iso} -+$ @kbd{grub2-mkrescue -o grub.iso} - @end example - - You will often need to include other files in your image. To do this, first -@@ -758,7 +765,7 @@ directory @file{iso/}. - Finally, make the image: - - @example --$ @kbd{grub-mkrescue -o grub.iso iso} -+$ @kbd{grub2-mkrescue -o grub.iso iso} - @end example - - This produces a file named @file{grub.iso}, which then can be burned -@@ -774,7 +781,7 @@ storage devices. - @node Device map - @section The map between BIOS drives and OS devices - --If the device map file exists, the GRUB utilities (@command{grub-probe}, -+If the device map file exists, the GRUB utilities (@command{grub2-probe}, - etc.) read it to map BIOS drives to OS devices. This file consists of lines - like this: - -@@ -1254,23 +1261,23 @@ need to write the whole thing by hand. - @node Simple configuration - @section Simple configuration handling - --The program @command{grub-mkconfig} (@pxref{Invoking grub-mkconfig}) -+The program @command{grub2-mkconfig} (@pxref{Invoking grub2-mkconfig}) - generates @file{grub.cfg} files suitable for most cases. It is suitable for - use when upgrading a distribution, and will discover available kernels and - attempt to generate menu entries for them. - --@command{grub-mkconfig} does have some limitations. While adding extra -+@command{grub2-mkconfig} does have some limitations. While adding extra - custom menu entries to the end of the list can be done by editing --@file{/etc/grub.d/40_custom} or creating @file{/boot/grub/custom.cfg}, -+@file{/etc/grub.d/40_custom} or creating @file{/boot/grub2/custom.cfg}, - changing the order of menu entries or changing their titles may require - making complex changes to shell scripts stored in @file{/etc/grub.d/}. This - may be improved in the future. In the meantime, those who feel that it - would be easier to write @file{grub.cfg} directly are encouraged to do so - (@pxref{Booting}, and @ref{Shell-like scripting}), and to disable any system --provided by their distribution to automatically run @command{grub-mkconfig}. -+provided by their distribution to automatically run @command{grub2-mkconfig}. - - The file @file{/etc/default/grub} controls the operation of --@command{grub-mkconfig}. It is sourced by a shell script, and so must be -+@command{grub2-mkconfig}. It is sourced by a shell script, and so must be - valid POSIX shell input; normally, it will just be a sequence of - @samp{KEY=value} lines, but if the value contains spaces or other special - characters then it must be quoted. For example: -@@ -1308,7 +1315,7 @@ works it's not recommended since titles often contain unstable device names - and may be translated - - If you set this to @samp{saved}, then the default menu entry will be that --saved by @samp{GRUB_SAVEDEFAULT} or @command{grub-set-default}. This relies on -+saved by @samp{GRUB_SAVEDEFAULT} or @command{grub2-set-default}. This relies on - the environment block, which may not be available in all situations - (@pxref{Environment block}). - -@@ -1319,7 +1326,7 @@ If this option is set to @samp{true}, then, when an entry is selected, save - it as a new default entry for use by future runs of GRUB. This is only - useful if @samp{GRUB_DEFAULT=saved}; it is a separate option because - @samp{GRUB_DEFAULT=saved} is useful without this option, in conjunction with --@command{grub-set-default}. Unset by default. -+@command{grub2-set-default}. Unset by default. - This option relies on the environment block, which may not be available in - all situations (@pxref{Environment block}). - -@@ -1449,7 +1456,7 @@ intel-uc.img intel-ucode.img amd-uc.img amd-ucode.img early_ucode.cpio microcode - @end example - - @item GRUB_DISABLE_LINUX_UUID --Normally, @command{grub-mkconfig} will generate menu entries that use -+Normally, @command{grub2-mkconfig} will generate menu entries that use - universally-unique identifiers (UUIDs) to identify the root filesystem to - the Linux kernel, using a @samp{root=UUID=...} kernel parameter. This is - usually more reliable, but in some cases it may not be appropriate. To -@@ -1471,7 +1478,7 @@ If this option is set to @samp{true}, disable the generation of recovery - mode menu entries. - - @item GRUB_DISABLE_UUID --Normally, @command{grub-mkconfig} will generate menu entries that use -+Normally, @command{grub2-mkconfig} will generate menu entries that use - universally-unique identifiers (UUIDs) to identify various filesystems to - search for files. This is usually more reliable, but in some cases it may - not be appropriate. To disable this use of UUIDs, set this option to -@@ -1482,12 +1489,12 @@ not be appropriate. To disable this use of UUIDs, set this option to - @item GRUB_VIDEO_BACKEND - If graphical video support is required, either because the @samp{gfxterm} - graphical terminal is in use or because @samp{GRUB_GFXPAYLOAD_LINUX} is set, --then @command{grub-mkconfig} will normally load all available GRUB video -+then @command{grub2-mkconfig} will normally load all available GRUB video - drivers and use the one most appropriate for your hardware. If you need to - override this for some reason, then you can set this option. - --After @command{grub-install} has been run, the available video drivers are --listed in @file{/boot/grub/video.lst}. -+After @command{grub2-install} has been run, the available video drivers are -+listed in @file{/boot/grub2/video.lst}. - - @item GRUB_GFXMODE - Set the resolution used on the @samp{gfxterm} graphical terminal. Note that -@@ -1519,7 +1526,7 @@ boot sequence. If you have problems, set this option to @samp{text} and - GRUB will tell Linux to boot in normal text mode. - - @item GRUB_DISABLE_OS_PROBER --Normally, @command{grub-mkconfig} will try to use the external -+Normally, @command{grub2-mkconfig} will try to use the external - @command{os-prober} program, if installed, to discover other operating - systems installed on the same system and generate appropriate menu entries - for them. Set this option to @samp{true} to disable this. -@@ -1529,7 +1536,7 @@ List of space-separated FS UUIDs of filesystems to be ignored from os-prober - output. For efi chainloaders it's @@ - - @item GRUB_DISABLE_SUBMENU --Normally, @command{grub-mkconfig} will generate top level menu entry for -+Normally, @command{grub2-mkconfig} will generate top level menu entry for - the kernel with highest version number and put all other found kernels - or alternative menu entries for recovery mode in submenu. For entries returned - by @command{os-prober} first entry will be put on top level and all others -@@ -1537,11 +1544,11 @@ in submenu. If this option is set to @samp{true}, flat menu with all entries - on top level will be generated instead. Changing this option will require - changing existing values of @samp{GRUB_DEFAULT}, @samp{fallback} (@pxref{fallback}) - and @samp{default} (@pxref{default}) environment variables as well as saved --default entry using @command{grub-set-default} and value used with --@command{grub-reboot}. -+default entry using @command{grub2-set-default} and value used with -+@command{grub2-reboot}. - - @item GRUB_ENABLE_CRYPTODISK --If set to @samp{y}, @command{grub-mkconfig} and @command{grub-install} will -+If set to @samp{y}, @command{grub2-mkconfig} and @command{grub2-install} will - check for encrypted disks and generate additional commands needed to access - them during boot. Note that in this case unattended boot is not possible - because GRUB will wait for passphrase to unlock encrypted container. -@@ -1600,7 +1607,7 @@ confusing @samp{GRUB_TIMEOUT_STYLE=countdown} or - - @end table - --For more detailed customisation of @command{grub-mkconfig}'s output, you may -+For more detailed customisation of @command{grub2-mkconfig}'s output, you may - edit the scripts in @file{/etc/grub.d} directly. - @file{/etc/grub.d/40_custom} is particularly useful for adding entire custom - menu entries; simply type the menu entries you want to add at the end of -@@ -1862,7 +1869,7 @@ images as well. - Mount this partition on/mnt/boot and disable GRUB in all OSes and manually - install self-compiled latest GRUB with: - --@code{grub-install --boot-directory=/mnt/boot /dev/sda} -+@code{grub2-install --boot-directory=/mnt/boot /dev/sda} - - In all the OSes install GRUB tools but disable installing GRUB in bootsector, - so you'll have menu.lst and grub.cfg available for use. Also disable os-prober -@@ -1872,20 +1879,20 @@ use by setting: - - in /etc/default/grub - --Then write a grub.cfg (/mnt/boot/grub/grub.cfg): -+Then write a grub.cfg (/mnt/boot/grub2/grub.cfg): - - @example - - menuentry "OS using grub2" @{ - insmod xfs - search --set=root --label OS1 --hint hd0,msdos8 -- configfile /boot/grub/grub.cfg -+ configfile /boot/grub2/grub.cfg - @} - - menuentry "OS using grub2-legacy" @{ - insmod ext2 - search --set=root --label OS2 --hint hd0,msdos6 -- legacy_configfile /boot/grub/menu.lst -+ legacy_configfile /boot/grub2/menu.lst - @} - - menuentry "Windows XP" @{ -@@ -1948,15 +1955,15 @@ GRUB supports embedding a configuration file directly into the core image, - so that it is loaded before entering normal mode. This is useful, for - example, when it is not straightforward to find the real configuration file, - or when you need to debug problems with loading that file. --@command{grub-install} uses this feature when it is not using BIOS disk -+@command{grub2-install} uses this feature when it is not using BIOS disk - functions or when installing to a different disk from the one containing - @file{/boot/grub}, in which case it needs to use the @command{search} - command (@pxref{search}) to find @file{/boot/grub}. - - To embed a configuration file, use the @option{-c} option to --@command{grub-mkimage}. The file is copied into the core image, so it may -+@command{grub2-mkimage}. The file is copied into the core image, so it may - reside anywhere on the file system, and may be removed after running --@command{grub-mkimage}. -+@command{grub2-mkimage}. - - After the embedded configuration file (if any) is executed, GRUB will load - the @samp{normal} module (@pxref{normal}), which will then read the real -@@ -1991,13 +1998,13 @@ included in the core image: - @example - @group - search.fs_label grub root --if [ -e /boot/grub/example/test1.cfg ]; then -+if [ -e /boot/grub2/example/test1.cfg ]; then - set prefix=($root)/boot/grub -- configfile /boot/grub/example/test1.cfg -+ configfile /boot/grub2/example/test1.cfg - else -- if [ -e /boot/grub/example/test2.cfg ]; then -+ if [ -e /boot/grub2/example/test2.cfg ]; then - set prefix=($root)/boot/grub -- configfile /boot/grub/example/test2.cfg -+ configfile /boot/grub2/example/test2.cfg - else - echo "Could not find an example configuration file!" - fi -@@ -2521,7 +2528,7 @@ grub-mknetdir --net-directory=/srv/tftp --subdir=/boot/grub -d /usr/lib/grub/i38 - @end group - @end example - --Then follow instructions printed out by grub-mknetdir on configuring your DHCP -+Then follow instructions printed out by grub2-mknetdir on configuring your DHCP - server. - - The grub.cfg file is placed in the same directory as the path output by -@@ -2715,7 +2722,7 @@ team are: - @end table - - To take full advantage of this function, install GRUB into the MBR --(@pxref{Installing GRUB using grub-install}). -+(@pxref{Installing GRUB using grub2-install}). - - If you have a laptop which has a similar feature and not in the above list - could you figure your address and contribute? -@@ -2776,7 +2783,7 @@ bytes. - The sole function of @file{boot.img} is to read the first sector of the core - image from a local disk and jump to it. Because of the size restriction, - @file{boot.img} cannot understand any file system structure, so --@command{grub-install} hardcodes the location of the first sector of the -+@command{grub2-install} hardcodes the location of the first sector of the - core image into @file{boot.img} when installing GRUB. - - @item diskboot.img -@@ -2806,7 +2813,7 @@ images. - - @item core.img - This is the core image of GRUB. It is built dynamically from the kernel --image and an arbitrary list of modules by the @command{grub-mkimage} -+image and an arbitrary list of modules by the @command{grub2-mkimage} - program. Usually, it contains enough modules to access @file{/boot/grub}, - and loads everything else (including menu handling, the ability to load - target operating systems, and so on) from the file system at run-time. The -@@ -2858,7 +2865,7 @@ GRUB 2 has no single Stage 2 image. Instead, it loads modules from - In GRUB 2, images for booting from CD-ROM drives are now constructed using - @file{cdboot.img} and @file{core.img}, making sure that the core image - contains the @samp{iso9660} module. It is usually best to use the --@command{grub-mkrescue} program for this. -+@command{grub2-mkrescue} program for this. - - @item nbgrub - There is as yet no equivalent for @file{nbgrub} in GRUB 2; it was used by -@@ -3014,8 +3021,8 @@ There are two ways to specify files, by @dfn{absolute file name} and by - - An absolute file name resembles a Unix absolute file name, using - @samp{/} for the directory separator (not @samp{\} as in DOS). One --example is @samp{(hd0,1)/boot/grub/grub.cfg}. This means the file --@file{/boot/grub/grub.cfg} in the first partition of the first hard -+example is @samp{(hd0,1)/boot/grub2/grub.cfg}. This means the file -+@file{/boot/grub2/grub.cfg} in the first partition of the first hard - disk. If you omit the device name in an absolute file name, GRUB uses - GRUB's @dfn{root device} implicitly. So if you set the root device to, - say, @samp{(hd1,1)} by the command @samp{set root=(hd1,1)} (@pxref{set}), -@@ -3023,8 +3030,8 @@ then @code{/boot/kernel} is the same as @code{(hd1,1)/boot/kernel}. - - On ZFS filesystem the first path component must be - @var{volume}@samp{@@}[@var{snapshot}]. --So @samp{/rootvol@@snap-129/boot/grub/grub.cfg} refers to file --@samp{/boot/grub/grub.cfg} in snapshot of volume @samp{rootvol} with name -+So @samp{/rootvol@@snap-129/boot/grub2/grub.cfg} refers to file -+@samp{/boot/grub2/grub.cfg} in snapshot of volume @samp{rootvol} with name - @samp{snap-129}. Trailing @samp{@@} after volume name is mandatory even if - snapshot name is omitted. - -@@ -3427,7 +3434,7 @@ The more recent release of Minix would then be identified as - @samp{other>minix>minix-3.4.0}. - - This variable is often set by @samp{GRUB_DEFAULT} (@pxref{Simple --configuration}), @command{grub-set-default}, or @command{grub-reboot}. -+configuration}), @command{grub2-set-default}, or @command{grub2-reboot}. - - - @node fallback -@@ -3517,7 +3524,7 @@ If this variable is set, it names the language code that the - example, French would be named as @samp{fr}, and Simplified Chinese as - @samp{zh_CN}. - --@command{grub-mkconfig} (@pxref{Simple configuration}) will try to set a -+@command{grub2-mkconfig} (@pxref{Simple configuration}) will try to set a - reasonable default for this variable based on the system locale. - - -@@ -3525,10 +3532,10 @@ reasonable default for this variable based on the system locale. - @subsection locale_dir - - If this variable is set, it names the directory where translation files may --be found (@pxref{gettext}), usually @file{/boot/grub/locale}. Otherwise, -+be found (@pxref{gettext}), usually @file{/boot/grub2/locale}. Otherwise, - internationalization is disabled. - --@command{grub-mkconfig} (@pxref{Simple configuration}) will set a reasonable -+@command{grub2-mkconfig} (@pxref{Simple configuration}) will set a reasonable - default for this variable if internationalization is needed and any - translation files are available. - -@@ -3646,7 +3653,7 @@ input. The default is not to pause output. - - The location of the @samp{/boot/grub} directory as an absolute file name - (@pxref{File name syntax}). This is normally set by GRUB at startup based --on information provided by @command{grub-install}. GRUB modules are -+on information provided by @command{grub2-install}. GRUB modules are - dynamically loaded from this directory, so it must be set correctly in order - for many parts of GRUB to work. - -@@ -3737,17 +3744,17 @@ GRUB provides an ``environment block'' which can be used to save a small - amount of state. - - The environment block is a preallocated 1024-byte file, which normally lives --in @file{/boot/grub/grubenv} (although you should not assume this). At boot -+in @file{/boot/grub2/grubenv} (although you should not assume this). At boot - time, the @command{load_env} command (@pxref{load_env}) loads environment - variables from it, and the @command{save_env} (@pxref{save_env}) command - saves environment variables to it. From a running system, the --@command{grub-editenv} utility can be used to edit the environment block. -+@command{grub2-editenv} utility can be used to edit the environment block. - - For safety reasons, this storage is only available when installed on a plain - disk (no LVM or RAID), using a non-checksumming filesystem (no ZFS), and - using BIOS or EFI functions (no ATA, USB or IEEE1275). - --@command{grub-mkconfig} uses this facility to implement -+@command{grub2-mkconfig} uses this facility to implement - @samp{GRUB_SAVEDEFAULT} (@pxref{Simple configuration}). - - -@@ -4476,7 +4483,7 @@ Translate @var{string} into the current language. - - The current language code is stored in the @samp{lang} variable in GRUB's - environment (@pxref{lang}). Translation files in MO format are read from --@samp{locale_dir} (@pxref{locale_dir}), usually @file{/boot/grub/locale}. -+@samp{locale_dir} (@pxref{locale_dir}), usually @file{/boot/grub2/locale}. - @end deffn - - -@@ -4871,7 +4878,7 @@ Define a user named @var{user} with password @var{clear-password}. - - @deffn Command password_pbkdf2 user hashed-password - Define a user named @var{user} with password hash @var{hashed-password}. --Use @command{grub-mkpasswd-pbkdf2} (@pxref{Invoking grub-mkpasswd-pbkdf2}) -+Use @command{grub2-mkpasswd-pbkdf2} (@pxref{Invoking grub2-mkpasswd-pbkdf2}) - to generate password hashes. @xref{Security}. - @end deffn - -@@ -5814,8 +5821,8 @@ The @samp{password} (@pxref{password}) and @samp{password_pbkdf2} - which has an associated password. @samp{password} sets the password in - plain text, requiring @file{grub.cfg} to be secure; @samp{password_pbkdf2} - sets the password hashed using the Password-Based Key Derivation Function --(RFC 2898), requiring the use of @command{grub-mkpasswd-pbkdf2} --(@pxref{Invoking grub-mkpasswd-pbkdf2}) to generate password hashes. -+(RFC 2898), requiring the use of @command{grub2-mkpasswd-pbkdf2} -+(@pxref{Invoking grub2-mkpasswd-pbkdf2}) to generate password hashes. - - In order to enable authentication support, the @samp{superusers} environment - variable must be set to a list of usernames, separated by any of spaces, -@@ -5860,7 +5867,7 @@ menuentry "May be run by user1 or a superuser" --users user1 @{ - @end group - @end example - --The @command{grub-mkconfig} program does not yet have built-in support for -+The @command{grub2-mkconfig} program does not yet have built-in support for - generating configuration files with authentication. You can use - @file{/etc/grub.d/40_custom} to add simple superuser authentication, by - adding @kbd{set superusers=} and @kbd{password} or @kbd{password_pbkdf2} -@@ -5887,7 +5894,17 @@ may halt or otherwise impact the boot process. - - An initial trusted public key can be embedded within the GRUB @file{core.img} - using the @code{--pubkey} option to @command{grub-install} --(@pxref{Invoking grub-install}). -+(@pxref{Invoking grub2-install}). -+ -+@comment Unfortunately --pubkey is not yet supported by grub2-install, -+@comment but we should not bring up internal detail grub2-mkimage here -+@comment in the user guide (as opposed to developer's manual). -+ -+@comment An initial trusted public key can be embedded within the GRUB -+@comment @file{core.img} using the @code{--pubkey} option to -+@comment @command{grub2-mkimage} (@pxref{Invoking grub2-install}). Presently it -+@comment is necessary to write a custom wrapper around @command{grub2-mkimage} -+@comment using the @code{--grub-mkimage} flag to @command{grub2-install}. - - GRUB uses GPG-style detached signatures (meaning that a file - @file{foo.sig} will be produced when file @file{foo} is signed), and -@@ -5907,8 +5924,8 @@ gpg --detach-sign /path/to/file - For successful validation of all of GRUB's subcomponents and the - loaded OS kernel, they must all be signed. One way to accomplish this - is the following (after having already produced the desired --@file{grub.cfg} file, e.g., by running @command{grub-mkconfig} --(@pxref{Invoking grub-mkconfig}): -+@file{grub.cfg} file, e.g., by running @command{grub2-mkconfig} -+(@pxref{Invoking grub2-mkconfig}): - - @example - @group -@@ -5930,7 +5947,7 @@ See also: @ref{check_signatures}, @ref{verify_detached}, @ref{trust}, - Note that internally signature enforcement is controlled by setting - the environment variable @code{check_signatures} equal to - @code{enforce}. Passing one or more @code{--pubkey} options to --@command{grub-mkimage} implicitly defines @code{check_signatures} -+@command{grub2-mkimage} implicitly defines @code{check_signatures} - equal to @code{enforce} in @file{core.img} prior to processing any - configuration files. - -@@ -6388,10 +6405,10 @@ Required files are: - - GRUB's normal start-up procedure involves setting the @samp{prefix} - environment variable to a value set in the core image by --@command{grub-install}, setting the @samp{root} variable to match, loading -+@command{grub2-install}, setting the @samp{root} variable to match, loading - the @samp{normal} module from the prefix, and running the @samp{normal} - command (@pxref{normal}). This command is responsible for reading --@file{/boot/grub/grub.cfg}, running the menu, and doing all the useful -+@file{/boot/grub2/grub.cfg}, running the menu, and doing all the useful - things GRUB is supposed to do. - - If, instead, you only get a rescue shell, this usually means that GRUB -@@ -6417,8 +6434,8 @@ normal - - However, any problem that leaves you in the rescue shell probably means that - GRUB was not correctly installed. It may be more useful to try to reinstall --it properly using @kbd{grub-install @var{device}} (@pxref{Invoking --grub-install}). When doing this, there are a few things to remember: -+it properly using @kbd{grub2-install @var{device}} (@pxref{Invoking -+grub2-install}). When doing this, there are a few things to remember: - - @itemize @bullet{} - @item -@@ -6430,7 +6447,7 @@ is usually better to use UUIDs or file system labels and avoid depending on - drive ordering entirely. - - @item --At least on BIOS systems, if you tell @command{grub-install} to install GRUB -+At least on BIOS systems, if you tell @command{grub2-install} to install GRUB - to a partition but GRUB has already been installed in the master boot - record, then the GRUB installation in the partition will be ignored. - -@@ -6461,21 +6478,21 @@ entry which claims partition start at block 0. This change will not hamper - bootability on other machines. - - --@node Invoking grub-install --@chapter Invoking grub-install -+@node Invoking grub2-install -+@chapter Invoking grub2-install - --The program @command{grub-install} generates a GRUB core image using --@command{grub-mkimage} and installs it on your system. You must specify the -+The program @command{grub2-install} generates a GRUB core image using -+@command{grub2-mkimage} and installs it on your system. You must specify the - device name on which you want to install GRUB, like this: - - @example --grub-install @var{install_device} -+grub2-install @var{install_device} - @end example - - The device name @var{install_device} is an OS device name or a GRUB - device name. - --@command{grub-install} accepts the following options: -+@command{grub2-install} accepts the following options: - - @table @option - @item --help -@@ -6491,13 +6508,13 @@ separate partition or a removable disk. - If this option is not specified then it defaults to @file{/boot}, so - - @example --@kbd{grub-install /dev/sda} -+@kbd{grub2-install /dev/sda} - @end example - - is equivalent to - - @example --@kbd{grub-install --boot-directory=/boot/ /dev/sda} -+@kbd{grub2-install --boot-directory=/boot/ /dev/sda} - @end example - - Here is an example in which you have a separate @dfn{boot} partition which is -@@ -6505,16 +6522,16 @@ mounted on - @file{/mnt/boot}: - - @example --@kbd{grub-install --boot-directory=/mnt/boot /dev/sdb} -+@kbd{grub2-install --boot-directory=/mnt/boot /dev/sdb} - @end example - - @item --recheck --Recheck the device map, even if @file{/boot/grub/device.map} already -+Recheck the device map, even if @file{/boot/grub2/device.map} already - exists. You should use this option whenever you add/remove a disk - into/from your computer. - - @item --no-rs-codes --By default on x86 BIOS systems, @command{grub-install} will use some -+By default on x86 BIOS systems, @command{grub2-install} will use some - extra space in the bootloader embedding area for Reed-Solomon - error-correcting codes. This enables GRUB to still boot successfully - if some blocks are corrupted. The exact amount of protection offered -@@ -6527,17 +6544,17 @@ installation}) where GRUB does not reside in any unpartitioned space - outside of the MBR. Disable the Reed-Solomon codes with this option. - @end table - --@node Invoking grub-mkconfig --@chapter Invoking grub-mkconfig -+@node Invoking grub2-mkconfig -+@chapter Invoking grub2-mkconfig - --The program @command{grub-mkconfig} generates a configuration file for GRUB -+The program @command{grub2-mkconfig} generates a configuration file for GRUB - (@pxref{Simple configuration}). - - @example --grub-mkconfig -o /boot/grub/grub.cfg -+grub-mkconfig -o /boot/grub2/grub.cfg - @end example - --@command{grub-mkconfig} accepts the following options: -+@command{grub2-mkconfig} accepts the following options: - - @table @option - @item --help -@@ -6553,17 +6570,17 @@ it to standard output. - @end table - - --@node Invoking grub-mkpasswd-pbkdf2 --@chapter Invoking grub-mkpasswd-pbkdf2 -+@node Invoking grub2-mkpasswd-pbkdf2 -+@chapter Invoking grub2-mkpasswd-pbkdf2 - --The program @command{grub-mkpasswd-pbkdf2} generates password hashes for -+The program @command{grub2-mkpasswd-pbkdf2} generates password hashes for - GRUB (@pxref{Security}). - - @example - grub-mkpasswd-pbkdf2 - @end example - --@command{grub-mkpasswd-pbkdf2} accepts the following options: -+@command{grub2-mkpasswd-pbkdf2} accepts the following options: - - @table @option - @item -c @var{number} -@@ -6581,23 +6598,23 @@ Length of the salt. Defaults to 64. - @end table - - --@node Invoking grub-mkrelpath --@chapter Invoking grub-mkrelpath -+@node Invoking grub2-mkrelpath -+@chapter Invoking grub2-mkrelpath - --The program @command{grub-mkrelpath} makes a file system path relative to -+The program @command{grub2-mkrelpath} makes a file system path relative to - the root of its containing file system. For instance, if @file{/usr} is a - mount point, then: - - @example --$ @kbd{grub-mkrelpath /usr/share/grub/unicode.pf2} -+$ @kbd{grub2-mkrelpath /usr/share/grub/unicode.pf2} - @samp{/share/grub/unicode.pf2} - @end example - - This is mainly used internally by other GRUB utilities such as --@command{grub-mkconfig} (@pxref{Invoking grub-mkconfig}), but may -+@command{grub2-mkconfig} (@pxref{Invoking grub2-mkconfig}), but may - occasionally also be useful for debugging. - --@command{grub-mkrelpath} accepts the following options: -+@command{grub2-mkrelpath} accepts the following options: - - @table @option - @item --help -@@ -6608,17 +6625,17 @@ Print the version number of GRUB and exit. - @end table - - --@node Invoking grub-mkrescue --@chapter Invoking grub-mkrescue -+@node Invoking grub2-mkrescue -+@chapter Invoking grub2-mkrescue - --The program @command{grub-mkrescue} generates a bootable GRUB rescue image -+The program @command{grub2-mkrescue} generates a bootable GRUB rescue image - (@pxref{Making a GRUB bootable CD-ROM}). - - @example - grub-mkrescue -o grub.iso - @end example - --All arguments not explicitly listed as @command{grub-mkrescue} options are -+All arguments not explicitly listed as @command{grub2-mkrescue} options are - passed on directly to @command{xorriso} in @command{mkisofs} emulation mode. - Options passed to @command{xorriso} will normally be interpreted as - @command{mkisofs} options; if the option @samp{--} is used, then anything -@@ -6633,7 +6650,7 @@ mkdir -p disk/boot/grub - grub-mkrescue -o grub.iso disk - @end example - --@command{grub-mkrescue} accepts the following options: -+@command{grub2-mkrescue} accepts the following options: - - @table @option - @item --help -@@ -6661,15 +6678,15 @@ Use @var{file} as the @command{xorriso} program, rather than the built-in - default. - - @item --grub-mkimage=@var{file} --Use @var{file} as the @command{grub-mkimage} program, rather than the -+Use @var{file} as the @command{grub2-mkimage} program, rather than the - built-in default. - @end table - - --@node Invoking grub-mount --@chapter Invoking grub-mount -+@node Invoking grub2-mount -+@chapter Invoking grub2-mount - --The program @command{grub-mount} performs a read-only mount of any file -+The program @command{grub2-mount} performs a read-only mount of any file - system or file system image that GRUB understands, using GRUB's file system - drivers via FUSE. (It is only available if FUSE development files were - present when GRUB was built.) This has a number of uses: -@@ -6701,13 +6718,13 @@ even if nobody has yet written a FUSE module specifically for that file - system type. - @end itemize - --Using @command{grub-mount} is normally as simple as: -+Using @command{grub2-mount} is normally as simple as: - - @example - grub-mount /dev/sda1 /mnt - @end example - --@command{grub-mount} must be given one or more images and a mount point as -+@command{grub2-mount} must be given one or more images and a mount point as - non-option arguments (if it is given more than one image, it will treat them - as a RAID set), and also accepts the following options: - -@@ -6729,13 +6746,13 @@ Show debugging output for conditions matching @var{string}. - @item -K prompt|@var{file} - @itemx --zfs-key=prompt|@var{file} - Load a ZFS encryption key. If you use @samp{prompt} as the argument, --@command{grub-mount} will read a passphrase from the terminal; otherwise, it -+@command{grub2-mount} will read a passphrase from the terminal; otherwise, it - will read key material from the specified file. - - @item -r @var{device} - @itemx --root=@var{device} - Set the GRUB root device to @var{device}. You do not normally need to set --this; @command{grub-mount} will automatically set the root device to the -+this; @command{grub2-mount} will automatically set the root device to the - root of the supplied file system. - - If @var{device} is just a number, then it will be treated as a partition -@@ -6753,10 +6770,10 @@ Print verbose messages. - @end table - - --@node Invoking grub-probe --@chapter Invoking grub-probe -+@node Invoking grub2-probe -+@chapter Invoking grub2-probe - --The program @command{grub-probe} probes device information for a given path -+The program @command{grub2-probe} probes device information for a given path - or device. - - @example -@@ -6764,7 +6781,7 @@ grub-probe --target=fs /boot/grub - grub-probe --target=drive --device /dev/sda1 - @end example - --@command{grub-probe} must be given a path or device as a non-option -+@command{grub2-probe} must be given a path or device as a non-option - argument, and also accepts the following options: - - @table @option -@@ -6777,16 +6794,16 @@ Print the version number of GRUB and exit. - @item -d - @itemx --device - If this option is given, then the non-option argument is a system device --name (such as @samp{/dev/sda1}), and @command{grub-probe} will print -+name (such as @samp{/dev/sda1}), and @command{grub2-probe} will print - information about that device. If it is not given, then the non-option - argument is a filesystem path (such as @samp{/boot/grub}), and --@command{grub-probe} will print information about the device containing that -+@command{grub2-probe} will print information about the device containing that - part of the filesystem. - - @item -m @var{file} - @itemx --device-map=@var{file} - Use @var{file} as the device map (@pxref{Device map}) rather than the --default, usually @samp{/boot/grub/device.map}. -+default, usually @samp{/boot/grub2/device.map}. - - @item -t @var{target} - @itemx --target=@var{target} -@@ -6839,19 +6856,19 @@ Print verbose messages. - @end table - - --@node Invoking grub-script-check --@chapter Invoking grub-script-check -+@node Invoking grub2-script-check -+@chapter Invoking grub2-script-check - --The program @command{grub-script-check} takes a GRUB script file -+The program @command{grub2-script-check} takes a GRUB script file - (@pxref{Shell-like scripting}) and checks it for syntax errors, similar to - commands such as @command{sh -n}. It may take a @var{path} as a non-option - argument; if none is supplied, it will read from standard input. - - @example --grub-script-check /boot/grub/grub.cfg -+grub-script-check /boot/grub2/grub.cfg - @end example - --@command{grub-script-check} accepts the following options: -+@command{grub2-script-check} accepts the following options: - - @table @option - @item --help diff --git a/0043-macos-just-build-chainloader-entries-don-t-try-any-x.patch b/0043-macos-just-build-chainloader-entries-don-t-try-any-x.patch deleted file mode 100644 index 574d1173538c9cd600aab0751594eb65a20ad5dd..0000000000000000000000000000000000000000 --- a/0043-macos-just-build-chainloader-entries-don-t-try-any-x.patch +++ /dev/null @@ -1,124 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 24 May 2017 12:42:32 -0400 -Subject: [PATCH] macos: just build chainloader entries, don't try any xnu xnu. - -Since our bugs tell us that the xnu boot entries really just don't work -most of the time, and they create piles of extra boot entries, because -they can't quite figure out 32-vs-64 and other stuff like that. - -It's rediculous, and we should just boot their bootloader through the -chainloader instead. - -So this patch does that. - -Resolves: rhbz#893179 - -Signed-off-by: Peter Jones ---- - util/grub.d/30_os-prober.in | 78 +++++++++++---------------------------------- - 1 file changed, 18 insertions(+), 60 deletions(-) - -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 1b91c102f35..4b27bd20153 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -42,68 +42,25 @@ if [ -z "${OSPROBED}" ] ; then - fi - - osx_entry() { -- if [ x$2 = x32 ]; then -- # TRANSLATORS: it refers to kernel architecture (32-bit) -- bitstr="$(gettext "(32-bit)")" -- else -- # TRANSLATORS: it refers to kernel architecture (64-bit) -- bitstr="$(gettext "(64-bit)")" -- fi - # TRANSLATORS: it refers on the OS residing on device %s - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" -- cat << EOF --menuentry '$(echo "${LONGNAME} $bitstr $onstr" | grub_quote)' --class osx --class darwin --class os \$menuentry_id_option 'osprober-xnu-$2-$(grub_get_device_id "${DEVICE}")' { -+ hints="" -+ for hint in `"${grub_probe}" --device ${device} --target=efi_hints 2> /dev/null` ; do -+ hints="${hints} --hint=${hint}" -+ done -+ cat << EOF -+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class osx --class darwin --class os \$menuentry_id_option 'osprober-xnu-$2-$(grub_get_device_id "${DEVICE}")' { - EOF - save_default_entry | grub_add_tab - prepare_grub_to_access_device ${DEVICE} | grub_add_tab - cat << EOF -+ set gfxpayload=keep - load_video -- set do_resume=0 -- if [ /var/vm/sleepimage -nt10 / ]; then -- if xnu_resume /var/vm/sleepimage; then -- set do_resume=1 -- fi -- fi -- if [ \$do_resume = 0 ]; then -- xnu_uuid ${OSXUUID} uuid -- if [ -f /Extra/DSDT.aml ]; then -- acpi -e /Extra/DSDT.aml -- fi -- if [ /kernelcache -nt /System/Library/Extensions ]; then -- $1 /kernelcache boot-uuid=\${uuid} rd=*uuid -- elif [ -f /System/Library/Kernels/kernel ]; then -- $1 /System/Library/Kernels/kernel boot-uuid=\${uuid} rd=*uuid -- xnu_kextdir /System/Library/Extensions -- else -- $1 /mach_kernel boot-uuid=\${uuid} rd=*uuid -- if [ /System/Library/Extensions.mkext -nt /System/Library/Extensions ]; then -- xnu_mkext /System/Library/Extensions.mkext -- else -- xnu_kextdir /System/Library/Extensions -- fi -- fi -- if [ -f /Extra/Extensions.mkext ]; then -- xnu_mkext /Extra/Extensions.mkext -- fi -- if [ -d /Extra/Extensions ]; then -- xnu_kextdir /Extra/Extensions -- fi -- if [ -f /Extra/devprop.bin ]; then -- xnu_devprop_load /Extra/devprop.bin -- fi -- if [ -f /Extra/splash.jpg ]; then -- insmod jpeg -- xnu_splash /Extra/splash.jpg -- fi -- if [ -f /Extra/splash.png ]; then -- insmod png -- xnu_splash /Extra/splash.png -- fi -- if [ -f /Extra/splash.tga ]; then -- insmod tga -- xnu_splash /Extra/splash.tga -- fi -- fi -+ insmod part_gpt -+ insmod hfsplus -+ search --no-floppy --fs-uuid --set=root ${hints} $(grub_get_device_id "${DEVICE}") -+ chainloader (\$root)/System/Library/CoreServices/boot.efi -+ boot - } - EOF - } -@@ -292,11 +249,12 @@ EOF - echo "$title_correction_code" - ;; - macosx) -- if [ "${UUID}" ]; then -- OSXUUID="${UUID}" -- osx_entry xnu_kernel 32 -- osx_entry xnu_kernel64 64 -- fi -+ for subdevice in ${DEVICE%[[:digit:]]*}* ; do -+ parttype="`"${grub_probe}" --device ${device} --target=gpt_parttype "${subdevice}" 2> /dev/null`" -+ if [[ "$parttype" = "426f6f74-0000-11aa-aa11-00306543ecac" ]]; then -+ DEVICE="${subdevice}" osx_entry -+ fi -+ done - ;; - hurd) - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" diff --git a/0044-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch b/0044-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch deleted file mode 100644 index 68dfc1dc9badcb84c1357847b730a724afb39785..0000000000000000000000000000000000000000 --- a/0044-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch +++ /dev/null @@ -1,703 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jeff Mahoney -Date: Tue, 9 Jul 2019 13:39:45 +0200 -Subject: [PATCH] grub2/btrfs: Add ability to boot from subvolumes - -This patch adds the ability to specify a different root on a btrfs -filesystem too boot from other than the default one. - -btrfs-list-snapshots will list the subvolumes available on the -filesystem. - -set btrfs_subvol= and set btrfs_subvolid= will specify -which subvolume to use and any pathnames provided with either of those -variables set will start using that root. If the subvolume or subvolume id -doesn't exist, then an error case will result. - -It is possible to boot into a separate GRUB instance by exporting the -variable and loading the config file from the subvolume. - -Signed-off-by: Jeff Mahoney ---- - grub-core/fs/btrfs.c | 552 +++++++++++++++++++++++++++++++++++++++++++++++++-- - include/grub/btrfs.h | 1 + - 2 files changed, 533 insertions(+), 20 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 63203034dfc..f1fff7385b5 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -38,6 +38,9 @@ - #include - #include - #include -+#include -+#include -+#include - #include - #include - #include -@@ -79,9 +82,11 @@ struct grub_btrfs_superblock - grub_uint64_t generation; - grub_uint64_t root_tree; - grub_uint64_t chunk_tree; -- grub_uint8_t dummy2[0x20]; -+ grub_uint8_t dummy2[0x18]; -+ grub_uint64_t bytes_used; - grub_uint64_t root_dir_objectid; -- grub_uint8_t dummy3[0x41]; -+ grub_uint64_t num_devices; -+ grub_uint8_t dummy3[0x39]; - struct grub_btrfs_device this_device; - char label[0x100]; - grub_uint8_t dummy4[0x100]; -@@ -121,6 +126,7 @@ struct grub_btrfs_data - grub_uint64_t exttree; - grub_size_t extsize; - struct grub_btrfs_extent_data *extent; -+ grub_uint64_t fs_tree; - }; - - struct grub_btrfs_chunk_item -@@ -191,6 +197,14 @@ struct grub_btrfs_leaf_descriptor - } *data; - }; - -+struct grub_btrfs_root_ref -+{ -+ grub_uint64_t dirid; -+ grub_uint64_t sequence; -+ grub_uint16_t name_len; -+ const char name[0]; -+} __attribute__ ((packed)); -+ - struct grub_btrfs_time - { - grub_int64_t sec; -@@ -236,6 +250,14 @@ struct grub_btrfs_extent_data - - #define GRUB_BTRFS_OBJECT_ID_CHUNK 0x100 - -+#define GRUB_BTRFS_ROOT_TREE_OBJECTID 1ULL -+#define GRUB_BTRFS_FS_TREE_OBJECTID 5ULL -+#define GRUB_BTRFS_ROOT_REF_KEY 156 -+#define GRUB_BTRFS_ROOT_ITEM_KEY 132 -+ -+static grub_uint64_t btrfs_default_subvolid = 0; -+static char *btrfs_default_subvol = NULL; -+ - static grub_disk_addr_t superblock_sectors[] = { 64 * 2, 64 * 1024 * 2, - 256 * 1048576 * 2, 1048576ULL * 1048576ULL * 2 - }; -@@ -1173,6 +1195,62 @@ grub_btrfs_read_logical (struct grub_btrfs_data *data, grub_disk_addr_t addr, - return GRUB_ERR_NONE; - } - -+static grub_err_t -+get_fs_root(struct grub_btrfs_data *data, grub_uint64_t tree, -+ grub_uint64_t objectid, grub_uint64_t offset, -+ grub_uint64_t *fs_root); -+ -+static grub_err_t -+lookup_root_by_id(struct grub_btrfs_data *data, grub_uint64_t id) -+{ -+ grub_err_t err; -+ grub_uint64_t tree; -+ -+ err = get_fs_root(data, data->sblock.root_tree, id, -1, &tree); -+ if (!err) -+ data->fs_tree = tree; -+ return err; -+} -+ -+static grub_err_t -+find_path (struct grub_btrfs_data *data, -+ const char *path, struct grub_btrfs_key *key, -+ grub_uint64_t *tree, grub_uint8_t *type); -+ -+static grub_err_t -+lookup_root_by_name(struct grub_btrfs_data *data, const char *path) -+{ -+ grub_err_t err; -+ grub_uint64_t tree = 0; -+ grub_uint8_t type; -+ struct grub_btrfs_key key; -+ -+ err = find_path (data, path, &key, &tree, &type); -+ if (err) -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, "couldn't locate %s\n", path); -+ -+ if (key.object_id != grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK) || tree == 0) -+ return grub_error(GRUB_ERR_BAD_FILE_TYPE, "%s: not a subvolume\n", path); -+ -+ data->fs_tree = tree; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+btrfs_handle_subvol(struct grub_btrfs_data *data __attribute__ ((unused))) -+{ -+ if (btrfs_default_subvol) -+ return lookup_root_by_name(data, btrfs_default_subvol); -+ -+ if (btrfs_default_subvolid) -+ return lookup_root_by_id(data, btrfs_default_subvolid); -+ -+ data->fs_tree = 0; -+ -+ return GRUB_ERR_NONE; -+} -+ -+ - static struct grub_btrfs_data * - grub_btrfs_mount (grub_device_t dev) - { -@@ -1208,6 +1286,13 @@ grub_btrfs_mount (grub_device_t dev) - data->devices_attached[0].dev = dev; - data->devices_attached[0].id = data->sblock.this_device.device_id; - -+ err = btrfs_handle_subvol (data); -+ if (err) -+ { -+ grub_free (data); -+ return NULL; -+ } -+ - return data; - } - -@@ -1673,6 +1758,91 @@ get_root (struct grub_btrfs_data *data, struct grub_btrfs_key *key, - return GRUB_ERR_NONE; - } - -+static grub_err_t -+find_pathname(struct grub_btrfs_data *data, grub_uint64_t objectid, -+ grub_uint64_t fs_root, const char *name, char **pathname) -+{ -+ grub_err_t err; -+ struct grub_btrfs_key key = { -+ .object_id = objectid, -+ .type = GRUB_BTRFS_ITEM_TYPE_INODE_REF, -+ .offset = 0, -+ }; -+ struct grub_btrfs_key key_out; -+ struct grub_btrfs_leaf_descriptor desc; -+ char *p = grub_strdup (name); -+ grub_disk_addr_t elemaddr; -+ grub_size_t elemsize; -+ grub_size_t alloc = grub_strlen(name) + 1; -+ -+ err = lower_bound(data, &key, &key_out, fs_root, -+ &elemaddr, &elemsize, &desc, 0); -+ if (err) -+ return grub_error(err, "lower_bound caught %d\n", err); -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_INODE_REF) -+ next(data, &desc, &elemaddr, &elemsize, &key_out); -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_INODE_REF) -+ { -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, -+ "Can't find inode ref for {%"PRIuGRUB_UINT64_T -+ ", %u, %"PRIuGRUB_UINT64_T"} %"PRIuGRUB_UINT64_T -+ "/%"PRIuGRUB_SIZE"\n", -+ key_out.object_id, key_out.type, -+ key_out.offset, elemaddr, elemsize); -+ } -+ -+ -+ while (key_out.type == GRUB_BTRFS_ITEM_TYPE_INODE_REF && -+ key_out.object_id != key_out.offset) { -+ struct grub_btrfs_inode_ref *inode_ref; -+ char *new; -+ -+ inode_ref = grub_malloc(elemsize + 1); -+ if (!inode_ref) -+ return grub_error(GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't allocate memory for inode_ref (%"PRIuGRUB_SIZE")\n", elemsize); -+ -+ err = grub_btrfs_read_logical(data, elemaddr, inode_ref, elemsize, 0); -+ if (err) -+ return grub_error(err, "read_logical caught %d\n", err); -+ -+ alloc += grub_le_to_cpu16 (inode_ref->n) + 2; -+ new = grub_malloc(alloc); -+ if (!new) -+ return grub_error(GRUB_ERR_OUT_OF_MEMORY, -+ "couldn't allocate memory for name (%"PRIuGRUB_SIZE")\n", alloc); -+ -+ grub_memcpy(new, inode_ref->name, grub_le_to_cpu16 (inode_ref->n)); -+ if (p) -+ { -+ new[grub_le_to_cpu16 (inode_ref->n)] = '/'; -+ grub_strcpy (new + grub_le_to_cpu16 (inode_ref->n) + 1, p); -+ grub_free(p); -+ } -+ else -+ new[grub_le_to_cpu16 (inode_ref->n)] = 0; -+ grub_free(inode_ref); -+ -+ p = new; -+ -+ key.object_id = key_out.offset; -+ -+ err = lower_bound(data, &key, &key_out, fs_root, &elemaddr, -+ &elemsize, &desc, 0); -+ if (err) -+ return grub_error(err, "lower_bound caught %d\n", err); -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_INODE_REF) -+ next(data, &desc, &elemaddr, &elemsize, &key_out); -+ -+ } -+ -+ *pathname = p; -+ return 0; -+} -+ - static grub_err_t - find_path (struct grub_btrfs_data *data, - const char *path, struct grub_btrfs_key *key, -@@ -1691,14 +1861,26 @@ find_path (struct grub_btrfs_data *data, - char *origpath = NULL; - unsigned symlinks_max = 32; - -- err = get_root (data, key, tree, type); -- if (err) -- return err; -- - origpath = grub_strdup (path); - if (!origpath) - return grub_errno; - -+ if (data->fs_tree) -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->fs_tree; -+ /* This is a tree root, so everything starts at objectid 256 */ -+ key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ } -+ else -+ { -+ err = get_root (data, key, tree, type); -+ if (err) -+ return err; -+ } -+ - while (1) - { - while (path[0] == '/') -@@ -1871,9 +2053,21 @@ find_path (struct grub_btrfs_data *data, - path = path_alloc = tmp; - if (path[0] == '/') - { -- err = get_root (data, key, tree, type); -- if (err) -- return err; -+ if (data->fs_tree) -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->fs_tree; -+ /* This is a tree root, so everything starts at objectid 256 */ -+ key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ } -+ else -+ { -+ err = get_root (data, key, tree, type); -+ if (err) -+ return err; -+ } - } - continue; - } -@@ -2114,18 +2308,10 @@ grub_btrfs_read (grub_file_t file, char *buf, grub_size_t len) - data->tree, file->offset, buf, len); - } - --static grub_err_t --grub_btrfs_uuid (grub_device_t device, char **uuid) -+static char * -+btrfs_unparse_uuid(struct grub_btrfs_data *data) - { -- struct grub_btrfs_data *data; -- -- *uuid = NULL; -- -- data = grub_btrfs_mount (device); -- if (!data) -- return grub_errno; -- -- *uuid = grub_xasprintf ("%04x%04x-%04x-%04x-%04x-%04x%04x%04x", -+ return grub_xasprintf ("%04x%04x-%04x-%04x-%04x-%04x%04x%04x", - grub_be_to_cpu16 (data->sblock.uuid[0]), - grub_be_to_cpu16 (data->sblock.uuid[1]), - grub_be_to_cpu16 (data->sblock.uuid[2]), -@@ -2134,6 +2320,20 @@ grub_btrfs_uuid (grub_device_t device, char **uuid) - grub_be_to_cpu16 (data->sblock.uuid[5]), - grub_be_to_cpu16 (data->sblock.uuid[6]), - grub_be_to_cpu16 (data->sblock.uuid[7])); -+} -+ -+static grub_err_t -+grub_btrfs_uuid (grub_device_t device, char **uuid) -+{ -+ struct grub_btrfs_data *data; -+ -+ *uuid = NULL; -+ -+ data = grub_btrfs_mount (device); -+ if (!data) -+ return grub_errno; -+ -+ *uuid = btrfs_unparse_uuid(data); - - grub_btrfs_unmount (data); - -@@ -2190,6 +2390,242 @@ grub_btrfs_embed (grub_device_t device __attribute__ ((unused)), - } - #endif - -+static grub_err_t -+grub_cmd_btrfs_info (grub_command_t cmd __attribute__ ((unused)), int argc, -+ char **argv) -+{ -+ grub_device_t dev; -+ char *devname; -+ struct grub_btrfs_data *data; -+ char *uuid; -+ -+ if (argc < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required"); -+ -+ devname = grub_file_get_device_name(argv[0]); -+ -+ if (!devname) -+ return grub_errno; -+ -+ dev = grub_device_open (devname); -+ grub_free (devname); -+ if (!dev) -+ return grub_errno; -+ -+ data = grub_btrfs_mount (dev); -+ if (!data) -+ { -+ grub_device_close(dev); -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "failed to open fs"); -+ } -+ -+ if (data->sblock.label) -+ grub_printf("Label: '%s' ", data->sblock.label); -+ else -+ grub_printf("Label: none "); -+ -+ uuid = btrfs_unparse_uuid(data); -+ -+ grub_printf(" uuid: %s\n\tTotal devices %" PRIuGRUB_UINT64_T -+ " FS bytes used %" PRIuGRUB_UINT64_T "\n", -+ uuid, grub_cpu_to_le64(data->sblock.num_devices), -+ grub_cpu_to_le64(data->sblock.bytes_used)); -+ -+ grub_btrfs_unmount (data); -+ -+ return 0; -+} -+ -+static grub_err_t -+get_fs_root(struct grub_btrfs_data *data, grub_uint64_t tree, -+ grub_uint64_t objectid, grub_uint64_t offset, -+ grub_uint64_t *fs_root) -+{ -+ grub_err_t err; -+ struct grub_btrfs_key key_in = { -+ .object_id = objectid, -+ .type = GRUB_BTRFS_ROOT_ITEM_KEY, -+ .offset = offset, -+ }, key_out; -+ struct grub_btrfs_leaf_descriptor desc; -+ grub_disk_addr_t elemaddr; -+ grub_size_t elemsize; -+ struct grub_btrfs_root_item ri; -+ -+ err = lower_bound(data, &key_in, &key_out, tree, -+ &elemaddr, &elemsize, &desc, 0); -+ -+ if (err) -+ return err; -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_ITEM || elemaddr == 0) -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, -+ N_("can't find fs root for subvol %"PRIuGRUB_UINT64_T"\n"), -+ key_in.object_id); -+ -+ err = grub_btrfs_read_logical (data, elemaddr, &ri, sizeof (ri), 0); -+ if (err) -+ return err; -+ -+ *fs_root = ri.tree; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static const struct grub_arg_option options[] = { -+ {"output", 'o', 0, N_("Output to a variable instead of the console."), -+ N_("VARNAME"), ARG_TYPE_STRING}, -+ {"path-only", 'p', 0, N_("Show only the path of the subvolume."), 0, 0}, -+ {"id-only", 'i', 0, N_("Show only the id of the subvolume."), 0, 0}, -+ {0, 0, 0, 0, 0, 0} -+}; -+ -+static grub_err_t -+grub_cmd_btrfs_list_subvols (struct grub_extcmd_context *ctxt, -+ int argc, char **argv) -+{ -+ struct grub_btrfs_data *data; -+ grub_device_t dev; -+ char *devname; -+ grub_uint64_t tree; -+ struct grub_btrfs_key key_in = { -+ .object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_FS_TREE_OBJECTID), -+ .type = GRUB_BTRFS_ROOT_REF_KEY, -+ .offset = 0, -+ }, key_out; -+ struct grub_btrfs_leaf_descriptor desc; -+ grub_disk_addr_t elemaddr; -+ grub_uint64_t fs_root = 0; -+ grub_size_t elemsize; -+ grub_size_t allocated = 0; -+ int r = 0; -+ grub_err_t err; -+ char *buf = NULL; -+ int print = 1; -+ int path_only = ctxt->state[1].set; -+ int num_only = ctxt->state[2].set; -+ char *varname = NULL; -+ char *output = NULL; -+ -+ if (ctxt->state[0].set) { -+ varname = ctxt->state[0].arg; -+ print = 0; -+ } -+ -+ if (argc < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required"); -+ -+ devname = grub_file_get_device_name(argv[0]); -+ if (!devname) -+ return grub_errno; -+ -+ dev = grub_device_open (devname); -+ grub_free (devname); -+ if (!dev) -+ return grub_errno; -+ -+ data = grub_btrfs_mount(dev); -+ if (!data) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "could not open device"); -+ -+ tree = data->sblock.root_tree; -+ err = get_fs_root(data, tree, grub_cpu_to_le64_compile_time (GRUB_BTRFS_FS_TREE_OBJECTID), -+ 0, &fs_root); -+ if (err) -+ goto out; -+ -+ err = lower_bound(data, &key_in, &key_out, tree, -+ &elemaddr, &elemsize, &desc, 0); -+ -+ if (err) -+ { -+ grub_btrfs_unmount(data); -+ return err; -+ } -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_REF || elemaddr == 0) -+ { -+ r = next(data, &desc, &elemaddr, &elemsize, &key_out); -+ } -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_REF) { -+ err = GRUB_ERR_FILE_NOT_FOUND; -+ grub_error(GRUB_ERR_FILE_NOT_FOUND, N_("can't find root refs")); -+ goto out; -+ } -+ -+ do -+ { -+ struct grub_btrfs_root_ref *ref; -+ char *p = NULL; -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_REF) -+ { -+ r = 0; -+ break; -+ } -+ -+ if (elemsize > allocated) -+ { -+ grub_free(buf); -+ allocated = 2 * elemsize; -+ buf = grub_malloc(allocated + 1); -+ if (!buf) -+ { -+ r = -grub_errno; -+ break; -+ } -+ } -+ ref = (struct grub_btrfs_root_ref *)buf; -+ -+ err = grub_btrfs_read_logical(data, elemaddr, buf, elemsize, 0); -+ if (err) -+ { -+ r = -err; -+ break; -+ } -+ buf[elemsize] = 0; -+ -+ find_pathname(data, ref->dirid, fs_root, ref->name, &p); -+ -+ if (print) -+ { -+ if (num_only) -+ grub_printf("ID %"PRIuGRUB_UINT64_T"\n", key_out.offset); -+ else if (path_only) -+ grub_printf("%s\n", p); -+ else -+ grub_printf("ID %"PRIuGRUB_UINT64_T" path %s\n", key_out.offset, p); -+ } else { -+ char *old = output; -+ if (num_only) -+ output = grub_xasprintf("%s%"PRIuGRUB_UINT64_T"\n", -+ old ?: "", key_out.offset); -+ else if (path_only) -+ output = grub_xasprintf("%s%s\n", old ?: "", p); -+ else -+ output = grub_xasprintf("%sID %"PRIuGRUB_UINT64_T" path %s\n", -+ old ?: "", key_out.offset, p); -+ -+ if (old) -+ grub_free(old); -+ } -+ -+ r = next(data, &desc, &elemaddr, &elemsize, &key_out); -+ } while(r > 0); -+ -+ if (output) -+ grub_env_set(varname, output); -+ -+out: -+ free_iterator(&desc); -+ grub_btrfs_unmount(data); -+ -+ grub_device_close (dev); -+ -+ return 0; -+} -+ - static struct grub_fs grub_btrfs_fs = { - .name = "btrfs", - .fs_dir = grub_btrfs_dir, -@@ -2205,12 +2641,88 @@ static struct grub_fs grub_btrfs_fs = { - #endif - }; - -+static grub_command_t cmd_info; -+static grub_extcmd_t cmd_list_subvols; -+ -+static char * -+subvolid_set_env (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val) -+{ -+ unsigned long long result = 0; -+ -+ grub_errno = GRUB_ERR_NONE; -+ if (*val) -+ { -+ result = grub_strtoull(val, NULL, 10); -+ if (grub_errno) -+ return NULL; -+ } -+ -+ grub_free (btrfs_default_subvol); -+ btrfs_default_subvol = NULL; -+ btrfs_default_subvolid = result; -+ return grub_strdup(val); -+} -+ -+static const char * -+subvolid_get_env (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ if (btrfs_default_subvol) -+ return grub_xasprintf("subvol:%s", btrfs_default_subvol); -+ else if (btrfs_default_subvolid) -+ return grub_xasprintf("%"PRIuGRUB_UINT64_T, btrfs_default_subvolid); -+ else -+ return ""; -+} -+ -+static char * -+subvol_set_env (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val) -+{ -+ grub_free (btrfs_default_subvol); -+ btrfs_default_subvol = grub_strdup (val); -+ btrfs_default_subvolid = 0; -+ return grub_strdup(val); -+} -+ -+static const char * -+subvol_get_env (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ if (btrfs_default_subvol) -+ return btrfs_default_subvol; -+ else if (btrfs_default_subvolid) -+ return grub_xasprintf("subvolid:%" PRIuGRUB_UINT64_T, -+ btrfs_default_subvolid); -+ else -+ return ""; -+} -+ - GRUB_MOD_INIT (btrfs) - { - grub_fs_register (&grub_btrfs_fs); -+ cmd_info = grub_register_command("btrfs-info", grub_cmd_btrfs_info, -+ "DEVICE", -+ "Print BtrFS info about DEVICE."); -+ cmd_list_subvols = grub_register_extcmd("btrfs-list-subvols", -+ grub_cmd_btrfs_list_subvols, 0, -+ "[-p|-n] [-o var] DEVICE", -+ "Print list of BtrFS subvolumes on " -+ "DEVICE.", options); -+ grub_register_variable_hook ("btrfs_subvol", subvol_get_env, -+ subvol_set_env); -+ grub_register_variable_hook ("btrfs_subvolid", subvolid_get_env, -+ subvolid_set_env); - } - - GRUB_MOD_FINI (btrfs) - { -+ grub_register_variable_hook ("btrfs_subvol", NULL, NULL); -+ grub_register_variable_hook ("btrfs_subvolid", NULL, NULL); -+ grub_unregister_command (cmd_info); -+ grub_unregister_extcmd (cmd_list_subvols); - grub_fs_unregister (&grub_btrfs_fs); - } -+ -+// vim: si et sw=2: -diff --git a/include/grub/btrfs.h b/include/grub/btrfs.h -index 9d93fb6c182..234ad976771 100644 ---- a/include/grub/btrfs.h -+++ b/include/grub/btrfs.h -@@ -29,6 +29,7 @@ enum - GRUB_BTRFS_ITEM_TYPE_ROOT_ITEM = 0x84, - GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF = 0x90, - GRUB_BTRFS_ITEM_TYPE_DEVICE = 0xd8, -+ GRUB_BTRFS_ITEM_TYPE_ROOT_REF = 0x9c, - GRUB_BTRFS_ITEM_TYPE_CHUNK = 0xe4 - }; - diff --git a/0045-export-btrfs_subvol-and-btrfs_subvolid.patch b/0045-export-btrfs_subvol-and-btrfs_subvolid.patch deleted file mode 100644 index d38a6b878db3366d4236c37971d1561dd6b846e4..0000000000000000000000000000000000000000 --- a/0045-export-btrfs_subvol-and-btrfs_subvolid.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 18 Dec 2013 09:57:04 +0000 -Subject: [PATCH] export btrfs_subvol and btrfs_subvolid - -We should export btrfs_subvol and btrfs_subvolid to have both visible -to subsidiary configuration files loaded using configfile. - -Signed-off-by: Michael Chang ---- - grub-core/fs/btrfs.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index f1fff7385b5..ad1b56b716d 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -2714,6 +2714,8 @@ GRUB_MOD_INIT (btrfs) - subvol_set_env); - grub_register_variable_hook ("btrfs_subvolid", subvolid_get_env, - subvolid_set_env); -+ grub_env_export ("btrfs_subvol"); -+ grub_env_export ("btrfs_subvolid"); - } - - GRUB_MOD_FINI (btrfs) diff --git a/0046-grub2-btrfs-03-follow_default.patch b/0046-grub2-btrfs-03-follow_default.patch deleted file mode 100644 index ca203f4a423d9f2bedbf85d8fbd3337b723eed5c..0000000000000000000000000000000000000000 --- a/0046-grub2-btrfs-03-follow_default.patch +++ /dev/null @@ -1,198 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH] grub2-btrfs-03-follow_default - -Signed-off-by: Michael Chang -Signed-off-by: Robbie Harwood ---- - grub-core/fs/btrfs.c | 107 ++++++++++++++++++++++++++++++++++++--------------- - 1 file changed, 76 insertions(+), 31 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index ad1b56b716d..113c1f746c9 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -1256,6 +1256,7 @@ grub_btrfs_mount (grub_device_t dev) - { - struct grub_btrfs_data *data; - grub_err_t err; -+ const char *relpath = grub_env_get ("btrfs_relative_path"); - - if (!dev->disk) - { -@@ -1286,11 +1287,14 @@ grub_btrfs_mount (grub_device_t dev) - data->devices_attached[0].dev = dev; - data->devices_attached[0].id = data->sblock.this_device.device_id; - -- err = btrfs_handle_subvol (data); -- if (err) -+ if (relpath && (relpath[0] == '1' || relpath[0] == 'y')) - { -- grub_free (data); -- return NULL; -+ err = btrfs_handle_subvol (data); -+ if (err) -+ { -+ grub_free (data); -+ return NULL; -+ } - } - - return data; -@@ -1855,24 +1859,39 @@ find_path (struct grub_btrfs_data *data, - grub_size_t allocated = 0; - struct grub_btrfs_dir_item *direl = NULL; - struct grub_btrfs_key key_out; -+ int follow_default; - const char *ctoken; - grub_size_t ctokenlen; - char *path_alloc = NULL; - char *origpath = NULL; - unsigned symlinks_max = 32; -+ const char *relpath = grub_env_get ("btrfs_relative_path"); - -+ follow_default = 0; - origpath = grub_strdup (path); - if (!origpath) - return grub_errno; - -- if (data->fs_tree) -+ if (relpath && (relpath[0] == '1' || relpath[0] == 'y')) - { -- *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -- *tree = data->fs_tree; -- /* This is a tree root, so everything starts at objectid 256 */ -- key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -- key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -- key->offset = 0; -+ if (data->fs_tree) -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->fs_tree; -+ /* This is a tree root, so everything starts at objectid 256 */ -+ key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ } -+ else -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->sblock.root_tree; -+ key->object_id = data->sblock.root_dir_objectid; -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ follow_default = 1; -+ } - } - else - { -@@ -1883,15 +1902,23 @@ find_path (struct grub_btrfs_data *data, - - while (1) - { -- while (path[0] == '/') -- path++; -- if (!path[0]) -- break; -- slash = grub_strchr (path, '/'); -- if (!slash) -- slash = path + grub_strlen (path); -- ctoken = path; -- ctokenlen = slash - path; -+ if (!follow_default) -+ { -+ while (path[0] == '/') -+ path++; -+ if (!path[0]) -+ break; -+ slash = grub_strchr (path, '/'); -+ if (!slash) -+ slash = path + grub_strlen (path); -+ ctoken = path; -+ ctokenlen = slash - path; -+ } -+ else -+ { -+ ctoken = "default"; -+ ctokenlen = sizeof ("default") - 1; -+ } - - if (*type != GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY) - { -@@ -1902,7 +1929,9 @@ find_path (struct grub_btrfs_data *data, - - if (ctokenlen == 1 && ctoken[0] == '.') - { -- path = slash; -+ if (!follow_default) -+ path = slash; -+ follow_default = 0; - continue; - } - if (ctokenlen == 2 && ctoken[0] == '.' && ctoken[1] == '.') -@@ -1933,8 +1962,9 @@ find_path (struct grub_btrfs_data *data, - *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; - key->object_id = key_out.offset; - -- path = slash; -- -+ if (!follow_default) -+ path = slash; -+ follow_default = 0; - continue; - } - -@@ -2003,7 +2033,9 @@ find_path (struct grub_btrfs_data *data, - return err; - } - -- path = slash; -+ if (!follow_default) -+ path = slash; -+ follow_default = 0; - if (cdirel->type == GRUB_BTRFS_DIR_ITEM_TYPE_SYMLINK) - { - struct grub_btrfs_inode inode; -@@ -2053,14 +2085,26 @@ find_path (struct grub_btrfs_data *data, - path = path_alloc = tmp; - if (path[0] == '/') - { -- if (data->fs_tree) -+ if (relpath && (relpath[0] == '1' || relpath[0] == 'y')) - { -- *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -- *tree = data->fs_tree; -- /* This is a tree root, so everything starts at objectid 256 */ -- key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -- key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -- key->offset = 0; -+ if (data->fs_tree) -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->fs_tree; -+ /* This is a tree root, so everything starts at objectid 256 */ -+ key->object_id = grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK); -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ } -+ else -+ { -+ *type = GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY; -+ *tree = data->sblock.root_tree; -+ key->object_id = data->sblock.root_dir_objectid; -+ key->type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key->offset = 0; -+ follow_default = 1; -+ } - } - else - { -@@ -2716,6 +2760,7 @@ GRUB_MOD_INIT (btrfs) - subvolid_set_env); - grub_env_export ("btrfs_subvol"); - grub_env_export ("btrfs_subvolid"); -+ grub_env_export ("btrfs_relative_path"); - } - - GRUB_MOD_FINI (btrfs) diff --git a/0047-grub2-btrfs-04-grub2-install.patch b/0047-grub2-btrfs-04-grub2-install.patch deleted file mode 100644 index 451f61d780cd7dfa8976bf4b7ae4611937b0f140..0000000000000000000000000000000000000000 --- a/0047-grub2-btrfs-04-grub2-install.patch +++ /dev/null @@ -1,176 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH] grub2-btrfs-04-grub2-install - -Signed-off-by: Michael Chang -Signed-off-by: Robbie Harwood ---- - grub-core/osdep/linux/getroot.c | 7 +++++++ - grub-core/osdep/unix/config.c | 17 +++++++++++++++-- - util/config.c | 10 ++++++++++ - util/grub-install.c | 15 +++++++++++++++ - util/grub-mkrelpath.c | 6 ++++++ - include/grub/emu/config.h | 1 + - 6 files changed, 54 insertions(+), 2 deletions(-) - -diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c -index 001b818fe58..caf9b1ccd3f 100644 ---- a/grub-core/osdep/linux/getroot.c -+++ b/grub-core/osdep/linux/getroot.c -@@ -376,6 +376,7 @@ get_btrfs_fs_prefix (const char *mount_path) - return NULL; - } - -+int use_relative_path_on_btrfs = 0; - - char ** - grub_find_root_devices_from_mountinfo (const char *dir, char **relroot) -@@ -519,6 +520,12 @@ again: - { - ret = grub_find_root_devices_from_btrfs (dir); - fs_prefix = get_btrfs_fs_prefix (entries[i].enc_path); -+ if (use_relative_path_on_btrfs) -+ { -+ if (fs_prefix) -+ free (fs_prefix); -+ fs_prefix = xstrdup ("/"); -+ } - } - else if (!retry && grub_strcmp (entries[i].fstype, "autofs") == 0) - { -diff --git a/grub-core/osdep/unix/config.c b/grub-core/osdep/unix/config.c -index 7d6325138ce..46a881530c0 100644 ---- a/grub-core/osdep/unix/config.c -+++ b/grub-core/osdep/unix/config.c -@@ -82,6 +82,19 @@ grub_util_load_config (struct grub_util_config *cfg) - if (v) - cfg->grub_distributor = xstrdup (v); - -+ v = getenv ("SUSE_BTRFS_SNAPSHOT_BOOTING"); -+ if (v) -+ { -+ if (grub_strncmp(v, "true", sizeof ("true") - 1) == 0) -+ { -+ cfg->is_suse_btrfs_snapshot_enabled = 1; -+ } -+ else -+ { -+ cfg->is_suse_btrfs_snapshot_enabled = 0; -+ } -+ } -+ - cfgfile = grub_util_get_config_filename (); - if (!grub_util_is_regular (cfgfile)) - return; -@@ -105,8 +118,8 @@ grub_util_load_config (struct grub_util_config *cfg) - *ptr++ = *iptr; - } - -- strcpy (ptr, "'; printf \"GRUB_ENABLE_CRYPTODISK=%s\\nGRUB_DISTRIBUTOR=%s\\n\" " -- "\"$GRUB_ENABLE_CRYPTODISK\" \"$GRUB_DISTRIBUTOR\""); -+ strcpy (ptr, "'; printf \"GRUB_ENABLE_CRYPTODISK=%s\\nGRUB_DISTRIBUTOR=%s\\nSUSE_BTRFS_SNAPSHOT_BOOTING=%s\\n\" " -+ "\"$GRUB_ENABLE_CRYPTODISK\" \"$GRUB_DISTRIBUTOR\" \"$SUSE_BTRFS_SNAPSHOT_BOOTING\""); - - argv[2] = script; - argv[3] = '\0'; -diff --git a/util/config.c b/util/config.c -index ebcdd8f5e22..f044a880a76 100644 ---- a/util/config.c -+++ b/util/config.c -@@ -42,6 +42,16 @@ grub_util_parse_config (FILE *f, struct grub_util_config *cfg, int simple) - cfg->is_cryptodisk_enabled = 1; - continue; - } -+ if (grub_strncmp (ptr, "SUSE_BTRFS_SNAPSHOT_BOOTING=", -+ sizeof ("SUSE_BTRFS_SNAPSHOT_BOOTING=") - 1) == 0) -+ { -+ ptr += sizeof ("SUSE_BTRFS_SNAPSHOT_BOOTING=") - 1; -+ if (*ptr == '"' || *ptr == '\'') -+ ptr++; -+ if (grub_strncmp(ptr, "true", sizeof ("true") - 1) == 0) -+ cfg->is_suse_btrfs_snapshot_enabled = 1; -+ continue; -+ } - if (grub_strncmp (ptr, "GRUB_DISTRIBUTOR=", - sizeof ("GRUB_DISTRIBUTOR=") - 1) == 0) - { -diff --git a/util/grub-install.c b/util/grub-install.c -index 0fbe7f78c6d..0f66f36d23a 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -827,6 +827,8 @@ fill_core_services (const char *core_services) - free (sysv_plist); - } - -+extern int use_relative_path_on_btrfs; -+ - int - main (int argc, char *argv[]) - { -@@ -860,6 +862,9 @@ main (int argc, char *argv[]) - - grub_util_load_config (&config); - -+ if (config.is_suse_btrfs_snapshot_enabled) -+ use_relative_path_on_btrfs = 1; -+ - if (!bootloader_id && config.grub_distributor) - { - char *ptr; -@@ -1352,6 +1357,16 @@ main (int argc, char *argv[]) - fprintf (load_cfg_f, "set debug='%s'\n", - debug_image); - } -+ -+ if (config.is_suse_btrfs_snapshot_enabled -+ && grub_strncmp(grub_fs->name, "btrfs", sizeof ("btrfs") - 1) == 0) -+ { -+ if (!load_cfg_f) -+ load_cfg_f = grub_util_fopen (load_cfg, "wb"); -+ have_load_cfg = 1; -+ fprintf (load_cfg_f, "set btrfs_relative_path='y'\n"); -+ } -+ - char *prefix_drive = NULL; - char *install_drive = NULL; - -diff --git a/util/grub-mkrelpath.c b/util/grub-mkrelpath.c -index 47a241a391b..5db7a9a7d97 100644 ---- a/util/grub-mkrelpath.c -+++ b/util/grub-mkrelpath.c -@@ -40,9 +40,12 @@ struct arguments - }; - - static struct argp_option options[] = { -+ {"relative", 'r', 0, 0, "use relative path on btrfs", 0}, - { 0, 0, 0, 0, 0, 0 } - }; - -+extern int use_relative_path_on_btrfs; -+ - static error_t - argp_parser (int key, char *arg, struct argp_state *state) - { -@@ -52,6 +55,9 @@ argp_parser (int key, char *arg, struct argp_state *state) - - switch (key) - { -+ case 'r': -+ use_relative_path_on_btrfs = 1; -+ break; - case ARGP_KEY_ARG: - if (state->arg_num == 0) - arguments->pathname = xstrdup (arg); -diff --git a/include/grub/emu/config.h b/include/grub/emu/config.h -index 875d5896ce1..c9a7e5f4ade 100644 ---- a/include/grub/emu/config.h -+++ b/include/grub/emu/config.h -@@ -37,6 +37,7 @@ struct grub_util_config - { - int is_cryptodisk_enabled; - char *grub_distributor; -+ int is_suse_btrfs_snapshot_enabled; - }; - - void diff --git a/0048-grub2-btrfs-05-grub2-mkconfig.patch b/0048-grub2-btrfs-05-grub2-mkconfig.patch deleted file mode 100644 index 5afd183c44202ee43274d1dbd83bc6d1f8396b45..0000000000000000000000000000000000000000 --- a/0048-grub2-btrfs-05-grub2-mkconfig.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Thu, 21 Aug 2014 03:39:11 +0000 -Subject: [PATCH] grub2-btrfs-05-grub2-mkconfig - -Signed-off-by: Michael Chang ---- - util/grub-mkconfig.in | 3 ++- - util/grub-mkconfig_lib.in | 4 ++++ - util/grub.d/00_header.in | 25 ++++++++++++++++++++++++- - util/grub.d/10_linux.in | 4 ++++ - util/grub.d/20_linux_xen.in | 4 ++++ - 5 files changed, 38 insertions(+), 2 deletions(-) - -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 005f093809b..535c0f02499 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -252,7 +252,8 @@ export GRUB_DEFAULT \ - GRUB_BADRAM \ - GRUB_OS_PROBER_SKIP_LIST \ - GRUB_DISABLE_SUBMENU \ -- GRUB_DEFAULT_DTB -+ GRUB_DEFAULT_DTB \ -+ SUSE_BTRFS_SNAPSHOT_BOOTING - - if test "x${grub_cfg}" != "x"; then - rm -f "${grub_cfg}.new" -diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in -index 42c2ea9ba50..fafeac95061 100644 ---- a/util/grub-mkconfig_lib.in -+++ b/util/grub-mkconfig_lib.in -@@ -52,7 +52,11 @@ grub_warn () - - make_system_path_relative_to_its_root () - { -+ if [ "x${SUSE_BTRFS_SNAPSHOT_BOOTING}" = "xtrue" ] ; then -+ "${grub_mkrelpath}" -r "$1" -+ else - "${grub_mkrelpath}" "$1" -+ fi - } - - is_path_readable_by_grub () -diff --git a/util/grub.d/00_header.in b/util/grub.d/00_header.in -index 858b526c925..de727e6ee6b 100644 ---- a/util/grub.d/00_header.in -+++ b/util/grub.d/00_header.in -@@ -27,6 +27,14 @@ export TEXTDOMAINDIR="@localedir@" - - . "$pkgdatadir/grub-mkconfig_lib" - -+if [ "x${SUSE_BTRFS_SNAPSHOT_BOOTING}" = "xtrue" ] && -+ [ "x${GRUB_FS}" = "xbtrfs" ] ; then -+ cat </dev/null || true` -diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in -index ada20775a14..e9e73b815fb 100644 ---- a/util/grub.d/20_linux_xen.in -+++ b/util/grub.d/20_linux_xen.in -@@ -73,10 +73,14 @@ fi - - case x"$GRUB_FS" in - xbtrfs) -+ if [ "x${SUSE_BTRFS_SNAPSHOT_BOOTING}" = "xtrue" ]; then -+ GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX} \${extra_cmdline}" -+ else - rootsubvol="`make_system_path_relative_to_its_root /`" - rootsubvol="${rootsubvol#/}" - if [ "x${rootsubvol}" != x ]; then - GRUB_CMDLINE_LINUX="rootflags=subvol=${rootsubvol} ${GRUB_CMDLINE_LINUX}" -+ fi - fi;; - xzfs) - rpool=`${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true` diff --git a/0049-grub2-btrfs-06-subvol-mount.patch b/0049-grub2-btrfs-06-subvol-mount.patch deleted file mode 100644 index 14117ab41c518ee2c2e4ab2e159ea004c568904e..0000000000000000000000000000000000000000 --- a/0049-grub2-btrfs-06-subvol-mount.patch +++ /dev/null @@ -1,539 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Tue, 9 Jul 2019 13:56:16 +0200 -Subject: [PATCH] grub2-btrfs-06-subvol-mount - -Signed-off-by: Michael Chang -Signed-off-by: Robbie Harwood ---- - grub-core/fs/btrfs.c | 195 +++++++++++++++++++++++++++++++++++++++- - grub-core/osdep/linux/getroot.c | 148 +++++++++++++++++++++++++++++- - util/grub-install.c | 49 ++++++++++ - include/grub/emu/getroot.h | 5 ++ - 4 files changed, 392 insertions(+), 5 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 113c1f746c9..d323746ecfa 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -41,6 +41,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -266,6 +267,12 @@ static grub_err_t - grub_btrfs_read_logical (struct grub_btrfs_data *data, - grub_disk_addr_t addr, void *buf, grub_size_t size, - int recursion_depth); -+static grub_err_t -+get_root (struct grub_btrfs_data *data, struct grub_btrfs_key *key, -+ grub_uint64_t *tree, grub_uint8_t *type); -+ -+grub_uint64_t -+find_mtab_subvol_tree (const char *path, char **path_in_subvol); - - static grub_err_t - read_sblock (grub_disk_t disk, struct grub_btrfs_superblock *sb) -@@ -1223,9 +1230,26 @@ lookup_root_by_name(struct grub_btrfs_data *data, const char *path) - grub_err_t err; - grub_uint64_t tree = 0; - grub_uint8_t type; -+ grub_uint64_t saved_tree; - struct grub_btrfs_key key; - -+ if (path[0] == '\0') -+ { -+ data->fs_tree = 0; -+ return GRUB_ERR_NONE; -+ } -+ -+ err = get_root (data, &key, &tree, &type); -+ if (err) -+ return err; -+ -+ saved_tree = data->fs_tree; -+ data->fs_tree = tree; -+ - err = find_path (data, path, &key, &tree, &type); -+ -+ data->fs_tree = saved_tree; -+ - if (err) - return grub_error(GRUB_ERR_FILE_NOT_FOUND, "couldn't locate %s\n", path); - -@@ -2199,11 +2223,20 @@ grub_btrfs_dir (grub_device_t device, const char *path, - int r = 0; - grub_uint64_t tree; - grub_uint8_t type; -+ char *new_path = NULL; - - if (!data) - return grub_errno; - -- err = find_path (data, path, &key_in, &tree, &type); -+ tree = find_mtab_subvol_tree (path, &new_path); -+ -+ if (tree) -+ data->fs_tree = tree; -+ -+ err = find_path (data, new_path ? new_path : path, &key_in, &tree, &type); -+ if (new_path) -+ grub_free (new_path); -+ - if (err) - { - grub_btrfs_unmount (data); -@@ -2305,11 +2338,21 @@ grub_btrfs_open (struct grub_file *file, const char *name) - struct grub_btrfs_inode inode; - grub_uint8_t type; - struct grub_btrfs_key key_in; -+ grub_uint64_t tree; -+ char *new_path = NULL; - - if (!data) - return grub_errno; - -- err = find_path (data, name, &key_in, &data->tree, &type); -+ tree = find_mtab_subvol_tree (name, &new_path); -+ -+ if (tree) -+ data->fs_tree = tree; -+ -+ err = find_path (data, new_path ? new_path : name, &key_in, &data->tree, &type); -+ if (new_path) -+ grub_free (new_path); -+ - if (err) - { - grub_btrfs_unmount (data); -@@ -2480,6 +2523,150 @@ grub_cmd_btrfs_info (grub_command_t cmd __attribute__ ((unused)), int argc, - return 0; - } - -+struct grub_btrfs_mtab -+{ -+ struct grub_btrfs_mtab *next; -+ struct grub_btrfs_mtab **prev; -+ char *path; -+ char *subvol; -+ grub_uint64_t tree; -+}; -+ -+typedef struct grub_btrfs_mtab* grub_btrfs_mtab_t; -+ -+static struct grub_btrfs_mtab *btrfs_mtab; -+ -+#define FOR_GRUB_MTAB(var) FOR_LIST_ELEMENTS (var, btrfs_mtab) -+#define FOR_GRUB_MTAB_SAFE(var, next) FOR_LIST_ELEMENTS_SAFE((var), (next), btrfs_mtab) -+ -+static void -+add_mountpoint (const char *path, const char *subvol, grub_uint64_t tree) -+{ -+ grub_btrfs_mtab_t m = grub_malloc (sizeof (*m)); -+ -+ m->path = grub_strdup (path); -+ m->subvol = grub_strdup (subvol); -+ m->tree = tree; -+ grub_list_push (GRUB_AS_LIST_P (&btrfs_mtab), GRUB_AS_LIST (m)); -+} -+ -+static grub_err_t -+grub_cmd_btrfs_mount_subvol (grub_command_t cmd __attribute__ ((unused)), int argc, -+ char **argv) -+{ -+ char *devname, *dirname, *subvol; -+ struct grub_btrfs_key key_in; -+ grub_uint8_t type; -+ grub_uint64_t tree; -+ grub_uint64_t saved_tree; -+ grub_err_t err; -+ struct grub_btrfs_data *data = NULL; -+ grub_device_t dev = NULL; -+ -+ if (argc < 3) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "required and "); -+ -+ devname = grub_file_get_device_name(argv[0]); -+ dev = grub_device_open (devname); -+ grub_free (devname); -+ -+ if (!dev) -+ { -+ err = grub_errno; -+ goto err_out; -+ } -+ -+ dirname = argv[1]; -+ subvol = argv[2]; -+ -+ data = grub_btrfs_mount (dev); -+ if (!data) -+ { -+ err = grub_errno; -+ goto err_out; -+ } -+ -+ err = find_path (data, dirname, &key_in, &tree, &type); -+ if (err) -+ goto err_out; -+ -+ if (type != GRUB_BTRFS_DIR_ITEM_TYPE_DIRECTORY) -+ { -+ err = grub_error (GRUB_ERR_BAD_FILE_TYPE, N_("not a directory")); -+ goto err_out; -+ } -+ -+ err = get_root (data, &key_in, &tree, &type); -+ -+ if (err) -+ goto err_out; -+ -+ saved_tree = data->fs_tree; -+ data->fs_tree = tree; -+ err = find_path (data, subvol, &key_in, &tree, &type); -+ data->fs_tree = saved_tree; -+ -+ if (err) -+ goto err_out; -+ -+ if (key_in.object_id != grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK) || tree == 0) -+ { -+ err = grub_error (GRUB_ERR_BAD_FILE_TYPE, "%s: not a subvolume\n", subvol); -+ goto err_out; -+ } -+ -+ grub_btrfs_unmount (data); -+ grub_device_close (dev); -+ add_mountpoint (dirname, subvol, tree); -+ -+ return GRUB_ERR_NONE; -+ -+err_out: -+ -+ if (data) -+ grub_btrfs_unmount (data); -+ -+ if (dev) -+ grub_device_close (dev); -+ -+ return err; -+} -+ -+grub_uint64_t -+find_mtab_subvol_tree (const char *path, char **path_in_subvol) -+{ -+ grub_btrfs_mtab_t m, cm; -+ grub_uint64_t tree; -+ -+ if (!path || !path_in_subvol) -+ return 0; -+ -+ *path_in_subvol = NULL; -+ tree = 0; -+ cm = NULL; -+ -+ FOR_GRUB_MTAB (m) -+ { -+ if (grub_strncmp (path, m->path, grub_strlen (m->path)) == 0) -+ { -+ if (!cm) -+ cm = m; -+ else -+ if (grub_strcmp (m->path, cm->path) > 0) -+ cm = m; -+ } -+ } -+ -+ if (cm) -+ { -+ const char *s = path + grub_strlen (cm->path); -+ *path_in_subvol = (s[0] == '\0') ? grub_strdup ("/") : grub_strdup (s); -+ tree = cm->tree; -+ } -+ -+ return tree; -+} -+ - static grub_err_t - get_fs_root(struct grub_btrfs_data *data, grub_uint64_t tree, - grub_uint64_t objectid, grub_uint64_t offset, -@@ -2686,6 +2873,7 @@ static struct grub_fs grub_btrfs_fs = { - }; - - static grub_command_t cmd_info; -+static grub_command_t cmd_mount_subvol; - static grub_extcmd_t cmd_list_subvols; - - static char * -@@ -2749,6 +2937,9 @@ GRUB_MOD_INIT (btrfs) - cmd_info = grub_register_command("btrfs-info", grub_cmd_btrfs_info, - "DEVICE", - "Print BtrFS info about DEVICE."); -+ cmd_mount_subvol = grub_register_command("btrfs-mount-subvol", grub_cmd_btrfs_mount_subvol, -+ "DEVICE DIRECTORY SUBVOL", -+ "Set btrfs DEVICE the DIRECTORY a mountpoint of SUBVOL."); - cmd_list_subvols = grub_register_extcmd("btrfs-list-subvols", - grub_cmd_btrfs_list_subvols, 0, - "[-p|-n] [-o var] DEVICE", -diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c -index caf9b1ccd3f..28790307e00 100644 ---- a/grub-core/osdep/linux/getroot.c -+++ b/grub-core/osdep/linux/getroot.c -@@ -107,6 +107,14 @@ struct btrfs_ioctl_search_key - grub_uint32_t unused[9]; - }; - -+struct btrfs_ioctl_search_header { -+ grub_uint64_t transid; -+ grub_uint64_t objectid; -+ grub_uint64_t offset; -+ grub_uint32_t type; -+ grub_uint32_t len; -+}; -+ - struct btrfs_ioctl_search_args { - struct btrfs_ioctl_search_key key; - grub_uint64_t buf[(4096 - sizeof(struct btrfs_ioctl_search_key)) -@@ -378,6 +386,109 @@ get_btrfs_fs_prefix (const char *mount_path) - - int use_relative_path_on_btrfs = 0; - -+static char * -+get_btrfs_subvol (const char *path) -+{ -+ struct btrfs_ioctl_ino_lookup_args args; -+ grub_uint64_t tree_id; -+ int fd = -1; -+ char *ret = NULL; -+ -+ fd = open (path, O_RDONLY); -+ -+ if (fd < 0) -+ return NULL; -+ -+ memset (&args, 0, sizeof(args)); -+ args.objectid = GRUB_BTRFS_TREE_ROOT_OBJECTID; -+ -+ if (ioctl (fd, BTRFS_IOC_INO_LOOKUP, &args) < 0) -+ goto error; -+ -+ tree_id = args.treeid; -+ -+ while (tree_id != GRUB_BTRFS_ROOT_VOL_OBJECTID) -+ { -+ struct btrfs_ioctl_search_args sargs; -+ struct grub_btrfs_root_backref *br; -+ struct btrfs_ioctl_search_header *search_header; -+ char *old; -+ grub_uint16_t len; -+ grub_uint64_t inode_id; -+ -+ memset (&sargs, 0, sizeof(sargs)); -+ -+ sargs.key.tree_id = 1; -+ sargs.key.min_objectid = tree_id; -+ sargs.key.max_objectid = tree_id; -+ -+ sargs.key.min_offset = 0; -+ sargs.key.max_offset = ~0ULL; -+ sargs.key.min_transid = 0; -+ sargs.key.max_transid = ~0ULL; -+ sargs.key.min_type = GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF; -+ sargs.key.max_type = GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF; -+ -+ sargs.key.nr_items = 1; -+ -+ if (ioctl (fd, BTRFS_IOC_TREE_SEARCH, &sargs) < 0) -+ goto error; -+ -+ if (sargs.key.nr_items == 0) -+ goto error; -+ -+ search_header = (struct btrfs_ioctl_search_header *)sargs.buf; -+ br = (struct grub_btrfs_root_backref *) (search_header + 1); -+ -+ len = grub_le_to_cpu16 (br->n); -+ inode_id = grub_le_to_cpu64 (br->inode_id); -+ tree_id = search_header->offset; -+ -+ old = ret; -+ ret = malloc (len + 1); -+ memcpy (ret, br->name, len); -+ ret[len] = '\0'; -+ -+ if (inode_id != GRUB_BTRFS_TREE_ROOT_OBJECTID) -+ { -+ char *s; -+ -+ memset(&args, 0, sizeof(args)); -+ args.treeid = search_header->offset; -+ args.objectid = inode_id; -+ -+ if (ioctl (fd, BTRFS_IOC_INO_LOOKUP, &args) < 0) -+ goto error; -+ -+ s = xasprintf ("%s%s", args.name, ret); -+ free (ret); -+ ret = s; -+ } -+ -+ if (old) -+ { -+ char *s = xasprintf ("%s/%s", ret, old); -+ free (ret); -+ free (old); -+ ret = s; -+ } -+ } -+ -+ close (fd); -+ return ret; -+ -+error: -+ -+ if (fd >= 0) -+ close (fd); -+ if (ret) -+ free (ret); -+ -+ return NULL; -+} -+ -+void (*grub_find_root_btrfs_mount_path_hook)(const char *mount_path); -+ - char ** - grub_find_root_devices_from_mountinfo (const char *dir, char **relroot) - { -@@ -519,12 +630,15 @@ again: - else if (grub_strcmp (entries[i].fstype, "btrfs") == 0) - { - ret = grub_find_root_devices_from_btrfs (dir); -- fs_prefix = get_btrfs_fs_prefix (entries[i].enc_path); - if (use_relative_path_on_btrfs) - { -- if (fs_prefix) -- free (fs_prefix); - fs_prefix = xstrdup ("/"); -+ if (grub_find_root_btrfs_mount_path_hook) -+ grub_find_root_btrfs_mount_path_hook (entries[i].enc_path); -+ } -+ else -+ { -+ fs_prefix = get_btrfs_fs_prefix (entries[i].enc_path); - } - } - else if (!retry && grub_strcmp (entries[i].fstype, "autofs") == 0) -@@ -1150,6 +1264,34 @@ grub_util_get_grub_dev_os (const char *os_dev) - return grub_dev; - } - -+ -+char * -+grub_util_get_btrfs_subvol (const char *path, char **mount_path) -+{ -+ char *mp = NULL; -+ -+ if (mount_path) -+ *mount_path = NULL; -+ -+ auto void -+ mount_path_hook (const char *m) -+ { -+ mp = strdup (m); -+ } -+ -+ grub_find_root_btrfs_mount_path_hook = mount_path_hook; -+ grub_free (grub_find_root_devices_from_mountinfo (path, NULL)); -+ grub_find_root_btrfs_mount_path_hook = NULL; -+ -+ if (!mp) -+ return NULL; -+ -+ if (mount_path) -+ *mount_path = mp; -+ -+ return get_btrfs_subvol (mp); -+} -+ - char * - grub_make_system_path_relative_to_its_root_os (const char *path) - { -diff --git a/util/grub-install.c b/util/grub-install.c -index 0f66f36d23a..84ed6e88ecb 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -1569,6 +1569,55 @@ main (int argc, char *argv[]) - prefix_drive = xasprintf ("(%s)", grub_drives[0]); - } - -+#ifdef __linux__ -+ -+ if (config.is_suse_btrfs_snapshot_enabled -+ && grub_strncmp(grub_fs->name, "btrfs", sizeof ("btrfs") - 1) == 0) -+ { -+ char *subvol = NULL; -+ char *mount_path = NULL; -+ char **rootdir_devices = NULL; -+ char *rootdir_path = grub_util_path_concat (2, "/", rootdir); -+ -+ if (grub_util_is_directory (rootdir_path)) -+ rootdir_devices = grub_guess_root_devices (rootdir_path); -+ -+ free (rootdir_path); -+ -+ if (rootdir_devices && rootdir_devices[0]) -+ if (grub_strcmp (rootdir_devices[0], grub_devices[0]) == 0) -+ subvol = grub_util_get_btrfs_subvol (platdir, &mount_path); -+ -+ if (subvol && mount_path) -+ { -+ char *def_subvol; -+ -+ def_subvol = grub_util_get_btrfs_subvol ("/", NULL); -+ -+ if (def_subvol) -+ { -+ if (!load_cfg_f) -+ load_cfg_f = grub_util_fopen (load_cfg, "wb"); -+ have_load_cfg = 1; -+ -+ if (grub_strcmp (subvol, def_subvol) != 0) -+ fprintf (load_cfg_f, "btrfs-mount-subvol ($root) %s %s\n", mount_path, subvol); -+ free (def_subvol); -+ } -+ } -+ -+ for (curdev = rootdir_devices; *curdev; curdev++) -+ free (*curdev); -+ if (rootdir_devices) -+ free (rootdir_devices); -+ if (subvol) -+ free (subvol); -+ if (mount_path) -+ free (mount_path); -+ } -+ -+#endif -+ - char mkimage_target[200]; - const char *core_name = NULL; - -diff --git a/include/grub/emu/getroot.h b/include/grub/emu/getroot.h -index 73fa2d34abb..9c642ae3fe3 100644 ---- a/include/grub/emu/getroot.h -+++ b/include/grub/emu/getroot.h -@@ -53,6 +53,11 @@ char ** - grub_find_root_devices_from_mountinfo (const char *dir, char **relroot); - #endif - -+#ifdef __linux__ -+char * -+grub_util_get_btrfs_subvol (const char *path, char **mount_path); -+#endif -+ - /* Devmapper functions provided by getroot_devmapper.c. */ - void - grub_util_pull_devmapper (const char *os_dev); diff --git a/0050-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch b/0050-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch deleted file mode 100644 index b02ab53fe8d4baa00e6eafc71f181591ec0c7cbd..0000000000000000000000000000000000000000 --- a/0050-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Andrei Borzenkov -Date: Tue, 21 Jun 2016 16:44:17 +0000 -Subject: [PATCH] Fallback to old subvol name scheme to support old snapshot - config - -Ref: bsc#953538 ---- - grub-core/fs/btrfs.c | 32 +++++++++++++++++++++++++++++++- - 1 file changed, 31 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index d323746ecfa..673ded03522 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -1260,11 +1260,41 @@ lookup_root_by_name(struct grub_btrfs_data *data, const char *path) - return GRUB_ERR_NONE; - } - -+static grub_err_t -+lookup_root_by_name_fallback(struct grub_btrfs_data *data, const char *path) -+{ -+ grub_err_t err; -+ grub_uint64_t tree = 0; -+ grub_uint8_t type; -+ struct grub_btrfs_key key; -+ -+ err = find_path (data, path, &key, &tree, &type); -+ if (err) -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, "couldn't locate %s\n", path); -+ -+ if (key.object_id != grub_cpu_to_le64_compile_time (GRUB_BTRFS_OBJECT_ID_CHUNK) || tree == 0) -+ return grub_error(GRUB_ERR_BAD_FILE_TYPE, "%s: not a subvolume\n", path); -+ -+ data->fs_tree = tree; -+ return GRUB_ERR_NONE; -+} -+ - static grub_err_t - btrfs_handle_subvol(struct grub_btrfs_data *data __attribute__ ((unused))) - { - if (btrfs_default_subvol) -- return lookup_root_by_name(data, btrfs_default_subvol); -+ { -+ grub_err_t err; -+ err = lookup_root_by_name(data, btrfs_default_subvol); -+ -+ /* Fallback to old schemes */ -+ if (err == GRUB_ERR_FILE_NOT_FOUND) -+ { -+ err = GRUB_ERR_NONE; -+ return lookup_root_by_name_fallback(data, btrfs_default_subvol); -+ } -+ return err; -+ } - - if (btrfs_default_subvolid) - return lookup_root_by_id(data, btrfs_default_subvolid); diff --git a/0051-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch b/0051-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch deleted file mode 100644 index b54b1960f4b8bcf4dabb0af37c969abc0f6bba5f..0000000000000000000000000000000000000000 --- a/0051-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch +++ /dev/null @@ -1,274 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Thu, 11 May 2017 08:56:57 +0000 -Subject: [PATCH] Grub not working correctly with btrfs snapshots (bsc#1026511) - -Signed-off-by: Michael Chang -Signed-off-by: Robbie Harwood ---- - grub-core/fs/btrfs.c | 238 +++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 238 insertions(+) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 673ded03522..2b21cbaa67e 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -2887,6 +2887,238 @@ out: - return 0; - } - -+static grub_err_t -+grub_btrfs_get_parent_subvol_path (struct grub_btrfs_data *data, -+ grub_uint64_t child_id, -+ const char *child_path, -+ grub_uint64_t *parent_id, -+ char **path_out) -+{ -+ grub_uint64_t fs_root = 0; -+ struct grub_btrfs_key key_in = { -+ .object_id = child_id, -+ .type = GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF, -+ .offset = 0, -+ }, key_out; -+ struct grub_btrfs_root_ref *ref; -+ char *buf; -+ struct grub_btrfs_leaf_descriptor desc; -+ grub_size_t elemsize; -+ grub_disk_addr_t elemaddr; -+ grub_err_t err; -+ char *parent_path; -+ -+ *parent_id = 0; -+ *path_out = 0; -+ -+ err = lower_bound(data, &key_in, &key_out, data->sblock.root_tree, -+ &elemaddr, &elemsize, &desc, 0); -+ if (err) -+ return err; -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF || elemaddr == 0) -+ next(data, &desc, &elemaddr, &elemsize, &key_out); -+ -+ if (key_out.type != GRUB_BTRFS_ITEM_TYPE_ROOT_BACKREF) -+ { -+ free_iterator(&desc); -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, N_("can't find root backrefs")); -+ } -+ -+ buf = grub_malloc(elemsize + 1); -+ if (!buf) -+ { -+ free_iterator(&desc); -+ return grub_errno; -+ } -+ -+ err = grub_btrfs_read_logical(data, elemaddr, buf, elemsize, 0); -+ if (err) -+ { -+ grub_free(buf); -+ free_iterator(&desc); -+ return err; -+ } -+ -+ buf[elemsize] = 0; -+ ref = (struct grub_btrfs_root_ref *)buf; -+ -+ err = get_fs_root(data, data->sblock.root_tree, grub_le_to_cpu64 (key_out.offset), -+ 0, &fs_root); -+ if (err) -+ { -+ grub_free(buf); -+ free_iterator(&desc); -+ return err; -+ } -+ -+ find_pathname(data, grub_le_to_cpu64 (ref->dirid), fs_root, ref->name, &parent_path); -+ -+ if (child_path) -+ { -+ *path_out = grub_xasprintf ("%s/%s", parent_path, child_path); -+ grub_free (parent_path); -+ } -+ else -+ *path_out = parent_path; -+ -+ *parent_id = grub_le_to_cpu64 (key_out.offset); -+ -+ grub_free(buf); -+ free_iterator(&desc); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_btrfs_get_default_subvolume_id (struct grub_btrfs_data *data, grub_uint64_t *id) -+{ -+ grub_err_t err; -+ grub_disk_addr_t elemaddr; -+ grub_size_t elemsize; -+ struct grub_btrfs_key key, key_out; -+ struct grub_btrfs_dir_item *direl = NULL; -+ const char *ctoken = "default"; -+ grub_size_t ctokenlen = sizeof ("default") - 1; -+ -+ *id = 0; -+ key.object_id = data->sblock.root_dir_objectid; -+ key.type = GRUB_BTRFS_ITEM_TYPE_DIR_ITEM; -+ key.offset = grub_cpu_to_le64 (~grub_getcrc32c (1, ctoken, ctokenlen)); -+ err = lower_bound (data, &key, &key_out, data->sblock.root_tree, &elemaddr, &elemsize, -+ NULL, 0); -+ if (err) -+ return err; -+ -+ if (key_cmp (&key, &key_out) != 0) -+ return grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("file not found")); -+ -+ struct grub_btrfs_dir_item *cdirel; -+ direl = grub_malloc (elemsize + 1); -+ err = grub_btrfs_read_logical (data, elemaddr, direl, elemsize, 0); -+ if (err) -+ { -+ grub_free (direl); -+ return err; -+ } -+ for (cdirel = direl; -+ (grub_uint8_t *) cdirel - (grub_uint8_t *) direl -+ < (grub_ssize_t) elemsize; -+ cdirel = (void *) ((grub_uint8_t *) (direl + 1) -+ + grub_le_to_cpu16 (cdirel->n) -+ + grub_le_to_cpu16 (cdirel->m))) -+ { -+ if (ctokenlen == grub_le_to_cpu16 (cdirel->n) -+ && grub_memcmp (cdirel->name, ctoken, ctokenlen) == 0) -+ break; -+ } -+ if ((grub_uint8_t *) cdirel - (grub_uint8_t *) direl -+ >= (grub_ssize_t) elemsize) -+ { -+ grub_free (direl); -+ err = grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("file not found")); -+ return err; -+ } -+ -+ if (cdirel->key.type != GRUB_BTRFS_ITEM_TYPE_ROOT_ITEM) -+ { -+ grub_free (direl); -+ err = grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("file not found")); -+ return err; -+ } -+ -+ *id = grub_le_to_cpu64 (cdirel->key.object_id); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_btrfs_get_default_subvol (struct grub_extcmd_context *ctxt, -+ int argc, char **argv) -+{ -+ char *devname; -+ grub_device_t dev; -+ struct grub_btrfs_data *data; -+ grub_err_t err; -+ grub_uint64_t id; -+ char *subvol = NULL; -+ grub_uint64_t subvolid = 0; -+ char *varname = NULL; -+ char *output = NULL; -+ int path_only = ctxt->state[1].set; -+ int num_only = ctxt->state[2].set; -+ -+ if (ctxt->state[0].set) -+ varname = ctxt->state[0].arg; -+ -+ if (argc < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required"); -+ -+ devname = grub_file_get_device_name(argv[0]); -+ if (!devname) -+ return grub_errno; -+ -+ dev = grub_device_open (devname); -+ grub_free (devname); -+ if (!dev) -+ return grub_errno; -+ -+ data = grub_btrfs_mount(dev); -+ if (!data) -+ { -+ grub_device_close (dev); -+ grub_dprintf ("btrfs", "failed to open fs\n"); -+ grub_errno = GRUB_ERR_NONE; -+ return 0; -+ } -+ -+ err = grub_btrfs_get_default_subvolume_id (data, &subvolid); -+ if (err) -+ { -+ grub_btrfs_unmount (data); -+ grub_device_close (dev); -+ return err; -+ } -+ -+ id = subvolid; -+ while (id != GRUB_BTRFS_ROOT_VOL_OBJECTID) -+ { -+ grub_uint64_t parent_id; -+ char *path_out; -+ -+ err = grub_btrfs_get_parent_subvol_path (data, grub_cpu_to_le64 (id), subvol, &parent_id, &path_out); -+ if (err) -+ { -+ grub_btrfs_unmount (data); -+ grub_device_close (dev); -+ return err; -+ } -+ -+ if (subvol) -+ grub_free (subvol); -+ subvol = path_out; -+ id = parent_id; -+ } -+ -+ if (num_only && path_only) -+ output = grub_xasprintf ("%"PRIuGRUB_UINT64_T" /%s", subvolid, subvol); -+ else if (num_only) -+ output = grub_xasprintf ("%"PRIuGRUB_UINT64_T, subvolid); -+ else -+ output = grub_xasprintf ("/%s", subvol); -+ -+ if (varname) -+ grub_env_set(varname, output); -+ else -+ grub_printf ("%s\n", output); -+ -+ grub_free (output); -+ grub_free (subvol); -+ -+ grub_btrfs_unmount (data); -+ grub_device_close (dev); -+ -+ return GRUB_ERR_NONE; -+} -+ - static struct grub_fs grub_btrfs_fs = { - .name = "btrfs", - .fs_dir = grub_btrfs_dir, -@@ -2905,6 +3137,7 @@ static struct grub_fs grub_btrfs_fs = { - static grub_command_t cmd_info; - static grub_command_t cmd_mount_subvol; - static grub_extcmd_t cmd_list_subvols; -+static grub_extcmd_t cmd_get_default_subvol; - - static char * - subvolid_set_env (struct grub_env_var *var __attribute__ ((unused)), -@@ -2975,6 +3208,11 @@ GRUB_MOD_INIT (btrfs) - "[-p|-n] [-o var] DEVICE", - "Print list of BtrFS subvolumes on " - "DEVICE.", options); -+ cmd_get_default_subvol = grub_register_extcmd("btrfs-get-default-subvol", -+ grub_cmd_btrfs_get_default_subvol, 0, -+ "[-p|-n] [-o var] DEVICE", -+ "Print default BtrFS subvolume on " -+ "DEVICE.", options); - grub_register_variable_hook ("btrfs_subvol", subvol_get_env, - subvol_set_env); - grub_register_variable_hook ("btrfs_subvolid", subvolid_get_env, diff --git a/0052-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch b/0052-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch deleted file mode 100644 index bde70969087d1b5d1951eb0fc631af3ec7caeca9..0000000000000000000000000000000000000000 --- a/0052-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 1 Jun 2017 09:59:56 -0400 -Subject: [PATCH] Add grub_efi_allocate_pool() and grub_efi_free_pool() - wrappers. - -Signed-off-by: Peter Jones ---- - include/grub/efi/efi.h | 36 ++++++++++++++++++++++++++++++++---- - 1 file changed, 32 insertions(+), 4 deletions(-) - -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 585fa6662b6..03f9a9d0118 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -24,6 +24,10 @@ - #include - #include - -+/* Variables. */ -+extern grub_efi_system_table_t *EXPORT_VAR(grub_efi_system_table); -+extern grub_efi_handle_t EXPORT_VAR(grub_efi_image_handle); -+ - /* Functions. */ - void *EXPORT_FUNC(grub_efi_locate_protocol) (grub_efi_guid_t *protocol, - void *registration); -@@ -60,6 +64,33 @@ EXPORT_FUNC(grub_efi_get_memory_map) (grub_efi_uintn_t *memory_map_size, - grub_efi_uintn_t *descriptor_size, - grub_efi_uint32_t *descriptor_version); - void grub_efi_memory_fini (void); -+ -+static inline grub_efi_status_t -+__attribute__((__unused__)) -+grub_efi_allocate_pool (grub_efi_memory_type_t pool_type, -+ grub_efi_uintn_t buffer_size, -+ void **buffer) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_status_t status; -+ -+ b = grub_efi_system_table->boot_services; -+ status = efi_call_3 (b->allocate_pool, pool_type, buffer_size, buffer); -+ return status; -+} -+ -+static inline grub_efi_status_t -+__attribute__((__unused__)) -+grub_efi_free_pool (void *buffer) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_status_t status; -+ -+ b = grub_efi_system_table->boot_services; -+ status = efi_call_1 (b->free_pool, buffer); -+ return status; -+} -+ - grub_efi_loaded_image_t *EXPORT_FUNC(grub_efi_get_loaded_image) (grub_efi_handle_t image_handle); - void EXPORT_FUNC(grub_efi_print_device_path) (grub_efi_device_path_t *dp); - char *EXPORT_FUNC(grub_efi_get_filename) (grub_efi_device_path_t *dp); -@@ -115,10 +146,7 @@ void grub_efi_init (void); - void grub_efi_fini (void); - void grub_efi_set_prefix (void); - --/* Variables. */ --extern grub_efi_system_table_t *EXPORT_VAR(grub_efi_system_table); --extern grub_efi_handle_t EXPORT_VAR(grub_efi_image_handle); -- -+/* More variables. */ - extern int EXPORT_VAR(grub_efi_is_finished); - - struct grub_net_card; diff --git a/0053-Use-grub_efi_.-memory-helpers-where-reasonable.patch b/0053-Use-grub_efi_.-memory-helpers-where-reasonable.patch deleted file mode 100644 index ccdf28298823bdb8e9f280bcdbdf052c7c88d256..0000000000000000000000000000000000000000 --- a/0053-Use-grub_efi_.-memory-helpers-where-reasonable.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 1 Jun 2017 10:06:38 -0400 -Subject: [PATCH] Use grub_efi_...() memory helpers where reasonable. - -This uses grub_efi_allocate_pool(), grub_efi_free_pool(), and -grub_efi_free_pages() instead of open-coded efi_call_N() calls, so we -get more reasonable type checking. - -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/chainloader.c | 24 +++++++++--------------- - 1 file changed, 9 insertions(+), 15 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 07c4937898d..89ac84cc663 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -65,7 +65,7 @@ grub_chainloader_unload (void) - - b = grub_efi_system_table->boot_services; - efi_call_1 (b->unload_image, image_handle); -- efi_call_2 (b->free_pages, address, pages); -+ grub_efi_free_pages (address, pages); - - grub_free (file_path); - grub_free (cmdline); -@@ -108,7 +108,7 @@ grub_chainloader_boot (void) - } - - if (exit_data) -- efi_call_1 (b->free_pool, exit_data); -+ grub_efi_free_pool (exit_data); - - grub_loader_unset (); - -@@ -527,10 +527,9 @@ grub_efi_get_media_file_path (grub_efi_device_path_t *dp) - static grub_efi_boolean_t - handle_image (void *data, grub_efi_uint32_t datasize) - { -- grub_efi_boot_services_t *b; - grub_efi_loaded_image_t *li, li_bak; - grub_efi_status_t efi_status; -- char *buffer = NULL; -+ void *buffer = NULL; - char *buffer_aligned = NULL; - grub_efi_uint32_t i; - struct grub_pe32_section_table *section; -@@ -541,8 +540,6 @@ handle_image (void *data, grub_efi_uint32_t datasize) - int found_entry_point = 0; - int rc; - -- b = grub_efi_system_table->boot_services; -- - rc = read_header (data, datasize, &context); - if (rc < 0) - { -@@ -582,8 +579,8 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_dprintf ("chain", "image size is %08"PRIxGRUB_UINT64_T", datasize is %08x\n", - context.image_size, datasize); - -- efi_status = efi_call_3 (b->allocate_pool, GRUB_EFI_LOADER_DATA, -- buffer_size, &buffer); -+ efi_status = grub_efi_allocate_pool (GRUB_EFI_LOADER_DATA, buffer_size, -+ &buffer); - - if (efi_status != GRUB_EFI_SUCCESS) - { -@@ -815,14 +812,14 @@ handle_image (void *data, grub_efi_uint32_t datasize) - - grub_dprintf ("chain", "entry_point returned %ld\n", efi_status); - grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); -- efi_status = efi_call_1 (b->free_pool, buffer); -+ efi_status = grub_efi_free_pool (buffer); - - return 1; - - error_exit: - grub_dprintf ("chain", "error_exit: grub_errno: %d\n", grub_errno); - if (buffer) -- efi_call_1 (b->free_pool, buffer); -+ grub_efi_free_pool (buffer); - - return 0; - } -@@ -830,10 +827,7 @@ error_exit: - static grub_err_t - grub_secureboot_chainloader_unload (void) - { -- grub_efi_boot_services_t *b; -- -- b = grub_efi_system_table->boot_services; -- efi_call_2 (b->free_pages, address, pages); -+ grub_efi_free_pages (address, pages); - grub_free (file_path); - grub_free (cmdline); - cmdline = 0; -@@ -1100,7 +1094,7 @@ fail: - grub_free (file_path); - - if (address) -- efi_call_2 (b->free_pages, address, pages); -+ grub_efi_free_pages (address, pages); - - if (cmdline) - grub_free (cmdline); diff --git a/0054-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch b/0054-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch deleted file mode 100644 index ef41fe1a5afed98119c2bafc069736ab5d58a87a..0000000000000000000000000000000000000000 --- a/0054-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 1 Jun 2017 10:07:50 -0400 -Subject: [PATCH] Add PRIxGRUB_EFI_STATUS and use it. - -This avoids syntax checkers getting confused about if it's llx or lx. - -Signed-off-by: Peter Jones ---- - grub-core/loader/efi/chainloader.c | 3 ++- - include/grub/efi/api.h | 9 +++++++++ - 2 files changed, 11 insertions(+), 1 deletion(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 89ac84cc663..ac8dfd40c61 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -810,7 +810,8 @@ handle_image (void *data, grub_efi_uint32_t datasize) - efi_status = efi_call_2 (entry_point, grub_efi_image_handle, - grub_efi_system_table); - -- grub_dprintf ("chain", "entry_point returned %ld\n", efi_status); -+ grub_dprintf ("chain", "entry_point returned 0x%"PRIxGRUB_EFI_STATUS"\n", -+ efi_status); - grub_memcpy (li, &li_bak, sizeof (grub_efi_loaded_image_t)); - efi_status = grub_efi_free_pool (buffer); - -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 117469450d3..99628801478 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -546,7 +546,16 @@ typedef grub_uint64_t grub_efi_uint64_t; - typedef grub_uint8_t grub_efi_char8_t; - typedef grub_uint16_t grub_efi_char16_t; - -+ - typedef grub_efi_uintn_t grub_efi_status_t; -+/* Make grub_efi_status_t reasonably printable. */ -+#if GRUB_CPU_SIZEOF_VOID_P == 8 -+#define PRIxGRUB_EFI_STATUS "lx" -+#define PRIdGRUB_EFI_STATUS "ld" -+#else -+#define PRIxGRUB_EFI_STATUS "llx" -+#define PRIdGRUB_EFI_STATUS "lld" -+#endif - - #define GRUB_EFI_ERROR_CODE(value) \ - ((((grub_efi_status_t) 1) << (sizeof (grub_efi_status_t) * 8 - 1)) | (value)) diff --git a/0055-don-t-use-int-for-efi-status.patch b/0055-don-t-use-int-for-efi-status.patch deleted file mode 100644 index 44d35554082705d6f432b9c42ad5499090816d71..0000000000000000000000000000000000000000 --- a/0055-don-t-use-int-for-efi-status.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 26 Jun 2017 12:44:59 -0400 -Subject: [PATCH] don't use int for efi status - ---- - grub-core/kern/efi/efi.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 05d8237a9b2..ae9885edb84 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -167,7 +167,7 @@ grub_reboot (void) - void - grub_exit (int retval) - { -- int rc = GRUB_EFI_LOAD_ERROR; -+ grub_efi_status_t rc = GRUB_EFI_LOAD_ERROR; - - if (retval == 0) - rc = GRUB_EFI_SUCCESS; diff --git a/0056-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch b/0056-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch deleted file mode 100644 index 1014900c932c971116862e046ee81d379ad8355d..0000000000000000000000000000000000000000 --- a/0056-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 26 Jun 2017 12:46:23 -0400 -Subject: [PATCH] make GRUB_MOD_INIT() declare its function prototypes. - ---- - include/grub/dl.h | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/include/grub/dl.h b/include/grub/dl.h -index b3753c9ca26..91933b85f2c 100644 ---- a/include/grub/dl.h -+++ b/include/grub/dl.h -@@ -54,6 +54,7 @@ grub_mod_fini (void) - - #define GRUB_MOD_INIT(name) \ - static void grub_mod_init (grub_dl_t mod __attribute__ ((unused))) __attribute__ ((used)); \ -+extern void grub_##name##_init (void); \ - void \ - grub_##name##_init (void) { grub_mod_init (0); } \ - static void \ -@@ -61,6 +62,7 @@ grub_mod_init (grub_dl_t mod __attribute__ ((unused))) - - #define GRUB_MOD_FINI(name) \ - static void grub_mod_fini (void) __attribute__ ((used)); \ -+extern void grub_##name##_fini (void); \ - void \ - grub_##name##_fini (void) { grub_mod_fini (); } \ - static void \ diff --git a/0057-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch b/0057-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch deleted file mode 100644 index 890aa34ce7905671c3ac931471ff05205e630c91..0000000000000000000000000000000000000000 --- a/0057-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 20 Apr 2017 13:29:06 -0400 -Subject: [PATCH] Don't guess /boot/efi/ as HFS+ on ppc machines in - grub-install - -This should never be trying this, and since we've consolidated the -grubenv to always be on /boot/efi/EFI/fedora/, this code causes it to -always make the wrong decision. - -Resolves: rhbz#1484474 - -Signed-off-by: Peter Jones ---- - util/grub-install.c | 12 +----------- - 1 file changed, 1 insertion(+), 11 deletions(-) - -diff --git a/util/grub-install.c b/util/grub-install.c -index 84ed6e88ecb..a2bec7446cb 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -1190,18 +1190,8 @@ main (int argc, char *argv[]) - char *d; - - is_guess = 1; -- d = grub_util_path_concat (2, bootdir, "macppc"); -- if (!grub_util_is_directory (d)) -- { -- free (d); -- d = grub_util_path_concat (2, bootdir, "efi"); -- } - /* Find the Mac HFS(+) System Partition. */ -- if (!grub_util_is_directory (d)) -- { -- free (d); -- d = grub_util_path_concat (2, bootdir, "EFI"); -- } -+ d = grub_util_path_concat (2, bootdir, "macppc"); - if (!grub_util_is_directory (d)) - { - free (d); diff --git a/0058-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch b/0058-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch deleted file mode 100644 index 3fd779f7dfbb5c6705302df146f71804afa79037..0000000000000000000000000000000000000000 --- a/0058-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 Jul 2019 14:31:19 +0200 -Subject: [PATCH] 20_linux_xen: load xen or multiboot{,2} modules as needed. - -Signed-off-by: Peter Jones ---- - util/grub.d/20_linux_xen.in | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in -index e9e73b815fb..c23b064be6c 100644 ---- a/util/grub.d/20_linux_xen.in -+++ b/util/grub.d/20_linux_xen.in -@@ -153,6 +153,7 @@ linux_entry_xsm () - else - xen_rm_opts="no-real-mode edd=off" - fi -+ insmod ${xen_module} - ${xen_loader} ${rel_xen_dirname}/${xen_basename} placeholder ${xen_args} \${xen_rm_opts} - echo '$(echo "$lmessage" | grub_quote)' - ${module_loader} ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args} -@@ -166,6 +167,7 @@ EOF - done - sed "s/^/$submenu_indentation/" << EOF - echo '$(echo "$message" | grub_quote)' -+ insmod ${xen_module} - ${module_loader} --nounzip $(echo $initrd_path) - EOF - fi -@@ -253,13 +255,16 @@ while [ "x${xen_list}" != "x" ] ; do - echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {" - fi - if ($grub_file --is-arm64-efi $current_xen); then -+ xen_module="xen_boot" - xen_loader="xen_hypervisor" - module_loader="xen_module" - else - if ($grub_file --is-x86-multiboot2 $current_xen); then -+ xen_module="multiboot2" - xen_loader="multiboot2" - module_loader="module2" - else -+ xen_module="multiboot" - xen_loader="multiboot" - module_loader="module" - fi diff --git a/0059-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch b/0059-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch deleted file mode 100644 index acfb116d74f35d92a98eea43dca2cf73ed2797ff..0000000000000000000000000000000000000000 --- a/0059-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch +++ /dev/null @@ -1,211 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 7 Nov 2017 17:12:17 -0500 -Subject: [PATCH] Make pmtimer tsc calibration not take 51 seconds to fail. - -On my laptop running at 2.4GHz, if I run a VM where tsc calibration -using pmtimer will fail presuming a broken pmtimer, it takes ~51 seconds -to do so (as measured with the stopwatch on my phone), with a tsc delta -of 0x1cd1c85300, or around 125 billion cycles. - -If instead of trying to wait for 5-200ms to show up on the pmtimer, we try -to wait for 5-200us, it decides it's broken in ~0x2626aa0 TSCs, aka ~2.4 -million cycles, or more or less instantly. - -Additionally, this reading the pmtimer was returning 0xffffffff anyway, -and that's obviously an invalid return. I've added a check for that and -0 so we don't bother waiting for the test if what we're seeing is dead -pins with no response at all. - -If "debug" is includes "pmtimer", you will see one of the following -three outcomes. If pmtimer gives all 0 or all 1 bits, you will see: - -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 1 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 2 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 3 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 4 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 5 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 6 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 7 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 8 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 9 -kern/i386/tsc_pmtimer.c:77: pmtimer: 0xffffff bad_reads: 10 -kern/i386/tsc_pmtimer.c:78: timer is broken; giving up. - -This outcome was tested using qemu+kvm with UEFI (OVMF) firmware and -these options: -machine pc-q35-2.10 -cpu Broadwell-noTSX - -If pmtimer gives any other bit patterns but is not actually marching -forward fast enough to use for clock calibration, you will see: - -kern/i386/tsc_pmtimer.c:121: pmtimer delta is 0x0 (1904 iterations) -kern/i386/tsc_pmtimer.c:124: tsc delta is implausible: 0x2626aa0 - -This outcome was tested using grub compiled with GRUB_PMTIMER_IGNORE_BAD_READS -defined (so as not to trip the bad read test) using qemu+kvm with UEFI -(OVMF) firmware, and these options: -machine pc-q35-2.10 -cpu Broadwell-noTSX - -If pmtimer actually works, you'll see something like: - -kern/i386/tsc_pmtimer.c:121: pmtimer delta is 0x0 (1904 iterations) -kern/i386/tsc_pmtimer.c:124: tsc delta is implausible: 0x2626aa0 - -This outcome was tested using qemu+kvm with UEFI (OVMF) firmware, and -these options: -machine pc-i440fx-2.4 -cpu Broadwell-noTSX - -I've also tested this outcome on a real Intel Xeon E3-1275v3 on an Intel -Server Board S1200V3RPS using the SDV.RP.B8 "Release" build here: -https://firmware.intel.com/sites/default/files/UEFIDevKit_S1200RP_vB8.zip - -Signed-off-by: Peter Jones ---- - grub-core/kern/i386/tsc_pmtimer.c | 109 +++++++++++++++++++++++++++++++------- - 1 file changed, 89 insertions(+), 20 deletions(-) - -diff --git a/grub-core/kern/i386/tsc_pmtimer.c b/grub-core/kern/i386/tsc_pmtimer.c -index c9c36169978..ca15c3aacd7 100644 ---- a/grub-core/kern/i386/tsc_pmtimer.c -+++ b/grub-core/kern/i386/tsc_pmtimer.c -@@ -28,40 +28,101 @@ - #include - #include - -+/* -+ * Define GRUB_PMTIMER_IGNORE_BAD_READS if you're trying to test a timer that's -+ * present but doesn't keep time well. -+ */ -+// #define GRUB_PMTIMER_IGNORE_BAD_READS -+ - grub_uint64_t - grub_pmtimer_wait_count_tsc (grub_port_t pmtimer, - grub_uint16_t num_pm_ticks) - { - grub_uint32_t start; -- grub_uint32_t last; -- grub_uint32_t cur, end; -+ grub_uint64_t cur, end; - grub_uint64_t start_tsc; - grub_uint64_t end_tsc; -- int num_iter = 0; -+ unsigned int num_iter = 0; -+#ifndef GRUB_PMTIMER_IGNORE_BAD_READS -+ int bad_reads = 0; -+#endif - -- start = grub_inl (pmtimer) & 0xffffff; -- last = start; -+ /* -+ * Some timers are 24-bit and some are 32-bit, but it doesn't make much -+ * difference to us. Caring which one we have isn't really worth it since -+ * the low-order digits will give us enough data to calibrate TSC. So just -+ * mask the top-order byte off. -+ */ -+ cur = start = grub_inl (pmtimer) & 0xffffffUL; - end = start + num_pm_ticks; - start_tsc = grub_get_tsc (); - while (1) - { -- cur = grub_inl (pmtimer) & 0xffffff; -- if (cur < last) -- cur |= 0x1000000; -- num_iter++; -+ cur &= 0xffffffffff000000ULL; -+ cur |= grub_inl (pmtimer) & 0xffffffUL; -+ -+ end_tsc = grub_get_tsc(); -+ -+#ifndef GRUB_PMTIMER_IGNORE_BAD_READS -+ /* -+ * If we get 10 reads in a row that are obviously dead pins, there's no -+ * reason to do this thousands of times. -+ */ -+ if (cur == 0xffffffUL || cur == 0) -+ { -+ bad_reads++; -+ grub_dprintf ("pmtimer", -+ "pmtimer: 0x%"PRIxGRUB_UINT64_T" bad_reads: %d\n", -+ cur, bad_reads); -+ grub_dprintf ("pmtimer", "timer is broken; giving up.\n"); -+ -+ if (bad_reads == 10) -+ return 0; -+ } -+#endif -+ -+ if (cur < start) -+ cur += 0x1000000; -+ - if (cur >= end) - { -- end_tsc = grub_get_tsc (); -+ grub_dprintf ("pmtimer", "pmtimer delta is 0x%"PRIxGRUB_UINT64_T"\n", -+ cur - start); -+ grub_dprintf ("pmtimer", "tsc delta is 0x%"PRIxGRUB_UINT64_T"\n", -+ end_tsc - start_tsc); - return end_tsc - start_tsc; - } -- /* Check for broken PM timer. -- 50000000 TSCs is between 5 ms (10GHz) and 200 ms (250 MHz) -- if after this time we still don't have 1 ms on pmtimer, then -- pmtimer is broken. -+ -+ /* -+ * Check for broken PM timer. 1ms at 10GHz should be 1E+7 TSCs; at -+ * 250MHz it should be 2.5E6. So if after 4E+7 TSCs on a 10GHz machine, -+ * we should have seen pmtimer show 4ms of change (i.e. cur =~ -+ * start+14320); on a 250MHz machine that should be 16ms (start+57280). -+ * If after this a time we still don't have 1ms on pmtimer, then pmtimer -+ * is broken. -+ * -+ * Likewise, if our code is perfectly efficient and introduces no delays -+ * whatsoever, on a 10GHz system we should see a TSC delta of 3580 in -+ * ~3580 iterations. On a 250MHz machine that should be ~900 iterations. -+ * -+ * With those factors in mind, there are two limits here. There's a hard -+ * limit here at 8x our desired pm timer delta, picked as an arbitrarily -+ * large value that's still not a lot of time to humans, because if we -+ * get that far this is either an implausibly fast machine or the pmtimer -+ * is not running. And there's another limit on 4x our 10GHz tsc delta -+ * without seeing cur converge on our target value. - */ -- if ((num_iter & 0xffffff) == 0 && grub_get_tsc () - start_tsc > 5000000) { -- return 0; -- } -+ if ((++num_iter > (grub_uint32_t)num_pm_ticks << 3UL) || -+ end_tsc - start_tsc > 40000000) -+ { -+ grub_dprintf ("pmtimer", -+ "pmtimer delta is 0x%"PRIxGRUB_UINT64_T" (%u iterations)\n", -+ cur - start, num_iter); -+ grub_dprintf ("pmtimer", -+ "tsc delta is implausible: 0x%"PRIxGRUB_UINT64_T"\n", -+ end_tsc - start_tsc); -+ return 0; -+ } - } - } - -@@ -74,12 +135,20 @@ grub_tsc_calibrate_from_pmtimer (void) - - fadt = grub_acpi_find_fadt (); - if (!fadt) -- return 0; -+ { -+ grub_dprintf ("pmtimer", "No FADT found; not using pmtimer.\n"); -+ return 0; -+ } - pmtimer = fadt->pmtimer; - if (!pmtimer) -- return 0; -+ { -+ grub_dprintf ("pmtimer", "FADT does not specify pmtimer; skipping.\n"); -+ return 0; -+ } - -- /* It's 3.579545 MHz clock. Wait 1 ms. */ -+ /* -+ * It's 3.579545 MHz clock. Wait 1 ms. -+ */ - tsc_diff = grub_pmtimer_wait_count_tsc (pmtimer, 3580); - if (tsc_diff == 0) - return 0; diff --git a/0060-align-struct-efi_variable-better.patch b/0060-align-struct-efi_variable-better.patch deleted file mode 100644 index ec26def52ed83b41947f594e209637e647ecb852..0000000000000000000000000000000000000000 --- a/0060-align-struct-efi_variable-better.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 27 Feb 2018 13:55:35 -0500 -Subject: [PATCH] align struct efi_variable better... - ---- - include/grub/efiemu/runtime.h | 2 +- - include/grub/types.h | 1 + - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/include/grub/efiemu/runtime.h b/include/grub/efiemu/runtime.h -index 36d2dedf47e..9d93ba88bac 100644 ---- a/include/grub/efiemu/runtime.h -+++ b/include/grub/efiemu/runtime.h -@@ -33,5 +33,5 @@ struct efi_variable - grub_uint32_t namelen; - grub_uint32_t size; - grub_efi_uint32_t attributes; --} GRUB_PACKED; -+} GRUB_PACKED GRUB_ALIGNED(8); - #endif /* ! GRUB_EFI_EMU_RUNTIME_HEADER */ -diff --git a/include/grub/types.h b/include/grub/types.h -index 0a3ff159136..ba446d99040 100644 ---- a/include/grub/types.h -+++ b/include/grub/types.h -@@ -29,6 +29,7 @@ - #else - #define GRUB_PACKED __attribute__ ((packed)) - #endif -+#define GRUB_ALIGNED(x) __attribute__((aligned (x))) - - #ifdef GRUB_BUILD - # define GRUB_CPU_SIZEOF_VOID_P BUILD_SIZEOF_VOID_P diff --git a/0061-Add-BLS-support-to-grub-mkconfig.patch b/0061-Add-BLS-support-to-grub-mkconfig.patch deleted file mode 100644 index f7c8064e3608c74438280b810d9b3507fa95a16b..0000000000000000000000000000000000000000 --- a/0061-Add-BLS-support-to-grub-mkconfig.patch +++ /dev/null @@ -1,399 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 9 Dec 2016 15:40:29 -0500 -Subject: [PATCH] Add BLS support to grub-mkconfig - -GRUB now has BootLoaderSpec support, the user can choose to use this by -setting GRUB_ENABLE_BLSCFG to true in /etc/default/grub. On this setup, -the boot menu entries are not added to the grub.cfg, instead BLS config -files are parsed by blscfg command and the entries created dynamically. - -A 10_linux_bls grub.d snippet to generate menu entries from BLS files -is also added that can be used on platforms where the bootloader doesn't -have BLS support and only can parse a normal grub configuration file. - -Portions of the 10_linux_bls were taken from the ostree-grub-generator -script that's included in the OSTree project. - -Fixes to support multi-devices and generate a BLS section even if no -kernels are found in the boot directory were proposed by Yclept Nemo -and Tom Gundersen respectively. - -Signed-off-by: Peter Jones -[javierm: remove outdated URL for BLS document] -Signed-off-by: Javier Martinez Canillas -Signed-off-by: Robbie Harwood ---- - util/grub-mkconfig.8 | 4 + - util/grub-mkconfig.in | 9 +- - util/grub-mkconfig_lib.in | 22 ++++- - util/grub.d/10_linux.in | 223 +++++++++++++++++++++++++++++++++++++++++++++- - 4 files changed, 252 insertions(+), 6 deletions(-) - -diff --git a/util/grub-mkconfig.8 b/util/grub-mkconfig.8 -index a2d1f577b9b..434fa4deda4 100644 ---- a/util/grub-mkconfig.8 -+++ b/util/grub-mkconfig.8 -@@ -13,5 +13,9 @@ - \fB--output\fR=\fIFILE\fR - Write generated output to \fIFILE\fR. - -+.TP -+\fB--no-grubenv-update\fR -+Do not update variables in the grubenv file. -+ - .SH SEE ALSO - .BR "info grub" -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 535c0f02499..f55339a3f64 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -50,6 +50,8 @@ grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@" - export TEXTDOMAIN=@PACKAGE@ - export TEXTDOMAINDIR="@localedir@" - -+export GRUB_GRUBENV_UPDATE="yes" -+ - . "${pkgdatadir}/grub-mkconfig_lib" - - # Usage: usage -@@ -59,6 +61,7 @@ usage () { - gettext "Generate a grub config file"; echo - echo - print_option_help "-o, --output=$(gettext FILE)" "$(gettext "output generated config to FILE [default=stdout]")" -+ print_option_help "--no-grubenv-update" "$(gettext "do not update variables in the grubenv file")" - print_option_help "-h, --help" "$(gettext "print this message and exit")" - print_option_help "-V, --version" "$(gettext "print the version information and exit")" - echo -@@ -94,6 +97,9 @@ do - --output=*) - grub_cfg=`echo "$option" | sed 's/--output=//'` - ;; -+ --no-grubenv-update) -+ GRUB_GRUBENV_UPDATE="no" -+ ;; - -*) - gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2 - usage -@@ -253,7 +259,8 @@ export GRUB_DEFAULT \ - GRUB_OS_PROBER_SKIP_LIST \ - GRUB_DISABLE_SUBMENU \ - GRUB_DEFAULT_DTB \ -- SUSE_BTRFS_SNAPSHOT_BOOTING -+ SUSE_BTRFS_SNAPSHOT_BOOTING \ -+ GRUB_ENABLE_BLSCFG - - if test "x${grub_cfg}" != "x"; then - rm -f "${grub_cfg}.new" -diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in -index fafeac95061..d8bb4069360 100644 ---- a/util/grub-mkconfig_lib.in -+++ b/util/grub-mkconfig_lib.in -@@ -30,6 +30,9 @@ fi - if test "x$grub_file" = x; then - grub_file="${bindir}/@grub_file@" - fi -+if test "x$grub_editenv" = x; then -+ grub_editenv="${bindir}/@grub_editenv@" -+fi - if test "x$grub_mkrelpath" = x; then - grub_mkrelpath="${bindir}/@grub_mkrelpath@" - fi -@@ -125,8 +128,19 @@ EOF - fi - } - -+prepare_grub_to_access_device_with_variable () -+{ -+ device_variable="$1" -+ shift -+ prepare_grub_to_access_device "$@" -+ unset "device_variable" -+} -+ - prepare_grub_to_access_device () - { -+ if [ -z "$device_variable" ]; then -+ device_variable="root" -+ fi - old_ifs="$IFS" - IFS=' - ' -@@ -161,18 +175,18 @@ prepare_grub_to_access_device () - # otherwise set root as per value in device.map. - fs_hint="`"${grub_probe}" --device $@ --target=compatibility_hint`" - if [ "x$fs_hint" != x ]; then -- echo "set root='$fs_hint'" -+ echo "set ${device_variable}='$fs_hint'" - fi - if [ "x${GRUB_DISABLE_UUID}" != "xtrue" ] && fs_uuid="`"${grub_probe}" --device $@ --target=fs_uuid 2> /dev/null`" ; then - hints="`"${grub_probe}" --device $@ --target=hints_string 2> /dev/null`" || hints= - if [ "x$hints" != x ]; then - echo "if [ x\$feature_platform_search_hint = xy ]; then" -- echo " search --no-floppy --fs-uuid --set=root ${hints} ${fs_uuid}" -+ echo " search --no-floppy --fs-uuid --set=${device_variable} ${hints} ${fs_uuid}" - echo "else" -- echo " search --no-floppy --fs-uuid --set=root ${fs_uuid}" -+ echo " search --no-floppy --fs-uuid --set=${device_variable} ${fs_uuid}" - echo "fi" - else -- echo "search --no-floppy --fs-uuid --set=root ${fs_uuid}" -+ echo "search --no-floppy --fs-uuid --set=${device_variable} ${fs_uuid}" - fi - fi - IFS="$old_ifs" -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 7bb3a211a7c..6bceabf3dc9 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -82,6 +82,223 @@ case x"$GRUB_FS" in - ;; - esac - -+populate_header_warn() -+{ -+if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then -+ bls_parser="10_linux script" -+else -+ bls_parser="blscfg command" -+fi -+cat </dev/null | tac)) || : -+ -+ echo "${files[@]}" -+} -+ -+update_bls_cmdline() -+{ -+ local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" -+ local -a files=($(get_sorted_bls)) -+ -+ for bls in "${files[@]}"; do -+ local options="${cmdline}" -+ if [ -z "${bls##*debug*}" ]; then -+ options="${options} ${GRUB_CMDLINE_LINUX_DEBUG}" -+ fi -+ options="$(echo "${options}" | sed -e 's/\//\\\//g')" -+ sed -i -e "s/^options.*/options ${options}/" "${blsdir}/${bls}.conf" -+ done -+} -+ -+populate_menu() -+{ -+ local -a files=($(get_sorted_bls)) -+ -+ gettext_printf "Generating boot entries from BLS files...\n" >&2 -+ -+ for bls in "${files[@]}"; do -+ read_config "${blsdir}/${bls}.conf" -+ -+ menu="${menu}menuentry '${title}' ${grub_arg} --id=${bls} {\n" -+ menu="${menu}\t linux ${linux} ${options}\n" -+ if [ -n "${initrd}" ] ; then -+ menu="${menu}\t initrd ${boot_prefix}${initrd}\n" -+ fi -+ menu="${menu}}\n\n" -+ done -+ # The printf command seems to be more reliable across shells for special character (\n, \t) evaluation -+ printf "$menu" -+} -+ -+# Make BLS the default if GRUB_ENABLE_BLSCFG was not set and grubby is not installed. -+if [ -z "${GRUB_ENABLE_BLSCFG}" ] && [ -z "$(which new-kernel-pkg 2> /dev/null)" ]; then -+ GRUB_ENABLE_BLSCFG="true" -+fi -+ -+if [ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]; then -+ if [ x$dirname = x/ ]; then -+ if [ -z "${prepare_root_cache}" ]; then -+ prepare_grub_to_access_device ${GRUB_DEVICE} -+ fi -+ else -+ if [ -z "${prepare_boot_cache}" ]; then -+ prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} -+ fi -+ fi -+ -+ if [ -d /sys/firmware/efi ]; then -+ bootefi_device="`${grub_probe} --target=device /boot/efi/`" -+ prepare_grub_to_access_device_with_variable boot ${bootefi_device} -+ else -+ boot_device="`${grub_probe} --target=device /boot/`" -+ prepare_grub_to_access_device_with_variable boot ${boot_device} -+ fi -+ -+ arch="$(uname -m)" -+ if [ "x${arch}" = "xppc64le" ] && [ -d /sys/firmware/opal ]; then -+ -+ BLS_POPULATE_MENU="true" -+ petitboot_path="/sys/firmware/devicetree/base/ibm,firmware-versions/petitboot" -+ -+ if test -e ${petitboot_path}; then -+ read -r -d '' petitboot_version < ${petitboot_path} -+ petitboot_version="$(echo ${petitboot_version//v})" -+ -+ if test -n ${petitboot_version}; then -+ major_version="$(echo ${petitboot_version} | cut -d . -f1)" -+ minor_version="$(echo ${petitboot_version} | cut -d . -f2)" -+ -+ re='^[0-9]+$' -+ if [[ $major_version =~ $re ]] && [[ $minor_version =~ $re ]] && -+ ([[ ${major_version} -gt 1 ]] || -+ [[ ${major_version} -eq 1 && -+ ${minor_version} -ge 8 ]]); then -+ BLS_POPULATE_MENU="false" -+ fi -+ fi -+ fi -+ fi -+ -+ populate_header_warn -+ -+ cat << EOF -+# The kernelopts variable should be defined in the grubenv file. But to ensure that menu -+# entries populated from BootLoaderSpec files that use this variable work correctly even -+# without a grubenv file, define a fallback kernelopts variable if this has not been set. -+# -+# The kernelopts variable in the grubenv file can be modified using the grubby tool or by -+# executing the grub2-mkconfig tool. For the latter, the values of the GRUB_CMDLINE_LINUX -+# and GRUB_CMDLINE_LINUX_DEFAULT options from /etc/default/grub file are used to set both -+# the kernelopts variable in the grubenv file and the fallback kernelopts variable. -+if [ -z "\${kernelopts}" ]; then -+ set kernelopts="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" -+fi -+EOF -+ -+ update_bls_cmdline -+ -+ if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then -+ populate_menu -+ else -+ cat << EOF -+ -+insmod blscfg -+blscfg -+EOF -+ fi -+ -+ if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then -+ blsdir="/boot/loader/entries" -+ [ -d "${blsdir}" ] && GRUB_BLS_FS="$(${grub_probe} --target=fs ${blsdir})" -+ if [ "x${GRUB_BLS_FS}" = "xbtrfs" ] || [ "x${GRUB_BLS_FS}" = "xzfs" ]; then -+ blsdir=$(make_system_path_relative_to_its_root "${blsdir}") -+ if [ "x${blsdir}" != "x/loader/entries" ] && [ "x${blsdir}" != "x/boot/loader/entries" ]; then -+ ${grub_editenv} - set blsdir="${blsdir}" -+ fi -+ fi -+ -+ if [ -n "${GRUB_EARLY_INITRD_LINUX_CUSTOM}" ]; then -+ ${grub_editenv} - set early_initrd="${GRUB_EARLY_INITRD_LINUX_CUSTOM}" -+ fi -+ -+ if [ -n "${GRUB_DEFAULT_DTB}" ]; then -+ ${grub_editenv} - set devicetree="${GRUB_DEFAULT_DTB}" -+ fi -+ -+ if [ -n "${GRUB_SAVEDEFAULT}" ]; then -+ ${grub_editenv} - set save_default="${GRUB_SAVEDEFAULT}" -+ fi -+ fi -+ -+ exit 0 -+fi -+ - mktitle () - { - local title_type -@@ -121,6 +338,7 @@ linux_entry () - if [ -z "$boot_device_id" ]; then - boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")" - fi -+ - if [ x$type != xsimple ] ; then - title=$(mktitle "$type" "$version") - if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then -@@ -231,6 +449,7 @@ is_top_level=true - while [ "x$list" != "x" ] ; do - linux=`version_find_latest $list` - gettext_printf "Found linux image: %s\n" "$linux" >&2 -+ - basename=`basename $linux` - dirname=`dirname $linux` - rel_dirname=`make_system_path_relative_to_its_root $dirname` -@@ -269,7 +488,9 @@ while [ "x$list" != "x" ] ; do - for i in ${initrd}; do - initrd_display="${initrd_display} ${dirname}/${i}" - done -- gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 -+ if [ "x${GRUB_ENABLE_BLSCFG}" != "xtrue" ]; then -+ gettext_printf "Found initrd image: %s\n" "$(echo $initrd_display)" >&2 -+ fi - fi - - fdt= diff --git a/0062-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch b/0062-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch deleted file mode 100644 index 9ff4c8b8694add91b6fde9d7e6355acb80b57919..0000000000000000000000000000000000000000 --- a/0062-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 6 Feb 2018 11:16:28 +0100 -Subject: [PATCH] Don't attempt to backtrace on grub_abort() for grub-emu - -The emu platform doesn't have a grub_backtrace() implementation, so this -causes a build error. Don't attempt to call this when building grub-emu. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/kern/misc.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index a3e215155bd..c60601b699d 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -1201,7 +1201,7 @@ static void __attribute__ ((noreturn)) - grub_abort (void) - { - #ifndef GRUB_UTIL --#if defined(__i386__) || defined(__x86_64__) -+#if (defined(__i386__) || defined(__x86_64__)) && !defined(GRUB_MACHINE_EMU) - grub_backtrace(); - #endif - #endif diff --git a/0063-Add-linux-and-initrd-commands-for-grub-emu.patch b/0063-Add-linux-and-initrd-commands-for-grub-emu.patch deleted file mode 100644 index 2431a4d782e87a599c87b3609c3cab2037f5a41f..0000000000000000000000000000000000000000 --- a/0063-Add-linux-and-initrd-commands-for-grub-emu.patch +++ /dev/null @@ -1,350 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Raymund Will -Date: Tue, 6 Feb 2018 09:09:00 +0100 -Subject: [PATCH] Add linux and initrd commands for grub-emu - -When using grub-emu, the linux and initrd commands are used as arguments -to the kexec command line tool, to allow booting the selected menu entry. - -Signed-off-by: Raymund Will -Signed-off-by: Robbie Harwood ---- - grub-core/Makefile.core.def | 1 - - grub-core/kern/emu/main.c | 4 + - grub-core/kern/emu/misc.c | 18 ++++- - grub-core/loader/emu/linux.c | 172 +++++++++++++++++++++++++++++++++++++++++++ - include/grub/emu/exec.h | 4 +- - include/grub/emu/hostfile.h | 3 +- - include/grub/emu/misc.h | 3 + - grub-core/Makefile.am | 1 + - 8 files changed, 202 insertions(+), 4 deletions(-) - create mode 100644 grub-core/loader/emu/linux.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 058c88ac3af..5354f9613d3 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1826,7 +1826,6 @@ module = { - - common = loader/linux.c; - common = lib/cmdline.c; -- enable = noemu; - - efi = loader/efi/linux.c; - }; -diff --git a/grub-core/kern/emu/main.c b/grub-core/kern/emu/main.c -index 55ea5a11ccd..846fe9715ec 100644 ---- a/grub-core/kern/emu/main.c -+++ b/grub-core/kern/emu/main.c -@@ -107,6 +107,7 @@ static struct argp_option options[] = { - N_("use GRUB files in the directory DIR [default=%s]"), 0}, - {"verbose", 'v', 0, 0, N_("print verbose messages."), 0}, - {"hold", 'H', N_("SECS"), OPTION_ARG_OPTIONAL, N_("wait until a debugger will attach"), 0}, -+ {"kexec", 'X', 0, 0, N_("try the untryable."), 0}, - { 0, 0, 0, 0, 0, 0 } - }; - -@@ -164,6 +165,9 @@ argp_parser (int key, char *arg, struct argp_state *state) - case 'v': - verbosity++; - break; -+ case 'X': -+ grub_util_set_kexecute(); -+ break; - - case ARGP_KEY_ARG: - { -diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c -index 0ff13bcaf8c..eeea092752d 100644 ---- a/grub-core/kern/emu/misc.c -+++ b/grub-core/kern/emu/misc.c -@@ -39,6 +39,7 @@ - #include - - int verbosity; -+int kexecute; - - void - grub_util_warn (const char *fmt, ...) -@@ -82,7 +83,7 @@ grub_util_error (const char *fmt, ...) - vfprintf (stderr, fmt, ap); - va_end (ap); - fprintf (stderr, ".\n"); -- exit (1); -+ grub_exit (1); - } - - void * -@@ -154,6 +155,9 @@ void - __attribute__ ((noreturn)) - grub_exit (int rc) - { -+#if defined (GRUB_KERNEL) -+ grub_reboot(); -+#endif - exit (rc < 0 ? 1 : rc); - } - #endif -@@ -215,3 +219,15 @@ grub_util_load_image (const char *path, char *buf) - - fclose (fp); - } -+ -+void -+grub_util_set_kexecute(void) -+{ -+ kexecute++; -+} -+ -+int -+grub_util_get_kexecute(void) -+{ -+ return kexecute; -+} -diff --git a/grub-core/loader/emu/linux.c b/grub-core/loader/emu/linux.c -new file mode 100644 -index 00000000000..fda9e00d24c ---- /dev/null -+++ b/grub-core/loader/emu/linux.c -@@ -0,0 +1,172 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_dl_t my_mod; -+ -+static char *kernel_path; -+static char *initrd_path; -+static char *boot_cmdline; -+ -+static grub_err_t -+grub_linux_boot (void) -+{ -+ grub_err_t rc = GRUB_ERR_NONE; -+ char *initrd_param; -+ const char *kexec[] = { "kexec", "-l", kernel_path, boot_cmdline, NULL, NULL }; -+ const char *systemctl[] = { "systemctl", "kexec", NULL }; -+ int kexecute = grub_util_get_kexecute(); -+ -+ if (initrd_path) { -+ initrd_param = grub_xasprintf("--initrd=%s", initrd_path); -+ kexec[3] = initrd_param; -+ kexec[4] = boot_cmdline; -+ } else { -+ initrd_param = grub_xasprintf("%s", ""); -+ } -+ -+ grub_printf("%serforming 'kexec -l %s %s %s'\n", -+ (kexecute) ? "P" : "Not p", -+ kernel_path, initrd_param, boot_cmdline); -+ -+ if (kexecute) -+ rc = grub_util_exec(kexec); -+ -+ grub_free(initrd_param); -+ -+ if (rc != GRUB_ERR_NONE) { -+ grub_error (rc, N_("Error trying to perform kexec load operation.")); -+ grub_sleep (3); -+ return rc; -+ } -+ if (kexecute < 1) -+ grub_fatal (N_("Use '"PACKAGE"-emu --kexec' to force a system restart.")); -+ -+ grub_printf("Performing 'systemctl kexec' (%s) ", -+ (kexecute==1) ? "do-or-die" : "just-in-case"); -+ rc = grub_util_exec (systemctl); -+ -+ if (kexecute == 1) -+ grub_fatal (N_("Error trying to perform 'systemctl kexec'")); -+ -+ /* need to check read-only root before resetting hard!? */ -+ grub_printf("Performing 'kexec -e'"); -+ kexec[1] = "-e"; -+ kexec[2] = NULL; -+ rc = grub_util_exec(kexec); -+ if ( rc != GRUB_ERR_NONE ) -+ grub_fatal (N_("Error trying to directly perform 'kexec -e'.")); -+ -+ return rc; -+} -+ -+static grub_err_t -+grub_linux_unload (void) -+{ -+ grub_dl_unref (my_mod); -+ if ( boot_cmdline != NULL ) -+ grub_free (boot_cmdline); -+ boot_cmdline = NULL; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), int argc, char *argv[]) -+{ -+ int i; -+ char *tempstr; -+ -+ grub_dl_ref (my_mod); -+ -+ if (argc == 0) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ -+ if ( !grub_util_is_regular(argv[0]) ) -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, N_("Cannot find kernel file %s"), argv[0]); -+ -+ if ( kernel_path != NULL ) -+ grub_free(kernel_path); -+ -+ kernel_path = grub_xasprintf("%s", argv[0]); -+ -+ if ( boot_cmdline != NULL ) { -+ grub_free(boot_cmdline); -+ boot_cmdline = NULL; -+ } -+ -+ if ( argc > 1 ) -+ { -+ boot_cmdline = grub_xasprintf("--command-line=%s", argv[1]); -+ for ( i = 2; i < argc; i++ ) { -+ tempstr = grub_xasprintf("%s %s", boot_cmdline, argv[i]); -+ grub_free(boot_cmdline); -+ boot_cmdline = tempstr; -+ } -+ } -+ -+ grub_loader_set (grub_linux_boot, grub_linux_unload, 0); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), int argc, char *argv[]) -+{ -+ if (argc == 0) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ -+ if ( !grub_util_is_regular(argv[0]) ) -+ return grub_error(GRUB_ERR_FILE_NOT_FOUND, N_("Cannot find initrd file %s"), argv[0]); -+ -+ if ( initrd_path != NULL ) -+ grub_free(initrd_path); -+ -+ initrd_path = grub_xasprintf("%s", argv[0]); -+ -+ grub_dl_unref (my_mod); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_command_t cmd_linux, cmd_initrd; -+ -+GRUB_MOD_INIT(linux) -+{ -+ cmd_linux = grub_register_command ("linux", grub_cmd_linux, 0, N_("Load Linux.")); -+ cmd_initrd = grub_register_command ("initrd", grub_cmd_initrd, 0, N_("Load initrd.")); -+ my_mod = mod; -+ kernel_path = NULL; -+ initrd_path = NULL; -+ boot_cmdline = NULL; -+} -+ -+GRUB_MOD_FINI(linux) -+{ -+ grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_initrd); -+} -diff --git a/include/grub/emu/exec.h b/include/grub/emu/exec.h -index d1073ef86af..1b61b4a2e5d 100644 ---- a/include/grub/emu/exec.h -+++ b/include/grub/emu/exec.h -@@ -23,6 +23,8 @@ - #include - - #include -+#include -+ - pid_t - grub_util_exec_pipe (const char *const *argv, int *fd); - pid_t -@@ -32,7 +34,7 @@ int - grub_util_exec_redirect_all (const char *const *argv, const char *stdin_file, - const char *stdout_file, const char *stderr_file); - int --grub_util_exec (const char *const *argv); -+EXPORT_FUNC(grub_util_exec) (const char *const *argv); - int - grub_util_exec_redirect (const char *const *argv, const char *stdin_file, - const char *stdout_file); -diff --git a/include/grub/emu/hostfile.h b/include/grub/emu/hostfile.h -index cfb1e2b5661..a61568e36e9 100644 ---- a/include/grub/emu/hostfile.h -+++ b/include/grub/emu/hostfile.h -@@ -22,6 +22,7 @@ - #include - #include - #include -+#include - #include - - int -@@ -29,7 +30,7 @@ grub_util_is_directory (const char *path); - int - grub_util_is_special_file (const char *path); - int --grub_util_is_regular (const char *path); -+EXPORT_FUNC(grub_util_is_regular) (const char *path); - - char * - grub_util_path_concat (size_t n, ...); -diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h -index ff9c48a6490..01056954b96 100644 ---- a/include/grub/emu/misc.h -+++ b/include/grub/emu/misc.h -@@ -57,6 +57,9 @@ void EXPORT_FUNC(grub_util_warn) (const char *fmt, ...) __attribute__ ((format ( - void EXPORT_FUNC(grub_util_info) (const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 1, 2))); - void EXPORT_FUNC(grub_util_error) (const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 1, 2), noreturn)); - -+void EXPORT_FUNC(grub_util_set_kexecute) (void); -+int EXPORT_FUNC(grub_util_get_kexecute) (void) WARN_UNUSED_RESULT; -+ - grub_uint64_t EXPORT_FUNC (grub_util_get_cpu_time_ms) (void); - - #ifdef HAVE_DEVICE_MAPPER -diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am -index ee88e44e97a..80e7a83edf9 100644 ---- a/grub-core/Makefile.am -+++ b/grub-core/Makefile.am -@@ -307,6 +307,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/emu/net.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/emu/hostdisk.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/emu/hostfile.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/extcmd.h -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/emu/exec.h - if COND_GRUB_EMU_SDL - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/sdl.h - endif diff --git a/0064-Add-grub2-switch-to-blscfg.patch b/0064-Add-grub2-switch-to-blscfg.patch deleted file mode 100644 index ac30490f0e37fcd9434a9b926d7e48e1f28f67e1..0000000000000000000000000000000000000000 --- a/0064-Add-grub2-switch-to-blscfg.patch +++ /dev/null @@ -1,410 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 15 Mar 2018 14:12:40 -0400 -Subject: [PATCH] Add grub2-switch-to-blscfg - -Signed-off-by: Peter Jones -Signed-off-by: Javier Martinez Canillas -[jhlavac: Use ${etcdefaultgrub} instead of /etc/default/grub] -Signed-off-by: Jan Hlavac ---- - Makefile.util.def | 7 + - util/grub-set-password.in | 2 +- - util/grub-switch-to-blscfg.8 | 33 +++++ - util/grub-switch-to-blscfg.in | 317 ++++++++++++++++++++++++++++++++++++++++++ - 4 files changed, 358 insertions(+), 1 deletion(-) - create mode 100644 util/grub-switch-to-blscfg.8 - create mode 100644 util/grub-switch-to-blscfg.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index 43a1c7453b1..a90879fa9ba 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1365,6 +1365,13 @@ program = { - ldadd = '$(LIBINTL) $(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; - }; - -+script = { -+ name = grub-switch-to-blscfg; -+ common = util/grub-switch-to-blscfg.in; -+ mansection = 8; -+ installdir = sbin; -+}; -+ - program = { - name = grub-glue-efi; - mansection = 1; -diff --git a/util/grub-set-password.in b/util/grub-set-password.in -index 5ebf50576d6..c0b5ebbfdc5 100644 ---- a/util/grub-set-password.in -+++ b/util/grub-set-password.in -@@ -1,6 +1,6 @@ - #!/bin/sh -e - --EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/') -+EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/' -e 's/\"//g') - if [ -d /sys/firmware/efi/efivars/ ]; then - grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'` - else -diff --git a/util/grub-switch-to-blscfg.8 b/util/grub-switch-to-blscfg.8 -new file mode 100644 -index 00000000000..9a886282976 ---- /dev/null -+++ b/util/grub-switch-to-blscfg.8 -@@ -0,0 +1,33 @@ -+.TH GRUB-SWITCH-TO-BLSCFG 1 "Wed Feb 26 2014" -+.SH NAME -+\fBgrub-switch-to-blscfg\fR \(em Switch to using BLS config files. -+ -+.SH SYNOPSIS -+\fBgrub-switch-to-blscfg\fR [--grub-directory=\fIDIR\fR] [--config-file=\fIFILE\fR] [--grub-defaults=\fIFILE\fR] -+ -+.SH DESCRIPTION -+\fBgrub-switch-to-blscfg\fR reconfigures grub-mkconfig to use BLS-style config files, and then regenerates the GRUB configuration. -+ -+.SH OPTIONS -+.TP -+--grub-directory=\fIDIR\fR -+Search for grub.cfg under \fIDIR\fR. The default value is \fI/boot/efi/EFI/\fBVENDOR\fR on UEFI machines and \fI/boot/grub2\fR elsewhere. -+ -+.TP -+--config-file=\fIFILE\fR -+The grub config file to use. The default value is \fI/etc/grub2-efi.cfg\fR on UEFI machines and \fI/etc/grub2.cfg\fR elsewhere. Symbolic links will be followed. -+ -+.TP -+--grub-defaults=\fIFILE\fR -+The defaults file for grub-mkconfig. The default value is \fI/etc/default/grub\fR. -+ -+.TP -+--bls-directory=\fIDIR\fR -+Create BootLoaderSpec fragments in \fIDIR\fR. The default value is \fI/boot/loader/entries\fR. -+ -+.TP -+--backup-suffix=\fSUFFIX\fR -+The suffix to use for saved backup files. The default value is \fI.bak\fR. -+ -+.SH SEE ALSO -+.BR "info grub" -diff --git a/util/grub-switch-to-blscfg.in b/util/grub-switch-to-blscfg.in -new file mode 100644 -index 00000000000..a851424beb2 ---- /dev/null -+++ b/util/grub-switch-to-blscfg.in -@@ -0,0 +1,317 @@ -+#! /bin/sh -+# -+# Set a default boot entry for GRUB. -+# Copyright (C) 2004,2009 Free Software Foundation, Inc. -+# -+# GRUB is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# GRUB is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GRUB. If not, see . -+ -+#set -eu -+ -+# Initialize some variables. -+prefix=@prefix@ -+exec_prefix=@exec_prefix@ -+sbindir=@sbindir@ -+bindir=@bindir@ -+sysconfdir="@sysconfdir@" -+PACKAGE_NAME=@PACKAGE_NAME@ -+PACKAGE_VERSION=@PACKAGE_VERSION@ -+datarootdir="@datarootdir@" -+datadir="@datadir@" -+if [ ! -v pkgdatadir ]; then -+ pkgdatadir="${datadir}/@PACKAGE@" -+fi -+ -+self=`basename $0` -+ -+grub_get_kernel_settings="${sbindir}/@grub_get_kernel_settings@" -+grub_editenv=${bindir}/@grub_editenv@ -+etcdefaultgrub=/etc/default/grub -+ -+eval "$("${grub_get_kernel_settings}")" || true -+ -+EFIDIR=$(grep ^ID= /etc/os-release | sed -e 's/^ID=//' -e 's/rhel/redhat/' -e 's/\"//g') -+if [ -d /sys/firmware/efi/efivars/ ]; then -+ startlink=/etc/grub2-efi.cfg -+ grubdir=`echo "/@bootdirname@/efi/EFI/${EFIDIR}/" | sed 's,//*,/,g'` -+else -+ startlink=/etc/grub2.cfg -+ grubdir=`echo "/@bootdirname@/@grubdirname@" | sed 's,//*,/,g'` -+fi -+ -+blsdir=`echo "/@bootdirname@/loader/entries" | sed 's,//*,/,g'` -+ -+backupsuffix=.bak -+ -+arch="$(uname -m)" -+ -+export TEXTDOMAIN=@PACKAGE@ -+export TEXTDOMAINDIR="@localedir@" -+ -+. "${pkgdatadir}/grub-mkconfig_lib" -+ -+# Usage: usage -+# Print the usage. -+usage () { -+ gettext_printf "Usage: %s\n" "$self" -+ gettext "Switch to BLS config files.\n"; echo -+ echo -+ print_option_help "-h, --help" "$(gettext "print this message and exit")" -+ print_option_help "-V, --version" "$(gettext "print the version information and exit")" -+ echo -+ print_option_help "--backup-suffix=$(gettext "SUFFIX")" "$backupsuffix" -+ print_option_help "--bls-directory=$(gettext "DIR")" "$blsdir" -+ print_option_help "--config-file=$(gettext "FILE")" "$startlink" -+ print_option_help "--grub-defaults=$(gettext "FILE")" "$etcdefaultgrub" -+ print_option_help "--grub-directory=$(gettext "DIR")" "$grubdir" -+ # echo -+ # gettext "Report bugs to ."; echo -+} -+ -+argument () { -+ opt=$1 -+ shift -+ -+ if test $# -eq 0; then -+ gettext_printf "%s: option requires an argument -- \`%s'\n" "$self" "$opt" 1>&2 -+ exit 1 -+ fi -+ echo $1 -+} -+ -+# Check the arguments. -+while test $# -gt 0 -+do -+ option=$1 -+ shift -+ -+ case "$option" in -+ -h | --help) -+ usage -+ exit 0 ;; -+ -V | --version) -+ echo "$self (${PACKAGE_NAME}) ${PACKAGE_VERSION}" -+ exit 0 ;; -+ -+ --backup-suffix) -+ backupsuffix=`argument $option "$@"` -+ shift -+ ;; -+ --backup-suffix=*) -+ backupsuffix=`echo "$option" | sed 's/--backup-suffix=//'` -+ ;; -+ -+ --bls-directory) -+ blsdir=`argument $option "$@"` -+ shift -+ ;; -+ --bls-directory=*) -+ blsdir=`echo "$option" | sed 's/--bls-directory=//'` -+ ;; -+ -+ --config-file) -+ startlink=`argument $option "$@"` -+ shift -+ ;; -+ --config-file=*) -+ startlink=`echo "$option" | sed 's/--config-file=//'` -+ ;; -+ -+ --grub-defaults) -+ etcdefaultgrub=`argument $option "$@"` -+ shift -+ ;; -+ --grub-defaults=*) -+ etcdefaultgrub=`echo "$option" | sed 's/--grub-defaults=//'` -+ ;; -+ -+ --grub-directory) -+ grubdir=`argument $option "$@"` -+ shift -+ ;; -+ --grub-directory=*) -+ grubdir=`echo "$option" | sed 's/--grub-directory=//'` -+ ;; -+ -+ *) -+ gettext_printf "Unrecognized option \`%s'\n" "$option" 1>&2 -+ usage -+ exit 1 -+ ;; -+ esac -+done -+ -+find_grub_cfg() { -+ local candidate="" -+ while [ -e "${candidate}" -o $# -gt 0 ] -+ do -+ if [ ! -e "${candidate}" ] ; then -+ candidate="$1" -+ shift -+ fi -+ -+ if [ -L "${candidate}" ]; then -+ candidate="$(realpath "${candidate}")" -+ fi -+ -+ if [ -f "${candidate}" ]; then -+ export GRUB_CONFIG_FILE="${candidate}" -+ return 0 -+ fi -+ done -+ return 1 -+} -+ -+if ! find_grub_cfg ${startlink} ${grubdir}/grub.cfg ; then -+ gettext_printf "Couldn't find config file\n" 1>&2 -+ exit 1 -+fi -+ -+if [ ! -d "${blsdir}" ]; then -+ install -m 700 -d "${blsdir}" -+fi -+ -+if [ -f /etc/machine-id ]; then -+ MACHINE_ID=$(cat /etc/machine-id) -+else -+ MACHINE_ID=$(dmesg | sha256sum) -+fi -+ -+mkbls() { -+ local kernelver=$1 && shift -+ local datetime=$1 && shift -+ local kernelopts=$1 && shift -+ -+ local debugname="" -+ local debugid="" -+ local flavor="" -+ -+ if [ "$kernelver" == *\+* ] ; then -+ local flavor=-"${kernelver##*+}" -+ if [ "${flavor}" == "-debug" ]; then -+ local debugname=" with debugging" -+ local debugid="-debug" -+ fi -+ fi -+ ( -+ source /etc/os-release -+ -+ cat <"${bls_target}" -+ -+ if [ "x$GRUB_LINUX_MAKE_DEBUG" = "xtrue" ]; then -+ bls_debug="$(echo ${bls_target} | sed -e "s/${kernelver}/${kernelver}~debug/")" -+ cp -aT "${bls_target}" "${bls_debug}" -+ title="$(grep '^title[ \t]' "${bls_debug}" | sed -e 's/^title[ \t]*//')" -+ options="$(echo "${cmdline} ${GRUB_CMDLINE_LINUX_DEBUG}" | sed -e 's/\//\\\//g')" -+ sed -i -e "s/^title.*/title ${title}${GRUB_LINUX_DEBUG_TITLE_POSTFIX}/" "${bls_debug}" -+ sed -i -e "s/^options.*/options ${options}/" "${bls_debug}" -+ fi -+ done -+ -+ if [ -f "/boot/vmlinuz-0-rescue-${MACHINE_ID}" ]; then -+ mkbls "0-rescue-${MACHINE_ID}" "0" "${bootprefix}" >"${blsdir}/${MACHINE_ID}-0-rescue.conf" -+ fi -+} -+ -+# The grub2 EFI binary is not copied to the ESP as a part of an ostree -+# transaction. Make sure a grub2 version with BLS support is installed -+# but only do this if the blsdir is not set, to make sure that the BLS -+# parsing module will search for the BLS snippets in the default path. -+if test -f /run/ostree-booted && test -d /sys/firmware/efi/efivars && \ -+ ! ${grub_editenv} - list | grep -q blsdir && \ -+ mountpoint -q /boot; then -+ grub_binary="$(find /usr/lib/ostree-boot/efi/EFI/${EFIDIR}/ -name grub*.efi)" -+ install -m 700 ${grub_binary} ${grubdir} || exit 1 -+ # Create a hidden file to indicate that grub2 now has BLS support. -+ touch /boot/grub2/.grub2-blscfg-supported -+fi -+ -+GENERATE=0 -+if grep '^GRUB_ENABLE_BLSCFG=.*' "${etcdefaultgrub}" \ -+ | grep -vq '^GRUB_ENABLE_BLSCFG="*true"*\s*$' ; then -+ if ! sed -i"${backupsuffix}" \ -+ -e 's,^GRUB_ENABLE_BLSCFG=.*,GRUB_ENABLE_BLSCFG=true,' \ -+ "${etcdefaultgrub}" ; then -+ gettext_printf "Updating %s failed\n" "${etcdefaultgrub}" -+ exit 1 -+ fi -+ GENERATE=1 -+elif ! grep -q '^GRUB_ENABLE_BLSCFG=.*' "${etcdefaultgrub}" ; then -+ if ! echo 'GRUB_ENABLE_BLSCFG=true' >> "${etcdefaultgrub}" ; then -+ gettext_printf "Updating %s failed\n" "${etcdefaultgrub}" -+ exit 1 -+ fi -+ GENERATE=1 -+fi -+ -+if [ "${GENERATE}" -eq 1 ] ; then -+ copy_bls -+ -+ if [ $arch = "x86_64" ] && [ ! -d /sys/firmware/efi ]; then -+ mod_dir="i386-pc" -+ elif [ $arch = "ppc64" -o $arch = "ppc64le" ] && [ ! -d /sys/firmware/opal ]; then -+ mod_dir="powerpc-ieee1275" -+ fi -+ -+ if [ -n "${mod_dir}" ]; then -+ for mod in blscfg increment; do -+ install -m 700 ${prefix}/lib/grub/${mod_dir}/${mod}.mod ${grubdir}/$mod_dir/ || exit 1 -+ done -+ fi -+ -+ cp -af "${GRUB_CONFIG_FILE}" "${GRUB_CONFIG_FILE}${backupsuffix}" -+ if ! grub2-mkconfig -o "${GRUB_CONFIG_FILE}" ; then -+ install -m 700 "${GRUB_CONFIG_FILE}${backupsuffix}" "${GRUB_CONFIG_FILE}" -+ sed -i"${backupsuffix}" \ -+ -e 's,^GRUB_ENABLE_BLSCFG=.*,GRUB_ENABLE_BLSCFG=false,' \ -+ "${etcdefaultgrub}" -+ gettext_printf "Updating %s failed\n" "${GRUB_CONFIG_FILE}" -+ exit 1 -+ fi -+fi -+ -+# Bye. -+exit 0 diff --git a/0065-make-better-backtraces.patch b/0065-make-better-backtraces.patch deleted file mode 100644 index 637656719b92e0b946b0eb0431ca4ee4a800e823..0000000000000000000000000000000000000000 --- a/0065-make-better-backtraces.patch +++ /dev/null @@ -1,910 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 Jul 2019 17:05:03 +0200 -Subject: [PATCH] make better backtraces - -Signed-off-by: Peter Jones ---- - Makefile.util.def | 6 ++ - grub-core/Makefile.core.def | 16 ++-- - grub-core/{lib => commands}/backtrace.c | 2 +- - grub-core/gdb/cstub.c | 1 - - grub-core/kern/arm64/backtrace.c | 94 ++++++++++++++++++++++++ - grub-core/kern/backtrace.c | 97 +++++++++++++++++++++++++ - grub-core/kern/dl.c | 45 ++++++++++++ - grub-core/kern/i386/backtrace.c | 125 ++++++++++++++++++++++++++++++++ - grub-core/kern/i386/pc/init.c | 4 +- - grub-core/kern/ieee1275/init.c | 1 - - grub-core/kern/misc.c | 13 ++-- - grub-core/kern/mm.c | 6 +- - grub-core/lib/arm64/backtrace.c | 62 ---------------- - grub-core/lib/i386/backtrace.c | 78 -------------------- - include/grub/backtrace.h | 10 ++- - include/grub/dl.h | 2 + - include/grub/kernel.h | 3 + - grub-core/kern/arm/efi/startup.S | 2 + - grub-core/kern/arm/startup.S | 2 + - grub-core/kern/arm64/efi/startup.S | 2 + - grub-core/kern/i386/qemu/startup.S | 3 +- - grub-core/kern/ia64/efi/startup.S | 3 +- - grub-core/kern/sparc64/ieee1275/crt0.S | 3 +- - grub-core/Makefile.am | 1 + - 24 files changed, 414 insertions(+), 167 deletions(-) - rename grub-core/{lib => commands}/backtrace.c (98%) - create mode 100644 grub-core/kern/arm64/backtrace.c - create mode 100644 grub-core/kern/backtrace.c - create mode 100644 grub-core/kern/i386/backtrace.c - delete mode 100644 grub-core/lib/arm64/backtrace.c - delete mode 100644 grub-core/lib/i386/backtrace.c - -diff --git a/Makefile.util.def b/Makefile.util.def -index a90879fa9ba..48512bc6311 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -51,6 +51,12 @@ library = { - common = grub-core/partmap/msdos.c; - common = grub-core/fs/proc.c; - common = grub-core/fs/archelp.c; -+ common = grub-core/kern/backtrace.c; -+ -+ x86 = grub-core/kern/i386/backtrace.c; -+ i386_xen = grub-core/kern/i386/backtrace.c; -+ x86_64_xen = grub-core/kern/i386/backtrace.c; -+ arm64 = grub-core/kern/arm64/backtrace.c; - }; - - library = { -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 5354f9613d3..4b7c45a7b06 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -142,6 +142,12 @@ kernel = { - common = kern/rescue_reader.c; - common = kern/term.c; - common = kern/verifiers.c; -+ common = kern/backtrace.c; -+ -+ x86 = kern/i386/backtrace.c; -+ i386_xen = kern/i386/backtrace.c; -+ x86_64_xen = kern/i386/backtrace.c; -+ arm64 = kern/arm64/backtrace.c; - - noemu = kern/compiler-rt.c; - noemu = kern/mm.c; -@@ -188,9 +194,6 @@ kernel = { - - softdiv = lib/division.c; - -- x86 = lib/i386/backtrace.c; -- x86 = lib/backtrace.c; -- - i386 = kern/i386/dl.c; - i386_xen = kern/i386/dl.c; - i386_xen_pvh = kern/i386/dl.c; -@@ -2398,15 +2401,12 @@ module = { - - module = { - name = backtrace; -- x86 = lib/i386/backtrace.c; -- i386_xen_pvh = lib/i386/backtrace.c; -- i386_xen = lib/i386/backtrace.c; -- x86_64_xen = lib/i386/backtrace.c; -- common = lib/backtrace.c; -+ common = commands/backtrace.c; - enable = x86; - enable = i386_xen_pvh; - enable = i386_xen; - enable = x86_64_xen; -+ enable = arm64; - }; - - module = { -diff --git a/grub-core/lib/backtrace.c b/grub-core/commands/backtrace.c -similarity index 98% -rename from grub-core/lib/backtrace.c -rename to grub-core/commands/backtrace.c -index c0ad6ab8be1..8b5ec3913b5 100644 ---- a/grub-core/lib/backtrace.c -+++ b/grub-core/commands/backtrace.c -@@ -54,7 +54,7 @@ grub_cmd_backtrace (grub_command_t cmd __attribute__ ((unused)), - int argc __attribute__ ((unused)), - char **args __attribute__ ((unused))) - { -- grub_backtrace (); -+ grub_backtrace (1); - return 0; - } - -diff --git a/grub-core/gdb/cstub.c b/grub-core/gdb/cstub.c -index b64acd70fee..99281472d36 100644 ---- a/grub-core/gdb/cstub.c -+++ b/grub-core/gdb/cstub.c -@@ -215,7 +215,6 @@ grub_gdb_trap (int trap_no) - grub_printf ("Unhandled exception 0x%x at ", trap_no); - grub_backtrace_print_address ((void *) grub_gdb_regs[PC]); - grub_printf ("\n"); -- grub_backtrace_pointer ((void *) grub_gdb_regs[EBP]); - grub_fatal ("Unhandled exception"); - } - -diff --git a/grub-core/kern/arm64/backtrace.c b/grub-core/kern/arm64/backtrace.c -new file mode 100644 -index 00000000000..019c6fdfef2 ---- /dev/null -+++ b/grub-core/kern/arm64/backtrace.c -@@ -0,0 +1,94 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define MAX_STACK_FRAME 102400 -+ -+struct fplr -+{ -+ void *lr; -+ struct fplr *fp; -+}; -+ -+void -+grub_backtrace_pointer (void *frame, unsigned int skip) -+{ -+ unsigned int x = 0; -+ struct fplr *fplr = (struct fplr *)frame; -+ -+ while (fplr) -+ { -+ const char *name = NULL; -+ char *addr = NULL; -+ -+ grub_dprintf("backtrace", "fp is %p next_fp is %p\n", -+ fplr, fplr->fp); -+ -+ if (x >= skip) -+ { -+ name = grub_get_symbol_by_addr (fplr->lr, 1); -+ if (name) -+ addr = grub_resolve_symbol (name); -+ grub_backtrace_print_address (fplr->lr); -+ -+ if (addr && addr != fplr->lr) -+ grub_printf (" %s() %p+%p \n", name ? name : "unknown", addr, -+ (void *)((grub_uint64_t)fplr->lr - (grub_uint64_t)addr)); -+ else -+ grub_printf(" %s() %p \n", name ? name : "unknown", addr); -+ -+ } -+ -+ x += 1; -+ -+ if (fplr->fp < fplr || -+ (grub_uint64_t)fplr->fp - (grub_uint64_t)fplr > MAX_STACK_FRAME || -+ fplr->fp == fplr) -+ { -+ break; -+ } -+ fplr = fplr->fp; -+ } -+} -+ -+asm ("\t.global \"_text\"\n" -+ "_text:\n" -+ "\t.quad .text\n" -+ "\t.global \"_data\"\n" -+ "_data:\n" -+ "\t.quad .data\n" -+ ); -+ -+extern grub_uint64_t _text; -+extern grub_uint64_t _data; -+ -+void -+grub_backtrace_arch (unsigned int skip) -+{ -+ grub_printf ("Backtrace (.text %p .data %p):\n", -+ (void *)_text, (void *)_data); -+ skip += 1; -+ grub_backtrace_pointer(__builtin_frame_address(0), skip); -+} -diff --git a/grub-core/kern/backtrace.c b/grub-core/kern/backtrace.c -new file mode 100644 -index 00000000000..4a82e865cc6 ---- /dev/null -+++ b/grub-core/kern/backtrace.c -@@ -0,0 +1,97 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static void -+grub_backtrace_print_address_default (void *addr) -+{ -+#ifndef GRUB_UTIL -+ grub_dl_t mod; -+ void *start_addr; -+ -+ FOR_DL_MODULES (mod) -+ { -+ grub_dl_segment_t segment; -+ for (segment = mod->segment; segment; segment = segment->next) -+ if (segment->addr <= addr && (grub_uint8_t *) segment->addr -+ + segment->size > (grub_uint8_t *) addr) -+ { -+ grub_printf ("%s.%x+%" PRIxGRUB_SIZE, mod->name, -+ segment->section, -+ (grub_size_t) -+ ((grub_uint8_t *)addr - (grub_uint8_t *)segment->addr)); -+ return; -+ } -+ } -+ -+ start_addr = grub_resolve_symbol ("_start"); -+ if (start_addr && start_addr < addr) -+ grub_printf ("kernel+%" PRIxGRUB_SIZE, -+ (grub_size_t) -+ ((grub_uint8_t *)addr - (grub_uint8_t *)start_addr)); -+ else -+#endif -+ grub_printf ("%p", addr); -+} -+ -+static void -+grub_backtrace_pointer_default (void *frame __attribute__((__unused__)), -+ unsigned int skip __attribute__((__unused__))) -+{ -+ return; -+} -+ -+void -+grub_backtrace_pointer (void *frame, unsigned int skip) -+ __attribute__((__weak__, -+ __alias__(("grub_backtrace_pointer_default")))); -+ -+void -+grub_backtrace_print_address (void *addr) -+ __attribute__((__weak__, -+ __alias__(("grub_backtrace_print_address_default")))); -+ -+static void -+grub_backtrace_arch_default(unsigned int skip) -+{ -+ grub_backtrace_pointer(__builtin_frame_address(0), skip + 1); -+} -+ -+void grub_backtrace_arch (unsigned int skip) -+ __attribute__((__weak__, __alias__(("grub_backtrace_arch_default")))); -+ -+void grub_backtrace (unsigned int skip) -+{ -+ grub_backtrace_arch(skip + 1); -+} -+ -+void grub_debug_backtrace (const char * const debug, -+ unsigned int skip) -+{ -+ if (grub_debug_enabled (debug)) -+ grub_backtrace (skip + 1); -+} -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index 7afb9e6f724..88d2077709e 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -124,6 +124,50 @@ grub_dl_resolve_symbol (const char *name) - return 0; - } - -+void * -+grub_resolve_symbol (const char *name) -+{ -+ grub_symbol_t sym; -+ -+ sym = grub_dl_resolve_symbol (name); -+ if (sym) -+ return sym->addr; -+ return NULL; -+} -+ -+const char * -+grub_get_symbol_by_addr(const void *addr, int isfunc) -+{ -+ unsigned int i; -+ grub_symbol_t before = NULL, after = NULL; -+ for (i = 0; i < GRUB_SYMTAB_SIZE; i++) -+ { -+ grub_symbol_t sym; -+ for (sym = grub_symtab[i]; sym; sym = sym->next) -+ { -+ //grub_printf ("addr 0x%08llx symbol %s\n", (unsigned long long)sym->addr, sym->name); -+ if (sym->addr > addr) -+ { -+ if (!after || sym->addr > after->addr) -+ after = sym; -+ } -+ -+ if (isfunc != sym->isfunc) -+ continue; -+ if (sym->addr > addr) -+ continue; -+ -+ if ((!before && sym->addr <= addr) || (before && before->addr <= sym->addr)) -+ before = sym; -+ } -+ } -+ -+ if (before && addr < after->addr) -+ return before->name; -+ -+ return NULL; -+} -+ - /* Register a symbol with the name NAME and the address ADDR. */ - grub_err_t - grub_dl_register_symbol (const char *name, void *addr, int isfunc, -@@ -336,6 +380,7 @@ grub_dl_resolve_symbols (grub_dl_t mod, Elf_Ehdr *e) - const char *str; - Elf_Word size, entsize; - -+ grub_dprintf ("modules", "Resolving symbols for \"%s\"\n", mod->name); - for (i = 0, s = (Elf_Shdr *) ((char *) e + e->e_shoff); - i < e->e_shnum; - i++, s = (Elf_Shdr *) ((char *) s + e->e_shentsize)) -diff --git a/grub-core/kern/i386/backtrace.c b/grub-core/kern/i386/backtrace.c -new file mode 100644 -index 00000000000..2413f9a57db ---- /dev/null -+++ b/grub-core/kern/i386/backtrace.c -@@ -0,0 +1,125 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define MAX_STACK_FRAME 102400 -+ -+void -+grub_backtrace_pointer (void *frame, unsigned int skip) -+{ -+ void **ebp = (void **)frame; -+ unsigned long x = 0; -+ -+ while (ebp) -+ { -+ void **next_ebp = (void **)ebp[0]; -+ const char *name = NULL; -+ char *addr = NULL; -+ -+ grub_dprintf("backtrace", "ebp is %p next_ebp is %p\n", ebp, next_ebp); -+ -+ if (x >= skip) -+ { -+ name = grub_get_symbol_by_addr (ebp[1], 1); -+ if (name) -+ addr = grub_resolve_symbol (name); -+ grub_backtrace_print_address (ebp[1]); -+ -+ if (addr && addr != ebp[1]) -+ grub_printf (" %s() %p+%p \n", name ? name : "unknown", addr, -+ (char *)((char *)ebp[1] - addr)); -+ else -+ grub_printf(" %s() %p \n", name ? name : "unknown", addr); -+ -+#if 0 -+ grub_printf ("("); -+ for (i = 0, arg = ebp[2]; arg != next_ebp && i < 12; arg++, i++) -+ grub_printf ("%p,", arg); -+ grub_printf (")\n"); -+#endif -+ } -+ -+ x += 1; -+ -+ if (next_ebp < ebp || next_ebp - ebp > MAX_STACK_FRAME || next_ebp == ebp) -+ { -+ //grub_printf ("Invalid stack frame at %p (%p)\n", ebp, next_ebp); -+ break; -+ } -+ ebp = next_ebp; -+ } -+} -+ -+#if defined (__x86_64__) -+asm ("\t.global \"_text\"\n" -+ "_text:\n" -+ "\t.quad .text\n" -+ "\t.global \"_data\"\n" -+ "_data:\n" -+ "\t.quad .data\n" -+ ); -+#elif defined(__i386__) -+asm ("\t.global \"_text\"\n" -+ "_text:\n" -+ "\t.long .text\n" -+ "\t.global \"_data\"\n" -+ "_data:\n" -+ "\t.long .data\n" -+ ); -+#else -+#warning I dunno... -+#endif -+ -+extern unsigned long _text; -+extern unsigned long _data; -+ -+#ifdef GRUB_UTIL -+#define EXT_C(x) x -+#endif -+ -+void -+grub_backtrace_arch (unsigned int skip) -+{ -+ grub_printf ("Backtrace (.text %p .data %p):\n", -+ (void *)_text, (void *)_data); -+ skip += 1; -+#if defined (__x86_64__) -+ asm volatile ("movq %%rbp, %%rdi\n" -+ "movq 0, %%rsi\n" -+ "movl %0, %%esi\n" -+ "call " EXT_C("grub_backtrace_pointer") -+ : -+ : "r" (skip)); -+#elif defined(__i386__) -+ asm volatile ("addl $8, %%esp\n" -+ "pushl %0\n" -+ "pushl %%ebp\n" -+ "call " EXT_C("grub_backtrace_pointer") -+ : -+ : "r" (skip)); -+#else -+ grub_backtrace_pointer(__builtin_frame_address(0), skip); -+#endif -+} -diff --git a/grub-core/kern/i386/pc/init.c b/grub-core/kern/i386/pc/init.c -index 27bc68b8a53..b51d0abfa6e 100644 ---- a/grub-core/kern/i386/pc/init.c -+++ b/grub-core/kern/i386/pc/init.c -@@ -153,7 +153,7 @@ compact_mem_regions (void) - } - - grub_addr_t grub_modbase; --extern grub_uint8_t _start[], _edata[]; -+extern grub_uint8_t _edata[]; - - /* Helper for grub_machine_init. */ - static int -@@ -217,7 +217,7 @@ grub_machine_init (void) - /* This has to happen before any BIOS calls. */ - grub_via_workaround_init (); - -- grub_modbase = GRUB_MEMORY_MACHINE_DECOMPRESSION_ADDR + (_edata - _start); -+ grub_modbase = GRUB_MEMORY_MACHINE_DECOMPRESSION_ADDR + (_edata - (grub_uint8_t *)_start); - - /* Initialize the console as early as possible. */ - grub_console_init (); -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index 0cd2a627231..937c1bc44cb 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -63,7 +63,6 @@ - #define HEAP_MAX_ADDR (unsigned long) (32 * 1024 * 1024) - #endif - --extern char _start[]; - extern char _end[]; - - #ifdef __sparc__ -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index c60601b699d..a432a6be54a 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -1197,15 +1197,15 @@ grub_printf_fmt_check (const char *fmt, const char *fmt_expected) - - - /* Abort GRUB. This function does not return. */ --static void __attribute__ ((noreturn)) -+static inline void __attribute__ ((noreturn)) - grub_abort (void) - { --#ifndef GRUB_UTIL --#if (defined(__i386__) || defined(__x86_64__)) && !defined(GRUB_MACHINE_EMU) -- grub_backtrace(); -+#if !defined(GRUB_MACHINE_EMU) && !defined(GRUB_UTIL) -+ grub_backtrace (1); -+#else -+ grub_printf ("\n"); - #endif --#endif -- grub_printf ("\nAborted."); -+ grub_printf ("Aborted."); - - #ifndef GRUB_UTIL - if (grub_term_inputs) -@@ -1232,6 +1232,7 @@ grub_fatal (const char *fmt, ...) - { - va_list ap; - -+ grub_printf ("\n"); - va_start (ap, fmt); - grub_vprintf (_(fmt), ap); - va_end (ap); -diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c -index c070afc621f..d8c8377578b 100644 ---- a/grub-core/kern/mm.c -+++ b/grub-core/kern/mm.c -@@ -97,13 +97,13 @@ get_header_from_pointer (void *ptr, grub_mm_header_t *p, grub_mm_region_t *r) - break; - - if (! *r) -- grub_fatal ("out of range pointer %p", ptr); -+ grub_fatal ("out of range pointer %p\n", ptr); - - *p = (grub_mm_header_t) ptr - 1; - if ((*p)->magic == GRUB_MM_FREE_MAGIC) -- grub_fatal ("double free at %p", *p); -+ grub_fatal ("double free at %p\n", *p); - if ((*p)->magic != GRUB_MM_ALLOC_MAGIC) -- grub_fatal ("alloc magic is broken at %p: %lx", *p, -+ grub_fatal ("alloc magic is broken at %p: %lx\n", *p, - (unsigned long) (*p)->magic); - } - -diff --git a/grub-core/lib/arm64/backtrace.c b/grub-core/lib/arm64/backtrace.c -deleted file mode 100644 -index 1079b5380e1..00000000000 ---- a/grub-core/lib/arm64/backtrace.c -+++ /dev/null -@@ -1,62 +0,0 @@ --/* -- * GRUB -- GRand Unified Bootloader -- * Copyright (C) 2009 Free Software Foundation, Inc. -- * -- * GRUB is free software: you can redistribute it and/or modify -- * it under the terms of the GNU General Public License as published by -- * the Free Software Foundation, either version 3 of the License, or -- * (at your option) any later version. -- * -- * GRUB is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with GRUB. If not, see . -- */ -- --#include --#include --#include --#include --#include --#include --#include -- --#define MAX_STACK_FRAME 102400 -- --void --grub_backtrace_pointer (int frame) --{ -- while (1) -- { -- void *lp = __builtin_return_address (frame); -- if (!lp) -- break; -- -- lp = __builtin_extract_return_addr (lp); -- -- grub_printf ("%p: ", lp); -- grub_backtrace_print_address (lp); -- grub_printf (" ("); -- for (i = 0; i < 2; i++) -- grub_printf ("%p,", ((void **)ptr) [i + 2]); -- grub_printf ("%p)\n", ((void **)ptr) [i + 2]); -- nptr = *(void **)ptr; -- if (nptr < ptr || (void **) nptr - (void **) ptr > MAX_STACK_FRAME -- || nptr == ptr) -- { -- grub_printf ("Invalid stack frame at %p (%p)\n", ptr, nptr); -- break; -- } -- ptr = nptr; -- } --} -- --void --grub_backtrace (void) --{ -- grub_backtrace_pointer (1); --} -- -diff --git a/grub-core/lib/i386/backtrace.c b/grub-core/lib/i386/backtrace.c -deleted file mode 100644 -index c67273db3ae..00000000000 ---- a/grub-core/lib/i386/backtrace.c -+++ /dev/null -@@ -1,78 +0,0 @@ --/* -- * GRUB -- GRand Unified Bootloader -- * Copyright (C) 2009 Free Software Foundation, Inc. -- * -- * GRUB is free software: you can redistribute it and/or modify -- * it under the terms of the GNU General Public License as published by -- * the Free Software Foundation, either version 3 of the License, or -- * (at your option) any later version. -- * -- * GRUB is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with GRUB. If not, see . -- */ --#include --#ifdef GRUB_UTIL --#define REALLY_GRUB_UTIL GRUB_UTIL --#undef GRUB_UTIL --#endif -- --#include --#include -- --#ifdef REALLY_GRUB_UTIL --#define GRUB_UTIL REALLY_GRUB_UTIL --#undef REALLY_GRUB_UTIL --#endif -- --#include --#include --#include --#include --#include --#include -- --#define MAX_STACK_FRAME 102400 -- --void --grub_backtrace_pointer (void *ebp) --{ -- void *ptr, *nptr; -- unsigned i; -- -- ptr = ebp; -- while (1) -- { -- grub_printf ("%p: ", ptr); -- grub_backtrace_print_address (((void **) ptr)[1]); -- grub_printf (" ("); -- for (i = 0; i < 2; i++) -- grub_printf ("%p,", ((void **)ptr) [i + 2]); -- grub_printf ("%p)\n", ((void **)ptr) [i + 2]); -- nptr = *(void **)ptr; -- if (nptr < ptr || (void **) nptr - (void **) ptr > MAX_STACK_FRAME -- || nptr == ptr) -- { -- grub_printf ("Invalid stack frame at %p (%p)\n", ptr, nptr); -- break; -- } -- ptr = nptr; -- } --} -- --void --grub_backtrace (void) --{ --#ifdef __x86_64__ -- asm volatile ("movq %%rbp, %%rdi\n" -- "callq *%%rax": :"a"(grub_backtrace_pointer)); --#else -- asm volatile ("movl %%ebp, %%eax\n" -- "calll *%%ecx": :"c"(grub_backtrace_pointer)); --#endif --} -- -diff --git a/include/grub/backtrace.h b/include/grub/backtrace.h -index 395519762f0..275cf85e2d3 100644 ---- a/include/grub/backtrace.h -+++ b/include/grub/backtrace.h -@@ -19,8 +19,14 @@ - #ifndef GRUB_BACKTRACE_HEADER - #define GRUB_BACKTRACE_HEADER 1 - --void grub_backtrace (void); --void grub_backtrace_pointer (void *ptr); -+#include -+#include -+ -+void EXPORT_FUNC(grub_debug_backtrace) (const char * const debug, -+ unsigned int skip); -+void EXPORT_FUNC(grub_backtrace) (unsigned int skip); -+void grub_backtrace_arch (unsigned int skip); -+void grub_backtrace_pointer (void *ptr, unsigned int skip); - void grub_backtrace_print_address (void *addr); - - #endif -diff --git a/include/grub/dl.h b/include/grub/dl.h -index 91933b85f2c..2f76e6b0437 100644 ---- a/include/grub/dl.h -+++ b/include/grub/dl.h -@@ -259,6 +259,8 @@ grub_dl_is_persistent (grub_dl_t mod) - - #endif - -+void * EXPORT_FUNC(grub_resolve_symbol) (const char *name); -+const char * EXPORT_FUNC(grub_get_symbol_by_addr) (const void *addr, int isfunc); - grub_err_t grub_dl_register_symbol (const char *name, void *addr, - int isfunc, grub_dl_t mod); - -diff --git a/include/grub/kernel.h b/include/grub/kernel.h -index abbca5ea335..300a9766cda 100644 ---- a/include/grub/kernel.h -+++ b/include/grub/kernel.h -@@ -111,6 +111,9 @@ grub_addr_t grub_modules_get_end (void); - - #endif - -+void EXPORT_FUNC(start) (void); -+void EXPORT_FUNC(_start) (void); -+ - /* The start point of the C code. */ - void grub_main (void) __attribute__ ((noreturn)); - -diff --git a/grub-core/kern/arm/efi/startup.S b/grub-core/kern/arm/efi/startup.S -index 9f8265315a9..f3bc41f9d0f 100644 ---- a/grub-core/kern/arm/efi/startup.S -+++ b/grub-core/kern/arm/efi/startup.S -@@ -23,6 +23,8 @@ - .file "startup.S" - .text - .arm -+ .globl start, _start -+FUNCTION(start) - FUNCTION(_start) - /* - * EFI_SYSTEM_TABLE and EFI_HANDLE are passed in r1/r0. -diff --git a/grub-core/kern/arm/startup.S b/grub-core/kern/arm/startup.S -index 3946fe8e183..5679a1d00ad 100644 ---- a/grub-core/kern/arm/startup.S -+++ b/grub-core/kern/arm/startup.S -@@ -48,6 +48,8 @@ - - .text - .arm -+ .globl start, _start -+FUNCTION(start) - FUNCTION(_start) - b codestart - -diff --git a/grub-core/kern/arm64/efi/startup.S b/grub-core/kern/arm64/efi/startup.S -index 666a7ee3c92..41676bdb2b8 100644 ---- a/grub-core/kern/arm64/efi/startup.S -+++ b/grub-core/kern/arm64/efi/startup.S -@@ -19,7 +19,9 @@ - #include - - .file "startup.S" -+ .globl start, _start - .text -+FUNCTION(start) - FUNCTION(_start) - /* - * EFI_SYSTEM_TABLE and EFI_HANDLE are passed in x1/x0. -diff --git a/grub-core/kern/i386/qemu/startup.S b/grub-core/kern/i386/qemu/startup.S -index 0d89858d9b3..939f182fc74 100644 ---- a/grub-core/kern/i386/qemu/startup.S -+++ b/grub-core/kern/i386/qemu/startup.S -@@ -24,7 +24,8 @@ - - .text - .code32 -- .globl _start -+ .globl start, _start -+start: - _start: - jmp codestart - -diff --git a/grub-core/kern/ia64/efi/startup.S b/grub-core/kern/ia64/efi/startup.S -index d75c6d7cc74..8f2a593e529 100644 ---- a/grub-core/kern/ia64/efi/startup.S -+++ b/grub-core/kern/ia64/efi/startup.S -@@ -24,8 +24,9 @@ - .psr lsb - .lsb - -- .global _start -+ .global start, _start - .proc _start -+start: - _start: - alloc loc0=ar.pfs,2,4,0,0 - mov loc1=rp -diff --git a/grub-core/kern/sparc64/ieee1275/crt0.S b/grub-core/kern/sparc64/ieee1275/crt0.S -index 03b916f0534..701bf63abcf 100644 ---- a/grub-core/kern/sparc64/ieee1275/crt0.S -+++ b/grub-core/kern/sparc64/ieee1275/crt0.S -@@ -22,7 +22,8 @@ - - .text - .align 4 -- .globl _start -+ .globl start, _start -+start: - _start: - ba codestart - mov %o4, %o0 -diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am -index 80e7a83edf9..f512573c0da 100644 ---- a/grub-core/Makefile.am -+++ b/grub-core/Makefile.am -@@ -66,6 +66,7 @@ CLEANFILES += grub_script.yy.c grub_script.yy.h - - include $(srcdir)/Makefile.core.am - -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/backtrace.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/cache.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/command.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/device.h diff --git a/0066-normal-don-t-draw-our-startup-message-if-debug-is-se.patch b/0066-normal-don-t-draw-our-startup-message-if-debug-is-se.patch deleted file mode 100644 index 9ebfc7ae01e3d4057d5879b7faf3f5e52bf176d4..0000000000000000000000000000000000000000 --- a/0066-normal-don-t-draw-our-startup-message-if-debug-is-se.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 9 Nov 2017 15:58:52 -0500 -Subject: [PATCH] normal: don't draw our startup message if debug is set - ---- - grub-core/normal/main.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index d5df4f815b0..1970e4816a8 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -430,6 +430,9 @@ grub_normal_reader_init (int nested) - const char *msg_esc = _("ESC at any time exits."); - char *msg_formatted; - -+ if (grub_env_get ("debug") != NULL) -+ return 0; -+ - msg_formatted = grub_xasprintf (_("Minimal BASH-like line editing is supported. For " - "the first word, TAB lists possible command completions. Anywhere " - "else TAB lists possible device or file completions. %s"), diff --git a/0067-Work-around-some-minor-include-path-weirdnesses.patch b/0067-Work-around-some-minor-include-path-weirdnesses.patch deleted file mode 100644 index 460d792707723c4de647d169db2f2316a995b5ce..0000000000000000000000000000000000000000 --- a/0067-Work-around-some-minor-include-path-weirdnesses.patch +++ /dev/null @@ -1,137 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 16 Mar 2018 13:28:57 -0400 -Subject: [PATCH] Work around some minor include path weirdnesses - -Signed-off-by: Peter Jones ---- - include/grub/arm/efi/console.h | 24 ++++++++++++++++++++++++ - include/grub/arm64/efi/console.h | 24 ++++++++++++++++++++++++ - include/grub/i386/efi/console.h | 24 ++++++++++++++++++++++++ - include/grub/x86_64/efi/console.h | 24 ++++++++++++++++++++++++ - 4 files changed, 96 insertions(+) - create mode 100644 include/grub/arm/efi/console.h - create mode 100644 include/grub/arm64/efi/console.h - create mode 100644 include/grub/i386/efi/console.h - create mode 100644 include/grub/x86_64/efi/console.h - -diff --git a/include/grub/arm/efi/console.h b/include/grub/arm/efi/console.h -new file mode 100644 -index 00000000000..1592f6f76b5 ---- /dev/null -+++ b/include/grub/arm/efi/console.h -@@ -0,0 +1,24 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2005,2006,2007 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_ARM_EFI_CONSOLE_H -+#define GRUB_ARM_EFI_CONSOLE_H -+ -+#include -+ -+#endif /* ! GRUB_ARM_EFI_CONSOLE_H */ -diff --git a/include/grub/arm64/efi/console.h b/include/grub/arm64/efi/console.h -new file mode 100644 -index 00000000000..95689339384 ---- /dev/null -+++ b/include/grub/arm64/efi/console.h -@@ -0,0 +1,24 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2005,2006,2007 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_ARM64_EFI_CONSOLE_H -+#define GRUB_ARM64_EFI_CONSOLE_H -+ -+#include -+ -+#endif /* ! GRUB_ARM64_EFI_CONSOLE_H */ -diff --git a/include/grub/i386/efi/console.h b/include/grub/i386/efi/console.h -new file mode 100644 -index 00000000000..9231375cb07 ---- /dev/null -+++ b/include/grub/i386/efi/console.h -@@ -0,0 +1,24 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2005,2006,2007 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_I386_EFI_CONSOLE_H -+#define GRUB_I386_EFI_CONSOLE_H -+ -+#include -+ -+#endif /* ! GRUB_I386_EFI_CONSOLE_H */ -diff --git a/include/grub/x86_64/efi/console.h b/include/grub/x86_64/efi/console.h -new file mode 100644 -index 00000000000..dba9d8678d0 ---- /dev/null -+++ b/include/grub/x86_64/efi/console.h -@@ -0,0 +1,24 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2005,2006,2007 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_X86_64_EFI_CONSOLE_H -+#define GRUB_X86_64_EFI_CONSOLE_H -+ -+#include -+ -+#endif /* ! GRUB_X86_64_EFI_CONSOLE_H */ diff --git a/0068-Make-it-possible-to-enabled-build-id-sha1.patch b/0068-Make-it-possible-to-enabled-build-id-sha1.patch deleted file mode 100644 index f68fc58b8f4fa084d624f50f52dfca042084562f..0000000000000000000000000000000000000000 --- a/0068-Make-it-possible-to-enabled-build-id-sha1.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 25 Jun 2015 15:41:06 -0400 -Subject: [PATCH] Make it possible to enabled --build-id=sha1 - -Signed-off-by: Peter Jones ---- - configure.ac | 8 ++++++++ - acinclude.m4 | 19 +++++++++++++++++++ - 2 files changed, 27 insertions(+) - -diff --git a/configure.ac b/configure.ac -index a0030632220..b50fb2e9897 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1470,7 +1470,15 @@ grub_PROG_TARGET_CC - if test "x$TARGET_APPLE_LINKER" != x1 ; then - grub_PROG_OBJCOPY_ABSOLUTE - fi -+ -+AC_ARG_ENABLE([build-id], -+ [AS_HELP_STRING([--enable-build-id], -+ [ask the linker to supply build-id notes (default=no)])]) -+if test x$enable_build_id = xyes; then -+grub_PROG_LD_BUILD_ID_SHA1 -+else - grub_PROG_LD_BUILD_ID_NONE -+fi - if test "x$target_cpu" = xi386; then - if test "$platform" != emu && test "x$TARGET_APPLE_LINKER" != x1 ; then - if test ! -z "$TARGET_IMG_LDSCRIPT"; then -diff --git a/acinclude.m4 b/acinclude.m4 -index 6e14bb553c6..21238fcfd03 100644 ---- a/acinclude.m4 -+++ b/acinclude.m4 -@@ -136,6 +136,25 @@ if test "x$grub_cv_prog_ld_build_id_none" = xyes; then - fi - ]) - -+dnl Supply --build-id=sha1 to ld if building modules. -+dnl This suppresses warnings from ld on some systems -+AC_DEFUN([grub_PROG_LD_BUILD_ID_SHA1], -+[AC_MSG_CHECKING([whether linker accepts --build-id=sha1]) -+AC_CACHE_VAL(grub_cv_prog_ld_build_id_sha1, -+[save_LDFLAGS="$LDFLAGS" -+LDFLAGS="$LDFLAGS -Wl,--build-id=sha1" -+AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], -+ [grub_cv_prog_ld_build_id_sha1=yes], -+ [grub_cv_prog_ld_build_id_sha1=no]) -+LDFLAGS="$save_LDFLAGS" -+]) -+AC_MSG_RESULT([$grub_cv_prog_ld_build_id_sha1]) -+ -+if test "x$grub_cv_prog_ld_build_id_sha1" = xyes; then -+ TARGET_LDFLAGS="$TARGET_LDFLAGS -Wl,--build-id=sha1" -+fi -+]) -+ - dnl Check nm - AC_DEFUN([grub_PROG_NM_WORKS], - [AC_MSG_CHECKING([whether nm works]) diff --git a/0069-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch b/0069-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch deleted file mode 100644 index a8a757e5f5b9d178564c4471ae656e909532290a..0000000000000000000000000000000000000000 --- a/0069-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Sun, 28 Jun 2015 13:09:58 -0400 -Subject: [PATCH] Add grub_qdprintf() - grub_dprintf() without the file+line - number. - -This just makes copy+paste of our debug loading info easier. - -Signed-off-by: Peter Jones ---- - grub-core/kern/misc.c | 18 ++++++++++++++++++ - include/grub/misc.h | 2 ++ - 2 files changed, 20 insertions(+) - -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index a432a6be54a..9a2fae6398e 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -191,6 +191,24 @@ grub_real_dprintf (const char *file, const int line, const char *condition, - } - } - -+void -+grub_qdprintf (const char *condition, const char *fmt, ...) -+{ -+ va_list args; -+ const char *debug = grub_env_get ("debug"); -+ -+ if (! debug) -+ return; -+ -+ if (grub_strword (debug, "all") || grub_strword (debug, condition)) -+ { -+ va_start (args, fmt); -+ grub_vprintf (fmt, args); -+ va_end (args); -+ grub_refresh (); -+ } -+} -+ - #define PREALLOC_SIZE 255 - - int -diff --git a/include/grub/misc.h b/include/grub/misc.h -index fd18e6320b8..3adc4036e3b 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -345,6 +345,8 @@ void EXPORT_FUNC(grub_real_dprintf) (const char *file, - const int line, - const char *condition, - const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 4, 5))); -+void EXPORT_FUNC(grub_qdprintf) (const char *condition, -+ const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 2, 3))); - int EXPORT_FUNC(grub_vprintf) (const char *fmt, va_list args); - int EXPORT_FUNC(grub_snprintf) (char *str, grub_size_t n, const char *fmt, ...) - __attribute__ ((format (GNU_PRINTF, 3, 4))); diff --git a/0070-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch b/0070-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch deleted file mode 100644 index 75de764ad4103b03e338d9ec8baa9189668e285b..0000000000000000000000000000000000000000 --- a/0070-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch +++ /dev/null @@ -1,178 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 25 Jun 2015 15:11:36 -0400 -Subject: [PATCH] Make a "gdb" dprintf that tells us load addresses. - -This makes a grub_dprintf() call during platform init and during module -loading that tells us the virtual addresses of the .text and .data -sections of grub-core/kernel.exec and any modules it loads. - -Specifically, it displays them in the gdb "add-symbol-file" syntax, with -the presumption that there's a variable $grubdir that reflects the path -to any such binaries. - -Signed-off-by: Peter Jones ---- - grub-core/kern/dl.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++ - grub-core/kern/efi/efi.c | 4 ++-- - grub-core/kern/efi/init.c | 26 +++++++++++++++++++++++- - include/grub/efi/efi.h | 2 +- - 4 files changed, 78 insertions(+), 4 deletions(-) - -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index 88d2077709e..9557254035e 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -501,6 +501,23 @@ grub_dl_find_section (Elf_Ehdr *e, const char *name) - return s; - return NULL; - } -+static long -+grub_dl_find_section_index (Elf_Ehdr *e, const char *name) -+{ -+ Elf_Shdr *s; -+ const char *str; -+ unsigned i; -+ -+ s = (Elf_Shdr *) ((char *) e + e->e_shoff + e->e_shstrndx * e->e_shentsize); -+ str = (char *) e + s->sh_offset; -+ -+ for (i = 0, s = (Elf_Shdr *) ((char *) e + e->e_shoff); -+ i < e->e_shnum; -+ i++, s = (Elf_Shdr *) ((char *) s + e->e_shentsize)) -+ if (grub_strcmp (str + s->sh_name, name) == 0) -+ return (long)i; -+ return -1; -+} - - /* Me, Vladimir Serbinenko, hereby I add this module check as per new - GNU module policy. Note that this license check is informative only. -@@ -653,6 +670,37 @@ grub_dl_relocate_symbols (grub_dl_t mod, void *ehdr) - - return GRUB_ERR_NONE; - } -+static void -+grub_dl_print_gdb_info (grub_dl_t mod, Elf_Ehdr *e) -+{ -+ void *text, *data = NULL; -+ long idx; -+ -+ idx = grub_dl_find_section_index (e, ".text"); -+ if (idx < 0) -+ return; -+ -+ text = grub_dl_get_section_addr (mod, idx); -+ if (!text) -+ return; -+ -+ idx = grub_dl_find_section_index (e, ".data"); -+ if (idx >= 0) -+ data = grub_dl_get_section_addr (mod, idx); -+ -+ if (data) -+ grub_qdprintf ("gdb", "add-symbol-file \\\n" -+ "/usr/lib/debug/usr/lib/grub/%s-%s/%s.debug " -+ "\\\n %p -s .data %p\n", -+ GRUB_TARGET_CPU, GRUB_PLATFORM, -+ mod->name, text, data); -+ else -+ grub_qdprintf ("gdb", "add-symbol-file \\\n" -+ "/usr/lib/debug/usr/lib/grub/%s-%s/%s.debug " -+ "\\\n%p\n", -+ GRUB_TARGET_CPU, GRUB_PLATFORM, -+ mod->name, text); -+} - - /* Load a module from core memory. */ - grub_dl_t -@@ -712,6 +760,8 @@ grub_dl_load_core_noinit (void *addr, grub_size_t size) - grub_dprintf ("modules", "module name: %s\n", mod->name); - grub_dprintf ("modules", "init function: %p\n", mod->init); - -+ grub_dl_print_gdb_info (mod, e); -+ - if (grub_dl_add (mod)) - { - grub_dl_unload (mod); -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index ae9885edb84..d6a2fb57789 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -296,7 +296,7 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, - /* Search the mods section from the PE32/PE32+ image. This code uses - a PE32 header, but should work with PE32+ as well. */ - grub_addr_t --grub_efi_modules_addr (void) -+grub_efi_section_addr (const char *section_name) - { - grub_efi_loaded_image_t *image; - struct grub_pe32_header *header; -@@ -321,7 +321,7 @@ grub_efi_modules_addr (void) - i < coff_header->num_sections; - i++, section++) - { -- if (grub_strcmp (section->name, "mods") == 0) -+ if (grub_strcmp (section->name, section_name) == 0) - break; - } - -diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c -index 6d39bd3ad29..2d12e6188fd 100644 ---- a/grub-core/kern/efi/init.c -+++ b/grub-core/kern/efi/init.c -@@ -115,10 +115,33 @@ grub_efi_env_init (void) - grub_free (envblk_s.buf); - } - -+static void -+grub_efi_print_gdb_info (void) -+{ -+ grub_addr_t text; -+ grub_addr_t data; -+ -+ text = grub_efi_section_addr (".text"); -+ if (!text) -+ return; -+ -+ data = grub_efi_section_addr (".data"); -+ if (data) -+ grub_qdprintf ("gdb", -+ "add-symbol-file /usr/lib/debug/usr/lib/grub/%s-%s/" -+ "kernel.exec %p -s .data %p\n", -+ GRUB_TARGET_CPU, GRUB_PLATFORM, (void *)text, (void *)data); -+ else -+ grub_qdprintf ("gdb", -+ "add-symbol-file /usr/lib/debug/usr/lib/grub/%s-%s/" -+ "kernel.exec %p\n", -+ GRUB_TARGET_CPU, GRUB_PLATFORM, (void *)text); -+} -+ - void - grub_efi_init (void) - { -- grub_modbase = grub_efi_modules_addr (); -+ grub_modbase = grub_efi_section_addr ("mods"); - /* First of all, initialize the console so that GRUB can display - messages. */ - grub_console_init (); -@@ -142,6 +165,7 @@ grub_efi_init (void) - 0, 0, 0, NULL); - - grub_efi_env_init (); -+ grub_efi_print_gdb_info (); - grub_efidisk_init (); - } - -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 03f9a9d0118..2e0691454b1 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -138,7 +138,7 @@ grub_err_t grub_arch_efi_linux_check_image(struct linux_arch_kernel_header *lh); - grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, char *args); - #endif - --grub_addr_t grub_efi_modules_addr (void); -+grub_addr_t grub_efi_section_addr (const char *section); - - void grub_efi_mm_init (void); - void grub_efi_mm_fini (void); diff --git a/0071-Fixup-for-newer-compiler.patch b/0071-Fixup-for-newer-compiler.patch deleted file mode 100644 index 12dd193e612d4eb766eca7f309ad1f8234db1a1d..0000000000000000000000000000000000000000 --- a/0071-Fixup-for-newer-compiler.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 10 May 2018 13:40:19 -0400 -Subject: [PATCH] Fixup for newer compiler - ---- - grub-core/fs/btrfs.c | 2 +- - include/grub/gpt_partition.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 2b21cbaa67e..4cc86e9b79e 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -218,7 +218,7 @@ struct grub_btrfs_inode - grub_uint64_t size; - grub_uint8_t dummy2[0x70]; - struct grub_btrfs_time mtime; --} GRUB_PACKED; -+} GRUB_PACKED __attribute__ ((aligned(8))); - - struct grub_btrfs_extent_data - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 7a93f43291c..8212697bf6b 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -76,7 +76,7 @@ struct grub_gpt_partentry - grub_uint64_t end; - grub_uint64_t attrib; - char name[72]; --} GRUB_PACKED; -+} GRUB_PACKED __attribute__ ((aligned(8))); - - grub_err_t - grub_gpt_partition_map_iterate (grub_disk_t disk, diff --git a/0072-Don-t-attempt-to-export-the-start-and-_start-symbols.patch b/0072-Don-t-attempt-to-export-the-start-and-_start-symbols.patch deleted file mode 100644 index 0e925eef827e59cf9bd0f20211e89a626925b4f4..0000000000000000000000000000000000000000 --- a/0072-Don-t-attempt-to-export-the-start-and-_start-symbols.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Sat, 12 May 2018 11:29:07 +0200 -Subject: [PATCH] Don't attempt to export the start and _start symbols for - grub-emu - -Commit 318ee04aadc ("make better backtraces") reworked the backtrace logic -but the changes lead to the following build error on the grub-emu platform: - -grub_emu_lite-symlist.o:(.data+0xf08): undefined reference to `start' -collect2: error: ld returned 1 exit status -make[3]: *** [Makefile:25959: grub-emu-lite] Error 1 -make[3]: *** Waiting for unfinished jobs.... -cat kernel_syms.input | grep -v '^#' | sed -n \ - -e '/EXPORT_FUNC *([a-zA-Z0-9_]*)/{s/.*EXPORT_FUNC *(\([a-zA-Z0-9_]*\)).*/defined kernel '""'\1/;p;}' \ - -e '/EXPORT_VAR *([a-zA-Z0-9_]*)/{s/.*EXPORT_VAR *(\([a-zA-Z0-9_]*\)).*/defined kernel '""'\1/;p;}' \ - | sort -u >kernel_syms.lst - -The problem is that start and _start symbols are exported unconditionally, -but these aren't defined for grub-emu since is an emultaed platform so it -doesn't have a startup logic. Don't attempt to export those for grub-emu. - -Signed-off-by: Javier Martinez Canillas ---- - include/grub/kernel.h | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/include/grub/kernel.h b/include/grub/kernel.h -index 300a9766cda..55849777eaa 100644 ---- a/include/grub/kernel.h -+++ b/include/grub/kernel.h -@@ -111,8 +111,10 @@ grub_addr_t grub_modules_get_end (void); - - #endif - -+#if !defined(GRUB_MACHINE_EMU) - void EXPORT_FUNC(start) (void); - void EXPORT_FUNC(_start) (void); -+#endif - - /* The start point of the C code. */ - void grub_main (void) __attribute__ ((noreturn)); diff --git a/0073-Fixup-for-newer-compiler.patch b/0073-Fixup-for-newer-compiler.patch deleted file mode 100644 index 11ed6e52167e392c7d228ebf360e186ed7f5eb7f..0000000000000000000000000000000000000000 --- a/0073-Fixup-for-newer-compiler.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 10 May 2018 13:40:19 -0400 -Subject: [PATCH] Fixup for newer compiler - ---- - conf/Makefile.common | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 191b1a70c6b..5f0ef969857 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -38,7 +38,7 @@ CFLAGS_KERNEL = $(CFLAGS_PLATFORM) -ffreestanding - LDFLAGS_KERNEL = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) - CPPFLAGS_KERNEL = $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) -DGRUB_KERNEL=1 - CCASFLAGS_KERNEL = $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) --STRIPFLAGS_KERNEL = -R .eh_frame -R .rel.dyn -R .reginfo -R .note -R .comment -R .drectve -R .note.gnu.gold-version -R .MIPS.abiflags -R .ARM.exidx -+STRIPFLAGS_KERNEL = -R .eh_frame -R .rel.dyn -R .reginfo -R .note -R .comment -R .drectve -R .note.gnu.gold-version -R .MIPS.abiflags -R .ARM.exidx -R .note.gnu.property -R .gnu.build.attributes - - CFLAGS_MODULE = $(CFLAGS_PLATFORM) -ffreestanding - LDFLAGS_MODULE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d diff --git a/0074-Add-support-for-non-Ethernet-network-cards.patch b/0074-Add-support-for-non-Ethernet-network-cards.patch deleted file mode 100644 index 02fb951f4750f649ad8dce02d39efa2df94b2df0..0000000000000000000000000000000000000000 --- a/0074-Add-support-for-non-Ethernet-network-cards.patch +++ /dev/null @@ -1,766 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Andrzej Kacprowski -Date: Wed, 10 Jul 2019 15:22:29 +0200 -Subject: [PATCH] Add support for non-Ethernet network cards - -This patch replaces fixed 6-byte link layer address with -up to 32-byte variable sized address. -This allows supporting Infiniband and Omni-Path fabric -which use 20-byte address, but other network card types -can also take advantage of this change. -The network card driver is responsible for replacing L2 -header provided by grub2 if needed. -This approach is compatible with UEFI network stack which -also allows up to 32-byte variable size link address. - -The BOOTP/DHCP packet format is limited to 16 byte client -hardware address, if link address is more that 16-bytes -then chaddr field in BOOTP it will be set to 0 as per rfc4390. - -Resolves: rhbz#1370642 - -Signed-off-by: Andrzej Kacprowski -[msalter: Fix max string calculation in grub_net_hwaddr_to_str] -Signed-off-by: Mark Salter ---- - grub-core/net/arp.c | 155 ++++++++++++++++++++++----------- - grub-core/net/bootp.c | 15 ++-- - grub-core/net/drivers/efi/efinet.c | 8 +- - grub-core/net/drivers/emu/emunet.c | 1 + - grub-core/net/drivers/i386/pc/pxe.c | 13 +-- - grub-core/net/drivers/ieee1275/ofnet.c | 2 + - grub-core/net/drivers/uboot/ubootnet.c | 1 + - grub-core/net/ethernet.c | 88 +++++++++---------- - grub-core/net/icmp6.c | 15 ++-- - grub-core/net/ip.c | 4 +- - grub-core/net/net.c | 50 ++++++----- - include/grub/net.h | 19 ++-- - 12 files changed, 219 insertions(+), 152 deletions(-) - -diff --git a/grub-core/net/arp.c b/grub-core/net/arp.c -index 54306e3b16d..67b409a8acc 100644 ---- a/grub-core/net/arp.c -+++ b/grub-core/net/arp.c -@@ -31,22 +31,12 @@ enum - ARP_REPLY = 2 - }; - --enum -- { -- /* IANA ARP constant to define hardware type as ethernet. */ -- GRUB_NET_ARPHRD_ETHERNET = 1 -- }; -- --struct arppkt { -+struct arphdr { - grub_uint16_t hrd; - grub_uint16_t pro; - grub_uint8_t hln; - grub_uint8_t pln; - grub_uint16_t op; -- grub_uint8_t sender_mac[6]; -- grub_uint32_t sender_ip; -- grub_uint8_t recv_mac[6]; -- grub_uint32_t recv_ip; - } GRUB_PACKED; - - static int have_pending; -@@ -57,12 +47,16 @@ grub_net_arp_send_request (struct grub_net_network_level_interface *inf, - const grub_net_network_level_address_t *proto_addr) - { - struct grub_net_buff nb; -- struct arppkt *arp_packet; -+ struct arphdr *arp_header; - grub_net_link_level_address_t target_mac_addr; - grub_err_t err; - int i; - grub_uint8_t *nbd; - grub_uint8_t arp_data[128]; -+ grub_uint8_t hln; -+ grub_uint8_t pln; -+ grub_uint8_t arp_packet_len; -+ grub_uint8_t *tmp_ptr; - - if (proto_addr->type != GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV4) - return grub_error (GRUB_ERR_BUG, "unsupported address family"); -@@ -73,23 +67,39 @@ grub_net_arp_send_request (struct grub_net_network_level_interface *inf, - grub_netbuff_clear (&nb); - grub_netbuff_reserve (&nb, 128); - -- err = grub_netbuff_push (&nb, sizeof (*arp_packet)); -+ hln = inf->card->default_address.len; -+ pln = sizeof (proto_addr->ipv4); -+ arp_packet_len = sizeof (*arp_header) + 2 * (hln + pln); -+ -+ err = grub_netbuff_push (&nb, arp_packet_len); - if (err) - return err; - -- arp_packet = (struct arppkt *) nb.data; -- arp_packet->hrd = grub_cpu_to_be16_compile_time (GRUB_NET_ARPHRD_ETHERNET); -- arp_packet->hln = 6; -- arp_packet->pro = grub_cpu_to_be16_compile_time (GRUB_NET_ETHERTYPE_IP); -- arp_packet->pln = 4; -- arp_packet->op = grub_cpu_to_be16_compile_time (ARP_REQUEST); -- /* Sender hardware address. */ -- grub_memcpy (arp_packet->sender_mac, &inf->hwaddress.mac, 6); -- arp_packet->sender_ip = inf->address.ipv4; -- grub_memset (arp_packet->recv_mac, 0, 6); -- arp_packet->recv_ip = proto_addr->ipv4; -- /* Target protocol address */ -- grub_memset (&target_mac_addr.mac, 0xff, 6); -+ arp_header = (struct arphdr *) nb.data; -+ arp_header->hrd = grub_cpu_to_be16 (inf->card->default_address.type); -+ arp_header->hln = hln; -+ arp_header->pro = grub_cpu_to_be16_compile_time (GRUB_NET_ETHERTYPE_IP); -+ arp_header->pln = pln; -+ arp_header->op = grub_cpu_to_be16_compile_time (ARP_REQUEST); -+ tmp_ptr = nb.data + sizeof (*arp_header); -+ -+ /* The source hardware address. */ -+ grub_memcpy (tmp_ptr, inf->hwaddress.mac, hln); -+ tmp_ptr += hln; -+ -+ /* The source protocol address. */ -+ grub_memcpy (tmp_ptr, &inf->address.ipv4, pln); -+ tmp_ptr += pln; -+ -+ /* The target hardware address. */ -+ grub_memset (tmp_ptr, 0, hln); -+ tmp_ptr += hln; -+ -+ /* The target protocol address */ -+ grub_memcpy (tmp_ptr, &proto_addr->ipv4, pln); -+ tmp_ptr += pln; -+ -+ grub_memset (&target_mac_addr.mac, 0xff, hln); - - nbd = nb.data; - send_ethernet_packet (inf, &nb, target_mac_addr, GRUB_NET_ETHERTYPE_ARP); -@@ -114,28 +124,53 @@ grub_err_t - grub_net_arp_receive (struct grub_net_buff *nb, struct grub_net_card *card, - grub_uint16_t *vlantag) - { -- struct arppkt *arp_packet = (struct arppkt *) nb->data; -+ struct arphdr *arp_header = (struct arphdr *) nb->data; - grub_net_network_level_address_t sender_addr, target_addr; - grub_net_link_level_address_t sender_mac_addr; - struct grub_net_network_level_interface *inf; -+ grub_uint16_t hw_type; -+ grub_uint8_t hln; -+ grub_uint8_t pln; -+ grub_uint8_t arp_packet_len; -+ grub_uint8_t *tmp_ptr; - -- if (arp_packet->pro != grub_cpu_to_be16_compile_time (GRUB_NET_ETHERTYPE_IP) -- || arp_packet->pln != 4 || arp_packet->hln != 6 -- || nb->tail - nb->data < (int) sizeof (*arp_packet)) -+ hw_type = card->default_address.type; -+ hln = card->default_address.len; -+ pln = sizeof(sender_addr.ipv4); -+ arp_packet_len = sizeof (*arp_header) + 2 * (pln + hln); -+ -+ if (arp_header->pro != grub_cpu_to_be16_compile_time (GRUB_NET_ETHERTYPE_IP) -+ || arp_header->hrd != grub_cpu_to_be16 (hw_type) -+ || arp_header->hln != hln || arp_header->pln != pln -+ || nb->tail - nb->data < (int) arp_packet_len) { - return GRUB_ERR_NONE; -+ } - -+ tmp_ptr = nb->data + sizeof (*arp_header); -+ -+ /* The source hardware address. */ -+ sender_mac_addr.type = hw_type; -+ sender_mac_addr.len = hln; -+ grub_memcpy (sender_mac_addr.mac, tmp_ptr, hln); -+ tmp_ptr += hln; -+ -+ /* The source protocol address. */ - sender_addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV4; -+ grub_memcpy(&sender_addr.ipv4, tmp_ptr, pln); -+ tmp_ptr += pln; -+ -+ grub_net_link_layer_add_address (card, &sender_addr, &sender_mac_addr, 1); -+ -+ /* The target hardware address. */ -+ tmp_ptr += hln; -+ -+ /* The target protocol address. */ - target_addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV4; -- sender_addr.ipv4 = arp_packet->sender_ip; -- target_addr.ipv4 = arp_packet->recv_ip; -- if (arp_packet->sender_ip == pending_req) -+ grub_memcpy(&target_addr.ipv4, tmp_ptr, pln); -+ -+ if (sender_addr.ipv4 == pending_req) - have_pending = 1; - -- sender_mac_addr.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (sender_mac_addr.mac, arp_packet->sender_mac, -- sizeof (sender_mac_addr.mac)); -- grub_net_link_layer_add_address (card, &sender_addr, &sender_mac_addr, 1); -- - FOR_NET_NETWORK_LEVEL_INTERFACES (inf) - { - /* Verify vlantag id */ -@@ -148,11 +183,11 @@ grub_net_arp_receive (struct grub_net_buff *nb, struct grub_net_card *card, - - /* Am I the protocol address target? */ - if (grub_net_addr_cmp (&inf->address, &target_addr) == 0 -- && arp_packet->op == grub_cpu_to_be16_compile_time (ARP_REQUEST)) -+ && arp_header->op == grub_cpu_to_be16_compile_time (ARP_REQUEST)) - { - grub_net_link_level_address_t target; - struct grub_net_buff nb_reply; -- struct arppkt *arp_reply; -+ struct arphdr *arp_reply; - grub_uint8_t arp_data[128]; - grub_err_t err; - -@@ -161,25 +196,39 @@ grub_net_arp_receive (struct grub_net_buff *nb, struct grub_net_card *card, - grub_netbuff_clear (&nb_reply); - grub_netbuff_reserve (&nb_reply, 128); - -- err = grub_netbuff_push (&nb_reply, sizeof (*arp_packet)); -+ err = grub_netbuff_push (&nb_reply, arp_packet_len); - if (err) - return err; - -- arp_reply = (struct arppkt *) nb_reply.data; -+ arp_reply = (struct arphdr *) nb_reply.data; - -- arp_reply->hrd = grub_cpu_to_be16_compile_time (GRUB_NET_ARPHRD_ETHERNET); -+ arp_reply->hrd = grub_cpu_to_be16 (hw_type); - arp_reply->pro = grub_cpu_to_be16_compile_time (GRUB_NET_ETHERTYPE_IP); -- arp_reply->pln = 4; -- arp_reply->hln = 6; -+ arp_reply->pln = pln; -+ arp_reply->hln = hln; - arp_reply->op = grub_cpu_to_be16_compile_time (ARP_REPLY); -- arp_reply->sender_ip = arp_packet->recv_ip; -- arp_reply->recv_ip = arp_packet->sender_ip; -- arp_reply->hln = 6; -- -- target.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (target.mac, arp_packet->sender_mac, 6); -- grub_memcpy (arp_reply->sender_mac, inf->hwaddress.mac, 6); -- grub_memcpy (arp_reply->recv_mac, arp_packet->sender_mac, 6); -+ -+ tmp_ptr = nb_reply.data + sizeof (*arp_reply); -+ -+ /* The source hardware address. */ -+ grub_memcpy (tmp_ptr, inf->hwaddress.mac, hln); -+ tmp_ptr += hln; -+ -+ /* The source protocol address. */ -+ grub_memcpy (tmp_ptr, &target_addr.ipv4, pln); -+ tmp_ptr += pln; -+ -+ /* The target hardware address. */ -+ grub_memcpy (tmp_ptr, sender_mac_addr.mac, hln); -+ tmp_ptr += hln; -+ -+ /* The target protocol address */ -+ grub_memcpy (tmp_ptr, &sender_addr.ipv4, pln); -+ tmp_ptr += pln; -+ -+ target.type = hw_type; -+ target.len = hln; -+ grub_memcpy (target.mac, sender_mac_addr.mac, hln); - - /* Change operation to REPLY and send packet */ - send_ethernet_packet (inf, &nb_reply, target, GRUB_NET_ETHERTYPE_ARP); -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index e28fb6a09f9..08b6b2b5d6c 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -233,7 +233,6 @@ grub_net_configure_by_dhcp_ack (const char *name, - int is_def, char **device, char **path) - { - grub_net_network_level_address_t addr; -- grub_net_link_level_address_t hwaddr; - struct grub_net_network_level_interface *inter; - int mask = -1; - char server_ip[sizeof ("xxx.xxx.xxx.xxx")]; -@@ -250,12 +249,8 @@ grub_net_configure_by_dhcp_ack (const char *name, - if (path) - *path = 0; - -- grub_memcpy (hwaddr.mac, bp->mac_addr, -- bp->hw_len < sizeof (hwaddr.mac) ? bp->hw_len -- : sizeof (hwaddr.mac)); -- hwaddr.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- -- inter = grub_net_add_addr (name, card, &addr, &hwaddr, flags); -+ grub_dprintf("dhcp", "configuring dhcp for %s\n", name); -+ inter = grub_net_add_addr (name, card, &addr, &card->default_address, flags); - if (!inter) - return 0; - -@@ -567,7 +562,9 @@ send_dhcp_packet (struct grub_net_network_level_interface *iface) - grub_memset (pack, 0, sizeof (*pack)); - pack->opcode = 1; - pack->hw_type = 1; -- pack->hw_len = 6; -+ pack->hw_len = iface->hwaddress.len > 16 ? 0 -+ : iface->hwaddress.len; -+ - err = grub_get_datetime (&date); - if (err || !grub_datetime2unixtime (&date, &t)) - { -@@ -580,7 +577,7 @@ send_dhcp_packet (struct grub_net_network_level_interface *iface) - else - pack->ident = iface->xid; - -- grub_memcpy (&pack->mac_addr, &iface->hwaddress.mac, 6); -+ grub_memcpy (&pack->mac_addr, &iface->hwaddress.mac, pack->hw_len); - - grub_netbuff_push (nb, sizeof (*udph)); - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 173fb63153c..a673bea807a 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -279,6 +279,9 @@ grub_efinet_findcards (void) - /* This should not happen... Why? */ - continue; - -+ if (net->mode->hwaddr_size > GRUB_NET_MAX_LINK_ADDRESS_SIZE) -+ continue; -+ - if (net->mode->state == GRUB_EFI_NETWORK_STOPPED - && efi_call_1 (net->start, net) != GRUB_EFI_SUCCESS) - continue; -@@ -315,10 +318,11 @@ grub_efinet_findcards (void) - card->name = grub_xasprintf ("efinet%d", i++); - card->driver = &efidriver; - card->flags = 0; -- card->default_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ card->default_address.type = net->mode->if_type; -+ card->default_address.len = net->mode->hwaddr_size; - grub_memcpy (card->default_address.mac, - net->mode->current_address, -- sizeof (card->default_address.mac)); -+ net->mode->hwaddr_size); - card->efi_net = net; - card->efi_handle = *handle; - -diff --git a/grub-core/net/drivers/emu/emunet.c b/grub-core/net/drivers/emu/emunet.c -index b194920861f..5b6c5e16a6d 100644 ---- a/grub-core/net/drivers/emu/emunet.c -+++ b/grub-core/net/drivers/emu/emunet.c -@@ -46,6 +46,7 @@ static struct grub_net_card emucard = - .mtu = 1500, - .default_address = { - .type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET, -+ . len = 6, - {.mac = {0, 1, 2, 3, 4, 5}} - }, - .flags = 0 -diff --git a/grub-core/net/drivers/i386/pc/pxe.c b/grub-core/net/drivers/i386/pc/pxe.c -index 3f4152d036c..9f8fb4b6d2b 100644 ---- a/grub-core/net/drivers/i386/pc/pxe.c -+++ b/grub-core/net/drivers/i386/pc/pxe.c -@@ -386,20 +386,21 @@ GRUB_MOD_INIT(pxe) - grub_memset (ui, 0, sizeof (*ui)); - grub_pxe_call (GRUB_PXENV_UNDI_GET_INFORMATION, ui, pxe_rm_entry); - -+ grub_pxe_card.default_address.len = 6; - grub_memcpy (grub_pxe_card.default_address.mac, ui->current_addr, -- sizeof (grub_pxe_card.default_address.mac)); -- for (i = 0; i < sizeof (grub_pxe_card.default_address.mac); i++) -+ grub_pxe_card.default_address.len); -+ for (i = 0; i < grub_pxe_card.default_address.len; i++) - if (grub_pxe_card.default_address.mac[i] != 0) - break; -- if (i != sizeof (grub_pxe_card.default_address.mac)) -+ if (i != grub_pxe_card.default_address.len) - { -- for (i = 0; i < sizeof (grub_pxe_card.default_address.mac); i++) -+ for (i = 0; i < grub_pxe_card.default_address.len; i++) - if (grub_pxe_card.default_address.mac[i] != 0xff) - break; - } -- if (i == sizeof (grub_pxe_card.default_address.mac)) -+ if (i == grub_pxe_card.default_address.len) - grub_memcpy (grub_pxe_card.default_address.mac, ui->permanent_addr, -- sizeof (grub_pxe_card.default_address.mac)); -+ grub_pxe_card.default_address.len); - grub_pxe_card.mtu = ui->mtu; - - grub_pxe_card.default_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -diff --git a/grub-core/net/drivers/ieee1275/ofnet.c b/grub-core/net/drivers/ieee1275/ofnet.c -index 3860b6f78d8..bcb3f9ea02d 100644 ---- a/grub-core/net/drivers/ieee1275/ofnet.c -+++ b/grub-core/net/drivers/ieee1275/ofnet.c -@@ -160,6 +160,7 @@ grub_ieee1275_parse_bootpath (const char *devpath, char *bootpath, - grub_uint16_t vlantag = 0; - - hw_addr.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ hw_addr.len = 6; - - args = bootpath + grub_strlen (devpath) + 1; - do -@@ -503,6 +504,7 @@ search_net_devices (struct grub_ieee1275_devalias *alias) - grub_memcpy (&lla.mac, pprop, 6); - - lla.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ lla.len = 6; - card->default_address = lla; - - card->txbufsize = ALIGN_UP (card->mtu, 64) + 256; -diff --git a/grub-core/net/drivers/uboot/ubootnet.c b/grub-core/net/drivers/uboot/ubootnet.c -index 056052e40d5..22ebcbf211e 100644 ---- a/grub-core/net/drivers/uboot/ubootnet.c -+++ b/grub-core/net/drivers/uboot/ubootnet.c -@@ -131,6 +131,7 @@ GRUB_MOD_INIT (ubootnet) - - grub_memcpy (&(card->default_address.mac), &devinfo->di_net.hwaddr, 6); - card->default_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ card->default_address.len = 6; - - card->txbufsize = ALIGN_UP (card->mtu, 64) + 256; - card->txbuf = grub_zalloc (card->txbufsize); -diff --git a/grub-core/net/ethernet.c b/grub-core/net/ethernet.c -index 4d7ceed6f93..9aae83a5eb4 100644 ---- a/grub-core/net/ethernet.c -+++ b/grub-core/net/ethernet.c -@@ -29,13 +29,6 @@ - - #define LLCADDRMASK 0x7f - --struct etherhdr --{ -- grub_uint8_t dst[6]; -- grub_uint8_t src[6]; -- grub_uint16_t type; --} GRUB_PACKED; -- - struct llchdr - { - grub_uint8_t dsap; -@@ -55,13 +48,15 @@ send_ethernet_packet (struct grub_net_network_level_interface *inf, - grub_net_link_level_address_t target_addr, - grub_net_ethertype_t ethertype) - { -- struct etherhdr *eth; -+ grub_uint8_t *eth; - grub_err_t err; -- grub_uint8_t etherhdr_size; -- grub_uint16_t vlantag_id = VLANTAG_IDENTIFIER; -+ grub_uint32_t vlantag = 0; -+ grub_uint8_t hw_addr_len = inf->card->default_address.len; -+ grub_uint8_t etherhdr_size = 2 * hw_addr_len + 2; - -- etherhdr_size = sizeof (*eth); -- COMPILE_TIME_ASSERT (sizeof (*eth) + 4 < GRUB_NET_MAX_LINK_HEADER_SIZE); -+ /* Source and destination link addresses + ethertype + vlan tag */ -+ COMPILE_TIME_ASSERT ((GRUB_NET_MAX_LINK_ADDRESS_SIZE * 2 + 2 + 4) < -+ GRUB_NET_MAX_LINK_HEADER_SIZE); - - /* Increase ethernet header in case of vlantag */ - if (inf->vlantag != 0) -@@ -70,11 +65,22 @@ send_ethernet_packet (struct grub_net_network_level_interface *inf, - err = grub_netbuff_push (nb, etherhdr_size); - if (err) - return err; -- eth = (struct etherhdr *) nb->data; -- grub_memcpy (eth->dst, target_addr.mac, 6); -- grub_memcpy (eth->src, inf->hwaddress.mac, 6); -+ eth = nb->data; -+ grub_memcpy (eth, target_addr.mac, hw_addr_len); -+ eth += hw_addr_len; -+ grub_memcpy (eth, inf->hwaddress.mac, hw_addr_len); -+ eth += hw_addr_len; -+ -+ /* Check if a vlan-tag is present. */ -+ if (vlantag != 0) -+ { -+ *((grub_uint32_t *)eth) = grub_cpu_to_be32 (vlantag); -+ eth += sizeof (vlantag); -+ } -+ -+ /* Write ethertype */ -+ *((grub_uint16_t*) eth) = grub_cpu_to_be16 (ethertype); - -- eth->type = grub_cpu_to_be16 (ethertype); - if (!inf->card->opened) - { - err = GRUB_ERR_NONE; -@@ -85,18 +91,6 @@ send_ethernet_packet (struct grub_net_network_level_interface *inf, - inf->card->opened = 1; - } - -- /* Check and add a vlan-tag if needed. */ -- if (inf->vlantag != 0) -- { -- /* Move eth type to the right */ -- grub_memcpy ((char *) nb->data + etherhdr_size - 2, -- (char *) nb->data + etherhdr_size - 6, 2); -- -- /* Add the tag in the middle */ -- grub_memcpy ((char *) nb->data + etherhdr_size - 6, &vlantag_id, 2); -- grub_memcpy ((char *) nb->data + etherhdr_size - 4, (char *) &(inf->vlantag), 2); -- } -- - return inf->card->driver->send (inf->card, nb); - } - -@@ -104,31 +98,40 @@ grub_err_t - grub_net_recv_ethernet_packet (struct grub_net_buff *nb, - struct grub_net_card *card) - { -- struct etherhdr *eth; -+ grub_uint8_t *eth; - struct llchdr *llch; - struct snaphdr *snaph; - grub_net_ethertype_t type; - grub_net_link_level_address_t hwaddress; - grub_net_link_level_address_t src_hwaddress; - grub_err_t err; -- grub_uint8_t etherhdr_size = sizeof (*eth); -+ grub_uint8_t hw_addr_len = card->default_address.len; -+ grub_uint8_t etherhdr_size = 2 * hw_addr_len + 2; - grub_uint16_t vlantag = 0; - -+ eth = nb->data; - -- /* Check if a vlan-tag is present. If so, the ethernet header is 4 bytes */ -- /* longer than the original one. The vlantag id is extracted and the header */ -- /* is reseted to the original size. */ -- if (grub_get_unaligned16 (nb->data + etherhdr_size - 2) == VLANTAG_IDENTIFIER) -+ hwaddress.type = card->default_address.type; -+ hwaddress.len = hw_addr_len; -+ grub_memcpy (hwaddress.mac, eth, hw_addr_len); -+ eth += hw_addr_len; -+ -+ src_hwaddress.type = card->default_address.type; -+ src_hwaddress.len = hw_addr_len; -+ grub_memcpy (src_hwaddress.mac, eth, hw_addr_len); -+ eth += hw_addr_len; -+ -+ type = grub_be_to_cpu16 (*(grub_uint16_t*)(eth)); -+ if (type == VLANTAG_IDENTIFIER) - { -- vlantag = grub_get_unaligned16 (nb->data + etherhdr_size); -+ /* Skip vlan tag */ -+ eth += 2; -+ vlantag = grub_be_to_cpu16 (*(grub_uint16_t*)(eth)); - etherhdr_size += 4; -- /* Move eth type to the original position */ -- grub_memcpy((char *) nb->data + etherhdr_size - 6, -- (char *) nb->data + etherhdr_size - 2, 2); -+ eth += 2; -+ type = grub_be_to_cpu16 (*(grub_uint16_t*)(eth)); - } - -- eth = (struct etherhdr *) nb->data; -- type = grub_be_to_cpu16 (eth->type); - err = grub_netbuff_pull (nb, etherhdr_size); - if (err) - return err; -@@ -148,11 +151,6 @@ grub_net_recv_ethernet_packet (struct grub_net_buff *nb, - } - } - -- hwaddress.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (hwaddress.mac, eth->dst, sizeof (hwaddress.mac)); -- src_hwaddress.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (src_hwaddress.mac, eth->src, sizeof (src_hwaddress.mac)); -- - switch (type) - { - /* ARP packet. */ -diff --git a/grub-core/net/icmp6.c b/grub-core/net/icmp6.c -index 2cbd95dce25..56a3ec5c8e8 100644 ---- a/grub-core/net/icmp6.c -+++ b/grub-core/net/icmp6.c -@@ -231,8 +231,9 @@ grub_net_recv_icmp6_packet (struct grub_net_buff *nb, - && ohdr->len == 1) - { - grub_net_link_level_address_t ll_address; -- ll_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (ll_address.mac, ohdr + 1, sizeof (ll_address.mac)); -+ ll_address.type = card->default_address.type; -+ ll_address.len = card->default_address.len; -+ grub_memcpy (ll_address.mac, ohdr + 1, ll_address.len); - grub_net_link_layer_add_address (card, source, &ll_address, 0); - } - } -@@ -335,8 +336,9 @@ grub_net_recv_icmp6_packet (struct grub_net_buff *nb, - && ohdr->len == 1) - { - grub_net_link_level_address_t ll_address; -- ll_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (ll_address.mac, ohdr + 1, sizeof (ll_address.mac)); -+ ll_address.type = card->default_address.type; -+ ll_address.len = card->default_address.len; -+ grub_memcpy (ll_address.mac, ohdr + 1, ll_address.len); - grub_net_link_layer_add_address (card, source, &ll_address, 0); - } - } -@@ -384,8 +386,9 @@ grub_net_recv_icmp6_packet (struct grub_net_buff *nb, - && ohdr->len == 1) - { - grub_net_link_level_address_t ll_address; -- ll_address.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (ll_address.mac, ohdr + 1, sizeof (ll_address.mac)); -+ ll_address.type = card->default_address.type; -+ ll_address.len = card->default_address.len; -+ grub_memcpy (ll_address.mac, ohdr + 1, ll_address.len); - grub_net_link_layer_add_address (card, source, &ll_address, 0); - } - if (ohdr->type == OPTION_PREFIX && ohdr->len == 4) -diff --git a/grub-core/net/ip.c b/grub-core/net/ip.c -index ea5edf8f1f6..a5896f6dc26 100644 ---- a/grub-core/net/ip.c -+++ b/grub-core/net/ip.c -@@ -276,8 +276,8 @@ handle_dgram (struct grub_net_buff *nb, - if (inf->card == card - && inf->address.type == GRUB_NET_NETWORK_LEVEL_PROTOCOL_DHCP_RECV - && inf->hwaddress.type == GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET -- && grub_memcmp (inf->hwaddress.mac, &bootp->mac_addr, -- sizeof (inf->hwaddress.mac)) == 0) -+ && (grub_memcmp (inf->hwaddress.mac, &bootp->mac_addr, -+ bootp->hw_len) == 0 || bootp->hw_len == 0)) - { - grub_net_process_dhcp (nb, inf); - grub_netbuff_free (nb); -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 22f2689aaeb..a46f82362ed 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -133,8 +133,9 @@ grub_net_link_layer_resolve (struct grub_net_network_level_interface *inf, - << 48) - && proto_addr->ipv6[1] == (grub_be_to_cpu64_compile_time (1)))) - { -- hw_addr->type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memset (hw_addr->mac, -1, 6); -+ hw_addr->type = inf->card->default_address.type; -+ hw_addr->len = inf->card->default_address.len; -+ grub_memset (hw_addr->mac, -1, hw_addr->len); - return GRUB_ERR_NONE; - } - -@@ -142,6 +143,7 @@ grub_net_link_layer_resolve (struct grub_net_network_level_interface *inf, - && ((grub_be_to_cpu64 (proto_addr->ipv6[0]) >> 56) == 0xff)) - { - hw_addr->type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -+ hw_addr->len = inf->card->default_address.len; - hw_addr->mac[0] = 0x33; - hw_addr->mac[1] = 0x33; - hw_addr->mac[2] = ((grub_be_to_cpu64 (proto_addr->ipv6[1]) >> 24) & 0xff); -@@ -762,23 +764,23 @@ grub_net_addr_to_str (const grub_net_network_level_address_t *target, char *buf) - void - grub_net_hwaddr_to_str (const grub_net_link_level_address_t *addr, char *str) - { -- str[0] = 0; -- switch (addr->type) -+ char *ptr; -+ unsigned i; -+ int maxstr; -+ -+ if (addr->len > GRUB_NET_MAX_LINK_ADDRESS_SIZE) - { -- case GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET: -- { -- char *ptr; -- unsigned i; -- for (ptr = str, i = 0; i < ARRAY_SIZE (addr->mac); i++) -- { -- grub_snprintf (ptr, GRUB_NET_MAX_STR_HWADDR_LEN - (ptr - str), -- "%02x:", addr->mac[i] & 0xff); -- ptr += (sizeof ("XX:") - 1); -- } -- return; -- } -+ str[0] = 0; -+ grub_printf (_("Unsupported hw address type %d len %d\n"), -+ addr->type, addr->len); -+ return; -+ } -+ maxstr = addr->len * grub_strlen ("XX:"); -+ for (ptr = str, i = 0; i < addr->len; i++) -+ { -+ ptr += grub_snprintf (ptr, maxstr - (ptr - str), -+ "%02x:", addr->mac[i] & 0xff); - } -- grub_printf (_("Unsupported hw address type %d\n"), addr->type); - } - - int -@@ -789,13 +791,17 @@ grub_net_hwaddr_cmp (const grub_net_link_level_address_t *a, - return -1; - if (a->type > b->type) - return +1; -- switch (a->type) -+ if (a->len < b->len) -+ return -1; -+ if (a->len > b->len) -+ return +1; -+ if (a->len > GRUB_NET_MAX_LINK_ADDRESS_SIZE) - { -- case GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET: -- return grub_memcmp (a->mac, b->mac, sizeof (a->mac)); -+ grub_printf (_("Unsupported hw address type %d len %d\n"), -+ a->type, a->len); -+ return + 1; - } -- grub_printf (_("Unsupported hw address type %d\n"), a->type); -- return 1; -+ return grub_memcmp (a->mac, b->mac, a->len); - } - - int -diff --git a/include/grub/net.h b/include/grub/net.h -index 8a05ec4fe7a..af0404db7e3 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -29,7 +29,8 @@ - - enum - { -- GRUB_NET_MAX_LINK_HEADER_SIZE = 64, -+ GRUB_NET_MAX_LINK_HEADER_SIZE = 96, -+ GRUB_NET_MAX_LINK_ADDRESS_SIZE = 32, - GRUB_NET_UDP_HEADER_SIZE = 8, - GRUB_NET_TCP_HEADER_SIZE = 20, - GRUB_NET_OUR_IPV4_HEADER_SIZE = 20, -@@ -42,15 +43,17 @@ enum - - typedef enum grub_link_level_protocol_id - { -- GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET -+ /* IANA ARP constant to define hardware type. */ -+ GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET = 1, - } grub_link_level_protocol_id_t; - - typedef struct grub_net_link_level_address - { - grub_link_level_protocol_id_t type; -+ grub_uint8_t len; - union - { -- grub_uint8_t mac[6]; -+ grub_uint8_t mac[GRUB_NET_MAX_LINK_ADDRESS_SIZE]; - }; - } grub_net_link_level_address_t; - -@@ -566,11 +569,13 @@ grub_net_addr_cmp (const grub_net_network_level_address_t *a, - #define GRUB_NET_MAX_STR_ADDR_LEN sizeof ("XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX") - - /* -- Currently suppoerted adresses: -- ethernet: XX:XX:XX:XX:XX:XX -+ Up to 32 byte hardware address supported, see GRUB_NET_MAX_LINK_ADDRESS_SIZE - */ -- --#define GRUB_NET_MAX_STR_HWADDR_LEN (sizeof ("XX:XX:XX:XX:XX:XX")) -+#define GRUB_NET_MAX_STR_HWADDR_LEN (sizeof (\ -+ "XX:XX:XX:XX:XX:XX:XX:XX:"\ -+ "XX:XX:XX:XX:XX:XX:XX:XX:"\ -+ "XX:XX:XX:XX:XX:XX:XX:XX:"\ -+ "XX:XX:XX:XX:XX:XX:XX:XX")) - - void - grub_net_addr_to_str (const grub_net_network_level_address_t *target, diff --git a/0075-net-read-bracketed-ipv6-addrs-and-port-numbers.patch b/0075-net-read-bracketed-ipv6-addrs-and-port-numbers.patch deleted file mode 100644 index 834b96e28a7c14d92f80c7258b9a17cbb5b983cd..0000000000000000000000000000000000000000 --- a/0075-net-read-bracketed-ipv6-addrs-and-port-numbers.patch +++ /dev/null @@ -1,270 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Aaron Miller -Date: Fri, 29 Jul 2016 17:41:38 +0800 -Subject: [PATCH] net: read bracketed ipv6 addrs and port numbers - -Allow specifying port numbers for http and tftp paths, and allow ipv6 addresses -to be recognized with brackets around them, which is required to specify a port -number - -Signed-off-by: Aaron Miller -[pjones: various bug fixes] -Signed-off-by: Peter Jones ---- - grub-core/net/http.c | 25 ++++++++++++--- - grub-core/net/net.c | 87 +++++++++++++++++++++++++++++++++++++++++++++++++--- - grub-core/net/tftp.c | 8 +++-- - include/grub/net.h | 1 + - 4 files changed, 109 insertions(+), 12 deletions(-) - -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index b616cf40b1e..12a2632ea55 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -289,7 +289,9 @@ http_receive (grub_net_tcp_socket_t sock __attribute__ ((unused)), - nb2 = grub_netbuff_alloc (data->chunk_rem); - if (!nb2) - return grub_errno; -- grub_netbuff_put (nb2, data->chunk_rem); -+ err = grub_netbuff_put (nb2, data->chunk_rem); -+ if (err) -+ return grub_errno; - grub_memcpy (nb2->data, nb->data, data->chunk_rem); - if (file->device->net->packs.count >= 20) - { -@@ -312,12 +314,14 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - int i; - struct grub_net_buff *nb; - grub_err_t err; -+ char* server = file->device->net->server; -+ int port = file->device->net->port; - - nb = grub_netbuff_alloc (GRUB_NET_TCP_RESERVE_SIZE - + sizeof ("GET ") - 1 - + grub_strlen (data->filename) - + sizeof (" HTTP/1.1\r\nHost: ") - 1 -- + grub_strlen (file->device->net->server) -+ + grub_strlen (server) + sizeof (":XXXXXXXXXX") - + sizeof ("\r\nUser-Agent: " PACKAGE_STRING - "\r\n") - 1 - + sizeof ("Range: bytes=XXXXXXXXXXXXXXXXXXXX" -@@ -356,7 +360,7 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - sizeof (" HTTP/1.1\r\nHost: ") - 1); - - ptr = nb->tail; -- err = grub_netbuff_put (nb, grub_strlen (file->device->net->server)); -+ err = grub_netbuff_put (nb, grub_strlen (server)); - if (err) - { - grub_netbuff_free (nb); -@@ -365,6 +369,15 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - grub_memcpy (ptr, file->device->net->server, - grub_strlen (file->device->net->server)); - -+ if (port) -+ { -+ ptr = nb->tail; -+ grub_snprintf ((char *) ptr, -+ sizeof (":XXXXXXXXXX"), -+ ":%d", -+ port); -+ } -+ - ptr = nb->tail; - err = grub_netbuff_put (nb, - sizeof ("\r\nUser-Agent: " PACKAGE_STRING "\r\n") -@@ -390,8 +403,10 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - grub_netbuff_put (nb, 2); - grub_memcpy (ptr, "\r\n", 2); - -- data->sock = grub_net_tcp_open (file->device->net->server, -- HTTP_PORT, http_receive, -+ grub_dprintf ("http", "opening path %s on host %s TCP port %d\n", -+ data->filename, server, port ? port : HTTP_PORT); -+ data->sock = grub_net_tcp_open (server, -+ port ? port : HTTP_PORT, http_receive, - http_err, NULL, - file); - if (!data->sock) -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index a46f82362ed..0ce5e675ed7 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -444,6 +444,13 @@ parse_ip6 (const char *val, grub_uint64_t *ip, const char **rest) - grub_uint16_t newip[8]; - const char *ptr = val; - int word, quaddot = -1; -+ int bracketed = 0; -+ -+ if (ptr[0] == '[') -+ { -+ bracketed = 1; -+ ptr++; -+ } - - if (ptr[0] == ':' && ptr[1] != ':') - return 0; -@@ -482,6 +489,8 @@ parse_ip6 (const char *val, grub_uint64_t *ip, const char **rest) - grub_memset (&newip[quaddot], 0, (7 - word) * sizeof (newip[0])); - } - grub_memcpy (ip, newip, 16); -+ if (bracketed && *ptr == ']') -+ ptr++; - if (rest) - *rest = ptr; - return 1; -@@ -1343,8 +1352,10 @@ grub_net_open_real (const char *name) - { - grub_net_app_level_t proto; - const char *protname, *server; -+ char *host; - grub_size_t protnamelen; - int try; -+ int port = 0; - - if (grub_strncmp (name, "pxe:", sizeof ("pxe:") - 1) == 0) - { -@@ -1382,6 +1393,72 @@ grub_net_open_real (const char *name) - return NULL; - } - -+ char* port_start; -+ /* ipv6 or port specified? */ -+ if ((port_start = grub_strchr (server, ':'))) -+ { -+ char* ipv6_begin; -+ if((ipv6_begin = grub_strchr (server, '['))) -+ { -+ char* ipv6_end = grub_strchr (server, ']'); -+ if(!ipv6_end) -+ { -+ grub_error (GRUB_ERR_NET_BAD_ADDRESS, -+ N_("mismatched [ in address")); -+ return NULL; -+ } -+ /* port number after bracketed ipv6 addr */ -+ if(ipv6_end[1] == ':') -+ { -+ port = grub_strtoul (ipv6_end + 2, NULL, 10); -+ if(port > 65535) -+ { -+ grub_error (GRUB_ERR_NET_BAD_ADDRESS, -+ N_("bad port number")); -+ return NULL; -+ } -+ } -+ host = grub_strndup (ipv6_begin, (ipv6_end - ipv6_begin) + 1); -+ } -+ else -+ { -+ if (grub_strchr (port_start + 1, ':')) -+ { -+ int iplen = grub_strlen (server); -+ /* bracket bare ipv6 addrs */ -+ host = grub_malloc (iplen + 3); -+ if(!host) -+ { -+ return NULL; -+ } -+ host[0] = '['; -+ grub_memcpy (host + 1, server, iplen); -+ host[iplen + 1] = ']'; -+ host[iplen + 2] = '\0'; -+ } -+ else -+ { -+ /* hostname:port or ipv4:port */ -+ port = grub_strtol (port_start + 1, NULL, 10); -+ if(port > 65535) -+ { -+ grub_error (GRUB_ERR_NET_BAD_ADDRESS, -+ N_("bad port number")); -+ return NULL; -+ } -+ host = grub_strndup (server, port_start - server); -+ } -+ } -+ } -+ else -+ { -+ host = grub_strdup (server); -+ } -+ if (!host) -+ { -+ return NULL; -+ } -+ - for (try = 0; try < 2; try++) - { - FOR_NET_APP_LEVEL (proto) -@@ -1391,14 +1468,13 @@ grub_net_open_real (const char *name) - { - grub_net_t ret = grub_zalloc (sizeof (*ret)); - if (!ret) -- return NULL; -- ret->protocol = proto; -- ret->server = grub_strdup (server); -- if (!ret->server) - { -- grub_free (ret); -+ grub_free (host); - return NULL; - } -+ ret->protocol = proto; -+ ret->port = port; -+ ret->server = host; - ret->fs = &grub_net_fs; - return ret; - } -@@ -1473,6 +1549,7 @@ grub_net_open_real (const char *name) - grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("disk `%s' not found"), - name); - -+ grub_free (host); - return NULL; - } - -diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c -index 4ab2f5c7357..d54b13f09ff 100644 ---- a/grub-core/net/tftp.c -+++ b/grub-core/net/tftp.c -@@ -295,6 +295,7 @@ tftp_open (struct grub_file *file, const char *filename) - grub_err_t err; - grub_uint8_t *nbd; - grub_net_network_level_address_t addr; -+ int port = file->device->net->port; - - data = grub_zalloc (sizeof (*data)); - if (!data) -@@ -362,14 +363,17 @@ tftp_open (struct grub_file *file, const char *filename) - err = grub_net_resolve_address (file->device->net->server, &addr); - if (err) - { -- grub_dprintf("tftp", "Address resolution failed: %d\n", err); -+ grub_dprintf ("tftp", "Address resolution failed: %d\n", err); -+ grub_dprintf ("tftp", "file_size is %llu, block_size is %llu\n", -+ (unsigned long long)data->file_size, -+ (unsigned long long)data->block_size); - grub_free (data); - return err; - } - - grub_dprintf("tftp", "opening connection\n"); - data->sock = grub_net_udp_open (addr, -- TFTP_SERVER_PORT, tftp_receive, -+ port ? port : TFTP_SERVER_PORT, tftp_receive, - file); - if (!data->sock) - { -diff --git a/include/grub/net.h b/include/grub/net.h -index af0404db7e3..d55d505a03a 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -273,6 +273,7 @@ typedef struct grub_net - { - char *server; - char *name; -+ int port; - grub_net_app_level_t protocol; - grub_net_packets_t packs; - grub_off_t offset; diff --git a/0076-bootp-New-net_bootp6-command.patch b/0076-bootp-New-net_bootp6-command.patch deleted file mode 100644 index 21b3871bf51e027c408a1cd9f8ac6f31ef70a71a..0000000000000000000000000000000000000000 --- a/0076-bootp-New-net_bootp6-command.patch +++ /dev/null @@ -1,1368 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 10 Jul 2019 15:42:36 +0200 -Subject: [PATCH] bootp: New net_bootp6 command - -Implement new net_bootp6 command for IPv6 network auto configuration via the -DHCPv6 protocol (RFC3315). - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin -[pjones: Put back our code to add a local route] -Signed-off-by: Peter Jones ---- - grub-core/net/bootp.c | 1059 ++++++++++++++++++++++++++++++------ - grub-core/net/drivers/efi/efinet.c | 20 +- - grub-core/net/ip.c | 39 ++ - include/grub/efi/api.h | 2 +- - include/grub/net.h | 91 ++-- - 5 files changed, 1002 insertions(+), 209 deletions(-) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 08b6b2b5d6c..fe93b80f1cf 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -24,6 +24,98 @@ - #include - #include - #include -+#include -+#include -+ -+static int -+dissect_url (const char *url, char **proto, char **host, char **path) -+{ -+ const char *p, *ps; -+ grub_size_t l; -+ -+ *proto = *host = *path = NULL; -+ ps = p = url; -+ -+ while ((p = grub_strchr (p, ':'))) -+ { -+ if (grub_strlen (p) < sizeof ("://") - 1) -+ break; -+ if (grub_memcmp (p, "://", sizeof ("://") - 1) == 0) -+ { -+ l = p - ps; -+ *proto = grub_malloc (l + 1); -+ if (!*proto) -+ { -+ grub_print_error (); -+ return 0; -+ } -+ -+ grub_memcpy (*proto, ps, l); -+ (*proto)[l] = '\0'; -+ p += sizeof ("://") - 1; -+ break; -+ } -+ ++p; -+ } -+ -+ if (!*proto) -+ { -+ grub_dprintf ("bootp", "url: %s is not valid, protocol not found\n", url); -+ return 0; -+ } -+ -+ ps = p; -+ p = grub_strchr (p, '/'); -+ -+ if (!p) -+ { -+ grub_dprintf ("bootp", "url: %s is not valid, host/path not found\n", url); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ -+ l = p - ps; -+ -+ if (l > 2 && ps[0] == '[' && ps[l - 1] == ']') -+ { -+ *host = grub_malloc (l - 1); -+ if (!*host) -+ { -+ grub_print_error (); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ grub_memcpy (*host, ps + 1, l - 2); -+ (*host)[l - 2] = 0; -+ } -+ else -+ { -+ *host = grub_malloc (l + 1); -+ if (!*host) -+ { -+ grub_print_error (); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ grub_memcpy (*host, ps, l); -+ (*host)[l] = 0; -+ } -+ -+ *path = grub_strdup (p); -+ if (!*path) -+ { -+ grub_print_error (); -+ grub_free (*host); -+ grub_free (*proto); -+ *host = NULL; -+ *proto = NULL; -+ return 0; -+ } -+ return 1; -+} - - struct grub_dhcp_discover_options - { -@@ -604,6 +696,584 @@ out: - return err; - } - -+/* The default netbuff size for sending DHCPv6 packets which should be -+ large enough to hold the information */ -+#define GRUB_DHCP6_DEFAULT_NETBUFF_ALLOC_SIZE 512 -+ -+struct grub_dhcp6_options -+{ -+ grub_uint8_t *client_duid; -+ grub_uint16_t client_duid_len; -+ grub_uint8_t *server_duid; -+ grub_uint16_t server_duid_len; -+ grub_uint32_t iaid; -+ grub_uint32_t t1; -+ grub_uint32_t t2; -+ grub_net_network_level_address_t *ia_addr; -+ grub_uint32_t preferred_lifetime; -+ grub_uint32_t valid_lifetime; -+ grub_net_network_level_address_t *dns_server_addrs; -+ grub_uint16_t num_dns_server; -+ char *boot_file_proto; -+ char *boot_file_server_ip; -+ char *boot_file_path; -+}; -+ -+typedef struct grub_dhcp6_options *grub_dhcp6_options_t; -+ -+struct grub_dhcp6_session -+{ -+ struct grub_dhcp6_session *next; -+ struct grub_dhcp6_session **prev; -+ grub_uint32_t iaid; -+ grub_uint32_t transaction_id:24; -+ grub_uint64_t start_time; -+ struct grub_net_dhcp6_option_duid_ll duid; -+ struct grub_net_network_level_interface *iface; -+ -+ /* The associated dhcpv6 options */ -+ grub_dhcp6_options_t adv; -+ grub_dhcp6_options_t reply; -+}; -+ -+typedef struct grub_dhcp6_session *grub_dhcp6_session_t; -+ -+typedef void (*dhcp6_option_hook_fn) (const struct grub_net_dhcp6_option *opt, void *data); -+ -+static void -+foreach_dhcp6_option (const struct grub_net_dhcp6_option *opt, grub_size_t size, -+ dhcp6_option_hook_fn hook, void *hook_data); -+ -+static void -+parse_dhcp6_iaaddr (const struct grub_net_dhcp6_option *opt, void *data) -+{ -+ grub_dhcp6_options_t dhcp6 = (grub_dhcp6_options_t )data; -+ -+ grub_uint16_t code = grub_be_to_cpu16 (opt->code); -+ grub_uint16_t len = grub_be_to_cpu16 (opt->len); -+ -+ if (code == GRUB_NET_DHCP6_OPTION_IAADDR) -+ { -+ const struct grub_net_dhcp6_option_iaaddr *iaaddr; -+ iaaddr = (const struct grub_net_dhcp6_option_iaaddr *)opt->data; -+ -+ if (len < sizeof (*iaaddr)) -+ { -+ grub_dprintf ("bootp", "DHCPv6: code %u with insufficient length %u\n", code, len); -+ return; -+ } -+ if (!dhcp6->ia_addr) -+ { -+ dhcp6->ia_addr = grub_malloc (sizeof(*dhcp6->ia_addr)); -+ dhcp6->ia_addr->type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ dhcp6->ia_addr->ipv6[0] = grub_get_unaligned64 (iaaddr->addr); -+ dhcp6->ia_addr->ipv6[1] = grub_get_unaligned64 (iaaddr->addr + 8); -+ dhcp6->preferred_lifetime = grub_be_to_cpu32 (iaaddr->preferred_lifetime); -+ dhcp6->valid_lifetime = grub_be_to_cpu32 (iaaddr->valid_lifetime); -+ } -+ } -+} -+ -+static void -+parse_dhcp6_option (const struct grub_net_dhcp6_option *opt, void *data) -+{ -+ grub_dhcp6_options_t dhcp6 = (grub_dhcp6_options_t)data; -+ grub_uint16_t code = grub_be_to_cpu16 (opt->code); -+ grub_uint16_t len = grub_be_to_cpu16 (opt->len); -+ -+ switch (code) -+ { -+ case GRUB_NET_DHCP6_OPTION_CLIENTID: -+ -+ if (dhcp6->client_duid || !len) -+ { -+ grub_dprintf ("bootp", "Skipped DHCPv6 CLIENTID with length %u\n", len); -+ break; -+ } -+ dhcp6->client_duid = grub_malloc (len); -+ grub_memcpy (dhcp6->client_duid, opt->data, len); -+ dhcp6->client_duid_len = len; -+ break; -+ -+ case GRUB_NET_DHCP6_OPTION_SERVERID: -+ -+ if (dhcp6->server_duid || !len) -+ { -+ grub_dprintf ("bootp", "Skipped DHCPv6 SERVERID with length %u\n", len); -+ break; -+ } -+ dhcp6->server_duid = grub_malloc (len); -+ grub_memcpy (dhcp6->server_duid, opt->data, len); -+ dhcp6->server_duid_len = len; -+ break; -+ -+ case GRUB_NET_DHCP6_OPTION_IA_NA: -+ { -+ const struct grub_net_dhcp6_option_iana *ia_na; -+ grub_uint16_t data_len; -+ -+ if (dhcp6->iaid || len < sizeof (*ia_na)) -+ { -+ grub_dprintf ("bootp", "Skipped DHCPv6 IA_NA with length %u\n", len); -+ break; -+ } -+ ia_na = (const struct grub_net_dhcp6_option_iana *)opt->data; -+ dhcp6->iaid = grub_be_to_cpu32 (ia_na->iaid); -+ dhcp6->t1 = grub_be_to_cpu32 (ia_na->t1); -+ dhcp6->t2 = grub_be_to_cpu32 (ia_na->t2); -+ -+ data_len = len - sizeof (*ia_na); -+ if (data_len) -+ foreach_dhcp6_option ((const struct grub_net_dhcp6_option *)ia_na->data, data_len, parse_dhcp6_iaaddr, dhcp6); -+ } -+ break; -+ -+ case GRUB_NET_DHCP6_OPTION_DNS_SERVERS: -+ { -+ const grub_uint8_t *po; -+ grub_uint16_t ln; -+ grub_net_network_level_address_t *la; -+ -+ if (!len || len & 0xf) -+ { -+ grub_dprintf ("bootp", "Skip invalid length DHCPv6 DNS_SERVERS \n"); -+ break; -+ } -+ dhcp6->num_dns_server = ln = len >> 4; -+ dhcp6->dns_server_addrs = la = grub_zalloc (ln * sizeof (*la)); -+ -+ for (po = opt->data; ln > 0; po += 0x10, la++, ln--) -+ { -+ la->type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ la->ipv6[0] = grub_get_unaligned64 (po); -+ la->ipv6[1] = grub_get_unaligned64 (po + 8); -+ la->option = DNS_OPTION_PREFER_IPV6; -+ } -+ } -+ break; -+ -+ case GRUB_NET_DHCP6_OPTION_BOOTFILE_URL: -+ dissect_url ((const char *)opt->data, -+ &dhcp6->boot_file_proto, -+ &dhcp6->boot_file_server_ip, -+ &dhcp6->boot_file_path); -+ break; -+ -+ default: -+ break; -+ } -+} -+ -+static void -+foreach_dhcp6_option (const struct grub_net_dhcp6_option *opt, grub_size_t size, dhcp6_option_hook_fn hook, void *hook_data) -+{ -+ while (size) -+ { -+ grub_uint16_t code, len; -+ -+ if (size < sizeof (*opt)) -+ { -+ grub_dprintf ("bootp", "DHCPv6: Options stopped with remaining size %" PRIxGRUB_SIZE "\n", size); -+ break; -+ } -+ size -= sizeof (*opt); -+ len = grub_be_to_cpu16 (opt->len); -+ code = grub_be_to_cpu16 (opt->code); -+ if (size < len) -+ { -+ grub_dprintf ("bootp", "DHCPv6: Options stopped at out of bound length %u for option %u\n", len, code); -+ break; -+ } -+ if (!len) -+ { -+ grub_dprintf ("bootp", "DHCPv6: Options stopped at zero length option %u\n", code); -+ break; -+ } -+ else -+ { -+ if (hook) -+ hook (opt, hook_data); -+ size -= len; -+ opt = (const struct grub_net_dhcp6_option *)((grub_uint8_t *)opt + len + sizeof (*opt)); -+ } -+ } -+} -+ -+static grub_dhcp6_options_t -+grub_dhcp6_options_get (const struct grub_net_dhcp6_packet *v6h, -+ grub_size_t size) -+{ -+ grub_dhcp6_options_t options; -+ -+ if (size < sizeof (*v6h)) -+ { -+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("DHCPv6 packet size too small")); -+ return NULL; -+ } -+ -+ options = grub_zalloc (sizeof(*options)); -+ if (!options) -+ return NULL; -+ -+ foreach_dhcp6_option ((const struct grub_net_dhcp6_option *)v6h->dhcp_options, -+ size - sizeof (*v6h), parse_dhcp6_option, options); -+ -+ return options; -+} -+ -+static void -+grub_dhcp6_options_free (grub_dhcp6_options_t options) -+{ -+ if (options->client_duid) -+ grub_free (options->client_duid); -+ if (options->server_duid) -+ grub_free (options->server_duid); -+ if (options->ia_addr) -+ grub_free (options->ia_addr); -+ if (options->dns_server_addrs) -+ grub_free (options->dns_server_addrs); -+ if (options->boot_file_proto) -+ grub_free (options->boot_file_proto); -+ if (options->boot_file_server_ip) -+ grub_free (options->boot_file_server_ip); -+ if (options->boot_file_path) -+ grub_free (options->boot_file_path); -+ -+ grub_free (options); -+} -+ -+static grub_dhcp6_session_t grub_dhcp6_sessions; -+#define FOR_DHCP6_SESSIONS_SAFE(var, next) FOR_LIST_ELEMENTS_SAFE (var, next, grub_dhcp6_sessions) -+#define FOR_DHCP6_SESSIONS(var) FOR_LIST_ELEMENTS (var, grub_dhcp6_sessions) -+ -+static void -+grub_net_configure_by_dhcp6_info (const char *name, -+ struct grub_net_card *card, -+ grub_dhcp6_options_t dhcp6, -+ int is_def, -+ int flags, -+ struct grub_net_network_level_interface **ret_inf) -+{ -+ grub_net_network_level_netaddress_t netaddr; -+ struct grub_net_network_level_interface *inf; -+ -+ if (dhcp6->ia_addr) -+ { -+ inf = grub_net_add_addr (name, card, dhcp6->ia_addr, &card->default_address, flags); -+ -+ netaddr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ netaddr.ipv6.base[0] = dhcp6->ia_addr->ipv6[0]; -+ netaddr.ipv6.base[1] = 0; -+ netaddr.ipv6.masksize = 64; -+ grub_net_add_route (name, netaddr, inf); -+ -+ if (ret_inf) -+ *ret_inf = inf; -+ } -+ -+ if (dhcp6->dns_server_addrs) -+ { -+ grub_uint16_t i; -+ -+ for (i = 0; i < dhcp6->num_dns_server; ++i) -+ grub_net_add_dns_server (dhcp6->dns_server_addrs + i); -+ } -+ -+ if (dhcp6->boot_file_path) -+ grub_env_set_net_property (name, "boot_file", dhcp6->boot_file_path, -+ grub_strlen (dhcp6->boot_file_path)); -+ -+ if (is_def && dhcp6->boot_file_server_ip) -+ { -+ grub_net_default_server = grub_strdup (dhcp6->boot_file_server_ip); -+ grub_env_set ("net_default_interface", name); -+ grub_env_export ("net_default_interface"); -+ } -+} -+ -+static void -+grub_dhcp6_session_add (struct grub_net_network_level_interface *iface, -+ grub_uint32_t iaid) -+{ -+ grub_dhcp6_session_t se; -+ struct grub_datetime date; -+ grub_err_t err; -+ grub_int32_t t = 0; -+ -+ se = grub_malloc (sizeof (*se)); -+ -+ err = grub_get_datetime (&date); -+ if (err || !grub_datetime2unixtime (&date, &t)) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ t = 0; -+ } -+ -+ se->iface = iface; -+ se->iaid = iaid; -+ se->transaction_id = t; -+ se->start_time = grub_get_time_ms (); -+ se->duid.type = grub_cpu_to_be16_compile_time (3) ; -+ se->duid.hw_type = grub_cpu_to_be16_compile_time (1); -+ grub_memcpy (&se->duid.hwaddr, &iface->hwaddress.mac, sizeof (se->duid.hwaddr)); -+ se->adv = NULL; -+ se->reply = NULL; -+ grub_list_push (GRUB_AS_LIST_P (&grub_dhcp6_sessions), GRUB_AS_LIST (se)); -+} -+ -+static void -+grub_dhcp6_session_remove (grub_dhcp6_session_t se) -+{ -+ grub_list_remove (GRUB_AS_LIST (se)); -+ if (se->adv) -+ grub_dhcp6_options_free (se->adv); -+ if (se->reply) -+ grub_dhcp6_options_free (se->reply); -+ grub_free (se); -+} -+ -+static void -+grub_dhcp6_session_remove_all (void) -+{ -+ grub_dhcp6_session_t se, next; -+ -+ FOR_DHCP6_SESSIONS_SAFE (se, next) -+ { -+ grub_dhcp6_session_remove (se); -+ } -+ grub_dhcp6_sessions = NULL; -+} -+ -+static grub_err_t -+grub_dhcp6_session_configure_network (grub_dhcp6_session_t se) -+{ -+ char *name; -+ -+ name = grub_xasprintf ("%s:dhcp6", se->iface->card->name); -+ if (!name) -+ return grub_errno; -+ -+ grub_net_configure_by_dhcp6_info (name, se->iface->card, se->reply, 1, 0, 0); -+ grub_free (name); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_dhcp6_session_send_request (grub_dhcp6_session_t se) -+{ -+ struct grub_net_buff *nb; -+ struct grub_net_dhcp6_option *opt; -+ struct grub_net_dhcp6_packet *v6h; -+ struct grub_net_dhcp6_option_iana *ia_na; -+ struct grub_net_dhcp6_option_iaaddr *iaaddr; -+ struct udphdr *udph; -+ grub_net_network_level_address_t multicast; -+ grub_net_link_level_address_t ll_multicast; -+ grub_uint64_t elapsed; -+ struct grub_net_network_level_interface *inf = se->iface; -+ grub_dhcp6_options_t dhcp6 = se->adv; -+ grub_err_t err = GRUB_ERR_NONE; -+ -+ multicast.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ multicast.ipv6[0] = grub_cpu_to_be64_compile_time (0xff02ULL << 48); -+ multicast.ipv6[1] = grub_cpu_to_be64_compile_time (0x10002ULL); -+ -+ err = grub_net_link_layer_resolve (inf, &multicast, &ll_multicast); -+ if (err) -+ return err; -+ -+ nb = grub_netbuff_alloc (GRUB_DHCP6_DEFAULT_NETBUFF_ALLOC_SIZE); -+ -+ if (!nb) -+ return grub_errno; -+ -+ err = grub_netbuff_reserve (nb, GRUB_DHCP6_DEFAULT_NETBUFF_ALLOC_SIZE); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ err = grub_netbuff_push (nb, dhcp6->client_duid_len + sizeof (*opt)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_CLIENTID); -+ opt->len = grub_cpu_to_be16 (dhcp6->client_duid_len); -+ grub_memcpy (opt->data, dhcp6->client_duid , dhcp6->client_duid_len); -+ -+ err = grub_netbuff_push (nb, dhcp6->server_duid_len + sizeof (*opt)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_SERVERID); -+ opt->len = grub_cpu_to_be16 (dhcp6->server_duid_len); -+ grub_memcpy (opt->data, dhcp6->server_duid , dhcp6->server_duid_len); -+ -+ err = grub_netbuff_push (nb, sizeof (*ia_na) + sizeof (*opt)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ if (dhcp6->ia_addr) -+ { -+ err = grub_netbuff_push (nb, sizeof(*iaaddr) + sizeof (*opt)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ } -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_IA_NA); -+ opt->len = grub_cpu_to_be16 (sizeof (*ia_na)); -+ if (dhcp6->ia_addr) -+ opt->len += grub_cpu_to_be16 (sizeof(*iaaddr) + sizeof (*opt)); -+ -+ ia_na = (struct grub_net_dhcp6_option_iana *)opt->data; -+ ia_na->iaid = grub_cpu_to_be32 (dhcp6->iaid); -+ -+ ia_na->t1 = grub_cpu_to_be32 (dhcp6->t1); -+ ia_na->t2 = grub_cpu_to_be32 (dhcp6->t2); -+ -+ if (dhcp6->ia_addr) -+ { -+ opt = (struct grub_net_dhcp6_option *)ia_na->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_IAADDR); -+ opt->len = grub_cpu_to_be16 (sizeof (*iaaddr)); -+ iaaddr = (struct grub_net_dhcp6_option_iaaddr *)opt->data; -+ grub_set_unaligned64 (iaaddr->addr, dhcp6->ia_addr->ipv6[0]); -+ grub_set_unaligned64 (iaaddr->addr + 8, dhcp6->ia_addr->ipv6[1]); -+ -+ iaaddr->preferred_lifetime = grub_cpu_to_be32 (dhcp6->preferred_lifetime); -+ iaaddr->valid_lifetime = grub_cpu_to_be32 (dhcp6->valid_lifetime); -+ } -+ -+ err = grub_netbuff_push (nb, sizeof (*opt) + 2 * sizeof (grub_uint16_t)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ opt = (struct grub_net_dhcp6_option*) nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_ORO); -+ opt->len = grub_cpu_to_be16_compile_time (2 * sizeof (grub_uint16_t)); -+ grub_set_unaligned16 (opt->data, grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_BOOTFILE_URL)); -+ grub_set_unaligned16 (opt->data + 2, grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_DNS_SERVERS)); -+ -+ err = grub_netbuff_push (nb, sizeof (*opt) + sizeof (grub_uint16_t)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ opt = (struct grub_net_dhcp6_option*) nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_ELAPSED_TIME); -+ opt->len = grub_cpu_to_be16_compile_time (sizeof (grub_uint16_t)); -+ -+ /* the time is expressed in hundredths of a second */ -+ elapsed = grub_divmod64 (grub_get_time_ms () - se->start_time, 10, 0); -+ -+ if (elapsed > 0xffff) -+ elapsed = 0xffff; -+ -+ grub_set_unaligned16 (opt->data, grub_cpu_to_be16 ((grub_uint16_t)elapsed)); -+ -+ err = grub_netbuff_push (nb, sizeof (*v6h)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ v6h = (struct grub_net_dhcp6_packet *) nb->data; -+ v6h->message_type = GRUB_NET_DHCP6_REQUEST; -+ v6h->transaction_id = se->transaction_id; -+ -+ err = grub_netbuff_push (nb, sizeof (*udph)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ udph = (struct udphdr *) nb->data; -+ udph->src = grub_cpu_to_be16_compile_time (DHCP6_CLIENT_PORT); -+ udph->dst = grub_cpu_to_be16_compile_time (DHCP6_SERVER_PORT); -+ udph->chksum = 0; -+ udph->len = grub_cpu_to_be16 (nb->tail - nb->data); -+ -+ udph->chksum = grub_net_ip_transport_checksum (nb, GRUB_NET_IP_UDP, -+ &inf->address, -+ &multicast); -+ err = grub_net_send_ip_packet (inf, &multicast, &ll_multicast, nb, -+ GRUB_NET_IP_UDP); -+ -+ grub_netbuff_free (nb); -+ -+ return err; -+} -+ -+struct grub_net_network_level_interface * -+grub_net_configure_by_dhcpv6_reply (const char *name, -+ struct grub_net_card *card, -+ grub_net_interface_flags_t flags, -+ const struct grub_net_dhcp6_packet *v6h, -+ grub_size_t size, -+ int is_def, -+ char **device, char **path) -+{ -+ struct grub_net_network_level_interface *inf; -+ grub_dhcp6_options_t dhcp6; -+ int mask = -1; -+ -+ dhcp6 = grub_dhcp6_options_get (v6h, size); -+ if (!dhcp6) -+ { -+ grub_print_error (); -+ return NULL; -+ } -+ -+ grub_net_configure_by_dhcp6_info (name, card, dhcp6, is_def, flags, &inf); -+ -+ if (device && dhcp6->boot_file_proto && dhcp6->boot_file_server_ip) -+ { -+ *device = grub_xasprintf ("%s,%s", dhcp6->boot_file_proto, dhcp6->boot_file_server_ip); -+ grub_print_error (); -+ } -+ if (path && dhcp6->boot_file_path) -+ { -+ *path = grub_strdup (dhcp6->boot_file_path); -+ grub_print_error (); -+ if (*path) -+ { -+ char *slash; -+ slash = grub_strrchr (*path, '/'); -+ if (slash) -+ *slash = 0; -+ else -+ **path = 0; -+ } -+ } -+ -+ grub_dhcp6_options_free (dhcp6); -+ -+ if (inf) -+ grub_net_add_ipv6_local (inf, mask); -+ -+ return inf; -+} -+ - /* - * This is called directly from net/ip.c:handle_dgram(), because those - * BOOTP/DHCP packets are a bit special due to their improper -@@ -672,6 +1342,77 @@ grub_net_process_dhcp (struct grub_net_buff *nb, - } - } - -+grub_err_t -+grub_net_process_dhcp6 (struct grub_net_buff *nb, -+ struct grub_net_card *card __attribute__ ((unused))) -+{ -+ const struct grub_net_dhcp6_packet *v6h; -+ grub_dhcp6_session_t se; -+ grub_size_t size; -+ grub_dhcp6_options_t options; -+ -+ v6h = (const struct grub_net_dhcp6_packet *) nb->data; -+ size = nb->tail - nb->data; -+ -+ options = grub_dhcp6_options_get (v6h, size); -+ if (!options) -+ return grub_errno; -+ -+ if (!options->client_duid || !options->server_duid || !options->ia_addr) -+ { -+ grub_dhcp6_options_free (options); -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "Bad DHCPv6 Packet"); -+ } -+ -+ FOR_DHCP6_SESSIONS (se) -+ { -+ if (se->transaction_id == v6h->transaction_id && -+ grub_memcmp (options->client_duid, &se->duid, sizeof (se->duid)) == 0 && -+ se->iaid == options->iaid) -+ break; -+ } -+ -+ if (!se) -+ { -+ grub_dprintf ("bootp", "DHCPv6 session not found\n"); -+ grub_dhcp6_options_free (options); -+ return GRUB_ERR_NONE; -+ } -+ -+ if (v6h->message_type == GRUB_NET_DHCP6_ADVERTISE) -+ { -+ if (se->adv) -+ { -+ grub_dprintf ("bootp", "Skipped DHCPv6 Advertised .. \n"); -+ grub_dhcp6_options_free (options); -+ return GRUB_ERR_NONE; -+ } -+ -+ se->adv = options; -+ return grub_dhcp6_session_send_request (se); -+ } -+ else if (v6h->message_type == GRUB_NET_DHCP6_REPLY) -+ { -+ if (!se->adv) -+ { -+ grub_dprintf ("bootp", "Skipped DHCPv6 Reply .. \n"); -+ grub_dhcp6_options_free (options); -+ return GRUB_ERR_NONE; -+ } -+ -+ se->reply = options; -+ grub_dhcp6_session_configure_network (se); -+ grub_dhcp6_session_remove (se); -+ return GRUB_ERR_NONE; -+ } -+ else -+ { -+ grub_dhcp6_options_free (options); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ - static grub_err_t - grub_cmd_dhcpopt (struct grub_command *cmd __attribute__ ((unused)), - int argc, char **args) -@@ -897,180 +1638,174 @@ grub_cmd_bootp (struct grub_command *cmd __attribute__ ((unused)), - return err; - } - --static grub_command_t cmd_getdhcp, cmd_bootp, cmd_dhcp; -- --struct grub_net_network_level_interface * --grub_net_configure_by_dhcpv6_ack (const char *name, -- struct grub_net_card *card, -- grub_net_interface_flags_t flags -- __attribute__((__unused__)), -- const grub_net_link_level_address_t *hwaddr, -- const struct grub_net_dhcpv6_packet *packet, -- int is_def, char **device, char **path) -+static grub_err_t -+grub_cmd_bootp6 (struct grub_command *cmd __attribute__ ((unused)), -+ int argc, char **args) - { -- struct grub_net_network_level_interface *inter = NULL; -- struct grub_net_network_level_address addr; -- int mask = -1; -+ struct grub_net_card *card; -+ grub_uint32_t iaid = 0; -+ int interval; -+ grub_err_t err; -+ grub_dhcp6_session_t se; - -- if (!device || !path) -- return NULL; -+ err = GRUB_ERR_NONE; - -- *device = 0; -- *path = 0; -+ FOR_NET_CARDS (card) -+ { -+ struct grub_net_network_level_interface *iface; - -- grub_dprintf ("net", "mac address is %02x:%02x:%02x:%02x:%02x:%02x\n", -- hwaddr->mac[0], hwaddr->mac[1], hwaddr->mac[2], -- hwaddr->mac[3], hwaddr->mac[4], hwaddr->mac[5]); -+ if (argc > 0 && grub_strcmp (card->name, args[0]) != 0) -+ continue; - -- if (is_def) -- grub_net_default_server = 0; -+ iface = grub_net_ipv6_get_link_local (card, &card->default_address); -+ if (!iface) -+ { -+ grub_dhcp6_session_remove_all (); -+ return grub_errno; -+ } - -- if (is_def && !grub_net_default_server && packet) -+ grub_dhcp6_session_add (iface, iaid++); -+ } -+ -+ for (interval = 200; interval < 10000; interval *= 2) - { -- const grub_uint8_t *options = packet->dhcp_options; -- unsigned int option_max = 1024 - OFFSET_OF (dhcp_options, packet); -- unsigned int i; -- -- for (i = 0; i < option_max - sizeof (grub_net_dhcpv6_option_t); ) -- { -- grub_uint16_t num, len; -- grub_net_dhcpv6_option_t *opt = -- (grub_net_dhcpv6_option_t *)(options + i); -- -- num = grub_be_to_cpu16(opt->option_num); -- len = grub_be_to_cpu16(opt->option_len); -- -- grub_dprintf ("net", "got dhcpv6 option %d len %d\n", num, len); -- -- if (len == 0) -- break; -- -- if (len + i > 1024) -- break; -- -- if (num == GRUB_NET_DHCP6_BOOTFILE_URL) -- { -- char *scheme, *userinfo, *host, *file; -- char *tmp; -- int hostlen; -- int port; -- int rc = extract_url_info ((const char *)opt->option_data, -- (grub_size_t)len, -- &scheme, &userinfo, &host, &port, -- &file); -- if (rc < 0) -- continue; -- -- /* right now this only handles tftp. */ -- if (grub_strcmp("tftp", scheme)) -- { -- grub_free (scheme); -- grub_free (userinfo); -- grub_free (host); -- grub_free (file); -- continue; -- } -- grub_free (userinfo); -- -- hostlen = grub_strlen (host); -- if (hostlen > 2 && host[0] == '[' && host[hostlen-1] == ']') -- { -- tmp = host+1; -- host[hostlen-1] = '\0'; -- } -- else -- tmp = host; -- -- *device = grub_xasprintf ("%s,%s", scheme, tmp); -- grub_free (scheme); -- grub_free (host); -- -- if (file && *file) -- { -- tmp = grub_strrchr (file, '/'); -- if (tmp) -- *(tmp+1) = '\0'; -- else -- file[0] = '\0'; -- } -- else if (!file) -- file = grub_strdup (""); -- -- if (file[0] == '/') -- { -- *path = grub_strdup (file+1); -- grub_free (file); -- } -- else -- *path = file; -- } -- else if (num == GRUB_NET_DHCP6_IA_NA) -- { -- const grub_net_dhcpv6_option_t *ia_na_opt; -- const grub_net_dhcpv6_opt_ia_na_t *ia_na = -- (const grub_net_dhcpv6_opt_ia_na_t *)opt; -- unsigned int left = len - OFFSET_OF (options, ia_na); -- unsigned int j; -- -- if ((grub_uint8_t *)ia_na + left > -- (grub_uint8_t *)options + option_max) -- left -= ((grub_uint8_t *)ia_na + left) -- - ((grub_uint8_t *)options + option_max); -- -- if (len < OFFSET_OF (option_data, opt) -- + sizeof (grub_net_dhcpv6_option_t)) -- { -- grub_dprintf ("net", -- "found dhcpv6 ia_na option with no address\n"); -- continue; -- } -- -- for (j = 0; left > sizeof (grub_net_dhcpv6_option_t); ) -- { -- ia_na_opt = (const grub_net_dhcpv6_option_t *) -- (ia_na->options + j); -- grub_uint16_t ia_na_opt_num, ia_na_opt_len; -- -- ia_na_opt_num = grub_be_to_cpu16 (ia_na_opt->option_num); -- ia_na_opt_len = grub_be_to_cpu16 (ia_na_opt->option_len); -- if (ia_na_opt_len == 0) -- break; -- if (j + ia_na_opt_len > left) -- break; -- if (ia_na_opt_num == GRUB_NET_DHCP6_IA_ADDRESS) -- { -- const grub_net_dhcpv6_opt_ia_address_t *ia_addr; -- -- ia_addr = (const grub_net_dhcpv6_opt_ia_address_t *) -- ia_na_opt; -- addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -- grub_memcpy(addr.ipv6, ia_addr->ipv6_address, -- sizeof (ia_addr->ipv6_address)); -- inter = grub_net_add_addr (name, card, &addr, hwaddr, 0); -- } -- -- j += ia_na_opt_len; -- left -= ia_na_opt_len; -- } -- } -- -- i += len + 4; -- } -- -- grub_print_error (); -+ int done = 1; -+ -+ FOR_DHCP6_SESSIONS (se) -+ { -+ struct grub_net_buff *nb; -+ struct grub_net_dhcp6_option *opt; -+ struct grub_net_dhcp6_packet *v6h; -+ struct grub_net_dhcp6_option_duid_ll *duid; -+ struct grub_net_dhcp6_option_iana *ia_na; -+ grub_net_network_level_address_t multicast; -+ grub_net_link_level_address_t ll_multicast; -+ struct udphdr *udph; -+ -+ multicast.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; -+ multicast.ipv6[0] = grub_cpu_to_be64_compile_time (0xff02ULL << 48); -+ multicast.ipv6[1] = grub_cpu_to_be64_compile_time (0x10002ULL); -+ -+ err = grub_net_link_layer_resolve (se->iface, -+ &multicast, &ll_multicast); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ return err; -+ } -+ -+ nb = grub_netbuff_alloc (GRUB_DHCP6_DEFAULT_NETBUFF_ALLOC_SIZE); -+ -+ if (!nb) -+ { -+ grub_dhcp6_session_remove_all (); -+ return grub_errno; -+ } -+ -+ err = grub_netbuff_reserve (nb, GRUB_DHCP6_DEFAULT_NETBUFF_ALLOC_SIZE); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ err = grub_netbuff_push (nb, sizeof (*opt) + sizeof (grub_uint16_t)); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_ELAPSED_TIME); -+ opt->len = grub_cpu_to_be16_compile_time (sizeof (grub_uint16_t)); -+ grub_set_unaligned16 (opt->data, 0); -+ -+ err = grub_netbuff_push (nb, sizeof (*opt) + sizeof (*duid)); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_CLIENTID); -+ opt->len = grub_cpu_to_be16 (sizeof (*duid)); -+ -+ duid = (struct grub_net_dhcp6_option_duid_ll *) opt->data; -+ grub_memcpy (duid, &se->duid, sizeof (*duid)); -+ -+ err = grub_netbuff_push (nb, sizeof (*opt) + sizeof (*ia_na)); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ opt = (struct grub_net_dhcp6_option *)nb->data; -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_IA_NA); -+ opt->len = grub_cpu_to_be16 (sizeof (*ia_na)); -+ ia_na = (struct grub_net_dhcp6_option_iana *)opt->data; -+ ia_na->iaid = grub_cpu_to_be32 (se->iaid); -+ ia_na->t1 = 0; -+ ia_na->t2 = 0; -+ -+ err = grub_netbuff_push (nb, sizeof (*v6h)); -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ v6h = (struct grub_net_dhcp6_packet *)nb->data; -+ v6h->message_type = GRUB_NET_DHCP6_SOLICIT; -+ v6h->transaction_id = se->transaction_id; -+ -+ grub_netbuff_push (nb, sizeof (*udph)); -+ -+ udph = (struct udphdr *) nb->data; -+ udph->src = grub_cpu_to_be16_compile_time (DHCP6_CLIENT_PORT); -+ udph->dst = grub_cpu_to_be16_compile_time (DHCP6_SERVER_PORT); -+ udph->chksum = 0; -+ udph->len = grub_cpu_to_be16 (nb->tail - nb->data); -+ -+ udph->chksum = grub_net_ip_transport_checksum (nb, GRUB_NET_IP_UDP, -+ &se->iface->address, &multicast); -+ -+ err = grub_net_send_ip_packet (se->iface, &multicast, -+ &ll_multicast, nb, GRUB_NET_IP_UDP); -+ done = 0; -+ grub_netbuff_free (nb); -+ -+ if (err) -+ { -+ grub_dhcp6_session_remove_all (); -+ return err; -+ } -+ } -+ if (!done) -+ grub_net_poll_cards (interval, 0); - } - -- if (is_def) -+ FOR_DHCP6_SESSIONS (se) - { -- grub_env_set ("net_default_interface", name); -- grub_env_export ("net_default_interface"); -+ grub_error_push (); -+ err = grub_error (GRUB_ERR_FILE_NOT_FOUND, -+ N_("couldn't autoconfigure %s"), -+ se->iface->card->name); - } - -- if (inter) -- grub_net_add_ipv6_local (inter, mask); -- return inter; -+ grub_dhcp6_session_remove_all (); -+ -+ return err; - } - -+static grub_command_t cmd_getdhcp, cmd_bootp, cmd_dhcp, cmd_bootp6; - - void - grub_bootp_init (void) -@@ -1084,11 +1819,15 @@ grub_bootp_init (void) - cmd_getdhcp = grub_register_command ("net_get_dhcp_option", grub_cmd_dhcpopt, - N_("VAR INTERFACE NUMBER DESCRIPTION"), - N_("retrieve DHCP option and save it into VAR. If VAR is - then print the value.")); -+ cmd_bootp6 = grub_register_command ("net_bootp6", grub_cmd_bootp6, -+ N_("[CARD]"), -+ N_("perform a DHCPv6 autoconfiguration")); - } - - void - grub_bootp_fini (void) - { -+ grub_unregister_command (cmd_bootp6); - grub_unregister_command (cmd_getdhcp); - grub_unregister_command (cmd_bootp); - grub_unregister_command (cmd_dhcp); -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index a673bea807a..8e25680db0c 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -393,9 +393,6 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - pxe_mode = pxe->mode; - if (pxe_mode->using_ipv6) - { -- grub_net_link_level_address_t hwaddr; -- struct grub_net_network_level_interface *intf; -- - grub_dprintf ("efinet", "using ipv6 and dhcpv6\n"); - grub_dprintf ("efinet", "dhcp_ack_received: %s%s\n", - pxe_mode->dhcp_ack_received ? "yes" : "no", -@@ -403,15 +400,14 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - if (!pxe_mode->dhcp_ack_received) - continue; - -- hwaddr.type = GRUB_NET_LINK_LEVEL_PROTOCOL_ETHERNET; -- grub_memcpy (hwaddr.mac, -- card->efi_net->mode->current_address, -- sizeof (hwaddr.mac)); -- -- intf = grub_net_configure_by_dhcpv6_ack (card->name, card, 0, &hwaddr, -- (const struct grub_net_dhcpv6_packet *)&pxe_mode->dhcp_ack.dhcpv6, -- 1, device, path); -- if (intf && device && path) -+ grub_net_configure_by_dhcpv6_reply (card->name, card, 0, -+ (struct grub_net_dhcp6_packet *) -+ &pxe_mode->dhcp_ack, -+ sizeof (pxe_mode->dhcp_ack), -+ 1, device, path); -+ if (grub_errno) -+ grub_print_error (); -+ if (device && path) - grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); - } - else -diff --git a/grub-core/net/ip.c b/grub-core/net/ip.c -index a5896f6dc26..ce6bdc75c6d 100644 ---- a/grub-core/net/ip.c -+++ b/grub-core/net/ip.c -@@ -239,6 +239,45 @@ handle_dgram (struct grub_net_buff *nb, - { - struct udphdr *udph; - udph = (struct udphdr *) nb->data; -+ -+ if (proto == GRUB_NET_IP_UDP && udph->dst == grub_cpu_to_be16_compile_time (DHCP6_CLIENT_PORT)) -+ { -+ if (udph->chksum) -+ { -+ grub_uint16_t chk, expected; -+ chk = udph->chksum; -+ udph->chksum = 0; -+ expected = grub_net_ip_transport_checksum (nb, -+ GRUB_NET_IP_UDP, -+ source, -+ dest); -+ if (expected != chk) -+ { -+ grub_dprintf ("net", "Invalid UDP checksum. " -+ "Expected %x, got %x\n", -+ grub_be_to_cpu16 (expected), -+ grub_be_to_cpu16 (chk)); -+ grub_netbuff_free (nb); -+ return GRUB_ERR_NONE; -+ } -+ udph->chksum = chk; -+ } -+ -+ err = grub_netbuff_pull (nb, sizeof (*udph)); -+ if (err) -+ { -+ grub_netbuff_free (nb); -+ return err; -+ } -+ -+ err = grub_net_process_dhcp6 (nb, card); -+ if (err) -+ grub_print_error (); -+ -+ grub_netbuff_free (nb); -+ return GRUB_ERR_NONE; -+ } -+ - if (proto == GRUB_NET_IP_UDP && grub_be_to_cpu16 (udph->dst) == 68) - { - const struct grub_net_bootp_packet *bootp; -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 99628801478..7614b58dca8 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -1532,7 +1532,7 @@ typedef struct grub_efi_pxe_ip_filter - { - grub_efi_uint8_t filters; - grub_efi_uint8_t ip_count; -- grub_efi_uint8_t reserved; -+ grub_efi_uint16_t reserved; - grub_efi_ip_address_t ip_list[GRUB_EFI_PXE_MAX_IPCNT]; - } grub_efi_pxe_ip_filter_t; - -diff --git a/include/grub/net.h b/include/grub/net.h -index d55d505a03a..543251f7273 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -451,50 +451,65 @@ struct grub_net_bootp_packet - grub_uint8_t vendor[0]; - } GRUB_PACKED; - --enum -- { -- GRUB_NET_DHCP6_IA_NA = 3, -- GRUB_NET_DHCP6_IA_ADDRESS = 5, -- GRUB_NET_DHCP6_BOOTFILE_URL = 59, -- }; -- --struct grub_net_dhcpv6_option -+struct grub_net_dhcp6_packet - { -- grub_uint16_t option_num; -- grub_uint16_t option_len; -- grub_uint8_t option_data[]; -+ grub_uint32_t message_type:8; -+ grub_uint32_t transaction_id:24; -+ grub_uint8_t dhcp_options[0]; - } GRUB_PACKED; --typedef struct grub_net_dhcpv6_option grub_net_dhcpv6_option_t; - --struct grub_net_dhcpv6_opt_ia_na --{ -- grub_uint16_t option_num; -- grub_uint16_t option_len; -+struct grub_net_dhcp6_option { -+ grub_uint16_t code; -+ grub_uint16_t len; -+ grub_uint8_t data[0]; -+} GRUB_PACKED; -+ -+struct grub_net_dhcp6_option_iana { - grub_uint32_t iaid; - grub_uint32_t t1; - grub_uint32_t t2; -- grub_uint8_t options[]; -+ grub_uint8_t data[0]; - } GRUB_PACKED; --typedef struct grub_net_dhcpv6_opt_ia_na grub_net_dhcpv6_opt_ia_na_t; - --struct grub_net_dhcpv6_opt_ia_address --{ -- grub_uint16_t option_num; -- grub_uint16_t option_len; -- grub_uint64_t ipv6_address[2]; -+struct grub_net_dhcp6_option_iaaddr { -+ grub_uint8_t addr[16]; - grub_uint32_t preferred_lifetime; - grub_uint32_t valid_lifetime; -- grub_uint8_t options[]; -+ grub_uint8_t data[0]; - } GRUB_PACKED; --typedef struct grub_net_dhcpv6_opt_ia_address grub_net_dhcpv6_opt_ia_address_t; - --struct grub_net_dhcpv6_packet -+struct grub_net_dhcp6_option_duid_ll - { -- grub_uint32_t message_type:8; -- grub_uint32_t transaction_id:24; -- grub_uint8_t dhcp_options[1024]; -+ grub_uint16_t type; -+ grub_uint16_t hw_type; -+ grub_uint8_t hwaddr[6]; - } GRUB_PACKED; --typedef struct grub_net_dhcpv6_packet grub_net_dhcpv6_packet_t; -+ -+enum -+ { -+ GRUB_NET_DHCP6_SOLICIT = 1, -+ GRUB_NET_DHCP6_ADVERTISE = 2, -+ GRUB_NET_DHCP6_REQUEST = 3, -+ GRUB_NET_DHCP6_REPLY = 7 -+ }; -+ -+enum -+ { -+ DHCP6_CLIENT_PORT = 546, -+ DHCP6_SERVER_PORT = 547 -+ }; -+ -+enum -+ { -+ GRUB_NET_DHCP6_OPTION_CLIENTID = 1, -+ GRUB_NET_DHCP6_OPTION_SERVERID = 2, -+ GRUB_NET_DHCP6_OPTION_IA_NA = 3, -+ GRUB_NET_DHCP6_OPTION_IAADDR = 5, -+ GRUB_NET_DHCP6_OPTION_ORO = 6, -+ GRUB_NET_DHCP6_OPTION_ELAPSED_TIME = 8, -+ GRUB_NET_DHCP6_OPTION_DNS_SERVERS = 23, -+ GRUB_NET_DHCP6_OPTION_BOOTFILE_URL = 59 -+ }; - - #define GRUB_NET_BOOTP_RFC1048_MAGIC_0 0x63 - #define GRUB_NET_BOOTP_RFC1048_MAGIC_1 0x82 -@@ -532,12 +547,12 @@ grub_net_configure_by_dhcp_ack (const char *name, - int is_def, char **device, char **path); - - struct grub_net_network_level_interface * --grub_net_configure_by_dhcpv6_ack (const char *name, -- struct grub_net_card *card, -- grub_net_interface_flags_t flags, -- const grub_net_link_level_address_t *hwaddr, -- const struct grub_net_dhcpv6_packet *packet, -- int is_def, char **device, char **path); -+grub_net_configure_by_dhcpv6_reply (const char *name, -+ struct grub_net_card *card, -+ grub_net_interface_flags_t flags, -+ const struct grub_net_dhcp6_packet *v6, -+ grub_size_t size, -+ int is_def, char **device, char **path); - - int - grub_ipv6_get_masksize(grub_uint16_t *mask); -@@ -554,6 +569,10 @@ void - grub_net_process_dhcp (struct grub_net_buff *nb, - struct grub_net_network_level_interface *iface); - -+grub_err_t -+grub_net_process_dhcp6 (struct grub_net_buff *nb, -+ struct grub_net_card *card); -+ - int - grub_net_hwaddr_cmp (const grub_net_link_level_address_t *a, - const grub_net_link_level_address_t *b); diff --git a/0077-efinet-UEFI-IPv6-PXE-support.patch b/0077-efinet-UEFI-IPv6-PXE-support.patch deleted file mode 100644 index d8b22b8c94a3535b1782a86f62c0955971b7d2a1..0000000000000000000000000000000000000000 --- a/0077-efinet-UEFI-IPv6-PXE-support.patch +++ /dev/null @@ -1,126 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 15 Apr 2015 14:48:30 +0800 -Subject: [PATCH] efinet: UEFI IPv6 PXE support - -When grub2 image is booted from UEFI IPv6 PXE, the DHCPv6 Reply packet is -cached in firmware buffer which can be obtained by PXE Base Code protocol. The -network interface can be setup through the parameters in that obtained packet. - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin ---- - grub-core/net/drivers/efi/efinet.c | 2 ++ - include/grub/efi/api.h | 71 +++++++++++++++++++++++--------------- - 2 files changed, 46 insertions(+), 27 deletions(-) - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 8e25680db0c..014e5bf9802 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -409,6 +409,8 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - grub_print_error (); - if (device && path) - grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); -+ if (grub_errno) -+ grub_print_error (); - } - else - { -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 7614b58dca8..91ab528e4d0 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -1524,31 +1524,6 @@ typedef union - grub_efi_pxe_dhcpv6_packet_t dhcpv6; - } grub_efi_pxe_packet_t; - --#define GRUB_EFI_PXE_MAX_IPCNT 8 --#define GRUB_EFI_PXE_MAX_ARP_ENTRIES 8 --#define GRUB_EFI_PXE_MAX_ROUTE_ENTRIES 8 -- --typedef struct grub_efi_pxe_ip_filter --{ -- grub_efi_uint8_t filters; -- grub_efi_uint8_t ip_count; -- grub_efi_uint16_t reserved; -- grub_efi_ip_address_t ip_list[GRUB_EFI_PXE_MAX_IPCNT]; --} grub_efi_pxe_ip_filter_t; -- --typedef struct grub_efi_pxe_arp_entry --{ -- grub_efi_ip_address_t ip_addr; -- grub_efi_mac_address_t mac_addr; --} grub_efi_pxe_arp_entry_t; -- --typedef struct grub_efi_pxe_route_entry --{ -- grub_efi_ip_address_t ip_addr; -- grub_efi_ip_address_t subnet_mask; -- grub_efi_ip_address_t gateway_addr; --} grub_efi_pxe_route_entry_t; -- - typedef struct grub_efi_pxe_icmp_error - { - grub_efi_uint8_t type; -@@ -1574,6 +1549,48 @@ typedef struct grub_efi_pxe_tftp_error - grub_efi_char8_t error_string[127]; - } grub_efi_pxe_tftp_error_t; - -+typedef struct { -+ grub_uint8_t addr[4]; -+} grub_efi_pxe_ipv4_address_t; -+ -+typedef struct { -+ grub_uint8_t addr[16]; -+} grub_efi_pxe_ipv6_address_t; -+ -+typedef struct { -+ grub_uint8_t addr[32]; -+} grub_efi_pxe_mac_address_t; -+ -+typedef union { -+ grub_uint32_t addr[4]; -+ grub_efi_pxe_ipv4_address_t v4; -+ grub_efi_pxe_ipv6_address_t v6; -+} grub_efi_pxe_ip_address_t; -+ -+#define GRUB_EFI_PXE_BASE_CODE_MAX_IPCNT 8 -+typedef struct grub_efi_pxe_ip_filter -+{ -+ grub_efi_uint8_t filters; -+ grub_efi_uint8_t ip_count; -+ grub_efi_uint16_t reserved; -+ grub_efi_ip_address_t ip_list[GRUB_EFI_PXE_BASE_CODE_MAX_IPCNT]; -+} grub_efi_pxe_ip_filter_t; -+ -+typedef struct { -+ grub_efi_pxe_ip_address_t ip_addr; -+ grub_efi_pxe_mac_address_t mac_addr; -+} grub_efi_pxe_arp_entry_t; -+ -+typedef struct { -+ grub_efi_pxe_ip_address_t ip_addr; -+ grub_efi_pxe_ip_address_t subnet_mask; -+ grub_efi_pxe_ip_address_t gw_addr; -+} grub_efi_pxe_route_entry_t; -+ -+ -+#define GRUB_EFI_PXE_BASE_CODE_MAX_ARP_ENTRIES 8 -+#define GRUB_EFI_PXE_BASE_CODE_MAX_ROUTE_ENTRIES 8 -+ - typedef struct grub_efi_pxe_mode - { - grub_efi_boolean_t started; -@@ -1605,9 +1622,9 @@ typedef struct grub_efi_pxe_mode - grub_efi_pxe_packet_t pxe_bis_reply; - grub_efi_pxe_ip_filter_t ip_filter; - grub_efi_uint32_t arp_cache_entries; -- grub_efi_pxe_arp_entry_t arp_cache[GRUB_EFI_PXE_MAX_ARP_ENTRIES]; -+ grub_efi_pxe_arp_entry_t arp_cache[GRUB_EFI_PXE_BASE_CODE_MAX_ARP_ENTRIES]; - grub_efi_uint32_t route_table_entries; -- grub_efi_pxe_route_entry_t route_table[GRUB_EFI_PXE_MAX_ROUTE_ENTRIES]; -+ grub_efi_pxe_route_entry_t route_table[GRUB_EFI_PXE_BASE_CODE_MAX_ROUTE_ENTRIES]; - grub_efi_pxe_icmp_error_t icmp_error; - grub_efi_pxe_tftp_error_t tftp_error; - } grub_efi_pxe_mode_t; diff --git a/0078-grub.texi-Add-net_bootp6-doument.patch b/0078-grub.texi-Add-net_bootp6-doument.patch deleted file mode 100644 index 3f8ec97a685181b0e3489e5c97d998349d1b6421..0000000000000000000000000000000000000000 --- a/0078-grub.texi-Add-net_bootp6-doument.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Tue, 5 May 2015 14:19:24 +0800 -Subject: [PATCH] grub.texi: Add net_bootp6 doument - -Update grub documentation for net_bootp6 command. - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin ---- - docs/grub.texi | 17 +++++++++++++++++ - 1 file changed, 17 insertions(+) - -diff --git a/docs/grub.texi b/docs/grub.texi -index 0615d0ed97e..04ed6ac1f07 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -5487,6 +5487,7 @@ This command is only available on AArch64 systems. - * net_add_dns:: Add a DNS server - * net_add_route:: Add routing entry - * net_bootp:: Perform a bootp/DHCP autoconfiguration -+* net_bootp6:: Perform a DHCPv6 autoconfiguration - * net_del_addr:: Remove IP address from interface - * net_del_dns:: Remove a DNS server - * net_del_route:: Remove a route entry -@@ -5611,6 +5612,22 @@ Sets environment variable @samp{net_}@var{}@samp{_boot_file} - - @end deffn - -+@node net_bootp6 -+@subsection net_bootp6 -+ -+@deffn Command net_bootp6 [@var{card}] -+Perform configuration of @var{card} using DHCPv6 protocol. If no card name is -+specified, try to configure all existing cards. If configuration was -+successful, interface with name @var{card}@samp{:dhcp6} and configured address -+is added to @var{card}. -+ -+@table @samp -+@item 1 (Domain Name Server) -+Adds all servers from option value to the list of servers used during name -+resolution. -+@end table -+ -+@end deffn - - @node net_get_dhcp_option - @subsection net_get_dhcp_option diff --git a/0079-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch b/0079-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch deleted file mode 100644 index e800dd236d9dede4e0c16f65ac307475a9df2f60..0000000000000000000000000000000000000000 --- a/0079-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 10 Jul 2019 23:58:28 +0200 -Subject: [PATCH] bootp: Add processing DHCPACK packet from HTTP Boot - -The vendor class identifier with the string "HTTPClient" is used to denote the -packet as responding to HTTP boot request. In DHCP4 config, the filename for -HTTP boot is the URL of the boot file while for PXE boot it is the path to the -boot file. As a consequence, the next-server becomes obseleted because the HTTP -URL already contains the server address for the boot file. For DHCP6 config, -there's no difference definition in existing config as dhcp6.bootfile-url can -be used to specify URL for both HTTP and PXE boot file. - -This patch adds processing for "HTTPClient" vendor class identifier in DHCPACK -packet by treating it as HTTP format, not as the PXE format. - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin ---- - grub-core/net/bootp.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++ - include/grub/net.h | 1 + - 2 files changed, 56 insertions(+) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index fe93b80f1cf..8fb8918ae7e 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -500,6 +501,60 @@ grub_net_configure_by_dhcp_ack (const char *name, - if (opt && opt_len) - grub_env_set_net_property (name, "rootpath", (const char *) opt, opt_len); - -+ opt = find_dhcp_option (bp, size, GRUB_NET_BOOTP_VENDOR_CLASS_IDENTIFIER, &opt_len); -+ if (opt && opt_len) -+ { -+ grub_env_set_net_property (name, "vendor_class_identifier", (const char *) opt, opt_len); -+ if (opt && grub_strcmp (opt, "HTTPClient") == 0) -+ { -+ char *proto, *ip, *pa; -+ -+ if (!dissect_url (bp->boot_file, &proto, &ip, &pa)) -+ return inter; -+ -+ grub_env_set_net_property (name, "boot_file", pa, grub_strlen (pa)); -+ if (is_def) -+ { -+ grub_net_default_server = grub_strdup (ip); -+ grub_env_set ("net_default_interface", name); -+ grub_env_export ("net_default_interface"); -+ } -+ if (device && !*device) -+ { -+ *device = grub_xasprintf ("%s,%s", proto, ip); -+ grub_print_error (); -+ } -+ if (path) -+ { -+ *path = grub_strdup (pa); -+ grub_print_error (); -+ if (*path) -+ { -+ char *slash; -+ slash = grub_strrchr (*path, '/'); -+ if (slash) -+ *slash = 0; -+ else -+ **path = 0; -+ } -+ } -+ grub_net_add_ipv4_local (inter, mask); -+ inter->dhcp_ack = grub_malloc (size); -+ if (inter->dhcp_ack) -+ { -+ grub_memcpy (inter->dhcp_ack, bp, size); -+ inter->dhcp_acklen = size; -+ } -+ else -+ grub_errno = GRUB_ERR_NONE; -+ -+ grub_free (proto); -+ grub_free (ip); -+ grub_free (pa); -+ return inter; -+ } -+ } -+ - opt = find_dhcp_option (bp, size, GRUB_NET_BOOTP_EXTENSIONS_PATH, &opt_len); - if (opt && opt_len) - grub_env_set_net_property (name, "extensionspath", (const char *) opt, opt_len); -diff --git a/include/grub/net.h b/include/grub/net.h -index 543251f7273..42af7de250a 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -531,6 +531,7 @@ enum - GRUB_NET_DHCP_MESSAGE_TYPE = 53, - GRUB_NET_DHCP_SERVER_IDENTIFIER = 54, - GRUB_NET_DHCP_PARAMETER_REQUEST_LIST = 55, -+ GRUB_NET_BOOTP_VENDOR_CLASS_IDENTIFIER = 60, - GRUB_NET_BOOTP_CLIENT_ID = 61, - GRUB_NET_DHCP_TFTP_SERVER_NAME = 66, - GRUB_NET_DHCP_BOOTFILE_NAME = 67, diff --git a/0080-efinet-Setting-network-from-UEFI-device-path.patch b/0080-efinet-Setting-network-from-UEFI-device-path.patch deleted file mode 100644 index 11b2a724d656dc1c48f639f75e85239308c835b0..0000000000000000000000000000000000000000 --- a/0080-efinet-Setting-network-from-UEFI-device-path.patch +++ /dev/null @@ -1,405 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Sun, 10 Jul 2016 23:46:31 +0800 -Subject: [PATCH] efinet: Setting network from UEFI device path - -The PXE Base Code protocol used to obtain cached PXE DHCPACK packet is no -longer provided for HTTP Boot. Instead, we have to get the HTTP boot -information from the device path nodes defined in following UEFI Specification -sections. - - 9.3.5.12 IPv4 Device Path - 9.3.5.13 IPv6 Device Path - 9.3.5.23 Uniform Resource Identifiers (URI) Device Path - -This patch basically does: - -include/grub/efi/api.h: -Add new structure of Uniform Resource Identifiers (URI) Device Path - -grub-core/net/drivers/efi/efinet.c: -Check if PXE Base Code is available, if not it will try to obtain the netboot -information from the device path where the image booted from. The DHCPACK -packet is recoverd from the information in device patch and feed into the same -DHCP packet processing functions to ensure the network interface is setting up -the same way it used to be. - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin ---- - grub-core/net/drivers/efi/efinet.c | 284 +++++++++++++++++++++++++++++++++++-- - include/grub/efi/api.h | 11 ++ - 2 files changed, 280 insertions(+), 15 deletions(-) - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 014e5bf9802..8171ecaa5e4 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -26,6 +26,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -331,6 +332,227 @@ grub_efinet_findcards (void) - grub_free (handles); - } - -+static struct grub_net_buff * -+grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *use_ipv6) -+{ -+ grub_efi_uint16_t uri_len; -+ grub_efi_device_path_t *ldp, *ddp; -+ grub_efi_uri_device_path_t *uri_dp; -+ struct grub_net_buff *nb; -+ grub_err_t err; -+ -+ ddp = grub_efi_duplicate_device_path (dp); -+ if (!ddp) -+ return NULL; -+ -+ ldp = grub_efi_find_last_device_path (ddp); -+ -+ if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE -+ || GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_URI_DEVICE_PATH_SUBTYPE) -+ { -+ grub_free (ddp); -+ return NULL; -+ } -+ -+ uri_len = GRUB_EFI_DEVICE_PATH_LENGTH (ldp) > 4 ? GRUB_EFI_DEVICE_PATH_LENGTH (ldp) - 4 : 0; -+ -+ if (!uri_len) -+ { -+ grub_free (ddp); -+ return NULL; -+ } -+ -+ uri_dp = (grub_efi_uri_device_path_t *) ldp; -+ -+ ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ ldp->length = sizeof (*ldp); -+ -+ ldp = grub_efi_find_last_device_path (ddp); -+ -+ if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE -+ || (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE -+ && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE)) -+ { -+ grub_free (ddp); -+ return NULL; -+ } -+ -+ nb = grub_netbuff_alloc (512); -+ if (!nb) -+ { -+ grub_free (ddp); -+ return NULL; -+ } -+ -+ if (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) == GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE) -+ { -+ grub_efi_ipv4_device_path_t *ipv4 = (grub_efi_ipv4_device_path_t *) ldp; -+ struct grub_net_bootp_packet *bp; -+ grub_uint8_t *ptr; -+ -+ bp = (struct grub_net_bootp_packet *) nb->tail; -+ err = grub_netbuff_put (nb, sizeof (*bp) + 4); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ -+ if (sizeof(bp->boot_file) < uri_len) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ grub_memcpy (bp->boot_file, uri_dp->uri, uri_len); -+ grub_memcpy (&bp->your_ip, ipv4->local_ip_address, sizeof (bp->your_ip)); -+ grub_memcpy (&bp->server_ip, ipv4->remote_ip_address, sizeof (bp->server_ip)); -+ -+ bp->vendor[0] = GRUB_NET_BOOTP_RFC1048_MAGIC_0; -+ bp->vendor[1] = GRUB_NET_BOOTP_RFC1048_MAGIC_1; -+ bp->vendor[2] = GRUB_NET_BOOTP_RFC1048_MAGIC_2; -+ bp->vendor[3] = GRUB_NET_BOOTP_RFC1048_MAGIC_3; -+ -+ ptr = nb->tail; -+ err = grub_netbuff_put (nb, sizeof (ipv4->subnet_mask) + 2); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ *ptr++ = GRUB_NET_BOOTP_NETMASK; -+ *ptr++ = sizeof (ipv4->subnet_mask); -+ grub_memcpy (ptr, ipv4->subnet_mask, sizeof (ipv4->subnet_mask)); -+ -+ ptr = nb->tail; -+ err = grub_netbuff_put (nb, sizeof (ipv4->gateway_ip_address) + 2); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ *ptr++ = GRUB_NET_BOOTP_ROUTER; -+ *ptr++ = sizeof (ipv4->gateway_ip_address); -+ grub_memcpy (ptr, ipv4->gateway_ip_address, sizeof (ipv4->gateway_ip_address)); -+ -+ ptr = nb->tail; -+ err = grub_netbuff_put (nb, sizeof ("HTTPClient") + 1); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ *ptr++ = GRUB_NET_BOOTP_VENDOR_CLASS_IDENTIFIER; -+ *ptr++ = sizeof ("HTTPClient") - 1; -+ grub_memcpy (ptr, "HTTPClient", sizeof ("HTTPClient") - 1); -+ -+ ptr = nb->tail; -+ err = grub_netbuff_put (nb, 1); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ *ptr = GRUB_NET_BOOTP_END; -+ *use_ipv6 = 0; -+ -+ ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ ldp->length = sizeof (*ldp); -+ ldp = grub_efi_find_last_device_path (ddp); -+ -+ if (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) == GRUB_EFI_MAC_ADDRESS_DEVICE_PATH_SUBTYPE) -+ { -+ grub_efi_mac_address_device_path_t *mac = (grub_efi_mac_address_device_path_t *) ldp; -+ bp->hw_type = mac->if_type; -+ bp->hw_len = sizeof (bp->mac_addr); -+ grub_memcpy (bp->mac_addr, mac->mac_address, bp->hw_len); -+ } -+ } -+ else -+ { -+ grub_efi_ipv6_device_path_t *ipv6 = (grub_efi_ipv6_device_path_t *) ldp; -+ -+ struct grub_net_dhcp6_packet *d6p; -+ struct grub_net_dhcp6_option *opt; -+ struct grub_net_dhcp6_option_iana *iana; -+ struct grub_net_dhcp6_option_iaaddr *iaaddr; -+ -+ d6p = (struct grub_net_dhcp6_packet *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*d6p)); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ d6p->message_type = GRUB_NET_DHCP6_REPLY; -+ -+ opt = (struct grub_net_dhcp6_option *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*opt)); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_IA_NA); -+ opt->len = grub_cpu_to_be16_compile_time (sizeof(*iana) + sizeof(*opt) + sizeof(*iaaddr)); -+ -+ err = grub_netbuff_put (nb, sizeof(*iana)); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ -+ opt = (struct grub_net_dhcp6_option *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*opt)); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_IAADDR); -+ opt->len = grub_cpu_to_be16_compile_time (sizeof (*iaaddr)); -+ -+ iaaddr = (struct grub_net_dhcp6_option_iaaddr *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*iaaddr)); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ grub_memcpy (iaaddr->addr, ipv6->local_ip_address, sizeof(ipv6->local_ip_address)); -+ -+ opt = (struct grub_net_dhcp6_option *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*opt) + uri_len); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_BOOTFILE_URL); -+ opt->len = grub_cpu_to_be16 (uri_len); -+ grub_memcpy (opt->data, uri_dp->uri, uri_len); -+ -+ *use_ipv6 = 1; -+ } -+ -+ grub_free (ddp); -+ return nb; -+} -+ - static void - grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - char **path) -@@ -346,7 +568,11 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - { - grub_efi_device_path_t *cdp; - struct grub_efi_pxe *pxe; -- struct grub_efi_pxe_mode *pxe_mode; -+ struct grub_efi_pxe_mode *pxe_mode = NULL; -+ grub_uint8_t *packet_buf; -+ grub_size_t packet_bufsz ; -+ int ipv6; -+ struct grub_net_buff *nb = NULL; - - if (card->driver != &efidriver) - continue; -@@ -370,11 +596,21 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - */ - if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE - || (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE -- && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE)) -+ && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE -+ && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_URI_DEVICE_PATH_SUBTYPE)) - continue; - dup_dp = grub_efi_duplicate_device_path (dp); - if (!dup_dp) - continue; -+ -+ if (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) == GRUB_EFI_URI_DEVICE_PATH_SUBTYPE) -+ { -+ dup_ldp = grub_efi_find_last_device_path (dup_dp); -+ dup_ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ dup_ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ dup_ldp->length = sizeof (*dup_ldp); -+ } -+ - dup_ldp = grub_efi_find_last_device_path (dup_dp); - dup_ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; - dup_ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -@@ -387,23 +623,37 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - - pxe = grub_efi_open_protocol (hnd, &pxe_io_guid, - GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (! pxe) -- continue; -+ if (!pxe) -+ { -+ nb = grub_efinet_create_dhcp_ack_from_device_path (dp, &ipv6); -+ if (!nb) -+ { -+ grub_print_error (); -+ continue; -+ } -+ packet_buf = nb->head; -+ packet_bufsz = nb->tail - nb->head; -+ } -+ else -+ { -+ pxe_mode = pxe->mode; -+ packet_buf = (grub_uint8_t *) &pxe_mode->dhcp_ack; -+ packet_bufsz = sizeof (pxe_mode->dhcp_ack); -+ ipv6 = pxe_mode->using_ipv6; -+ } - -- pxe_mode = pxe->mode; -- if (pxe_mode->using_ipv6) -+ if (ipv6) - { - grub_dprintf ("efinet", "using ipv6 and dhcpv6\n"); -- grub_dprintf ("efinet", "dhcp_ack_received: %s%s\n", -- pxe_mode->dhcp_ack_received ? "yes" : "no", -- pxe_mode->dhcp_ack_received ? "" : " cannot continue"); -- if (!pxe_mode->dhcp_ack_received) -- continue; -+ if (pxe_mode) -+ grub_dprintf ("efinet", "dhcp_ack_received: %s%s\n", -+ pxe_mode->dhcp_ack_received ? "yes" : "no", -+ pxe_mode->dhcp_ack_received ? "" : " cannot continue"); - - grub_net_configure_by_dhcpv6_reply (card->name, card, 0, - (struct grub_net_dhcp6_packet *) -- &pxe_mode->dhcp_ack, -- sizeof (pxe_mode->dhcp_ack), -+ packet_buf, -+ packet_bufsz, - 1, device, path); - if (grub_errno) - grub_print_error (); -@@ -417,11 +667,15 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - grub_dprintf ("efinet", "using ipv4 and dhcp\n"); - grub_net_configure_by_dhcp_ack (card->name, card, 0, - (struct grub_net_bootp_packet *) -- &pxe_mode->dhcp_ack, -- sizeof (pxe_mode->dhcp_ack), -+ packet_buf, -+ packet_bufsz, - 1, device, path); - grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); - } -+ -+ if (nb) -+ grub_netbuff_free (nb); -+ - return; - } - } -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 91ab528e4d0..4a51667adb1 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -864,6 +864,8 @@ struct grub_efi_ipv4_device_path - grub_efi_uint16_t remote_port; - grub_efi_uint16_t protocol; - grub_efi_uint8_t static_ip_address; -+ grub_efi_ipv4_address_t gateway_ip_address; -+ grub_efi_ipv4_address_t subnet_mask; - } GRUB_PACKED; - typedef struct grub_efi_ipv4_device_path grub_efi_ipv4_device_path_t; - -@@ -918,6 +920,15 @@ struct grub_efi_sata_device_path - } GRUB_PACKED; - typedef struct grub_efi_sata_device_path grub_efi_sata_device_path_t; - -+#define GRUB_EFI_URI_DEVICE_PATH_SUBTYPE 24 -+ -+struct grub_efi_uri_device_path -+{ -+ grub_efi_device_path_t header; -+ grub_efi_uint8_t uri[0]; -+} GRUB_PACKED; -+typedef struct grub_efi_uri_device_path grub_efi_uri_device_path_t; -+ - #define GRUB_EFI_VENDOR_MESSAGING_DEVICE_PATH_SUBTYPE 10 - - /* Media Device Path. */ diff --git a/0081-efinet-Setting-DNS-server-from-UEFI-protocol.patch b/0081-efinet-Setting-DNS-server-from-UEFI-protocol.patch deleted file mode 100644 index 1460c8a6f8617c05976451fbe99325b136a33de7..0000000000000000000000000000000000000000 --- a/0081-efinet-Setting-DNS-server-from-UEFI-protocol.patch +++ /dev/null @@ -1,336 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Thu, 14 Jul 2016 17:48:45 +0800 -Subject: [PATCH] efinet: Setting DNS server from UEFI protocol - -In the URI device path node, any name rahter than address can be used for -looking up the resources so that DNS service become needed to get answer of the -name's address. Unfortunately the DNS is not defined in any of the device path -nodes so that we use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL -to obtain it. - -These two protcols are defined the sections of UEFI specification. - - 27.5 EFI IPv4 Configuration II Protocol - 27.7 EFI IPv6 Configuration Protocol - -include/grub/efi/api.h: -Add new structure and protocol UUID of EFI_IP4_CONFIG2_PROTOCOL and -EFI_IP6_CONFIG_PROTOCOL. - -grub-core/net/drivers/efi/efinet.c: -Use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain the list -of DNS server address for IPv4 and IPv6 respectively. The address of DNS -servers is structured into DHCPACK packet and feed into the same DHCP packet -processing functions to ensure the network interface is setting up the same way -it used to be. - -Signed-off-by: Michael Chang -Signed-off-by: Ken Lin ---- - grub-core/net/drivers/efi/efinet.c | 163 +++++++++++++++++++++++++++++++++++++ - include/grub/efi/api.h | 75 +++++++++++++++++ - 2 files changed, 238 insertions(+) - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 8171ecaa5e4..715a6168d77 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -33,6 +33,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - /* GUID. */ - static grub_efi_guid_t net_io_guid = GRUB_EFI_SIMPLE_NETWORK_GUID; - static grub_efi_guid_t pxe_io_guid = GRUB_EFI_PXE_GUID; -+static grub_efi_guid_t ip4_config_guid = GRUB_EFI_IP4_CONFIG2_PROTOCOL_GUID; -+static grub_efi_guid_t ip6_config_guid = GRUB_EFI_IP6_CONFIG_PROTOCOL_GUID; - - static grub_err_t - send_card_buffer (struct grub_net_card *dev, -@@ -332,6 +334,125 @@ grub_efinet_findcards (void) - grub_free (handles); - } - -+static grub_efi_handle_t -+grub_efi_locate_device_path (grub_efi_guid_t *protocol, grub_efi_device_path_t *device_path, -+ grub_efi_device_path_t **r_device_path) -+{ -+ grub_efi_handle_t handle; -+ grub_efi_status_t status; -+ -+ status = efi_call_3 (grub_efi_system_table->boot_services->locate_device_path, -+ protocol, &device_path, &handle); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ if (r_device_path) -+ *r_device_path = device_path; -+ -+ return handle; -+} -+ -+static grub_efi_ipv4_address_t * -+grub_dns_server_ip4_address (grub_efi_device_path_t *dp, grub_efi_uintn_t *num_dns) -+{ -+ grub_efi_handle_t hnd; -+ grub_efi_status_t status; -+ grub_efi_ip4_config2_protocol_t *conf; -+ grub_efi_ipv4_address_t *addrs; -+ grub_efi_uintn_t data_size = 1 * sizeof (grub_efi_ipv4_address_t); -+ -+ hnd = grub_efi_locate_device_path (&ip4_config_guid, dp, NULL); -+ -+ if (!hnd) -+ return 0; -+ -+ conf = grub_efi_open_protocol (hnd, &ip4_config_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ -+ if (!conf) -+ return 0; -+ -+ addrs = grub_malloc (data_size); -+ if (!addrs) -+ return 0; -+ -+ status = efi_call_4 (conf->get_data, conf, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_DNSSERVER, -+ &data_size, addrs); -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL) -+ { -+ grub_free (addrs); -+ addrs = grub_malloc (data_size); -+ if (!addrs) -+ return 0; -+ -+ status = efi_call_4 (conf->get_data, conf, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_DNSSERVER, -+ &data_size, addrs); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (addrs); -+ return 0; -+ } -+ -+ *num_dns = data_size / sizeof (grub_efi_ipv4_address_t); -+ return addrs; -+} -+ -+static grub_efi_ipv6_address_t * -+grub_dns_server_ip6_address (grub_efi_device_path_t *dp, grub_efi_uintn_t *num_dns) -+{ -+ grub_efi_handle_t hnd; -+ grub_efi_status_t status; -+ grub_efi_ip6_config_protocol_t *conf; -+ grub_efi_ipv6_address_t *addrs; -+ grub_efi_uintn_t data_size = 1 * sizeof (grub_efi_ipv6_address_t); -+ -+ hnd = grub_efi_locate_device_path (&ip6_config_guid, dp, NULL); -+ -+ if (!hnd) -+ return 0; -+ -+ conf = grub_efi_open_protocol (hnd, &ip6_config_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ -+ if (!conf) -+ return 0; -+ -+ addrs = grub_malloc (data_size); -+ if (!addrs) -+ return 0; -+ -+ status = efi_call_4 (conf->get_data, conf, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_DNSSERVER, -+ &data_size, addrs); -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL) -+ { -+ grub_free (addrs); -+ addrs = grub_malloc (data_size); -+ if (!addrs) -+ return 0; -+ -+ status = efi_call_4 (conf->get_data, conf, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_DNSSERVER, -+ &data_size, addrs); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (addrs); -+ return 0; -+ } -+ -+ *num_dns = data_size / sizeof (grub_efi_ipv6_address_t); -+ return addrs; -+} -+ - static struct grub_net_buff * - grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *use_ipv6) - { -@@ -390,6 +511,8 @@ grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *u - grub_efi_ipv4_device_path_t *ipv4 = (grub_efi_ipv4_device_path_t *) ldp; - struct grub_net_bootp_packet *bp; - grub_uint8_t *ptr; -+ grub_efi_ipv4_address_t *dns; -+ grub_efi_uintn_t num_dns; - - bp = (struct grub_net_bootp_packet *) nb->tail; - err = grub_netbuff_put (nb, sizeof (*bp) + 4); -@@ -451,6 +574,25 @@ grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *u - *ptr++ = sizeof ("HTTPClient") - 1; - grub_memcpy (ptr, "HTTPClient", sizeof ("HTTPClient") - 1); - -+ dns = grub_dns_server_ip4_address (dp, &num_dns); -+ if (dns) -+ { -+ grub_efi_uintn_t size_dns = sizeof (*dns) * num_dns; -+ -+ ptr = nb->tail; -+ err = grub_netbuff_put (nb, size_dns + 2); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ *ptr++ = GRUB_NET_BOOTP_DNS; -+ *ptr++ = size_dns; -+ grub_memcpy (ptr, dns, size_dns); -+ grub_free (dns); -+ } -+ - ptr = nb->tail; - err = grub_netbuff_put (nb, 1); - if (err) -@@ -483,6 +625,8 @@ grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *u - struct grub_net_dhcp6_option *opt; - struct grub_net_dhcp6_option_iana *iana; - struct grub_net_dhcp6_option_iaaddr *iaaddr; -+ grub_efi_ipv6_address_t *dns; -+ grub_efi_uintn_t num_dns; - - d6p = (struct grub_net_dhcp6_packet *)nb->tail; - err = grub_netbuff_put (nb, sizeof(*d6p)); -@@ -546,6 +690,25 @@ grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *u - opt->len = grub_cpu_to_be16 (uri_len); - grub_memcpy (opt->data, uri_dp->uri, uri_len); - -+ dns = grub_dns_server_ip6_address (dp, &num_dns); -+ if (dns) -+ { -+ grub_efi_uintn_t size_dns = sizeof (*dns) * num_dns; -+ -+ opt = (struct grub_net_dhcp6_option *)nb->tail; -+ err = grub_netbuff_put (nb, sizeof(*opt) + size_dns); -+ if (err) -+ { -+ grub_free (ddp); -+ grub_netbuff_free (nb); -+ return NULL; -+ } -+ opt->code = grub_cpu_to_be16_compile_time (GRUB_NET_DHCP6_OPTION_DNS_SERVERS); -+ opt->len = grub_cpu_to_be16 (size_dns); -+ grub_memcpy (opt->data, dns, size_dns); -+ grub_free (dns); -+ } -+ - *use_ipv6 = 1; - } - -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 4a51667adb1..0b490195ad9 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -352,6 +352,15 @@ - #define GRUB_EFI_RNG_PROTOCOL_GUID \ - { 0x3152bca5, 0xeade, 0x433d, \ - { 0x86, 0x2e, 0xc0, 0x1c, 0xdc, 0x29, 0x1f, 0x44 } \ -+ -+#define GRUB_EFI_IP4_CONFIG2_PROTOCOL_GUID \ -+ { 0x5b446ed1, 0xe30b, 0x4faa, \ -+ { 0x87, 0x1a, 0x36, 0x54, 0xec, 0xa3, 0x60, 0x80 } \ -+ } -+ -+#define GRUB_EFI_IP6_CONFIG_PROTOCOL_GUID \ -+ { 0x937fe521, 0x95ae, 0x4d1a, \ -+ { 0x89, 0x29, 0x48, 0xbc, 0xd9, 0x0a, 0xd3, 0x1a } \ - } - - struct grub_efi_sal_system_table -@@ -1883,6 +1892,72 @@ struct grub_efi_rng_protocol - }; - typedef struct grub_efi_rng_protocol grub_efi_rng_protocol_t; - -+enum grub_efi_ip4_config2_data_type { -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_INTERFACEINFO, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_POLICY, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_MANUAL_ADDRESS, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_GATEWAY, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_DNSSERVER, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_MAXIMUM -+}; -+typedef enum grub_efi_ip4_config2_data_type grub_efi_ip4_config2_data_type_t; -+ -+struct grub_efi_ip4_config2_protocol -+{ -+ grub_efi_status_t (*set_data) (struct grub_efi_ip4_config2_protocol *this, -+ grub_efi_ip4_config2_data_type_t data_type, -+ grub_efi_uintn_t data_size, -+ void *data); -+ -+ grub_efi_status_t (*get_data) (struct grub_efi_ip4_config2_protocol *this, -+ grub_efi_ip4_config2_data_type_t data_type, -+ grub_efi_uintn_t *data_size, -+ void *data); -+ -+ grub_efi_status_t (*register_data_notify) (struct grub_efi_ip4_config2_protocol *this, -+ grub_efi_ip4_config2_data_type_t data_type, -+ grub_efi_event_t event); -+ -+ grub_efi_status_t (*unregister_datanotify) (struct grub_efi_ip4_config2_protocol *this, -+ grub_efi_ip4_config2_data_type_t data_type, -+ grub_efi_event_t event); -+}; -+typedef struct grub_efi_ip4_config2_protocol grub_efi_ip4_config2_protocol_t; -+ -+enum grub_efi_ip6_config_data_type { -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_INTERFACEINFO, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_ALT_INTERFACEID, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_POLICY, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_DUP_ADDR_DETECT_TRANSMITS, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MANUAL_ADDRESS, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_GATEWAY, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_DNSSERVER, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MAXIMUM -+}; -+typedef enum grub_efi_ip6_config_data_type grub_efi_ip6_config_data_type_t; -+ -+struct grub_efi_ip6_config_protocol -+{ -+ grub_efi_status_t (*set_data) (struct grub_efi_ip6_config_protocol *this, -+ grub_efi_ip6_config_data_type_t data_type, -+ grub_efi_uintn_t data_size, -+ void *data); -+ -+ grub_efi_status_t (*get_data) (struct grub_efi_ip6_config_protocol *this, -+ grub_efi_ip6_config_data_type_t data_type, -+ grub_efi_uintn_t *data_size, -+ void *data); -+ -+ grub_efi_status_t (*register_data_notify) (struct grub_efi_ip6_config_protocol *this, -+ grub_efi_ip6_config_data_type_t data_type, -+ grub_efi_event_t event); -+ -+ grub_efi_status_t (*unregister_datanotify) (struct grub_efi_ip6_config_protocol *this, -+ grub_efi_ip6_config_data_type_t data_type, -+ grub_efi_event_t event); -+}; -+typedef struct grub_efi_ip6_config_protocol grub_efi_ip6_config_protocol_t; -+ - #if (GRUB_TARGET_SIZEOF_VOID_P == 4) || defined (__ia64__) \ - || defined (__aarch64__) || defined (__MINGW64__) || defined (__CYGWIN__) \ - || defined(__riscv) diff --git a/0082-Support-UEFI-networking-protocols.patch b/0082-Support-UEFI-networking-protocols.patch deleted file mode 100644 index fb143862d55710f868b5a325fa61b231e2369592..0000000000000000000000000000000000000000 --- a/0082-Support-UEFI-networking-protocols.patch +++ /dev/null @@ -1,5053 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 22 Feb 2017 14:27:50 +0800 -Subject: [PATCH] Support UEFI networking protocols - -References: fate#320130, bsc#1015589, bsc#1076132 -Patch-Mainline: no - -V1: - * Add preliminary support of UEFI networking protocols - * Support UEFI HTTPS Boot - -V2: - * Workaround http data access in firmware - * Fix DNS device path parsing for efinet device - * Relaxed UEFI Protocol requirement - * Support Intel OPA (Omni-Path Architecture) PXE Boot - -V3: - * Fix bufio in calculating address of next_buf - * Check HTTP respond code - * Use HEAD request method to test before GET - * Finish HTTP transaction in one go - * Fix bsc#1076132 - -Signed-off-by: Michael Chang -[pjones: make efi_netfs not duplicate symbols from efinet] -Signed-off-by: Peter Jones ---- - grub-core/Makefile.core.def | 12 + - grub-core/io/bufio.c | 2 +- - grub-core/kern/efi/efi.c | 96 ++- - grub-core/net/drivers/efi/efinet.c | 27 + - grub-core/net/efi/dhcp.c | 397 ++++++++++ - grub-core/net/efi/efi_netfs.c | 57 ++ - grub-core/net/efi/http.c | 419 +++++++++++ - grub-core/net/efi/ip4_config.c | 398 ++++++++++ - grub-core/net/efi/ip6_config.c | 422 +++++++++++ - grub-core/net/efi/net.c | 1428 ++++++++++++++++++++++++++++++++++++ - grub-core/net/efi/pxe.c | 424 +++++++++++ - grub-core/net/net.c | 74 ++ - util/grub-mknetdir.c | 23 +- - include/grub/efi/api.h | 180 ++++- - include/grub/efi/dhcp.h | 343 +++++++++ - include/grub/efi/http.h | 215 ++++++ - include/grub/net/efi.h | 144 ++++ - 17 files changed, 4620 insertions(+), 41 deletions(-) - create mode 100644 grub-core/net/efi/dhcp.c - create mode 100644 grub-core/net/efi/efi_netfs.c - create mode 100644 grub-core/net/efi/http.c - create mode 100644 grub-core/net/efi/ip4_config.c - create mode 100644 grub-core/net/efi/ip6_config.c - create mode 100644 grub-core/net/efi/net.c - create mode 100644 grub-core/net/efi/pxe.c - create mode 100644 include/grub/efi/dhcp.h - create mode 100644 include/grub/efi/http.h - create mode 100644 include/grub/net/efi.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 4b7c45a7b06..c40170f2dd2 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2299,6 +2299,12 @@ module = { - common = hook/datehook.c; - }; - -+module = { -+ name = efi_netfs; -+ common = net/efi/efi_netfs.c; -+ enable = efi; -+}; -+ - module = { - name = net; - common = net/net.c; -@@ -2312,6 +2318,12 @@ module = { - common = net/ethernet.c; - common = net/arp.c; - common = net/netbuff.c; -+ efi = net/efi/net.c; -+ efi = net/efi/http.c; -+ efi = net/efi/pxe.c; -+ efi = net/efi/ip4_config.c; -+ efi = net/efi/ip6_config.c; -+ efi = net/efi/dhcp.c; - }; - - module = { -diff --git a/grub-core/io/bufio.c b/grub-core/io/bufio.c -index a458c3aca78..1637731535e 100644 ---- a/grub-core/io/bufio.c -+++ b/grub-core/io/bufio.c -@@ -139,7 +139,7 @@ grub_bufio_read (grub_file_t file, char *buf, grub_size_t len) - return res; - - /* Need to read some more. */ -- next_buf = (file->offset + res + len - 1) & ~((grub_off_t) bufio->block_size - 1); -+ next_buf = (grub_divmod64 (file->offset + res + len - 1, bufio->block_size, NULL)) * bufio->block_size; - /* Now read between file->offset + res and bufio->buffer_at. */ - if (file->offset + res < next_buf) - { -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index d6a2fb57789..2a446f5031b 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -755,7 +755,7 @@ grub_efi_print_device_path (grub_efi_device_path_t *dp) - { - grub_efi_ipv4_device_path_t *ipv4 - = (grub_efi_ipv4_device_path_t *) dp; -- grub_printf ("/IPv4(%u.%u.%u.%u,%u.%u.%u.%u,%u,%u,%x,%x)", -+ grub_printf ("/IPv4(%u.%u.%u.%u,%u.%u.%u.%u,%u,%u,%x,%x", - (unsigned) ipv4->local_ip_address[0], - (unsigned) ipv4->local_ip_address[1], - (unsigned) ipv4->local_ip_address[2], -@@ -768,33 +768,60 @@ grub_efi_print_device_path (grub_efi_device_path_t *dp) - (unsigned) ipv4->remote_port, - (unsigned) ipv4->protocol, - (unsigned) ipv4->static_ip_address); -+ if (len == sizeof (*ipv4)) -+ { -+ grub_printf (",%u.%u.%u.%u,%u.%u.%u.%u", -+ (unsigned) ipv4->gateway_ip_address[0], -+ (unsigned) ipv4->gateway_ip_address[1], -+ (unsigned) ipv4->gateway_ip_address[2], -+ (unsigned) ipv4->gateway_ip_address[3], -+ (unsigned) ipv4->subnet_mask[0], -+ (unsigned) ipv4->subnet_mask[1], -+ (unsigned) ipv4->subnet_mask[2], -+ (unsigned) ipv4->subnet_mask[3]); -+ } -+ grub_printf (")"); - } - break; - case GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE: - { - grub_efi_ipv6_device_path_t *ipv6 - = (grub_efi_ipv6_device_path_t *) dp; -- grub_printf ("/IPv6(%x:%x:%x:%x:%x:%x:%x:%x,%x:%x:%x:%x:%x:%x:%x:%x,%u,%u,%x,%x)", -- (unsigned) ipv6->local_ip_address[0], -- (unsigned) ipv6->local_ip_address[1], -- (unsigned) ipv6->local_ip_address[2], -- (unsigned) ipv6->local_ip_address[3], -- (unsigned) ipv6->local_ip_address[4], -- (unsigned) ipv6->local_ip_address[5], -- (unsigned) ipv6->local_ip_address[6], -- (unsigned) ipv6->local_ip_address[7], -- (unsigned) ipv6->remote_ip_address[0], -- (unsigned) ipv6->remote_ip_address[1], -- (unsigned) ipv6->remote_ip_address[2], -- (unsigned) ipv6->remote_ip_address[3], -- (unsigned) ipv6->remote_ip_address[4], -- (unsigned) ipv6->remote_ip_address[5], -- (unsigned) ipv6->remote_ip_address[6], -- (unsigned) ipv6->remote_ip_address[7], -+ grub_printf ("/IPv6(%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x,%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x,%u,%u,%x,%x", -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[0]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[1]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[2]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[3]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[4]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[5]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[6]), -+ (unsigned) grub_be_to_cpu16 (ipv6->local_ip_address[7]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[0]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[1]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[2]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[3]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[4]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[5]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[6]), -+ (unsigned) grub_be_to_cpu16 (ipv6->remote_ip_address[7]), - (unsigned) ipv6->local_port, - (unsigned) ipv6->remote_port, - (unsigned) ipv6->protocol, - (unsigned) ipv6->static_ip_address); -+ if (len == sizeof (*ipv6)) -+ { -+ grub_printf (",%u,%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x", -+ (unsigned) ipv6->prefix_length, -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[0]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[1]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[2]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[3]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[4]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[5]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[6]), -+ (unsigned) grub_be_to_cpu16 (ipv6->gateway_ip_address[7])); -+ } -+ grub_printf (")"); - } - break; - case GRUB_EFI_INFINIBAND_DEVICE_PATH_SUBTYPE: -@@ -834,6 +861,39 @@ grub_efi_print_device_path (grub_efi_device_path_t *dp) - dump_vendor_path ("Messaging", - (grub_efi_vendor_device_path_t *) dp); - break; -+ case GRUB_EFI_URI_DEVICE_PATH_SUBTYPE: -+ { -+ grub_efi_uri_device_path_t *uri -+ = (grub_efi_uri_device_path_t *) dp; -+ grub_printf ("/URI(%s)", uri->uri); -+ } -+ break; -+ case GRUB_EFI_DNS_DEVICE_PATH_SUBTYPE: -+ { -+ grub_efi_dns_device_path_t *dns -+ = (grub_efi_dns_device_path_t *) dp; -+ if (dns->is_ipv6) -+ { -+ grub_printf ("/DNS(%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x)", -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[0]) >> 16), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[0])), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[1]) >> 16), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[1])), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[2]) >> 16), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[2])), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[3]) >> 16), -+ (grub_uint16_t)(grub_be_to_cpu32(dns->dns_server_ip[0].addr[3]))); -+ } -+ else -+ { -+ grub_printf ("/DNS(%d.%d.%d.%d)", -+ dns->dns_server_ip[0].v4.addr[0], -+ dns->dns_server_ip[0].v4.addr[1], -+ dns->dns_server_ip[0].v4.addr[2], -+ dns->dns_server_ip[0].v4.addr[3]); -+ } -+ } -+ break; - default: - grub_printf ("/UnknownMessaging(%x)", (unsigned) subtype); - break; -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 715a6168d77..e11d759f19a 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -491,6 +492,17 @@ grub_efinet_create_dhcp_ack_from_device_path (grub_efi_device_path_t *dp, int *u - - ldp = grub_efi_find_last_device_path (ddp); - -+ /* Skip the DNS Device */ -+ if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE -+ && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) == GRUB_EFI_DNS_DEVICE_PATH_SUBTYPE) -+ { -+ ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ ldp->length = sizeof (*ldp); -+ -+ ldp = grub_efi_find_last_device_path (ddp); -+ } -+ - if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE - || (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE - && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE)) -@@ -760,6 +772,7 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - if (GRUB_EFI_DEVICE_PATH_TYPE (ldp) != GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE - || (GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE - && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE -+ && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_DNS_DEVICE_PATH_SUBTYPE - && GRUB_EFI_DEVICE_PATH_SUBTYPE (ldp) != GRUB_EFI_URI_DEVICE_PATH_SUBTYPE)) - continue; - dup_dp = grub_efi_duplicate_device_path (dp); -@@ -774,6 +787,15 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - dup_ldp->length = sizeof (*dup_ldp); - } - -+ dup_ldp = grub_efi_find_last_device_path (dup_dp); -+ if (GRUB_EFI_DEVICE_PATH_SUBTYPE (dup_ldp) == GRUB_EFI_DNS_DEVICE_PATH_SUBTYPE) -+ { -+ dup_ldp = grub_efi_find_last_device_path (dup_dp); -+ dup_ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ dup_ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ dup_ldp->length = sizeof (*dup_ldp); -+ } -+ - dup_ldp = grub_efi_find_last_device_path (dup_dp); - dup_ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; - dup_ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -@@ -845,6 +867,9 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - - GRUB_MOD_INIT(efinet) - { -+ if (grub_efi_net_config) -+ return; -+ - grub_efinet_findcards (); - grub_efi_net_config = grub_efi_net_config_real; - } -@@ -856,5 +881,7 @@ GRUB_MOD_FINI(efinet) - FOR_NET_CARDS_SAFE (card, next) - if (card->driver == &efidriver) - grub_net_card_unregister (card); -+ -+ grub_efi_net_config = NULL; - } - -diff --git a/grub-core/net/efi/dhcp.c b/grub-core/net/efi/dhcp.c -new file mode 100644 -index 00000000000..dbef63d8c08 ---- /dev/null -+++ b/grub-core/net/efi/dhcp.c -@@ -0,0 +1,397 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef GRUB_EFI_NET_DEBUG -+static void -+dhcp4_mode_print (grub_efi_dhcp4_mode_data_t *mode) -+{ -+ switch (mode->state) -+ { -+ case GRUB_EFI_DHCP4_STOPPED: -+ grub_printf ("STATE: STOPPED\n"); -+ break; -+ case GRUB_EFI_DHCP4_INIT: -+ grub_printf ("STATE: INIT\n"); -+ break; -+ case GRUB_EFI_DHCP4_SELECTING: -+ grub_printf ("STATE: SELECTING\n"); -+ break; -+ case GRUB_EFI_DHCP4_REQUESTING: -+ grub_printf ("STATE: REQUESTING\n"); -+ break; -+ case GRUB_EFI_DHCP4_BOUND: -+ grub_printf ("STATE: BOUND\n"); -+ break; -+ case GRUB_EFI_DHCP4_RENEWING: -+ grub_printf ("STATE: RENEWING\n"); -+ break; -+ case GRUB_EFI_DHCP4_REBINDING: -+ grub_printf ("STATE: REBINDING\n"); -+ break; -+ case GRUB_EFI_DHCP4_INIT_REBOOT: -+ grub_printf ("STATE: INIT_REBOOT\n"); -+ break; -+ case GRUB_EFI_DHCP4_REBOOTING: -+ grub_printf ("STATE: REBOOTING\n"); -+ break; -+ default: -+ grub_printf ("STATE: UNKNOWN\n"); -+ break; -+ } -+ -+ grub_printf ("CLIENT_ADDRESS: %u.%u.%u.%u\n", -+ mode->client_address[0], -+ mode->client_address[1], -+ mode->client_address[2], -+ mode->client_address[3]); -+ grub_printf ("SERVER_ADDRESS: %u.%u.%u.%u\n", -+ mode->server_address[0], -+ mode->server_address[1], -+ mode->server_address[2], -+ mode->server_address[3]); -+ grub_printf ("SUBNET_MASK: %u.%u.%u.%u\n", -+ mode->subnet_mask[0], -+ mode->subnet_mask[1], -+ mode->subnet_mask[2], -+ mode->subnet_mask[3]); -+ grub_printf ("ROUTER_ADDRESS: %u.%u.%u.%u\n", -+ mode->router_address[0], -+ mode->router_address[1], -+ mode->router_address[2], -+ mode->router_address[3]); -+} -+#endif -+ -+static grub_efi_ipv4_address_t * -+grub_efi_dhcp4_parse_dns (grub_efi_dhcp4_protocol_t *dhcp4, grub_efi_dhcp4_packet_t *reply_packet) -+{ -+ grub_efi_dhcp4_packet_option_t **option_list; -+ grub_efi_status_t status; -+ grub_efi_uint32_t option_count = 0; -+ grub_efi_uint32_t i; -+ -+ status = efi_call_4 (dhcp4->parse, dhcp4, reply_packet, &option_count, NULL); -+ -+ if (status != GRUB_EFI_BUFFER_TOO_SMALL) -+ return NULL; -+ -+ option_list = grub_malloc (option_count * sizeof(*option_list)); -+ if (!option_list) -+ return NULL; -+ -+ status = efi_call_4 (dhcp4->parse, dhcp4, reply_packet, &option_count, option_list); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (option_list); -+ return NULL; -+ } -+ -+ for (i = 0; i < option_count; ++i) -+ { -+ if (option_list[i]->op_code == 6) -+ { -+ grub_efi_ipv4_address_t *dns_address; -+ -+ if (((option_list[i]->length & 0x3) != 0) || (option_list[i]->length == 0)) -+ continue; -+ -+ /* We only contact primary dns */ -+ dns_address = grub_malloc (sizeof (*dns_address)); -+ if (!dns_address) -+ { -+ grub_free (option_list); -+ return NULL; -+ } -+ grub_memcpy (dns_address, option_list[i]->data, sizeof (dns_address)); -+ grub_free (option_list); -+ return dns_address; -+ } -+ } -+ -+ grub_free (option_list); -+ return NULL; -+} -+ -+#if 0 -+/* Somehow this doesn't work ... */ -+static grub_err_t -+grub_cmd_efi_bootp (struct grub_command *cmd __attribute__ ((unused)), -+ int argc __attribute__ ((unused)), -+ char **args __attribute__ ((unused))) -+{ -+ struct grub_efi_net_device *dev; -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ grub_efi_pxe_t *pxe = dev->ip4_pxe; -+ grub_efi_pxe_mode_t *mode = pxe->mode; -+ grub_efi_status_t status; -+ -+ if (!mode->started) -+ { -+ status = efi_call_2 (pxe->start, pxe, 0); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ grub_printf ("Couldn't start PXE\n"); -+ } -+ -+ status = efi_call_2 (pxe->dhcp, pxe, 0); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp4 configure failed, %d\n", (int)status); -+ continue; -+ } -+ -+ dev->prefer_ip6 = 0; -+ } -+ -+ return GRUB_ERR_NONE; -+} -+#endif -+ -+static grub_err_t -+grub_cmd_efi_bootp (struct grub_command *cmd __attribute__ ((unused)), -+ int argc, -+ char **args) -+{ -+ struct grub_efi_net_device *netdev; -+ -+ for (netdev = net_devices; netdev; netdev = netdev->next) -+ { -+ grub_efi_status_t status; -+ grub_efi_dhcp4_mode_data_t mode; -+ grub_efi_dhcp4_config_data_t config; -+ grub_efi_dhcp4_packet_option_t *options; -+ grub_efi_ipv4_address_t *dns_address; -+ grub_efi_net_ip_manual_address_t net_ip; -+ grub_efi_net_ip_address_t ip_addr; -+ grub_efi_net_interface_t *inf = NULL; -+ -+ if (argc > 0 && grub_strcmp (netdev->card_name, args[0]) != 0) -+ continue; -+ -+ grub_memset (&config, 0, sizeof(config)); -+ -+ config.option_count = 1; -+ options = grub_malloc (sizeof(*options) + 2); -+ /* Parameter request list */ -+ options->op_code = 55; -+ options->length = 3; -+ /* subnet mask */ -+ options->data[0] = 1; -+ /* router */ -+ options->data[1] = 3; -+ /* DNS */ -+ options->data[2] = 6; -+ config.option_list = &options; -+ -+ /* FIXME: What if the dhcp has bounded */ -+ status = efi_call_2 (netdev->dhcp4->configure, netdev->dhcp4, &config); -+ grub_free (options); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp4 configure failed, %d\n", (int)status); -+ continue; -+ } -+ -+ status = efi_call_2 (netdev->dhcp4->start, netdev->dhcp4, NULL); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp4 start failed, %d\n", (int)status); -+ continue; -+ } -+ -+ status = efi_call_2 (netdev->dhcp4->get_mode_data, netdev->dhcp4, &mode); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp4 get mode failed, %d\n", (int)status); -+ continue; -+ } -+ -+#ifdef GRUB_EFI_NET_DEBUG -+ dhcp4_mode_print (&mode); -+#endif -+ -+ for (inf = netdev->net_interfaces; inf; inf = inf->next) -+ if (inf->prefer_ip6 == 0) -+ break; -+ -+ grub_memcpy (net_ip.ip4.address, mode.client_address, sizeof (net_ip.ip4.address)); -+ grub_memcpy (net_ip.ip4.subnet_mask, mode.subnet_mask, sizeof (net_ip.ip4.subnet_mask)); -+ -+ if (!inf) -+ { -+ char *name = grub_xasprintf ("%s:dhcp", netdev->card_name); -+ -+ net_ip.is_ip6 = 0; -+ inf = grub_efi_net_create_interface (netdev, -+ name, -+ &net_ip, -+ 1); -+ grub_free (name); -+ } -+ else -+ { -+ efi_net_interface_set_address (inf, &net_ip, 1); -+ } -+ -+ grub_memcpy (ip_addr.ip4, mode.router_address, sizeof (ip_addr.ip4)); -+ efi_net_interface_set_gateway (inf, &ip_addr); -+ -+ dns_address = grub_efi_dhcp4_parse_dns (netdev->dhcp4, mode.reply_packet); -+ if (dns_address) -+ efi_net_interface_set_dns (inf, (grub_efi_net_ip_address_t *)&dns_address); -+ -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+ -+static grub_err_t -+grub_cmd_efi_bootp6 (struct grub_command *cmd __attribute__ ((unused)), -+ int argc, -+ char **args) -+{ -+ struct grub_efi_net_device *dev; -+ grub_efi_uint32_t ia_id; -+ -+ for (dev = net_devices, ia_id = 0; dev; dev = dev->next, ia_id++) -+ { -+ grub_efi_dhcp6_config_data_t config; -+ grub_efi_dhcp6_packet_option_t *option_list[1]; -+ grub_efi_dhcp6_packet_option_t *opt; -+ grub_efi_status_t status; -+ grub_efi_dhcp6_mode_data_t mode; -+ grub_efi_dhcp6_retransmission_t retrans; -+ grub_efi_net_ip_manual_address_t net_ip; -+ grub_efi_boot_services_t *b = grub_efi_system_table->boot_services; -+ grub_efi_net_interface_t *inf = NULL; -+ -+ if (argc > 0 && grub_strcmp (dev->card_name, args[0]) != 0) -+ continue; -+ -+ opt = grub_malloc (sizeof(*opt) + 2 * sizeof (grub_efi_uint16_t)); -+ -+#define GRUB_EFI_DHCP6_OPT_ORO 6 -+ -+ opt->op_code = grub_cpu_to_be16_compile_time (GRUB_EFI_DHCP6_OPT_ORO); -+ opt->op_len = grub_cpu_to_be16_compile_time (2 * sizeof (grub_efi_uint16_t)); -+ -+#define GRUB_EFI_DHCP6_OPT_BOOT_FILE_URL 59 -+#define GRUB_EFI_DHCP6_OPT_DNS_SERVERS 23 -+ -+ grub_set_unaligned16 (opt->data, grub_cpu_to_be16_compile_time(GRUB_EFI_DHCP6_OPT_BOOT_FILE_URL)); -+ grub_set_unaligned16 (opt->data + 1 * sizeof (grub_efi_uint16_t), -+ grub_cpu_to_be16_compile_time(GRUB_EFI_DHCP6_OPT_DNS_SERVERS)); -+ -+ option_list[0] = opt; -+ retrans.irt = 4; -+ retrans.mrc = 4; -+ retrans.mrt = 32; -+ retrans.mrd = 60; -+ -+ config.dhcp6_callback = NULL; -+ config.callback_context = NULL; -+ config.option_count = 1; -+ config.option_list = option_list; -+ config.ia_descriptor.ia_id = ia_id; -+ config.ia_descriptor.type = GRUB_EFI_DHCP6_IA_TYPE_NA; -+ config.ia_info_event = NULL; -+ config.reconfigure_accept = 0; -+ config.rapid_commit = 0; -+ config.solicit_retransmission = &retrans; -+ -+ status = efi_call_2 (dev->dhcp6->configure, dev->dhcp6, &config); -+ grub_free (opt); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp6 configure failed, %d\n", (int)status); -+ continue; -+ } -+ status = efi_call_1 (dev->dhcp6->start, dev->dhcp6); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp6 start failed, %d\n", (int)status); -+ continue; -+ } -+ -+ status = efi_call_3 (dev->dhcp6->get_mode_data, dev->dhcp6, &mode, NULL); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("dhcp4 get mode failed, %d\n", (int)status); -+ continue; -+ } -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (inf->prefer_ip6 == 1) -+ break; -+ -+ grub_memcpy (net_ip.ip6.address, mode.ia->ia_address[0].ip_address, sizeof (net_ip.ip6.address)); -+ net_ip.ip6.prefix_length = 64; -+ net_ip.ip6.is_anycast = 0; -+ net_ip.is_ip6 = 1; -+ -+ if (!inf) -+ { -+ char *name = grub_xasprintf ("%s:dhcp", dev->card_name); -+ -+ inf = grub_efi_net_create_interface (dev, -+ name, -+ &net_ip, -+ 1); -+ grub_free (name); -+ } -+ else -+ { -+ efi_net_interface_set_address (inf, &net_ip, 1); -+ } -+ -+ { -+ grub_efi_uint32_t count = 0; -+ grub_efi_dhcp6_packet_option_t **options = NULL; -+ grub_efi_uint32_t i; -+ -+ status = efi_call_4 (dev->dhcp6->parse, dev->dhcp6, mode.ia->reply_packet, &count, NULL); -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL && count) -+ { -+ options = grub_malloc (count * sizeof(*options)); -+ status = efi_call_4 (dev->dhcp6->parse, dev->dhcp6, mode.ia->reply_packet, &count, options); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (options) -+ grub_free (options); -+ continue; -+ } -+ -+ for (i = 0; i < count; ++i) -+ { -+ if (options[i]->op_code == grub_cpu_to_be16_compile_time(GRUB_EFI_DHCP6_OPT_DNS_SERVERS)) -+ { -+ grub_efi_net_ip_address_t dns; -+ grub_memcpy (dns.ip6, options[i]->data, sizeof(net_ip.ip6)); -+ efi_net_interface_set_dns (inf, &dns); -+ break; -+ } -+ } -+ -+ if (options) -+ grub_free (options); -+ } -+ -+ efi_call_1 (b->free_pool, mode.client_id); -+ efi_call_1 (b->free_pool, mode.ia); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+grub_command_func_t grub_efi_net_bootp = grub_cmd_efi_bootp; -+grub_command_func_t grub_efi_net_bootp6 = grub_cmd_efi_bootp6; -diff --git a/grub-core/net/efi/efi_netfs.c b/grub-core/net/efi/efi_netfs.c -new file mode 100644 -index 00000000000..ef371d885ea ---- /dev/null -+++ b/grub-core/net/efi/efi_netfs.c -@@ -0,0 +1,57 @@ -+#include -+#include -+#define EFI_NET_CMD_PREFIX "net_efi" -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_command_t cmd_efi_lsroutes; -+static grub_command_t cmd_efi_lscards; -+static grub_command_t cmd_efi_lsaddrs; -+static grub_command_t cmd_efi_addaddr; -+static grub_command_t cmd_efi_bootp; -+static grub_command_t cmd_efi_bootp6; -+ -+static int initialized; -+ -+GRUB_MOD_INIT(efi_netfs) -+{ -+ if (grub_net_open) -+ return; -+ -+ if (grub_efi_net_fs_init ()) -+ { -+ cmd_efi_lsroutes = grub_register_command ("net_efi_ls_routes", grub_efi_net_list_routes, -+ "", N_("list network routes")); -+ cmd_efi_lscards = grub_register_command ("net_efi_ls_cards", grub_efi_net_list_cards, -+ "", N_("list network cards")); -+ cmd_efi_lsaddrs = grub_register_command ("net_efi_ls_addr", grub_efi_net_list_addrs, -+ "", N_("list network addresses")); -+ cmd_efi_addaddr = grub_register_command ("net_efi_add_addr", grub_efi_net_add_addr, -+ N_("SHORTNAME CARD ADDRESS [HWADDRESS]"), -+ N_("Add a network address.")); -+ cmd_efi_bootp = grub_register_command ("net_efi_bootp", grub_efi_net_bootp, -+ N_("[CARD]"), -+ N_("perform a bootp autoconfiguration")); -+ cmd_efi_bootp6 = grub_register_command ("net_efi_bootp6", grub_efi_net_bootp6, -+ N_("[CARD]"), -+ N_("perform a bootp autoconfiguration")); -+ initialized = 1; -+ } -+} -+ -+GRUB_MOD_FINI(efi_netfs) -+{ -+ if (initialized) -+ { -+ grub_unregister_command (cmd_efi_lsroutes); -+ grub_unregister_command (cmd_efi_lscards); -+ grub_unregister_command (cmd_efi_lsaddrs); -+ grub_unregister_command (cmd_efi_addaddr); -+ grub_unregister_command (cmd_efi_bootp); -+ grub_unregister_command (cmd_efi_bootp6); -+ grub_efi_net_fs_fini (); -+ initialized = 0; -+ return; -+ } -+} -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -new file mode 100644 -index 00000000000..3f61fd2fa5b ---- /dev/null -+++ b/grub-core/net/efi/http.c -@@ -0,0 +1,419 @@ -+ -+#include -+#include -+#include -+#include -+#include -+ -+static void -+http_configure (struct grub_efi_net_device *dev, int prefer_ip6) -+{ -+ grub_efi_http_config_data_t http_config; -+ grub_efi_httpv4_access_point_t httpv4_node; -+ grub_efi_httpv6_access_point_t httpv6_node; -+ grub_efi_status_t status; -+ -+ grub_efi_http_t *http = dev->http; -+ -+ grub_memset (&http_config, 0, sizeof(http_config)); -+ http_config.http_version = GRUB_EFI_HTTPVERSION11; -+ http_config.timeout_millisec = 5000; -+ -+ if (prefer_ip6) -+ { -+ grub_efi_uintn_t sz; -+ grub_efi_ip6_config_manual_address_t manual_address; -+ -+ http_config.local_address_is_ipv6 = 1; -+ sz = sizeof (manual_address); -+ status = efi_call_4 (dev->ip6_config->get_data, dev->ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MANUAL_ADDRESS, -+ &sz, &manual_address); -+ -+ if (status == GRUB_EFI_NOT_FOUND) -+ { -+ grub_printf ("The MANUAL ADDRESS is not found\n"); -+ } -+ -+ /* FIXME: The manual interface would return BUFFER TOO SMALL !!! */ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("??? %d\n",(int) status); -+ return; -+ } -+ -+ grub_memcpy (httpv6_node.local_address, manual_address.address, sizeof (httpv6_node.local_address)); -+ httpv6_node.local_port = 0; -+ http_config.access_point.ipv6_node = &httpv6_node; -+ } -+ else -+ { -+ http_config.local_address_is_ipv6 = 0; -+ grub_memset (&httpv4_node, 0, sizeof(httpv4_node)); -+ httpv4_node.use_default_address = 1; -+ -+ /* Use random port here */ -+ /* See TcpBind() in edk2/NetworkPkg/TcpDxe/TcpDispatcher.c */ -+ httpv4_node.local_port = 0; -+ http_config.access_point.ipv4_node = &httpv4_node; -+ } -+ -+ status = efi_call_2 (http->configure, http, &http_config); -+ -+ if (status == GRUB_EFI_ALREADY_STARTED) -+ { -+ /* XXX: This hangs HTTPS boot */ -+#if 0 -+ if (efi_call_2 (http->configure, http, NULL) != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_IO, N_("couldn't reset http instance")); -+ grub_print_error (); -+ return; -+ } -+ status = efi_call_2 (http->configure, http, &http_config); -+#endif -+ return; -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_IO, N_("couldn't configure http protocol, reason: %d"), (int)status); -+ grub_print_error (); -+ return ; -+ } -+} -+ -+static grub_efi_boolean_t request_callback_done; -+static grub_efi_boolean_t response_callback_done; -+ -+static void -+grub_efi_http_request_callback (grub_efi_event_t event __attribute__ ((unused)), -+ void *context __attribute__ ((unused))) -+{ -+ request_callback_done = 1; -+} -+ -+static void -+grub_efi_http_response_callback (grub_efi_event_t event __attribute__ ((unused)), -+ void *context __attribute__ ((unused))) -+{ -+ response_callback_done = 1; -+} -+ -+static grub_err_t -+efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, int headeronly, grub_off_t *file_size) -+{ -+ grub_efi_http_request_data_t request_data; -+ grub_efi_http_message_t request_message; -+ grub_efi_http_token_t request_token; -+ grub_efi_http_response_data_t response_data; -+ grub_efi_http_message_t response_message; -+ grub_efi_http_token_t response_token; -+ grub_efi_http_header_t request_headers[3]; -+ -+ grub_efi_status_t status; -+ grub_efi_boot_services_t *b = grub_efi_system_table->boot_services; -+ char *url = NULL; -+ -+ request_headers[0].field_name = (grub_efi_char8_t *)"Host"; -+ request_headers[0].field_value = (grub_efi_char8_t *)server; -+ request_headers[1].field_name = (grub_efi_char8_t *)"Accept"; -+ request_headers[1].field_value = (grub_efi_char8_t *)"*/*"; -+ request_headers[2].field_name = (grub_efi_char8_t *)"User-Agent"; -+ request_headers[2].field_value = (grub_efi_char8_t *)"UefiHttpBoot/1.0"; -+ -+ { -+ grub_efi_ipv6_address_t address; -+ const char *rest; -+ grub_efi_char16_t *ucs2_url; -+ grub_size_t url_len, ucs2_url_len; -+ const char *protocol = (use_https == 1) ? "https" : "http"; -+ -+ if (grub_efi_string_to_ip6_address (server, &address, &rest) && *rest == 0) -+ url = grub_xasprintf ("%s://[%s]%s", protocol, server, name); -+ else -+ url = grub_xasprintf ("%s://%s%s", protocol, server, name); -+ -+ if (!url) -+ { -+ return grub_errno; -+ } -+ -+ url_len = grub_strlen (url); -+ ucs2_url_len = url_len * GRUB_MAX_UTF16_PER_UTF8; -+ ucs2_url = grub_malloc ((ucs2_url_len + 1) * sizeof (ucs2_url[0])); -+ -+ if (!ucs2_url) -+ { -+ grub_free (url); -+ return grub_errno; -+ } -+ -+ ucs2_url_len = grub_utf8_to_utf16 (ucs2_url, ucs2_url_len, (grub_uint8_t *)url, url_len, NULL); /* convert string format from ascii to usc2 */ -+ ucs2_url[ucs2_url_len] = 0; -+ grub_free (url); -+ request_data.url = ucs2_url; -+ } -+ -+ request_data.method = (headeronly > 0) ? GRUB_EFI_HTTPMETHODHEAD : GRUB_EFI_HTTPMETHODGET; -+ -+ request_message.data.request = &request_data; -+ request_message.header_count = 3; -+ request_message.headers = request_headers; -+ request_message.body_length = 0; -+ request_message.body = NULL; -+ -+ /* request token */ -+ request_token.event = NULL; -+ request_token.status = GRUB_EFI_NOT_READY; -+ request_token.message = &request_message; -+ -+ request_callback_done = 0; -+ status = efi_call_5 (b->create_event, -+ GRUB_EFI_EVT_NOTIFY_SIGNAL, -+ GRUB_EFI_TPL_CALLBACK, -+ grub_efi_http_request_callback, -+ NULL, -+ &request_token.event); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (request_data.url); -+ return grub_error (GRUB_ERR_IO, "Fail to create an event! status=0x%x\n", status); -+ } -+ -+ status = efi_call_2 (http->request, http, &request_token); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ efi_call_1 (b->close_event, request_token.event); -+ grub_free (request_data.url); -+ return grub_error (GRUB_ERR_IO, "Fail to send a request! status=0x%x\n", status); -+ } -+ /* TODO: Add Timeout */ -+ while (!request_callback_done) -+ efi_call_1(http->poll, http); -+ -+ response_data.status_code = GRUB_EFI_HTTP_STATUS_UNSUPPORTED_STATUS; -+ response_message.data.response = &response_data; -+ /* herader_count will be updated by the HTTP driver on response */ -+ response_message.header_count = 0; -+ /* headers will be populated by the driver on response */ -+ response_message.headers = NULL; -+ /* use zero BodyLength to only receive the response headers */ -+ response_message.body_length = 0; -+ response_message.body = NULL; -+ response_token.event = NULL; -+ -+ status = efi_call_5 (b->create_event, -+ GRUB_EFI_EVT_NOTIFY_SIGNAL, -+ GRUB_EFI_TPL_CALLBACK, -+ grub_efi_http_response_callback, -+ NULL, -+ &response_token.event); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ efi_call_1 (b->close_event, request_token.event); -+ grub_free (request_data.url); -+ return grub_error (GRUB_ERR_IO, "Fail to create an event! status=0x%x\n", status); -+ } -+ -+ response_token.status = GRUB_EFI_SUCCESS; -+ response_token.message = &response_message; -+ -+ /* wait for HTTP response */ -+ response_callback_done = 0; -+ status = efi_call_2 (http->response, http, &response_token); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ efi_call_1 (b->close_event, response_token.event); -+ efi_call_1 (b->close_event, request_token.event); -+ grub_free (request_data.url); -+ return grub_error (GRUB_ERR_IO, "Fail to receive a response! status=%d\n", (int)status); -+ } -+ -+ /* TODO: Add Timeout */ -+ while (!response_callback_done) -+ efi_call_1 (http->poll, http); -+ -+ if (response_message.data.response->status_code != GRUB_EFI_HTTP_STATUS_200_OK) -+ { -+ grub_efi_http_status_code_t status_code = response_message.data.response->status_code; -+ -+ if (response_message.headers) -+ efi_call_1 (b->free_pool, response_message.headers); -+ efi_call_1 (b->close_event, response_token.event); -+ efi_call_1 (b->close_event, request_token.event); -+ grub_free (request_data.url); -+ if (status_code == GRUB_EFI_HTTP_STATUS_404_NOT_FOUND) -+ { -+ return grub_error (GRUB_ERR_FILE_NOT_FOUND, _("file `%s' not found"), name); -+ } -+ else -+ { -+ return grub_error (GRUB_ERR_NET_UNKNOWN_ERROR, -+ _("unsupported uefi http status code 0x%x"), status_code); -+ } -+ } -+ -+ if (file_size) -+ { -+ int i; -+ /* parse the length of the file from the ContentLength header */ -+ for (*file_size = 0, i = 0; i < (int)response_message.header_count; ++i) -+ { -+ if (!grub_strcmp((const char*)response_message.headers[i].field_name, "Content-Length")) -+ { -+ *file_size = grub_strtoul((const char*)response_message.headers[i].field_value, 0, 10); -+ break; -+ } -+ } -+ } -+ -+ if (response_message.headers) -+ efi_call_1 (b->free_pool, response_message.headers); -+ efi_call_1 (b->close_event, response_token.event); -+ efi_call_1 (b->close_event, request_token.event); -+ grub_free (request_data.url); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_ssize_t -+efihttp_read (struct grub_efi_net_device *dev, -+ char *buf, -+ grub_size_t len) -+{ -+ grub_efi_http_message_t response_message; -+ grub_efi_http_token_t response_token; -+ -+ grub_efi_status_t status; -+ grub_size_t sum = 0; -+ grub_efi_boot_services_t *b = grub_efi_system_table->boot_services; -+ grub_efi_http_t *http = dev->http; -+ -+ if (!len) -+ { -+ grub_error (GRUB_ERR_BUG, "Invalid arguments to EFI HTTP Read"); -+ return -1; -+ } -+ -+ efi_call_5 (b->create_event, -+ GRUB_EFI_EVT_NOTIFY_SIGNAL, -+ GRUB_EFI_TPL_CALLBACK, -+ grub_efi_http_response_callback, -+ NULL, -+ &response_token.event); -+ -+ while (len) -+ { -+ response_message.data.response = NULL; -+ response_message.header_count = 0; -+ response_message.headers = NULL; -+ response_message.body_length = len; -+ response_message.body = buf; -+ -+ response_token.message = &response_message; -+ response_token.status = GRUB_EFI_NOT_READY; -+ -+ response_callback_done = 0; -+ -+ status = efi_call_2 (http->response, http, &response_token); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ efi_call_1 (b->close_event, response_token.event); -+ grub_error (GRUB_ERR_IO, "Error! status=%d\n", (int)status); -+ return -1; -+ } -+ -+ while (!response_callback_done) -+ efi_call_1(http->poll, http); -+ -+ sum += response_message.body_length; -+ buf += response_message.body_length; -+ len -= response_message.body_length; -+ } -+ -+ efi_call_1 (b->close_event, response_token.event); -+ -+ return sum; -+} -+ -+static grub_err_t -+grub_efihttp_open (struct grub_efi_net_device *dev, -+ int prefer_ip6 __attribute__ ((unused)), -+ grub_file_t file, -+ const char *filename __attribute__ ((unused)), -+ int type) -+{ -+ grub_err_t err; -+ grub_off_t size; -+ char *buf; -+ -+ err = efihttp_request (dev->http, file->device->net->server, file->device->net->name, type, 1, 0); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ -+ err = efihttp_request (dev->http, file->device->net->server, file->device->net->name, type, 0, &size); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ -+ buf = grub_malloc (size); -+ efihttp_read (dev, buf, size); -+ -+ file->size = size; -+ file->data = buf; -+ file->not_easily_seekable = 0; -+ file->device->net->offset = 0; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_efihttp_close (struct grub_efi_net_device *dev __attribute__ ((unused)), -+ int prefer_ip6 __attribute__ ((unused)), -+ grub_file_t file) -+{ -+ if (file->data) -+ grub_free (file->data); -+ -+ file->data = 0; -+ file->offset = 0; -+ file->size = 0; -+ file->device->net->offset = 0; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_ssize_t -+grub_efihttp_read (struct grub_efi_net_device *dev __attribute__((unused)), -+ int prefer_ip6 __attribute__((unused)), -+ grub_file_t file, -+ char *buf, -+ grub_size_t len) -+{ -+ grub_size_t r = len; -+ -+ if (!file->data || !buf || !len) -+ return 0; -+ -+ if ((file->device->net->offset + len) > file->size) -+ r = file->size - file->device->net->offset; -+ -+ if (r) -+ { -+ grub_memcpy (buf, (char *)file->data + file->device->net->offset, r); -+ file->device->net->offset += r; -+ } -+ -+ return r; -+} -+ -+struct grub_efi_net_io io_http = -+ { -+ .configure = http_configure, -+ .open = grub_efihttp_open, -+ .read = grub_efihttp_read, -+ .close = grub_efihttp_close -+ }; -diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c -new file mode 100644 -index 00000000000..b711a5d9457 ---- /dev/null -+++ b/grub-core/net/efi/ip4_config.c -@@ -0,0 +1,398 @@ -+ -+#include -+#include -+#include -+#include -+#include -+ -+char * -+grub_efi_hw_address_to_string (grub_efi_uint32_t hw_address_size, grub_efi_mac_address_t hw_address) -+{ -+ char *hw_addr, *p; -+ int sz, s; -+ int i; -+ -+ sz = (int)hw_address_size * (sizeof ("XX:") - 1) + 1; -+ -+ hw_addr = grub_malloc (sz); -+ if (!hw_addr) -+ return NULL; -+ -+ p = hw_addr; -+ s = sz; -+ for (i = 0; i < (int)hw_address_size; i++) -+ { -+ grub_snprintf (p, sz, "%02x:", hw_address[i]); -+ p += sizeof ("XX:") - 1; -+ s -= sizeof ("XX:") - 1; -+ } -+ -+ hw_addr[sz - 2] = '\0'; -+ return hw_addr; -+} -+ -+char * -+grub_efi_ip4_address_to_string (grub_efi_ipv4_address_t *address) -+{ -+ char *addr; -+ -+ addr = grub_malloc (sizeof ("XXX.XXX.XXX.XXX")); -+ if (!addr) -+ return NULL; -+ -+ /* FIXME: Use grub_xasprintf ? */ -+ grub_snprintf (addr, -+ sizeof ("XXX.XXX.XXX.XXX"), -+ "%u.%u.%u.%u", -+ (*address)[0], -+ (*address)[1], -+ (*address)[2], -+ (*address)[3]); -+ -+ return addr; -+} -+ -+int -+grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest) -+{ -+ grub_uint32_t newip = 0; -+ int i; -+ const char *ptr = val; -+ -+ for (i = 0; i < 4; i++) -+ { -+ unsigned long t; -+ t = grub_strtoul (ptr, (char **) &ptr, 0); -+ if (grub_errno) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ return 0; -+ } -+ if (*ptr != '.' && i == 0) -+ { -+ /* XXX: t is in host byte order */ -+ newip = t; -+ break; -+ } -+ if (t & ~0xff) -+ return 0; -+ newip <<= 8; -+ newip |= t; -+ if (i != 3 && *ptr != '.') -+ return 0; -+ ptr++; -+ } -+ -+ newip = grub_cpu_to_be32 (newip); -+ -+ grub_memcpy (address, &newip, sizeof(*address)); -+ -+ if (rest) -+ *rest = (ptr - 1); -+ return 1; -+} -+ -+static grub_efi_ip4_config2_interface_info_t * -+efi_ip4_config_interface_info (grub_efi_ip4_config2_protocol_t *ip4_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip4_config2_interface_info_t *interface_info; -+ -+ sz = sizeof (*interface_info) + sizeof (*interface_info->route_table); -+ interface_info = grub_malloc (sz); -+ if (!interface_info) -+ return NULL; -+ -+ status = efi_call_4 (ip4_config->get_data, ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_INTERFACEINFO, -+ &sz, interface_info); -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL) -+ { -+ grub_free (interface_info); -+ interface_info = grub_malloc (sz); -+ status = efi_call_4 (ip4_config->get_data, ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_INTERFACEINFO, -+ &sz, interface_info); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (interface_info); -+ return NULL; -+ } -+ -+ return interface_info; -+} -+ -+static grub_efi_ip4_config2_manual_address_t * -+efi_ip4_config_manual_address (grub_efi_ip4_config2_protocol_t *ip4_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip4_config2_manual_address_t *manual_address; -+ -+ sz = sizeof (*manual_address); -+ manual_address = grub_malloc (sz); -+ if (!manual_address) -+ return NULL; -+ -+ status = efi_call_4 (ip4_config->get_data, ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_MANUAL_ADDRESS, -+ &sz, manual_address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (manual_address); -+ return NULL; -+ } -+ -+ return manual_address; -+} -+ -+char * -+grub_efi_ip4_interface_name (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip4_config2_interface_info_t *interface_info; -+ char *name; -+ -+ interface_info = efi_ip4_config_interface_info (dev->ip4_config); -+ -+ if (!interface_info) -+ return NULL; -+ -+ name = grub_malloc (GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE -+ * GRUB_MAX_UTF8_PER_UTF16 + 1); -+ *grub_utf16_to_utf8 ((grub_uint8_t *)name, interface_info->name, -+ GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE) = 0; -+ grub_free (interface_info); -+ return name; -+} -+ -+static char * -+grub_efi_ip4_interface_hw_address (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip4_config2_interface_info_t *interface_info; -+ char *hw_addr; -+ -+ interface_info = efi_ip4_config_interface_info (dev->ip4_config); -+ -+ if (!interface_info) -+ return NULL; -+ -+ hw_addr = grub_efi_hw_address_to_string (interface_info->hw_address_size, interface_info->hw_address); -+ grub_free (interface_info); -+ -+ return hw_addr; -+} -+ -+static char * -+grub_efi_ip4_interface_address (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip4_config2_manual_address_t *manual_address; -+ char *addr; -+ -+ manual_address = efi_ip4_config_manual_address (dev->ip4_config); -+ -+ if (!manual_address) -+ return NULL; -+ -+ addr = grub_efi_ip4_address_to_string (&manual_address->address); -+ grub_free (manual_address); -+ return addr; -+} -+ -+ -+static int -+address_mask_size (grub_efi_ipv4_address_t *address) -+{ -+ grub_uint8_t i; -+ grub_uint32_t u32_addr = grub_be_to_cpu32 (grub_get_unaligned32 (address)); -+ -+ if (u32_addr == 0) -+ return 0; -+ -+ for (i = 0; i < 32 ; ++i) -+ { -+ if (u32_addr == ((0xffffffff >> i) << i)) -+ return (32 - i); -+ } -+ -+ return -1; -+} -+ -+static char ** -+grub_efi_ip4_interface_route_table (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip4_config2_interface_info_t *interface_info; -+ char **ret; -+ int i, id; -+ -+ interface_info = efi_ip4_config_interface_info (dev->ip4_config); -+ if (!interface_info) -+ return NULL; -+ -+ ret = grub_malloc (sizeof (*ret) * (interface_info->route_table_size + 1)); -+ -+ if (!ret) -+ { -+ grub_free (interface_info); -+ return NULL; -+ } -+ -+ id = 0; -+ for (i = 0; i < (int)interface_info->route_table_size; i++) -+ { -+ char *subnet, *gateway, *mask; -+ grub_uint32_t u32_subnet, u32_gateway; -+ int mask_size; -+ grub_efi_ip4_route_table_t *route_table = interface_info->route_table + i; -+ grub_efi_net_interface_t *inf; -+ char *interface_name = NULL; -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (!inf->prefer_ip6) -+ interface_name = inf->name; -+ -+ u32_gateway = grub_get_unaligned32 (&route_table->gateway_address); -+ gateway = grub_efi_ip4_address_to_string (&route_table->gateway_address); -+ u32_subnet = grub_get_unaligned32 (&route_table->subnet_address); -+ subnet = grub_efi_ip4_address_to_string (&route_table->subnet_address); -+ mask_size = address_mask_size (&route_table->subnet_mask); -+ mask = grub_efi_ip4_address_to_string (&route_table->subnet_mask); -+ if (u32_subnet && !u32_gateway && interface_name) -+ ret[id++] = grub_xasprintf ("%s:local %s/%d %s", dev->card_name, subnet, mask_size, interface_name); -+ else if (u32_subnet && u32_gateway) -+ ret[id++] = grub_xasprintf ("%s:gw %s/%d gw %s", dev->card_name, subnet, mask_size, gateway); -+ else if (!u32_subnet && u32_gateway) -+ ret[id++] = grub_xasprintf ("%s:default %s/%d gw %s", dev->card_name, subnet, mask_size, gateway); -+ grub_free (subnet); -+ grub_free (gateway); -+ grub_free (mask); -+ } -+ -+ ret[id] = NULL; -+ grub_free (interface_info); -+ return ret; -+} -+ -+static grub_efi_net_interface_t * -+grub_efi_ip4_interface_match (struct grub_efi_net_device *dev, grub_efi_net_ip_address_t *ip_address) -+{ -+ grub_efi_ip4_config2_interface_info_t *interface_info; -+ grub_efi_net_interface_t *inf; -+ int i; -+ grub_efi_ipv4_address_t *address = &ip_address->ip4; -+ -+ interface_info = efi_ip4_config_interface_info (dev->ip4_config); -+ if (!interface_info) -+ return NULL; -+ -+ for (i = 0; i < (int)interface_info->route_table_size; i++) -+ { -+ grub_efi_ip4_route_table_t *route_table = interface_info->route_table + i; -+ grub_uint32_t u32_address, u32_mask, u32_subnet; -+ -+ u32_address = grub_get_unaligned32 (address); -+ u32_subnet = grub_get_unaligned32 (route_table->subnet_address); -+ u32_mask = grub_get_unaligned32 (route_table->subnet_mask); -+ -+ /* SKIP Default GATEWAY */ -+ if (!u32_subnet && !u32_mask) -+ continue; -+ -+ if ((u32_address & u32_mask) == u32_subnet) -+ { -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (!inf->prefer_ip6) -+ { -+ grub_free (interface_info); -+ return inf; -+ } -+ } -+ } -+ -+ grub_free (interface_info); -+ return NULL; -+} -+ -+static int -+grub_efi_ip4_interface_set_manual_address (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_manual_address_t *net_ip, -+ int with_subnet) -+{ -+ grub_efi_status_t status; -+ grub_efi_ip4_config2_manual_address_t *address = &net_ip->ip4; -+ -+ if (!with_subnet) -+ { -+ grub_efi_ip4_config2_manual_address_t *manual_address = -+ efi_ip4_config_manual_address (dev->ip4_config); -+ -+ if (manual_address) -+ { -+ grub_memcpy (address->subnet_mask, manual_address->subnet_mask, sizeof(address->subnet_mask)); -+ grub_free (manual_address); -+ } -+ else -+ { -+ /* XXX: */ -+ address->subnet_mask[0] = 0xff; -+ address->subnet_mask[1] = 0xff; -+ address->subnet_mask[2] = 0xff; -+ address->subnet_mask[3] = 0; -+ } -+ } -+ -+ status = efi_call_4 (dev->ip4_config->set_data, dev->ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_MANUAL_ADDRESS, -+ sizeof(*address), address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ return 1; -+} -+ -+static int -+grub_efi_ip4_interface_set_gateway (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_address_t *address) -+{ -+ grub_efi_status_t status; -+ -+ status = efi_call_4 (dev->ip4_config->set_data, dev->ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_GATEWAY, -+ sizeof (address->ip4), &address->ip4); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ return 1; -+} -+ -+/* FIXME: Multiple DNS */ -+static int -+grub_efi_ip4_interface_set_dns (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_address_t *address) -+{ -+ grub_efi_status_t status; -+ -+ status = efi_call_4 (dev->ip4_config->set_data, dev->ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_DNSSERVER, -+ sizeof (address->ip4), &address->ip4); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ return 1; -+} -+ -+grub_efi_net_ip_config_t *efi_net_ip4_config = &(grub_efi_net_ip_config_t) -+ { -+ .get_hw_address = grub_efi_ip4_interface_hw_address, -+ .get_address = grub_efi_ip4_interface_address, -+ .get_route_table = grub_efi_ip4_interface_route_table, -+ .best_interface = grub_efi_ip4_interface_match, -+ .set_address = grub_efi_ip4_interface_set_manual_address, -+ .set_gateway = grub_efi_ip4_interface_set_gateway, -+ .set_dns = grub_efi_ip4_interface_set_dns -+ }; -diff --git a/grub-core/net/efi/ip6_config.c b/grub-core/net/efi/ip6_config.c -new file mode 100644 -index 00000000000..017c4d05bc7 ---- /dev/null -+++ b/grub-core/net/efi/ip6_config.c -@@ -0,0 +1,422 @@ -+#include -+#include -+#include -+#include -+#include -+ -+char * -+grub_efi_ip6_address_to_string (grub_efi_pxe_ipv6_address_t *address) -+{ -+ char *str = grub_malloc (sizeof ("XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX")); -+ char *p; -+ int i; -+ int squash; -+ -+ if (!str) -+ return NULL; -+ -+ p = str; -+ squash = 0; -+ for (i = 0; i < 8; ++i) -+ { -+ grub_uint16_t addr; -+ -+ if (i == 7) -+ squash = 2; -+ -+ addr = grub_get_unaligned16 (address->addr + i * 2); -+ -+ if (grub_be_to_cpu16 (addr)) -+ { -+ char buf[sizeof ("XXXX")]; -+ if (i > 0) -+ *p++ = ':'; -+ grub_snprintf (buf, sizeof (buf), "%x", grub_be_to_cpu16 (addr)); -+ grub_strcpy (p, buf); -+ p += grub_strlen (buf); -+ -+ if (squash == 1) -+ squash = 2; -+ } -+ else -+ { -+ if (squash == 0) -+ { -+ *p++ = ':'; -+ squash = 1; -+ } -+ else if (squash == 2) -+ { -+ *p++ = ':'; -+ *p++ = '0'; -+ } -+ } -+ } -+ *p = '\0'; -+ return str; -+} -+ -+int -+grub_efi_string_to_ip6_address (const char *val, grub_efi_ipv6_address_t *address, const char **rest) -+{ -+ grub_uint16_t newip[8]; -+ const char *ptr = val; -+ int word, quaddot = -1; -+ int bracketed = 0; -+ -+ if (ptr[0] == '[') { -+ bracketed = 1; -+ ptr++; -+ } -+ -+ if (ptr[0] == ':' && ptr[1] != ':') -+ return 0; -+ if (ptr[0] == ':') -+ ptr++; -+ -+ for (word = 0; word < 8; word++) -+ { -+ unsigned long t; -+ if (*ptr == ':') -+ { -+ quaddot = word; -+ word--; -+ ptr++; -+ continue; -+ } -+ t = grub_strtoul (ptr, (char **) &ptr, 16); -+ if (grub_errno) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ break; -+ } -+ if (t & ~0xffff) -+ return 0; -+ newip[word] = grub_cpu_to_be16 (t); -+ if (*ptr != ':') -+ break; -+ ptr++; -+ } -+ if (quaddot == -1 && word < 7) -+ return 0; -+ if (quaddot != -1) -+ { -+ grub_memmove (&newip[quaddot + 7 - word], &newip[quaddot], -+ (word - quaddot + 1) * sizeof (newip[0])); -+ grub_memset (&newip[quaddot], 0, (7 - word) * sizeof (newip[0])); -+ } -+ grub_memcpy (address, newip, 16); -+ if (bracketed && *ptr == ']') { -+ ptr++; -+ } -+ if (rest) -+ *rest = ptr; -+ return 1; -+} -+ -+static grub_efi_ip6_config_interface_info_t * -+efi_ip6_config_interface_info (grub_efi_ip6_config_protocol_t *ip6_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip6_config_interface_info_t *interface_info; -+ -+ sz = sizeof (*interface_info) + sizeof (*interface_info->route_table); -+ interface_info = grub_malloc (sz); -+ -+ status = efi_call_4 (ip6_config->get_data, ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_INTERFACEINFO, -+ &sz, interface_info); -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL) -+ { -+ grub_free (interface_info); -+ interface_info = grub_malloc (sz); -+ status = efi_call_4 (ip6_config->get_data, ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_INTERFACEINFO, -+ &sz, interface_info); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (interface_info); -+ return NULL; -+ } -+ -+ return interface_info; -+} -+ -+static grub_efi_ip6_config_manual_address_t * -+efi_ip6_config_manual_address (grub_efi_ip6_config_protocol_t *ip6_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip6_config_manual_address_t *manual_address; -+ -+ sz = sizeof (*manual_address); -+ manual_address = grub_malloc (sz); -+ if (!manual_address) -+ return NULL; -+ -+ status = efi_call_4 (ip6_config->get_data, ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MANUAL_ADDRESS, -+ &sz, manual_address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (manual_address); -+ return NULL; -+ } -+ -+ return manual_address; -+} -+ -+char * -+grub_efi_ip6_interface_name (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip6_config_interface_info_t *interface_info; -+ char *name; -+ -+ interface_info = efi_ip6_config_interface_info (dev->ip6_config); -+ -+ if (!interface_info) -+ return NULL; -+ -+ name = grub_malloc (GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE -+ * GRUB_MAX_UTF8_PER_UTF16 + 1); -+ *grub_utf16_to_utf8 ((grub_uint8_t *)name, interface_info->name, -+ GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE) = 0; -+ grub_free (interface_info); -+ return name; -+} -+ -+static char * -+grub_efi_ip6_interface_hw_address (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip6_config_interface_info_t *interface_info; -+ char *hw_addr; -+ -+ interface_info = efi_ip6_config_interface_info (dev->ip6_config); -+ -+ if (!interface_info) -+ return NULL; -+ -+ hw_addr = grub_efi_hw_address_to_string (interface_info->hw_address_size, interface_info->hw_address); -+ grub_free (interface_info); -+ -+ return hw_addr; -+} -+ -+static char * -+grub_efi_ip6_interface_address (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip6_config_manual_address_t *manual_address; -+ char *addr; -+ -+ manual_address = efi_ip6_config_manual_address (dev->ip6_config); -+ -+ if (!manual_address) -+ return NULL; -+ -+ addr = grub_efi_ip6_address_to_string ((grub_efi_pxe_ipv6_address_t *)&manual_address->address); -+ grub_free (manual_address); -+ return addr; -+} -+ -+static char ** -+grub_efi_ip6_interface_route_table (struct grub_efi_net_device *dev) -+{ -+ grub_efi_ip6_config_interface_info_t *interface_info; -+ char **ret; -+ int i, id; -+ -+ interface_info = efi_ip6_config_interface_info (dev->ip6_config); -+ if (!interface_info) -+ return NULL; -+ -+ ret = grub_malloc (sizeof (*ret) * (interface_info->route_count + 1)); -+ -+ if (!ret) -+ { -+ grub_free (interface_info); -+ return NULL; -+ } -+ -+ id = 0; -+ for (i = 0; i < (int)interface_info->route_count ; i++) -+ { -+ char *gateway, *destination; -+ grub_uint64_t u64_gateway[2]; -+ grub_uint64_t u64_destination[2]; -+ grub_efi_ip6_route_table_t *route_table = interface_info->route_table + i; -+ grub_efi_net_interface_t *inf; -+ char *interface_name = NULL; -+ -+ gateway = grub_efi_ip6_address_to_string (&route_table->gateway); -+ destination = grub_efi_ip6_address_to_string (&route_table->destination); -+ -+ u64_gateway[0] = grub_get_unaligned64 (route_table->gateway.addr); -+ u64_gateway[1] = grub_get_unaligned64 (route_table->gateway.addr + 8); -+ u64_destination[0] = grub_get_unaligned64 (route_table->destination.addr); -+ u64_destination[1] = grub_get_unaligned64 (route_table->destination.addr + 8); -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (inf->prefer_ip6) -+ interface_name = inf->name; -+ -+ if ((!u64_gateway[0] && !u64_gateway[1]) -+ && (u64_destination[0] || u64_destination[1])) -+ { -+ if (interface_name) -+ { -+ if ((grub_be_to_cpu64 (u64_destination[0]) == 0xfe80000000000000ULL) -+ && (!u64_destination[1]) -+ && (route_table->prefix_length == 64)) -+ ret[id++] = grub_xasprintf ("%s:link %s/%d %s", dev->card_name, destination, route_table->prefix_length, interface_name); -+ else -+ ret[id++] = grub_xasprintf ("%s:local %s/%d %s", dev->card_name, destination, route_table->prefix_length, interface_name); -+ } -+ } -+ else if ((u64_gateway[0] || u64_gateway[1]) -+ && (u64_destination[0] || u64_destination[1])) -+ ret[id++] = grub_xasprintf ("%s:gw %s/%d gw %s", dev->card_name, destination, route_table->prefix_length, gateway); -+ else if ((u64_gateway[0] || u64_gateway[1]) -+ && (!u64_destination[0] && !u64_destination[1])) -+ ret[id++] = grub_xasprintf ("%s:default %s/%d gw %s", dev->card_name, destination, route_table->prefix_length, gateway); -+ -+ grub_free (gateway); -+ grub_free (destination); -+ } -+ -+ ret[id] = NULL; -+ grub_free (interface_info); -+ return ret; -+} -+ -+static grub_efi_net_interface_t * -+grub_efi_ip6_interface_match (struct grub_efi_net_device *dev, grub_efi_net_ip_address_t *ip_address) -+{ -+ grub_efi_ip6_config_interface_info_t *interface_info; -+ grub_efi_net_interface_t *inf; -+ int i; -+ grub_efi_ipv6_address_t *address = &ip_address->ip6; -+ -+ interface_info = efi_ip6_config_interface_info (dev->ip6_config); -+ if (!interface_info) -+ return NULL; -+ -+ for (i = 0; i < (int)interface_info->route_count ; i++) -+ { -+ grub_uint64_t u64_addr[2]; -+ grub_uint64_t u64_subnet[2]; -+ grub_uint64_t u64_mask[2]; -+ -+ grub_efi_ip6_route_table_t *route_table = interface_info->route_table + i; -+ -+ /* SKIP Default GATEWAY */ -+ if (route_table->prefix_length == 0) -+ continue; -+ -+ u64_addr[0] = grub_get_unaligned64 (address); -+ u64_addr[1] = grub_get_unaligned64 (address + 4); -+ u64_subnet[0] = grub_get_unaligned64 (route_table->destination.addr); -+ u64_subnet[1] = grub_get_unaligned64 (route_table->destination.addr + 8); -+ u64_mask[0] = (route_table->prefix_length <= 64) ? -+ 0xffffffffffffffffULL << (64 - route_table->prefix_length) : -+ 0xffffffffffffffffULL; -+ u64_mask[1] = (route_table->prefix_length <= 64) ? -+ 0 : -+ 0xffffffffffffffffULL << (128 - route_table->prefix_length); -+ -+ if (((u64_addr[0] & u64_mask[0]) == u64_subnet[0]) -+ && ((u64_addr[1] & u64_mask[1]) == u64_subnet[1])) -+ { -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (inf->prefer_ip6) -+ { -+ grub_free (interface_info); -+ return inf; -+ } -+ } -+ } -+ -+ grub_free (interface_info); -+ return NULL; -+} -+ -+static int -+grub_efi_ip6_interface_set_manual_address (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_manual_address_t *net_ip, -+ int with_subnet) -+{ -+ grub_efi_status_t status; -+ grub_efi_ip6_config_manual_address_t *address = &net_ip->ip6; -+ -+ if (!with_subnet) -+ { -+ grub_efi_ip6_config_manual_address_t *manual_address = -+ efi_ip6_config_manual_address (dev->ip6_config); -+ -+ if (manual_address) -+ { -+ address->prefix_length = manual_address->prefix_length; -+ grub_free (manual_address); -+ } -+ else -+ { -+ /* XXX: */ -+ address->prefix_length = 64; -+ } -+ } -+ -+ status = efi_call_4 (dev->ip6_config->set_data, dev->ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MANUAL_ADDRESS, -+ sizeof(*address), address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ return 1; -+} -+ -+static int -+grub_efi_ip6_interface_set_gateway (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_address_t *address) -+{ -+ grub_efi_status_t status; -+ -+ status = efi_call_4 (dev->ip6_config->set_data, dev->ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_GATEWAY, -+ sizeof (address->ip6), &address->ip6); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ return 1; -+} -+ -+static int -+grub_efi_ip6_interface_set_dns (struct grub_efi_net_device *dev, -+ grub_efi_net_ip_address_t *address) -+{ -+ -+ grub_efi_status_t status; -+ -+ status = efi_call_4 (dev->ip6_config->set_data, dev->ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_DNSSERVER, -+ sizeof (address->ip6), &address->ip6); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ return 1; -+} -+ -+grub_efi_net_ip_config_t *efi_net_ip6_config = &(grub_efi_net_ip_config_t) -+ { -+ .get_hw_address = grub_efi_ip6_interface_hw_address, -+ .get_address = grub_efi_ip6_interface_address, -+ .get_route_table = grub_efi_ip6_interface_route_table, -+ .best_interface = grub_efi_ip6_interface_match, -+ .set_address = grub_efi_ip6_interface_set_manual_address, -+ .set_gateway = grub_efi_ip6_interface_set_gateway, -+ .set_dns = grub_efi_ip6_interface_set_dns -+ }; -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -new file mode 100644 -index 00000000000..86bce6535d3 ---- /dev/null -+++ b/grub-core/net/efi/net.c -@@ -0,0 +1,1428 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+#define GRUB_EFI_IP6_PREFIX_LENGTH 64 -+ -+static grub_efi_guid_t ip4_config_guid = GRUB_EFI_IP4_CONFIG2_PROTOCOL_GUID; -+static grub_efi_guid_t ip6_config_guid = GRUB_EFI_IP6_CONFIG_PROTOCOL_GUID; -+static grub_efi_guid_t http_service_binding_guid = GRUB_EFI_HTTP_SERVICE_BINDING_PROTOCOL_GUID; -+static grub_efi_guid_t http_guid = GRUB_EFI_HTTP_PROTOCOL_GUID; -+static grub_efi_guid_t pxe_io_guid = GRUB_EFI_PXE_GUID; -+static grub_efi_guid_t dhcp4_service_binding_guid = GRUB_EFI_DHCP4_SERVICE_BINDING_PROTOCOL_GUID; -+static grub_efi_guid_t dhcp4_guid = GRUB_EFI_DHCP4_PROTOCOL_GUID; -+static grub_efi_guid_t dhcp6_service_binding_guid = GRUB_EFI_DHCP6_SERVICE_BINDING_PROTOCOL_GUID; -+static grub_efi_guid_t dhcp6_guid = GRUB_EFI_DHCP6_PROTOCOL_GUID; -+ -+struct grub_efi_net_device *net_devices; -+ -+static char *default_server; -+static grub_efi_net_interface_t *net_interface; -+static grub_efi_net_interface_t *net_default_interface; -+ -+#define efi_net_interface_configure(inf) inf->io->configure (inf->dev, inf->prefer_ip6) -+#define efi_net_interface_open(inf, file, name) inf->io->open (inf->dev, inf->prefer_ip6, file, name, inf->io_type) -+#define efi_net_interface_read(inf, file, buf, sz) inf->io->read (inf->dev, inf->prefer_ip6, file, buf, sz) -+#define efi_net_interface_close(inf, file) inf->io->close (inf->dev, inf->prefer_ip6, file) -+#define efi_net_interface(m,...) efi_net_interface_ ## m (net_interface, ## __VA_ARGS__) -+ -+static grub_efi_handle_t -+grub_efi_locate_device_path (grub_efi_guid_t *protocol, grub_efi_device_path_t *device_path, -+ grub_efi_device_path_t **r_device_path) -+{ -+ grub_efi_handle_t handle; -+ grub_efi_status_t status; -+ -+ status = efi_call_3 (grub_efi_system_table->boot_services->locate_device_path, -+ protocol, &device_path, &handle); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return 0; -+ -+ if (r_device_path) -+ *r_device_path = device_path; -+ -+ return handle; -+} -+ -+static int -+url_parse_fields (const char *url, char **proto, char **host, char **path) -+{ -+ const char *p, *ps; -+ grub_size_t l; -+ -+ *proto = *host = *path = NULL; -+ ps = p = url; -+ -+ while ((p = grub_strchr (p, ':'))) -+ { -+ if (grub_strlen (p) < sizeof ("://") - 1) -+ break; -+ if (grub_memcmp (p, "://", sizeof ("://") - 1) == 0) -+ { -+ l = p - ps; -+ *proto = grub_malloc (l + 1); -+ if (!*proto) -+ { -+ grub_print_error (); -+ return 0; -+ } -+ -+ grub_memcpy (*proto, ps, l); -+ (*proto)[l] = '\0'; -+ p += sizeof ("://") - 1; -+ break; -+ } -+ ++p; -+ } -+ -+ if (!*proto) -+ { -+ grub_dprintf ("bootp", "url: %s is not valid, protocol not found\n", url); -+ return 0; -+ } -+ -+ ps = p; -+ p = grub_strchr (p, '/'); -+ -+ if (!p) -+ { -+ grub_dprintf ("bootp", "url: %s is not valid, host/path not found\n", url); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ -+ l = p - ps; -+ -+ if (l > 2 && ps[0] == '[' && ps[l - 1] == ']') -+ { -+ *host = grub_malloc (l - 1); -+ if (!*host) -+ { -+ grub_print_error (); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ grub_memcpy (*host, ps + 1, l - 2); -+ (*host)[l - 2] = 0; -+ } -+ else -+ { -+ *host = grub_malloc (l + 1); -+ if (!*host) -+ { -+ grub_print_error (); -+ grub_free (*proto); -+ *proto = NULL; -+ return 0; -+ } -+ grub_memcpy (*host, ps, l); -+ (*host)[l] = 0; -+ } -+ -+ *path = grub_strdup (p); -+ if (!*path) -+ { -+ grub_print_error (); -+ grub_free (*host); -+ grub_free (*proto); -+ *host = NULL; -+ *proto = NULL; -+ return 0; -+ } -+ return 1; -+} -+ -+static void -+url_get_boot_location (const char *url, char **device, char **path, int is_default) -+{ -+ char *protocol, *server, *file; -+ char *slash; -+ -+ if (!url_parse_fields (url, &protocol, &server, &file)) -+ return; -+ -+ if ((slash = grub_strrchr (file, '/'))) -+ *slash = 0; -+ else -+ *file = 0; -+ -+ *device = grub_xasprintf ("%s,%s", protocol, server); -+ *path = grub_strdup(file); -+ -+ if (is_default) -+ default_server = server; -+ else -+ grub_free (server); -+ -+ grub_free (protocol); -+ grub_free (file); -+} -+ -+static void -+pxe_get_boot_location (const struct grub_net_bootp_packet *bp, -+ char **device, -+ char **path, -+ int is_default) -+{ -+ char *server = grub_xasprintf ("%d.%d.%d.%d", -+ ((grub_uint8_t *) &bp->server_ip)[0], -+ ((grub_uint8_t *) &bp->server_ip)[1], -+ ((grub_uint8_t *) &bp->server_ip)[2], -+ ((grub_uint8_t *) &bp->server_ip)[3]); -+ -+ *device = grub_xasprintf ("tftp,%s", server); -+ -+ *path = grub_strndup (bp->boot_file, sizeof (bp->boot_file)); -+ -+ if (*path) -+ { -+ char *slash; -+ slash = grub_strrchr (*path, '/'); -+ if (slash) -+ *slash = 0; -+ else -+ **path = 0; -+ } -+ -+ if (is_default) -+ default_server = server; -+ else -+ grub_free (server); -+} -+ -+static void -+pxe_get_boot_location_v6 (const struct grub_net_dhcp6_packet *dp, -+ grub_size_t dhcp_size, -+ char **device, -+ char **path) -+{ -+ -+ struct grub_net_dhcp6_option *dhcp_opt; -+ grub_size_t dhcp_remain_size; -+ *device = *path = 0; -+ -+ if (dhcp_size < sizeof (*dp)) -+ { -+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("DHCPv6 packet size too small")); -+ return; -+ } -+ -+ dhcp_remain_size = dhcp_size - sizeof (*dp); -+ dhcp_opt = (struct grub_net_dhcp6_option *)dp->dhcp_options; -+ -+ while (dhcp_remain_size) -+ { -+ grub_uint16_t code = grub_be_to_cpu16 (dhcp_opt->code); -+ grub_uint16_t len = grub_be_to_cpu16 (dhcp_opt->len); -+ grub_uint16_t option_size = sizeof (*dhcp_opt) + len; -+ -+ if (dhcp_remain_size < option_size || code == 0) -+ break; -+ -+ if (code == GRUB_NET_DHCP6_OPTION_BOOTFILE_URL) -+ { -+ char *url = grub_malloc (len + 1); -+ -+ grub_memcpy (url, dhcp_opt->data, len); -+ url[len] = 0; -+ -+ url_get_boot_location ((const char *)url, device, path, 1); -+ grub_free (url); -+ break; -+ } -+ -+ dhcp_remain_size -= option_size; -+ dhcp_opt = (struct grub_net_dhcp6_option *)((grub_uint8_t *)dhcp_opt + option_size); -+ } -+} -+ -+static grub_efi_net_interface_t * -+grub_efi_net_config_from_device_path (grub_efi_device_path_t *dp, -+ struct grub_efi_net_device *netdev, -+ char **device, -+ char **path) -+{ -+ grub_efi_net_interface_t *inf = NULL; -+ -+ while (1) -+ { -+ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); -+ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); -+ grub_efi_uint16_t len = GRUB_EFI_DEVICE_PATH_LENGTH (dp); -+ -+ if (type == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE) -+ { -+ if (subtype == GRUB_EFI_URI_DEVICE_PATH_SUBTYPE) -+ { -+ grub_efi_uri_device_path_t *uri_dp; -+ uri_dp = (grub_efi_uri_device_path_t *) dp; -+ /* Beware that uri_dp->uri may not be null terminated */ -+ url_get_boot_location ((const char *)uri_dp->uri, device, path, 1); -+ } -+ else if (subtype == GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE) -+ { -+ grub_efi_net_ip_manual_address_t net_ip; -+ grub_efi_ipv4_device_path_t *ipv4 = (grub_efi_ipv4_device_path_t *) dp; -+ -+ if (inf) -+ continue; -+ grub_memcpy (net_ip.ip4.address, ipv4->local_ip_address, sizeof (net_ip.ip4.address)); -+ grub_memcpy (net_ip.ip4.subnet_mask, ipv4->subnet_mask, sizeof (net_ip.ip4.subnet_mask)); -+ net_ip.is_ip6 = 0; -+ inf = grub_efi_net_create_interface (netdev, -+ netdev->card_name, -+ &net_ip, -+ 1); -+ } -+ else if (subtype == GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE) -+ { -+ grub_efi_net_ip_manual_address_t net_ip; -+ grub_efi_ipv6_device_path_t *ipv6 = (grub_efi_ipv6_device_path_t *) dp; -+ -+ if (inf) -+ continue; -+ grub_memcpy (net_ip.ip6.address, ipv6->local_ip_address, sizeof (net_ip.ip6.address)); -+ net_ip.ip6.prefix_length = GRUB_EFI_IP6_PREFIX_LENGTH; -+ net_ip.ip6.is_anycast = 0; -+ net_ip.is_ip6 = 1; -+ inf = grub_efi_net_create_interface (netdev, -+ netdev->card_name, -+ &net_ip, -+ 1); -+ } -+ } -+ -+ if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp)) -+ break; -+ dp = (grub_efi_device_path_t *) ((char *) dp + len); -+ } -+ -+ return inf; -+} -+ -+static grub_efi_net_interface_t * -+grub_efi_net_config_from_handle (grub_efi_handle_t *hnd, -+ struct grub_efi_net_device *netdev, -+ char **device, -+ char **path) -+{ -+ grub_efi_pxe_t *pxe = NULL; -+ -+ if (hnd == netdev->ip4_pxe_handle) -+ pxe = netdev->ip4_pxe; -+ else if (hnd == netdev->ip6_pxe_handle) -+ pxe = netdev->ip6_pxe; -+ -+ if (!pxe) -+ return (grub_efi_net_config_from_device_path ( -+ grub_efi_get_device_path (hnd), -+ netdev, -+ device, -+ path)); -+ -+ if (pxe->mode->using_ipv6) -+ { -+ grub_efi_net_ip_manual_address_t net_ip; -+ -+ pxe_get_boot_location_v6 ( -+ (const struct grub_net_dhcp6_packet *) &pxe->mode->dhcp_ack, -+ sizeof (pxe->mode->dhcp_ack), -+ device, -+ path); -+ -+ grub_memcpy (net_ip.ip6.address, pxe->mode->station_ip.v6, sizeof(net_ip.ip6.address)); -+ net_ip.ip6.prefix_length = GRUB_EFI_IP6_PREFIX_LENGTH; -+ net_ip.ip6.is_anycast = 0; -+ net_ip.is_ip6 = 1; -+ return (grub_efi_net_create_interface (netdev, -+ netdev->card_name, -+ &net_ip, -+ 1)); -+ } -+ else -+ { -+ grub_efi_net_ip_manual_address_t net_ip; -+ -+ pxe_get_boot_location ( -+ (const struct grub_net_bootp_packet *) &pxe->mode->dhcp_ack, -+ device, -+ path, -+ 1); -+ -+ grub_memcpy (net_ip.ip4.address, pxe->mode->station_ip.v4, sizeof (net_ip.ip4.address)); -+ grub_memcpy (net_ip.ip4.subnet_mask, pxe->mode->subnet_mask.v4, sizeof (net_ip.ip4.subnet_mask)); -+ net_ip.is_ip6 = 0; -+ return (grub_efi_net_create_interface (netdev, -+ netdev->card_name, -+ &net_ip, -+ 1)); -+ } -+} -+ -+static const char * -+grub_efi_net_var_get_address (struct grub_env_var *var, -+ const char *val __attribute__ ((unused))) -+{ -+ struct grub_efi_net_device *dev; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ grub_efi_net_interface_t *inf; -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ { -+ char *var_name; -+ -+ var_name = grub_xasprintf ("net_%s_ip", inf->name); -+ if (grub_strcmp (var_name, var->name) == 0) -+ return efi_net_interface_get_address (inf); -+ grub_free (var_name); -+ var_name = grub_xasprintf ("net_%s_mac", inf->name); -+ if (grub_strcmp (var_name, var->name) == 0) -+ return efi_net_interface_get_hw_address (inf); -+ grub_free (var_name); -+ } -+ } -+ -+ return NULL; -+} -+ -+static char * -+grub_efi_net_var_set_interface (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val) -+{ -+ struct grub_efi_net_device *dev; -+ grub_efi_net_interface_t *inf; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ if (grub_strcmp (inf->name, val) == 0) -+ { -+ net_default_interface = inf; -+ return grub_strdup (val); -+ } -+ -+ return NULL; -+} -+ -+static char * -+grub_efi_net_var_set_server (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val) -+{ -+ grub_free (default_server); -+ default_server = grub_strdup (val); -+ return grub_strdup (val); -+} -+ -+static const char * -+grub_efi_net_var_get_server (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ return default_server ? : ""; -+} -+ -+static const char * -+grub_efi_net_var_get_ip (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ const char *intf = grub_env_get ("net_default_interface"); -+ const char *ret = NULL; -+ if (intf) -+ { -+ char *buf = grub_xasprintf ("net_%s_ip", intf); -+ if (buf) -+ ret = grub_env_get (buf); -+ grub_free (buf); -+ } -+ return ret; -+} -+ -+static const char * -+grub_efi_net_var_get_mac (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ const char *intf = grub_env_get ("net_default_interface"); -+ const char *ret = NULL; -+ if (intf) -+ { -+ char *buf = grub_xasprintf ("net_%s_mac", intf); -+ if (buf) -+ ret = grub_env_get (buf); -+ grub_free (buf); -+ } -+ return ret; -+} -+ -+static void -+grub_efi_net_export_interface_vars (void) -+{ -+ struct grub_efi_net_device *dev; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ grub_efi_net_interface_t *inf; -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ { -+ char *var; -+ -+ var = grub_xasprintf ("net_%s_ip", inf->name); -+ grub_register_variable_hook (var, grub_efi_net_var_get_address, 0); -+ grub_env_export (var); -+ grub_free (var); -+ var = grub_xasprintf ("net_%s_mac", inf->name); -+ grub_register_variable_hook (var, grub_efi_net_var_get_address, 0); -+ grub_env_export (var); -+ grub_free (var); -+ } -+ } -+} -+ -+static void -+grub_efi_net_unset_interface_vars (void) -+{ -+ struct grub_efi_net_device *dev; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ grub_efi_net_interface_t *inf; -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ { -+ char *var; -+ -+ var = grub_xasprintf ("net_%s_ip", inf->name); -+ grub_register_variable_hook (var, 0, 0); -+ grub_env_unset (var); -+ grub_free (var); -+ var = grub_xasprintf ("net_%s_mac", inf->name); -+ grub_register_variable_hook (var, 0, 0); -+ grub_env_unset (var); -+ grub_free (var); -+ } -+ } -+} -+ -+grub_efi_net_interface_t * -+grub_efi_net_create_interface (struct grub_efi_net_device *dev, -+ const char *interface_name, -+ grub_efi_net_ip_manual_address_t *net_ip, -+ int has_subnet) -+{ -+ grub_efi_net_interface_t *inf; -+ -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ { -+ if (inf->prefer_ip6 == net_ip->is_ip6) -+ break; -+ } -+ -+ if (!inf) -+ { -+ inf = grub_malloc (sizeof(*inf)); -+ inf->name = grub_strdup (interface_name); -+ inf->prefer_ip6 = net_ip->is_ip6; -+ inf->dev = dev; -+ inf->next = dev->net_interfaces; -+ inf->ip_config = (net_ip->is_ip6) ? efi_net_ip6_config : efi_net_ip4_config ; -+ dev->net_interfaces = inf; -+ } -+ else -+ { -+ grub_free (inf->name); -+ inf->name = grub_strdup (interface_name); -+ } -+ -+ if (!efi_net_interface_set_address (inf, net_ip, has_subnet)) -+ { -+ grub_error (GRUB_ERR_BUG, N_("Set Address Failed")); -+ return NULL; -+ } -+ -+ return inf; -+} -+ -+static void -+grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, -+ char **path) -+{ -+ grub_efi_handle_t config_hnd; -+ -+ struct grub_efi_net_device *netdev; -+ grub_efi_net_interface_t *inf; -+ -+ config_hnd = grub_efi_locate_device_path (&ip4_config_guid, grub_efi_get_device_path (hnd), NULL); -+ -+ if (!config_hnd) -+ return; -+ -+ for (netdev = net_devices; netdev; netdev = netdev->next) -+ if (netdev->handle == config_hnd) -+ break; -+ -+ if (!netdev) -+ return; -+ -+ if (!(inf = grub_efi_net_config_from_handle (hnd, netdev, device, path))) -+ return; -+ -+ grub_env_set ("net_default_interface", inf->name); -+ grub_efi_net_export_interface_vars (); -+} -+ -+static grub_err_t -+grub_efi_netfs_dir (grub_device_t device, const char *path __attribute__ ((unused)), -+ grub_fs_dir_hook_t hook __attribute__ ((unused)), -+ void *hook_data __attribute__ ((unused))) -+{ -+ if (!device->net) -+ return grub_error (GRUB_ERR_BUG, "invalid net device"); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_efi_netfs_open (struct grub_file *file_out __attribute__ ((unused)), -+ const char *name __attribute__ ((unused))) -+{ -+ struct grub_file *file, *bufio; -+ -+ file = grub_malloc (sizeof (*file)); -+ if (!file) -+ return grub_errno; -+ -+ grub_memcpy (file, file_out, sizeof (struct grub_file)); -+ file->device->net->name = grub_strdup (name); -+ -+ if (!file->device->net->name) -+ { -+ grub_free (file); -+ return grub_errno; -+ } -+ -+ efi_net_interface(open, file, name); -+ grub_print_error (); -+ -+ bufio = grub_bufio_open (file, 32768); -+ if (!bufio) -+ { -+ grub_free (file->device->net->name); -+ grub_free (file); -+ return grub_errno; -+ } -+ grub_memcpy (file_out, bufio, sizeof (struct grub_file)); -+ grub_free (bufio); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_ssize_t -+grub_efihttp_chunk_read (grub_file_t file, char *buf, -+ grub_size_t len, grub_size_t chunk_size) -+{ -+ char *chunk = grub_malloc (chunk_size); -+ grub_size_t sum = 0; -+ -+ while (len) -+ { -+ grub_ssize_t rd; -+ grub_size_t sz = (len > chunk_size) ? chunk_size : len; -+ -+ rd = efi_net_interface (read, file, chunk, sz); -+ -+ if (rd <= 0) -+ return rd; -+ -+ if (buf) -+ { -+ grub_memcpy (buf, chunk, rd); -+ buf += rd; -+ } -+ sum += rd; -+ len -= rd; -+ } -+ -+ grub_free (chunk); -+ return sum; -+} -+ -+static grub_ssize_t -+grub_efi_netfs_read (grub_file_t file __attribute__ ((unused)), -+ char *buf __attribute__ ((unused)), grub_size_t len __attribute__ ((unused))) -+{ -+ if (file->offset > file->device->net->offset) -+ { -+ grub_efihttp_chunk_read (file, NULL, file->offset - file->device->net->offset, 10240); -+ } -+ else if (file->offset < file->device->net->offset) -+ { -+ efi_net_interface (close, file); -+ efi_net_interface (open, file, file->device->net->name); -+ if (file->offset) -+ grub_efihttp_chunk_read (file, NULL, file->offset, 10240); -+ } -+ -+ return efi_net_interface (read, file, buf, len); -+} -+ -+static grub_err_t -+grub_efi_netfs_close (grub_file_t file) -+{ -+ efi_net_interface (close, file); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_efi_handle_t -+grub_efi_service_binding (grub_efi_handle_t dev, grub_efi_guid_t *service_binding_guid) -+{ -+ grub_efi_service_binding_t *service; -+ grub_efi_status_t status; -+ grub_efi_handle_t child_dev = NULL; -+ -+ service = grub_efi_open_protocol (dev, service_binding_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ if (!service) -+ { -+ grub_error (GRUB_ERR_IO, N_("couldn't open efi service binding protocol")); -+ return NULL; -+ } -+ -+ status = efi_call_2 (service->create_child, service, &child_dev); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_IO, N_("Failed to create child device of http service %x"), status); -+ return NULL; -+ } -+ -+ return child_dev; -+} -+ -+static grub_err_t -+grub_efi_net_parse_address (const char *address, -+ grub_efi_ip4_config2_manual_address_t *ip4, -+ grub_efi_ip6_config_manual_address_t *ip6, -+ int *is_ip6, -+ int *has_cidr) -+{ -+ const char *rest; -+ -+ if (grub_efi_string_to_ip4_address (address, &ip4->address, &rest)) -+ { -+ *is_ip6 = 0; -+ if (*rest == '/') -+ { -+ grub_uint32_t subnet_mask_size; -+ -+ subnet_mask_size = grub_strtoul (rest + 1, (char **) &rest, 0); -+ -+ if (!grub_errno && subnet_mask_size <= 32 && *rest == 0) -+ { -+ grub_uint32_t subnet_mask; -+ -+ subnet_mask = grub_cpu_to_be32 ((0xffffffffU << (32 - subnet_mask_size))); -+ grub_memcpy (ip4->subnet_mask, &subnet_mask, sizeof (ip4->subnet_mask)); -+ if (has_cidr) -+ *has_cidr = 1; -+ return GRUB_ERR_NONE; -+ } -+ } -+ else if (*rest == 0) -+ { -+ grub_uint32_t subnet_mask = 0xffffffffU; -+ grub_memcpy (ip4->subnet_mask, &subnet_mask, sizeof (ip4->subnet_mask)); -+ if (has_cidr) -+ *has_cidr = 0; -+ return GRUB_ERR_NONE; -+ } -+ } -+ else if (grub_efi_string_to_ip6_address (address, &ip6->address, &rest)) -+ { -+ *is_ip6 = 1; -+ if (*rest == '/') -+ { -+ grub_efi_uint8_t prefix_length; -+ -+ prefix_length = grub_strtoul (rest + 1, (char **) &rest, 0); -+ if (!grub_errno && prefix_length <= 128 && *rest == 0) -+ { -+ ip6->prefix_length = prefix_length; -+ ip6->is_anycast = 0; -+ if (has_cidr) -+ *has_cidr = 1; -+ return GRUB_ERR_NONE; -+ } -+ } -+ else if (*rest == 0) -+ { -+ ip6->prefix_length = 128; -+ ip6->is_anycast = 0; -+ if (has_cidr) -+ *has_cidr = 0; -+ return GRUB_ERR_NONE; -+ } -+ } -+ -+ return grub_error (GRUB_ERR_NET_BAD_ADDRESS, -+ N_("unrecognised network address `%s'"), -+ address); -+} -+ -+static grub_efi_net_interface_t * -+match_route (const char *server) -+{ -+ grub_err_t err; -+ grub_efi_ip4_config2_manual_address_t ip4; -+ grub_efi_ip6_config_manual_address_t ip6; -+ grub_efi_net_interface_t *inf; -+ int is_ip6 = 0; -+ -+ err = grub_efi_net_parse_address (server, &ip4, &ip6, &is_ip6, 0); -+ -+ if (err) -+ { -+ grub_print_error (); -+ return NULL; -+ } -+ -+ if (is_ip6) -+ { -+ struct grub_efi_net_device *dev; -+ grub_efi_net_ip_address_t addr; -+ -+ grub_memcpy (addr.ip6, ip6.address, sizeof(ip6.address)); -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ if ((inf = efi_net_ip6_config->best_interface (dev, &addr))) -+ return inf; -+ } -+ else -+ { -+ struct grub_efi_net_device *dev; -+ grub_efi_net_ip_address_t addr; -+ -+ grub_memcpy (addr.ip4, ip4.address, sizeof(ip4.address)); -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ if ((inf = efi_net_ip4_config->best_interface (dev, &addr))) -+ return inf; -+ } -+ -+ return 0; -+} -+ -+static void -+grub_efi_net_add_pxebc_to_cards (void) -+{ -+ grub_efi_uintn_t num_handles; -+ grub_efi_handle_t *handles; -+ grub_efi_handle_t *handle; -+ -+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &pxe_io_guid, -+ 0, &num_handles); -+ if (!handles) -+ return; -+ -+ for (handle = handles; num_handles--; handle++) -+ { -+ grub_efi_device_path_t *dp, *ddp, *ldp; -+ grub_efi_pxe_t *pxe; -+ struct grub_efi_net_device *d; -+ int is_ip6 = 0; -+ -+ dp = grub_efi_get_device_path (*handle); -+ if (!dp) -+ continue; -+ -+ ddp = grub_efi_duplicate_device_path (dp); -+ ldp = grub_efi_find_last_device_path (ddp); -+ -+ if (ldp->type == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE -+ && ldp->subtype == GRUB_EFI_IPV4_DEVICE_PATH_SUBTYPE) -+ { -+ ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ ldp->length = sizeof (*ldp); -+ } -+ else if (ldp->type == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE -+ && ldp->subtype == GRUB_EFI_IPV6_DEVICE_PATH_SUBTYPE) -+ { -+ is_ip6 = 1; -+ ldp->type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ ldp->subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ ldp->length = sizeof (*ldp); -+ } -+ -+ for (d = net_devices; d; d = d->next) -+ if (grub_efi_compare_device_paths (ddp, grub_efi_get_device_path (d->handle)) == 0) -+ break; -+ -+ if (!d) -+ { -+ grub_free (ddp); -+ continue; -+ } -+ -+ pxe = grub_efi_open_protocol (*handle, &pxe_io_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ -+ if (!pxe) -+ { -+ grub_free (ddp); -+ continue; -+ } -+ -+ if (is_ip6) -+ { -+ d->ip6_pxe_handle = *handle; -+ d->ip6_pxe = pxe; -+ } -+ else -+ { -+ d->ip4_pxe_handle = *handle; -+ d->ip4_pxe = pxe; -+ } -+ -+ grub_free (ddp); -+ } -+ -+ grub_free (handles); -+} -+ -+static void -+set_ip_policy_to_static (void) -+{ -+ struct grub_efi_net_device *dev; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ grub_efi_ip4_config2_policy_t ip4_policy = GRUB_EFI_IP4_CONFIG2_POLICY_STATIC; -+ -+ if (efi_call_4 (dev->ip4_config->set_data, dev->ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_POLICY, -+ sizeof (ip4_policy), &ip4_policy) != GRUB_EFI_SUCCESS) -+ grub_dprintf ("efinetfs", "could not set GRUB_EFI_IP4_CONFIG2_POLICY_STATIC on dev `%s'", dev->card_name); -+ -+ if (dev->ip6_config) -+ { -+ grub_efi_ip6_config_policy_t ip6_policy = GRUB_EFI_IP6_CONFIG_POLICY_MANUAL; -+ -+ if (efi_call_4 (dev->ip6_config->set_data, dev->ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_POLICY, -+ sizeof (ip6_policy), &ip6_policy) != GRUB_EFI_SUCCESS) -+ grub_dprintf ("efinetfs", "could not set GRUB_EFI_IP6_CONFIG_POLICY_MANUAL on dev `%s'", dev->card_name); -+ } -+ } -+} -+ -+/* FIXME: Do not fail if the card did not support any of the protocol (Eg http) */ -+static void -+grub_efi_net_find_cards (void) -+{ -+ grub_efi_uintn_t num_handles; -+ grub_efi_handle_t *handles; -+ grub_efi_handle_t *handle; -+ int id; -+ -+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, &ip4_config_guid, -+ 0, &num_handles); -+ if (!handles) -+ return; -+ -+ for (id = 0, handle = handles; num_handles--; handle++, id++) -+ { -+ grub_efi_device_path_t *dp; -+ grub_efi_ip4_config2_protocol_t *ip4_config; -+ grub_efi_ip6_config_protocol_t *ip6_config; -+ grub_efi_handle_t http_handle; -+ grub_efi_http_t *http; -+ grub_efi_handle_t dhcp4_handle; -+ grub_efi_dhcp4_protocol_t *dhcp4; -+ grub_efi_handle_t dhcp6_handle; -+ grub_efi_dhcp6_protocol_t *dhcp6; -+ -+ struct grub_efi_net_device *d; -+ -+ dp = grub_efi_get_device_path (*handle); -+ if (!dp) -+ continue; -+ -+ ip4_config = grub_efi_open_protocol (*handle, &ip4_config_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ if (!ip4_config) -+ continue; -+ -+ ip6_config = grub_efi_open_protocol (*handle, &ip6_config_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ -+ http_handle = grub_efi_service_binding (*handle, &http_service_binding_guid); -+ grub_errno = GRUB_ERR_NONE; -+ http = (http_handle) -+ ? grub_efi_open_protocol (http_handle, &http_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL) -+ : NULL; -+ -+ dhcp4_handle = grub_efi_service_binding (*handle, &dhcp4_service_binding_guid); -+ grub_errno = GRUB_ERR_NONE; -+ dhcp4 = (dhcp4_handle) -+ ? grub_efi_open_protocol (dhcp4_handle, &dhcp4_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL) -+ : NULL; -+ -+ -+ dhcp6_handle = grub_efi_service_binding (*handle, &dhcp6_service_binding_guid); -+ grub_errno = GRUB_ERR_NONE; -+ dhcp6 = (dhcp6_handle) -+ ? grub_efi_open_protocol (dhcp6_handle, &dhcp6_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL) -+ : NULL; -+ -+ d = grub_malloc (sizeof (*d)); -+ if (!d) -+ { -+ grub_free (handles); -+ while (net_devices) -+ { -+ d = net_devices->next; -+ grub_free (net_devices); -+ net_devices = d; -+ } -+ return; -+ } -+ d->handle = *handle; -+ d->ip4_config = ip4_config; -+ d->ip6_config = ip6_config; -+ d->http_handle = http_handle; -+ d->http = http; -+ d->dhcp4_handle = dhcp4_handle; -+ d->dhcp4 = dhcp4; -+ d->dhcp6_handle = dhcp6_handle; -+ d->dhcp6 = dhcp6; -+ d->next = net_devices; -+ d->card_name = grub_xasprintf ("efinet%d", id); -+ d->net_interfaces = NULL; -+ net_devices = d; -+ } -+ -+ grub_efi_net_add_pxebc_to_cards (); -+ grub_free (handles); -+ set_ip_policy_to_static (); -+} -+ -+static void -+listroutes_ip4 (struct grub_efi_net_device *netdev) -+{ -+ char **routes; -+ -+ routes = NULL; -+ -+ if ((routes = efi_net_ip4_config->get_route_table (netdev))) -+ { -+ char **r; -+ -+ for (r = routes; *r; ++r) -+ grub_printf ("%s\n", *r); -+ } -+ -+ if (routes) -+ { -+ char **r; -+ -+ for (r = routes; *r; ++r) -+ grub_free (*r); -+ grub_free (routes); -+ } -+} -+ -+static void -+listroutes_ip6 (struct grub_efi_net_device *netdev) -+{ -+ char **routes; -+ -+ routes = NULL; -+ -+ if ((routes = efi_net_ip6_config->get_route_table (netdev))) -+ { -+ char **r; -+ -+ for (r = routes; *r; ++r) -+ grub_printf ("%s\n", *r); -+ } -+ -+ if (routes) -+ { -+ char **r; -+ -+ for (r = routes; *r; ++r) -+ grub_free (*r); -+ grub_free (routes); -+ } -+} -+ -+static grub_err_t -+grub_cmd_efi_listroutes (struct grub_command *cmd __attribute__ ((unused)), -+ int argc __attribute__ ((unused)), -+ char **args __attribute__ ((unused))) -+{ -+ struct grub_efi_net_device *netdev; -+ -+ for (netdev = net_devices; netdev; netdev = netdev->next) -+ { -+ listroutes_ip4 (netdev); -+ listroutes_ip6 (netdev); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+static grub_err_t -+grub_cmd_efi_listcards (struct grub_command *cmd __attribute__ ((unused)), -+ int argc __attribute__ ((unused)), -+ char **args __attribute__ ((unused))) -+{ -+ struct grub_efi_net_device *dev; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ char *hw_addr; -+ -+ hw_addr = efi_net_ip4_config->get_hw_address (dev); -+ -+ if (hw_addr) -+ { -+ grub_printf ("%s %s\n", dev->card_name, hw_addr); -+ grub_free (hw_addr); -+ } -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_efi_listaddrs (struct grub_command *cmd __attribute__ ((unused)), -+ int argc __attribute__ ((unused)), -+ char **args __attribute__ ((unused))) -+{ -+ struct grub_efi_net_device *dev; -+ grub_efi_net_interface_t *inf; -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ for (inf = dev->net_interfaces; inf; inf = inf->next) -+ { -+ char *hw_addr = NULL; -+ char *addr = NULL; -+ -+ if ((hw_addr = efi_net_interface_get_hw_address (inf)) -+ && (addr = efi_net_interface_get_address (inf))) -+ grub_printf ("%s %s %s\n", inf->name, hw_addr, addr); -+ -+ if (hw_addr) -+ grub_free (hw_addr); -+ if (addr) -+ grub_free (addr); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+/* FIXME: support MAC specifying. */ -+static grub_err_t -+grub_cmd_efi_addaddr (struct grub_command *cmd __attribute__ ((unused)), -+ int argc, char **args) -+{ -+ struct grub_efi_net_device *dev; -+ grub_err_t err; -+ grub_efi_ip4_config2_manual_address_t ip4; -+ grub_efi_ip6_config_manual_address_t ip6; -+ grub_efi_net_ip_manual_address_t net_ip; -+ int is_ip6 = 0; -+ int cidr = 0; -+ -+ if (argc != 3) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("three arguments expected")); -+ -+ for (dev = net_devices; dev; dev = dev->next) -+ { -+ if (grub_strcmp (dev->card_name, args[1]) == 0) -+ break; -+ } -+ -+ if (!dev) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("card not found")); -+ -+ err = grub_efi_net_parse_address (args[2], &ip4, &ip6, &is_ip6, &cidr); -+ -+ if (err) -+ return err; -+ -+ net_ip.is_ip6 = is_ip6; -+ if (is_ip6) -+ grub_memcpy (&net_ip.ip6, &ip6, sizeof(net_ip.ip6)); -+ else -+ grub_memcpy (&net_ip.ip4, &ip4, sizeof(net_ip.ip4)); -+ -+ if (!grub_efi_net_create_interface (dev, -+ args[0], -+ &net_ip, -+ cidr)) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static struct grub_fs grub_efi_netfs; -+ -+static grub_net_t -+grub_net_open_real (const char *name __attribute__ ((unused))) -+{ -+ grub_size_t protnamelen; -+ const char *protname, *server; -+ grub_net_t ret; -+ -+ net_interface = NULL; -+ -+ if (grub_strncmp (name, "pxe:", sizeof ("pxe:") - 1) == 0) -+ { -+ protname = "tftp"; -+ protnamelen = sizeof ("tftp") - 1; -+ server = name + sizeof ("pxe:") - 1; -+ } -+ else if (grub_strcmp (name, "pxe") == 0) -+ { -+ protname = "tftp"; -+ protnamelen = sizeof ("tftp") - 1; -+ server = default_server; -+ } -+ else -+ { -+ const char *comma; -+ -+ comma = grub_strchr (name, ','); -+ if (comma) -+ { -+ protnamelen = comma - name; -+ server = comma + 1; -+ protname = name; -+ } -+ else -+ { -+ protnamelen = grub_strlen (name); -+ server = default_server; -+ protname = name; -+ } -+ } -+ -+ if (!server) -+ { -+ grub_error (GRUB_ERR_NET_BAD_ADDRESS, -+ N_("no server is specified")); -+ return NULL; -+ } -+ -+ /*FIXME: Use DNS translate name to address */ -+ net_interface = match_route (server); -+ -+ /*XXX: should we check device with default gateway ? */ -+ if (!net_interface && !(net_interface = net_default_interface)) -+ { -+ grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("disk `%s' no route found"), -+ name); -+ return NULL; -+ } -+ -+ if ((protnamelen == (sizeof ("https") - 1) -+ && grub_memcmp ("https", protname, protnamelen) == 0)) -+ { -+ net_interface->io = &io_http; -+ net_interface->io_type = 1; -+ } -+ else if ((protnamelen == (sizeof ("http") - 1) -+ && grub_memcmp ("http", protname, protnamelen) == 0)) -+ { -+ net_interface->io = &io_http; -+ net_interface->io_type = 0; -+ } -+ else if (protnamelen == (sizeof ("tftp") - 1) -+ && grub_memcmp ("tftp", protname, protnamelen) == 0) -+ { -+ net_interface->io = &io_pxe; -+ net_interface->io_type = 0; -+ } -+ else -+ { -+ grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("disk `%s' not found"), -+ name); -+ return NULL; -+ } -+ -+ /*XXX: Should we try to avoid doing excess "reconfigure" here ??? */ -+ efi_net_interface (configure); -+ -+ ret = grub_zalloc (sizeof (*ret)); -+ if (!ret) -+ return NULL; -+ -+ ret->server = grub_strdup (server); -+ if (!ret->server) -+ { -+ grub_free (ret); -+ return NULL; -+ } -+ -+ ret->fs = &grub_efi_netfs; -+ return ret; -+} -+#if 0 -+static grub_command_t cmd_efi_lsaddr; -+static grub_command_t cmd_efi_lscards; -+static grub_command_t cmd_efi_lsroutes; -+static grub_command_t cmd_efi_addaddr; -+#endif -+ -+static struct grub_fs grub_efi_netfs = -+ { -+ .name = "efi netfs", -+ .fs_dir = grub_efi_netfs_dir, -+ .fs_open = grub_efi_netfs_open, -+ .fs_read = grub_efi_netfs_read, -+ .fs_close = grub_efi_netfs_close, -+ .fs_label = NULL, -+ .fs_uuid = NULL, -+ .fs_mtime = NULL, -+ }; -+ -+int -+grub_efi_net_boot_from_https (void) -+{ -+ grub_efi_loaded_image_t *image = NULL; -+ grub_efi_device_path_t *dp; -+ -+ image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!image) -+ return 0; -+ -+ dp = grub_efi_get_device_path (image->device_handle); -+ -+ while (1) -+ { -+ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); -+ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); -+ grub_efi_uint16_t len = GRUB_EFI_DEVICE_PATH_LENGTH (dp); -+ -+ if ((type == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE) -+ && (subtype == GRUB_EFI_URI_DEVICE_PATH_SUBTYPE)) -+ { -+ grub_efi_uri_device_path_t *uri_dp = (grub_efi_uri_device_path_t *) dp; -+ return (grub_strncmp ((const char*)uri_dp->uri, "https://", sizeof ("https://") - 1) == 0) ? 1 : 0; -+ } -+ -+ if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp)) -+ break; -+ dp = (grub_efi_device_path_t *) ((char *) dp + len); -+ } -+ -+ return 0; -+} -+ -+int -+grub_efi_net_boot_from_opa (void) -+{ -+ grub_efi_loaded_image_t *image = NULL; -+ grub_efi_device_path_t *dp; -+ -+ image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (!image) -+ return 0; -+ -+ dp = grub_efi_get_device_path (image->device_handle); -+ -+ while (1) -+ { -+ grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp); -+ grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp); -+ grub_efi_uint16_t len = GRUB_EFI_DEVICE_PATH_LENGTH (dp); -+ -+ if ((type == GRUB_EFI_MESSAGING_DEVICE_PATH_TYPE) -+ && (subtype == GRUB_EFI_MAC_ADDRESS_DEVICE_PATH_SUBTYPE)) -+ { -+ grub_efi_mac_address_device_path_t *mac_dp = (grub_efi_mac_address_device_path_t *)dp; -+ return (mac_dp->if_type == 0xC7) ? 1 : 0; -+ } -+ -+ if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp)) -+ break; -+ dp = (grub_efi_device_path_t *) ((char *) dp + len); -+ } -+ -+ return 0; -+} -+ -+static char * -+grub_env_write_readonly (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ return NULL; -+} -+ -+grub_command_func_t grub_efi_net_list_routes = grub_cmd_efi_listroutes; -+grub_command_func_t grub_efi_net_list_cards = grub_cmd_efi_listcards; -+grub_command_func_t grub_efi_net_list_addrs = grub_cmd_efi_listaddrs; -+grub_command_func_t grub_efi_net_add_addr = grub_cmd_efi_addaddr; -+ -+int -+grub_efi_net_fs_init () -+{ -+ grub_efi_net_find_cards (); -+ grub_efi_net_config = grub_efi_net_config_real; -+ grub_net_open = grub_net_open_real; -+ grub_register_variable_hook ("net_default_server", grub_efi_net_var_get_server, -+ grub_efi_net_var_set_server); -+ grub_env_export ("net_default_server"); -+ grub_register_variable_hook ("pxe_default_server", grub_efi_net_var_get_server, -+ grub_efi_net_var_set_server); -+ grub_env_export ("pxe_default_server"); -+ grub_register_variable_hook ("net_default_interface", 0, -+ grub_efi_net_var_set_interface); -+ grub_env_export ("net_default_interface"); -+ grub_register_variable_hook ("net_default_ip", grub_efi_net_var_get_ip, -+ 0); -+ grub_env_export ("net_default_ip"); -+ grub_register_variable_hook ("net_default_mac", grub_efi_net_var_get_mac, -+ 0); -+ grub_env_export ("net_default_mac"); -+ -+ grub_env_set ("grub_netfs_type", "efi"); -+ grub_register_variable_hook ("grub_netfs_type", 0, grub_env_write_readonly); -+ grub_env_export ("grub_netfs_type"); -+ -+ return 1; -+} -+ -+void -+grub_efi_net_fs_fini (void) -+{ -+ grub_env_unset ("grub_netfs_type"); -+ grub_efi_net_unset_interface_vars (); -+ grub_register_variable_hook ("net_default_server", 0, 0); -+ grub_env_unset ("net_default_server"); -+ grub_register_variable_hook ("net_default_interface", 0, 0); -+ grub_env_unset ("net_default_interface"); -+ grub_register_variable_hook ("pxe_default_server", 0, 0); -+ grub_env_unset ("pxe_default_server"); -+ grub_register_variable_hook ("net_default_ip", 0, 0); -+ grub_env_unset ("net_default_ip"); -+ grub_register_variable_hook ("net_default_mac", 0, 0); -+ grub_env_unset ("net_default_mac"); -+ grub_efi_net_config = NULL; -+ grub_net_open = NULL; -+ grub_fs_unregister (&grub_efi_netfs); -+} -diff --git a/grub-core/net/efi/pxe.c b/grub-core/net/efi/pxe.c -new file mode 100644 -index 00000000000..531949cba5c ---- /dev/null -+++ b/grub-core/net/efi/pxe.c -@@ -0,0 +1,424 @@ -+ -+#include -+#include -+#include -+#include -+#include -+ -+static grub_efi_ip6_config_manual_address_t * -+efi_ip6_config_manual_address (grub_efi_ip6_config_protocol_t *ip6_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip6_config_manual_address_t *manual_address; -+ -+ sz = sizeof (*manual_address); -+ manual_address = grub_malloc (sz); -+ if (!manual_address) -+ return NULL; -+ -+ status = efi_call_4 (ip6_config->get_data, ip6_config, -+ GRUB_EFI_IP6_CONFIG_DATA_TYPE_MANUAL_ADDRESS, -+ &sz, manual_address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (manual_address); -+ return NULL; -+ } -+ -+ return manual_address; -+} -+ -+static grub_efi_ip4_config2_manual_address_t * -+efi_ip4_config_manual_address (grub_efi_ip4_config2_protocol_t *ip4_config) -+{ -+ grub_efi_uintn_t sz; -+ grub_efi_status_t status; -+ grub_efi_ip4_config2_manual_address_t *manual_address; -+ -+ sz = sizeof (*manual_address); -+ manual_address = grub_malloc (sz); -+ if (!manual_address) -+ return NULL; -+ -+ status = efi_call_4 (ip4_config->get_data, ip4_config, -+ GRUB_EFI_IP4_CONFIG2_DATA_TYPE_MANUAL_ADDRESS, -+ &sz, manual_address); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_free (manual_address); -+ return NULL; -+ } -+ -+ return manual_address; -+} -+ -+static void -+pxe_configure (struct grub_efi_net_device *dev, int prefer_ip6) -+{ -+ grub_efi_pxe_t *pxe = (prefer_ip6) ? dev->ip6_pxe : dev->ip4_pxe; -+ -+ grub_efi_pxe_mode_t *mode = pxe->mode; -+ -+ if (!mode->started) -+ { -+ grub_efi_status_t status; -+ status = efi_call_2 (pxe->start, pxe, prefer_ip6); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ grub_printf ("Couldn't start PXE\n"); -+ } -+ -+#if 0 -+ grub_printf ("PXE STARTED: %u\n", mode->started); -+ grub_printf ("PXE USING IPV6: %u\n", mode->using_ipv6); -+#endif -+ -+ if (mode->using_ipv6) -+ { -+ grub_efi_ip6_config_manual_address_t *manual_address; -+ manual_address = efi_ip6_config_manual_address (dev->ip6_config); -+ -+ if (manual_address && -+ grub_memcmp (manual_address->address, mode->station_ip.v6, sizeof (manual_address->address)) != 0) -+ { -+ grub_efi_status_t status; -+ grub_efi_pxe_ip_address_t station_ip; -+ -+ grub_memcpy (station_ip.v6.addr, manual_address->address, sizeof (station_ip.v6.addr)); -+ status = efi_call_3 (pxe->set_station_ip, pxe, &station_ip, NULL); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ grub_printf ("Couldn't set station ip\n"); -+ -+ grub_free (manual_address); -+ } -+ } -+ else -+ { -+ grub_efi_ip4_config2_manual_address_t *manual_address; -+ manual_address = efi_ip4_config_manual_address (dev->ip4_config); -+ -+ if (manual_address && -+ grub_memcmp (manual_address->address, mode->station_ip.v4, sizeof (manual_address->address)) != 0) -+ { -+ grub_efi_status_t status; -+ grub_efi_pxe_ip_address_t station_ip; -+ grub_efi_pxe_ip_address_t subnet_mask; -+ -+ grub_memcpy (station_ip.v4.addr, manual_address->address, sizeof (station_ip.v4.addr)); -+ grub_memcpy (subnet_mask.v4.addr, manual_address->subnet_mask, sizeof (subnet_mask.v4.addr)); -+ -+ status = efi_call_3 (pxe->set_station_ip, pxe, &station_ip, &subnet_mask); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ grub_printf ("Couldn't set station ip\n"); -+ -+ grub_free (manual_address); -+ } -+ } -+ -+#if 0 -+ if (mode->using_ipv6) -+ { -+ grub_printf ("PXE STATION IP: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n", -+ mode->station_ip.v6.addr[0], -+ mode->station_ip.v6.addr[1], -+ mode->station_ip.v6.addr[2], -+ mode->station_ip.v6.addr[3], -+ mode->station_ip.v6.addr[4], -+ mode->station_ip.v6.addr[5], -+ mode->station_ip.v6.addr[6], -+ mode->station_ip.v6.addr[7], -+ mode->station_ip.v6.addr[8], -+ mode->station_ip.v6.addr[9], -+ mode->station_ip.v6.addr[10], -+ mode->station_ip.v6.addr[11], -+ mode->station_ip.v6.addr[12], -+ mode->station_ip.v6.addr[13], -+ mode->station_ip.v6.addr[14], -+ mode->station_ip.v6.addr[15]); -+ } -+ else -+ { -+ grub_printf ("PXE STATION IP: %d.%d.%d.%d\n", -+ mode->station_ip.v4.addr[0], -+ mode->station_ip.v4.addr[1], -+ mode->station_ip.v4.addr[2], -+ mode->station_ip.v4.addr[3]); -+ grub_printf ("PXE SUBNET MASK: %d.%d.%d.%d\n", -+ mode->subnet_mask.v4.addr[0], -+ mode->subnet_mask.v4.addr[1], -+ mode->subnet_mask.v4.addr[2], -+ mode->subnet_mask.v4.addr[3]); -+ } -+#endif -+ -+ /* TODO: Set The Station IP to the IP2 Config */ -+} -+ -+static int -+parse_ip6 (const char *val, grub_uint64_t *ip, const char **rest) -+{ -+ grub_uint16_t newip[8]; -+ const char *ptr = val; -+ int word, quaddot = -1; -+ int bracketed = 0; -+ -+ if (ptr[0] == '[') { -+ bracketed = 1; -+ ptr++; -+ } -+ -+ if (ptr[0] == ':' && ptr[1] != ':') -+ return 0; -+ if (ptr[0] == ':') -+ ptr++; -+ -+ for (word = 0; word < 8; word++) -+ { -+ unsigned long t; -+ if (*ptr == ':') -+ { -+ quaddot = word; -+ word--; -+ ptr++; -+ continue; -+ } -+ t = grub_strtoul (ptr, (char **) &ptr, 16); -+ if (grub_errno) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ break; -+ } -+ if (t & ~0xffff) -+ return 0; -+ newip[word] = grub_cpu_to_be16 (t); -+ if (*ptr != ':') -+ break; -+ ptr++; -+ } -+ if (quaddot == -1 && word < 7) -+ return 0; -+ if (quaddot != -1) -+ { -+ grub_memmove (&newip[quaddot + 7 - word], &newip[quaddot], -+ (word - quaddot + 1) * sizeof (newip[0])); -+ grub_memset (&newip[quaddot], 0, (7 - word) * sizeof (newip[0])); -+ } -+ grub_memcpy (ip, newip, 16); -+ if (bracketed && *ptr == ']') { -+ ptr++; -+ } -+ if (rest) -+ *rest = ptr; -+ return 1; -+} -+ -+static grub_err_t -+pxe_open (struct grub_efi_net_device *dev, -+ int prefer_ip6, -+ grub_file_t file, -+ const char *filename, -+ int type __attribute__((unused))) -+{ -+ int i; -+ char *p; -+ grub_efi_status_t status; -+ grub_efi_pxe_ip_address_t server_ip; -+ grub_efi_uint64_t file_size = 0; -+ grub_efi_pxe_t *pxe = (prefer_ip6) ? dev->ip6_pxe : dev->ip4_pxe; -+ -+ if (pxe->mode->using_ipv6) -+ { -+ const char *rest; -+ grub_uint64_t ip6[2]; -+ if (parse_ip6 (file->device->net->server, ip6, &rest) && *rest == 0) -+ grub_memcpy (server_ip.v6.addr, ip6, sizeof (server_ip.v6.addr)); -+ /* TODO: ERROR Handling Here */ -+#if 0 -+ grub_printf ("PXE SERVER IP: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n", -+ server_ip.v6.addr[0], -+ server_ip.v6.addr[1], -+ server_ip.v6.addr[2], -+ server_ip.v6.addr[3], -+ server_ip.v6.addr[4], -+ server_ip.v6.addr[5], -+ server_ip.v6.addr[6], -+ server_ip.v6.addr[7], -+ server_ip.v6.addr[8], -+ server_ip.v6.addr[9], -+ server_ip.v6.addr[10], -+ server_ip.v6.addr[11], -+ server_ip.v6.addr[12], -+ server_ip.v6.addr[13], -+ server_ip.v6.addr[14], -+ server_ip.v6.addr[15]); -+#endif -+ } -+ else -+ { -+ for (i = 0, p = file->device->net->server; i < 4; ++i, ++p) -+ server_ip.v4.addr[i] = grub_strtoul (p, &p, 10); -+ } -+ -+ status = efi_call_10 (pxe->mtftp, -+ pxe, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_GET_FILE_SIZE, -+ NULL, -+ 0, -+ &file_size, -+ NULL, -+ &server_ip, -+ (grub_efi_char8_t *)filename, -+ NULL, -+ 0); -+ -+ if (status != GRUB_EFI_SUCCESS) -+ return grub_error (GRUB_ERR_IO, "Couldn't get file size"); -+ -+ file->size = (grub_off_t)file_size; -+ file->not_easily_seekable = 0; -+ file->data = 0; -+ file->device->net->offset = 0; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+pxe_close (struct grub_efi_net_device *dev __attribute__((unused)), -+ int prefer_ip6 __attribute__((unused)), -+ grub_file_t file __attribute__((unused))) -+{ -+ file->offset = 0; -+ file->size = 0; -+ file->device->net->offset = 0; -+ -+ if (file->data) -+ { -+ grub_free (file->data); -+ file->data = NULL; -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_ssize_t -+pxe_read (struct grub_efi_net_device *dev, -+ int prefer_ip6, -+ grub_file_t file, -+ char *buf, -+ grub_size_t len) -+{ -+ int i; -+ char *p; -+ grub_efi_status_t status; -+ grub_efi_pxe_t *pxe = (prefer_ip6) ? dev->ip6_pxe : dev->ip4_pxe; -+ grub_efi_uint64_t bufsz = len; -+ grub_efi_pxe_ip_address_t server_ip; -+ char *buf2 = NULL; -+ -+ if (file->data) -+ { -+ /* TODO: RANGE Check for offset and file size */ -+ grub_memcpy (buf, (char*)file->data + file->device->net->offset, len); -+ file->device->net->offset += len; -+ return len; -+ } -+ -+ if (file->device->net->offset) -+ { -+ grub_error (GRUB_ERR_BUG, "No Offet Read Possible"); -+ grub_print_error (); -+ return 0; -+ } -+ -+ if (pxe->mode->using_ipv6) -+ { -+ const char *rest; -+ grub_uint64_t ip6[2]; -+ if (parse_ip6 (file->device->net->server, ip6, &rest) && *rest == 0) -+ grub_memcpy (server_ip.v6.addr, ip6, sizeof (server_ip.v6.addr)); -+ /* TODO: ERROR Handling Here */ -+ } -+ else -+ { -+ for (i = 0, p = file->device->net->server; i < 4; ++i, ++p) -+ server_ip.v4.addr[i] = grub_strtoul (p, &p, 10); -+ } -+ -+ status = efi_call_10 (pxe->mtftp, -+ pxe, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_READ_FILE, -+ buf, -+ 0, -+ &bufsz, -+ NULL, -+ &server_ip, -+ (grub_efi_char8_t *)file->device->net->name, -+ NULL, -+ 0); -+ -+ if (bufsz != file->size) -+ { -+ grub_error (GRUB_ERR_BUG, "Short read should not happen here"); -+ grub_print_error (); -+ return 0; -+ } -+ -+ if (status == GRUB_EFI_BUFFER_TOO_SMALL) -+ { -+ -+ buf2 = grub_malloc (bufsz); -+ -+ if (!buf2) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "ERROR OUT OF MEMORY"); -+ grub_print_error (); -+ return 0; -+ } -+ -+ status = efi_call_10 (pxe->mtftp, -+ pxe, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_READ_FILE, -+ buf2, -+ 0, -+ &bufsz, -+ NULL, -+ &server_ip, -+ (grub_efi_char8_t *)file->device->net->name, -+ NULL, -+ 0); -+ } -+ -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (buf2) -+ grub_free (buf2); -+ -+ grub_error (GRUB_ERR_IO, "Failed to Read File"); -+ grub_print_error (); -+ return 0; -+ } -+ -+ if (buf2) -+ grub_memcpy (buf, buf2, len); -+ -+ file->device->net->offset = len; -+ -+ if (buf2) -+ file->data = buf2; -+ -+ return len; -+} -+ -+struct grub_efi_net_io io_pxe = -+ { -+ .configure = pxe_configure, -+ .open = pxe_open, -+ .read = pxe_read, -+ .close = pxe_close -+ }; -+ -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 0ce5e675ed7..55aed92722c 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -32,6 +32,9 @@ - #include - #include - #include -+#ifdef GRUB_MACHINE_EFI -+#include -+#endif - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -2033,8 +2036,49 @@ static grub_command_t cmd_addaddr, cmd_deladdr, cmd_addroute, cmd_delroute; - static grub_command_t cmd_lsroutes, cmd_lscards; - static grub_command_t cmd_lsaddr, cmd_slaac; - -+#ifdef GRUB_MACHINE_EFI -+ -+static enum { -+ INIT_MODE_NONE, -+ INIT_MODE_GRUB, -+ INIT_MODE_EFI -+} init_mode; -+ -+static grub_command_t cmd_bootp, cmd_bootp6; -+ -+#endif -+ - GRUB_MOD_INIT(net) - { -+#ifdef GRUB_MACHINE_EFI -+ if (grub_net_open) -+ return; -+ -+ if ((grub_efi_net_boot_from_https () || grub_efi_net_boot_from_opa ()) -+ && grub_efi_net_fs_init ()) -+ { -+ cmd_lsroutes = grub_register_command ("net_ls_routes", grub_efi_net_list_routes, -+ "", N_("list network routes")); -+ cmd_lscards = grub_register_command ("net_ls_cards", grub_efi_net_list_cards, -+ "", N_("list network cards")); -+ cmd_lsaddr = grub_register_command ("net_ls_addr", grub_efi_net_list_addrs, -+ "", N_("list network addresses")); -+ cmd_addaddr = grub_register_command ("net_add_addr", grub_efi_net_add_addr, -+ /* TRANSLATORS: HWADDRESS stands for -+ "hardware address". */ -+ N_("SHORTNAME CARD ADDRESS [HWADDRESS]"), -+ N_("Add a network address.")); -+ cmd_bootp = grub_register_command ("net_bootp", grub_efi_net_bootp, -+ N_("[CARD]"), -+ N_("perform a bootp autoconfiguration")); -+ cmd_bootp6 = grub_register_command ("net_bootp6", grub_efi_net_bootp6, -+ N_("[CARD]"), -+ N_("perform a bootp autoconfiguration")); -+ init_mode = INIT_MODE_EFI; -+ return; -+ } -+#endif -+ - grub_register_variable_hook ("net_default_server", defserver_get_env, - defserver_set_env); - grub_env_export ("net_default_server"); -@@ -2082,10 +2126,37 @@ GRUB_MOD_INIT(net) - grub_net_restore_hw, - GRUB_LOADER_PREBOOT_HOOK_PRIO_DISK); - grub_net_poll_cards_idle = grub_net_poll_cards_idle_real; -+ -+#ifdef GRUB_MACHINE_EFI -+ grub_env_set ("grub_netfs_type", "grub"); -+ grub_register_variable_hook ("grub_netfs_type", 0, grub_env_write_readonly); -+ grub_env_export ("grub_netfs_type"); -+ init_mode = INIT_MODE_GRUB; -+#endif -+ - } - - GRUB_MOD_FINI(net) - { -+ -+#ifdef GRUB_MACHINE_EFI -+ if (init_mode == INIT_MODE_NONE) -+ return; -+ -+ if (init_mode == INIT_MODE_EFI) -+ { -+ grub_unregister_command (cmd_lsroutes); -+ grub_unregister_command (cmd_lscards); -+ grub_unregister_command (cmd_lsaddr); -+ grub_unregister_command (cmd_addaddr); -+ grub_unregister_command (cmd_bootp); -+ grub_unregister_command (cmd_bootp6); -+ grub_efi_net_fs_fini (); -+ init_mode = INIT_MODE_NONE; -+ return; -+ } -+#endif -+ - grub_register_variable_hook ("net_default_server", 0, 0); - grub_register_variable_hook ("pxe_default_server", 0, 0); - -@@ -2104,4 +2175,7 @@ GRUB_MOD_FINI(net) - grub_net_fini_hw (0); - grub_loader_unregister_preboot_hook (fini_hnd); - grub_net_poll_cards_idle = grub_net_poll_cards_idle_real; -+#ifdef GRUB_MACHINE_EFI -+ init_mode = INIT_MODE_NONE; -+#endif - } -diff --git a/util/grub-mknetdir.c b/util/grub-mknetdir.c -index a2461cda1c4..77958dd9dd5 100644 ---- a/util/grub-mknetdir.c -+++ b/util/grub-mknetdir.c -@@ -32,13 +32,15 @@ - - static char *rootdir = NULL, *subdir = NULL; - static char *debug_image = NULL; -+static char efi_netfs = 0; - - enum - { - OPTION_NET_DIRECTORY = 0x301, - OPTION_SUBDIR, - OPTION_DEBUG, -- OPTION_DEBUG_IMAGE -+ OPTION_DEBUG_IMAGE, -+ OPTION_DEBUG_EFI_NETFS - }; - - static struct argp_option options[] = { -@@ -49,6 +51,7 @@ static struct argp_option options[] = { - 0, N_("relative subdirectory on network server"), 2}, - {"debug", OPTION_DEBUG, 0, OPTION_HIDDEN, 0, 2}, - {"debug-image", OPTION_DEBUG_IMAGE, N_("STRING"), OPTION_HIDDEN, 0, 2}, -+ {"debug-efi-netfs", OPTION_DEBUG_EFI_NETFS, 0, OPTION_HIDDEN, 0, 2}, - {0, 0, 0, 0, 0, 0} - }; - -@@ -67,6 +70,9 @@ argp_parser (int key, char *arg, struct argp_state *state) - free (subdir); - subdir = xstrdup (arg); - return 0; -+ case OPTION_DEBUG_EFI_NETFS: -+ efi_netfs = 1; -+ return 0; - /* This is an undocumented feature... */ - case OPTION_DEBUG: - verbosity++; -@@ -82,7 +88,6 @@ argp_parser (int key, char *arg, struct argp_state *state) - } - } - -- - struct argp argp = { - options, argp_parser, NULL, - "\v"N_("Prepares GRUB network boot images at net_directory/subdir " -@@ -92,7 +97,7 @@ struct argp argp = { - - static char *base; - --static const struct -+static struct - { - const char *mkimage_target; - const char *netmodule; -@@ -156,6 +161,7 @@ process_input_dir (const char *input_dir, enum grub_install_plat platform) - grub_install_push_module (targets[platform].netmodule); - - output = grub_util_path_concat_ext (2, grubdir, "core", targets[platform].ext); -+ - grub_install_make_image_wrap (input_dir, prefix, output, - 0, load_cfg, - targets[platform].mkimage_target, 0); -@@ -195,7 +201,16 @@ main (int argc, char *argv[]) - - grub_install_mkdir_p (base); - -- grub_install_push_module ("tftp"); -+ if (!efi_netfs) -+ { -+ grub_install_push_module ("tftp"); -+ grub_install_push_module ("http"); -+ } -+ else -+ { -+ targets[GRUB_INSTALL_PLATFORM_I386_EFI].netmodule = "efi_netfs"; -+ targets[GRUB_INSTALL_PLATFORM_X86_64_EFI].netmodule = "efi_netfs"; -+ } - - if (!grub_install_source_directory) - { -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index 0b490195ad9..f431f49973e 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -622,6 +622,23 @@ typedef union - - typedef grub_efi_uint64_t grub_efi_physical_address_t; - typedef grub_efi_uint64_t grub_efi_virtual_address_t; -+typedef struct { -+ grub_uint8_t addr[4]; -+} grub_efi_pxe_ipv4_address_t; -+ -+typedef struct { -+ grub_uint8_t addr[16]; -+} grub_efi_pxe_ipv6_address_t; -+ -+typedef struct { -+ grub_uint8_t addr[32]; -+} grub_efi_pxe_mac_address_t; -+ -+typedef union { -+ grub_uint32_t addr[4]; -+ grub_efi_pxe_ipv4_address_t v4; -+ grub_efi_pxe_ipv6_address_t v6; -+} grub_efi_pxe_ip_address_t; - - struct grub_efi_guid - { -@@ -889,6 +906,8 @@ struct grub_efi_ipv6_device_path - grub_efi_uint16_t remote_port; - grub_efi_uint16_t protocol; - grub_efi_uint8_t static_ip_address; -+ grub_efi_uint8_t prefix_length; -+ grub_efi_ipv6_address_t gateway_ip_address; - } GRUB_PACKED; - typedef struct grub_efi_ipv6_device_path grub_efi_ipv6_device_path_t; - -@@ -938,6 +957,15 @@ struct grub_efi_uri_device_path - } GRUB_PACKED; - typedef struct grub_efi_uri_device_path grub_efi_uri_device_path_t; - -+#define GRUB_EFI_DNS_DEVICE_PATH_SUBTYPE 31 -+struct grub_efi_dns_device_path -+{ -+ grub_efi_device_path_t header; -+ grub_efi_uint8_t is_ipv6; -+ grub_efi_pxe_ip_address_t dns_server_ip[0]; -+} GRUB_PACKED; -+typedef struct grub_efi_dns_device_path grub_efi_dns_device_path_t; -+ - #define GRUB_EFI_VENDOR_MESSAGING_DEVICE_PATH_SUBTYPE 10 - - /* Media Device Path. */ -@@ -1020,6 +1048,23 @@ struct grub_efi_bios_device_path - } GRUB_PACKED; - typedef struct grub_efi_bios_device_path grub_efi_bios_device_path_t; - -+/* Service Binding definitions */ -+struct grub_efi_service_binding; -+ -+typedef grub_efi_status_t -+(*grub_efi_service_binding_create_child) (struct grub_efi_service_binding *this, -+ grub_efi_handle_t *child_handle); -+ -+typedef grub_efi_status_t -+(*grub_efi_service_binding_destroy_child) (struct grub_efi_service_binding *this, -+ grub_efi_handle_t *child_handle); -+ -+typedef struct grub_efi_service_binding -+{ -+ grub_efi_service_binding_create_child create_child; -+ grub_efi_service_binding_destroy_child destroy_child; -+} grub_efi_service_binding_t; -+ - struct grub_efi_open_protocol_information_entry - { - grub_efi_handle_t agent_handle; -@@ -1569,23 +1614,27 @@ typedef struct grub_efi_pxe_tftp_error - grub_efi_char8_t error_string[127]; - } grub_efi_pxe_tftp_error_t; - --typedef struct { -- grub_uint8_t addr[4]; --} grub_efi_pxe_ipv4_address_t; -+typedef grub_efi_uint16_t grub_efi_pxe_base_code_udp_port_t; - --typedef struct { -- grub_uint8_t addr[16]; --} grub_efi_pxe_ipv6_address_t; -+typedef enum { -+ GRUB_EFI_PXE_BASE_CODE_TFTP_FIRST, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_GET_FILE_SIZE, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_READ_FILE, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_WRITE_FILE, -+ GRUB_EFI_PXE_BASE_CODE_TFTP_READ_DIRECTORY, -+ GRUB_EFI_PXE_BASE_CODE_MTFTP_GET_FILE_SIZE, -+ GRUB_EFI_PXE_BASE_CODE_MTFTP_READ_FILE, -+ GRUB_EFI_PXE_BASE_CODE_MTFTP_READ_DIRECTORY, -+ GRUB_EFI_PXE_BASE_CODE_MTFTP_LAST -+} grub_efi_pxe_base_code_tftp_opcode_t; - - typedef struct { -- grub_uint8_t addr[32]; --} grub_efi_pxe_mac_address_t; -- --typedef union { -- grub_uint32_t addr[4]; -- grub_efi_pxe_ipv4_address_t v4; -- grub_efi_pxe_ipv6_address_t v6; --} grub_efi_pxe_ip_address_t; -+ grub_efi_ip_address_t mcast_ip; -+ grub_efi_pxe_base_code_udp_port_t c_port; -+ grub_efi_pxe_base_code_udp_port_t s_port; -+ grub_efi_uint16_t listen_timeout; -+ grub_efi_uint16_t transmit_timeout; -+} grub_efi_pxe_base_code_mtftp_info_t; - - #define GRUB_EFI_PXE_BASE_CODE_MAX_IPCNT 8 - typedef struct grub_efi_pxe_ip_filter -@@ -1652,17 +1701,31 @@ typedef struct grub_efi_pxe_mode - typedef struct grub_efi_pxe - { - grub_uint64_t rev; -- void (*start) (void); -+ grub_efi_status_t (*start) (struct grub_efi_pxe *this, grub_efi_boolean_t use_ipv6); - void (*stop) (void); -- void (*dhcp) (void); -+ grub_efi_status_t (*dhcp) (struct grub_efi_pxe *this, -+ grub_efi_boolean_t sort_offers); - void (*discover) (void); -- void (*mftp) (void); -+ grub_efi_status_t (*mtftp) (struct grub_efi_pxe *this, -+ grub_efi_pxe_base_code_tftp_opcode_t operation, -+ void *buffer_ptr, -+ grub_efi_boolean_t overwrite, -+ grub_efi_uint64_t *buffer_size, -+ grub_efi_uintn_t *block_size, -+ grub_efi_pxe_ip_address_t *server_ip, -+ //grub_efi_ip_address_t *server_ip, -+ grub_efi_char8_t *filename, -+ grub_efi_pxe_base_code_mtftp_info_t *info, -+ grub_efi_boolean_t dont_use_buffer); - void (*udpwrite) (void); - void (*udpread) (void); - void (*setipfilter) (void); - void (*arp) (void); - void (*setparams) (void); -- void (*setstationip) (void); -+ grub_efi_status_t (*set_station_ip) (struct grub_efi_pxe *this, -+ grub_efi_pxe_ip_address_t *new_station_ip, -+ grub_efi_pxe_ip_address_t *new_subnet_mask); -+ //void (*setstationip) (void); - void (*setpackets) (void); - struct grub_efi_pxe_mode *mode; - } grub_efi_pxe_t; -@@ -1924,6 +1987,44 @@ struct grub_efi_ip4_config2_protocol - }; - typedef struct grub_efi_ip4_config2_protocol grub_efi_ip4_config2_protocol_t; - -+struct grub_efi_ip4_route_table { -+ grub_efi_ipv4_address_t subnet_address; -+ grub_efi_ipv4_address_t subnet_mask; -+ grub_efi_ipv4_address_t gateway_address; -+}; -+ -+typedef struct grub_efi_ip4_route_table grub_efi_ip4_route_table_t; -+ -+#define GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE 32 -+ -+struct grub_efi_ip4_config2_interface_info { -+ grub_efi_char16_t name[GRUB_EFI_IP4_CONFIG2_INTERFACE_INFO_NAME_SIZE]; -+ grub_efi_uint8_t if_type; -+ grub_efi_uint32_t hw_address_size; -+ grub_efi_mac_address_t hw_address; -+ grub_efi_ipv4_address_t station_address; -+ grub_efi_ipv4_address_t subnet_mask; -+ grub_efi_uint32_t route_table_size; -+ grub_efi_ip4_route_table_t *route_table; -+}; -+ -+typedef struct grub_efi_ip4_config2_interface_info grub_efi_ip4_config2_interface_info_t; -+ -+enum grub_efi_ip4_config2_policy { -+ GRUB_EFI_IP4_CONFIG2_POLICY_STATIC, -+ GRUB_EFI_IP4_CONFIG2_POLICY_DHCP, -+ GRUB_EFI_IP4_CONFIG2_POLICY_MAX -+}; -+ -+typedef enum grub_efi_ip4_config2_policy grub_efi_ip4_config2_policy_t; -+ -+struct grub_efi_ip4_config2_manual_address { -+ grub_efi_ipv4_address_t address; -+ grub_efi_ipv4_address_t subnet_mask; -+}; -+ -+typedef struct grub_efi_ip4_config2_manual_address grub_efi_ip4_config2_manual_address_t; -+ - enum grub_efi_ip6_config_data_type { - GRUB_EFI_IP6_CONFIG_DATA_TYPE_INTERFACEINFO, - GRUB_EFI_IP6_CONFIG_DATA_TYPE_ALT_INTERFACEID, -@@ -1958,6 +2059,49 @@ struct grub_efi_ip6_config_protocol - }; - typedef struct grub_efi_ip6_config_protocol grub_efi_ip6_config_protocol_t; - -+enum grub_efi_ip6_config_policy { -+ GRUB_EFI_IP6_CONFIG_POLICY_MANUAL, -+ GRUB_EFI_IP6_CONFIG_POLICY_AUTOMATIC -+}; -+typedef enum grub_efi_ip6_config_policy grub_efi_ip6_config_policy_t; -+ -+struct grub_efi_ip6_address_info { -+ grub_efi_ipv6_address_t address; -+ grub_efi_uint8_t prefix_length; -+}; -+typedef struct grub_efi_ip6_address_info grub_efi_ip6_address_info_t; -+ -+struct grub_efi_ip6_route_table { -+ grub_efi_pxe_ipv6_address_t gateway; -+ grub_efi_pxe_ipv6_address_t destination; -+ grub_efi_uint8_t prefix_length; -+}; -+typedef struct grub_efi_ip6_route_table grub_efi_ip6_route_table_t; -+ -+struct grub_efi_ip6_config_interface_info { -+ grub_efi_char16_t name[32]; -+ grub_efi_uint8_t if_type; -+ grub_efi_uint32_t hw_address_size; -+ grub_efi_mac_address_t hw_address; -+ grub_efi_uint32_t address_info_count; -+ grub_efi_ip6_address_info_t *address_info; -+ grub_efi_uint32_t route_count; -+ grub_efi_ip6_route_table_t *route_table; -+}; -+typedef struct grub_efi_ip6_config_interface_info grub_efi_ip6_config_interface_info_t; -+ -+struct grub_efi_ip6_config_dup_addr_detect_transmits { -+ grub_efi_uint32_t dup_addr_detect_transmits; -+}; -+typedef struct grub_efi_ip6_config_dup_addr_detect_transmits grub_efi_ip6_config_dup_addr_detect_transmits_t; -+ -+struct grub_efi_ip6_config_manual_address { -+ grub_efi_ipv6_address_t address; -+ grub_efi_boolean_t is_anycast; -+ grub_efi_uint8_t prefix_length; -+}; -+typedef struct grub_efi_ip6_config_manual_address grub_efi_ip6_config_manual_address_t; -+ - #if (GRUB_TARGET_SIZEOF_VOID_P == 4) || defined (__ia64__) \ - || defined (__aarch64__) || defined (__MINGW64__) || defined (__CYGWIN__) \ - || defined(__riscv) -diff --git a/include/grub/efi/dhcp.h b/include/grub/efi/dhcp.h -new file mode 100644 -index 00000000000..fdb88eb810e ---- /dev/null -+++ b/include/grub/efi/dhcp.h -@@ -0,0 +1,343 @@ -+#ifndef GRUB_EFI_DHCP_HEADER -+#define GRUB_EFI_DHCP_HEADER 1 -+ -+#define GRUB_EFI_DHCP4_SERVICE_BINDING_PROTOCOL_GUID \ -+ { 0x9d9a39d8, 0xbd42, 0x4a73, \ -+ { 0xa4, 0xd5, 0x8e, 0xe9, 0x4b, 0xe1, 0x13, 0x80 } \ -+ } -+ -+#define GRUB_EFI_DHCP4_PROTOCOL_GUID \ -+ { 0x8a219718, 0x4ef5, 0x4761, \ -+ { 0x91, 0xc8, 0xc0, 0xf0, 0x4b, 0xda, 0x9e, 0x56 } \ -+ } -+ -+#define GRUB_EFI_DHCP6_SERVICE_BINDING_PROTOCOL_GUID \ -+ { 0x9fb9a8a1, 0x2f4a, 0x43a6, \ -+ { 0x88, 0x9c, 0xd0, 0xf7, 0xb6, 0xc4 ,0x7a, 0xd5 } \ -+ } -+ -+#define GRUB_EFI_DHCP6_PROTOCOL_GUID \ -+ { 0x87c8bad7, 0x595, 0x4053, \ -+ { 0x82, 0x97, 0xde, 0xde, 0x39, 0x5f, 0x5d, 0x5b } \ -+ } -+ -+typedef struct grub_efi_dhcp4_protocol grub_efi_dhcp4_protocol_t; -+ -+enum grub_efi_dhcp4_state { -+ GRUB_EFI_DHCP4_STOPPED, -+ GRUB_EFI_DHCP4_INIT, -+ GRUB_EFI_DHCP4_SELECTING, -+ GRUB_EFI_DHCP4_REQUESTING, -+ GRUB_EFI_DHCP4_BOUND, -+ GRUB_EFI_DHCP4_RENEWING, -+ GRUB_EFI_DHCP4_REBINDING, -+ GRUB_EFI_DHCP4_INIT_REBOOT, -+ GRUB_EFI_DHCP4_REBOOTING -+}; -+ -+typedef enum grub_efi_dhcp4_state grub_efi_dhcp4_state_t; -+ -+struct grub_efi_dhcp4_header { -+ grub_efi_uint8_t op_code; -+ grub_efi_uint8_t hw_type; -+ grub_efi_uint8_t hw_addr_len; -+ grub_efi_uint8_t hops; -+ grub_efi_uint32_t xid; -+ grub_efi_uint16_t seconds; -+ grub_efi_uint16_t reserved; -+ grub_efi_ipv4_address_t client_addr; -+ grub_efi_ipv4_address_t your_addr; -+ grub_efi_ipv4_address_t server_addr; -+ grub_efi_ipv4_address_t gateway_addr; -+ grub_efi_uint8_t client_hw_addr[16]; -+ grub_efi_char8_t server_name[64]; -+ grub_efi_char8_t boot_file_name[128]; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp4_header grub_efi_dhcp4_header_t; -+ -+struct grub_efi_dhcp4_packet { -+ grub_efi_uint32_t size; -+ grub_efi_uint32_t length; -+ struct { -+ grub_efi_dhcp4_header_t header; -+ grub_efi_uint32_t magik; -+ grub_efi_uint8_t option[1]; -+ } dhcp4; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp4_packet grub_efi_dhcp4_packet_t; -+ -+struct grub_efi_dhcp4_listen_point { -+ grub_efi_ipv4_address_t listen_address; -+ grub_efi_ipv4_address_t subnet_mask; -+ grub_efi_uint16_t listen_port; -+}; -+ -+typedef struct grub_efi_dhcp4_listen_point grub_efi_dhcp4_listen_point_t; -+ -+struct grub_efi_dhcp4_transmit_receive_token { -+ grub_efi_status_t status; -+ grub_efi_event_t completion_event; -+ grub_efi_ipv4_address_t remote_address; -+ grub_efi_uint16_t remote_port; -+ grub_efi_ipv4_address_t gateway_address; -+ grub_efi_uint32_t listen_point_count; -+ grub_efi_dhcp4_listen_point_t *listen_points; -+ grub_efi_uint32_t timeout_value; -+ grub_efi_dhcp4_packet_t *packet; -+ grub_efi_uint32_t response_count; -+ grub_efi_dhcp4_packet_t *response_list; -+}; -+ -+typedef struct grub_efi_dhcp4_transmit_receive_token grub_efi_dhcp4_transmit_receive_token_t; -+ -+enum grub_efi_dhcp4_event { -+ GRUB_EFI_DHCP4_SEND_DISCOVER = 0X01, -+ GRUB_EFI_DHCP4_RCVD_OFFER, -+ GRUB_EFI_DHCP4_SELECT_OFFER, -+ GRUB_EFI_DHCP4_SEND_REQUEST, -+ GRUB_EFI_DHCP4_RCVD_ACK, -+ GRUB_EFI_DHCP4_RCVD_NAK, -+ GRUB_EFI_DHCP4_SEND_DECLINE, -+ GRUB_EFI_DHCP4_BOUND_COMPLETED, -+ GRUB_EFI_DHCP4_ENTER_RENEWING, -+ GRUB_EFI_DHCP4_ENTER_REBINDING, -+ GRUB_EFI_DHCP4_ADDRESS_LOST, -+ GRUB_EFI_DHCP4_FAIL -+}; -+ -+typedef enum grub_efi_dhcp4_event grub_efi_dhcp4_event_t; -+ -+struct grub_efi_dhcp4_packet_option { -+ grub_efi_uint8_t op_code; -+ grub_efi_uint8_t length; -+ grub_efi_uint8_t data[1]; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp4_packet_option grub_efi_dhcp4_packet_option_t; -+ -+struct grub_efi_dhcp4_config_data { -+ grub_efi_uint32_t discover_try_count; -+ grub_efi_uint32_t *discover_timeout; -+ grub_efi_uint32_t request_try_count; -+ grub_efi_uint32_t *request_timeout; -+ grub_efi_ipv4_address_t client_address; -+ grub_efi_status_t (*dhcp4_callback) ( -+ grub_efi_dhcp4_protocol_t *this, -+ void *context, -+ grub_efi_dhcp4_state_t current_state, -+ grub_efi_dhcp4_event_t dhcp4_event, -+ grub_efi_dhcp4_packet_t *packet, -+ grub_efi_dhcp4_packet_t **new_packet -+ ); -+ void *callback_context; -+ grub_efi_uint32_t option_count; -+ grub_efi_dhcp4_packet_option_t **option_list; -+}; -+ -+typedef struct grub_efi_dhcp4_config_data grub_efi_dhcp4_config_data_t; -+ -+struct grub_efi_dhcp4_mode_data { -+ grub_efi_dhcp4_state_t state; -+ grub_efi_dhcp4_config_data_t config_data; -+ grub_efi_ipv4_address_t client_address; -+ grub_efi_mac_address_t client_mac_address; -+ grub_efi_ipv4_address_t server_address; -+ grub_efi_ipv4_address_t router_address; -+ grub_efi_ipv4_address_t subnet_mask; -+ grub_efi_uint32_t lease_time; -+ grub_efi_dhcp4_packet_t *reply_packet; -+}; -+ -+typedef struct grub_efi_dhcp4_mode_data grub_efi_dhcp4_mode_data_t; -+ -+struct grub_efi_dhcp4_protocol { -+ grub_efi_status_t (*get_mode_data) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_dhcp4_mode_data_t *dhcp4_mode_data); -+ grub_efi_status_t (*configure) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_dhcp4_config_data_t *dhcp4_cfg_data); -+ grub_efi_status_t (*start) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_event_t completion_event); -+ grub_efi_status_t (*renew_rebind) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_boolean_t rebind_request, -+ grub_efi_event_t completion_event); -+ grub_efi_status_t (*release) (grub_efi_dhcp4_protocol_t *this); -+ grub_efi_status_t (*stop) (grub_efi_dhcp4_protocol_t *this); -+ grub_efi_status_t (*build) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_dhcp4_packet_t *seed_packet, -+ grub_efi_uint32_t delete_count, -+ grub_efi_uint8_t *delete_list, -+ grub_efi_uint32_t append_count, -+ grub_efi_dhcp4_packet_option_t *append_list[], -+ grub_efi_dhcp4_packet_t **new_packet); -+ grub_efi_status_t (*transmit_receive) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_dhcp4_transmit_receive_token_t *token); -+ grub_efi_status_t (*parse) (grub_efi_dhcp4_protocol_t *this, -+ grub_efi_dhcp4_packet_t *packet, -+ grub_efi_uint32_t *option_count, -+ grub_efi_dhcp4_packet_option_t *packet_option_list[]); -+}; -+ -+typedef struct grub_efi_dhcp6_protocol grub_efi_dhcp6_protocol_t; -+ -+struct grub_efi_dhcp6_retransmission { -+ grub_efi_uint32_t irt; -+ grub_efi_uint32_t mrc; -+ grub_efi_uint32_t mrt; -+ grub_efi_uint32_t mrd; -+}; -+ -+typedef struct grub_efi_dhcp6_retransmission grub_efi_dhcp6_retransmission_t; -+ -+enum grub_efi_dhcp6_event { -+ GRUB_EFI_DHCP6_SEND_SOLICIT, -+ GRUB_EFI_DHCP6_RCVD_ADVERTISE, -+ GRUB_EFI_DHCP6_SELECT_ADVERTISE, -+ GRUB_EFI_DHCP6_SEND_REQUEST, -+ GRUB_EFI_DHCP6_RCVD_REPLY, -+ GRUB_EFI_DHCP6_RCVD_RECONFIGURE, -+ GRUB_EFI_DHCP6_SEND_DECLINE, -+ GRUB_EFI_DHCP6_SEND_CONFIRM, -+ GRUB_EFI_DHCP6_SEND_RELEASE, -+ GRUB_EFI_DHCP6_SEND_RENEW, -+ GRUB_EFI_DHCP6_SEND_REBIND -+}; -+ -+typedef enum grub_efi_dhcp6_event grub_efi_dhcp6_event_t; -+ -+struct grub_efi_dhcp6_packet_option { -+ grub_efi_uint16_t op_code; -+ grub_efi_uint16_t op_len; -+ grub_efi_uint8_t data[1]; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp6_packet_option grub_efi_dhcp6_packet_option_t; -+ -+struct grub_efi_dhcp6_header { -+ grub_efi_uint32_t transaction_id:24; -+ grub_efi_uint32_t message_type:8; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp6_header grub_efi_dhcp6_header_t; -+ -+struct grub_efi_dhcp6_packet { -+ grub_efi_uint32_t size; -+ grub_efi_uint32_t length; -+ struct { -+ grub_efi_dhcp6_header_t header; -+ grub_efi_uint8_t option[1]; -+ } dhcp6; -+} GRUB_PACKED; -+ -+typedef struct grub_efi_dhcp6_packet grub_efi_dhcp6_packet_t; -+ -+struct grub_efi_dhcp6_ia_address { -+ grub_efi_ipv6_address_t ip_address; -+ grub_efi_uint32_t preferred_lifetime; -+ grub_efi_uint32_t valid_lifetime; -+}; -+ -+typedef struct grub_efi_dhcp6_ia_address grub_efi_dhcp6_ia_address_t; -+ -+enum grub_efi_dhcp6_state { -+ GRUB_EFI_DHCP6_INIT, -+ GRUB_EFI_DHCP6_SELECTING, -+ GRUB_EFI_DHCP6_REQUESTING, -+ GRUB_EFI_DHCP6_DECLINING, -+ GRUB_EFI_DHCP6_CONFIRMING, -+ GRUB_EFI_DHCP6_RELEASING, -+ GRUB_EFI_DHCP6_BOUND, -+ GRUB_EFI_DHCP6_RENEWING, -+ GRUB_EFI_DHCP6_REBINDING -+}; -+ -+typedef enum grub_efi_dhcp6_state grub_efi_dhcp6_state_t; -+ -+#define GRUB_EFI_DHCP6_IA_TYPE_NA 3 -+#define GRUB_EFI_DHCP6_IA_TYPE_TA 4 -+ -+struct grub_efi_dhcp6_ia_descriptor { -+ grub_efi_uint16_t type; -+ grub_efi_uint32_t ia_id; -+}; -+ -+typedef struct grub_efi_dhcp6_ia_descriptor grub_efi_dhcp6_ia_descriptor_t; -+ -+struct grub_efi_dhcp6_ia { -+ grub_efi_dhcp6_ia_descriptor_t descriptor; -+ grub_efi_dhcp6_state_t state; -+ grub_efi_dhcp6_packet_t *reply_packet; -+ grub_efi_uint32_t ia_address_count; -+ grub_efi_dhcp6_ia_address_t ia_address[1]; -+}; -+ -+typedef struct grub_efi_dhcp6_ia grub_efi_dhcp6_ia_t; -+ -+struct grub_efi_dhcp6_duid { -+ grub_efi_uint16_t length; -+ grub_efi_uint8_t duid[1]; -+}; -+ -+typedef struct grub_efi_dhcp6_duid grub_efi_dhcp6_duid_t; -+ -+struct grub_efi_dhcp6_mode_data { -+ grub_efi_dhcp6_duid_t *client_id; -+ grub_efi_dhcp6_ia_t *ia; -+}; -+ -+typedef struct grub_efi_dhcp6_mode_data grub_efi_dhcp6_mode_data_t; -+ -+struct grub_efi_dhcp6_config_data { -+ grub_efi_status_t (*dhcp6_callback) (grub_efi_dhcp6_protocol_t this, -+ void *context, -+ grub_efi_dhcp6_state_t current_state, -+ grub_efi_dhcp6_event_t dhcp6_event, -+ grub_efi_dhcp6_packet_t *packet, -+ grub_efi_dhcp6_packet_t **new_packet); -+ void *callback_context; -+ grub_efi_uint32_t option_count; -+ grub_efi_dhcp6_packet_option_t **option_list; -+ grub_efi_dhcp6_ia_descriptor_t ia_descriptor; -+ grub_efi_event_t ia_info_event; -+ grub_efi_boolean_t reconfigure_accept; -+ grub_efi_boolean_t rapid_commit; -+ grub_efi_dhcp6_retransmission_t *solicit_retransmission; -+}; -+ -+typedef struct grub_efi_dhcp6_config_data grub_efi_dhcp6_config_data_t; -+ -+struct grub_efi_dhcp6_protocol { -+ grub_efi_status_t (*get_mode_data) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_dhcp6_mode_data_t *dhcp6_mode_data, -+ grub_efi_dhcp6_config_data_t *dhcp6_config_data); -+ grub_efi_status_t (*configure) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_dhcp6_config_data_t *dhcp6_cfg_data); -+ grub_efi_status_t (*start) (grub_efi_dhcp6_protocol_t *this); -+ grub_efi_status_t (*info_request) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_boolean_t send_client_id, -+ grub_efi_dhcp6_packet_option_t *option_request, -+ grub_efi_uint32_t option_count, -+ grub_efi_dhcp6_packet_option_t *option_list[], -+ grub_efi_dhcp6_retransmission_t *retransmission, -+ grub_efi_event_t timeout_event, -+ grub_efi_status_t (*reply_callback) (grub_efi_dhcp6_protocol_t *this, -+ void *context, -+ grub_efi_dhcp6_packet_t *packet), -+ void *callback_context); -+ grub_efi_status_t (*renew_rebind) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_boolean_t rebind_request); -+ grub_efi_status_t (*decline) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_uint32_t address_count, -+ grub_efi_ipv6_address_t *addresses); -+ grub_efi_status_t (*release) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_uint32_t address_count, -+ grub_efi_ipv6_address_t *addresses); -+ grub_efi_status_t (*stop) (grub_efi_dhcp6_protocol_t *this); -+ grub_efi_status_t (*parse) (grub_efi_dhcp6_protocol_t *this, -+ grub_efi_dhcp6_packet_t *packet, -+ grub_efi_uint32_t *option_count, -+ grub_efi_dhcp6_packet_option_t *packet_option_list[]); -+}; -+ -+#endif /* ! GRUB_EFI_DHCP_HEADER */ -diff --git a/include/grub/efi/http.h b/include/grub/efi/http.h -new file mode 100644 -index 00000000000..c5e9a89f505 ---- /dev/null -+++ b/include/grub/efi/http.h -@@ -0,0 +1,215 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2006,2007,2008 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_EFI_HTTP_HEADER -+#define GRUB_EFI_HTTP_HEADER 1 -+ -+#include -+#include -+#include -+ -+#define GRUB_EFI_HTTP_SERVICE_BINDING_PROTOCOL_GUID \ -+ { 0xbdc8e6af, 0xd9bc, 0x4379, \ -+ { 0xa7, 0x2a, 0xe0, 0xc4, 0xe7, 0x5d, 0xae, 0x1c } \ -+ } -+ -+#define GRUB_EFI_HTTP_PROTOCOL_GUID \ -+ { 0x7A59B29B, 0x910B, 0x4171, \ -+ { 0x82, 0x42, 0xA8, 0x5A, 0x0D, 0xF2, 0x5B, 0x5B } \ -+ } -+ -+#define EFIHTTP_WAIT_TIME 10000 // 10000ms = 10s -+#define EFIHTTP_RX_BUF_LEN 10240 -+ -+//****************************************** -+// Protocol Interface Structure -+//****************************************** -+struct grub_efi_http; -+ -+//****************************************** -+// EFI_HTTP_VERSION -+//****************************************** -+typedef enum { -+ GRUB_EFI_HTTPVERSION10, -+ GRUB_EFI_HTTPVERSION11, -+ GRUB_EFI_HTTPVERSIONUNSUPPORTED -+} grub_efi_http_version_t; -+ -+//****************************************** -+// EFI_HTTPv4_ACCESS_POINT -+//****************************************** -+typedef struct { -+ grub_efi_boolean_t use_default_address; -+ grub_efi_ipv4_address_t local_address; -+ grub_efi_ipv4_address_t local_subnet; -+ grub_efi_uint16_t local_port; -+} grub_efi_httpv4_access_point_t; -+ -+//****************************************** -+// EFI_HTTPv6_ACCESS_POINT -+//****************************************** -+typedef struct { -+ grub_efi_ipv6_address_t local_address; -+ grub_efi_uint16_t local_port; -+} grub_efi_httpv6_access_point_t; -+ -+//****************************************** -+// EFI_HTTP_CONFIG_DATA -+//****************************************** -+typedef struct { -+ grub_efi_http_version_t http_version; -+ grub_efi_uint32_t timeout_millisec; -+ grub_efi_boolean_t local_address_is_ipv6; -+ union { -+ grub_efi_httpv4_access_point_t *ipv4_node; -+ grub_efi_httpv6_access_point_t *ipv6_node; -+ } access_point; -+} grub_efi_http_config_data_t; -+ -+//****************************************** -+// EFI_HTTP_METHOD -+//****************************************** -+typedef enum { -+ GRUB_EFI_HTTPMETHODGET, -+ GRUB_EFI_HTTPMETHODPOST, -+ GRUB_EFI_HTTPMETHODPATCH, -+ GRUB_EFI_HTTPMETHODOPTIONS, -+ GRUB_EFI_HTTPMETHODCONNECT, -+ GRUB_EFI_HTTPMETHODHEAD, -+ GRUB_EFI_HTTPMETHODPUT, -+ GRUB_EFI_HTTPMETHODDELETE, -+ GRUB_EFI_HTTPMETHODTRACE, -+} grub_efi_http_method_t; -+ -+//****************************************** -+// EFI_HTTP_REQUEST_DATA -+//****************************************** -+typedef struct { -+ grub_efi_http_method_t method; -+ grub_efi_char16_t *url; -+} grub_efi_http_request_data_t; -+ -+typedef enum { -+ GRUB_EFI_HTTP_STATUS_UNSUPPORTED_STATUS = 0, -+ GRUB_EFI_HTTP_STATUS_100_CONTINUE, -+ GRUB_EFI_HTTP_STATUS_101_SWITCHING_PROTOCOLS, -+ GRUB_EFI_HTTP_STATUS_200_OK, -+ GRUB_EFI_HTTP_STATUS_201_CREATED, -+ GRUB_EFI_HTTP_STATUS_202_ACCEPTED, -+ GRUB_EFI_HTTP_STATUS_203_NON_AUTHORITATIVE_INFORMATION, -+ GRUB_EFI_HTTP_STATUS_204_NO_CONTENT, -+ GRUB_EFI_HTTP_STATUS_205_RESET_CONTENT, -+ GRUB_EFI_HTTP_STATUS_206_PARTIAL_CONTENT, -+ GRUB_EFI_HTTP_STATUS_300_MULTIPLE_CHIOCES, -+ GRUB_EFI_HTTP_STATUS_301_MOVED_PERMANENTLY, -+ GRUB_EFI_HTTP_STATUS_302_FOUND, -+ GRUB_EFI_HTTP_STATUS_303_SEE_OTHER, -+ GRUB_EFI_HTTP_STATUS_304_NOT_MODIFIED, -+ GRUB_EFI_HTTP_STATUS_305_USE_PROXY, -+ GRUB_EFI_HTTP_STATUS_307_TEMPORARY_REDIRECT, -+ GRUB_EFI_HTTP_STATUS_400_BAD_REQUEST, -+ GRUB_EFI_HTTP_STATUS_401_UNAUTHORIZED, -+ GRUB_EFI_HTTP_STATUS_402_PAYMENT_REQUIRED, -+ GRUB_EFI_HTTP_STATUS_403_FORBIDDEN, -+ GRUB_EFI_HTTP_STATUS_404_NOT_FOUND, -+ GRUB_EFI_HTTP_STATUS_405_METHOD_NOT_ALLOWED, -+ GRUB_EFI_HTTP_STATUS_406_NOT_ACCEPTABLE, -+ GRUB_EFI_HTTP_STATUS_407_PROXY_AUTHENTICATION_REQUIRED, -+ GRUB_EFI_HTTP_STATUS_408_REQUEST_TIME_OUT, -+ GRUB_EFI_HTTP_STATUS_409_CONFLICT, -+ GRUB_EFI_HTTP_STATUS_410_GONE, -+ GRUB_EFI_HTTP_STATUS_411_LENGTH_REQUIRED, -+ GRUB_EFI_HTTP_STATUS_412_PRECONDITION_FAILED, -+ GRUB_EFI_HTTP_STATUS_413_REQUEST_ENTITY_TOO_LARGE, -+ GRUB_EFI_HTTP_STATUS_414_REQUEST_URI_TOO_LARGE, -+ GRUB_EFI_HTTP_STATUS_415_UNSUPPORTED_MEDIA_TYPE, -+ GRUB_EFI_HTTP_STATUS_416_REQUESTED_RANGE_NOT_SATISFIED, -+ GRUB_EFI_HTTP_STATUS_417_EXPECTATION_FAILED, -+ GRUB_EFI_HTTP_STATUS_500_INTERNAL_SERVER_ERROR, -+ GRUB_EFI_HTTP_STATUS_501_NOT_IMPLEMENTED, -+ GRUB_EFI_HTTP_STATUS_502_BAD_GATEWAY, -+ GRUB_EFI_HTTP_STATUS_503_SERVICE_UNAVAILABLE, -+ GRUB_EFI_HTTP_STATUS_504_GATEWAY_TIME_OUT, -+ GRUB_EFI_HTTP_STATUS_505_HTTP_VERSION_NOT_SUPPORTED -+} grub_efi_http_status_code_t; -+ -+//****************************************** -+// EFI_HTTP_RESPONSE_DATA -+//****************************************** -+typedef struct { -+ grub_efi_http_status_code_t status_code; -+} grub_efi_http_response_data_t; -+ -+//****************************************** -+// EFI_HTTP_HEADER -+//****************************************** -+typedef struct { -+ grub_efi_char8_t *field_name; -+ grub_efi_char8_t *field_value; -+} grub_efi_http_header_t; -+ -+//****************************************** -+// EFI_HTTP_MESSAGE -+//****************************************** -+typedef struct { -+ union { -+ grub_efi_http_request_data_t *request; -+ grub_efi_http_response_data_t *response; -+ } data; -+ grub_efi_uint32_t header_count; -+ grub_efi_http_header_t *headers; -+ grub_efi_uint32_t body_length; -+ void *body; -+} grub_efi_http_message_t; -+ -+//****************************************** -+// EFI_HTTP_TOKEN -+//****************************************** -+typedef struct { -+ grub_efi_event_t event; -+ grub_efi_status_t status; -+ grub_efi_http_message_t *message; -+} grub_efi_http_token_t; -+ -+struct grub_efi_http { -+ grub_efi_status_t -+ (*get_mode_data) (struct grub_efi_http *this, -+ grub_efi_http_config_data_t *http_config_data); -+ -+ grub_efi_status_t -+ (*configure) (struct grub_efi_http *this, -+ grub_efi_http_config_data_t *http_config_data); -+ -+ grub_efi_status_t -+ (*request) (struct grub_efi_http *this, -+ grub_efi_http_token_t *token); -+ -+ grub_efi_status_t -+ (*cancel) (struct grub_efi_http *this, -+ grub_efi_http_token_t *token); -+ -+ grub_efi_status_t -+ (*response) (struct grub_efi_http *this, -+ grub_efi_http_token_t *token); -+ -+ grub_efi_status_t -+ (*poll) (struct grub_efi_http *this); -+}; -+typedef struct grub_efi_http grub_efi_http_t; -+ -+#endif /* !GRUB_EFI_HTTP_HEADER */ -diff --git a/include/grub/net/efi.h b/include/grub/net/efi.h -new file mode 100644 -index 00000000000..de90d223e8e ---- /dev/null -+++ b/include/grub/net/efi.h -@@ -0,0 +1,144 @@ -+#ifndef GRUB_NET_EFI_HEADER -+#define GRUB_NET_EFI_HEADER 1 -+ -+#include -+#include -+#include -+#include -+ -+typedef struct grub_efi_net_interface grub_efi_net_interface_t; -+typedef struct grub_efi_net_ip_config grub_efi_net_ip_config_t; -+typedef union grub_efi_net_ip_address grub_efi_net_ip_address_t; -+typedef struct grub_efi_net_ip_manual_address grub_efi_net_ip_manual_address_t; -+ -+struct grub_efi_net_interface -+{ -+ char *name; -+ int prefer_ip6; -+ struct grub_efi_net_device *dev; -+ struct grub_efi_net_io *io; -+ grub_efi_net_ip_config_t *ip_config; -+ int io_type; -+ struct grub_efi_net_interface *next; -+}; -+ -+#define efi_net_interface_get_hw_address(inf) inf->ip_config->get_hw_address (inf->dev) -+#define efi_net_interface_get_address(inf) inf->ip_config->get_address (inf->dev) -+#define efi_net_interface_get_route_table(inf) inf->ip_config->get_route_table (inf->dev) -+#define efi_net_interface_set_address(inf, addr, with_subnet) inf->ip_config->set_address (inf->dev, addr, with_subnet) -+#define efi_net_interface_set_gateway(inf, addr) inf->ip_config->set_gateway (inf->dev, addr) -+#define efi_net_interface_set_dns(inf, addr) inf->ip_config->set_dns (inf->dev, addr) -+ -+struct grub_efi_net_ip_config -+{ -+ char * (*get_hw_address) (struct grub_efi_net_device *dev); -+ char * (*get_address) (struct grub_efi_net_device *dev); -+ char ** (*get_route_table) (struct grub_efi_net_device *dev); -+ grub_efi_net_interface_t * (*best_interface) (struct grub_efi_net_device *dev, grub_efi_net_ip_address_t *address); -+ int (*set_address) (struct grub_efi_net_device *dev, grub_efi_net_ip_manual_address_t *net_ip, int with_subnet); -+ int (*set_gateway) (struct grub_efi_net_device *dev, grub_efi_net_ip_address_t *address); -+ int (*set_dns) (struct grub_efi_net_device *dev, grub_efi_net_ip_address_t *dns); -+}; -+ -+union grub_efi_net_ip_address -+{ -+ grub_efi_ipv4_address_t ip4; -+ grub_efi_ipv6_address_t ip6; -+}; -+ -+struct grub_efi_net_ip_manual_address -+{ -+ int is_ip6; -+ union -+ { -+ grub_efi_ip4_config2_manual_address_t ip4; -+ grub_efi_ip6_config_manual_address_t ip6; -+ }; -+}; -+ -+struct grub_efi_net_device -+{ -+ grub_efi_handle_t handle; -+ grub_efi_ip4_config2_protocol_t *ip4_config; -+ grub_efi_ip6_config_protocol_t *ip6_config; -+ grub_efi_handle_t http_handle; -+ grub_efi_http_t *http; -+ grub_efi_handle_t ip4_pxe_handle; -+ grub_efi_pxe_t *ip4_pxe; -+ grub_efi_handle_t ip6_pxe_handle; -+ grub_efi_pxe_t *ip6_pxe; -+ grub_efi_handle_t dhcp4_handle; -+ grub_efi_dhcp4_protocol_t *dhcp4; -+ grub_efi_handle_t dhcp6_handle; -+ grub_efi_dhcp6_protocol_t *dhcp6; -+ char *card_name; -+ grub_efi_net_interface_t *net_interfaces; -+ struct grub_efi_net_device *next; -+}; -+ -+struct grub_efi_net_io -+{ -+ void (*configure) (struct grub_efi_net_device *dev, int prefer_ip6); -+ grub_err_t (*open) (struct grub_efi_net_device *dev, -+ int prefer_ip6, -+ grub_file_t file, -+ const char *filename, -+ int type); -+ grub_ssize_t (*read) (struct grub_efi_net_device *dev, -+ int prefer_ip6, -+ grub_file_t file, -+ char *buf, -+ grub_size_t len); -+ grub_err_t (*close) (struct grub_efi_net_device *dev, -+ int prefer_ip6, -+ grub_file_t file); -+}; -+ -+extern struct grub_efi_net_device *net_devices; -+ -+extern struct grub_efi_net_io io_http; -+extern struct grub_efi_net_io io_pxe; -+ -+extern grub_efi_net_ip_config_t *efi_net_ip4_config; -+extern grub_efi_net_ip_config_t *efi_net_ip6_config; -+ -+char * -+grub_efi_ip4_address_to_string (grub_efi_ipv4_address_t *address); -+ -+char * -+grub_efi_ip6_address_to_string (grub_efi_pxe_ipv6_address_t *address); -+ -+char * -+grub_efi_hw_address_to_string (grub_efi_uint32_t hw_address_size, grub_efi_mac_address_t hw_address); -+ -+int -+grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest); -+ -+int -+grub_efi_string_to_ip6_address (const char *val, grub_efi_ipv6_address_t *address, const char **rest); -+ -+char * -+grub_efi_ip6_interface_name (struct grub_efi_net_device *dev); -+ -+char * -+grub_efi_ip4_interface_name (struct grub_efi_net_device *dev); -+ -+grub_efi_net_interface_t * -+grub_efi_net_create_interface (struct grub_efi_net_device *dev, -+ const char *interface_name, -+ grub_efi_net_ip_manual_address_t *net_ip, -+ int has_subnet); -+ -+int grub_efi_net_fs_init (void); -+void grub_efi_net_fs_fini (void); -+int grub_efi_net_boot_from_https (void); -+int grub_efi_net_boot_from_opa (void); -+ -+extern grub_command_func_t grub_efi_net_list_routes; -+extern grub_command_func_t grub_efi_net_list_cards; -+extern grub_command_func_t grub_efi_net_list_addrs; -+extern grub_command_func_t grub_efi_net_add_addr; -+extern grub_command_func_t grub_efi_net_bootp; -+extern grub_command_func_t grub_efi_net_bootp6; -+ -+#endif /* ! GRUB_NET_EFI_HEADER */ diff --git a/0083-AUDIT-0-http-boot-tracker-bug.patch b/0083-AUDIT-0-http-boot-tracker-bug.patch deleted file mode 100644 index ef3e67b7f3ae4483fccfcd9707bee1f794b9c013..0000000000000000000000000000000000000000 --- a/0083-AUDIT-0-http-boot-tracker-bug.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Sebastian Krahmer -Date: Tue, 28 Nov 2017 17:24:38 +0800 -Subject: [PATCH] AUDIT-0: http boot tracker bug - -Fixing a memory leak in case of error, and a integer overflow, leading to a -heap overflow due to overly large chunk sizes. - -We need to check against some maximum value, otherwise values like 0xffffffff -will eventually lead in the allocation functions to small sized buffers, since -the len is rounded up to the next reasonable alignment. The following memcpy -will then smash the heap, leading to RCE. - -This is no big issue for pure http boot, since its going to execute an -untrusted kernel anyway, but it will break trusted boot scenarios, where only -signed code is allowed to be executed. - -Signed-off-by: Michael Chang ---- - grub-core/net/efi/net.c | 4 +++- - grub-core/net/http.c | 5 ++++- - 2 files changed, 7 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index 86bce6535d3..4bb308026ce 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -645,8 +645,10 @@ grub_efihttp_chunk_read (grub_file_t file, char *buf, - - rd = efi_net_interface (read, file, chunk, sz); - -- if (rd <= 0) -+ if (rd <= 0) { -+ grub_free (chunk); - return rd; -+ } - - if (buf) - { -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index 12a2632ea55..b52b558d631 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -31,7 +31,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - - enum - { -- HTTP_PORT = 80 -+ HTTP_PORT = 80, -+ HTTP_MAX_CHUNK_SIZE = 0x80000000 - }; - - -@@ -78,6 +79,8 @@ parse_line (grub_file_t file, http_data_t data, char *ptr, grub_size_t len) - if (data->in_chunk_len == 2) - { - data->chunk_rem = grub_strtoul (ptr, 0, 16); -+ if (data->chunk_rem > HTTP_MAX_CHUNK_SIZE) -+ return GRUB_ERR_NET_PACKET_TOO_BIG; - grub_errno = GRUB_ERR_NONE; - if (data->chunk_rem == 0) - { diff --git a/0084-grub-editenv-Add-incr-command-to-increment-integer-v.patch b/0084-grub-editenv-Add-incr-command-to-increment-integer-v.patch deleted file mode 100644 index f8de42a3d0c810726fc5888c41b7ba01b9849c46..0000000000000000000000000000000000000000 --- a/0084-grub-editenv-Add-incr-command-to-increment-integer-v.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Mon, 4 Jun 2018 19:49:47 +0200 -Subject: [PATCH] grub-editenv: Add "incr" command to increment integer value - env. variables - -To be able to automatically detect if the last boot was successful, -We want to keep count of succesful / failed boots in some integer -environment variable. - -This commit adds a grub-editenvt "incr" command to increment such -integer value env. variables by 1 for use from various boot scripts. - -Signed-off-by: Hans de Goede ---- - util/grub-editenv.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 50 insertions(+) - -diff --git a/util/grub-editenv.c b/util/grub-editenv.c -index db6f187cc63..948eec8a114 100644 ---- a/util/grub-editenv.c -+++ b/util/grub-editenv.c -@@ -53,6 +53,9 @@ static struct argp_option options[] = { - /* TRANSLATORS: "unset" is a keyword. It's a summary of "unset" subcommand. */ - {N_("unset [NAME ...]"), 0, 0, OPTION_DOC|OPTION_NO_USAGE, - N_("Delete variables."), 0}, -+ /* TRANSLATORS: "incr" is a keyword. It's a summary of "incr" subcommand. */ -+ {N_("incr [NAME ...]"), 0, 0, OPTION_DOC|OPTION_NO_USAGE, -+ N_("Increase value of integer variables."), 0}, - - {0, 0, 0, OPTION_DOC, N_("Options:"), -1}, - {"verbose", 'v', 0, 0, N_("print verbose messages."), 0}, -@@ -253,6 +256,51 @@ unset_variables (const char *name, int argc, char *argv[]) - grub_envblk_close (envblk); - } - -+struct get_int_value_params { -+ char *varname; -+ int value; -+}; -+ -+static int -+get_int_value (const char *varname, const char *value, void *hook_data) -+{ -+ struct get_int_value_params *params = hook_data; -+ -+ if (strcmp (varname, params->varname) == 0) { -+ params->value = strtol (value, NULL, 10); -+ return 1; -+ } -+ return 0; -+} -+ -+static void -+incr_variables (const char *name, int argc, char *argv[]) -+{ -+ grub_envblk_t envblk; -+ char buf[16]; -+ -+ envblk = open_envblk_file (name); -+ while (argc) -+ { -+ struct get_int_value_params params = { -+ .varname = argv[0], -+ .value = 0, /* Consider unset variables 0 */ -+ }; -+ -+ grub_envblk_iterate (envblk, ¶ms, get_int_value); -+ snprintf(buf, sizeof(buf), "%d", params.value + 1); -+ -+ if (! grub_envblk_set (envblk, argv[0], buf)) -+ grub_util_error ("%s", _("environment block too small")); -+ -+ argc--; -+ argv++; -+ } -+ -+ write_envblk (name, envblk); -+ grub_envblk_close (envblk); -+} -+ - int - main (int argc, char *argv[]) - { -@@ -292,6 +340,8 @@ main (int argc, char *argv[]) - set_variables (filename, argc - curindex, argv + curindex); - else if (strcmp (command, "unset") == 0) - unset_variables (filename, argc - curindex, argv + curindex); -+ else if (strcmp (command, "incr") == 0) -+ incr_variables (filename, argc - curindex, argv + curindex); - else - { - char *program = xstrdup(program_name); diff --git a/0085-Add-auto-hide-menu-support.patch b/0085-Add-auto-hide-menu-support.patch deleted file mode 100644 index 863cd053e0e69e31971e9e7dd55cd3ce6e64cd5a..0000000000000000000000000000000000000000 --- a/0085-Add-auto-hide-menu-support.patch +++ /dev/null @@ -1,189 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Wed, 6 Jun 2018 08:44:11 +0200 -Subject: [PATCH] Add auto-hide menu support - -On single-os systems we do not want to show the menu, unless something -went wrong with the previous boot, in which case the user may need the -menu to debug/fix the problem. - -This commit adds a new grub.d/00_menu_auto_hide file which emits a -config snippet implementing this. I've chosen to do this in a separate -grub.d file because chances of this going upstream are small and this way -it will be easier to rebase. - -Since auto-hiding the menu requires detecting the previous boot was ok, -we get fastboot support (where we don't check for a key at all) for free -so this commit also adds support for this. - -The new config-file code uses the following variables: - -menu_auto_hide Set this to "1" to activate the new auto-hide feature - Set this to "2" to auto-hide the menu even when multiple - operating systems are installed. Note the menu will still - auto show after booting an other os as that won't set - boot_success. -menu_show_once Set this to "1" to force showing the menu once. -boot_success The OS sets this to "1" to indicate a successful boot. -boot_indeterminate The OS increments this integer when rebooting after e.g. - installing updates or a selinux relabel. -fastboot If set to "1" and the conditions for auto-hiding the menu - are met, the menu is not shown and all checks for keypresses - are skipped, booting the default immediately. - -30_os-prober.in changes somewhat inspired by: -https://git.launchpad.net/~ubuntu-core-dev/grub/+git/ubuntu/tree/debian/patches/quick_boot.patch - -Signed-off-by: Hans de Goede ---- -Changes in v2: --Drop shutdown_success tests, there is no meaningful way for systemd to set - this flag (by the time it knows all filesystems are unmounted or read-only --Drop fwsetup_once support, systemd already supports booting directly into - the fwsetup by doing "systemctl reboot --firmware" ---- - Makefile.util.def | 6 +++++ - util/grub.d/01_menu_auto_hide.in | 48 ++++++++++++++++++++++++++++++++++++++++ - util/grub.d/30_os-prober.in | 18 +++++++++++++++ - 3 files changed, 72 insertions(+) - create mode 100644 util/grub.d/01_menu_auto_hide.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index 48512bc6311..314e6f2acf8 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -458,6 +458,12 @@ script = { - installdir = grubconf; - }; - -+script = { -+ name = '01_menu_auto_hide'; -+ common = util/grub.d/01_menu_auto_hide.in; -+ installdir = grubconf; -+}; -+ - script = { - name = '01_users'; - common = util/grub.d/01_users.in; -diff --git a/util/grub.d/01_menu_auto_hide.in b/util/grub.d/01_menu_auto_hide.in -new file mode 100644 -index 00000000000..ad175870a54 ---- /dev/null -+++ b/util/grub.d/01_menu_auto_hide.in -@@ -0,0 +1,48 @@ -+#! /bin/sh -+ -+# Disable / skip generating menu-auto-hide config parts on serial terminals -+for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do -+ case "$x" in -+ serial*) -+ exit 0 -+ ;; -+ esac -+done -+ -+cat << EOF -+if [ "\${boot_success}" = "1" -o "\${boot_indeterminate}" = "1" ]; then -+ set last_boot_ok=1 -+else -+ set last_boot_ok=0 -+fi -+ -+# Reset boot_indeterminate after a successful boot -+if [ "\${boot_success}" = "1" ] ; then -+ set boot_indeterminate=0 -+# Avoid boot_indeterminate causing the menu to be hidden more then once -+elif [ "\${boot_indeterminate}" = "1" ]; then -+ set boot_indeterminate=2 -+fi -+set boot_success=0 -+save_env boot_success boot_indeterminate -+ -+if [ x\$feature_timeout_style = xy ] ; then -+ if [ "\${menu_show_once}" ]; then -+ unset menu_show_once -+ save_env menu_show_once -+ set timeout_style=menu -+ set timeout=60 -+ elif [ "\${menu_auto_hide}" -a "\${last_boot_ok}" = "1" ]; then -+ set orig_timeout_style=\${timeout_style} -+ set orig_timeout=\${timeout} -+ if [ "\${fastboot}" = "1" ]; then -+ # timeout_style=menu + timeout=0 avoids the countdown code keypress check -+ set timeout_style=menu -+ set timeout=0 -+ else -+ set timeout_style=hidden -+ set timeout=1 -+ fi -+ fi -+fi -+EOF -diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in -index 4b27bd20153..3c9431cfcfb 100644 ---- a/util/grub.d/30_os-prober.in -+++ b/util/grub.d/30_os-prober.in -@@ -42,6 +42,7 @@ if [ -z "${OSPROBED}" ] ; then - fi - - osx_entry() { -+ found_other_os=1 - # TRANSLATORS: it refers on the OS residing on device %s - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" - hints="" -@@ -102,6 +103,7 @@ for OS in ${OSPROBED} ; do - - case ${BOOT} in - chain) -+ found_other_os=1 - - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" - cat << EOF -@@ -132,6 +134,7 @@ EOF - EOF - ;; - efi) -+ found_other_os=1 - - EFIPATH=${DEVICE#*@} - DEVICE=${DEVICE%@*} -@@ -176,6 +179,7 @@ EOF - LINITRD="${LINITRD#/boot}" - fi - -+ found_other_os=1 - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" - recovery_params="$(echo "${LPARAMS}" | grep single)" || true - counter=1 -@@ -257,6 +261,7 @@ EOF - done - ;; - hurd) -+ found_other_os=1 - onstr="$(gettext_printf "(on %s)" "${DEVICE}")" - cat << EOF - menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class hurd --class gnu --class os \$menuentry_id_option 'osprober-gnuhurd-/boot/gnumach.gz-false-$(grub_get_device_id "${DEVICE}")' { -@@ -283,6 +288,7 @@ EOF - EOF - ;; - minix) -+ found_other_os=1 - cat << EOF - menuentry "${LONGNAME} (on ${DEVICE}, Multiboot)" { - EOF -@@ -299,3 +305,15 @@ EOF - ;; - esac - done -+ -+# We override the results of the menu_auto_hide code here, this is a bit ugly, -+# but grub-mkconfig writes out the file linearly, so this is the only way -+if [ "${found_other_os}" = "1" ]; then -+ cat << EOF -+# Other OS found, undo autohiding of menu unless menu_auto_hide=2 -+if [ "\${orig_timeout_style}" -a "\${menu_auto_hide}" != "2" ]; then -+ set timeout_style=\${orig_timeout_style} -+ set timeout=\${orig_timeout} -+fi -+EOF -+fi diff --git a/0086-Add-grub-set-bootflag-utility.patch b/0086-Add-grub-set-bootflag-utility.patch deleted file mode 100644 index e39f8bebb496a3315ab10090c10ecf7b3339fac0..0000000000000000000000000000000000000000 --- a/0086-Add-grub-set-bootflag-utility.patch +++ /dev/null @@ -1,295 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Tue, 12 Jun 2018 13:25:16 +0200 -Subject: [PATCH] Add grub-set-bootflag utility - -This commit adds a new grub-set-bootflag utility, which can be used -to set known bootflags in the grubenv: boot_success or menu_show_once. - -grub-set-bootflag is different from grub-editenv in 2 ways: - -1) It is intended to be executed by regular users so must be installed -as suid root. As such it is written to not use any existing grubenv -related code for easy auditing. - -It can't be executed through pkexec because we want to call it under gdm -and pkexec does not work under gdm due the gdm user having /sbin/nologin -as shell. - -2) Since it can be executed by regular users it only allows setting -(assigning a value of 1 to) bootflags which it knows about. Currently -those are just boot_success and menu_show_once. - -This commit also adds a couple of example systemd and files which show -how this can be used to set boot_success from a user-session: - -docs/grub-boot-success.service -docs/grub-boot-success.timer - -The 2 grub-boot-success.systemd files should be placed in /lib/systemd/user -and a symlink to grub-boot-success.timer should be added to -/lib/systemd/user/timers.target.wants. - -Signed-off-by: Hans de Goede -[makhomed: grub-boot-success.timer: Only run if not in a container] -Signed-off-by: Gena Makhomed -Signed-off-by: Robbie Harwood ---- - Makefile.util.def | 7 ++ - util/grub-set-bootflag.c | 160 +++++++++++++++++++++++++++++++++++++++++ - conf/Makefile.extra-dist | 3 + - docs/grub-boot-success.service | 6 ++ - docs/grub-boot-success.timer | 7 ++ - util/grub-set-bootflag.1 | 20 ++++++ - 6 files changed, 203 insertions(+) - create mode 100644 util/grub-set-bootflag.c - create mode 100644 docs/grub-boot-success.service - create mode 100644 docs/grub-boot-success.timer - create mode 100644 util/grub-set-bootflag.1 - -diff --git a/Makefile.util.def b/Makefile.util.def -index 314e6f2acf8..0b85a7fce4a 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1446,3 +1446,10 @@ program = { - ldadd = grub-core/lib/gnulib/libgnu.a; - ldadd = '$(LIBINTL) $(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; - }; -+ -+program = { -+ name = grub-set-bootflag; -+ installdir = sbin; -+ mansection = 1; -+ common = util/grub-set-bootflag.c; -+}; -diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c -new file mode 100644 -index 00000000000..bb198f02351 ---- /dev/null -+++ b/util/grub-set-bootflag.c -@@ -0,0 +1,160 @@ -+/* grub-set-bootflag.c - tool to set boot-flags in the grubenv. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2018 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+/* -+ * NOTE this gets run by users as root (through pkexec), so this does not -+ * use any grub library / util functions to allow for easy auditing. -+ * The grub headers are only included to get certain defines. -+ */ -+ -+#include /* For *_DIR_NAME defines */ -+#include -+#include /* For GRUB_ENVBLK_DEFCFG define */ -+#include -+#include -+#include -+#include -+ -+#define GRUBENV "/" GRUB_BOOT_DIR_NAME "/" GRUB_DIR_NAME "/" GRUB_ENVBLK_DEFCFG -+#define GRUBENV_SIZE 1024 -+ -+const char *bootflags[] = { -+ "boot_success", -+ "menu_show_once", -+ NULL -+}; -+ -+static void usage(void) -+{ -+ int i; -+ -+ fprintf (stderr, "Usage: 'grub-set-bootflag ', where is one of:\n"); -+ for (i = 0; bootflags[i]; i++) -+ fprintf (stderr, " %s\n", bootflags[i]); -+} -+ -+int main(int argc, char *argv[]) -+{ -+ /* NOTE buf must be at least the longest bootflag length + 4 bytes */ -+ char env[GRUBENV_SIZE + 1], buf[64], *s; -+ const char *bootflag; -+ int i, len, ret; -+ FILE *f; -+ -+ if (argc != 2) -+ { -+ usage(); -+ return 1; -+ } -+ -+ for (i = 0; bootflags[i]; i++) -+ if (!strcmp (argv[1], bootflags[i])) -+ break; -+ if (!bootflags[i]) -+ { -+ fprintf (stderr, "Invalid bootflag: '%s'\n", argv[1]); -+ usage(); -+ return 1; -+ } -+ -+ bootflag = bootflags[i]; -+ len = strlen (bootflag); -+ -+ f = fopen (GRUBENV, "r"); -+ if (!f) -+ { -+ perror ("Error opening " GRUBENV " for reading"); -+ return 1; -+ } -+ -+ ret = fread (env, 1, GRUBENV_SIZE, f); -+ fclose (f); -+ if (ret != GRUBENV_SIZE) -+ { -+ errno = EINVAL; -+ perror ("Error reading from " GRUBENV); -+ return 1; -+ } -+ -+ /* 0 terminate env */ -+ env[GRUBENV_SIZE] = 0; -+ -+ if (strncmp (env, GRUB_ENVBLK_SIGNATURE, strlen (GRUB_ENVBLK_SIGNATURE))) -+ { -+ fprintf (stderr, "Error invalid environment block\n"); -+ return 1; -+ } -+ -+ /* Find a pre-existing definition of the bootflag */ -+ s = strstr (env, bootflag); -+ while (s && s[len] != '=') -+ s = strstr (s + len, bootflag); -+ -+ if (s && ((s[len + 1] != '0' && s[len + 1] != '1') || s[len + 2] != '\n')) -+ { -+ fprintf (stderr, "Pre-existing bootflag '%s' has unexpected value\n", bootflag); -+ return 1; -+ } -+ -+ /* No pre-existing bootflag? -> find free space */ -+ if (!s) -+ { -+ for (i = 0; i < (len + 3); i++) -+ buf[i] = '#'; -+ buf[i] = 0; -+ s = strstr (env, buf); -+ } -+ -+ if (!s) -+ { -+ fprintf (stderr, "No space in grubenv to store bootflag '%s'\n", bootflag); -+ return 1; -+ } -+ -+ /* The grubenv is not 0 terminated, so memcpy the name + '=' , '1', '\n' */ -+ snprintf(buf, sizeof(buf), "%s=1\n", bootflag); -+ memcpy(s, buf, len + 3); -+ -+ /* "r+", don't truncate so that the diskspace stays reserved */ -+ f = fopen (GRUBENV, "r+"); -+ if (!f) -+ { -+ perror ("Error opening " GRUBENV " for writing"); -+ return 1; -+ } -+ -+ ret = fwrite (env, 1, GRUBENV_SIZE, f); -+ if (ret != GRUBENV_SIZE) -+ { -+ perror ("Error writing to " GRUBENV); -+ return 1; -+ } -+ -+ ret = fflush (f); -+ if (ret) -+ { -+ perror ("Error flushing " GRUBENV); -+ return 1; -+ } -+ -+ fsync (fileno (f)); -+ fclose (f); -+ -+ return 0; -+} -diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist -index b909f2c073a..ea58362b555 100644 ---- a/conf/Makefile.extra-dist -+++ b/conf/Makefile.extra-dist -@@ -14,6 +14,9 @@ EXTRA_DIST += util/import_unicode.py - EXTRA_DIST += docs/autoiso.cfg - EXTRA_DIST += docs/grub.cfg - EXTRA_DIST += docs/osdetect.cfg -+EXTRA_DIST += docs/org.gnu.grub.policy -+EXTRA_DIST += docs/grub-boot-success.service -+EXTRA_DIST += docs/grub-boot-success.timer - - EXTRA_DIST += conf/i386-cygwin-img-ld.sc - -diff --git a/docs/grub-boot-success.service b/docs/grub-boot-success.service -new file mode 100644 -index 00000000000..80e79584c91 ---- /dev/null -+++ b/docs/grub-boot-success.service -@@ -0,0 +1,6 @@ -+[Unit] -+Description=Mark boot as successful -+ -+[Service] -+Type=oneshot -+ExecStart=/usr/sbin/grub2-set-bootflag boot_success -diff --git a/docs/grub-boot-success.timer b/docs/grub-boot-success.timer -new file mode 100644 -index 00000000000..406f1720056 ---- /dev/null -+++ b/docs/grub-boot-success.timer -@@ -0,0 +1,7 @@ -+[Unit] -+Description=Mark boot as successful after the user session has run 2 minutes -+ConditionUser=!@system -+ConditionVirtualization=!container -+ -+[Timer] -+OnActiveSec=2min -diff --git a/util/grub-set-bootflag.1 b/util/grub-set-bootflag.1 -new file mode 100644 -index 00000000000..57801da22a0 ---- /dev/null -+++ b/util/grub-set-bootflag.1 -@@ -0,0 +1,20 @@ -+.TH GRUB-SET-BOOTFLAG 1 "Tue Jun 12 2018" -+.SH NAME -+\fBgrub-set-bootflag\fR \(em Set a bootflag in the GRUB environment block. -+ -+.SH SYNOPSIS -+\fBgrub-set-bootflag\fR <\fIBOOTFLAG\fR> -+ -+.SH DESCRIPTION -+\fBgrub-set-bootflag\fR is a command line to set bootflags in GRUB's -+stored environment. -+ -+.SH COMMANDS -+.TP -+\fBBOOTFLAG\fR -+.RS 7 -+Bootflag to set, one of \fIboot_success\fR or \fIshow_menu_once\fR. -+.RE -+ -+.SH SEE ALSO -+.BR "info grub" diff --git a/0087-docs-Add-grub-boot-indeterminate.service-example.patch b/0087-docs-Add-grub-boot-indeterminate.service-example.patch deleted file mode 100644 index 44f6ad3984b8dd0c9ab108d395e1a68934a831a2..0000000000000000000000000000000000000000 --- a/0087-docs-Add-grub-boot-indeterminate.service-example.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Tue, 19 Jun 2018 15:20:54 +0200 -Subject: [PATCH] docs: Add grub-boot-indeterminate.service example - -This is an example service file, for use from -/lib/systemd/system/system-update.target.wants -to increment the boot_indeterminate variable when -doing offline updates. - -Signed-off-by: Hans de Goede ---- - docs/grub-boot-indeterminate.service | 11 +++++++++++ - 1 file changed, 11 insertions(+) - create mode 100644 docs/grub-boot-indeterminate.service - -diff --git a/docs/grub-boot-indeterminate.service b/docs/grub-boot-indeterminate.service -new file mode 100644 -index 00000000000..6c8dcb186b6 ---- /dev/null -+++ b/docs/grub-boot-indeterminate.service -@@ -0,0 +1,11 @@ -+[Unit] -+Description=Mark boot as indeterminate -+DefaultDependencies=false -+Requires=sysinit.target -+After=sysinit.target -+Wants=system-update-pre.target -+Before=system-update-pre.target -+ -+[Service] -+Type=oneshot -+ExecStart=/usr/bin/grub2-editenv - incr boot_indeterminate diff --git a/0088-gentpl-add-disable-support.patch b/0088-gentpl-add-disable-support.patch deleted file mode 100644 index 2c3c998f505c768ce1538d996323e754fc34a932..0000000000000000000000000000000000000000 --- a/0088-gentpl-add-disable-support.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 11 Jul 2018 13:43:15 -0400 -Subject: [PATCH] gentpl: add 'disable = ' support - -Signed-off-by: Peter Jones ---- - gentpl.py | 14 +++++++++++++- - 1 file changed, 13 insertions(+), 1 deletion(-) - -diff --git a/gentpl.py b/gentpl.py -index 2cba0bbbd6f..628e8bec1d7 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -592,11 +592,21 @@ def platform_conditional(platform, closure): - # }; - # - def foreach_enabled_platform(defn, closure): -+ enabled = False -+ disabled = False - if 'enable' in defn: -+ enabled = True - for platform in GRUB_PLATFORMS: - if platform_tagged(defn, platform, "enable"): - platform_conditional(platform, closure) -- else: -+ -+ if 'disable' in defn: -+ disabled = True -+ for platform in GRUB_PLATFORMS: -+ if not platform_tagged(defn, platform, "disable"): -+ platform_conditional(platform, closure) -+ -+ if not enabled and not disabled: - for platform in GRUB_PLATFORMS: - platform_conditional(platform, closure) - -@@ -655,6 +665,8 @@ def first_time(defn, snippet): - def is_platform_independent(defn): - if 'enable' in defn: - return False -+ if 'disable' in defn: -+ return False - for suffix in [ "", "_nodist" ]: - template = platform_values(defn, GRUB_PLATFORMS[0], suffix) - for platform in GRUB_PLATFORMS[1:]: diff --git a/0089-gentpl-add-pc-firmware-type.patch b/0089-gentpl-add-pc-firmware-type.patch deleted file mode 100644 index 96dd2b8c623287deebd1198ec49d19395f66099f..0000000000000000000000000000000000000000 --- a/0089-gentpl-add-pc-firmware-type.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 11:04:24 +0200 -Subject: [PATCH] gentpl: add 'pc' firmware type - -Signed-off-by: Peter Jones ---- - gentpl.py | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/gentpl.py b/gentpl.py -index 628e8bec1d7..34a4eba2b42 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -51,6 +51,7 @@ GROUPS["riscv32"] = [ "riscv32_efi" ] - GROUPS["riscv64"] = [ "riscv64_efi" ] - - # Groups based on firmware -+GROUPS["pc"] = [ "i386_pc" ] - GROUPS["efi"] = [ "i386_efi", "x86_64_efi", "ia64_efi", "arm_efi", "arm64_efi", - "riscv32_efi", "riscv64_efi" ] - GROUPS["ieee1275"] = [ "i386_ieee1275", "sparc64_ieee1275", "powerpc_ieee1275" ] diff --git a/0090-efinet-also-use-the-firmware-acceleration-for-http.patch b/0090-efinet-also-use-the-firmware-acceleration-for-http.patch deleted file mode 100644 index 915b5aa161164b5725011f539c6b1bd942ca79ad..0000000000000000000000000000000000000000 --- a/0090-efinet-also-use-the-firmware-acceleration-for-http.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 30 Jul 2018 14:06:42 -0400 -Subject: [PATCH] efinet: also use the firmware acceleration for http - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/net.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index 4bb308026ce..6603cd83edc 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -1324,7 +1324,9 @@ grub_efi_net_boot_from_https (void) - && (subtype == GRUB_EFI_URI_DEVICE_PATH_SUBTYPE)) - { - grub_efi_uri_device_path_t *uri_dp = (grub_efi_uri_device_path_t *) dp; -- return (grub_strncmp ((const char*)uri_dp->uri, "https://", sizeof ("https://") - 1) == 0) ? 1 : 0; -+ grub_dprintf ("efinet", "url:%s\n", (const char *)uri_dp->uri); -+ return (grub_strncmp ((const char *)uri_dp->uri, "https://", sizeof ("https://") - 1) == 0 || -+ grub_strncmp ((const char *)uri_dp->uri, "http://", sizeof ("http://") - 1) == 0); - } - - if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp)) diff --git a/0091-efi-http-Make-root_url-reflect-the-protocol-hostname.patch b/0091-efi-http-Make-root_url-reflect-the-protocol-hostname.patch deleted file mode 100644 index 985a037828bde8390cc4d84d0b395a133fcc0338..0000000000000000000000000000000000000000 --- a/0091-efi-http-Make-root_url-reflect-the-protocol-hostname.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 30 Jul 2018 16:39:57 -0400 -Subject: [PATCH] efi/http: Make root_url reflect the protocol+hostname of our - boot url. - -This lets you write config files that don't know urls. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/http.c | 19 +++++++++++++++++++ - 1 file changed, 19 insertions(+) - -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index 3f61fd2fa5b..243acbaa35b 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -4,6 +4,7 @@ - #include - #include - #include -+#include - - static void - http_configure (struct grub_efi_net_device *dev, int prefer_ip6) -@@ -351,6 +352,24 @@ grub_efihttp_open (struct grub_efi_net_device *dev, - grub_err_t err; - grub_off_t size; - char *buf; -+ char *root_url; -+ grub_efi_ipv6_address_t address; -+ const char *rest; -+ -+ if (grub_efi_string_to_ip6_address (file->device->net->server, &address, &rest) && *rest == 0) -+ root_url = grub_xasprintf ("%s://[%s]", type ? "https" : "http", file->device->net->server); -+ else -+ root_url = grub_xasprintf ("%s://%s", type ? "https" : "http", file->device->net->server); -+ if (root_url) -+ { -+ grub_env_unset ("root_url"); -+ grub_env_set ("root_url", root_url); -+ grub_free (root_url); -+ } -+ else -+ { -+ return grub_errno; -+ } - - err = efihttp_request (dev->http, file->device->net->server, file->device->net->name, type, 1, 0); - if (err != GRUB_ERR_NONE) diff --git a/0092-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch b/0092-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch deleted file mode 100644 index ee2216e514ec1d9db12487219790a04bf0f06ca8..0000000000000000000000000000000000000000 --- a/0092-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch +++ /dev/null @@ -1,149 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 26 Jun 2018 17:16:06 -0400 -Subject: [PATCH] Make it so we can tell configure which cflags utils are built - with - -This lets us have kernel.img be built with TARGET_CFLAGS but grub-mkimage and -friends built with HOST_CFLAGS. That in turn lets us build with an ARM compiler -that only has hard-float ABI versions of crt*.o and libgcc*, but still use soft -float for grub.efi. - -Signed-off-by: Peter Jones ---- - configure.ac | 49 ++++++++++++++++++++++++++++++++++++++++++++++++- - conf/Makefile.common | 23 ++++++++++++----------- - gentpl.py | 8 ++++---- - 3 files changed, 64 insertions(+), 16 deletions(-) - -diff --git a/configure.ac b/configure.ac -index b50fb2e9897..b27573b3de5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -877,11 +877,23 @@ if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$p - TARGET_CFLAGS="$TARGET_CFLAGS -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-3dnow" - fi - -+# Should grub utils get the host CFLAGS, or the target CFLAGS? -+AC_ARG_WITH([utils], -+ AS_HELP_STRING([--with-utils=host|target|build], -+ [choose which flags to build utilities with. (default=target)]), -+ [have_with_utils=y], -+ [have_with_utils=n]) -+if test x"$have_with_utils" = xy ; then -+ with_utils="$withval" -+else -+ with_utils=target -+fi -+ - # GRUB doesn't use float or doubles at all. Yet some toolchains may decide - # that floats are a good fit to run instead of what's written in the code. - # Given that floating point unit is disabled (if present to begin with) - # when GRUB is running which may result in various hard crashes. --if test x"$platform" != xemu ; then -+if test x"$platform" != xemu -a x"$with_utils" == xtarget ; then - AC_CACHE_CHECK([for options to get soft-float], grub_cv_target_cc_soft_float, [ - grub_cv_target_cc_soft_float=no - if test "x$target_cpu" = xarm64; then -@@ -2011,6 +2023,41 @@ HOST_CPPFLAGS="$HOST_CPPFLAGS -I\$(top_builddir)/include" - TARGET_CPPFLAGS="$TARGET_CPPFLAGS -I\$(top_srcdir)/include" - TARGET_CPPFLAGS="$TARGET_CPPFLAGS -I\$(top_builddir)/include" - -+case "$with_utils" in -+ host) -+ UTILS_CFLAGS=$HOST_CFLAGS -+ UTILS_CPPFLAGS=$HOST_CPPFLAGS -+ UTILS_CCASFLAGS=$HOST_CCASFLAGS -+ UTILS_LDFLAGS=$HOST_LDFLAGS -+ ;; -+ target) -+ UTILS_CFLAGS=$TARGET_CFLAGS -+ UTILS_CPPFLAGS=$TARGET_CPPFLAGS -+ UTILS_CCASFLAGS=$TARGET_CCASFLAGS -+ UTILS_LDFLAGS=$TARGET_LDFLAGS -+ ;; -+ build) -+ UTILS_CFLAGS=$BUILD_CFLAGS -+ UTILS_CPPFLAGS=$BUILD_CPPFLAGS -+ UTILS_CCASFLAGS=$BUILD_CCASFLAGS -+ UTILS_LDFLAGS=$BUILD_LDFLAGS -+ ;; -+ *) -+ AC_MSG_ERROR([--with-utils must be either host, target, or build]) -+ ;; -+esac -+AC_MSG_NOTICE([Using $with_utils flags for utilities.]) -+ -+unset CFLAGS -+unset CPPFLAGS -+unset CCASFLAGS -+unset LDFLAGS -+ -+AC_SUBST(UTILS_CFLAGS) -+AC_SUBST(UTILS_CPPFLAGS) -+AC_SUBST(UTILS_CCASFLAGS) -+AC_SUBST(UTILS_LDFLAGS) -+ - GRUB_TARGET_CPU="${target_cpu}" - GRUB_PLATFORM="${platform}" - -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 5f0ef969857..2ff9b39357c 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -40,24 +40,25 @@ CPPFLAGS_KERNEL = $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) -DGRUB_KERNEL=1 - CCASFLAGS_KERNEL = $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) - STRIPFLAGS_KERNEL = -R .eh_frame -R .rel.dyn -R .reginfo -R .note -R .comment -R .drectve -R .note.gnu.gold-version -R .MIPS.abiflags -R .ARM.exidx -R .note.gnu.property -R .gnu.build.attributes - --CFLAGS_MODULE = $(CFLAGS_PLATFORM) -ffreestanding --LDFLAGS_MODULE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d --CPPFLAGS_MODULE = $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) --CCASFLAGS_MODULE = $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) -+CFLAGS_MODULE = $(TARGET_CFLAGS) $(CFLAGS_PLATFORM) -ffreestanding -+LDFLAGS_MODULE = $(TARGET_LDFLAGS) $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-r,-d -+CPPFLAGS_MODULE = $(TARGET_CPPFLAGS) $(CPPFLAGS_DEFAULT) $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) -+CCASFLAGS_MODULE = $(TARGET_CCASFLAGS) $(CCASFLAGS_DEFAULT) $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) - - CFLAGS_IMAGE = $(CFLAGS_PLATFORM) -fno-builtin - LDFLAGS_IMAGE = $(LDFLAGS_PLATFORM) -nostdlib $(TARGET_LDFLAGS_OLDMAGIC) -Wl,-S - CPPFLAGS_IMAGE = $(CPPFLAGS_CPU) $(CPPFLAGS_PLATFORM) - CCASFLAGS_IMAGE = $(CCASFLAGS_CPU) $(CCASFLAGS_PLATFORM) - --CFLAGS_PROGRAM = --LDFLAGS_PROGRAM = --CPPFLAGS_PROGRAM = --CCASFLAGS_PROGRAM = -+CFLAGS_PROGRAM = $(UTILS_CFLAGS) -+LDFLAGS_PROGRAM = $(UTILS_LDFLAGS) -+CPPFLAGS_PROGRAM = $(UTILS_CPPFLAGS) -+CCASFLAGS_PROGRAM = $(UTILS_CCASFLAGS) - --CFLAGS_LIBRARY = --CPPFLAGS_LIBRARY = --CCASFLAGS_LIBRARY = -+CFLAGS_LIBRARY = $(UTILS_CFLAGS) -+LDFLAGS_LIBRARY = $(UTILS_LDFLAGS) -+CPPFLAGS_LIBRARY = $(UTILS_CPPFLAGS) -+CCASFLAGS_LIBRARY = $(UTILS_CCASFLAGS) - - # Other variables - -diff --git a/gentpl.py b/gentpl.py -index 34a4eba2b42..59f62ef9522 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -697,10 +697,10 @@ def module(defn, platform): - var_set(cname(defn) + "_SOURCES", platform_sources(defn, platform) + " ## platform sources") - var_set("nodist_" + cname(defn) + "_SOURCES", platform_nodist_sources(defn, platform) + " ## platform nodist sources") - var_set(cname(defn) + "_LDADD", platform_ldadd(defn, platform)) -- var_set(cname(defn) + "_CFLAGS", "$(AM_CFLAGS) $(CFLAGS_MODULE) " + platform_cflags(defn, platform)) -- var_set(cname(defn) + "_LDFLAGS", "$(AM_LDFLAGS) $(LDFLAGS_MODULE) " + platform_ldflags(defn, platform)) -- var_set(cname(defn) + "_CPPFLAGS", "$(AM_CPPFLAGS) $(CPPFLAGS_MODULE) " + platform_cppflags(defn, platform)) -- var_set(cname(defn) + "_CCASFLAGS", "$(AM_CCASFLAGS) $(CCASFLAGS_MODULE) " + platform_ccasflags(defn, platform)) -+ var_set(cname(defn) + "_CFLAGS", "$(CFLAGS_MODULE) " + platform_cflags(defn, platform)) -+ var_set(cname(defn) + "_LDFLAGS", "$(LDFLAGS_MODULE) " + platform_ldflags(defn, platform)) -+ var_set(cname(defn) + "_CPPFLAGS", "$(CPPFLAGS_MODULE) " + platform_cppflags(defn, platform)) -+ var_set(cname(defn) + "_CCASFLAGS", "$(CCASFLAGS_MODULE) " + platform_ccasflags(defn, platform)) - var_set(cname(defn) + "_DEPENDENCIES", "$(TARGET_OBJ2ELF) " + platform_dependencies(defn, platform)) - - gvar_add("dist_noinst_DATA", extra_dist(defn)) diff --git a/0093-module-verifier-make-it-possible-to-run-checkers-on-.patch b/0093-module-verifier-make-it-possible-to-run-checkers-on-.patch deleted file mode 100644 index e31b38f6c86e7b8b693b9beaefa31c7d9080a08a..0000000000000000000000000000000000000000 --- a/0093-module-verifier-make-it-possible-to-run-checkers-on-.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 1 Aug 2018 10:24:52 -0400 -Subject: [PATCH] module-verifier: make it possible to run checkers on - grub-module-verifierxx.c - -This makes it so you can treat grub-module-verifierxx.c as a file you can -build directly, so syntax checkers like vim's "syntastic" plugin, which uses -"gcc -x c -fsyntax-only" to build it, will work. - -One still has to do whatever setup is required to make it pick the right -include dirs, which -W options we use, etc., but this makes it so you can do -the checking on the file you're editing, rather than on a different file. - -v2: fix the typo in the #else clause in util/grub-module-verifierXX.c - -Signed-off-by: Peter Jones ---- - util/grub-module-verifier32.c | 2 ++ - util/grub-module-verifier64.c | 2 ++ - util/grub-module-verifierXX.c | 9 +++++++++ - 3 files changed, 13 insertions(+) - -diff --git a/util/grub-module-verifier32.c b/util/grub-module-verifier32.c -index 257229f8f08..ba7d41aafea 100644 ---- a/util/grub-module-verifier32.c -+++ b/util/grub-module-verifier32.c -@@ -1,2 +1,4 @@ - #define MODULEVERIFIER_ELF32 1 -+#ifndef GRUB_MODULE_VERIFIERXX - #include "grub-module-verifierXX.c" -+#endif -diff --git a/util/grub-module-verifier64.c b/util/grub-module-verifier64.c -index 4db6b4bedd1..fc23ef800b3 100644 ---- a/util/grub-module-verifier64.c -+++ b/util/grub-module-verifier64.c -@@ -1,2 +1,4 @@ - #define MODULEVERIFIER_ELF64 1 -+#ifndef GRUB_MODULE_VERIFIERXX - #include "grub-module-verifierXX.c" -+#endif -diff --git a/util/grub-module-verifierXX.c b/util/grub-module-verifierXX.c -index ceb24309aec..a98e2f9b1ac 100644 ---- a/util/grub-module-verifierXX.c -+++ b/util/grub-module-verifierXX.c -@@ -1,3 +1,12 @@ -+#define GRUB_MODULE_VERIFIERXX -+#if !defined(MODULEVERIFIER_ELF32) && !defined(MODULEVERIFIER_ELF64) -+#if __SIZEOF_POINTER__ == 8 -+#include "grub-module-verifier64.c" -+#else -+#include "grub-module-verifier32.c" -+#endif -+#endif -+ - #include - - #include diff --git a/0094-Rework-how-the-fdt-command-builds.patch b/0094-Rework-how-the-fdt-command-builds.patch deleted file mode 100644 index e233067a3eaab09e616270c71a73d812a4c16c86..0000000000000000000000000000000000000000 --- a/0094-Rework-how-the-fdt-command-builds.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 13:01:41 +0200 -Subject: [PATCH] Rework how the fdt command builds. - -Trying to avoid all variants of: -cat syminfo.lst | sort | gawk -f ../../grub-core/genmoddep.awk > moddep.lst || (rm -f moddep.lst; exit 1) -grub_fdt_install in linux is not defined -grub_fdt_load in linux is not defined -grub_fdt_unload in linux is not defined -grub_fdt_install in xen_boot is not defined -grub_fdt_load in xen_boot is not defined -grub_fdt_unload in xen_boot is not defined - -Signed-off-by: Peter Jones -[javierm: Fix build with platform emu, aarch64, and risc-v] -Signed-off-by: Javier Martinez Canillas -Signed-off-by: Robbie Harwood ---- - grub-core/Makefile.core.def | 5 ++--- - grub-core/lib/fdt.c | 2 -- - grub-core/loader/efi/fdt.c | 2 ++ - include/grub/fdt.h | 6 ++++++ - grub-core/Makefile.am | 1 + - 5 files changed, 11 insertions(+), 5 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index c40170f2dd2..84a3d89de9a 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -177,7 +177,6 @@ kernel = { - arm_coreboot = kern/arm/coreboot/init.c; - arm_coreboot = kern/arm/coreboot/timer.c; - arm_coreboot = kern/arm/coreboot/coreboot.S; -- arm_coreboot = lib/fdt.c; - arm_coreboot = bus/fdt.c; - arm_coreboot = term/ps2.c; - arm_coreboot = term/arm/pl050.c; -@@ -351,6 +350,8 @@ kernel = { - riscv64 = kern/riscv/cache_flush.S; - riscv64 = kern/riscv/dl.c; - -+ fdt = lib/fdt.c; -+ - emu = disk/host.c; - emu = kern/emu/cache_s.S; - emu = kern/emu/hostdisk.c; -@@ -1825,7 +1826,6 @@ module = { - riscv32 = loader/riscv/linux.c; - riscv64 = loader/riscv/linux.c; - emu = loader/emu/linux.c; -- fdt = lib/fdt.c; - - common = loader/linux.c; - common = lib/cmdline.c; -@@ -1836,7 +1836,6 @@ module = { - module = { - name = fdt; - efi = loader/efi/fdt.c; -- common = lib/fdt.c; - enable = fdt; - }; - -diff --git a/grub-core/lib/fdt.c b/grub-core/lib/fdt.c -index 0d371c5633e..37e04bd69e7 100644 ---- a/grub-core/lib/fdt.c -+++ b/grub-core/lib/fdt.c -@@ -21,8 +21,6 @@ - #include - #include - --GRUB_MOD_LICENSE ("GPLv3+"); -- - #define FDT_SUPPORTED_VERSION 17 - - #define FDT_BEGIN_NODE 0x00000001 -diff --git a/grub-core/loader/efi/fdt.c b/grub-core/loader/efi/fdt.c -index c86f283d756..c572415d38a 100644 ---- a/grub-core/loader/efi/fdt.c -+++ b/grub-core/loader/efi/fdt.c -@@ -27,6 +27,8 @@ - #include - #include - -+GRUB_MOD_LICENSE ("GPLv3+"); -+ - static void *loaded_fdt; - static void *fdt; - -diff --git a/include/grub/fdt.h b/include/grub/fdt.h -index e609c7e4111..3514aa4a5b6 100644 ---- a/include/grub/fdt.h -+++ b/include/grub/fdt.h -@@ -19,6 +19,9 @@ - #ifndef GRUB_FDT_HEADER - #define GRUB_FDT_HEADER 1 - -+#if !defined(GRUB_MACHINE_EMU) && \ -+ (defined(__arm__) || defined(__aarch64__) || defined(__riscv)) -+ - #include - #include - -@@ -144,4 +147,7 @@ int EXPORT_FUNC(grub_fdt_set_prop) (void *fdt, unsigned int nodeoffset, const ch - grub_fdt_set_prop ((fdt), (nodeoffset), "reg", reg_64, 16); \ - }) - -+#endif /* !defined(GRUB_MACHINE_EMU) && \ -+ (defined(__arm__) || defined(__aarch64__) || defined(__riscv)) */ -+ - #endif /* ! GRUB_FDT_HEADER */ -diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am -index f512573c0da..dd49939aaa9 100644 ---- a/grub-core/Makefile.am -+++ b/grub-core/Makefile.am -@@ -76,6 +76,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/efi/sb.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/env.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/env_private.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/err.h -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/fdt.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/file.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/fs.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/i18n.h diff --git a/0095-Disable-non-wordsize-allocations-on-arm.patch b/0095-Disable-non-wordsize-allocations-on-arm.patch deleted file mode 100644 index e28041a1a38cc308d3533b787691e43746acdba2..0000000000000000000000000000000000000000 --- a/0095-Disable-non-wordsize-allocations-on-arm.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 2 Aug 2018 10:56:38 -0400 -Subject: [PATCH] Disable non-wordsize allocations on arm - -Signed-off-by: Peter Jones ---- - configure.ac | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/configure.ac b/configure.ac -index b27573b3de5..bb4e05ceef3 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1288,6 +1288,26 @@ if test "x$target_cpu" = xarm; then - done - ]) - -+ AC_CACHE_CHECK([for options to disable movt and movw relocations], -+ grub_cv_target_cc_mword_relocations, -+ [grub_cv_target_cc_mword_relocations=no -+ for cand in "-mword-relocations" ; do -+ if test x"$grub_cv_target_cc_mword_relocations" != xno ; then -+ break -+ fi -+ CFLAGS="$TARGET_CFLAGS $cand -Werror" -+ CPPFLAGS="$TARGET_CPPFLAGS" -+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])], -+ [grub_cv_target_cc_mword_relocations="$cand"], -+ []) -+ done -+ ]) -+ if test x"$grub_cv_target_cc_mword_relocations" = xno ; then -+ AC_MSG_ERROR(["your compiler doesn't support disabling movw/movt relocations"]) -+ else -+ TARGET_CFLAGS="$TARGET_CFLAGS $grub_cv_target_cc_mword_relocations" -+ fi -+ - if test x"$grub_cv_target_cc_mno_movt" != xno ; then - # A trick so that clang doesn't see it on link stage - TARGET_CPPFLAGS="$TARGET_CPPFLAGS $grub_cv_target_cc_mno_movt" diff --git a/0096-Prepend-prefix-when-HTTP-path-is-relative.patch b/0096-Prepend-prefix-when-HTTP-path-is-relative.patch deleted file mode 100644 index d3e599d1a691e995b007c21e03eea4205037d11e..0000000000000000000000000000000000000000 --- a/0096-Prepend-prefix-when-HTTP-path-is-relative.patch +++ /dev/null @@ -1,152 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Stephen Benjamin -Date: Thu, 16 Aug 2018 16:58:51 -0400 -Subject: [PATCH] Prepend prefix when HTTP path is relative - -This sets a couple of variables. With the url http://www.example.com/foo/bar : -http_path: /foo/bar -http_url: http://www.example.com/foo/bar - -Signed-off-by: Peter Jones -Signed-off-by: Stephen Benjamin -Signed-off-by: Robbie Harwood ---- - grub-core/kern/main.c | 10 +++++- - grub-core/net/efi/http.c | 82 ++++++++++++++++++++++++++++++++++++------------ - 2 files changed, 71 insertions(+), 21 deletions(-) - -diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c -index d1de9fa6873..1c540fc8c26 100644 ---- a/grub-core/kern/main.c -+++ b/grub-core/kern/main.c -@@ -131,11 +131,19 @@ grub_set_prefix_and_root (void) - if (fwdevice && fwpath) - { - char *fw_path; -+ char separator[3] = ")"; - -- fw_path = grub_xasprintf ("(%s)/%s", fwdevice, fwpath); -+ grub_dprintf ("fw_path", "\n"); -+ grub_dprintf ("fw_path", "fwdevice:\"%s\" fwpath:\"%s\"\n", fwdevice, fwpath); -+ -+ if (!grub_strncmp(fwdevice, "http", 4) && fwpath[0] != '/') -+ grub_strcpy(separator, ")/"); -+ -+ fw_path = grub_xasprintf ("(%s%s%s", fwdevice, separator, fwpath); - if (fw_path) - { - grub_env_set ("fw_path", fw_path); -+ grub_dprintf ("fw_path", "fw_path:\"%s\"\n", fw_path); - grub_free (fw_path); - } - } -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index 243acbaa35b..de351b2cd03 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -9,10 +9,52 @@ - static void - http_configure (struct grub_efi_net_device *dev, int prefer_ip6) - { -+ grub_efi_ipv6_address_t address; - grub_efi_http_config_data_t http_config; - grub_efi_httpv4_access_point_t httpv4_node; - grub_efi_httpv6_access_point_t httpv6_node; - grub_efi_status_t status; -+ int https; -+ char *http_url; -+ const char *rest, *http_server, *http_path = NULL; -+ -+ http_server = grub_env_get ("root"); -+ https = (grub_strncmp (http_server, "https", 5) == 0) ? 1 : 0; -+ -+ /* extract http server + port */ -+ if (http_server) -+ { -+ http_server = grub_strchr (http_server, ','); -+ if (http_server) -+ http_server++; -+ } -+ -+ /* fw_path is like (http,192.168.1.1:8000)/httpboot, extract path part */ -+ http_path = grub_env_get ("fw_path"); -+ if (http_path) -+ { -+ http_path = grub_strchr (http_path, ')'); -+ if (http_path) -+ { -+ http_path++; -+ grub_env_unset ("http_path"); -+ grub_env_set ("http_path", http_path); -+ } -+ } -+ -+ if (http_server && http_path) -+ { -+ if (grub_efi_string_to_ip6_address (http_server, &address, &rest) && *rest == 0) -+ http_url = grub_xasprintf ("%s://[%s]%s", https ? "https" : "http", http_server, http_path); -+ else -+ http_url = grub_xasprintf ("%s://%s%s", https ? "https" : "http", http_server, http_path); -+ if (http_url) -+ { -+ grub_env_unset ("http_url"); -+ grub_env_set ("http_url", http_url); -+ grub_free (http_url); -+ } -+ } - - grub_efi_http_t *http = dev->http; - -@@ -352,32 +394,32 @@ grub_efihttp_open (struct grub_efi_net_device *dev, - grub_err_t err; - grub_off_t size; - char *buf; -- char *root_url; -- grub_efi_ipv6_address_t address; -- const char *rest; -+ char *file_name = NULL; -+ const char *http_path; - -- if (grub_efi_string_to_ip6_address (file->device->net->server, &address, &rest) && *rest == 0) -- root_url = grub_xasprintf ("%s://[%s]", type ? "https" : "http", file->device->net->server); -- else -- root_url = grub_xasprintf ("%s://%s", type ? "https" : "http", file->device->net->server); -- if (root_url) -- { -- grub_env_unset ("root_url"); -- grub_env_set ("root_url", root_url); -- grub_free (root_url); -- } -- else -- { -+ /* If path is relative, prepend http_path */ -+ http_path = grub_env_get ("http_path"); -+ if (http_path && file->device->net->name[0] != '/') { -+ file_name = grub_xasprintf ("%s/%s", http_path, file->device->net->name); -+ if (!file_name) - return grub_errno; -- } -+ } - -- err = efihttp_request (dev->http, file->device->net->server, file->device->net->name, type, 1, 0); -+ err = efihttp_request (dev->http, file->device->net->server, -+ file_name ? file_name : file->device->net->name, type, 1, 0); - if (err != GRUB_ERR_NONE) -- return err; -+ { -+ grub_free (file_name); -+ return err; -+ } - -- err = efihttp_request (dev->http, file->device->net->server, file->device->net->name, type, 0, &size); -+ err = efihttp_request (dev->http, file->device->net->server, -+ file_name ? file_name : file->device->net->name, type, 0, &size); -+ grub_free (file_name); - if (err != GRUB_ERR_NONE) -- return err; -+ { -+ return err; -+ } - - buf = grub_malloc (size); - efihttp_read (dev, buf, size); diff --git a/0097-Make-grub_error-more-verbose.patch b/0097-Make-grub_error-more-verbose.patch deleted file mode 100644 index 2492e9f689c7c4c1dff34193317668148eba9d79..0000000000000000000000000000000000000000 --- a/0097-Make-grub_error-more-verbose.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 27 Aug 2018 13:14:06 -0400 -Subject: [PATCH] Make grub_error() more verbose - -Signed-off-by: Peter Jones ---- - grub-core/kern/err.c | 13 +++++++++++-- - include/grub/err.h | 8 ++++++-- - 2 files changed, 17 insertions(+), 4 deletions(-) - -diff --git a/grub-core/kern/err.c b/grub-core/kern/err.c -index 53c734de70e..aebfe0cf839 100644 ---- a/grub-core/kern/err.c -+++ b/grub-core/kern/err.c -@@ -33,15 +33,24 @@ static struct grub_error_saved grub_error_stack_items[GRUB_ERROR_STACK_SIZE]; - static int grub_error_stack_pos; - static int grub_error_stack_assert; - -+#ifdef grub_error -+#undef grub_error -+#endif -+ - grub_err_t --grub_error (grub_err_t n, const char *fmt, ...) -+grub_error (grub_err_t n, const char *file, const int line, const char *fmt, ...) - { - va_list ap; -+ int m; - - grub_errno = n; - -+ m = grub_snprintf (grub_errmsg, sizeof (grub_errmsg), "%s:%d:", file, line); -+ if (m < 0) -+ m = 0; -+ - va_start (ap, fmt); -- grub_vsnprintf (grub_errmsg, sizeof (grub_errmsg), _(fmt), ap); -+ grub_vsnprintf (grub_errmsg + m, sizeof (grub_errmsg) - m, _(fmt), ap); - va_end (ap); - - return n; -diff --git a/include/grub/err.h b/include/grub/err.h -index b08d5d0de4c..c0f90ef07c8 100644 ---- a/include/grub/err.h -+++ b/include/grub/err.h -@@ -85,8 +85,12 @@ struct grub_error_saved - extern grub_err_t EXPORT_VAR(grub_errno); - extern char EXPORT_VAR(grub_errmsg)[GRUB_MAX_ERRMSG]; - --grub_err_t EXPORT_FUNC(grub_error) (grub_err_t n, const char *fmt, ...) -- __attribute__ ((format (GNU_PRINTF, 2, 3))); -+grub_err_t EXPORT_FUNC(grub_error) (grub_err_t n, const char *file, const int line, const char *fmt, ...) -+ __attribute__ ((format (GNU_PRINTF, 4, 5))); -+ -+#define grub_error(n, fmt, ...) grub_error (n, __FILE__, __LINE__, fmt, ##__VA_ARGS__) -+ -+ - void EXPORT_FUNC(grub_fatal) (const char *fmt, ...) __attribute__ ((noreturn)); - void EXPORT_FUNC(grub_error_push) (void); - int EXPORT_FUNC(grub_error_pop) (void); diff --git a/0098-Make-reset-an-alias-for-the-reboot-command.patch b/0098-Make-reset-an-alias-for-the-reboot-command.patch deleted file mode 100644 index c86acf18a627bd3725b89d2a816648fa252dead9..0000000000000000000000000000000000000000 --- a/0098-Make-reset-an-alias-for-the-reboot-command.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 31 Aug 2018 16:42:03 -0400 -Subject: [PATCH] Make "reset" an alias for the "reboot" command. - -I'm really tired of half the tools I get to use having one and the other half -having the other. - -Signed-off-by: Peter Jones ---- - grub-core/commands/reboot.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/grub-core/commands/reboot.c b/grub-core/commands/reboot.c -index 46d364c99a9..f5cc2283636 100644 ---- a/grub-core/commands/reboot.c -+++ b/grub-core/commands/reboot.c -@@ -32,15 +32,18 @@ grub_cmd_reboot (grub_command_t cmd __attribute__ ((unused)), - grub_reboot (); - } - --static grub_command_t cmd; -+static grub_command_t reboot_cmd, reset_cmd; - - GRUB_MOD_INIT(reboot) - { -- cmd = grub_register_command ("reboot", grub_cmd_reboot, -- 0, N_("Reboot the computer.")); -+ reboot_cmd = grub_register_command ("reboot", grub_cmd_reboot, -+ 0, N_("Reboot the computer.")); -+ reset_cmd = grub_register_command ("reset", grub_cmd_reboot, -+ 0, N_("Reboot the computer.")); - } - - GRUB_MOD_FINI(reboot) - { -- grub_unregister_command (cmd); -+ grub_unregister_command (reboot_cmd); -+ grub_unregister_command (reset_cmd); - } diff --git a/0099-Add-a-version-command.patch b/0099-Add-a-version-command.patch deleted file mode 100644 index bf3b4b80794aefacc18b53d758c3943b605ae3bc..0000000000000000000000000000000000000000 --- a/0099-Add-a-version-command.patch +++ /dev/null @@ -1,132 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 11 Sep 2018 14:20:37 -0400 -Subject: [PATCH] Add a "version" command. - -This adds a command that shows you info about grub's version, the grub target -platform, the compiler version, and if you built with ---with-rpm-version=, the rpm package version. - -Signed-off-by: Peter Jones ---- - configure.ac | 13 ++++++++++ - grub-core/Makefile.core.def | 5 ++++ - grub-core/commands/version.c | 56 ++++++++++++++++++++++++++++++++++++++++++++ - config.h.in | 1 + - 4 files changed, 75 insertions(+) - create mode 100644 grub-core/commands/version.c - -diff --git a/configure.ac b/configure.ac -index bb4e05ceef3..59ccda24475 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -312,6 +312,19 @@ AC_SUBST(target_cpu) - AC_SUBST(platform) - - # Define default variables -+have_with_rpm_version=n -+AC_ARG_WITH([rpm_version], -+ AS_HELP_STRING([--with-rpm-version=VERSION], -+ [set the rpm package version [[guessed]]]), -+ [have_with_rpm_version=y], -+ [have_with_rpm_version=n]) -+if test x$have_with_rpm_version = xy; then -+ rpm_version="$with_rpm_version" -+else -+ rpm_version="" -+fi -+GRUB_RPM_VERSION="$rpm_version" -+AC_SUBST(GRUB_RPM_VERSION) - - have_with_bootdir=n - AC_ARG_WITH([bootdir], -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 84a3d89de9a..498ca11762a 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -579,6 +579,11 @@ image = { - enable = mips_loongson; - }; - -+module = { -+ name = version; -+ common = commands/version.c; -+}; -+ - module = { - name = disk; - common = lib/disk.c; -diff --git a/grub-core/commands/version.c b/grub-core/commands/version.c -new file mode 100644 -index 00000000000..f0966a518f7 ---- /dev/null -+++ b/grub-core/commands/version.c -@@ -0,0 +1,56 @@ -+/* version.c - Command to print the grub version and build info. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2006,2007,2008 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_err_t -+grub_cmd_version (grub_command_t cmd UNUSED, int argc, char **args UNUSED) -+{ -+ if (argc != 0) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("no arguments expected")); -+ -+ grub_printf (_("GNU GRUB version %s\n"), PACKAGE_VERSION); -+ grub_printf (_("Platform %s-%s\n"), GRUB_TARGET_CPU, GRUB_PLATFORM); -+ if (grub_strlen(GRUB_RPM_VERSION) != 0) -+ grub_printf (_("RPM package version %s\n"), GRUB_RPM_VERSION); -+ grub_printf (_("Compiler version %s\n"), __VERSION__); -+ -+ return 0; -+} -+ -+static grub_command_t cmd; -+ -+GRUB_MOD_INIT(version) -+{ -+ cmd = grub_register_command ("version", grub_cmd_version, NULL, -+ N_("Print version and build information.")); -+} -+ -+GRUB_MOD_FINI(version) -+{ -+ grub_unregister_command (cmd); -+} -diff --git a/config.h.in b/config.h.in -index 9e8f9911b18..c7e316f0f1f 100644 ---- a/config.h.in -+++ b/config.h.in -@@ -59,6 +59,7 @@ - - #define GRUB_TARGET_CPU "@GRUB_TARGET_CPU@" - #define GRUB_PLATFORM "@GRUB_PLATFORM@" -+#define GRUB_RPM_VERSION "@GRUB_RPM_VERSION@" - - #define RE_ENABLE_I18N 1 - diff --git a/0100-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch b/0100-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch deleted file mode 100644 index 9afb315163fc653edba049d5855c497803351e24..0000000000000000000000000000000000000000 --- a/0100-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 11 Sep 2018 15:58:29 -0400 -Subject: [PATCH] Add more dprintf, and nerf dprintf in script.c - -Signed-off-by: Peter Jones ---- - grub-core/disk/diskfilter.c | 3 +++ - grub-core/disk/efi/efidisk.c | 1 + - grub-core/kern/device.c | 1 + - grub-core/script/script.c | 5 +++++ - 4 files changed, 10 insertions(+) - -diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c -index 0320115662f..7cdffe3ebd5 100644 ---- a/grub-core/disk/diskfilter.c -+++ b/grub-core/disk/diskfilter.c -@@ -188,6 +188,8 @@ scan_disk (const char *name, int accept_diskfilter) - grub_disk_t disk; - static int scan_depth = 0; - -+ grub_dprintf ("diskfilter", "scanning %s\n", name); -+ - if (!accept_diskfilter && is_valid_diskfilter_name (name)) - return 0; - -@@ -1212,6 +1214,7 @@ insert_array (grub_disk_t disk, const struct grub_diskfilter_pv_id *id, - the same. */ - if (pv->disk && grub_disk_native_sectors (disk) >= pv->part_size) - return GRUB_ERR_NONE; -+ grub_dprintf ("diskfilter", "checking %s\n", disk->name); - pv->disk = grub_disk_open (disk->name); - if (!pv->disk) - return grub_errno; -diff --git a/grub-core/disk/efi/efidisk.c b/grub-core/disk/efi/efidisk.c -index f077b5f5535..fe8ba6e6c93 100644 ---- a/grub-core/disk/efi/efidisk.c -+++ b/grub-core/disk/efi/efidisk.c -@@ -855,6 +855,7 @@ grub_efidisk_get_device_name (grub_efi_handle_t *handle) - return 0; - } - -+ grub_dprintf ("efidisk", "getting disk for %s\n", device_name); - parent = grub_disk_open (device_name); - grub_free (dup_dp); - -diff --git a/grub-core/kern/device.c b/grub-core/kern/device.c -index 73b8ecc0c09..f58b58c89d5 100644 ---- a/grub-core/kern/device.c -+++ b/grub-core/kern/device.c -@@ -34,6 +34,7 @@ grub_device_open (const char *name) - { - grub_device_t dev = 0; - -+ grub_dprintf ("device", "opening device %s\n", name); - if (! name) - { - name = grub_env_get ("root"); -diff --git a/grub-core/script/script.c b/grub-core/script/script.c -index ec4d4337c66..844e8343ca7 100644 ---- a/grub-core/script/script.c -+++ b/grub-core/script/script.c -@@ -22,6 +22,11 @@ - #include - #include - -+#ifdef grub_dprintf -+#undef grub_dprintf -+#endif -+#define grub_dprintf(no, fmt, ...) -+ - /* It is not possible to deallocate the memory when a syntax error was - found. Because of that it is required to keep track of all memory - allocations. The memory is freed in case of an error, or assigned diff --git a/0101-arm-arm64-loader-Better-memory-allocation-and-error-.patch b/0101-arm-arm64-loader-Better-memory-allocation-and-error-.patch deleted file mode 100644 index 1fdc552897eee214fbb25892f9ee82c97765d3d0..0000000000000000000000000000000000000000 --- a/0101-arm-arm64-loader-Better-memory-allocation-and-error-.patch +++ /dev/null @@ -1,279 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 14:38:57 +0200 -Subject: [PATCH] arm/arm64 loader: Better memory allocation and error - messages. - -On mustang, our memory map looks like: - -Type Physical start - end #Pages Size Attributes -reserved 0000004000000000-00000040001fffff 00000200 2MiB UC WC WT WB -conv-mem 0000004000200000-0000004393ffffff 00393e00 14654MiB UC WC WT WB -ldr-code 0000004394000000-00000043f7ffffff 00064000 1600MiB UC WC WT WB -BS-data 00000043f8000000-00000043f801ffff 00000020 128KiB UC WC WT WB -conv-mem 00000043f8020000-00000043fa15bfff 0000213c 34032KiB UC WC WT WB -ldr-code 00000043fa15c000-00000043fa2a1fff 00000146 1304KiB UC WC WT WB -ldr-data 00000043fa2a2000-00000043fa3e8fff 00000147 1308KiB UC WC WT WB -conv-mem 00000043fa3e9000-00000043fa3e9fff 00000001 4KiB UC WC WT WB -ldr-data 00000043fa3ea000-00000043fa3eafff 00000001 4KiB UC WC WT WB -ldr-code 00000043fa3eb000-00000043fa4affff 000000c5 788KiB UC WC WT WB -BS-code 00000043fa4b0000-00000043fa59ffff 000000f0 960KiB UC WC WT WB -RT-code 00000043fa5a0000-00000043fa5affff 00000010 64KiB RT UC WC WT WB -RT-data 00000043fa5b0000-00000043fa5bffff 00000010 64KiB RT UC WC WT WB -RT-code 00000043fa5c0000-00000043fa5cffff 00000010 64KiB RT UC WC WT WB -ldr-data 00000043fa5d0000-00000043fa5d0fff 00000001 4KiB UC WC WT WB -BS-code 00000043fa5d1000-00000043fa5ddfff 0000000d 52KiB UC WC WT WB -reserved 00000043fa5de000-00000043fa60ffff 00000032 200KiB UC WC WT WB -ACPI-rec 00000043fa610000-00000043fa6affff 000000a0 640KiB UC WC WT WB -ACPI-nvs 00000043fa6b0000-00000043fa6bffff 00000010 64KiB UC WC WT WB -ACPI-rec 00000043fa6c0000-00000043fa70ffff 00000050 320KiB UC WC WT WB -RT-code 00000043fa710000-00000043fa72ffff 00000020 128KiB RT UC WC WT WB -RT-data 00000043fa730000-00000043fa78ffff 00000060 384KiB RT UC WC WT WB -RT-code 00000043fa790000-00000043fa79ffff 00000010 64KiB RT UC WC WT WB -RT-data 00000043fa7a0000-00000043fa99ffff 00000200 2MiB RT UC WC WT WB -RT-code 00000043fa9a0000-00000043fa9affff 00000010 64KiB RT UC WC WT WB -RT-data 00000043fa9b0000-00000043fa9cffff 00000020 128KiB RT UC WC WT WB -BS-code 00000043fa9d0000-00000043fa9d9fff 0000000a 40KiB UC WC WT WB -reserved 00000043fa9da000-00000043fa9dbfff 00000002 8KiB UC WC WT WB -conv-mem 00000043fa9dc000-00000043fc29dfff 000018c2 25352KiB UC WC WT WB -BS-data 00000043fc29e000-00000043fc78afff 000004ed 5044KiB UC WC WT WB -conv-mem 00000043fc78b000-00000043fca01fff 00000277 2524KiB UC WC WT WB -BS-data 00000043fca02000-00000043fcea3fff 000004a2 4744KiB UC WC WT WB -conv-mem 00000043fcea4000-00000043fcea4fff 00000001 4KiB UC WC WT WB -BS-data 00000043fcea5000-00000043fd192fff 000002ee 3000KiB UC WC WT WB -conv-mem 00000043fd193000-00000043fd2b0fff 0000011e 1144KiB UC WC WT WB -BS-data 00000043fd2b1000-00000043ff80ffff 0000255f 38268KiB UC WC WT WB -BS-code 00000043ff810000-00000043ff99ffff 00000190 1600KiB UC WC WT WB -RT-code 00000043ff9a0000-00000043ff9affff 00000010 64KiB RT UC WC WT WB -conv-mem 00000043ff9b0000-00000043ff9bffff 00000010 64KiB UC WC WT WB -RT-data 00000043ff9c0000-00000043ff9effff 00000030 192KiB RT UC WC WT WB -conv-mem 00000043ff9f0000-00000043ffa05fff 00000016 88KiB UC WC WT WB -BS-data 00000043ffa06000-00000043ffffffff 000005fa 6120KiB UC WC WT WB -MMIO 0000000010510000-0000000010510fff 00000001 4KiB RT -MMIO 0000000010548000-0000000010549fff 00000002 8KiB RT -MMIO 0000000017000000-0000000017001fff 00000002 8KiB RT -MMIO 000000001c025000-000000001c025fff 00000001 4KiB RT - -This patch adds a requirement when we're trying to find the base of ram, that -the memory we choose is actually /allocatable/ conventional memory, not merely -write-combining. On this machine that means we wind up with an allocation -around 0x4392XXXXXX, which is a reasonable address. - -This also changes grub_efi_allocate_pages_real() so that if 0 is allocated, it -tries to allocate again starting with the same max address it did the first -time, rather than interposing GRUB_EFI_MAX_USABLE_ADDRESS there, so that any -per-platform constraints on its given address are maintained. - -Signed-off-by: Peter Jones ---- - grub-core/kern/efi/mm.c | 33 +++++++++++++++----- - grub-core/loader/arm64/linux.c | 68 +++++++++++++++++++++++++++++++----------- - 2 files changed, 76 insertions(+), 25 deletions(-) - -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index f6aef0ef649..85ad4b4494c 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -154,6 +154,7 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, - { - grub_efi_status_t status; - grub_efi_boot_services_t *b; -+ grub_efi_physical_address_t ret = address; - - /* Limit the memory access to less than 4GB for 32-bit platforms. */ - if (address > GRUB_EFI_MAX_USABLE_ADDRESS) -@@ -170,19 +171,22 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, - } - - b = grub_efi_system_table->boot_services; -- status = efi_call_4 (b->allocate_pages, alloctype, memtype, pages, &address); -+ status = efi_call_4 (b->allocate_pages, alloctype, memtype, pages, &ret); - if (status != GRUB_EFI_SUCCESS) - { -+ grub_dprintf ("efi", -+ "allocate_pages(%d, %d, 0x%0lx, 0x%016lx) = 0x%016lx\n", -+ alloctype, memtype, pages, address, status); - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); - return NULL; - } - -- if (address == 0) -+ if (ret == 0) - { - /* Uggh, the address 0 was allocated... This is too annoying, - so reallocate another one. */ -- address = GRUB_EFI_MAX_USABLE_ADDRESS; -- status = efi_call_4 (b->allocate_pages, alloctype, memtype, pages, &address); -+ ret = address; -+ status = efi_call_4 (b->allocate_pages, alloctype, memtype, pages, &ret); - grub_efi_free_pages (0, pages); - if (status != GRUB_EFI_SUCCESS) - { -@@ -191,9 +195,9 @@ grub_efi_allocate_pages_real (grub_efi_physical_address_t address, - } - } - -- grub_efi_store_alloc (address, pages); -+ grub_efi_store_alloc (ret, pages); - -- return (void *) ((grub_addr_t) address); -+ return (void *) ((grub_addr_t) ret); - } - - void * -@@ -713,8 +717,21 @@ grub_efi_get_ram_base(grub_addr_t *base_addr) - for (desc = memory_map, *base_addr = GRUB_EFI_MAX_USABLE_ADDRESS; - (grub_addr_t) desc < ((grub_addr_t) memory_map + memory_map_size); - desc = NEXT_MEMORY_DESCRIPTOR (desc, desc_size)) -- if (desc->attribute & GRUB_EFI_MEMORY_WB) -- *base_addr = grub_min (*base_addr, desc->physical_start); -+ { -+ if (desc->type == GRUB_EFI_CONVENTIONAL_MEMORY && -+ (desc->attribute & GRUB_EFI_MEMORY_WB)) -+ { -+ *base_addr = grub_min (*base_addr, desc->physical_start); -+ grub_dprintf ("efi", "setting base_addr=0x%016lx\n", *base_addr); -+ } -+ else -+ { -+ grub_dprintf ("efi", "ignoring address 0x%016lx\n", desc->physical_start); -+ } -+ } -+ -+ if (*base_addr == GRUB_EFI_MAX_USABLE_ADDRESS) -+ grub_dprintf ("efi", "base_addr 0x%016lx is probably wrong.\n", *base_addr); - - grub_free(memory_map); - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index 04994d5c67d..70a0075ec5e 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -71,20 +71,25 @@ finalize_params_linux (void) - { - grub_efi_loaded_image_t *loaded_image = NULL; - int node, retval, len; -- -+ grub_err_t err = GRUB_ERR_NONE; - void *fdt; - - fdt = grub_fdt_load (GRUB_EFI_LINUX_FDT_EXTRA_SPACE); -- - if (!fdt) -- goto failure; -+ { -+ err = grub_error(GRUB_ERR_BAD_OS, "failed to load FDT"); -+ goto failure; -+ } - - node = grub_fdt_find_subnode (fdt, 0, "chosen"); - if (node < 0) - node = grub_fdt_add_subnode (fdt, 0, "chosen"); - - if (node < 1) -- goto failure; -+ { -+ err = grub_error(grub_errno, "failed to load chosen fdt node."); -+ goto failure; -+ } - - /* Set initrd info */ - if (initrd_start && initrd_end > initrd_start) -@@ -95,15 +100,26 @@ finalize_params_linux (void) - retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-start", - initrd_start); - if (retval) -- goto failure; -+ { -+ err = grub_error(retval, "Failed to set linux,initrd-start property"); -+ goto failure; -+ } -+ - retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-end", - initrd_end); - if (retval) -- goto failure; -+ { -+ err = grub_error(retval, "Failed to set linux,initrd-end property"); -+ goto failure; -+ } - } - -- if (grub_fdt_install() != GRUB_ERR_NONE) -- goto failure; -+ retval = grub_fdt_install(); -+ if (retval != GRUB_ERR_NONE) -+ { -+ err = grub_error(retval, "Failed to install fdt"); -+ goto failure; -+ } - - grub_dprintf ("linux", "Installed/updated FDT configuration table @ %p\n", - fdt); -@@ -111,14 +127,20 @@ finalize_params_linux (void) - /* Convert command line to UCS-2 */ - loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); - if (!loaded_image) -- goto failure; -+ { -+ err = grub_error(grub_errno, "Failed to install fdt"); -+ goto failure; -+ } - - loaded_image->load_options_size = len = - (grub_strlen (linux_args) + 1) * sizeof (grub_efi_char16_t); - loaded_image->load_options = - grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); - if (!loaded_image->load_options) -- return grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters"); -+ { -+ err = grub_error(GRUB_ERR_BAD_OS, "failed to create kernel parameters"); -+ goto failure; -+ } - - loaded_image->load_options_size = - 2 * grub_utf8_to_utf16 (loaded_image->load_options, len, -@@ -128,7 +150,7 @@ finalize_params_linux (void) - - failure: - grub_fdt_unload(); -- return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+ return err; - } - - static void -@@ -212,16 +234,28 @@ grub_linux_unload (void) - static void * - allocate_initrd_mem (int initrd_pages) - { -- grub_addr_t max_addr; -+ grub_addr_t max_addr = 0; -+ grub_err_t err; -+ void *ret; - -- if (grub_efi_get_ram_base (&max_addr) != GRUB_ERR_NONE) -- return NULL; -+ err = grub_efi_get_ram_base (&max_addr); -+ if (err != GRUB_ERR_NONE) -+ { -+ grub_error (err, "grub_efi_get_ram_base() failed"); -+ return NULL; -+ } -+ -+ grub_dprintf ("linux", "max_addr: 0x%016lx, INITRD_MAX_ADDRESS_OFFSET: 0x%016llx\n", -+ max_addr, INITRD_MAX_ADDRESS_OFFSET); - - max_addr += INITRD_MAX_ADDRESS_OFFSET - 1; -+ grub_dprintf ("linux", "calling grub_efi_allocate_pages_real (0x%016lx, 0x%08x, EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA)", max_addr, initrd_pages); - -- return grub_efi_allocate_pages_real (max_addr, initrd_pages, -- GRUB_EFI_ALLOCATE_MAX_ADDRESS, -- GRUB_EFI_LOADER_DATA); -+ ret = grub_efi_allocate_pages_real (max_addr, initrd_pages, -+ GRUB_EFI_ALLOCATE_MAX_ADDRESS, -+ GRUB_EFI_LOADER_DATA); -+ grub_dprintf ("linux", "got 0x%016llx\n", (unsigned long long)ret); -+ return ret; - } - - static grub_err_t diff --git a/0102-Try-to-pick-better-locations-for-kernel-and-initrd.patch b/0102-Try-to-pick-better-locations-for-kernel-and-initrd.patch deleted file mode 100644 index 06329b9cf31d76e1f7181ccf1462b3481ecb57b8..0000000000000000000000000000000000000000 --- a/0102-Try-to-pick-better-locations-for-kernel-and-initrd.patch +++ /dev/null @@ -1,211 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 17:17:02 +0200 -Subject: [PATCH] Try to pick better locations for kernel and initrd - -- Don't limit allocations on 64-bit platforms to < 0x[37f]fffffff if - we're using the "large" code model ; use __UINTPTR_MAX__. -- Get the comparison right to check the address we've allocated. -- Fix the allocation for the command line as well. - -*But*, when we did this some systems started failing badly; coudln't -parse partition tables, etc. What's going on here is the disk controller -is silently failing DMAs to addresses above 4GB, so we're trying to parse -uninitialized (or HW zeroed) ram when looking for the partition table, -etc. - -So to limit this, we make grub_malloc() pick addresses below 4GB on -x86_64, but the direct EFI page allocation functions can get addresses -above that. - -Additionally, we now try to locate kernel+initrd+cmdline+etc below -0x7fffffff, and if they're too big to fit any memory window there, then -we try a higher address. - -Signed-off-by: Peter Jones -[david.abdurachmanov: fix macro for riscv64] -Signed-off-by: David Abdurachmanov -Signed-off-by: Robbie Harwood ---- - grub-core/kern/efi/mm.c | 8 ++++---- - grub-core/loader/i386/efi/linux.c | 24 +++++++++++++++++------- - include/grub/arm/efi/memory.h | 1 + - include/grub/arm64/efi/memory.h | 1 + - include/grub/i386/efi/memory.h | 1 + - include/grub/ia64/efi/memory.h | 1 + - include/grub/riscv64/efi/memory.h | 1 + - include/grub/x86_64/efi/memory.h | 4 +++- - 8 files changed, 29 insertions(+), 12 deletions(-) - -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 85ad4b4494c..e84961d078c 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -122,7 +122,7 @@ grub_efi_allocate_pages_max (grub_efi_physical_address_t max, - grub_efi_boot_services_t *b; - grub_efi_physical_address_t address = max; - -- if (max > 0xffffffff) -+ if (max > GRUB_EFI_MAX_USABLE_ADDRESS) - return 0; - - b = grub_efi_system_table->boot_services; -@@ -480,7 +480,7 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, - { - if (desc->type == GRUB_EFI_CONVENTIONAL_MEMORY - #if 1 -- && desc->physical_start <= GRUB_EFI_MAX_USABLE_ADDRESS -+ && desc->physical_start <= GRUB_EFI_MAX_ALLOCATION_ADDRESS - #endif - && desc->physical_start + PAGES_TO_BYTES (desc->num_pages) > 0x100000 - && desc->num_pages != 0) -@@ -498,9 +498,9 @@ filter_memory_map (grub_efi_memory_descriptor_t *memory_map, - #if 1 - if (BYTES_TO_PAGES (filtered_desc->physical_start) - + filtered_desc->num_pages -- > BYTES_TO_PAGES_DOWN (GRUB_EFI_MAX_USABLE_ADDRESS)) -+ > BYTES_TO_PAGES_DOWN (GRUB_EFI_MAX_ALLOCATION_ADDRESS)) - filtered_desc->num_pages -- = (BYTES_TO_PAGES_DOWN (GRUB_EFI_MAX_USABLE_ADDRESS) -+ = (BYTES_TO_PAGES_DOWN (GRUB_EFI_MAX_ALLOCATION_ADDRESS) - - BYTES_TO_PAGES (filtered_desc->physical_start)); - #endif - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 3017d0f3e52..33e981e76e7 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -106,7 +107,9 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - size += ALIGN_UP (grub_file_size (files[i]), 4); - } - -- initrd_mem = grub_efi_allocate_pages_max (0x3fffffff, BYTES_TO_PAGES(size)); -+ initrd_mem = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, BYTES_TO_PAGES(size)); -+ if (!initrd_mem) -+ initrd_mem = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, BYTES_TO_PAGES(size)); - if (!initrd_mem) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate initrd")); -@@ -202,8 +205,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- params = grub_efi_allocate_pages_max (0x3fffffff, -+ params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, - BYTES_TO_PAGES(sizeof(*params))); -+ if (!params) -+ params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, -+ BYTES_TO_PAGES(sizeof(*params))); - if (! params) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -@@ -273,8 +279,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - #endif - - grub_dprintf ("linux", "setting up cmdline\n"); -- linux_cmdline = grub_efi_allocate_pages_max(0x3fffffff, -- BYTES_TO_PAGES(lh->cmdline_size + 1)); -+ linux_cmdline = grub_efi_allocate_pages_max(GRUB_EFI_MAX_ALLOCATION_ADDRESS, -+ BYTES_TO_PAGES(lh->cmdline_size + 1)); -+ if (!linux_cmdline) -+ linux_cmdline = grub_efi_allocate_pages_max(GRUB_EFI_MAX_USABLE_ADDRESS, -+ BYTES_TO_PAGES(lh->cmdline_size + 1)); - if (!linux_cmdline) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); -@@ -301,11 +310,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - kernel_mem = grub_efi_allocate_pages_max(lh->pref_address, - BYTES_TO_PAGES(lh->init_size)); -- - if (!kernel_mem) -- kernel_mem = grub_efi_allocate_pages_max(0x3fffffff, -+ kernel_mem = grub_efi_allocate_pages_max(GRUB_EFI_MAX_ALLOCATION_ADDRESS, -+ BYTES_TO_PAGES(lh->init_size)); -+ if (!kernel_mem) -+ kernel_mem = grub_efi_allocate_pages_max(GRUB_EFI_MAX_USABLE_ADDRESS, - BYTES_TO_PAGES(lh->init_size)); -- - if (!kernel_mem) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); -diff --git a/include/grub/arm/efi/memory.h b/include/grub/arm/efi/memory.h -index 2c64918e3f7..a4c2ec83502 100644 ---- a/include/grub/arm/efi/memory.h -+++ b/include/grub/arm/efi/memory.h -@@ -2,5 +2,6 @@ - #include - - #define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffff -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/arm64/efi/memory.h b/include/grub/arm64/efi/memory.h -index c6cb3241714..acb61dca44b 100644 ---- a/include/grub/arm64/efi/memory.h -+++ b/include/grub/arm64/efi/memory.h -@@ -2,5 +2,6 @@ - #include - - #define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffffffffULL -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/i386/efi/memory.h b/include/grub/i386/efi/memory.h -index 2c64918e3f7..a4c2ec83502 100644 ---- a/include/grub/i386/efi/memory.h -+++ b/include/grub/i386/efi/memory.h -@@ -2,5 +2,6 @@ - #include - - #define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffff -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/ia64/efi/memory.h b/include/grub/ia64/efi/memory.h -index 2c64918e3f7..a4c2ec83502 100644 ---- a/include/grub/ia64/efi/memory.h -+++ b/include/grub/ia64/efi/memory.h -@@ -2,5 +2,6 @@ - #include - - #define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffff -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/riscv64/efi/memory.h b/include/grub/riscv64/efi/memory.h -index c6cb3241714..acb61dca44b 100644 ---- a/include/grub/riscv64/efi/memory.h -+++ b/include/grub/riscv64/efi/memory.h -@@ -2,5 +2,6 @@ - #include - - #define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffffffffULL -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/x86_64/efi/memory.h b/include/grub/x86_64/efi/memory.h -index 46e9145a308..e81cfb32213 100644 ---- a/include/grub/x86_64/efi/memory.h -+++ b/include/grub/x86_64/efi/memory.h -@@ -2,9 +2,11 @@ - #include - - #if defined (__code_model_large__) --#define GRUB_EFI_MAX_USABLE_ADDRESS 0xffffffff -+#define GRUB_EFI_MAX_USABLE_ADDRESS __UINTPTR_MAX__ -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS 0x7fffffff - #else - #define GRUB_EFI_MAX_USABLE_ADDRESS 0x7fffffff -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS - #endif - - #endif /* ! GRUB_MEMORY_CPU_HEADER */ diff --git a/0103-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch b/0103-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch deleted file mode 100644 index c2f2a597732335b1508213b5e158343e8d70571c..0000000000000000000000000000000000000000 --- a/0103-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch +++ /dev/null @@ -1,397 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 18:03:25 +0200 -Subject: [PATCH] Attempt to fix up all the places -Wsign-compare=error finds. - -Signed-off-by: Peter Jones ---- - grub-core/kern/emu/misc.c | 2 +- - grub-core/lib/reed_solomon.c | 4 +- - grub-core/osdep/linux/blocklist.c | 2 +- - grub-core/osdep/linux/getroot.c | 2 +- - grub-core/osdep/linux/hostdisk.c | 2 +- - util/grub-fstest.c | 2 +- - util/grub-menulst2cfg.c | 2 +- - util/grub-mkfont.c | 13 +- - util/grub-probe.c | 2 +- - util/grub-rpm-sort.c | 2 +- - util/setup.c | 2 +- - bootstrap.conf | 3 +- - .../gnulib-patches/fix-sign-compare-errors.patch | 161 +++++++++++++++++++++ - 13 files changed, 181 insertions(+), 18 deletions(-) - create mode 100644 grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch - -diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c -index eeea092752d..f08a1bb8415 100644 ---- a/grub-core/kern/emu/misc.c -+++ b/grub-core/kern/emu/misc.c -@@ -189,7 +189,7 @@ grub_util_get_image_size (const char *path) - sz = ftello (f); - if (sz < 0) - grub_util_error (_("cannot open `%s': %s"), path, strerror (errno)); -- if (sz != (size_t) sz) -+ if (sz > (off_t)(GRUB_SIZE_MAX >> 1)) - grub_util_error (_("file `%s' is too big"), path); - ret = (size_t) sz; - -diff --git a/grub-core/lib/reed_solomon.c b/grub-core/lib/reed_solomon.c -index 467305b46ab..79037c093f7 100644 ---- a/grub-core/lib/reed_solomon.c -+++ b/grub-core/lib/reed_solomon.c -@@ -157,7 +157,7 @@ static void - rs_encode (gf_single_t *data, grub_size_t s, grub_size_t rs) - { - gf_single_t *rs_polynomial; -- int i, j; -+ unsigned int i, j; - gf_single_t *m; - m = xcalloc (s + rs, sizeof (gf_single_t)); - grub_memcpy (m, data, s * sizeof (gf_single_t)); -@@ -324,7 +324,7 @@ static void - encode_block (gf_single_t *ptr, grub_size_t s, - gf_single_t *rptr, grub_size_t rs) - { -- int i, j; -+ unsigned int i, j; - for (i = 0; i < SECTOR_SIZE; i++) - { - grub_size_t ds = (s + SECTOR_SIZE - 1 - i) / SECTOR_SIZE; -diff --git a/grub-core/osdep/linux/blocklist.c b/grub-core/osdep/linux/blocklist.c -index c77d6085ccb..42a315031ff 100644 ---- a/grub-core/osdep/linux/blocklist.c -+++ b/grub-core/osdep/linux/blocklist.c -@@ -109,7 +109,7 @@ grub_install_get_blocklist (grub_device_t root_dev, - else - { - struct fiemap *fie2; -- int i; -+ unsigned int i; - fie2 = xmalloc (sizeof (*fie2) - + fie1.fm_mapped_extents - * sizeof (fie1.fm_extents[1])); -diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c -index 28790307e00..9f730b35189 100644 ---- a/grub-core/osdep/linux/getroot.c -+++ b/grub-core/osdep/linux/getroot.c -@@ -236,7 +236,7 @@ grub_find_root_devices_from_btrfs (const char *dir) - { - int fd; - struct btrfs_ioctl_fs_info_args fsi; -- int i, j = 0; -+ unsigned int i, j = 0; - char **ret; - - fd = open (dir, 0); -diff --git a/grub-core/osdep/linux/hostdisk.c b/grub-core/osdep/linux/hostdisk.c -index da62f924e35..7bc99ac1c1d 100644 ---- a/grub-core/osdep/linux/hostdisk.c -+++ b/grub-core/osdep/linux/hostdisk.c -@@ -83,7 +83,7 @@ grub_util_get_fd_size_os (grub_util_fd_t fd, const char *name, unsigned *log_sec - if (sector_size & (sector_size - 1) || !sector_size) - return -1; - for (log_sector_size = 0; -- (1 << log_sector_size) < sector_size; -+ (1U << log_sector_size) < sector_size; - log_sector_size++); - - if (log_secsize) -diff --git a/util/grub-fstest.c b/util/grub-fstest.c -index 83865642009..bfcef852d83 100644 ---- a/util/grub-fstest.c -+++ b/util/grub-fstest.c -@@ -323,7 +323,7 @@ cmd_cmp (char *src, char *dest) - read_file (src, cmp_hook, ff); - - { -- grub_uint64_t pre; -+ long long pre; - pre = ftell (ff); - fseek (ff, 0, SEEK_END); - if (pre != ftell (ff)) -diff --git a/util/grub-menulst2cfg.c b/util/grub-menulst2cfg.c -index a39f8693947..358d604210b 100644 ---- a/util/grub-menulst2cfg.c -+++ b/util/grub-menulst2cfg.c -@@ -34,7 +34,7 @@ main (int argc, char **argv) - char *buf = NULL; - size_t bufsize = 0; - char *suffix = xstrdup (""); -- int suffixlen = 0; -+ size_t suffixlen = 0; - const char *out_fname = 0; - - grub_util_host_init (&argc, &argv); -diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c -index 0fe45a6103d..3e09240b99f 100644 ---- a/util/grub-mkfont.c -+++ b/util/grub-mkfont.c -@@ -138,7 +138,8 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face, - int width, height; - int cuttop, cutbottom, cutleft, cutright; - grub_uint8_t *data; -- int mask, i, j, bitmap_size; -+ int mask, i, bitmap_size; -+ unsigned int j; - FT_GlyphSlot glyph; - int flag = FT_LOAD_RENDER | FT_LOAD_MONOCHROME; - FT_Error err; -@@ -183,7 +184,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face, - cuttop = cutbottom = cutleft = cutright = 0; - else - { -- for (cuttop = 0; cuttop < glyph->bitmap.rows; cuttop++) -+ for (cuttop = 0; cuttop < (long)glyph->bitmap.rows; cuttop++) - { - for (j = 0; j < glyph->bitmap.width; j++) - if (glyph->bitmap.buffer[j / 8 + cuttop * glyph->bitmap.pitch] -@@ -203,10 +204,10 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face, - break; - } - cutbottom = glyph->bitmap.rows - 1 - cutbottom; -- if (cutbottom + cuttop >= glyph->bitmap.rows) -+ if (cutbottom + cuttop >= (long)glyph->bitmap.rows) - cutbottom = 0; - -- for (cutleft = 0; cutleft < glyph->bitmap.width; cutleft++) -+ for (cutleft = 0; cutleft < (long)glyph->bitmap.width; cutleft++) - { - for (j = 0; j < glyph->bitmap.rows; j++) - if (glyph->bitmap.buffer[cutleft / 8 + j * glyph->bitmap.pitch] -@@ -225,7 +226,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face, - break; - } - cutright = glyph->bitmap.width - 1 - cutright; -- if (cutright + cutleft >= glyph->bitmap.width) -+ if (cutright + cutleft >= (long)glyph->bitmap.width) - cutright = 0; - } - -@@ -262,7 +263,7 @@ add_glyph (struct grub_font_info *font_info, FT_UInt glyph_idx, FT_Face face, - - mask = 0; - data = &glyph_info->bitmap[0] - 1; -- for (j = cuttop; j < height + cuttop; j++) -+ for (j = cuttop; j < (long)height + cuttop; j++) - for (i = cutleft; i < width + cutleft; i++) - add_pixel (&data, &mask, - glyph->bitmap.buffer[i / 8 + j * glyph->bitmap.pitch] & -diff --git a/util/grub-probe.c b/util/grub-probe.c -index c08e46bbb40..c6fac732b40 100644 ---- a/util/grub-probe.c -+++ b/util/grub-probe.c -@@ -798,7 +798,7 @@ argp_parser (int key, char *arg, struct argp_state *state) - - case 't': - { -- int i; -+ unsigned int i; - - for (i = PRINT_FS; i < ARRAY_SIZE (targets); i++) - if (strcmp (arg, targets[i]) == 0) -diff --git a/util/grub-rpm-sort.c b/util/grub-rpm-sort.c -index f33bd1ed568..8345944105f 100644 ---- a/util/grub-rpm-sort.c -+++ b/util/grub-rpm-sort.c -@@ -232,7 +232,7 @@ main (int argc, char *argv[]) - struct arguments arguments; - char **package_names = NULL; - size_t n_package_names = 0; -- int i; -+ unsigned int i; - - grub_util_host_init (&argc, &argv); - -diff --git a/util/setup.c b/util/setup.c -index da5f2c07f50..8b22bb8ccac 100644 ---- a/util/setup.c -+++ b/util/setup.c -@@ -406,7 +406,7 @@ SETUP (const char *dir, - int is_ldm; - grub_err_t err; - grub_disk_addr_t *sectors; -- int i; -+ unsigned int i; - grub_fs_t fs; - unsigned int nsec, maxsec; - -diff --git a/bootstrap.conf b/bootstrap.conf -index 6b043fc354c..186be9c48ce 100644 ---- a/bootstrap.conf -+++ b/bootstrap.conf -@@ -80,7 +80,8 @@ cp -a INSTALL INSTALL.grub - bootstrap_post_import_hook () { - set -e - for patchname in fix-base64 fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \ -- fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width no-abort; do -+ fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width no-abort \ -+ fix-sign-compare-errors; do - patch -d grub-core/lib/gnulib -p2 \ - < "grub-core/lib/gnulib-patches/$patchname.patch" - done -diff --git a/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch b/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch -new file mode 100644 -index 00000000000..479029c0565 ---- /dev/null -+++ b/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch -@@ -0,0 +1,161 @@ -+diff --git a/lib/regcomp.c b/lib/regcomp.c -+index cc85f35ac58..361079d82d6 100644 -+--- a/lib/regcomp.c -++++ b/lib/regcomp.c -+@@ -322,7 +322,7 @@ re_compile_fastmap_iter (regex_t *bufp, const re_dfastate_t *init_state, -+ *p++ = dfa->nodes[node].opr.c; -+ memset (&state, '\0', sizeof (state)); -+ if (__mbrtowc (&wc, (const char *) buf, p - buf, -+- &state) == p - buf -++ &state) == (size_t)(p - buf) -+ && (__wcrtomb ((char *) buf, __towlower (wc), &state) -+ != (size_t) -1)) -+ re_set_fastmap (fastmap, false, buf[0]); -+@@ -3778,7 +3778,7 @@ fetch_number (re_string_t *input, re_token_t *token, reg_syntax_t syntax) -+ num = ((token->type != CHARACTER || c < '0' || '9' < c || num == -2) -+ ? -2 -+ : num == -1 -+- ? c - '0' -++ ? (Idx)(c - '0') -+ : MIN (RE_DUP_MAX + 1, num * 10 + c - '0')); -+ } -+ return num; -+diff --git a/lib/regex_internal.c b/lib/regex_internal.c -+index 9004ce809eb..193a1e3d332 100644 -+--- a/lib/regex_internal.c -++++ b/lib/regex_internal.c -+@@ -233,7 +233,7 @@ build_wcs_buffer (re_string_t *pstr) -+ /* Apply the translation if we need. */ -+ if (__glibc_unlikely (pstr->trans != NULL)) -+ { -+- int i, ch; -++ unsigned int i, ch; -+ -+ for (i = 0; i < pstr->mb_cur_max && i < remain_len; ++i) -+ { -+@@ -376,7 +376,7 @@ build_wcs_upper_buffer (re_string_t *pstr) -+ prev_st = pstr->cur_state; -+ if (__glibc_unlikely (pstr->trans != NULL)) -+ { -+- int i, ch; -++ unsigned int i, ch; -+ -+ for (i = 0; i < pstr->mb_cur_max && i < remain_len; ++i) -+ { -+@@ -754,7 +754,7 @@ re_string_reconstruct (re_string_t *pstr, Idx idx, int eflags) -+ memset (&cur_state, 0, sizeof (cur_state)); -+ mbclen = __mbrtowc (&wc2, (const char *) pp, mlen, -+ &cur_state); -+- if (raw + offset - p <= mbclen -++ if ((size_t)(raw + offset - p) <= mbclen -+ && mbclen < (size_t) -2) -+ { -+ memset (&pstr->cur_state, '\0', -+diff --git a/lib/regex_internal.h b/lib/regex_internal.h -+index 5462419b787..e0f8292395d 100644 -+--- a/lib/regex_internal.h -++++ b/lib/regex_internal.h -+@@ -425,7 +425,7 @@ struct re_string_t -+ unsigned char offsets_needed; -+ unsigned char newline_anchor; -+ unsigned char word_ops_used; -+- int mb_cur_max; -++ unsigned int mb_cur_max; -+ }; -+ typedef struct re_string_t re_string_t; -+ -+@@ -702,7 +702,7 @@ struct re_dfa_t -+ unsigned int is_utf8 : 1; -+ unsigned int map_notascii : 1; -+ unsigned int word_ops_used : 1; -+- int mb_cur_max; -++ unsigned int mb_cur_max; -+ bitset_t word_char; -+ reg_syntax_t syntax; -+ Idx *subexp_map; -+diff --git a/lib/regexec.c b/lib/regexec.c -+index 0a7a27b772e..b57d4f9141d 100644 -+--- a/lib/regexec.c -++++ b/lib/regexec.c -+@@ -443,7 +443,7 @@ re_search_stub (struct re_pattern_buffer *bufp, const char *string, Idx length, -+ { -+ if (ret_len) -+ { -+- assert (pmatch[0].rm_so == start); -++ assert (pmatch[0].rm_so == (long)start); -+ rval = pmatch[0].rm_eo - start; -+ } -+ else -+@@ -877,11 +877,11 @@ re_search_internal (const regex_t *preg, const char *string, Idx length, -+ if (__glibc_unlikely (mctx.input.offsets_needed != 0)) -+ { -+ pmatch[reg_idx].rm_so = -+- (pmatch[reg_idx].rm_so == mctx.input.valid_len -++ (pmatch[reg_idx].rm_so == (long)mctx.input.valid_len -+ ? mctx.input.valid_raw_len -+ : mctx.input.offsets[pmatch[reg_idx].rm_so]); -+ pmatch[reg_idx].rm_eo = -+- (pmatch[reg_idx].rm_eo == mctx.input.valid_len -++ (pmatch[reg_idx].rm_eo == (long)mctx.input.valid_len -+ ? mctx.input.valid_raw_len -+ : mctx.input.offsets[pmatch[reg_idx].rm_eo]); -+ } -+@@ -1418,11 +1418,11 @@ set_regs (const regex_t *preg, const re_match_context_t *mctx, size_t nmatch, -+ } -+ memcpy (prev_idx_match, pmatch, sizeof (regmatch_t) * nmatch); -+ -+- for (idx = pmatch[0].rm_so; idx <= pmatch[0].rm_eo ;) -++ for (idx = pmatch[0].rm_so; idx <= (long)pmatch[0].rm_eo ;) -+ { -+ update_regs (dfa, pmatch, prev_idx_match, cur_node, idx, nmatch); -+ -+- if (idx == pmatch[0].rm_eo && cur_node == mctx->last_node) -++ if (idx == (long)pmatch[0].rm_eo && cur_node == mctx->last_node) -+ { -+ Idx reg_idx; -+ if (fs) -+@@ -1519,7 +1519,7 @@ update_regs (const re_dfa_t *dfa, regmatch_t *pmatch, -+ if (reg_num < nmatch) -+ { -+ /* We are at the last node of this sub expression. */ -+- if (pmatch[reg_num].rm_so < cur_idx) -++ if (pmatch[reg_num].rm_so < (long)cur_idx) -+ { -+ pmatch[reg_num].rm_eo = cur_idx; -+ /* This is a non-empty match or we are not inside an optional -+@@ -2938,7 +2938,7 @@ check_arrival (re_match_context_t *mctx, state_array_t *path, Idx top_node, -+ mctx->state_log[str_idx] = cur_state; -+ } -+ -+- for (null_cnt = 0; str_idx < last_str && null_cnt <= mctx->max_mb_elem_len;) -++ for (null_cnt = 0; str_idx < last_str && null_cnt <= (long)mctx->max_mb_elem_len;) -+ { -+ re_node_set_empty (&next_nodes); -+ if (mctx->state_log[str_idx + 1]) -+@@ -3718,7 +3718,7 @@ check_node_accept_bytes (const re_dfa_t *dfa, Idx node_idx, -+ const re_string_t *input, Idx str_idx) -+ { -+ const re_token_t *node = dfa->nodes + node_idx; -+- int char_len, elem_len; -++ unsigned int char_len, elem_len; -+ Idx i; -+ -+ if (__glibc_unlikely (node->type == OP_UTF8_PERIOD)) -+@@ -4066,7 +4066,7 @@ extend_buffers (re_match_context_t *mctx, int min_len) -+ /* Double the lengths of the buffers, but allocate at least MIN_LEN. */ -+ ret = re_string_realloc_buffers (pstr, -+ MAX (min_len, -+- MIN (pstr->len, pstr->bufs_len * 2))); -++ MIN ((long)pstr->len, pstr->bufs_len * 2))); -+ if (__glibc_unlikely (ret != REG_NOERROR)) -+ return ret; -+ -+@@ -4236,7 +4236,7 @@ match_ctx_add_entry (re_match_context_t *mctx, Idx node, Idx str_idx, Idx from, -+ = (from == to ? -1 : 0); -+ -+ mctx->bkref_ents[mctx->nbkref_ents++].more = 0; -+- if (mctx->max_mb_elem_len < to - from) -++ if (mctx->max_mb_elem_len < (long)(to - from)) -+ mctx->max_mb_elem_len = to - from; -+ return REG_NOERROR; -+ } diff --git a/0104-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch b/0104-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch deleted file mode 100644 index 1fa705e68c8581cc2242a39b86766c5631b8e2d7..0000000000000000000000000000000000000000 --- a/0104-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 11 Jul 2019 18:20:37 +0200 -Subject: [PATCH] Don't use -Wno-sign-compare -Wno-conversion -Wno-error, do - use -Wextra. - -Signed-off-by: Peter Jones ---- - configure.ac | 14 +++++++++++--- - conf/Makefile.common | 2 +- - 2 files changed, 12 insertions(+), 4 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 59ccda24475..6eb297fdbf6 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1480,11 +1480,11 @@ fi - # Set them to their new values for the tests below. - CC="$TARGET_CC" - if test x"$platform" = xemu ; then --CFLAGS="$TARGET_CFLAGS -Wno-error" -+CFLAGS="$TARGET_CFLAGS" - elif test "x$TARGET_APPLE_LINKER" = x1 ; then --CFLAGS="$TARGET_CFLAGS -nostdlib -static -Wno-error" -+CFLAGS="$TARGET_CFLAGS -nostdlib -static" - else --CFLAGS="$TARGET_CFLAGS -nostdlib -Wno-error" -+CFLAGS="$TARGET_CFLAGS -nostdlib" - fi - CPPFLAGS="$TARGET_CPPFLAGS" - -@@ -2047,6 +2047,14 @@ if test x"$enable_werror" != xno ; then - HOST_CFLAGS="$HOST_CFLAGS -Werror" - fi - -+AC_ARG_ENABLE([wextra], -+ [AS_HELP_STRING([--disable-wextra], -+ [do not use -Wextra when building GRUB])]) -+if test x"$enable_wextra" != xno ; then -+ TARGET_CFLAGS="$TARGET_CFLAGS -Wextra" -+ HOST_CFLAGS="$HOST_CFLAGS -Wextra" -+fi -+ - TARGET_CPP="$TARGET_CC -E" - TARGET_CCAS=$TARGET_CC - -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 2ff9b39357c..35e14ff017e 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -66,7 +66,7 @@ grubconfdir = $(sysconfdir)/grub.d - platformdir = $(pkglibdir)/$(target_cpu)-$(platform) - starfielddir = $(pkgdatadir)/themes/starfield - --CFLAGS_GNULIB = -Wno-undef -Wno-sign-compare -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Wno-conversion -+CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code - CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib - - CFLAGS_POSIX = -fno-builtin diff --git a/0105-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch b/0105-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch deleted file mode 100644 index fdd3096520fc796857e08439d9f54566aee1629d..0000000000000000000000000000000000000000 --- a/0105-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 12 Jul 2019 09:53:32 +0200 -Subject: [PATCH] x86-efi: Use bounce buffers for reading to addresses > 4GB - -Lots of machines apparently can't DMA correctly above 4GB during UEFI, -so use bounce buffers for the initramfs read. - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 52 +++++++++++++++++++++++++++++++++------ - 1 file changed, 45 insertions(+), 7 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 33e981e76e7..2f0336809e7 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -35,11 +35,16 @@ static grub_dl_t my_mod; - static int loaded; - static void *kernel_mem; - static grub_uint64_t kernel_size; --static grub_uint8_t *initrd_mem; -+static void *initrd_mem; - static grub_uint32_t handover_offset; - struct linux_kernel_params *params; - static char *linux_cmdline; - -+#define MIN(a, b) \ -+ ({ typeof (a) _a = (a); \ -+ typeof (b) _b = (b); \ -+ _a < _b ? _a : _b; }) -+ - #define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) - - static grub_err_t -@@ -73,6 +78,44 @@ grub_linuxefi_unload (void) - return GRUB_ERR_NONE; - } - -+#define BOUNCE_BUFFER_MAX 0x10000000ull -+ -+static grub_ssize_t -+read(grub_file_t file, grub_uint8_t *bufp, grub_size_t len) -+{ -+ grub_ssize_t bufpos = 0; -+ static grub_size_t bbufsz = 0; -+ static char *bbuf = NULL; -+ -+ if (bbufsz == 0) -+ bbufsz = MIN(BOUNCE_BUFFER_MAX, len); -+ -+ while (!bbuf && bbufsz) -+ { -+ bbuf = grub_malloc(bbufsz); -+ if (!bbuf) -+ bbufsz >>= 1; -+ } -+ if (!bbuf) -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate bounce buffer")); -+ -+ while (bufpos < (long long)len) -+ { -+ grub_ssize_t sz; -+ -+ sz = grub_file_read (file, bbuf, MIN(bbufsz, len - bufpos)); -+ if (sz < 0) -+ return sz; -+ if (sz == 0) -+ break; -+ -+ grub_memcpy(bufp + bufpos, bbuf, sz); -+ bufpos += sz; -+ } -+ -+ return bufpos; -+} -+ - static grub_err_t - grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) -@@ -126,7 +169,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - for (i = 0; i < nfiles; i++) - { - grub_ssize_t cursize = grub_file_size (files[i]); -- if (grub_file_read (files[i], ptr, cursize) != cursize) -+ if (read (files[i], ptr, cursize) != cursize) - { - if (!grub_errno) - grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), -@@ -152,11 +195,6 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - --#define MIN(a, b) \ -- ({ typeof (a) _a = (a); \ -- typeof (b) _b = (b); \ -- _a < _b ? _a : _b; }) -- - static grub_err_t - grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) diff --git a/0106-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch b/0106-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch deleted file mode 100644 index f8284ec28a87c863b555d99766a590102167ca57..0000000000000000000000000000000000000000 --- a/0106-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch +++ /dev/null @@ -1,133 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 13 Sep 2018 14:42:34 -0400 -Subject: [PATCH] x86-efi: Re-arrange grub_cmd_linux() a little bit. - -This just helps the next patch be easier to read. - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 75 +++++++++++++++++++++------------------ - 1 file changed, 41 insertions(+), 34 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 2f0336809e7..5f48fa55619 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -243,32 +243,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, -- BYTES_TO_PAGES(sizeof(*params))); -- if (!params) -- params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, -- BYTES_TO_PAGES(sizeof(*params))); -- if (! params) -- { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -- goto fail; -- } -+ lh = (struct linux_i386_kernel_header *)kernel; -+ grub_dprintf ("linux", "original lh is at %p\n", kernel); - -- grub_dprintf ("linux", "params = %p\n", params); -- -- grub_memset (params, 0, sizeof(*params)); -- -- setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); -- grub_dprintf ("linux", "copying %lu bytes from %p to %p\n", -- MIN((grub_size_t)0x202+setup_header_end_offset, -- sizeof (*params)) - 0x1f1, -- (grub_uint8_t *)kernel + 0x1f1, -- (grub_uint8_t *)params + 0x1f1); -- grub_memcpy ((grub_uint8_t *)params + 0x1f1, -- (grub_uint8_t *)kernel + 0x1f1, -- MIN((grub_size_t)0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -- lh = (struct linux_i386_kernel_header *)params; -- grub_dprintf ("linux", "lh is at %p\n", lh); - grub_dprintf ("linux", "checking lh->boot_flag\n"); - if (lh->boot_flag != grub_cpu_to_le16 (0xaa55)) - { -@@ -316,6 +293,34 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -+ params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, -+ BYTES_TO_PAGES(sizeof(*params))); -+ if (!params) -+ params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, -+ BYTES_TO_PAGES(sizeof(*params))); -+ if (! params) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -+ goto fail; -+ } -+ -+ grub_dprintf ("linux", "params = %p\n", params); -+ -+ grub_memset (params, 0, sizeof(*params)); -+ -+ setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); -+ grub_dprintf ("linux", "copying %lu bytes from %p to %p\n", -+ MIN((grub_size_t)0x202+setup_header_end_offset, -+ sizeof (*params)) - 0x1f1, -+ (grub_uint8_t *)kernel + 0x1f1, -+ (grub_uint8_t *)params + 0x1f1); -+ grub_memcpy ((grub_uint8_t *)params + 0x1f1, -+ (grub_uint8_t *)kernel + 0x1f1, -+ MIN((grub_size_t)0x202+setup_header_end_offset,sizeof (*params)) - 0x1f1); -+ -+ lh = (struct linux_i386_kernel_header *)params; -+ grub_dprintf ("linux", "new lh is at %p\n", lh); -+ - grub_dprintf ("linux", "setting up cmdline\n"); - linux_cmdline = grub_efi_allocate_pages_max(GRUB_EFI_MAX_ALLOCATION_ADDRESS, - BYTES_TO_PAGES(lh->cmdline_size + 1)); -@@ -341,8 +346,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "setting lh->cmd_line_ptr\n"); - lh->cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; - -- grub_dprintf ("linux", "computing handover offset\n"); - handover_offset = lh->handover_offset; -+ grub_dprintf("linux", "handover_offset: %08x\n", handover_offset); - - start = (lh->setup_sects + 1) * 512; - -@@ -359,26 +364,28 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); - goto fail; - } -- -- grub_dprintf ("linux", "kernel_mem = %lx\n", (unsigned long) kernel_mem); -+ grub_dprintf("linux", "kernel_mem = %p\n", kernel_mem); - - grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -- loaded=1; -+ -+ loaded = 1; -+ - grub_dprintf ("linux", "setting lh->code32_start to %p\n", kernel_mem); - lh->code32_start = (grub_uint32_t)(grub_addr_t) kernel_mem; - - grub_memcpy (kernel_mem, (char *)kernel + start, filelen - start); - -- grub_dprintf ("linux", "setting lh->type_of_loader\n"); - lh->type_of_loader = 0x6; -+ grub_dprintf ("linux", "setting lh->type_of_loader = 0x%02x\n", -+ lh->type_of_loader); - -- grub_dprintf ("linux", "setting lh->ext_loader_{type,ver}\n"); - params->ext_loader_type = 0; - params->ext_loader_ver = 2; -- grub_dprintf("linux", "kernel_mem: %p handover_offset: %08x\n", -- kernel_mem, handover_offset); -+ grub_dprintf ("linux", -+ "setting lh->ext_loader_{type,ver} = {0x%02x,0x%02x}\n", -+ params->ext_loader_type, params->ext_loader_ver); - -- fail: -+fail: - if (file) - grub_file_close (file); - diff --git a/0107-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch b/0107-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch deleted file mode 100644 index 4ad0696be43718b6e04fb3a4351e9807062020a7..0000000000000000000000000000000000000000 --- a/0107-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch +++ /dev/null @@ -1,258 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 12 Sep 2018 16:03:55 -0400 -Subject: [PATCH] x86-efi: Make our own allocator for kernel stuff - -This helps enable allocations above 4GB. - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 167 +++++++++++++++++++++----------------- - 1 file changed, 94 insertions(+), 73 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 5f48fa55619..3e4f7ef39f4 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -47,6 +47,65 @@ static char *linux_cmdline; - - #define BYTES_TO_PAGES(bytes) (((bytes) + 0xfff) >> 12) - -+struct allocation_choice { -+ grub_efi_physical_address_t addr; -+ grub_efi_allocate_type_t alloc_type; -+}; -+ -+static struct allocation_choice max_addresses[] = -+ { -+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, -+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, -+ { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, -+ { 0, 0 } -+ }; -+ -+static inline void -+kernel_free(void *addr, grub_efi_uintn_t size) -+{ -+ if (addr && size) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)addr, -+ BYTES_TO_PAGES(size)); -+} -+ -+static void * -+kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) -+{ -+ void *addr = 0; -+ unsigned int i; -+ grub_efi_physical_address_t prev_max = 0; -+ -+ for (i = 0; max_addresses[i].addr != 0 && addr == 0; i++) -+ { -+ grub_uint64_t max = max_addresses[i].addr; -+ grub_efi_uintn_t pages; -+ -+ if (max == prev_max) -+ continue; -+ -+ pages = BYTES_TO_PAGES(size); -+ grub_dprintf ("linux", "Trying to allocate %lu pages from %p\n", -+ pages, (void *)max); -+ -+ prev_max = max; -+ addr = grub_efi_allocate_pages_real (max, pages, -+ max_addresses[i].alloc_type, -+ GRUB_EFI_LOADER_DATA); -+ if (addr) -+ grub_dprintf ("linux", "Allocated at %p\n", addr); -+ } -+ -+ while (grub_error_pop ()) -+ { -+ ; -+ } -+ -+ if (addr == NULL) -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "%s", errmsg); -+ -+ return addr; -+} -+ - static grub_err_t - grub_linuxefi_boot (void) - { -@@ -62,19 +121,12 @@ grub_linuxefi_unload (void) - { - grub_dl_unref (my_mod); - loaded = 0; -- if (initrd_mem) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -- BYTES_TO_PAGES(params->ramdisk_size)); -- if (linux_cmdline) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -- linux_cmdline, -- BYTES_TO_PAGES(params->cmdline_size + 1)); -- if (kernel_mem) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -- BYTES_TO_PAGES(kernel_size)); -- if (params) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -- BYTES_TO_PAGES(16384)); -+ -+ kernel_free(initrd_mem, params->ramdisk_size); -+ kernel_free(linux_cmdline, params->cmdline_size + 1); -+ kernel_free(kernel_mem, kernel_size); -+ kernel_free(params, sizeof(*params)); -+ - return GRUB_ERR_NONE; - } - -@@ -150,19 +202,13 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - size += ALIGN_UP (grub_file_size (files[i]), 4); - } - -- initrd_mem = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, BYTES_TO_PAGES(size)); -- if (!initrd_mem) -- initrd_mem = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, BYTES_TO_PAGES(size)); -- if (!initrd_mem) -- { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate initrd")); -- goto fail; -- } -- -- grub_dprintf ("linux", "initrd_mem = %lx\n", (unsigned long) initrd_mem); -+ initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -+ if (initrd_mem == NULL) -+ goto fail; -+ grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); - - params->ramdisk_size = size; -- params->ramdisk_image = (grub_uint32_t)(grub_addr_t) initrd_mem; -+ params->ramdisk_image = initrd_mem; - - ptr = initrd_mem; - -@@ -221,7 +267,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - filelen = grub_file_size (file); - - kernel = grub_malloc(filelen); -- - if (!kernel) - { - grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel buffer")); -@@ -274,7 +319,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - --#if defined(__x86_64__) || defined(__aarch64__) -+#if defined(__x86_64__) - grub_dprintf ("linux", "checking lh->xloadflags\n"); - if (!(lh->xloadflags & LINUX_XLF_KERNEL_64)) - { -@@ -293,17 +338,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -- params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_ALLOCATION_ADDRESS, -- BYTES_TO_PAGES(sizeof(*params))); -+ params = kernel_alloc (sizeof(*params), "cannot allocate kernel parameters"); - if (!params) -- params = grub_efi_allocate_pages_max (GRUB_EFI_MAX_USABLE_ADDRESS, -- BYTES_TO_PAGES(sizeof(*params))); -- if (! params) -- { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate kernel parameters"); -- goto fail; -- } -- -+ goto fail; - grub_dprintf ("linux", "params = %p\n", params); - - grub_memset (params, 0, sizeof(*params)); -@@ -322,19 +359,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "new lh is at %p\n", lh); - - grub_dprintf ("linux", "setting up cmdline\n"); -- linux_cmdline = grub_efi_allocate_pages_max(GRUB_EFI_MAX_ALLOCATION_ADDRESS, -- BYTES_TO_PAGES(lh->cmdline_size + 1)); -+ linux_cmdline = kernel_alloc (lh->cmdline_size + 1, N_("can't allocate cmdline")); - if (!linux_cmdline) -- linux_cmdline = grub_efi_allocate_pages_max(GRUB_EFI_MAX_USABLE_ADDRESS, -- BYTES_TO_PAGES(lh->cmdline_size + 1)); -- if (!linux_cmdline) -- { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate cmdline")); -- goto fail; -- } -- -- grub_dprintf ("linux", "linux_cmdline = %lx\n", -- (unsigned long)linux_cmdline); -+ goto fail; -+ grub_dprintf ("linux", "linux_cmdline = %p\n", linux_cmdline); - - grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); - grub_create_loader_cmdline (argc, argv, -@@ -343,27 +371,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - GRUB_VERIFY_KERNEL_CMDLINE); - - grub_dprintf ("linux", "cmdline:%s\n", linux_cmdline); -- grub_dprintf ("linux", "setting lh->cmd_line_ptr\n"); -- lh->cmd_line_ptr = (grub_uint32_t)(grub_addr_t)linux_cmdline; -+ grub_dprintf ("linux", "setting lh->cmd_line_ptr to 0x%08x\n", -+ linux_cmdline); -+ lh->cmd_line_ptr = linux_cmdline; - - handover_offset = lh->handover_offset; -- grub_dprintf("linux", "handover_offset: %08x\n", handover_offset); -+ grub_dprintf("linux", "handover_offset: 0x%08x\n", handover_offset); - - start = (lh->setup_sects + 1) * 512; - -- kernel_mem = grub_efi_allocate_pages_max(lh->pref_address, -- BYTES_TO_PAGES(lh->init_size)); -- if (!kernel_mem) -- kernel_mem = grub_efi_allocate_pages_max(GRUB_EFI_MAX_ALLOCATION_ADDRESS, -- BYTES_TO_PAGES(lh->init_size)); -- if (!kernel_mem) -- kernel_mem = grub_efi_allocate_pages_max(GRUB_EFI_MAX_USABLE_ADDRESS, -- BYTES_TO_PAGES(lh->init_size)); -- if (!kernel_mem) -+ grub_dprintf ("linux", "lh->pref_address: %p\n", (void *)(grub_addr_t)lh->pref_address); -+ if (lh->pref_address < (grub_uint64_t)GRUB_EFI_MAX_ALLOCATION_ADDRESS) - { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("can't allocate kernel")); -- goto fail; -+ max_addresses[0].addr = lh->pref_address; -+ max_addresses[0].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS; - } -+ kernel_mem = kernel_alloc (lh->init_size, N_("can't allocate kernel")); -+ if (!kernel_mem) -+ goto fail; - grub_dprintf("linux", "kernel_mem = %p\n", kernel_mem); - - grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -@@ -398,18 +423,14 @@ fail: - loaded = 0; - } - -- if (linux_cmdline && lh && !loaded) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) -- linux_cmdline, -- BYTES_TO_PAGES(lh->cmdline_size + 1)); -+ if (!loaded) -+ { -+ if (lh) -+ kernel_free (linux_cmdline, lh->cmdline_size + 1); - -- if (kernel_mem && !loaded) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, -- BYTES_TO_PAGES(kernel_size)); -- -- if (params && !loaded) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)params, -- BYTES_TO_PAGES(16384)); -+ kernel_free (kernel_mem, kernel_size); -+ kernel_free (params, sizeof(*params)); -+ } - - return grub_errno; - } diff --git a/0108-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch b/0108-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch deleted file mode 100644 index b1233ce3ca2384b80b35089d8e437058fa6df087..0000000000000000000000000000000000000000 --- a/0108-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch +++ /dev/null @@ -1,171 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 12 Sep 2018 16:12:27 -0400 -Subject: [PATCH] x86-efi: Allow initrd+params+cmdline allocations above 4GB. - -This enables everything except the kernel itself to be above 4GB. -Putting the kernel up there still doesn't work, because of the way -params->code32_start is used. - -Signed-off-by: Peter Jones ---- - grub-core/loader/i386/efi/linux.c | 67 +++++++++++++++++++++++++++++++++++---- - include/grub/i386/linux.h | 6 +++- - 2 files changed, 65 insertions(+), 8 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 3e4f7ef39f4..6bc18d5aef5 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -52,13 +52,22 @@ struct allocation_choice { - grub_efi_allocate_type_t alloc_type; - }; - --static struct allocation_choice max_addresses[] = -+static struct allocation_choice max_addresses[4] = - { -+ /* the kernel overrides this one with pref_address and -+ * GRUB_EFI_ALLOCATE_ADDRESS */ - { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, -+ /* this one is always below 4GB, which we still *prefer* even if the flag -+ * is set. */ - { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, -+ /* If the flag in params is set, this one gets changed to be above 4GB. */ - { GRUB_EFI_MAX_ALLOCATION_ADDRESS, GRUB_EFI_ALLOCATE_MAX_ADDRESS }, - { 0, 0 } - }; -+static struct allocation_choice saved_addresses[4]; -+ -+#define save_addresses() grub_memcpy(saved_addresses, max_addresses, sizeof(max_addresses)) -+#define restore_addresses() grub_memcpy(max_addresses, saved_addresses, sizeof(max_addresses)) - - static inline void - kernel_free(void *addr, grub_efi_uintn_t size) -@@ -80,6 +89,11 @@ kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) - grub_uint64_t max = max_addresses[i].addr; - grub_efi_uintn_t pages; - -+ /* -+ * When we're *not* loading the kernel, or >4GB allocations aren't -+ * supported, these entries are basically all the same, so don't re-try -+ * the same parameters. -+ */ - if (max == prev_max) - continue; - -@@ -168,6 +182,9 @@ read(grub_file_t file, grub_uint8_t *bufp, grub_size_t len) - return bufpos; - } - -+#define LOW_U32(val) ((grub_uint32_t)(((grub_addr_t)(val)) & 0xffffffffull)) -+#define HIGH_U32(val) ((grub_uint32_t)(((grub_addr_t)(val) >> 32) & 0xffffffffull)) -+ - static grub_err_t - grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) -@@ -207,8 +224,12 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - goto fail; - grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); - -- params->ramdisk_size = size; -- params->ramdisk_image = initrd_mem; -+ params->ramdisk_size = LOW_U32(size); -+ params->ramdisk_image = LOW_U32(initrd_mem); -+#if defined(__x86_64__) -+ params->ext_ramdisk_size = HIGH_U32(size); -+ params->ext_ramdisk_image = HIGH_U32(initrd_mem); -+#endif - - ptr = initrd_mem; - -@@ -338,6 +359,18 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -+#if defined(__x86_64__) -+ if (lh->xloadflags & LINUX_XLF_CAN_BE_LOADED_ABOVE_4G) -+ { -+ grub_dprintf ("linux", "Loading kernel above 4GB is supported; enabling.\n"); -+ max_addresses[2].addr = GRUB_EFI_MAX_USABLE_ADDRESS; -+ } -+ else -+ { -+ grub_dprintf ("linux", "Loading kernel above 4GB is not supported\n"); -+ } -+#endif -+ - params = kernel_alloc (sizeof(*params), "cannot allocate kernel parameters"); - if (!params) - goto fail; -@@ -372,21 +405,40 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "cmdline:%s\n", linux_cmdline); - grub_dprintf ("linux", "setting lh->cmd_line_ptr to 0x%08x\n", -- linux_cmdline); -- lh->cmd_line_ptr = linux_cmdline; -+ LOW_U32(linux_cmdline)); -+ lh->cmd_line_ptr = LOW_U32(linux_cmdline); -+#if defined(__x86_64__) -+ if ((grub_efi_uintn_t)linux_cmdline > 0xffffffffull) -+ { -+ grub_dprintf ("linux", "setting params->ext_cmd_line_ptr to 0x%08x\n", -+ HIGH_U32(linux_cmdline)); -+ params->ext_cmd_line_ptr = HIGH_U32(linux_cmdline); -+ } -+#endif - - handover_offset = lh->handover_offset; - grub_dprintf("linux", "handover_offset: 0x%08x\n", handover_offset); - - start = (lh->setup_sects + 1) * 512; - -+ /* -+ * AFAICS >4GB for kernel *cannot* work because of params->code32_start being -+ * 32-bit and getting called unconditionally in head_64.S from either entry -+ * point. -+ * -+ * so nerf that out here... -+ */ -+ save_addresses(); - grub_dprintf ("linux", "lh->pref_address: %p\n", (void *)(grub_addr_t)lh->pref_address); - if (lh->pref_address < (grub_uint64_t)GRUB_EFI_MAX_ALLOCATION_ADDRESS) - { - max_addresses[0].addr = lh->pref_address; - max_addresses[0].alloc_type = GRUB_EFI_ALLOCATE_ADDRESS; - } -+ max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; -+ max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - kernel_mem = kernel_alloc (lh->init_size, N_("can't allocate kernel")); -+ restore_addresses(); - if (!kernel_mem) - goto fail; - grub_dprintf("linux", "kernel_mem = %p\n", kernel_mem); -@@ -395,8 +447,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - loaded = 1; - -- grub_dprintf ("linux", "setting lh->code32_start to %p\n", kernel_mem); -- lh->code32_start = (grub_uint32_t)(grub_addr_t) kernel_mem; -+ grub_dprintf ("linux", "setting lh->code32_start to 0x%08x\n", -+ LOW_U32(kernel_mem)); -+ lh->code32_start = LOW_U32(kernel_mem); - - grub_memcpy (kernel_mem, (char *)kernel + start, filelen - start); - -diff --git a/include/grub/i386/linux.h b/include/grub/i386/linux.h -index 25ef52c04eb..fac22476cc5 100644 ---- a/include/grub/i386/linux.h -+++ b/include/grub/i386/linux.h -@@ -236,7 +236,11 @@ struct linux_kernel_params - grub_uint32_t ofw_cif_handler; /* b8 */ - grub_uint32_t ofw_idt; /* bc */ - -- grub_uint8_t padding7[0x1b8 - 0xc0]; -+ grub_uint32_t ext_ramdisk_image; /* 0xc0 */ -+ grub_uint32_t ext_ramdisk_size; /* 0xc4 */ -+ grub_uint32_t ext_cmd_line_ptr; /* 0xc8 */ -+ -+ grub_uint8_t padding7[0x1b8 - 0xcc]; - - union - { diff --git a/0109-Fix-getroot.c-s-trampolines.patch b/0109-Fix-getroot.c-s-trampolines.patch deleted file mode 100644 index 29ec44c9861955c3e1060409e2af923d4616e35c..0000000000000000000000000000000000000000 --- a/0109-Fix-getroot.c-s-trampolines.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 28 Sep 2018 15:42:19 -0400 -Subject: [PATCH] Fix getroot.c's trampolines. - -This makes the stack executable on most of the grub utilities, which is -bad, and rpmdiff complains about it. - -Signed-off-by: Peter Jones ---- - grub-core/osdep/linux/getroot.c | 16 +++++++--------- - 1 file changed, 7 insertions(+), 9 deletions(-) - -diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c -index 9f730b35189..f0c503f43d3 100644 ---- a/grub-core/osdep/linux/getroot.c -+++ b/grub-core/osdep/linux/getroot.c -@@ -1264,22 +1264,20 @@ grub_util_get_grub_dev_os (const char *os_dev) - return grub_dev; - } - -+static void *mp = NULL; -+static void -+btrfs_mount_path_hook(const char *m) -+{ -+ mp = strdup (m); -+} - - char * - grub_util_get_btrfs_subvol (const char *path, char **mount_path) - { -- char *mp = NULL; -- - if (mount_path) - *mount_path = NULL; - -- auto void -- mount_path_hook (const char *m) -- { -- mp = strdup (m); -- } -- -- grub_find_root_btrfs_mount_path_hook = mount_path_hook; -+ grub_find_root_btrfs_mount_path_hook = btrfs_mount_path_hook; - grub_free (grub_find_root_devices_from_mountinfo (path, NULL)); - grub_find_root_btrfs_mount_path_hook = NULL; - diff --git a/0110-Do-not-allow-stack-trampolines-anywhere.patch b/0110-Do-not-allow-stack-trampolines-anywhere.patch deleted file mode 100644 index 2a3247af9705fb621e66000060a03b126dbd34d3..0000000000000000000000000000000000000000 --- a/0110-Do-not-allow-stack-trampolines-anywhere.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 12 Jul 2019 10:06:50 +0200 -Subject: [PATCH] Do not allow stack trampolines, anywhere. - -Signed-off-by: Peter Jones ---- - configure.ac | 3 +++ - conf/Makefile.common | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 6eb297fdbf6..c6bd965f1f9 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2055,6 +2055,9 @@ if test x"$enable_wextra" != xno ; then - HOST_CFLAGS="$HOST_CFLAGS -Wextra" - fi - -+TARGET_CFLAGS="$TARGET_CFLAGS -Werror=trampolines -fno-trampolines" -+HOST_CFLAGS="$HOST_CFLAGS -Werror=trampolines -fno-trampolines" -+ - TARGET_CPP="$TARGET_CC -E" - TARGET_CCAS=$TARGET_CC - -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 35e14ff017e..0647c53b916 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -66,7 +66,7 @@ grubconfdir = $(sysconfdir)/grub.d - platformdir = $(pkglibdir)/$(target_cpu)-$(platform) - starfielddir = $(pkgdatadir)/themes/starfield - --CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -+CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Werror=trampolines -fno-trampolines - CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib - - CFLAGS_POSIX = -fno-builtin diff --git a/0111-Reimplement-boot_counter.patch b/0111-Reimplement-boot_counter.patch deleted file mode 100644 index a203929f1a193c0119330975e4529aaef818e54c..0000000000000000000000000000000000000000 --- a/0111-Reimplement-boot_counter.patch +++ /dev/null @@ -1,196 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 4 Oct 2018 14:22:09 -0400 -Subject: [PATCH] Reimplement boot_counter - -This adds "increment" and "decrement" commands, and uses them to maintain our -variables in 01_fallback_counter. It also simplifies the counter logic, so -that there are no nested tests that conflict with each other. - -Apparently, this *really* wasn't tested well enough. - -Resolves: rhbz#1614637 -Signed-off-by: Peter Jones -[lorbus: add comments and revert logic changes in 01_fallback_counting] -Signed-off-by: Christian Glombek ---- - Makefile.util.def | 6 +++ - grub-core/Makefile.core.def | 5 ++ - grub-core/commands/increment.c | 105 ++++++++++++++++++++++++++++++++++++ - util/grub.d/01_fallback_counting.in | 22 ++++++++ - 4 files changed, 138 insertions(+) - create mode 100644 grub-core/commands/increment.c - create mode 100644 util/grub.d/01_fallback_counting.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index 0b85a7fce4a..27a13bc734e 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -458,6 +458,12 @@ script = { - installdir = grubconf; - }; - -+script = { -+ name = '01_fallback_counting'; -+ common = util/grub.d/01_fallback_counting.in; -+ installdir = grubconf; -+}; -+ - script = { - name = '01_menu_auto_hide'; - common = util/grub.d/01_menu_auto_hide.in; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 498ca11762a..1e15345107e 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -398,6 +398,11 @@ kernel = { - extra_dist = kern/mips/cache_flush.S; - }; - -+module = { -+ name = increment; -+ common = commands/increment.c; -+}; -+ - program = { - name = grub-emu; - mansection = 1; -diff --git a/grub-core/commands/increment.c b/grub-core/commands/increment.c -new file mode 100644 -index 00000000000..79cf137656c ---- /dev/null -+++ b/grub-core/commands/increment.c -@@ -0,0 +1,105 @@ -+/* increment.c - Commands to increment and decrement variables. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2006,2007,2008 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+typedef enum { -+ INCREMENT, -+ DECREMENT, -+} operation; -+ -+static grub_err_t -+incr_decr(operation op, int argc, char **args) -+{ -+ const char *old; -+ char *new; -+ long value; -+ -+ if (argc < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_ ("no variable specified")); -+ if (argc > 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_ ("too many arguments")); -+ -+ old = grub_env_get (*args); -+ if (!old) -+ return grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("No such variable \"%s\""), -+ *args); -+ -+ value = grub_strtol (old, NULL, 0); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; -+ -+ switch (op) -+ { -+ case INCREMENT: -+ value += 1; -+ break; -+ case DECREMENT: -+ value -= 1; -+ break; -+ } -+ -+ new = grub_xasprintf ("%ld", value); -+ if (!new) -+ return grub_errno; -+ -+ grub_env_set (*args, new); -+ grub_free (new); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_incr(struct grub_command *cmd UNUSED, -+ int argc, char **args) -+{ -+ return incr_decr(INCREMENT, argc, args); -+} -+ -+static grub_err_t -+grub_cmd_decr(struct grub_command *cmd UNUSED, -+ int argc, char **args) -+{ -+ return incr_decr(DECREMENT, argc, args); -+} -+ -+static grub_command_t cmd_incr, cmd_decr; -+ -+GRUB_MOD_INIT(increment) -+{ -+ cmd_incr = grub_register_command ("increment", grub_cmd_incr, N_("VARIABLE"), -+ N_("increment VARIABLE")); -+ cmd_decr = grub_register_command ("decrement", grub_cmd_decr, N_("VARIABLE"), -+ N_("decrement VARIABLE")); -+} -+ -+GRUB_MOD_FINI(increment) -+{ -+ grub_unregister_command (cmd_incr); -+ grub_unregister_command (cmd_decr); -+} -diff --git a/util/grub.d/01_fallback_counting.in b/util/grub.d/01_fallback_counting.in -new file mode 100644 -index 00000000000..be0e770ea82 ---- /dev/null -+++ b/util/grub.d/01_fallback_counting.in -@@ -0,0 +1,22 @@ -+#! /bin/sh -e -+ -+# Boot Counting -+# The boot_counter env var can be used to count down boot attempts after an -+# OSTree upgrade and choose the rollback deployment when 0 is reached. Both -+# boot_counter and boot_success need to be (re-)set from userspace. -+cat << EOF -+insmod increment -+# Check if boot_counter exists and boot_success=0 to activate this behaviour. -+if [ -n "\${boot_counter}" -a "\${boot_success}" = "0" ]; then -+ # if countdown has ended, choose to boot rollback deployment (default=1 on -+ # OSTree-based systems) -+ if [ "\${boot_counter}" = "0" -o "\${boot_counter}" = "-1" ]; then -+ set default=1 -+ set boot_counter=-1 -+ # otherwise decrement boot_counter -+ else -+ decrement boot_counter -+ fi -+ save_env boot_counter -+fi -+EOF diff --git a/0112-Fix-menu-entry-selection-based-on-ID-and-title.patch b/0112-Fix-menu-entry-selection-based-on-ID-and-title.patch deleted file mode 100644 index 957fda38c2fc97a96d5422873c82b84983bc47dc..0000000000000000000000000000000000000000 --- a/0112-Fix-menu-entry-selection-based-on-ID-and-title.patch +++ /dev/null @@ -1,233 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 19 Oct 2018 10:57:52 -0400 -Subject: [PATCH] Fix menu entry selection based on ID and title - -Currently if grub_strtoul(saved_entry_value, NULL, 0) does not return an -error, we assume the value it has produced is a correct index into our -menu entry list, and do not try to interpret the value as the "id" or -"title" . In cases where "id" or "title" start with a numeral, this -makes them impossible to use as selection criteria. - -This patch splits the search into three phases - matching id, matching -title, and only once those have been exhausted, trying to interpret the -ID as a numeral. In that case, we also require that the entire string -is numeric, not merely a string with leading numeric characters. - -Resolves: rhbz#1640979 - -Signed-off-by: Peter Jones -[javierm: fix menu entry selection based on title] -Signed-off-by: Javier Martinez Canillas ---- - grub-core/normal/menu.c | 141 ++++++++++++++++++++++++------------------------ - 1 file changed, 71 insertions(+), 70 deletions(-) - -diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c -index d7a222e681b..4a02aadb01c 100644 ---- a/grub-core/normal/menu.c -+++ b/grub-core/normal/menu.c -@@ -164,12 +164,12 @@ grub_menu_set_timeout (int timeout) - } - - static int --menuentry_eq (const char *id, const char *spec) -+menuentry_eq (const char *id, const char *spec, int limit) - { - const char *ptr1, *ptr2; - ptr1 = id; - ptr2 = spec; -- while (1) -+ while (limit == -1 || ptr1 - id <= limit) - { - if (*ptr2 == '>' && ptr2[1] != '>' && *ptr1 == 0) - return ptr2 - spec; -@@ -178,7 +178,11 @@ menuentry_eq (const char *id, const char *spec) - if (*ptr2 == '>') - ptr2++; - if (*ptr1 != *ptr2) -- return 0; -+ { -+ if (limit > -1 && ptr1 - id == limit && !*ptr1 && grub_isspace(*ptr2)) -+ return ptr1 -id -1; -+ return 0; -+ } - if (*ptr1 == 0) - return ptr1 - id; - ptr1++; -@@ -187,6 +191,58 @@ menuentry_eq (const char *id, const char *spec) - return 0; - } - -+static int -+get_entry_number_helper(grub_menu_t menu, -+ const char * const val, const char ** const tail) -+{ -+ /* See if the variable matches the title of a menu entry. */ -+ int entry = -1; -+ grub_menu_entry_t e; -+ int i; -+ -+ for (i = 0, e = menu->entry_list; e; i++) -+ { -+ int l = 0; -+ while (val[l] && !grub_isspace(val[l])) -+ l++; -+ -+ if (menuentry_eq (e->id, val, l)) -+ { -+ if (tail) -+ *tail = val + l; -+ return i; -+ } -+ e = e->next; -+ } -+ -+ for (i = 0, e = menu->entry_list; e; i++) -+ { -+ -+ if (menuentry_eq (e->title, val, -1)) -+ { -+ if (tail) -+ *tail = NULL; -+ return i; -+ } -+ e = e->next; -+ } -+ -+ if (tail) -+ *tail = NULL; -+ -+ entry = (int) grub_strtoul (val, tail, 0); -+ if (grub_errno == GRUB_ERR_BAD_NUMBER || -+ (*tail && **tail && !grub_isspace(**tail))) -+ { -+ entry = -1; -+ if (tail) -+ *tail = NULL; -+ grub_errno = GRUB_ERR_NONE; -+ } -+ -+ return entry; -+} -+ - /* Get the first entry number from the value of the environment variable NAME, - which is a space-separated list of non-negative integers. The entry number - which is returned is stripped from the value of NAME. If no entry number -@@ -196,7 +252,6 @@ get_and_remove_first_entry_number (grub_menu_t menu, const char *name) - { - const char *val, *tail; - int entry; -- int sz = 0; - - val = grub_env_get (name); - if (! val) -@@ -204,50 +259,24 @@ get_and_remove_first_entry_number (grub_menu_t menu, const char *name) - - grub_error_push (); - -- entry = (int) grub_strtoul (val, &tail, 0); -+ entry = get_entry_number_helper(menu, val, &tail); -+ if (!(*tail == 0 || grub_isspace(*tail))) -+ entry = -1; - -- if (grub_errno == GRUB_ERR_BAD_NUMBER) -+ if (entry >= 0) - { -- /* See if the variable matches the title of a menu entry. */ -- grub_menu_entry_t e = menu->entry_list; -- int i; -- -- for (i = 0; e; i++) -- { -- sz = menuentry_eq (e->title, val); -- if (sz < 1) -- sz = menuentry_eq (e->id, val); -- -- if (sz >= 1) -- { -- entry = i; -- break; -- } -- e = e->next; -- } -- -- if (sz > 0) -- grub_errno = GRUB_ERR_NONE; -- -- if (! e) -- entry = -1; -- } -- -- if (grub_errno == GRUB_ERR_NONE) -- { -- if (sz > 0) -- tail += sz; -- - /* Skip whitespace to find the next entry. */ - while (*tail && grub_isspace (*tail)) - tail++; -- grub_env_set (name, tail); -+ if (*tail) -+ grub_env_set (name, tail); -+ else -+ grub_env_unset (name); - } - else - { - grub_env_unset (name); - grub_errno = GRUB_ERR_NONE; -- entry = -1; - } - - grub_error_pop (); -@@ -524,6 +553,7 @@ static int - get_entry_number (grub_menu_t menu, const char *name) - { - const char *val; -+ const char *tail; - int entry; - - val = grub_env_get (name); -@@ -531,38 +561,9 @@ get_entry_number (grub_menu_t menu, const char *name) - return -1; - - grub_error_push (); -- -- entry = (int) grub_strtoul (val, 0, 0); -- -- if (grub_errno == GRUB_ERR_BAD_NUMBER) -- { -- /* See if the variable matches the title of a menu entry. */ -- grub_menu_entry_t e = menu->entry_list; -- int i; -- -- grub_errno = GRUB_ERR_NONE; -- -- for (i = 0; e; i++) -- { -- if (menuentry_eq (e->title, val) -- || menuentry_eq (e->id, val)) -- { -- entry = i; -- break; -- } -- e = e->next; -- } -- -- if (! e) -- entry = -1; -- } -- -- if (grub_errno != GRUB_ERR_NONE) -- { -- grub_errno = GRUB_ERR_NONE; -- entry = -1; -- } -- -+ entry = get_entry_number_helper(menu, val, &tail); -+ if (tail && *tail != '\0') -+ entry = -1; - grub_error_pop (); - - return entry; diff --git a/0113-Make-the-menu-entry-users-option-argument-to-be-opti.patch b/0113-Make-the-menu-entry-users-option-argument-to-be-opti.patch deleted file mode 100644 index e0d36db797811eb41c4bc2607ab588d0c985ce38..0000000000000000000000000000000000000000 --- a/0113-Make-the-menu-entry-users-option-argument-to-be-opti.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Mon, 26 Nov 2018 10:06:42 +0100 -Subject: [PATCH] Make the menu entry users option argument to be optional - -The --users option is used to restrict the access to specific menu entries -only to a set of users. But the option requires an argument to either be a -constant or a variable that has been set. So for example the following: - - menuentry "May be run by superusers or users in $users" --users $users { - linux /vmlinuz - } - -Would fail if $users is not defined and grub would discard the menu entry. -Instead, allow the --users option to have an optional argument and ignore -the option if the argument was not set. - -Related: rhbz#1652434 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/commands/menuentry.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/commands/menuentry.c b/grub-core/commands/menuentry.c -index b194123eb67..b175a1b43b7 100644 ---- a/grub-core/commands/menuentry.c -+++ b/grub-core/commands/menuentry.c -@@ -29,7 +29,7 @@ static const struct grub_arg_option options[] = - { - {"class", 1, GRUB_ARG_OPTION_REPEATABLE, - N_("Menu entry type."), N_("STRING"), ARG_TYPE_STRING}, -- {"users", 2, 0, -+ {"users", 2, GRUB_ARG_OPTION_OPTIONAL, - N_("List of users allowed to boot this entry."), N_("USERNAME[,USERNAME]"), - ARG_TYPE_STRING}, - {"hotkey", 3, 0, -@@ -281,7 +281,7 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args) - if (! ctxt->state[3].set && ! ctxt->script) - return grub_error (GRUB_ERR_BAD_ARGUMENT, "no menuentry definition"); - -- if (ctxt->state[1].set) -+ if (ctxt->state[1].set && ctxt->state[1].arg) - users = ctxt->state[1].arg; - else if (ctxt->state[5].set) - users = NULL; diff --git a/0114-Add-efi-export-env-and-efi-load-env-commands.patch b/0114-Add-efi-export-env-and-efi-load-env-commands.patch deleted file mode 100644 index 73456bc94c8a9bd9191cb7664eaf6a9754fd8ce3..0000000000000000000000000000000000000000 --- a/0114-Add-efi-export-env-and-efi-load-env-commands.patch +++ /dev/null @@ -1,346 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 16 Jan 2019 13:21:46 -0500 -Subject: [PATCH] Add efi-export-env and efi-load-env commands - -This adds "efi-export-env VARIABLE" and "efi-load-env", which manipulate the -environment block stored in the EFI variable -GRUB_ENV-91376aff-cba6-42be-949d-06fde81128e8. - -Signed-off-by: Peter Jones ---- - grub-core/Makefile.core.def | 6 ++ - grub-core/commands/efi/env.c | 168 +++++++++++++++++++++++++++++++++++++++++++ - grub-core/kern/efi/efi.c | 3 + - grub-core/kern/efi/init.c | 5 -- - grub-core/lib/envblk.c | 43 +++++++++++ - util/grub-set-bootflag.c | 1 + - include/grub/efi/efi.h | 5 ++ - include/grub/lib/envblk.h | 3 + - 8 files changed, 229 insertions(+), 5 deletions(-) - create mode 100644 grub-core/commands/efi/env.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 1e15345107e..81fc274148e 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -820,6 +820,12 @@ module = { - enable = efi; - }; - -+module = { -+ name = efienv; -+ common = commands/efi/env.c; -+ enable = efi; -+}; -+ - module = { - name = efifwsetup; - efi = commands/efi/efifwsetup.c; -diff --git a/grub-core/commands/efi/env.c b/grub-core/commands/efi/env.c -new file mode 100644 -index 00000000000..cbd13e03e81 ---- /dev/null -+++ b/grub-core/commands/efi/env.c -@@ -0,0 +1,168 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2012 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static const grub_efi_guid_t grub_env_guid = GRUB_EFI_GRUB_VARIABLE_GUID; -+ -+static grub_err_t -+grub_efi_export_env(grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ const char *value; -+ char *old_value; -+ struct grub_envblk envblk_s = { NULL, 0 }; -+ grub_envblk_t envblk = &envblk_s; -+ grub_err_t err; -+ int changed = 1; -+ grub_efi_status_t status; -+ -+ grub_dprintf ("efienv", "argc:%d\n", argc); -+ for (int i = 0; i < argc; i++) -+ grub_dprintf ("efienv", "argv[%d]: %s\n", i, argv[i]); -+ -+ if (argc != 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("variable name expected")); -+ -+ grub_efi_get_variable ("GRUB_ENV", &grub_env_guid, &envblk_s.size, -+ (void **) &envblk_s.buf); -+ if (!envblk_s.buf || envblk_s.size < 1) -+ { -+ char *buf = grub_malloc (1025); -+ if (!buf) -+ return grub_errno; -+ -+ grub_memcpy (buf, GRUB_ENVBLK_SIGNATURE, sizeof (GRUB_ENVBLK_SIGNATURE) - 1); -+ grub_memset (buf + sizeof (GRUB_ENVBLK_SIGNATURE) - 1, '#', -+ DEFAULT_ENVBLK_SIZE - sizeof (GRUB_ENVBLK_SIGNATURE) + 1); -+ buf[1024] = '\0'; -+ -+ envblk_s.buf = buf; -+ envblk_s.size = 1024; -+ } -+ else -+ { -+ char *buf = grub_realloc (envblk_s.buf, envblk_s.size + 1); -+ if (!buf) -+ return grub_errno; -+ -+ envblk_s.buf = buf; -+ envblk_s.buf[envblk_s.size] = '\0'; -+ } -+ -+ err = grub_envblk_get(envblk, argv[0], &old_value); -+ if (err != GRUB_ERR_NONE) -+ { -+ grub_dprintf ("efienv", "grub_envblk_get returned %d\n", err); -+ return err; -+ } -+ -+ value = grub_env_get(argv[0]); -+ if ((!value && !old_value) || -+ (value && old_value && !grub_strcmp(old_value, value))) -+ changed = 0; -+ -+ if (old_value) -+ grub_free(old_value); -+ -+ if (changed == 0) -+ { -+ grub_dprintf ("efienv", "No changes necessary\n"); -+ return 0; -+ } -+ -+ if (value) -+ { -+ grub_dprintf ("efienv", "setting \"%s\" to \"%s\"\n", argv[0], value); -+ grub_envblk_set(envblk, argv[0], value); -+ } -+ else -+ { -+ grub_dprintf ("efienv", "deleting \"%s\" from envblk\n", argv[0]); -+ grub_envblk_delete(envblk, argv[0]); -+ } -+ -+ grub_dprintf ("efienv", "envblk is %lu bytes:\n\"%s\"\n", envblk_s.size, envblk_s.buf); -+ -+ grub_dprintf ("efienv", "removing GRUB_ENV\n"); -+ status = grub_efi_set_variable ("GRUB_ENV", &grub_env_guid, NULL, 0); -+ if (status != GRUB_EFI_SUCCESS) -+ grub_dprintf ("efienv", "removal returned %ld\n", status); -+ -+ grub_dprintf ("efienv", "setting GRUB_ENV\n"); -+ status = grub_efi_set_variable ("GRUB_ENV", &grub_env_guid, -+ envblk_s.buf, envblk_s.size); -+ if (status != GRUB_EFI_SUCCESS) -+ grub_dprintf ("efienv", "setting GRUB_ENV returned %ld\n", status); -+ -+ return 0; -+} -+ -+static int -+set_var (const char *name, const char *value, -+ void *whitelist __attribute__((__unused__))) -+{ -+ grub_env_set (name, value); -+ return 0; -+} -+ -+static grub_err_t -+grub_efi_load_env(grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[] __attribute__((__unused__))) -+{ -+ struct grub_envblk envblk_s = { NULL, 0 }; -+ grub_envblk_t envblk = &envblk_s; -+ -+ grub_efi_get_variable ("GRUB_ENV", &grub_env_guid, &envblk_s.size, -+ (void **) &envblk_s.buf); -+ if (!envblk_s.buf || envblk_s.size < 1) -+ return 0; -+ -+ if (argc > 0) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("unexpected argument")); -+ -+ grub_envblk_iterate (envblk, NULL, set_var); -+ grub_free (envblk_s.buf); -+} -+ -+static grub_command_t export_cmd, loadenv_cmd; -+ -+GRUB_MOD_INIT(lsefi) -+{ -+ export_cmd = grub_register_command ("efi-export-env", grub_efi_export_env, -+ N_("VARIABLE_NAME"), N_("Export environment variable to UEFI.")); -+ loadenv_cmd = grub_register_command ("efi-load-env", grub_efi_load_env, -+ NULL, N_("Load the grub environment from UEFI.")); -+} -+ -+GRUB_MOD_FINI(lsefi) -+{ -+ grub_unregister_command (export_cmd); -+ grub_unregister_command (loadenv_cmd); -+} -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 2a446f5031b..14bc10eb564 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -225,6 +225,9 @@ grub_efi_set_variable(const char *var, const grub_efi_guid_t *guid, - if (status == GRUB_EFI_SUCCESS) - return GRUB_ERR_NONE; - -+ if (status == GRUB_EFI_NOT_FOUND && datasize == 0) -+ return GRUB_ERR_NONE; -+ - return grub_error (GRUB_ERR_IO, "could not set EFI variable `%s'", var); - } - -diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c -index 2d12e6188fd..0574d8d6217 100644 ---- a/grub-core/kern/efi/init.c -+++ b/grub-core/kern/efi/init.c -@@ -85,11 +85,6 @@ stack_protector_init (void) - - grub_addr_t grub_modbase; - --#define GRUB_EFI_GRUB_VARIABLE_GUID \ -- { 0x91376aff, 0xcba6, 0x42be, \ -- { 0x94, 0x9d, 0x06, 0xfd, 0xe8, 0x11, 0x28, 0xe8 } \ -- } -- - /* Helper for grub_efi_env_init */ - static int - set_var (const char *name, const char *value, -diff --git a/grub-core/lib/envblk.c b/grub-core/lib/envblk.c -index 2e4e78b132d..874506da169 100644 ---- a/grub-core/lib/envblk.c -+++ b/grub-core/lib/envblk.c -@@ -223,6 +223,49 @@ grub_envblk_delete (grub_envblk_t envblk, const char *name) - } - } - -+struct get_var_state { -+ const char * const name; -+ char * value; -+ int found; -+}; -+ -+static int -+get_var (const char * const name, const char * const value, void *statep) -+{ -+ struct get_var_state *state = (struct get_var_state *)statep; -+ -+ if (!grub_strcmp(state->name, name)) -+ { -+ state->found = 1; -+ state->value = grub_strdup(value); -+ if (!state->value) -+ grub_errno = grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+grub_err_t -+grub_envblk_get (grub_envblk_t envblk, const char * const name, char ** const value) -+{ -+ struct get_var_state state = { -+ .name = name, -+ .value = NULL, -+ .found = 0, -+ }; -+ -+ grub_envblk_iterate(envblk, (void *)&state, get_var); -+ -+ *value = state.value; -+ -+ if (state.found && !state.value) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ - void - grub_envblk_iterate (grub_envblk_t envblk, - void *hook_data, -diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c -index bb198f02351..6a79ee67444 100644 ---- a/util/grub-set-bootflag.c -+++ b/util/grub-set-bootflag.c -@@ -25,6 +25,7 @@ - - #include /* For *_DIR_NAME defines */ - #include -+#include - #include /* For GRUB_ENVBLK_DEFCFG define */ - #include - #include -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 2e0691454b1..8dfc89a33b9 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -24,6 +24,11 @@ - #include - #include - -+#define GRUB_EFI_GRUB_VARIABLE_GUID \ -+ { 0x91376aff, 0xcba6, 0x42be, \ -+ { 0x94, 0x9d, 0x06, 0xfd, 0xe8, 0x11, 0x28, 0xe8 } \ -+ } -+ - /* Variables. */ - extern grub_efi_system_table_t *EXPORT_VAR(grub_efi_system_table); - extern grub_efi_handle_t EXPORT_VAR(grub_efi_image_handle); -diff --git a/include/grub/lib/envblk.h b/include/grub/lib/envblk.h -index c3e65592170..ab969af2461 100644 ---- a/include/grub/lib/envblk.h -+++ b/include/grub/lib/envblk.h -@@ -22,6 +22,8 @@ - #define GRUB_ENVBLK_SIGNATURE "# GRUB Environment Block\n" - #define GRUB_ENVBLK_DEFCFG "grubenv" - -+#define DEFAULT_ENVBLK_SIZE 1024 -+ - #ifndef ASM_FILE - - struct grub_envblk -@@ -33,6 +35,7 @@ typedef struct grub_envblk *grub_envblk_t; - - grub_envblk_t grub_envblk_open (char *buf, grub_size_t size); - int grub_envblk_set (grub_envblk_t envblk, const char *name, const char *value); -+grub_err_t grub_envblk_get (grub_envblk_t envblk, const char * const name, char ** const value); - void grub_envblk_delete (grub_envblk_t envblk, const char *name); - void grub_envblk_iterate (grub_envblk_t envblk, - void *hook_data, diff --git a/0115-Make-it-possible-to-subtract-conditions-from-debug.patch b/0115-Make-it-possible-to-subtract-conditions-from-debug.patch deleted file mode 100644 index fce51eac8360f042579e9ff102632bfb3115d246..0000000000000000000000000000000000000000 --- a/0115-Make-it-possible-to-subtract-conditions-from-debug.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 17 Jan 2019 13:10:39 -0500 -Subject: [PATCH] Make it possible to subtract conditions from debug= - -This makes it so you can do set debug to "all,-scripting,-lexer" and get the -obvious outcome. Any negation present will take preference over that -conditional, so "all,-scripting,scripting" is the same thing as -"all,-scripting". - -Signed-off-by: Peter Jones ---- - grub-core/kern/misc.c | 14 +++++++++++++- - 1 file changed, 13 insertions(+), 1 deletion(-) - -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 9a2fae6398e..578bf51a5fc 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -164,12 +164,24 @@ int - grub_debug_enabled (const char * condition) - { - const char *debug; -+ char *negcond; -+ int negated = 0; - - debug = grub_env_get ("debug"); - if (!debug) - return 0; - -- if (grub_strword (debug, "all") || grub_strword (debug, condition)) -+ negcond = grub_zalloc (grub_strlen (condition) + 2); -+ if (negcond) -+ { -+ grub_strcpy (negcond, "-"); -+ grub_strcpy (negcond+1, condition); -+ negated = grub_strword (debug, negcond); -+ grub_free (negcond); -+ } -+ -+ if (!negated && -+ (grub_strword (debug, "all") || grub_strword (debug, condition))) - return 1; - - return 0; diff --git a/0116-Export-all-variables-from-the-initial-context-when-c.patch b/0116-Export-all-variables-from-the-initial-context-when-c.patch deleted file mode 100644 index 4e32260ccada665fefa13ad61396c453217e4574..0000000000000000000000000000000000000000 --- a/0116-Export-all-variables-from-the-initial-context-when-c.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 22 Jan 2019 15:40:25 +0100 -Subject: [PATCH] Export all variables from the initial context when creating a - submenu - -When a submenu is created, only the exported variables are copied to the -new menu context. But we want the variables to be global, so export lets -export all variables to the new created submenu. - -Also, don't unset the default variable when a new submenu is created. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/normal/context.c | 2 +- - grub-core/normal/menu.c | 2 -- - 2 files changed, 1 insertion(+), 3 deletions(-) - -diff --git a/grub-core/normal/context.c b/grub-core/normal/context.c -index ee53d4a68e5..87edd254c44 100644 ---- a/grub-core/normal/context.c -+++ b/grub-core/normal/context.c -@@ -99,7 +99,7 @@ grub_env_new_context (int export_all) - grub_err_t - grub_env_context_open (void) - { -- return grub_env_new_context (0); -+ return grub_env_new_context (1); - } - - int grub_extractor_level = 0; -diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c -index 4a02aadb01c..fe2e77a43e2 100644 ---- a/grub-core/normal/menu.c -+++ b/grub-core/normal/menu.c -@@ -375,8 +375,6 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - - if (ptr && ptr[0] && ptr[1]) - grub_env_set ("default", ptr + 1); -- else -- grub_env_unset ("default"); - - grub_script_execute_new_scope (entry->sourcecode, entry->argc, entry->args); - diff --git a/0117-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch b/0117-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch deleted file mode 100644 index 92f259dc3886aabe44acfdf1fcccfdb5c5d27dd0..0000000000000000000000000000000000000000 --- a/0117-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch +++ /dev/null @@ -1,168 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Christian Glombek -Date: Tue, 2 Apr 2019 16:22:21 +0200 -Subject: [PATCH] grub.d: Split out boot success reset from menu auto hide - script - -Also rename fallback and menu auto hide script to be executed -before and after boot success reset script. -In menu auto hide script, rename last_boot_ok var to menu_hide_ok - -Signed-off-by: Christian Glombek -Signed-off-by: Robbie Harwood ---- - Makefile.util.def | 14 ++++++++---- - ...allback_counting.in => 08_fallback_counting.in} | 14 ++++++------ - util/grub.d/10_reset_boot_success.in | 25 ++++++++++++++++++++++ - .../{01_menu_auto_hide.in => 12_menu_auto_hide.in} | 23 +++++--------------- - 4 files changed, 48 insertions(+), 28 deletions(-) - rename util/grub.d/{01_fallback_counting.in => 08_fallback_counting.in} (65%) - create mode 100644 util/grub.d/10_reset_boot_success.in - rename util/grub.d/{01_menu_auto_hide.in => 12_menu_auto_hide.in} (58%) - -diff --git a/Makefile.util.def b/Makefile.util.def -index 27a13bc734e..2e6ad979c3e 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -459,14 +459,14 @@ script = { - }; - - script = { -- name = '01_fallback_counting'; -- common = util/grub.d/01_fallback_counting.in; -+ name = '08_fallback_counting'; -+ common = util/grub.d/08_fallback_counting.in; - installdir = grubconf; - }; - - script = { -- name = '01_menu_auto_hide'; -- common = util/grub.d/01_menu_auto_hide.in; -+ name = '12_menu_auto_hide'; -+ common = util/grub.d/12_menu_auto_hide.in; - installdir = grubconf; - }; - -@@ -518,6 +518,12 @@ script = { - condition = COND_HOST_LINUX; - }; - -+script = { -+ name = '10_reset_boot_success'; -+ common = util/grub.d/10_reset_boot_success.in; -+ installdir = grubconf; -+}; -+ - script = { - name = '10_xnu'; - common = util/grub.d/10_xnu.in; -diff --git a/util/grub.d/01_fallback_counting.in b/util/grub.d/08_fallback_counting.in -similarity index 65% -rename from util/grub.d/01_fallback_counting.in -rename to util/grub.d/08_fallback_counting.in -index be0e770ea82..2e2c3ff7d31 100644 ---- a/util/grub.d/01_fallback_counting.in -+++ b/util/grub.d/08_fallback_counting.in -@@ -1,15 +1,17 @@ - #! /bin/sh -e -- --# Boot Counting -+# Fallback Countdown -+# -+# This snippet depends on 10_reset_boot_success and needs to be kept in sync. -+# - # The boot_counter env var can be used to count down boot attempts after an --# OSTree upgrade and choose the rollback deployment when 0 is reached. Both --# boot_counter and boot_success need to be (re-)set from userspace. -+# OSTree upgrade and choose the rollback deployment when 0 is reached. -+# Both boot_counter=X and boot_success=1 need to be set from userspace. - cat << EOF - insmod increment - # Check if boot_counter exists and boot_success=0 to activate this behaviour. - if [ -n "\${boot_counter}" -a "\${boot_success}" = "0" ]; then -- # if countdown has ended, choose to boot rollback deployment (default=1 on -- # OSTree-based systems) -+ # if countdown has ended, choose to boot rollback deployment, -+ # i.e. default=1 on OSTree-based systems. - if [ "\${boot_counter}" = "0" -o "\${boot_counter}" = "-1" ]; then - set default=1 - set boot_counter=-1 -diff --git a/util/grub.d/10_reset_boot_success.in b/util/grub.d/10_reset_boot_success.in -new file mode 100644 -index 00000000000..6c88d933dde ---- /dev/null -+++ b/util/grub.d/10_reset_boot_success.in -@@ -0,0 +1,25 @@ -+#! /bin/sh -e -+# Reset Boot Success -+# -+# The 08_fallback_counting and 12_menu_auto_hide snippets rely on this one -+# and need to be kept in sync. -+# -+# The boot_success var needs to be set to 1 from userspace to mark a boot successful. -+cat << EOF -+insmod increment -+# Hiding the menu is ok if last boot was ok or if this is a first boot attempt to boot the entry -+if [ "\${boot_success}" = "1" -o "\${boot_indeterminate}" = "1" ]; then -+ set menu_hide_ok=1 -+else -+ set menu_hide_ok=0 -+fi -+# Reset boot_indeterminate after a successful boot, increment otherwise -+if [ "\${boot_success}" = "1" ] ; then -+ set boot_indeterminate=0 -+else -+ increment boot_indeterminate -+fi -+# Reset boot_success for current boot -+set boot_success=0 -+save_env boot_success boot_indeterminate -+EOF -diff --git a/util/grub.d/01_menu_auto_hide.in b/util/grub.d/12_menu_auto_hide.in -similarity index 58% -rename from util/grub.d/01_menu_auto_hide.in -rename to util/grub.d/12_menu_auto_hide.in -index ad175870a54..6a7c0fa0d43 100644 ---- a/util/grub.d/01_menu_auto_hide.in -+++ b/util/grub.d/12_menu_auto_hide.in -@@ -1,5 +1,8 @@ - #! /bin/sh -- -+# Menu Auto Hide -+# -+# This snippet depends on 10_reset_boot_success and needs to be kept in sync. -+# - # Disable / skip generating menu-auto-hide config parts on serial terminals - for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do - case "$x" in -@@ -10,29 +13,13 @@ for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do - done - - cat << EOF --if [ "\${boot_success}" = "1" -o "\${boot_indeterminate}" = "1" ]; then -- set last_boot_ok=1 --else -- set last_boot_ok=0 --fi -- --# Reset boot_indeterminate after a successful boot --if [ "\${boot_success}" = "1" ] ; then -- set boot_indeterminate=0 --# Avoid boot_indeterminate causing the menu to be hidden more then once --elif [ "\${boot_indeterminate}" = "1" ]; then -- set boot_indeterminate=2 --fi --set boot_success=0 --save_env boot_success boot_indeterminate -- - if [ x\$feature_timeout_style = xy ] ; then - if [ "\${menu_show_once}" ]; then - unset menu_show_once - save_env menu_show_once - set timeout_style=menu - set timeout=60 -- elif [ "\${menu_auto_hide}" -a "\${last_boot_ok}" = "1" ]; then -+ elif [ "\${menu_auto_hide}" -a "\${menu_hide_ok}" = "1" ]; then - set orig_timeout_style=\${timeout_style} - set orig_timeout=\${timeout} - if [ "\${fastboot}" = "1" ]; then diff --git a/0118-Fix-systemctl-kexec-exit-status-check.patch b/0118-Fix-systemctl-kexec-exit-status-check.patch deleted file mode 100644 index 74ecedccb118eb3ee9753ef02183c533c0f6e1e3..0000000000000000000000000000000000000000 --- a/0118-Fix-systemctl-kexec-exit-status-check.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 9 Apr 2019 12:30:38 +0200 -Subject: [PATCH] Fix systemctl kexec exit status check - -There's always an error printed even when the systemctl kexec command does -succeed. That's because systemctl executes it asynchronously, but the emu -loader seems to expect it to be synchronous and that should never return. - -Also, it's wrong to test if kexecute == 1 since we already know that's the -case or otherwise the function wouldn't had called grub_fatal() earlier. - -Finally, systemctl kexec failing shouldn't be a fatal error since the emu -loader fallbacks to executing the kexec command in case of a failure. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/loader/emu/linux.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/grub-core/loader/emu/linux.c b/grub-core/loader/emu/linux.c -index fda9e00d24c..5b85b225eed 100644 ---- a/grub-core/loader/emu/linux.c -+++ b/grub-core/loader/emu/linux.c -@@ -71,8 +71,10 @@ grub_linux_boot (void) - (kexecute==1) ? "do-or-die" : "just-in-case"); - rc = grub_util_exec (systemctl); - -- if (kexecute == 1) -- grub_fatal (N_("Error trying to perform 'systemctl kexec'")); -+ if (rc == GRUB_ERR_NONE) -+ return rc; -+ -+ grub_error (rc, N_("Error trying to perform 'systemctl kexec'")); - - /* need to check read-only root before resetting hard!? */ - grub_printf("Performing 'kexec -e'"); diff --git a/0119-Print-grub-emu-linux-loader-messages-as-debug.patch b/0119-Print-grub-emu-linux-loader-messages-as-debug.patch deleted file mode 100644 index a49ec44c4981f22752e041cf9c4ce0461e076ad8..0000000000000000000000000000000000000000 --- a/0119-Print-grub-emu-linux-loader-messages-as-debug.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 9 Apr 2019 12:42:37 +0200 -Subject: [PATCH] Print grub-emu linux loader messages as debug - -They just polute the output and should better be debug messages instead. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/loader/emu/linux.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/loader/emu/linux.c b/grub-core/loader/emu/linux.c -index 5b85b225eed..22ab6af1727 100644 ---- a/grub-core/loader/emu/linux.c -+++ b/grub-core/loader/emu/linux.c -@@ -50,7 +50,7 @@ grub_linux_boot (void) - initrd_param = grub_xasprintf("%s", ""); - } - -- grub_printf("%serforming 'kexec -l %s %s %s'\n", -+ grub_dprintf ("linux", "%serforming 'kexec -l %s %s %s'\n", - (kexecute) ? "P" : "Not p", - kernel_path, initrd_param, boot_cmdline); - -@@ -67,7 +67,7 @@ grub_linux_boot (void) - if (kexecute < 1) - grub_fatal (N_("Use '"PACKAGE"-emu --kexec' to force a system restart.")); - -- grub_printf("Performing 'systemctl kexec' (%s) ", -+ grub_dprintf ("linux", "Performing 'systemctl kexec' (%s) ", - (kexecute==1) ? "do-or-die" : "just-in-case"); - rc = grub_util_exec (systemctl); - diff --git a/0120-Don-t-assume-that-boot-commands-will-only-return-on-.patch b/0120-Don-t-assume-that-boot-commands-will-only-return-on-.patch deleted file mode 100644 index bd7b2c1b509e7d46b608e65e92d6fa15a9147b9c..0000000000000000000000000000000000000000 --- a/0120-Don-t-assume-that-boot-commands-will-only-return-on-.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 9 Apr 2019 13:12:40 +0200 -Subject: [PATCH] Don't assume that boot commands will only return on fail - -While it's true that for most loaders the boot command never returns, it -may be the case that it does. For example the GRUB emulator boot command -calls to systemctl kexec which in turn does an asynchonous call to kexec. - -So in this case GRUB will wrongly assume that the boot command fails and -print a "Failed to boot both default and fallback entries" even when the -kexec call later succeeds. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/normal/menu.c | 23 +++++++++++++---------- - 1 file changed, 13 insertions(+), 10 deletions(-) - -diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c -index fe2e77a43e2..ec0c92bade0 100644 ---- a/grub-core/normal/menu.c -+++ b/grub-core/normal/menu.c -@@ -285,7 +285,7 @@ get_and_remove_first_entry_number (grub_menu_t menu, const char *name) - } - - /* Run a menu entry. */ --static void -+static grub_err_t - grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - { - grub_err_t err = GRUB_ERR_NONE; -@@ -302,7 +302,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - { - grub_print_error (); - grub_errno = GRUB_ERR_NONE; -- return; -+ return grub_errno; - } - - errs_before = grub_err_printed_errors; -@@ -315,7 +315,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - grub_env_context_open (); - menu = grub_zalloc (sizeof (*menu)); - if (! menu) -- return; -+ return grub_errno; - grub_env_set_menu (menu); - if (auto_boot) - grub_env_set ("timeout", "0"); -@@ -385,7 +385,7 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - - if (grub_errno == GRUB_ERR_NONE && grub_loader_is_loaded ()) - /* Implicit execution of boot, only if something is loaded. */ -- grub_command_execute ("boot", 0, 0); -+ err = grub_command_execute ("boot", 0, 0); - - if (errs_before != grub_err_printed_errors) - grub_wait_after_message (); -@@ -408,6 +408,8 @@ grub_menu_execute_entry(grub_menu_entry_t entry, int auto_boot) - else - grub_env_unset ("default"); - grub_env_unset ("timeout"); -+ -+ return err; - } - - /* Execute ENTRY from the menu MENU, falling back to entries specified -@@ -422,10 +424,13 @@ grub_menu_execute_with_fallback (grub_menu_t menu, - void *callback_data) - { - int fallback_entry; -+ grub_err_t err; - - callback->notify_booting (entry, callback_data); - -- grub_menu_execute_entry (entry, 1); -+ err = grub_menu_execute_entry (entry, 1); -+ if (err == GRUB_ERR_NONE) -+ return; - - /* Deal with fallback entries. */ - while ((fallback_entry = get_and_remove_first_entry_number (menu, "fallback")) -@@ -436,11 +441,9 @@ grub_menu_execute_with_fallback (grub_menu_t menu, - - entry = grub_menu_get_entry (menu, fallback_entry); - callback->notify_fallback (entry, callback_data); -- grub_menu_execute_entry (entry, 1); -- /* If the function call to execute the entry returns at all, then this is -- taken to indicate a boot failure. For menu entries that do something -- other than actually boot an operating system, this could assume -- incorrectly that something failed. */ -+ err = grub_menu_execute_entry (entry, 1); -+ if (err == GRUB_ERR_NONE) -+ return; - } - - if (!autobooted) diff --git a/0121-Do-better-in-bootstrap.conf.patch b/0121-Do-better-in-bootstrap.conf.patch deleted file mode 100644 index ec9d8ecc15fa1e2b315ee081222aa64a0d02d3d3..0000000000000000000000000000000000000000 --- a/0121-Do-better-in-bootstrap.conf.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 29 Jul 2019 10:58:52 -0400 -Subject: [PATCH] Do better in bootstrap.conf - ---- - bootstrap.conf | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/bootstrap.conf b/bootstrap.conf -index 186be9c48ce..9259526e891 100644 ---- a/bootstrap.conf -+++ b/bootstrap.conf -@@ -16,7 +16,13 @@ - # along with this program. If not, see . - - --GNULIB_REVISION=d271f868a8df9bbec29049d01e056481b7a1a263 -+# GNULIB_REVISION=d271f868a8df9bbec29049d01e056481b7a1a263 -+if [[ -z "${GNULIB_REVISION}" ]] ;then -+ GNULIB_REVISION=fixes -+fi -+if [[ -z "${GNULIB_URL}" ]] ;then -+ GNULIB_URL=https://github.com/rhboot/gnulib.git -+fi - - # gnulib modules used by this package. - # mbswidth is used by gnulib-fix-width.diff's changes to argp rather than diff --git a/0122-Use-git-to-apply-gnulib-patches.patch b/0122-Use-git-to-apply-gnulib-patches.patch deleted file mode 100644 index 7654648859f9928d8c4b1df6657a5fdb03bbb742..0000000000000000000000000000000000000000 --- a/0122-Use-git-to-apply-gnulib-patches.patch +++ /dev/null @@ -1,631 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 29 Jul 2019 11:21:27 -0400 -Subject: [PATCH] Use git to apply gnulib patches. - -Signed-off-by: Peter Jones ---- - bootstrap.conf | 6 - - conf/Makefile.extra-dist | 10 - - grub-core/lib/gnulib-patches/fix-base64.patch | 21 -- - grub-core/lib/gnulib-patches/fix-null-deref.patch | 13 -- - .../lib/gnulib-patches/fix-null-state-deref.patch | 12 -- - .../gnulib-patches/fix-regcomp-uninit-token.patch | 15 -- - .../gnulib-patches/fix-regexec-null-deref.patch | 12 -- - .../gnulib-patches/fix-sign-compare-errors.patch | 161 --------------- - .../lib/gnulib-patches/fix-uninit-structure.patch | 11 -- - .../lib/gnulib-patches/fix-unused-value.patch | 14 -- - grub-core/lib/gnulib-patches/fix-width.patch | 217 --------------------- - grub-core/lib/gnulib-patches/no-abort.patch | 26 --- - 12 files changed, 518 deletions(-) - delete mode 100644 grub-core/lib/gnulib-patches/fix-base64.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-null-deref.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-null-state-deref.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-uninit-structure.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-unused-value.patch - delete mode 100644 grub-core/lib/gnulib-patches/fix-width.patch - delete mode 100644 grub-core/lib/gnulib-patches/no-abort.patch - -diff --git a/bootstrap.conf b/bootstrap.conf -index 9259526e891..452f4d79b0d 100644 ---- a/bootstrap.conf -+++ b/bootstrap.conf -@@ -85,12 +85,6 @@ cp -a INSTALL INSTALL.grub - - bootstrap_post_import_hook () { - set -e -- for patchname in fix-base64 fix-null-deref fix-null-state-deref fix-regcomp-uninit-token \ -- fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width no-abort \ -- fix-sign-compare-errors; do -- patch -d grub-core/lib/gnulib -p2 \ -- < "grub-core/lib/gnulib-patches/$patchname.patch" -- done - for patchname in \ - 0001-Support-POTFILES-shell \ - 0002-Handle-gettext_printf-shell-function \ -diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist -index ea58362b555..8ddf22e6c99 100644 ---- a/conf/Makefile.extra-dist -+++ b/conf/Makefile.extra-dist -@@ -30,16 +30,6 @@ EXTRA_DIST += grub-core/gensymlist.sh - EXTRA_DIST += grub-core/genemuinit.sh - EXTRA_DIST += grub-core/genemuinitheader.sh - --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-base64.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-state-deref.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-uninit-structure.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/fix-width.patch --EXTRA_DIST += grub-core/lib/gnulib-patches/no-abort.patch -- - EXTRA_DIST += grub-core/lib/libgcrypt - EXTRA_DIST += grub-core/lib/libgcrypt-grub/mpi/generic - EXTRA_DIST += $(shell find $(top_srcdir)/include -name '*.h') -diff --git a/grub-core/lib/gnulib-patches/fix-base64.patch b/grub-core/lib/gnulib-patches/fix-base64.patch -deleted file mode 100644 -index 985db127971..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-base64.patch -+++ /dev/null -@@ -1,21 +0,0 @@ --diff --git a/lib/base64.h b/lib/base64.h --index 9cd0183b8..185a2afa1 100644 ----- a/lib/base64.h --+++ b/lib/base64.h --@@ -21,8 +21,14 @@ -- /* Get size_t. */ -- # include -- ---/* Get bool. */ ---# include --+#ifndef GRUB_POSIX_BOOL_DEFINED --+typedef enum { false = 0, true = 1 } bool; --+#define GRUB_POSIX_BOOL_DEFINED 1 --+#endif --+ --+#ifndef _GL_ATTRIBUTE_CONST --+# define _GL_ATTRIBUTE_CONST /* empty */ --+#endif -- -- # ifdef __cplusplus -- extern "C" { -diff --git a/grub-core/lib/gnulib-patches/fix-null-deref.patch b/grub-core/lib/gnulib-patches/fix-null-deref.patch -deleted file mode 100644 -index 8fafa153a47..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-null-deref.patch -+++ /dev/null -@@ -1,13 +0,0 @@ --diff --git a/lib/argp-parse.c b/lib/argp-parse.c --index 6dec57310..900adad54 100644 ----- a/lib/argp-parse.c --+++ b/lib/argp-parse.c --@@ -940,7 +940,7 @@ weak_alias (__argp_parse, argp_parse) -- void * -- __argp_input (const struct argp *argp, const struct argp_state *state) -- { --- if (state) --+ if (state && state->pstate) -- { -- struct group *group; -- struct parser *parser = state->pstate; -diff --git a/grub-core/lib/gnulib-patches/fix-null-state-deref.patch b/grub-core/lib/gnulib-patches/fix-null-state-deref.patch -deleted file mode 100644 -index 813ec09c8a1..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-null-state-deref.patch -+++ /dev/null -@@ -1,12 +0,0 @@ ----- a/lib/argp-help.c 2020-10-28 14:32:19.189215988 +0000 --+++ b/lib/argp-help.c 2020-10-28 14:38:21.204673940 +0000 --@@ -145,7 +145,8 @@ -- if (*(int *)((char *)upptr + up->uparams_offs) >= upptr->rmargin) -- { -- __argp_failure (state, 0, 0, --- dgettext (state->root_argp->argp_domain, --+ dgettext (state == NULL ? NULL --+ : state->root_argp->argp_domain, -- "\ -- ARGP_HELP_FMT: %s value is less than or equal to %s"), -- "rmargin", up->name); -diff --git a/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch b/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch -deleted file mode 100644 -index 02e06315dff..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch -+++ /dev/null -@@ -1,15 +0,0 @@ ----- a/lib/regcomp.c 2020-11-24 17:06:08.159223858 +0000 --+++ b/lib/regcomp.c 2020-11-24 17:06:15.630253923 +0000 --@@ -3808,11 +3808,7 @@ -- create_tree (re_dfa_t *dfa, bin_tree_t *left, bin_tree_t *right, -- re_token_type_t type) -- { --- re_token_t t; ---#if defined GCC_LINT || defined lint --- memset (&t, 0, sizeof t); ---#endif --- t.type = type; --+ re_token_t t = { .type = type }; -- return create_token_tree (dfa, left, right, &t); -- } -- -diff --git a/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch b/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch -deleted file mode 100644 -index db6dac9c9e3..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch -+++ /dev/null -@@ -1,12 +0,0 @@ ----- a/lib/regexec.c 2020-10-21 14:25:35.310195912 +0000 --+++ b/lib/regexec.c 2020-11-05 10:55:09.621542984 +0000 --@@ -1692,6 +1692,9 @@ -- { -- Idx top = mctx->state_log_top; -- --+ if (mctx->state_log == NULL) --+ return REG_NOERROR; --+ -- if ((next_state_log_idx >= mctx->input.bufs_len -- && mctx->input.bufs_len < mctx->input.len) -- || (next_state_log_idx >= mctx->input.valid_len -diff --git a/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch b/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch -deleted file mode 100644 -index 479029c0565..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-sign-compare-errors.patch -+++ /dev/null -@@ -1,161 +0,0 @@ --diff --git a/lib/regcomp.c b/lib/regcomp.c --index cc85f35ac58..361079d82d6 100644 ----- a/lib/regcomp.c --+++ b/lib/regcomp.c --@@ -322,7 +322,7 @@ re_compile_fastmap_iter (regex_t *bufp, const re_dfastate_t *init_state, -- *p++ = dfa->nodes[node].opr.c; -- memset (&state, '\0', sizeof (state)); -- if (__mbrtowc (&wc, (const char *) buf, p - buf, --- &state) == p - buf --+ &state) == (size_t)(p - buf) -- && (__wcrtomb ((char *) buf, __towlower (wc), &state) -- != (size_t) -1)) -- re_set_fastmap (fastmap, false, buf[0]); --@@ -3778,7 +3778,7 @@ fetch_number (re_string_t *input, re_token_t *token, reg_syntax_t syntax) -- num = ((token->type != CHARACTER || c < '0' || '9' < c || num == -2) -- ? -2 -- : num == -1 --- ? c - '0' --+ ? (Idx)(c - '0') -- : MIN (RE_DUP_MAX + 1, num * 10 + c - '0')); -- } -- return num; --diff --git a/lib/regex_internal.c b/lib/regex_internal.c --index 9004ce809eb..193a1e3d332 100644 ----- a/lib/regex_internal.c --+++ b/lib/regex_internal.c --@@ -233,7 +233,7 @@ build_wcs_buffer (re_string_t *pstr) -- /* Apply the translation if we need. */ -- if (__glibc_unlikely (pstr->trans != NULL)) -- { --- int i, ch; --+ unsigned int i, ch; -- -- for (i = 0; i < pstr->mb_cur_max && i < remain_len; ++i) -- { --@@ -376,7 +376,7 @@ build_wcs_upper_buffer (re_string_t *pstr) -- prev_st = pstr->cur_state; -- if (__glibc_unlikely (pstr->trans != NULL)) -- { --- int i, ch; --+ unsigned int i, ch; -- -- for (i = 0; i < pstr->mb_cur_max && i < remain_len; ++i) -- { --@@ -754,7 +754,7 @@ re_string_reconstruct (re_string_t *pstr, Idx idx, int eflags) -- memset (&cur_state, 0, sizeof (cur_state)); -- mbclen = __mbrtowc (&wc2, (const char *) pp, mlen, -- &cur_state); --- if (raw + offset - p <= mbclen --+ if ((size_t)(raw + offset - p) <= mbclen -- && mbclen < (size_t) -2) -- { -- memset (&pstr->cur_state, '\0', --diff --git a/lib/regex_internal.h b/lib/regex_internal.h --index 5462419b787..e0f8292395d 100644 ----- a/lib/regex_internal.h --+++ b/lib/regex_internal.h --@@ -425,7 +425,7 @@ struct re_string_t -- unsigned char offsets_needed; -- unsigned char newline_anchor; -- unsigned char word_ops_used; --- int mb_cur_max; --+ unsigned int mb_cur_max; -- }; -- typedef struct re_string_t re_string_t; -- --@@ -702,7 +702,7 @@ struct re_dfa_t -- unsigned int is_utf8 : 1; -- unsigned int map_notascii : 1; -- unsigned int word_ops_used : 1; --- int mb_cur_max; --+ unsigned int mb_cur_max; -- bitset_t word_char; -- reg_syntax_t syntax; -- Idx *subexp_map; --diff --git a/lib/regexec.c b/lib/regexec.c --index 0a7a27b772e..b57d4f9141d 100644 ----- a/lib/regexec.c --+++ b/lib/regexec.c --@@ -443,7 +443,7 @@ re_search_stub (struct re_pattern_buffer *bufp, const char *string, Idx length, -- { -- if (ret_len) -- { --- assert (pmatch[0].rm_so == start); --+ assert (pmatch[0].rm_so == (long)start); -- rval = pmatch[0].rm_eo - start; -- } -- else --@@ -877,11 +877,11 @@ re_search_internal (const regex_t *preg, const char *string, Idx length, -- if (__glibc_unlikely (mctx.input.offsets_needed != 0)) -- { -- pmatch[reg_idx].rm_so = --- (pmatch[reg_idx].rm_so == mctx.input.valid_len --+ (pmatch[reg_idx].rm_so == (long)mctx.input.valid_len -- ? mctx.input.valid_raw_len -- : mctx.input.offsets[pmatch[reg_idx].rm_so]); -- pmatch[reg_idx].rm_eo = --- (pmatch[reg_idx].rm_eo == mctx.input.valid_len --+ (pmatch[reg_idx].rm_eo == (long)mctx.input.valid_len -- ? mctx.input.valid_raw_len -- : mctx.input.offsets[pmatch[reg_idx].rm_eo]); -- } --@@ -1418,11 +1418,11 @@ set_regs (const regex_t *preg, const re_match_context_t *mctx, size_t nmatch, -- } -- memcpy (prev_idx_match, pmatch, sizeof (regmatch_t) * nmatch); -- --- for (idx = pmatch[0].rm_so; idx <= pmatch[0].rm_eo ;) --+ for (idx = pmatch[0].rm_so; idx <= (long)pmatch[0].rm_eo ;) -- { -- update_regs (dfa, pmatch, prev_idx_match, cur_node, idx, nmatch); -- --- if (idx == pmatch[0].rm_eo && cur_node == mctx->last_node) --+ if (idx == (long)pmatch[0].rm_eo && cur_node == mctx->last_node) -- { -- Idx reg_idx; -- if (fs) --@@ -1519,7 +1519,7 @@ update_regs (const re_dfa_t *dfa, regmatch_t *pmatch, -- if (reg_num < nmatch) -- { -- /* We are at the last node of this sub expression. */ --- if (pmatch[reg_num].rm_so < cur_idx) --+ if (pmatch[reg_num].rm_so < (long)cur_idx) -- { -- pmatch[reg_num].rm_eo = cur_idx; -- /* This is a non-empty match or we are not inside an optional --@@ -2938,7 +2938,7 @@ check_arrival (re_match_context_t *mctx, state_array_t *path, Idx top_node, -- mctx->state_log[str_idx] = cur_state; -- } -- --- for (null_cnt = 0; str_idx < last_str && null_cnt <= mctx->max_mb_elem_len;) --+ for (null_cnt = 0; str_idx < last_str && null_cnt <= (long)mctx->max_mb_elem_len;) -- { -- re_node_set_empty (&next_nodes); -- if (mctx->state_log[str_idx + 1]) --@@ -3718,7 +3718,7 @@ check_node_accept_bytes (const re_dfa_t *dfa, Idx node_idx, -- const re_string_t *input, Idx str_idx) -- { -- const re_token_t *node = dfa->nodes + node_idx; --- int char_len, elem_len; --+ unsigned int char_len, elem_len; -- Idx i; -- -- if (__glibc_unlikely (node->type == OP_UTF8_PERIOD)) --@@ -4066,7 +4066,7 @@ extend_buffers (re_match_context_t *mctx, int min_len) -- /* Double the lengths of the buffers, but allocate at least MIN_LEN. */ -- ret = re_string_realloc_buffers (pstr, -- MAX (min_len, --- MIN (pstr->len, pstr->bufs_len * 2))); --+ MIN ((long)pstr->len, pstr->bufs_len * 2))); -- if (__glibc_unlikely (ret != REG_NOERROR)) -- return ret; -- --@@ -4236,7 +4236,7 @@ match_ctx_add_entry (re_match_context_t *mctx, Idx node, Idx str_idx, Idx from, -- = (from == to ? -1 : 0); -- -- mctx->bkref_ents[mctx->nbkref_ents++].more = 0; --- if (mctx->max_mb_elem_len < to - from) --+ if (mctx->max_mb_elem_len < (long)(to - from)) -- mctx->max_mb_elem_len = to - from; -- return REG_NOERROR; -- } -diff --git a/grub-core/lib/gnulib-patches/fix-uninit-structure.patch b/grub-core/lib/gnulib-patches/fix-uninit-structure.patch -deleted file mode 100644 -index 7b4d9f67af4..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-uninit-structure.patch -+++ /dev/null -@@ -1,11 +0,0 @@ ----- a/lib/regcomp.c 2020-10-22 13:49:06.770168928 +0000 --+++ b/lib/regcomp.c 2020-10-22 13:50:37.026528298 +0000 --@@ -3662,7 +3662,7 @@ -- Idx alloc = 0; -- #endif /* not RE_ENABLE_I18N */ -- reg_errcode_t ret; --- re_token_t br_token; --+ re_token_t br_token = {0}; -- bin_tree_t *tree; -- -- sbcset = (re_bitset_ptr_t) calloc (sizeof (bitset_t), 1); -diff --git a/grub-core/lib/gnulib-patches/fix-unused-value.patch b/grub-core/lib/gnulib-patches/fix-unused-value.patch -deleted file mode 100644 -index ba51f1bf223..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-unused-value.patch -+++ /dev/null -@@ -1,14 +0,0 @@ ----- a/lib/regexec.c 2020-10-21 14:25:35.310195912 +0000 --+++ b/lib/regexec.c 2020-10-21 14:32:07.961765604 +0000 --@@ -828,7 +828,11 @@ -- break; -- if (__glibc_unlikely (err != REG_NOMATCH)) -- goto free_return; --+#ifdef DEBUG --+ /* Only used for assertion below when DEBUG is set, otherwise --+ it will be over-written when we loop around. */ -- match_last = -1; --+#endif -- } -- else -- break; /* We found a match. */ -diff --git a/grub-core/lib/gnulib-patches/fix-width.patch b/grub-core/lib/gnulib-patches/fix-width.patch -deleted file mode 100644 -index 0a208ad08b5..00000000000 ---- a/grub-core/lib/gnulib-patches/fix-width.patch -+++ /dev/null -@@ -1,217 +0,0 @@ --diff --git a/lib/argp-fmtstream.c b/lib/argp-fmtstream.c --index ba6a407f7..d0685b3d4 100644 ----- a/lib/argp-fmtstream.c --+++ b/lib/argp-fmtstream.c --@@ -28,9 +28,11 @@ -- #include -- #include -- #include --+#include -- -- #include "argp-fmtstream.h" -- #include "argp-namefrob.h" --+#include "mbswidth.h" -- -- #ifndef ARGP_FMTSTREAM_USE_LINEWRAP -- --@@ -115,6 +117,51 @@ weak_alias (__argp_fmtstream_free, argp_fmtstream_free) -- #endif -- #endif -- --+ --+/* Return the pointer to the first character that doesn't fit in l columns. */ --+static inline const ptrdiff_t --+add_width (const char *ptr, const char *end, size_t l) --+{ --+ mbstate_t ps; --+ const char *ptr0 = ptr; --+ --+ memset (&ps, 0, sizeof (ps)); --+ --+ while (ptr < end) --+ { --+ wchar_t wc; --+ size_t s, k; --+ --+ s = mbrtowc (&wc, ptr, end - ptr, &ps); --+ if (s == (size_t) -1) --+ break; --+ if (s == (size_t) -2) --+ { --+ if (1 >= l) --+ break; --+ l--; --+ ptr++; --+ continue; --+ } --+ --+ if (wc == '\e' && ptr + 3 < end --+ && ptr[1] == '[' && (ptr[2] == '0' || ptr[2] == '1') --+ && ptr[3] == 'm') --+ { --+ ptr += 4; --+ continue; --+ } --+ --+ k = wcwidth (wc); --+ --+ if (k >= l) --+ break; --+ l -= k; --+ ptr += s; --+ } --+ return ptr - ptr0; --+} --+ -- /* Process FS's buffer so that line wrapping is done from POINT_OFFS to the -- end of its buffer. This code is mostly from glibc stdio/linewrap.c. */ -- void --@@ -168,13 +215,15 @@ __argp_fmtstream_update (argp_fmtstream_t fs) -- if (!nl) -- { -- /* The buffer ends in a partial line. */ --+ size_t display_width = mbsnwidth (buf, fs->p - buf, --+ MBSW_STOP_AT_NUL); -- --- if (fs->point_col + len < fs->rmargin) --+ if (fs->point_col + display_width < fs->rmargin) -- { -- /* The remaining buffer text is a partial line and fits -- within the maximum line width. Advance point for the -- characters to be written and stop scanning. */ --- fs->point_col += len; --+ fs->point_col += display_width; -- break; -- } -- else --@@ -182,14 +231,18 @@ __argp_fmtstream_update (argp_fmtstream_t fs) -- the end of the buffer. */ -- nl = fs->p; -- } --- else if (fs->point_col + (nl - buf) < (ssize_t) fs->rmargin) --- { --- /* The buffer contains a full line that fits within the maximum --- line width. Reset point and scan the next line. */ --- fs->point_col = 0; --- buf = nl + 1; --- continue; --- } --+ else --+ { --+ size_t display_width = mbsnwidth (buf, nl - buf, MBSW_STOP_AT_NUL); --+ if (display_width < (ssize_t) fs->rmargin) --+ { --+ /* The buffer contains a full line that fits within the maximum --+ line width. Reset point and scan the next line. */ --+ fs->point_col = 0; --+ buf = nl + 1; --+ continue; --+ } --+ } -- -- /* This line is too long. */ -- r = fs->rmargin - 1; --@@ -225,7 +278,7 @@ __argp_fmtstream_update (argp_fmtstream_t fs) -- char *p, *nextline; -- int i; -- --- p = buf + (r + 1 - fs->point_col); --+ p = buf + add_width (buf, fs->p, (r + 1 - fs->point_col)); -- while (p >= buf && !isblank ((unsigned char) *p)) -- --p; -- nextline = p + 1; /* This will begin the next line. */ --@@ -243,7 +296,7 @@ __argp_fmtstream_update (argp_fmtstream_t fs) -- { -- /* A single word that is greater than the maximum line width. -- Oh well. Put it on an overlong line by itself. */ --- p = buf + (r + 1 - fs->point_col); --+ p = buf + add_width (buf, fs->p, (r + 1 - fs->point_col)); -- /* Find the end of the long word. */ -- if (p < nl) -- do --@@ -277,7 +330,8 @@ __argp_fmtstream_update (argp_fmtstream_t fs) -- && fs->p > nextline) -- { -- /* The margin needs more blanks than we removed. */ --- if (fs->end - fs->p > fs->wmargin + 1) --+ if (mbsnwidth (fs->p, fs->end - fs->p, MBSW_STOP_AT_NUL) --+ > fs->wmargin + 1) -- /* Make some space for them. */ -- { -- size_t mv = fs->p - nextline; --diff --git a/lib/argp-help.c b/lib/argp-help.c --index e5375a0f0..5d8f451ec 100644 ----- a/lib/argp-help.c --+++ b/lib/argp-help.c --@@ -51,6 +51,7 @@ -- #include "argp.h" -- #include "argp-fmtstream.h" -- #include "argp-namefrob.h" --+#include "mbswidth.h" -- -- #ifndef SIZE_MAX -- # define SIZE_MAX ((size_t) -1) --@@ -1432,7 +1433,7 @@ argp_args_usage (const struct argp *argp, const struct argp_state *state, -- -- /* Manually do line wrapping so that it (probably) won't get wrapped at -- any embedded spaces. */ --- space (stream, 1 + nl - cp); --+ space (stream, 1 + mbsnwidth (cp, nl - cp, MBSW_STOP_AT_NUL)); -- -- __argp_fmtstream_write (stream, cp, nl - cp); -- } --diff --git a/lib/mbswidth.c b/lib/mbswidth.c --index 408a15e34..b3fb7f83a 100644 ----- a/lib/mbswidth.c --+++ b/lib/mbswidth.c --@@ -38,6 +38,14 @@ -- /* Get INT_MAX. */ -- #include -- --+#ifndef FALLTHROUGH --+# if __GNUC__ < 7 --+# define FALLTHROUGH ((void) 0) --+# else --+# define FALLTHROUGH __attribute__ ((__fallthrough__)) --+# endif --+#endif --+ -- /* Returns the number of columns needed to represent the multibyte -- character string pointed to by STRING. If a non-printable character -- occurs, and MBSW_REJECT_UNPRINTABLE is specified, -1 is returned. --@@ -90,6 +98,10 @@ mbsnwidth (const char *string, size_t nbytes, int flags) -- p++; -- width++; -- break; --+ case '\0': --+ if (flags & MBSW_STOP_AT_NUL) --+ return width; --+ FALLTHROUGH; -- default: -- /* If we have a multibyte sequence, scan it up to its end. */ -- { --@@ -168,6 +180,9 @@ mbsnwidth (const char *string, size_t nbytes, int flags) -- { -- unsigned char c = (unsigned char) *p++; -- --+ if (c == 0 && (flags & MBSW_STOP_AT_NUL)) --+ return width; --+ -- if (isprint (c)) -- { -- if (width == INT_MAX) --diff --git a/lib/mbswidth.h b/lib/mbswidth.h --index 2b5c53c37..45a123e63 100644 ----- a/lib/mbswidth.h --+++ b/lib/mbswidth.h --@@ -45,6 +45,10 @@ extern "C" { -- control characters and 1 otherwise. */ -- #define MBSW_REJECT_UNPRINTABLE 2 -- --+/* If this bit is set \0 is treated as the end of string. --+ Otherwise it's treated as a normal one column width character. */ --+#define MBSW_STOP_AT_NUL 4 --+ -- -- /* Returns the number of screen columns needed for STRING. */ -- #define mbswidth gnu_mbswidth /* avoid clash with UnixWare 7.1.1 function */ -diff --git a/grub-core/lib/gnulib-patches/no-abort.patch b/grub-core/lib/gnulib-patches/no-abort.patch -deleted file mode 100644 -index e469c4762eb..00000000000 ---- a/grub-core/lib/gnulib-patches/no-abort.patch -+++ /dev/null -@@ -1,26 +0,0 @@ --diff --git a/lib/regcomp.c b/lib/regcomp.c --index cc85f35ac..de45ebb5c 100644 ----- a/lib/regcomp.c --+++ b/lib/regcomp.c --@@ -528,9 +528,9 @@ regerror (int errcode, const regex_t *__restrict preg, char *__restrict errbuf, -- to this routine. If we are given anything else, or if other regex -- code generates an invalid error code, then the program has a bug. -- Dump core so we can fix it. */ --- abort (); --- --- msg = gettext (__re_error_msgid + __re_error_msgid_idx[errcode]); --+ msg = gettext ("unknown regexp error"); --+ else --+ msg = gettext (__re_error_msgid + __re_error_msgid_idx[errcode]); -- -- msg_size = strlen (msg) + 1; /* Includes the null. */ -- --@@ -1136,7 +1136,7 @@ optimize_utf8 (re_dfa_t *dfa) -- } -- break; -- default: --- abort (); --+ break; -- } -- -- if (mb_chars || has_period) diff --git a/0123-grub-set-bootflag-Update-comment-about-running-as-ro.patch b/0123-grub-set-bootflag-Update-comment-about-running-as-ro.patch deleted file mode 100644 index cd4ef77508ceaef567291cd93af9b66cfd6e6317..0000000000000000000000000000000000000000 --- a/0123-grub-set-bootflag-Update-comment-about-running-as-ro.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Wed, 13 Nov 2019 12:15:43 +0100 -Subject: [PATCH] grub-set-bootflag: Update comment about running as root - through pkexec - -We have stopped using pkexec for grub-set-bootflag, instead it is now -installed suid root, update the comment accordingly. - -Signed-off-by: Hans de Goede ---- - util/grub-set-bootflag.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c -index 6a79ee67444..65d74ce010f 100644 ---- a/util/grub-set-bootflag.c -+++ b/util/grub-set-bootflag.c -@@ -18,7 +18,7 @@ - */ - - /* -- * NOTE this gets run by users as root (through pkexec), so this does not -+ * NOTE this gets run by users as root (its suid root), so this does not - * use any grub library / util functions to allow for easy auditing. - * The grub headers are only included to get certain defines. - */ diff --git a/0124-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch b/0124-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch deleted file mode 100644 index 122bf68689a6ef1321d50c3f0b26442a50570e3e..0000000000000000000000000000000000000000 --- a/0124-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch +++ /dev/null @@ -1,152 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Wed, 13 Nov 2019 13:02:01 +0100 -Subject: [PATCH] grub-set-bootflag: Write new env to tmpfile and then rename - -Make the grubenv writing code in grub-set-bootflag more robust by -writing the modified grubenv to a tmpfile first and then renaming the -tmpfile over the old grubenv (following symlinks). - -Signed-off-by: Hans de Goede ---- - util/grub-set-bootflag.c | 87 +++++++++++++++++++++++++++++++++++++++++++----- - 1 file changed, 78 insertions(+), 9 deletions(-) - -diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c -index 65d74ce010f..d1c5e28862b 100644 ---- a/util/grub-set-bootflag.c -+++ b/util/grub-set-bootflag.c -@@ -28,7 +28,9 @@ - #include - #include /* For GRUB_ENVBLK_DEFCFG define */ - #include -+#include - #include -+#include - #include - #include - -@@ -54,8 +56,10 @@ int main(int argc, char *argv[]) - { - /* NOTE buf must be at least the longest bootflag length + 4 bytes */ - char env[GRUBENV_SIZE + 1], buf[64], *s; -+ /* +1 for 0 termination, +6 for "XXXXXX" in tmp filename */ -+ char env_filename[PATH_MAX + 1], tmp_filename[PATH_MAX + 6 + 1]; - const char *bootflag; -- int i, len, ret; -+ int i, fd, len, ret; - FILE *f; - - if (argc != 2) -@@ -77,7 +81,32 @@ int main(int argc, char *argv[]) - bootflag = bootflags[i]; - len = strlen (bootflag); - -- f = fopen (GRUBENV, "r"); -+ /* -+ * Really become root. setuid avoids an user killing us, possibly leaking -+ * the tmpfile. setgid avoids the new grubenv's gid being that of the user. -+ */ -+ ret = setuid(0); -+ if (ret) -+ { -+ perror ("Error setuid(0) failed"); -+ return 1; -+ } -+ -+ ret = setgid(0); -+ if (ret) -+ { -+ perror ("Error setgid(0) failed"); -+ return 1; -+ } -+ -+ /* Canonicalize GRUBENV filename, resolving symlinks, etc. */ -+ if (!realpath(GRUBENV, env_filename)) -+ { -+ perror ("Error canonicalizing " GRUBENV " filename"); -+ return 1; -+ } -+ -+ f = fopen (env_filename, "r"); - if (!f) - { - perror ("Error opening " GRUBENV " for reading"); -@@ -132,30 +161,70 @@ int main(int argc, char *argv[]) - snprintf(buf, sizeof(buf), "%s=1\n", bootflag); - memcpy(s, buf, len + 3); - -- /* "r+", don't truncate so that the diskspace stays reserved */ -- f = fopen (GRUBENV, "r+"); -+ -+ /* -+ * Create a tempfile for writing the new env. Use the canonicalized filename -+ * for the template so that the tmpfile is in the same dir / on same fs. -+ */ -+ snprintf(tmp_filename, sizeof(tmp_filename), "%sXXXXXX", env_filename); -+ fd = mkstemp(tmp_filename); -+ if (fd == -1) -+ { -+ perror ("Creating tmpfile failed"); -+ return 1; -+ } -+ -+ f = fdopen (fd, "w"); - if (!f) - { -- perror ("Error opening " GRUBENV " for writing"); -+ perror ("Error fdopen of tmpfile failed"); -+ unlink(tmp_filename); - return 1; - } - - ret = fwrite (env, 1, GRUBENV_SIZE, f); - if (ret != GRUBENV_SIZE) - { -- perror ("Error writing to " GRUBENV); -+ perror ("Error writing tmpfile"); -+ unlink(tmp_filename); - return 1; - } - - ret = fflush (f); - if (ret) - { -- perror ("Error flushing " GRUBENV); -+ perror ("Error flushing tmpfile"); -+ unlink(tmp_filename); - return 1; - } - -- fsync (fileno (f)); -- fclose (f); -+ ret = fsync (fileno (f)); -+ if (ret) -+ { -+ perror ("Error syncing tmpfile"); -+ unlink(tmp_filename); -+ return 1; -+ } -+ -+ ret = fclose (f); -+ if (ret) -+ { -+ perror ("Error closing tmpfile"); -+ unlink(tmp_filename); -+ return 1; -+ } -+ -+ /* -+ * And finally rename the tmpfile with the new env over the old env, the -+ * linux kernel guarantees that this is atomic (from a syscall pov). -+ */ -+ ret = rename(tmp_filename, env_filename); -+ if (ret) -+ { -+ perror ("Error renaming tmpfile to " GRUBENV " failed"); -+ unlink(tmp_filename); -+ return 1; -+ } - - return 0; - } diff --git a/0125-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch b/0125-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch deleted file mode 100644 index a32c1465095b9fdbf423cca194bd87d2b17a8800..0000000000000000000000000000000000000000 --- a/0125-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Tue, 26 Nov 2019 09:51:41 +0100 -Subject: [PATCH] grub.d: Fix boot_indeterminate getting set on boot_success=0 - boot -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The "grub.d: Split out boot success reset from menu auto hide script" -not only moved the code to clear boot_success and boot_indeterminate -but for some reason also mixed in some broken changes to the -boot_indeterminate handling. - -The boot_indeterminate var is meant to suppress the boot menu after -a reboot from either a selinux-relabel or offline-updates. These -2 special boot scenarios do not set boot_success since there is no -successfull interaction with the user. Instead they increment -boot_indeterminate, and if it is 1 and only when it is 1, so the -first reboot after a "special" boot we suppress the menu. - -To ensure that we do show the menu if we somehow get stuck in a -"special" boot loop where we do special-boots without them -incrementing boot_indeterminate, the code before the -"grub.d: Split out boot success reset from menu auto hide script" -commit would increment boot_indeterminate once when it is 1, so that -even if the "special" boot reboot-loop immediately we would show the -menu on the next boot. - -That commit broke this however, because it not only moves the code, -it also changes it from only "incrementing" boot_indeterminate once to -always incrementing it, except when boot_success == 1 (and we reset it). - -This broken behavior causes the following problem: - -1. Boot a broken kernel, system hangs, power-cycle -2. boot_success now != 1, so we increment boot_indeterminate from 0 - (unset!) to 1. User either simply tries again, or makes some changes - but the end-result still is a system hang, power-cycle -3. Now boot_indeterminate==1 so we do not show the menu even though the - previous boot failed -> BAD - -This commit fixes this by restoring the behavior of setting -boot_indeterminate to 2 when it was 1 before. - -Fixes: "grub.d: Split out boot success reset from menu auto hide script" -Signed-off-by: Hans de Goede -[jpokorny: 01_menu_auto_hide.in: fix a then/than typo] -Signed-off-by: Jan Pokorný -Signed-off-by: Robbie Harwood ---- - util/grub.d/10_reset_boot_success.in | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/util/grub.d/10_reset_boot_success.in b/util/grub.d/10_reset_boot_success.in -index 6c88d933dde..e73f4137b36 100644 ---- a/util/grub.d/10_reset_boot_success.in -+++ b/util/grub.d/10_reset_boot_success.in -@@ -6,18 +6,18 @@ - # - # The boot_success var needs to be set to 1 from userspace to mark a boot successful. - cat << EOF --insmod increment - # Hiding the menu is ok if last boot was ok or if this is a first boot attempt to boot the entry - if [ "\${boot_success}" = "1" -o "\${boot_indeterminate}" = "1" ]; then - set menu_hide_ok=1 - else - set menu_hide_ok=0 - fi --# Reset boot_indeterminate after a successful boot, increment otherwise -+# Reset boot_indeterminate after a successful boot - if [ "\${boot_success}" = "1" ] ; then - set boot_indeterminate=0 --else -- increment boot_indeterminate -+# Avoid boot_indeterminate causing the menu to be hidden more than once -+elif [ "\${boot_indeterminate}" = "1" ]; then -+ set boot_indeterminate=2 - fi - # Reset boot_success for current boot - set boot_success=0 diff --git a/0126-Add-start-symbol-for-RISC-V.patch b/0126-Add-start-symbol-for-RISC-V.patch deleted file mode 100644 index 677efae016068e1094f52d0c1befc213b846e677..0000000000000000000000000000000000000000 --- a/0126-Add-start-symbol-for-RISC-V.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: David Abdurachmanov -Date: Sat, 9 Nov 2019 19:51:57 +0000 -Subject: [PATCH] Add start symbol for RISC-V - -All other architectures have start symbol. - -Hopefully this resolves: - - BUILDSTDERR: ././grub-mkimage: error: undefined symbol start. - -Signed-off-by: David Abdurachmanov ---- - grub-core/kern/riscv/efi/startup.S | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/grub-core/kern/riscv/efi/startup.S b/grub-core/kern/riscv/efi/startup.S -index f2a7b2b1ede..781773136e8 100644 ---- a/grub-core/kern/riscv/efi/startup.S -+++ b/grub-core/kern/riscv/efi/startup.S -@@ -29,6 +29,7 @@ - - .file "startup.S" - .text -+FUNCTION(start) - FUNCTION(_start) - /* - * EFI_SYSTEM_TABLE and EFI_HANDLE are passed in a1/a0. diff --git a/0127-bootstrap.conf-Force-autogen.sh-to-use-python3.patch b/0127-bootstrap.conf-Force-autogen.sh-to-use-python3.patch deleted file mode 100644 index 5c3b968bb21c6cf7ba2308f16d73a6d2f01c985b..0000000000000000000000000000000000000000 --- a/0127-bootstrap.conf-Force-autogen.sh-to-use-python3.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Wed, 15 Jan 2020 12:47:46 +0100 -Subject: [PATCH] bootstrap.conf: Force autogen.sh to use python3 - -The python-unversioned-command package is not installed in the buildroot, -but the bootstrap script expects the python command to be present if one -is not defined. So building the package leads to the following error: - -./autogen.sh: line 20: python: command not found - -This is harmless since gnulib is included as a source anyways, because the -builders can't download. But still the issue should be fixed by forcing to -use python3 that's the default in Fedora now. - -Signed-off-by: Javier Martinez Canillas ---- - bootstrap.conf | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bootstrap.conf b/bootstrap.conf -index 452f4d79b0d..03f10930230 100644 ---- a/bootstrap.conf -+++ b/bootstrap.conf -@@ -93,7 +93,7 @@ bootstrap_post_import_hook () { - patch -d po -p3 \ - < "po/gettext-patches/$patchname.patch" - done -- FROM_BOOTSTRAP=1 ./autogen.sh -+ PYTHON=python3 FROM_BOOTSTRAP=1 ./autogen.sh - set +e # bootstrap expects this - } - diff --git a/0128-efi-http-Export-fw-http-_path-variables-to-make-them.patch b/0128-efi-http-Export-fw-http-_path-variables-to-make-them.patch deleted file mode 100644 index 74183bc3fe99881989ab652053efb35367d91184..0000000000000000000000000000000000000000 --- a/0128-efi-http-Export-fw-http-_path-variables-to-make-them.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Thu, 5 Mar 2020 16:21:47 +0100 -Subject: [PATCH] efi/http: Export {fw,http}_path variables to make them global - -The fw_path environment variable is used by http_configure() function to -determine the HTTP path that should be used as prefix when using relative -HTTP paths. And this is stored in the http_path environment variable. - -Later, that variable is looked up by grub_efihttp_open() to generate the -complete path to be used in the HTTP request. - -But these variables are not exported, which means that are not global and -so are only found in the initial context. - -This can cause commands like configfile that create a new context to fail -because the fw_path and http_path variables will not be found. - -Resolves: rhbz#1616395 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/kern/main.c | 1 + - grub-core/net/efi/http.c | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c -index 1c540fc8c26..b573be6650d 100644 ---- a/grub-core/kern/main.c -+++ b/grub-core/kern/main.c -@@ -143,6 +143,7 @@ grub_set_prefix_and_root (void) - if (fw_path) - { - grub_env_set ("fw_path", fw_path); -+ grub_env_export ("fw_path"); - grub_dprintf ("fw_path", "fw_path:\"%s\"\n", fw_path); - grub_free (fw_path); - } -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index de351b2cd03..755b7a6d054 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -39,6 +39,7 @@ http_configure (struct grub_efi_net_device *dev, int prefer_ip6) - http_path++; - grub_env_unset ("http_path"); - grub_env_set ("http_path", http_path); -+ grub_env_export ("http_path"); - } - } - diff --git a/0129-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch b/0129-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch deleted file mode 100644 index c3945498a8b421325377b9d40b22a8899cef3552..0000000000000000000000000000000000000000 --- a/0129-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Thu, 5 Mar 2020 16:21:58 +0100 -Subject: [PATCH] efi/http: Enclose literal IPv6 addresses in square brackets - -According to RFC 2732 (https://www.ietf.org/rfc/rfc2732.txt), literal IPv6 -addresses must be enclosed in square brackets. But GRUB currently does not -do this and is causing HTTP servers to send Bad Request (400) responses. - -For example, the following is the HTTP stream when fetching a config file: - -HEAD /EFI/BOOT/grub.cfg HTTP/1.1 -Host: 2000:dead:beef:a::1 -Accept: */* -User-Agent: UefiHttpBoot/1.0 - -HTTP/1.1 400 Bad Request -Date: Thu, 05 Mar 2020 14:46:02 GMT -Server: Apache/2.4.41 (Fedora) OpenSSL/1.1.1d -Connection: close -Content-Type: text/html; charset=iso-8859-1 - -and after enclosing the IPv6 address the HTTP request is successful: - -HEAD /EFI/BOOT/grub.cfg HTTP/1.1 -Host: [2000:dead:beef:a::1] -Accept: */* -User-Agent: UefiHttpBoot/1.0 - -HTTP/1.1 200 OK -Date: Thu, 05 Mar 2020 14:48:04 GMT -Server: Apache/2.4.41 (Fedora) OpenSSL/1.1.1d -Last-Modified: Thu, 27 Feb 2020 17:45:58 GMT -ETag: "206-59f924b24b1da" -Accept-Ranges: bytes -Content-Length: 518 - -Resolves: rhbz#1732765 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/net/efi/http.c | 37 ++++++++++++++++++++++++++++--------- - 1 file changed, 28 insertions(+), 9 deletions(-) - -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index 755b7a6d054..fc8cb25ae0a 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -158,13 +158,7 @@ efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, - grub_efi_status_t status; - grub_efi_boot_services_t *b = grub_efi_system_table->boot_services; - char *url = NULL; -- -- request_headers[0].field_name = (grub_efi_char8_t *)"Host"; -- request_headers[0].field_value = (grub_efi_char8_t *)server; -- request_headers[1].field_name = (grub_efi_char8_t *)"Accept"; -- request_headers[1].field_value = (grub_efi_char8_t *)"*/*"; -- request_headers[2].field_name = (grub_efi_char8_t *)"User-Agent"; -- request_headers[2].field_value = (grub_efi_char8_t *)"UefiHttpBoot/1.0"; -+ char *hostname = NULL; - - { - grub_efi_ipv6_address_t address; -@@ -174,9 +168,24 @@ efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, - const char *protocol = (use_https == 1) ? "https" : "http"; - - if (grub_efi_string_to_ip6_address (server, &address, &rest) && *rest == 0) -- url = grub_xasprintf ("%s://[%s]%s", protocol, server, name); -+ { -+ hostname = grub_xasprintf ("[%s]", server); -+ if (!hostname) -+ return GRUB_ERR_OUT_OF_MEMORY; -+ -+ server = hostname; -+ -+ url = grub_xasprintf ("%s://%s%s", protocol, server, name); -+ if (!url) -+ { -+ grub_free (hostname); -+ return GRUB_ERR_OUT_OF_MEMORY; -+ } -+ } - else -- url = grub_xasprintf ("%s://%s%s", protocol, server, name); -+ { -+ url = grub_xasprintf ("%s://%s%s", protocol, server, name); -+ } - - if (!url) - { -@@ -199,6 +208,13 @@ efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, - request_data.url = ucs2_url; - } - -+ request_headers[0].field_name = (grub_efi_char8_t *)"Host"; -+ request_headers[0].field_value = (grub_efi_char8_t *)server; -+ request_headers[1].field_name = (grub_efi_char8_t *)"Accept"; -+ request_headers[1].field_value = (grub_efi_char8_t *)"*/*"; -+ request_headers[2].field_name = (grub_efi_char8_t *)"User-Agent"; -+ request_headers[2].field_value = (grub_efi_char8_t *)"UefiHttpBoot/1.0"; -+ - request_data.method = (headeronly > 0) ? GRUB_EFI_HTTPMETHODHEAD : GRUB_EFI_HTTPMETHODGET; - - request_message.data.request = &request_data; -@@ -228,6 +244,9 @@ efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, - - status = efi_call_2 (http->request, http, &request_token); - -+ if (hostname) -+ grub_free (hostname); -+ - if (status != GRUB_EFI_SUCCESS) - { - efi_call_1 (b->close_event, request_token.event); diff --git a/0130-efi-net-Allow-to-specify-a-port-number-in-addresses.patch b/0130-efi-net-Allow-to-specify-a-port-number-in-addresses.patch deleted file mode 100644 index 209aed80f66762662a2229f2da9bd087ed15c691..0000000000000000000000000000000000000000 --- a/0130-efi-net-Allow-to-specify-a-port-number-in-addresses.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Mon, 9 Mar 2020 15:29:45 +0100 -Subject: [PATCH] efi/net: Allow to specify a port number in addresses - -The grub_efi_net_parse_address() function is not covering the case where a -port number is specified in an IPv4 or IPv6 address, so will fail to parse -the network address. - -For most cases the issue is harmless, because the function is only used to -match an address with a network interface and if fails the default is used. - -But still is a bug that has to be fixed and it causes error messages to be -printed like the following: - -error: net/efi/net.c:782:unrecognised network address '192.168.122.1:8080' - -error: net/efi/net.c:781:unrecognised network address '[2000:dead:beef:a::1]:8080' - -Resolves: rhbz#1732765 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/net/efi/net.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index 6603cd83edc..84573937b18 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -742,7 +742,7 @@ grub_efi_net_parse_address (const char *address, - return GRUB_ERR_NONE; - } - } -- else if (*rest == 0) -+ else if (*rest == 0 || *rest == ':') - { - grub_uint32_t subnet_mask = 0xffffffffU; - grub_memcpy (ip4->subnet_mask, &subnet_mask, sizeof (ip4->subnet_mask)); -@@ -768,7 +768,7 @@ grub_efi_net_parse_address (const char *address, - return GRUB_ERR_NONE; - } - } -- else if (*rest == 0) -+ else if (*rest == 0 || *rest == ':') - { - ip6->prefix_length = 128; - ip6->is_anycast = 0; diff --git a/0131-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch b/0131-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch deleted file mode 100644 index f92dee4405006f948c00a232a334764d86986b7c..0000000000000000000000000000000000000000 --- a/0131-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Mon, 9 Mar 2020 15:30:05 +0100 -Subject: [PATCH] efi/ip4_config: Improve check to detect literal IPv6 - addresses - -The grub_efi_string_to_ip4_address() function wrongly assumes that an IPv6 -address is an IPv4 address, because it doesn't take into account the case -of a caller passing an IPv6 address as a string. - -This leads to the grub_efi_net_parse_address() function to fail and print -the following error message: - -error: net/efi/net.c:785:unrecognised network address '2000:dead:beef:a::1' - -Resolves: rhbz#1732765 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/net/efi/ip4_config.c | 13 ++++++++++++- - 1 file changed, 12 insertions(+), 1 deletion(-) - -diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c -index b711a5d9457..313c818b184 100644 ---- a/grub-core/net/efi/ip4_config.c -+++ b/grub-core/net/efi/ip4_config.c -@@ -56,9 +56,20 @@ int - grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest) - { - grub_uint32_t newip = 0; -- int i; -+ int i, ncolon = 0; - const char *ptr = val; - -+ /* Check that is not an IPv6 address */ -+ for (i = 0; i < grub_strlen(ptr); i++) -+ { -+ if (ptr[i] == '[' && i == 0) -+ return 0; -+ -+ if (ptr[i] == ':') -+ if (i == 0 || ++ncolon == 2) -+ return 0; -+ } -+ - for (i = 0; i < 4; i++) - { - unsigned long t; diff --git a/0132-efi-net-Print-a-debug-message-if-parsing-the-address.patch b/0132-efi-net-Print-a-debug-message-if-parsing-the-address.patch deleted file mode 100644 index 33d8f886f35036de92470024908af1e11ba260ce..0000000000000000000000000000000000000000 --- a/0132-efi-net-Print-a-debug-message-if-parsing-the-address.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 10 Mar 2020 11:23:49 +0100 -Subject: [PATCH] efi/net: Print a debug message if parsing the address fails - -Currently if parsing the address fails an error message is printed. But in -most cases this isn't a fatal error since the grub_efi_net_parse_address() -function is only used to match an address with a network interface to use. - -And if this fails, the default interface is used which is good enough for -most cases. So instead of printing an error that would pollute the console -just print a debug message if the address is not parsed correctly. - -A user can enable debug messages for the efinet driver to have information -about the failure and the fact that the default interface is being used. - -Related: rhbz#1732765 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/net/efi/net.c | 18 +++++++++++------- - 1 file changed, 11 insertions(+), 7 deletions(-) - -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index 84573937b18..a3f0535d43c 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -778,9 +778,9 @@ grub_efi_net_parse_address (const char *address, - } - } - -- return grub_error (GRUB_ERR_NET_BAD_ADDRESS, -- N_("unrecognised network address `%s'"), -- address); -+ grub_dprintf ("efinet", "unrecognised network address '%s'\n", address); -+ -+ return GRUB_ERR_NET_BAD_ADDRESS; - } - - static grub_efi_net_interface_t * -@@ -795,10 +795,7 @@ match_route (const char *server) - err = grub_efi_net_parse_address (server, &ip4, &ip6, &is_ip6, 0); - - if (err) -- { -- grub_print_error (); - return NULL; -- } - - if (is_ip6) - { -@@ -1233,8 +1230,15 @@ grub_net_open_real (const char *name __attribute__ ((unused))) - /*FIXME: Use DNS translate name to address */ - net_interface = match_route (server); - -+ if (!net_interface && net_default_interface) -+ { -+ net_interface = net_default_interface; -+ grub_dprintf ("efinet", "interface lookup failed, using default '%s'\n", -+ net_interface->name); -+ } -+ - /*XXX: should we check device with default gateway ? */ -- if (!net_interface && !(net_interface = net_default_interface)) -+ if (!net_interface) - { - grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("disk `%s' no route found"), - name); diff --git a/0133-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch b/0133-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch deleted file mode 100644 index 3dd525af8191a4c737c546212335b58353b98c3b..0000000000000000000000000000000000000000 --- a/0133-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Wed, 22 Apr 2020 12:41:52 +0200 -Subject: [PATCH] kern/term: Also accept F8 as a user interrupt key - -Make F8, which used to be the hotkey to show the Windows boot menu during -boot for a long long time, also interrupt sleeps / stop the menu countdown. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/kern/term.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/grub-core/kern/term.c b/grub-core/kern/term.c -index 14d59649832..4d61f4e9790 100644 ---- a/grub-core/kern/term.c -+++ b/grub-core/kern/term.c -@@ -144,9 +144,10 @@ grub_key_is_interrupt (int key) - /* - * ESC sometimes is the BIOS setup hotkey and may be hard to discover, also - * check F4, which was chosen because is not used as a hotkey to enter the -- * BIOS setup by any vendor. -+ * BIOS setup by any vendor. Also, F8 which was the key to get the Windows -+ * bootmenu for a long time. - */ -- if (key == GRUB_TERM_ESC || key == GRUB_TERM_KEY_F4) -+ if (key == GRUB_TERM_ESC || key == GRUB_TERM_KEY_F4 || key == GRUB_TERM_KEY_F8) - return 1; - - /* diff --git a/0134-efi-Set-image-base-address-before-jumping-to-the-PE-.patch b/0134-efi-Set-image-base-address-before-jumping-to-the-PE-.patch deleted file mode 100644 index 336bcf18b2f140ec4e1cbb0d8b1cb226d7e955b5..0000000000000000000000000000000000000000 --- a/0134-efi-Set-image-base-address-before-jumping-to-the-PE-.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Thu, 23 Apr 2020 15:06:46 +0200 -Subject: [PATCH] efi: Set image base address before jumping to the PE/COFF - entry point - -Upstream GRUB uses the EFI LoadImage() and StartImage() to boot the Linux -kernel. But our custom EFI loader that supports Secure Boot instead uses -the EFI handover protocol (for x86) or jumping directly to the PE/COFF -entry point (for aarch64). - -This is done to allow the bootloader to verify the images using the shim -lock protocol to avoid booting untrusted binaries. - -Since the bootloader loads the kernel from the boot media instead of using -LoadImage(), it is responsible to set the Loaded Image base address before -booting the kernel. - -Otherwise the kernel EFI stub will complain that it was not set correctly -and print the following warning message: - -EFI stub: ERROR: FIRMWARE BUG: efi_loaded_image_t::image_base has bogus value - -Resolves: rhbz#1814690 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/loader/efi/linux.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index 0622dfa48d4..e8b9ecb17f6 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -72,6 +72,7 @@ grub_err_t - grub_efi_linux_boot (void *kernel_addr, grub_off_t handover_offset, - void *kernel_params) - { -+ grub_efi_loaded_image_t *loaded_image = NULL; - handover_func hf; - int offset = 0; - -@@ -79,6 +80,19 @@ grub_efi_linux_boot (void *kernel_addr, grub_off_t handover_offset, - offset = 512; - #endif - -+ /* -+ * Since the EFI loader is not calling the LoadImage() and StartImage() -+ * services for loading the kernel and booting respectively, it has to -+ * set the Loaded Image base address. -+ */ -+ loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle); -+ if (loaded_image) -+ loaded_image->image_base = kernel_addr; -+ else -+ grub_dprintf ("linux", "Loaded Image base address could not be set\n"); -+ -+ grub_dprintf ("linux", "kernel_addr: %p handover_offset: %p params: %p\n", -+ kernel_addr, (void *)(grub_efi_uintn_t)handover_offset, kernel_params); - hf = (handover_func)((char *)kernel_addr + handover_offset + offset); - hf (grub_efi_image_handle, grub_efi_system_table, kernel_params); - diff --git a/0135-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch b/0135-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch deleted file mode 100644 index 747773d1d60d8d4e222b8685974e3801020480d2..0000000000000000000000000000000000000000 --- a/0135-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Sat, 16 May 2020 11:33:18 +0200 -Subject: [PATCH] tpm: Don't propagate TPM measurement errors to the verifiers - layer - -Currently if the EFI firmware fails to do a TPM measurement for a file, -the error will be propagated to the verifiers framework and so opening -the file will not succeed. - -This mean that buggy firmwares will prevent the system to boot since the -loader won't be able to open any file. But failing to do TPM measurements -shouldn't be a fatal error and the system should still be able to boot. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/commands/tpm.c | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -diff --git a/grub-core/commands/tpm.c b/grub-core/commands/tpm.c -index 2052c36eaba..e287d042e6b 100644 ---- a/grub-core/commands/tpm.c -+++ b/grub-core/commands/tpm.c -@@ -42,7 +42,8 @@ grub_tpm_verify_init (grub_file_t io, - static grub_err_t - grub_tpm_verify_write (void *context, void *buf, grub_size_t size) - { -- return grub_tpm_measure (buf, size, GRUB_BINARY_PCR, context); -+ grub_tpm_measure (buf, size, GRUB_BINARY_PCR, context); -+ return GRUB_ERR_NONE; - } - - static grub_err_t -@@ -50,7 +51,6 @@ grub_tpm_verify_string (char *str, enum grub_verify_string_type type) - { - const char *prefix = NULL; - char *description; -- grub_err_t status; - - switch (type) - { -@@ -66,15 +66,15 @@ grub_tpm_verify_string (char *str, enum grub_verify_string_type type) - } - description = grub_malloc (grub_strlen (str) + grub_strlen (prefix) + 1); - if (!description) -- return grub_errno; -+ return GRUB_ERR_NONE; - grub_memcpy (description, prefix, grub_strlen (prefix)); - grub_memcpy (description + grub_strlen (prefix), str, - grub_strlen (str) + 1); -- status = -- grub_tpm_measure ((unsigned char *) str, grub_strlen (str), -- GRUB_STRING_PCR, description); -+ -+ grub_tpm_measure ((unsigned char *) str, grub_strlen (str), GRUB_STRING_PCR, -+ description); - grub_free (description); -- return status; -+ return GRUB_ERR_NONE; - } - - struct grub_file_verifier grub_tpm_verifier = { diff --git a/0136-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch b/0136-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch deleted file mode 100644 index 825d0f7c80a55f777445fcc6ab864ffe16a7d630..0000000000000000000000000000000000000000 --- a/0136-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 26 May 2020 16:59:28 +0200 -Subject: [PATCH] x86-efi: Reduce maximum bounce buffer size to 16 MiB - -The EFI linux loader allocates a bounce buffer to copy the initrd since in -some machines doing DMA on addresses above 4GB is not possible during EFI. - -But the verifiers framework also allocates a buffer to copy the initrd in -its grub_file_open() handler. It does this since the data to verify has to -be passed as a single chunk to modules that use the verifiers framework. - -If the initrd image size is big there may not be enough memory in the heap -to allocate two buffers of that size. This causes an allocation failure in -the verifiers framework and leads to the initrd not being read. - -To prevent these allocation failures, let's reduce the maximum size of the -bounce buffer used in the EFI loader. Since the data read can be copied to -the actual initrd address in multilple chunks. - -Resolves: rhbz#1838633 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/loader/i386/efi/linux.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 6bc18d5aef5..15d40d6e35b 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -144,7 +144,7 @@ grub_linuxefi_unload (void) - return GRUB_ERR_NONE; - } - --#define BOUNCE_BUFFER_MAX 0x10000000ull -+#define BOUNCE_BUFFER_MAX 0x1000000ull - - static grub_ssize_t - read(grub_file_t file, grub_uint8_t *bufp, grub_size_t len) diff --git a/0137-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch b/0137-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch deleted file mode 100644 index 97d2e06ff840078efe4e932692586dfe88389811..0000000000000000000000000000000000000000 --- a/0137-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 2 Jun 2020 13:25:01 +0200 -Subject: [PATCH] http: Prepend prefix when the HTTP path is relative as done - in efi/http - -There are two different HTTP drivers that can be used when requesting an -HTTP resource: the efi/http that uses the EFI_HTTP_PROTOCOL and the http -that uses GRUB's HTTP and TCP/IP implementation. - -The efi/http driver appends a prefix that is defined in the variable -http_path, but the http driver doesn't. - -So using this driver and attempting to fetch a resource using a relative -path fails. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/net/http.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index b52b558d631..7f878b56157 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -501,13 +501,20 @@ http_open (struct grub_file *file, const char *filename) - { - grub_err_t err; - struct http_data *data; -+ const char *http_path; - - data = grub_zalloc (sizeof (*data)); - if (!data) - return grub_errno; - file->size = GRUB_FILE_SIZE_UNKNOWN; - -- data->filename = grub_strdup (filename); -+ /* If path is relative, prepend http_path */ -+ http_path = grub_env_get ("http_path"); -+ if (http_path && filename[0] != '/') -+ data->filename = grub_xasprintf ("%s/%s", http_path, filename); -+ else -+ data->filename = grub_strdup (filename); -+ - if (!data->filename) - { - grub_free (data); diff --git a/0138-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch b/0138-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch deleted file mode 100644 index 1657d7a8792fd27a03f1036bcab62a49eb74e53f..0000000000000000000000000000000000000000 --- a/0138-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 16 Jan 2019 13:21:46 -0500 -Subject: [PATCH] Fix a missing return in efi-export-env and efi-load-env - commands - -Somewhere along the way this got mis-merged to include a return without -a value. Fix it up. - -Signed-off-by: Peter Jones ---- - grub-core/commands/efi/env.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/commands/efi/env.c b/grub-core/commands/efi/env.c -index cbd13e03e81..977edb6b065 100644 ---- a/grub-core/commands/efi/env.c -+++ b/grub-core/commands/efi/env.c -@@ -149,6 +149,8 @@ grub_efi_load_env(grub_command_t cmd __attribute__ ((unused)), - - grub_envblk_iterate (envblk, NULL, set_var); - grub_free (envblk_s.buf); -+ -+ return GRUB_ERR_NONE; - } - - static grub_command_t export_cmd, loadenv_cmd; diff --git a/0139-efi-dhcp-fix-some-allocation-error-checking.patch b/0139-efi-dhcp-fix-some-allocation-error-checking.patch deleted file mode 100644 index 7549733862f45b4dc0ce2634558a54b5dcc5ac54..0000000000000000000000000000000000000000 --- a/0139-efi-dhcp-fix-some-allocation-error-checking.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Sun, 19 Jul 2020 17:11:06 -0400 -Subject: [PATCH] efi+dhcp: fix some allocation error checking. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/dhcp.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/grub-core/net/efi/dhcp.c b/grub-core/net/efi/dhcp.c -index dbef63d8c08..e5c79b748b0 100644 ---- a/grub-core/net/efi/dhcp.c -+++ b/grub-core/net/efi/dhcp.c -@@ -80,7 +80,7 @@ grub_efi_dhcp4_parse_dns (grub_efi_dhcp4_protocol_t *dhcp4, grub_efi_dhcp4_packe - if (status != GRUB_EFI_BUFFER_TOO_SMALL) - return NULL; - -- option_list = grub_malloc (option_count * sizeof(*option_list)); -+ option_list = grub_calloc (option_count, sizeof(*option_list)); - if (!option_list) - return NULL; - -@@ -360,8 +360,11 @@ grub_cmd_efi_bootp6 (struct grub_command *cmd __attribute__ ((unused)), - - if (status == GRUB_EFI_BUFFER_TOO_SMALL && count) - { -- options = grub_malloc (count * sizeof(*options)); -- status = efi_call_4 (dev->dhcp6->parse, dev->dhcp6, mode.ia->reply_packet, &count, options); -+ options = grub_calloc (count, sizeof(*options)); -+ if (options) -+ status = efi_call_4 (dev->dhcp6->parse, dev->dhcp6, mode.ia->reply_packet, &count, options); -+ else -+ status = GRUB_EFI_OUT_OF_RESOURCES; - } - - if (status != GRUB_EFI_SUCCESS) diff --git a/0140-efi-http-fix-some-allocation-error-checking.patch b/0140-efi-http-fix-some-allocation-error-checking.patch deleted file mode 100644 index 4dffab9e398d8b625f91d9af9cd6b0d7ceb0f682..0000000000000000000000000000000000000000 --- a/0140-efi-http-fix-some-allocation-error-checking.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Sun, 19 Jul 2020 17:14:15 -0400 -Subject: [PATCH] efi+http: fix some allocation error checking. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/http.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index fc8cb25ae0a..26647a50fa4 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -412,8 +412,8 @@ grub_efihttp_open (struct grub_efi_net_device *dev, - int type) - { - grub_err_t err; -- grub_off_t size; -- char *buf; -+ grub_off_t size = 0; -+ char *buf = NULL; - char *file_name = NULL; - const char *http_path; - -@@ -441,8 +441,11 @@ grub_efihttp_open (struct grub_efi_net_device *dev, - return err; - } - -- buf = grub_malloc (size); -- efihttp_read (dev, buf, size); -+ if (size) -+ { -+ buf = grub_malloc (size); -+ efihttp_read (dev, buf, size); -+ } - - file->size = size; - file->data = buf; diff --git a/0141-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch b/0141-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch deleted file mode 100644 index 30c21a586bf41dc48fb44c45458e855c9b7e4d66..0000000000000000000000000000000000000000 --- a/0141-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Sun, 19 Jul 2020 17:27:00 -0400 -Subject: [PATCH] efi/ip[46]_config.c: fix some potential allocation overflows - -In theory all of this data comes from the firmware stack and it should -be safe, but it's better to be paranoid. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/ip4_config.c | 25 ++++++++++++++++++------- - grub-core/net/efi/ip6_config.c | 13 ++++++++++--- - 2 files changed, 28 insertions(+), 10 deletions(-) - -diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c -index 313c818b184..9725e928f7e 100644 ---- a/grub-core/net/efi/ip4_config.c -+++ b/grub-core/net/efi/ip4_config.c -@@ -4,15 +4,20 @@ - #include - #include - #include -+#include - - char * - grub_efi_hw_address_to_string (grub_efi_uint32_t hw_address_size, grub_efi_mac_address_t hw_address) - { - char *hw_addr, *p; -- int sz, s; -- int i; -+ grub_size_t sz, s, i; - -- sz = (int)hw_address_size * (sizeof ("XX:") - 1) + 1; -+ if (grub_mul (hw_address_size, sizeof ("XX:") - 1, &sz) || -+ grub_add (sz, 1, &sz)) -+ { -+ grub_errno = GRUB_ERR_OUT_OF_RANGE; -+ return NULL; -+ } - - hw_addr = grub_malloc (sz); - if (!hw_addr) -@@ -20,7 +25,7 @@ grub_efi_hw_address_to_string (grub_efi_uint32_t hw_address_size, grub_efi_mac_a - - p = hw_addr; - s = sz; -- for (i = 0; i < (int)hw_address_size; i++) -+ for (i = 0; i < hw_address_size; i++) - { - grub_snprintf (p, sz, "%02x:", hw_address[i]); - p += sizeof ("XX:") - 1; -@@ -238,14 +243,20 @@ grub_efi_ip4_interface_route_table (struct grub_efi_net_device *dev) - { - grub_efi_ip4_config2_interface_info_t *interface_info; - char **ret; -- int i, id; -+ int id; -+ grub_size_t i, nmemb; - - interface_info = efi_ip4_config_interface_info (dev->ip4_config); - if (!interface_info) - return NULL; - -- ret = grub_malloc (sizeof (*ret) * (interface_info->route_table_size + 1)); -+ if (grub_add (interface_info->route_table_size, 1, &nmemb)) -+ { -+ grub_errno = GRUB_ERR_OUT_OF_RANGE; -+ return NULL; -+ } - -+ ret = grub_calloc (nmemb, sizeof (*ret)); - if (!ret) - { - grub_free (interface_info); -@@ -253,7 +264,7 @@ grub_efi_ip4_interface_route_table (struct grub_efi_net_device *dev) - } - - id = 0; -- for (i = 0; i < (int)interface_info->route_table_size; i++) -+ for (i = 0; i < interface_info->route_table_size; i++) - { - char *subnet, *gateway, *mask; - grub_uint32_t u32_subnet, u32_gateway; -diff --git a/grub-core/net/efi/ip6_config.c b/grub-core/net/efi/ip6_config.c -index 017c4d05bc7..a46f6f9b685 100644 ---- a/grub-core/net/efi/ip6_config.c -+++ b/grub-core/net/efi/ip6_config.c -@@ -3,6 +3,7 @@ - #include - #include - #include -+#include - - char * - grub_efi_ip6_address_to_string (grub_efi_pxe_ipv6_address_t *address) -@@ -228,14 +229,20 @@ grub_efi_ip6_interface_route_table (struct grub_efi_net_device *dev) - { - grub_efi_ip6_config_interface_info_t *interface_info; - char **ret; -- int i, id; -+ int id; -+ grub_size_t i, nmemb; - - interface_info = efi_ip6_config_interface_info (dev->ip6_config); - if (!interface_info) - return NULL; - -- ret = grub_malloc (sizeof (*ret) * (interface_info->route_count + 1)); -+ if (grub_add (interface_info->route_count, 1, &nmemb)) -+ { -+ grub_errno = GRUB_ERR_OUT_OF_RANGE; -+ return NULL; -+ } - -+ ret = grub_calloc (nmemb, sizeof (*ret)); - if (!ret) - { - grub_free (interface_info); -@@ -243,7 +250,7 @@ grub_efi_ip6_interface_route_table (struct grub_efi_net_device *dev) - } - - id = 0; -- for (i = 0; i < (int)interface_info->route_count ; i++) -+ for (i = 0; i < interface_info->route_count ; i++) - { - char *gateway, *destination; - grub_uint64_t u64_gateway[2]; diff --git a/0142-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch b/0142-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch deleted file mode 100644 index 95f7e208dd83a16fb96519dd05ab09846ce9cc68..0000000000000000000000000000000000000000 --- a/0142-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Colin Watson -Date: Fri, 24 Jul 2020 17:18:09 +0100 -Subject: [PATCH] efilinux: Fix integer overflows in grub_cmd_initrd - -These could be triggered by an extremely large number of arguments to -the initrd command on 32-bit architectures, or a crafted filesystem with -very large files on any architecture. - -Signed-off-by: Colin Watson ---- - grub-core/loader/i386/efi/linux.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 15d40d6e35b..f992ceeef20 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -28,6 +28,8 @@ - #include - #include - #include -+#include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -206,7 +208,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- files = grub_zalloc (argc * sizeof (files[0])); -+ files = grub_calloc (argc, sizeof (files[0])); - if (!files) - goto fail; - -@@ -216,7 +218,11 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - if (! files[i]) - goto fail; - nfiles++; -- size += ALIGN_UP (grub_file_size (files[i]), 4); -+ if (grub_add (size, ALIGN_UP (grub_file_size (files[i]), 4), &size)) -+ { -+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected")); -+ goto fail; -+ } - } - - initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); diff --git a/0143-linuxefi-fail-kernel-validation-without-shim-protoco.patch b/0143-linuxefi-fail-kernel-validation-without-shim-protoco.patch deleted file mode 100644 index 20fc7869fd905eaee3638b632577d1589056b6ca..0000000000000000000000000000000000000000 --- a/0143-linuxefi-fail-kernel-validation-without-shim-protoco.patch +++ /dev/null @@ -1,130 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Wed, 22 Jul 2020 11:31:43 +0100 -Subject: [PATCH] linuxefi: fail kernel validation without shim protocol. - -If certificates that signed grub are installed into db, grub can be -booted directly. It will then boot any kernel without signature -validation. The booted kernel will think it was booted in secureboot -mode and will implement lockdown, yet it could have been tampered. - -This version of the patch skips calling verification, when booted -without secureboot. And is indented with gnu ident. - -CVE-2020-15705 - -Reported-by: Mathieu Trudel-Lapierre -Signed-off-by: Dimitri John Ledkov ---- - grub-core/loader/arm64/linux.c | 13 +++++++++---- - grub-core/loader/efi/chainloader.c | 1 + - grub-core/loader/efi/linux.c | 1 + - grub-core/loader/i386/efi/linux.c | 17 +++++++++++------ - 4 files changed, 22 insertions(+), 10 deletions(-) - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index 70a0075ec5e..47f8cf0d84b 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -34,6 +34,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -363,11 +364,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); - -- rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -- if (rc < 0) -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { -- grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), argv[0]); -- goto fail; -+ rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -+ if (rc <= 0) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, -+ N_("%s has invalid signature"), argv[0]); -+ goto fail; -+ } - } - - pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index ac8dfd40c61..d41e8ea14a8 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -1084,6 +1084,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - - return 0; - } -+ // -1 fall-through to fail - - fail: - if (dev) -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index e8b9ecb17f6..9260731c107 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -33,6 +33,7 @@ struct grub_efi_shim_lock - }; - typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; - -+// Returns 1 on success, -1 on error, 0 when not available - int - grub_linuxefi_secure_validate (void *data, grub_uint32_t size) - { -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index f992ceeef20..3cf0f9b330b 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -30,6 +30,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -101,7 +102,7 @@ kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) - - pages = BYTES_TO_PAGES(size); - grub_dprintf ("linux", "Trying to allocate %lu pages from %p\n", -- pages, (void *)max); -+ (unsigned long)pages, (void *)(unsigned long)max); - - prev_max = max; - addr = grub_efi_allocate_pages_real (max, pages, -@@ -307,12 +308,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- rc = grub_linuxefi_secure_validate (kernel, filelen); -- if (rc < 0) -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { -- grub_error (GRUB_ERR_INVALID_COMMAND, N_("%s has invalid signature"), -- argv[0]); -- goto fail; -+ rc = grub_linuxefi_secure_validate (kernel, filelen); -+ if (rc <= 0) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, -+ N_("%s has invalid signature"), argv[0]); -+ goto fail; -+ } - } - - lh = (struct linux_i386_kernel_header *)kernel; -@@ -386,6 +390,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - - setup_header_end_offset = *((grub_uint8_t *)kernel + 0x201); - grub_dprintf ("linux", "copying %lu bytes from %p to %p\n", -+ (unsigned long) - MIN((grub_size_t)0x202+setup_header_end_offset, - sizeof (*params)) - 0x1f1, - (grub_uint8_t *)kernel + 0x1f1, diff --git a/0144-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch b/0144-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch deleted file mode 100644 index 9b0db5f9e1aa935a4367b7f5a8b16d3a862f2d53..0000000000000000000000000000000000000000 --- a/0144-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 20 Jul 2020 12:24:02 -0400 -Subject: [PATCH] Fix const char ** pointers in grub-core/net/bootp.c - -This will need to get folded back in the right place on the next rebase, -but it's before "Make grub_strtol() "end" pointers have safer const -qualifiers" currently, so for now I'm leaving it here instead of merging -it back with the original patch. - -Signed-off-by: Peter Jones ---- - grub-core/net/bootp.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 8fb8918ae7e..7baf3540c81 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -329,7 +329,7 @@ grub_net_configure_by_dhcp_ack (const char *name, - struct grub_net_network_level_interface *inter; - int mask = -1; - char server_ip[sizeof ("xxx.xxx.xxx.xxx")]; -- const grub_uint8_t *opt; -+ const char *opt; - grub_uint8_t opt_len, overload = 0; - const char *boot_file = 0, *server_name = 0; - grub_size_t boot_file_len, server_name_len; -@@ -505,7 +505,7 @@ grub_net_configure_by_dhcp_ack (const char *name, - if (opt && opt_len) - { - grub_env_set_net_property (name, "vendor_class_identifier", (const char *) opt, opt_len); -- if (opt && grub_strcmp (opt, "HTTPClient") == 0) -+ if (opt && grub_strcmp ((char *)opt, "HTTPClient") == 0) - { - char *proto, *ip, *pa; - diff --git a/0145-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch b/0145-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch deleted file mode 100644 index 6c16e9efd8123dfef1edd25fae1ca237559f1251..0000000000000000000000000000000000000000 --- a/0145-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 20 Jul 2020 12:24:02 -0400 -Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/ip4_config.c - -This will need to get folded back in the right place on the next rebase, -but it's before "Make grub_strtol() "end" pointers have safer const -qualifiers" currently, so for now I'm leaving it here instead of merging -it back with the original patch. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/ip4_config.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c -index 9725e928f7e..cb880fc3e8f 100644 ---- a/grub-core/net/efi/ip4_config.c -+++ b/grub-core/net/efi/ip4_config.c -@@ -61,7 +61,8 @@ int - grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest) - { - grub_uint32_t newip = 0; -- int i, ncolon = 0; -+ grub_size_t i; -+ int ncolon = 0; - const char *ptr = val; - - /* Check that is not an IPv6 address */ -@@ -78,7 +79,7 @@ grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *addres - for (i = 0; i < 4; i++) - { - unsigned long t; -- t = grub_strtoul (ptr, (char **) &ptr, 0); -+ t = grub_strtoul (ptr, &ptr, 0); - if (grub_errno) - { - grub_errno = GRUB_ERR_NONE; diff --git a/0146-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch b/0146-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch deleted file mode 100644 index 7c29683eea176b76c6d2dcecd15e829e52442596..0000000000000000000000000000000000000000 --- a/0146-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 20 Jul 2020 12:24:02 -0400 -Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/ip6_config.c - -This will need to get folded back in the right place on the next rebase, -but it's before "Make grub_strtol() "end" pointers have safer const -qualifiers" currently, so for now I'm leaving it here instead of merging -it back with the original patch. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/ip6_config.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/net/efi/ip6_config.c b/grub-core/net/efi/ip6_config.c -index a46f6f9b685..1c5415d7185 100644 ---- a/grub-core/net/efi/ip6_config.c -+++ b/grub-core/net/efi/ip6_config.c -@@ -85,7 +85,7 @@ grub_efi_string_to_ip6_address (const char *val, grub_efi_ipv6_address_t *addres - ptr++; - continue; - } -- t = grub_strtoul (ptr, (char **) &ptr, 16); -+ t = grub_strtoul (ptr, &ptr, 16); - if (grub_errno) - { - grub_errno = GRUB_ERR_NONE; diff --git a/0147-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch b/0147-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch deleted file mode 100644 index 0fe90c8b0a0d4ec3b397db037236cf8bab467ad2..0000000000000000000000000000000000000000 --- a/0147-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 20 Jul 2020 12:24:02 -0400 -Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/net.c - -This will need to get folded back in the right place on the next rebase, -but it's before "Make grub_strtol() "end" pointers have safer const -qualifiers" currently, so for now I'm leaving it here instead of merging -it back with the original patch. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/net.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index a3f0535d43c..78e5442fc52 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -729,7 +729,7 @@ grub_efi_net_parse_address (const char *address, - { - grub_uint32_t subnet_mask_size; - -- subnet_mask_size = grub_strtoul (rest + 1, (char **) &rest, 0); -+ subnet_mask_size = grub_strtoul (rest + 1, &rest, 0); - - if (!grub_errno && subnet_mask_size <= 32 && *rest == 0) - { -@@ -758,7 +758,7 @@ grub_efi_net_parse_address (const char *address, - { - grub_efi_uint8_t prefix_length; - -- prefix_length = grub_strtoul (rest + 1, (char **) &rest, 0); -+ prefix_length = grub_strtoul (rest + 1, &rest, 0); - if (!grub_errno && prefix_length <= 128 && *rest == 0) - { - ip6->prefix_length = prefix_length; diff --git a/0148-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch b/0148-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch deleted file mode 100644 index 59f29e4f651ca6a4a55f3a4f5919e2e663bcdbf5..0000000000000000000000000000000000000000 --- a/0148-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 20 Jul 2020 12:24:02 -0400 -Subject: [PATCH] Fix const char ** pointers in grub-core/net/efi/pxe.c - -This will need to get folded back in the right place on the next rebase, -but it's before "Make grub_strtol() "end" pointers have safer const -qualifiers" currently, so for now I'm leaving it here instead of merging -it back with the original patch. - -Signed-off-by: Peter Jones ---- - grub-core/net/efi/pxe.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/grub-core/net/efi/pxe.c b/grub-core/net/efi/pxe.c -index 531949cba5c..73e2bb01c1b 100644 ---- a/grub-core/net/efi/pxe.c -+++ b/grub-core/net/efi/pxe.c -@@ -187,7 +187,7 @@ parse_ip6 (const char *val, grub_uint64_t *ip, const char **rest) - ptr++; - continue; - } -- t = grub_strtoul (ptr, (char **) &ptr, 16); -+ t = grub_strtoul (ptr, &ptr, 16); - if (grub_errno) - { - grub_errno = GRUB_ERR_NONE; -@@ -225,7 +225,7 @@ pxe_open (struct grub_efi_net_device *dev, - int type __attribute__((unused))) - { - int i; -- char *p; -+ const char *p; - grub_efi_status_t status; - grub_efi_pxe_ip_address_t server_ip; - grub_efi_uint64_t file_size = 0; -@@ -313,7 +313,7 @@ pxe_read (struct grub_efi_net_device *dev, - grub_size_t len) - { - int i; -- char *p; -+ const char *p; - grub_efi_status_t status; - grub_efi_pxe_t *pxe = (prefer_ip6) ? dev->ip6_pxe : dev->ip4_pxe; - grub_efi_uint64_t bufsz = len; diff --git a/0149-Add-systemd-integration-scripts-to-make-systemctl-re.patch b/0149-Add-systemd-integration-scripts-to-make-systemctl-re.patch deleted file mode 100644 index 8e2481e71d46bc3b8d74ea79054c818e9a6790a9..0000000000000000000000000000000000000000 --- a/0149-Add-systemd-integration-scripts-to-make-systemctl-re.patch +++ /dev/null @@ -1,190 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Wed, 22 Jul 2020 14:03:42 +0200 -Subject: [PATCH] Add systemd integration scripts to make "systemctl reboot - --boot-loader-menu=xxx" work with grub - -This commit adds a number of scripts / config files to make -"systemctl reboot --boot-loader-menu=xxx" work with grub: - -1. /lib/systemd/system/systemd-logind.service.d/10-grub.conf -This sets SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU in the env. for logind, -indicating that the boot-loader which is used supports this feature, see: -https://github.com/systemd/systemd/blob/master/docs/ENVIRONMENT.md - -2. /lib/systemd/system/grub-systemd-integration.service - /lib/systemd/system/reboot.target.wants/grub-systemd-integration.service -> - ../grub-systemd-integration.service - /usr/libexec/grub/grub-systemd-integration.sh - -The symlink in the .wants dir causes the added service file to be started -by systemd just before rebooting the system. -If /run/systemd/reboot-to-boot-loader-menu exist then the service will run -the grub-systemd-integration.sh script. -This script sets the new menu_show_once_timeout grubenv variable to the -requested timeout in seconds. - -3. /etc/grub.d/14_menu_show_once - -This new grub-mkconfig snippet adds the necessary code to the generated -grub.conf to honor the new menu_show_once_timeout variable, and to -automatically clear it after consuming it. - -Note the service and libexec script use grub-systemd-integration as name -because in the future they may be used to add further integration with -systemctl reboot --foo options, e.g. support for --boot-loader-entry=NAME. - -A few notes about upstreaming this patch from the rhboot grub2 fork: -1. I have deliberately put the grub.conf bits for this in a new / separate - grub-mkconfig snippet generator for easy upstreaming -2. Even though the commit message mentions the .wants symlink for the .service - I have been unable to come up with a clean way to do this at "make install" - time, this should be fixed before upstreaming. - -Downstream notes: -1. Since make install does not add the .wants symlink, this needs to be done - in grub2.spec %install -2. This is keeping support for the "old" Fedora specific menu_show_once env - variable, which has a hardcoded timeout of 60 sec in 12_menu_auto_hide in - place for now. This can be dropped (eventually) in a follow-up patch once - GNOME has been converted to use the systemd dbus API equivalent of - "systemctl reboot --boot-loader-menu=xxx". - -Signed-off-by: Hans de Goede ---- - Makefile.util.def | 27 ++++++++++++++++++++++++ - conf/Makefile.common | 6 ++++++ - util/grub.d/14_menu_show_once.in | 13 ++++++++++++ - util/systemd/10-grub-logind-service.conf.in | 2 ++ - util/systemd/grub-systemd-integration.service.in | 8 +++++++ - util/systemd/systemd-integration.sh.in | 6 ++++++ - 6 files changed, 62 insertions(+) - create mode 100755 util/grub.d/14_menu_show_once.in - create mode 100644 util/systemd/10-grub-logind-service.conf.in - create mode 100644 util/systemd/grub-systemd-integration.service.in - create mode 100644 util/systemd/systemd-integration.sh.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index 2e6ad979c3e..9927c2cfd6a 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -470,6 +470,12 @@ script = { - installdir = grubconf; - }; - -+script = { -+ name = '14_menu_show_once'; -+ common = util/grub.d/14_menu_show_once.in; -+ installdir = grubconf; -+}; -+ - script = { - name = '01_users'; - common = util/grub.d/01_users.in; -@@ -569,6 +575,27 @@ script = { - installdir = grubconf; - }; - -+script = { -+ name = 'grub-systemd-integration.service'; -+ common = util/systemd/grub-systemd-integration.service.in; -+ installdir = systemdunit; -+ condition = COND_HOST_LINUX; -+}; -+ -+script = { -+ name = 'systemd-integration.sh'; -+ common = util/systemd/systemd-integration.sh.in; -+ installdir = grublibexec; -+ condition = COND_HOST_LINUX; -+}; -+ -+script = { -+ name = '10-grub-logind-service.conf'; -+ common = util/systemd/10-grub-logind-service.conf.in; -+ installdir = systemd_logind_service_d; -+ condition = COND_HOST_LINUX; -+}; -+ - program = { - mansection = 1; - name = grub-mkrescue; -diff --git a/conf/Makefile.common b/conf/Makefile.common -index 0647c53b916..9fe5863b2d9 100644 ---- a/conf/Makefile.common -+++ b/conf/Makefile.common -@@ -63,8 +63,11 @@ CCASFLAGS_LIBRARY = $(UTILS_CCASFLAGS) - # Other variables - - grubconfdir = $(sysconfdir)/grub.d -+grublibexecdir = $(libexecdir)/$(grubdirname) - platformdir = $(pkglibdir)/$(target_cpu)-$(platform) - starfielddir = $(pkgdatadir)/themes/starfield -+systemdunitdir = ${prefix}/lib/systemd/system -+systemd_logind_service_ddir = $(systemdunitdir)/systemd-logind.service.d - - CFLAGS_GNULIB = -Wno-undef -Wno-unused -Wno-unused-parameter -Wno-redundant-decls -Wno-unreachable-code -Werror=trampolines -fno-trampolines - CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/lib/gnulib -I$(top_srcdir)/grub-core/lib/gnulib -@@ -121,6 +124,9 @@ noinst_LIBRARIES = - dist_noinst_DATA = - platform_SCRIPTS = - platform_PROGRAMS = -+grublibexec_SCRIPTS = -+systemdunit_SCRIPTS = -+systemd_logind_service_d_SCRIPTS = - - TESTS = - EXTRA_DIST = -diff --git a/util/grub.d/14_menu_show_once.in b/util/grub.d/14_menu_show_once.in -new file mode 100755 -index 00000000000..1cd7f36142b ---- /dev/null -+++ b/util/grub.d/14_menu_show_once.in -@@ -0,0 +1,13 @@ -+#! /bin/sh -+# Force the menu to be shown once, with a timeout of ${menu_show_once_timeout} -+# if requested by ${menu_show_once_timeout} being set in the env. -+cat << EOF -+if [ x\$feature_timeout_style = xy ]; then -+ if [ "\${menu_show_once_timeout}" ]; then -+ set timeout_style=menu -+ set timeout="\${menu_show_once_timeout}" -+ unset menu_show_once_timeout -+ save_env menu_show_once_timeout -+ fi -+fi -+EOF -diff --git a/util/systemd/10-grub-logind-service.conf.in b/util/systemd/10-grub-logind-service.conf.in -new file mode 100644 -index 00000000000..f2d4ac00732 ---- /dev/null -+++ b/util/systemd/10-grub-logind-service.conf.in -@@ -0,0 +1,2 @@ -+[Service] -+Environment=SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU=true -diff --git a/util/systemd/grub-systemd-integration.service.in b/util/systemd/grub-systemd-integration.service.in -new file mode 100644 -index 00000000000..c81fb594ce1 ---- /dev/null -+++ b/util/systemd/grub-systemd-integration.service.in -@@ -0,0 +1,8 @@ -+[Unit] -+Description=Grub2 systemctl reboot --boot-loader-menu=... support -+Before=umount.target systemd-reboot.service -+DefaultDependencies=no -+ConditionPathExists=/run/systemd/reboot-to-boot-loader-menu -+ -+[Service] -+ExecStart=@libexecdir@/@grubdirname@/systemd-integration.sh -diff --git a/util/systemd/systemd-integration.sh.in b/util/systemd/systemd-integration.sh.in -new file mode 100644 -index 00000000000..dc1218597bc ---- /dev/null -+++ b/util/systemd/systemd-integration.sh.in -@@ -0,0 +1,6 @@ -+#!/bin/sh -+ -+TIMEOUT_USEC=$(cat /run/systemd/reboot-to-boot-loader-menu) -+TIMEOUT=$(((TIMEOUT_USEC + 500000) / 1000000)) -+ -+@grub_editenv@ - set menu_show_once_timeout=$TIMEOUT diff --git a/0150-systemd-integration.sh-Also-set-old-menu_show_once-g.patch b/0150-systemd-integration.sh-Also-set-old-menu_show_once-g.patch deleted file mode 100644 index 9021de505793c9dad90df26f5264c2979268c13b..0000000000000000000000000000000000000000 --- a/0150-systemd-integration.sh-Also-set-old-menu_show_once-g.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Thu, 23 Jul 2020 09:27:36 +0200 -Subject: [PATCH] systemd-integration.sh: Also set old menu_show_once grubenv - var - -Downstream RH / Fedora patch for compatibility with old, not (yet) -regenerated grub.cfg files which miss the menu_show_once_timeout check. -This older grubenv variable leads to a fixed timeout of 60 seconds. - -Note that the new menu_show_once_timeout will overrule these 60 seconds -if both are set and the grub.cfg does have the menu_show_once_timeout -check. - -Signed-off-by: Hans de Goede ---- - util/systemd/systemd-integration.sh.in | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/util/systemd/systemd-integration.sh.in b/util/systemd/systemd-integration.sh.in -index dc1218597bc..a4c071c5b0c 100644 ---- a/util/systemd/systemd-integration.sh.in -+++ b/util/systemd/systemd-integration.sh.in -@@ -4,3 +4,8 @@ TIMEOUT_USEC=$(cat /run/systemd/reboot-to-boot-loader-menu) - TIMEOUT=$(((TIMEOUT_USEC + 500000) / 1000000)) - - @grub_editenv@ - set menu_show_once_timeout=$TIMEOUT -+ -+# Downstream RH / Fedora patch for compatibility with old, not (yet) -+# regenerated grub.cfg files which miss the menu_show_once_timeout check -+# this older grubenv variable leads to a fixed timeout of 60 seconds -+@grub_editenv@ - set menu_show_once=1 diff --git a/0151-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch b/0151-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch deleted file mode 100644 index c3388409860f73d9656d4ec7eabd6d51db6379ff..0000000000000000000000000000000000000000 --- a/0151-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Thu, 3 Dec 2020 09:13:24 +0100 -Subject: [PATCH] at_keyboard: use set 1 when keyboard is in Translate mode -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When keyboard controller acts in Translate mode (0x40 mask), then use -set 1 since translation is done. -Otherwise use the mode queried from the controller (usually set 2). - -Added "atkeyb" debugging messages in at_keyboard module as well. - -Resolves: rhbz#1897587 - -Tested on: -- Asus N53SN (set 1 used) -- Dell Precision (set 1 used) -- HP Elitebook (set 2 used) -- HP G5430 (set 1 used, keyboard in XT mode!) -- Lenovo P71 & Lenovo T460s (set 2 used) -- QEMU/KVM (set 1 used) - -Signed-off-by: Renaud Métrich ---- - grub-core/term/at_keyboard.c | 29 ++++++++++++++++++++++++----- - include/grub/at_keyboard.h | 4 ++++ - 2 files changed, 28 insertions(+), 5 deletions(-) - -diff --git a/grub-core/term/at_keyboard.c b/grub-core/term/at_keyboard.c -index 597111077bd..26014382608 100644 ---- a/grub-core/term/at_keyboard.c -+++ b/grub-core/term/at_keyboard.c -@@ -135,20 +135,28 @@ query_mode (void) - int e; - - e = write_mode (0); -- if (!e) -+ if (!e) { -+ grub_dprintf("atkeyb", "query_mode: write_mode(0) failed\n"); - return 0; -+ } - - do { - keyboard_controller_wait_until_ready (); - ret = grub_inb (KEYBOARD_REG_DATA); - } while (ret == GRUB_AT_ACK); - /* QEMU translates the set even in no-translate mode. */ -- if (ret == 0x43 || ret == 1) -+ if (ret == 0x43 || ret == 1) { -+ grub_dprintf("atkeyb", "query_mode: returning 1 (ret=0x%x)\n", ret); - return 1; -- if (ret == 0x41 || ret == 2) -+ } -+ if (ret == 0x41 || ret == 2) { -+ grub_dprintf("atkeyb", "query_mode: returning 2 (ret=0x%x)\n", ret); - return 2; -- if (ret == 0x3f || ret == 3) -+ } -+ if (ret == 0x3f || ret == 3) { -+ grub_dprintf("atkeyb", "query_mode: returning 3 (ret=0x%x)\n", ret); - return 3; -+ } - return 0; - } - -@@ -165,7 +173,13 @@ set_scancodes (void) - } - - #if !USE_SCANCODE_SET -- ps2_state.current_set = 1; -+ if ((grub_keyboard_controller_orig & KEYBOARD_AT_TRANSLATE) == KEYBOARD_AT_TRANSLATE) { -+ grub_dprintf ("atkeyb", "queried set is %d but keyboard in Translate mode, so actually in set 1\n", grub_keyboard_orig_set); -+ ps2_state.current_set = 1; -+ } else { -+ grub_dprintf ("atkeyb", "using queried set %d\n", grub_keyboard_orig_set); -+ ps2_state.current_set = grub_keyboard_orig_set; -+ } - return; - #else - -@@ -266,6 +280,7 @@ grub_keyboard_controller_init (void) - grub_keyboard_orig_set = 2; - #else - grub_keyboard_controller_orig = grub_keyboard_controller_read (); -+ grub_dprintf ("atkeyb", "grub_keyboard_controller_orig = 0x%x\n", grub_keyboard_controller_orig); - grub_keyboard_orig_set = query_mode (); - #endif - set_scancodes (); -@@ -275,11 +290,15 @@ grub_keyboard_controller_init (void) - static grub_err_t - grub_keyboard_controller_fini (struct grub_term_input *term __attribute__ ((unused))) - { -+/* In !USE_SCANCODE_SET mode, we didn't change anything, so nothing to restore */ -+#if USE_SCANCODE_SET - if (ps2_state.current_set == 0) - return GRUB_ERR_NONE; -+ grub_dprintf ("atkeyb", "restoring set %d, controller 0x%x\n", grub_keyboard_orig_set, grub_keyboard_controller_orig); - if (grub_keyboard_orig_set) - write_mode (grub_keyboard_orig_set); - grub_keyboard_controller_write (grub_keyboard_controller_orig); -+#endif - return GRUB_ERR_NONE; - } - -diff --git a/include/grub/at_keyboard.h b/include/grub/at_keyboard.h -index bcb4d9ba78f..9414dc1b996 100644 ---- a/include/grub/at_keyboard.h -+++ b/include/grub/at_keyboard.h -@@ -19,6 +19,10 @@ - #ifndef GRUB_AT_KEYBOARD_HEADER - #define GRUB_AT_KEYBOARD_HEADER 1 - -+/* -+ * Refer to https://wiki.osdev.org/%228042%22_PS/2_Controller for details. -+ */ -+ - /* Used for sending commands to the controller. */ - #define KEYBOARD_COMMAND_ISREADY(x) !((x) & 0x02) - #define KEYBOARD_COMMAND_READ 0x20 diff --git a/0152-grub-install-disable-support-for-EFI-platforms.patch b/0152-grub-install-disable-support-for-EFI-platforms.patch deleted file mode 100644 index 41003e2548dac8d0a1adccd069388e3e2c1f61c3..0000000000000000000000000000000000000000 --- a/0152-grub-install-disable-support-for-EFI-platforms.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Hlavac -Date: Fri, 20 Nov 2020 23:51:47 +0100 -Subject: [PATCH] grub-install: disable support for EFI platforms - -For each platform, GRUB is shipped as a kernel image and a set of -modules. These files are then used by the grub-install utility to -install GRUB on a specific device. However, in order to support UEFI -Secure Boot, the resulting EFI binary must be signed by a recognized -private key. For this reason, for EFI platforms, most distributions also -ship prebuilt EFI binaries signed by a distribution-specific private -key. In this case, however, the grub-install utility should not be used -because it would overwrite the signed EFI binary. - -The current fix is suboptimal because it preserves all EFI-related code. -A better solution could be to modularize the code and provide a -build-time option. - -Resolves: rhbz#1737444 - -Signed-off-by: Jan Hlavac ---- - util/grub-install.c | 37 ++++++++++++++++--------------------- - docs/grub.texi | 7 +++++++ - util/grub-install.8 | 4 +++- - 3 files changed, 26 insertions(+), 22 deletions(-) - -diff --git a/util/grub-install.c b/util/grub-install.c -index a2bec7446cb..5babc7af551 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -899,6 +899,22 @@ main (int argc, char *argv[]) - - platform = grub_install_get_target (grub_install_source_directory); - -+ switch (platform) -+ { -+ case GRUB_INSTALL_PLATFORM_ARM_EFI: -+ case GRUB_INSTALL_PLATFORM_ARM64_EFI: -+ case GRUB_INSTALL_PLATFORM_I386_EFI: -+ case GRUB_INSTALL_PLATFORM_IA64_EFI: -+ case GRUB_INSTALL_PLATFORM_X86_64_EFI: -+ is_efi = 1; -+ grub_util_error (_("this utility cannot be used for EFI platforms" -+ " because it does not support UEFI Secure Boot")); -+ break; -+ default: -+ is_efi = 0; -+ break; -+ } -+ - { - char *platname = grub_install_get_platform_name (platform); - fprintf (stderr, _("Installing for %s platform.\n"), platname); -@@ -1011,28 +1027,7 @@ main (int argc, char *argv[]) - grub_hostfs_init (); - grub_host_init (); - -- switch (platform) -- { -- case GRUB_INSTALL_PLATFORM_I386_EFI: -- case GRUB_INSTALL_PLATFORM_X86_64_EFI: -- case GRUB_INSTALL_PLATFORM_ARM_EFI: -- case GRUB_INSTALL_PLATFORM_ARM64_EFI: -- case GRUB_INSTALL_PLATFORM_RISCV32_EFI: -- case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -- case GRUB_INSTALL_PLATFORM_IA64_EFI: -- is_efi = 1; -- break; -- default: -- is_efi = 0; -- break; -- -- /* pacify warning. */ -- case GRUB_INSTALL_PLATFORM_MAX: -- break; -- } -- - /* Find the EFI System Partition. */ -- - if (is_efi) - { - grub_fs_t fs; -diff --git a/docs/grub.texi b/docs/grub.texi -index 04ed6ac1f07..4870faaa00a 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -6509,6 +6509,13 @@ grub2-install @var{install_device} - The device name @var{install_device} is an OS device name or a GRUB - device name. - -+In order to support UEFI Secure Boot, the resulting GRUB EFI binary must -+be signed by a recognized private key. For this reason, for EFI -+platforms, most distributions also ship prebuilt GRUB EFI binaries -+signed by a distribution-specific private key. In this case, however, -+@command{grub2-install} should not be used because it would overwrite -+the signed EFI binary. -+ - @command{grub2-install} accepts the following options: - - @table @option -diff --git a/util/grub-install.8 b/util/grub-install.8 -index 1db89e94b3b..811d441b16c 100644 ---- a/util/grub-install.8 -+++ b/util/grub-install.8 -@@ -1,4 +1,4 @@ --.TH GRUB-INSTALL 1 "Wed Feb 26 2014" -+.TH GRUB-INSTALL 1 "Fri Nov 20 2020" - .SH NAME - \fBgrub-install\fR \(em Install GRUB on a device. - -@@ -31,6 +31,8 @@ - .SH DESCRIPTION - \fBgrub-install\fR installs GRUB onto a device. This includes copying GRUB images into the target directory (generally \fI/boot/grub\fR), and on some platforms may also include installing GRUB onto a boot sector. - -+In order to support UEFI Secure Boot, the resulting GRUB EFI binary must be signed by a recognized private key. For this reason, for EFI platforms, most distributions also ship prebuilt GRUB EFI binaries signed by a distribution-specific private key. In this case, however, the \fBgrub-install\fR utility should not be used because it would overwrite the signed EFI binary. -+ - .SH OPTIONS - .TP - \fB--modules\fR=\fIMODULES\fR\! diff --git a/0153-New-with-debug-timestamps-configure-flag-to-prepend-.patch b/0153-New-with-debug-timestamps-configure-flag-to-prepend-.patch deleted file mode 100644 index d216284c1218f2bf5243ae1d2bac12302ca9fc60..0000000000000000000000000000000000000000 --- a/0153-New-with-debug-timestamps-configure-flag-to-prepend-.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Sat, 23 Nov 2019 14:57:41 +0100 -Subject: [PATCH] New --with-debug-timestamps configure flag to prepend debug - traces with absolute and relative timestamp -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Renaud Métrich ---- - configure.ac | 18 ++++++++++++++++++ - grub-core/kern/misc.c | 20 ++++++++++++++++++++ - config.h.in | 1 + - 3 files changed, 39 insertions(+) - -diff --git a/configure.ac b/configure.ac -index c6bd965f1f9..3c808a72230 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1613,6 +1613,17 @@ else - fi - AC_SUBST([BOOT_TIME_STATS]) - -+AC_ARG_WITH([debug-timestamps], -+ AS_HELP_STRING([--with-debug-timestamps], -+ [prepend debug traces with absolute and relative timestamps])) -+ -+if test x$with_debug_timestamps = xyes; then -+ DEBUG_WITH_TIMESTAMPS=1 -+else -+ DEBUG_WITH_TIMESTAMPS=0 -+fi -+AC_SUBST([DEBUG_WITH_TIMESTAMPS]) -+ - AC_ARG_ENABLE([grub-emu-sdl], - [AS_HELP_STRING([--enable-grub-emu-sdl], - [build and install the `grub-emu' debugging utility with SDL support (default=guessed)])]) -@@ -2194,6 +2205,7 @@ AM_CONDITIONAL([COND_APPLE_LINKER], [test x$TARGET_APPLE_LINKER = x1]) - AM_CONDITIONAL([COND_ENABLE_EFIEMU], [test x$enable_efiemu = xyes]) - AM_CONDITIONAL([COND_ENABLE_CACHE_STATS], [test x$DISK_CACHE_STATS = x1]) - AM_CONDITIONAL([COND_ENABLE_BOOT_TIME_STATS], [test x$BOOT_TIME_STATS = x1]) -+AM_CONDITIONAL([COND_DEBUG_WITH_TIMESTAMPS], [test x$DEBUG_WITH_TIMESTAMPS = x1]) - - AM_CONDITIONAL([COND_HAVE_CXX], [test x$HAVE_CXX = xyes]) - -@@ -2289,6 +2301,12 @@ else - echo With boot time statistics: No - fi - -+if [ x"$with_debug_timestamps" = xyes ]; then -+echo Debug traces with timestamps: Yes -+else -+echo Debug traces with timestamps: No -+fi -+ - if [ x"$efiemu_excuse" = x ]; then - echo efiemu runtime: Yes - else -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 578bf51a5fc..9f54b6b7d2d 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -25,6 +25,9 @@ - #include - #include - #include -+#if DEBUG_WITH_TIMESTAMPS -+#include -+#endif - - union printf_arg - { -@@ -192,9 +195,26 @@ grub_real_dprintf (const char *file, const int line, const char *condition, - const char *fmt, ...) - { - va_list args; -+#if DEBUG_WITH_TIMESTAMPS -+ static long unsigned int last_time = 0; -+ static int last_had_cr = 1; -+#endif - - if (grub_debug_enabled (condition)) - { -+#if DEBUG_WITH_TIMESTAMPS -+ /* Don't print timestamp if last printed message isn't terminated yet */ -+ if (last_had_cr) { -+ long unsigned int tmabs = (long unsigned int) grub_get_time_ms(); -+ long unsigned int tmrel = tmabs - last_time; -+ last_time = tmabs; -+ grub_printf ("%3lu.%03lus +%2lu.%03lus ", tmabs / 1000, tmabs % 1000, tmrel / 1000, tmrel % 1000); -+ } -+ if (fmt[grub_strlen(fmt)-1] == '\n') -+ last_had_cr = 1; -+ else -+ last_had_cr = 0; -+#endif - grub_printf ("%s:%d: ", file, line); - va_start (args, fmt); - grub_vprintf (fmt, args); -diff --git a/config.h.in b/config.h.in -index c7e316f0f1f..c80e3e0aba3 100644 ---- a/config.h.in -+++ b/config.h.in -@@ -12,6 +12,7 @@ - /* Define to 1 to enable disk cache statistics. */ - #define DISK_CACHE_STATS @DISK_CACHE_STATS@ - #define BOOT_TIME_STATS @BOOT_TIME_STATS@ -+#define DEBUG_WITH_TIMESTAMPS @DEBUG_WITH_TIMESTAMPS@ - - /* We don't need those. */ - #define MINILZO_CFG_SKIP_LZO_PTR 1 diff --git a/0154-Added-debug-statements-to-grub_disk_open-and-grub_di.patch b/0154-Added-debug-statements-to-grub_disk_open-and-grub_di.patch deleted file mode 100644 index cbb1a38e3ab76bad82372262ee46967cf5888a39..0000000000000000000000000000000000000000 --- a/0154-Added-debug-statements-to-grub_disk_open-and-grub_di.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Sat, 23 Nov 2019 15:22:16 +0100 -Subject: [PATCH] Added debug statements to grub_disk_open() and - grub_disk_close() on success -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Renaud Métrich ---- - grub-core/kern/disk.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/grub-core/kern/disk.c b/grub-core/kern/disk.c -index e1b0e073e09..05a28ab1429 100644 ---- a/grub-core/kern/disk.c -+++ b/grub-core/kern/disk.c -@@ -285,6 +285,8 @@ grub_disk_open (const char *name) - return 0; - } - -+ grub_dprintf ("disk", "Opening `%s' succeeded.\n", name); -+ - return disk; - } - -@@ -292,7 +294,7 @@ void - grub_disk_close (grub_disk_t disk) - { - grub_partition_t part; -- grub_dprintf ("disk", "Closing `%s'.\n", disk->name); -+ grub_dprintf ("disk", "Closing `%s'...\n", disk->name); - - if (disk->dev && disk->dev->disk_close) - (disk->dev->disk_close) (disk); -@@ -306,8 +308,10 @@ grub_disk_close (grub_disk_t disk) - grub_free (disk->partition); - disk->partition = part; - } -+ grub_dprintf ("disk", "Closing `%s' succeeded.\n", disk->name); - grub_free ((void *) disk->name); - grub_free (disk); -+ - } - - /* Small read (less than cache size and not pass across cache unit boundaries). diff --git a/0155-Introduce-function-grub_debug_is_enabled-void-return.patch b/0155-Introduce-function-grub_debug_is_enabled-void-return.patch deleted file mode 100644 index 4e4718b7898a951a26d8ea939e0b681ab41c3795..0000000000000000000000000000000000000000 --- a/0155-Introduce-function-grub_debug_is_enabled-void-return.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Mon, 25 Nov 2019 09:29:53 +0100 -Subject: [PATCH] Introduce function grub_debug_is_enabled(void) returning 1 if - 'debug' is in the environment and not empty -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Renaud Métrich ---- - grub-core/kern/misc.c | 13 +++++++++++++ - include/grub/misc.h | 1 + - 2 files changed, 14 insertions(+) - -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 9f54b6b7d2d..a186ad3dd41 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -163,6 +163,19 @@ int grub_err_printf (const char *fmt, ...) - __attribute__ ((alias("grub_printf"))); - #endif - -+/* Return 1 if 'debug' is set and not empty */ -+int -+grub_debug_is_enabled (void) -+{ -+ const char *debug; -+ -+ debug = grub_env_get ("debug"); -+ if (!debug || debug[0] == '\0') -+ return 0; -+ -+ return 1; -+} -+ - int - grub_debug_enabled (const char * condition) - { -diff --git a/include/grub/misc.h b/include/grub/misc.h -index 3adc4036e3b..6c4aa85ac50 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -340,6 +340,7 @@ grub_puts (const char *s) - } - - int EXPORT_FUNC(grub_puts_) (const char *s); -+int EXPORT_FUNC(grub_debug_is_enabled) (void); - int EXPORT_FUNC(grub_debug_enabled) (const char *condition); - void EXPORT_FUNC(grub_real_dprintf) (const char *file, - const int line, diff --git a/0156-Don-t-clear-screen-when-debugging-is-enabled.patch b/0156-Don-t-clear-screen-when-debugging-is-enabled.patch deleted file mode 100644 index d17b080c5e02f587175459f019f0eace26eee521..0000000000000000000000000000000000000000 --- a/0156-Don-t-clear-screen-when-debugging-is-enabled.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Sat, 23 Nov 2019 16:23:54 +0100 -Subject: [PATCH] Don't clear screen when debugging is enabled -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Renaud Métrich -[rharwood@redhat.com: rebase fuzz] -Signed-off-by: Robbie Harwood ---- - grub-core/normal/main.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 1970e4816a8..4ebdbd228d4 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -215,8 +215,9 @@ grub_normal_init_page (struct grub_term_output *term, - char *msg_formatted; - grub_uint32_t *unicode_msg; - grub_uint32_t *last_position; -- -- grub_term_cls (term); -+ -+ if (! grub_debug_is_enabled ()) -+ grub_term_cls (term); - - msg_formatted = grub_xasprintf (_("GNU GRUB version %s"), PACKAGE_VERSION); - if (!msg_formatted) diff --git a/0157-grub_file_-instrumentation-new-file-debug-tag.patch b/0157-grub_file_-instrumentation-new-file-debug-tag.patch deleted file mode 100644 index 0cc6b8c98eafa150f85697d0172c22e8b713b6ff..0000000000000000000000000000000000000000 --- a/0157-grub_file_-instrumentation-new-file-debug-tag.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Fri, 29 Nov 2019 11:02:00 +0100 -Subject: [PATCH] grub_file_* instrumentation (new 'file' debug tag) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Renaud Métrich ---- - grub-core/kern/file.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c -index 58454458c47..e19aea3e514 100644 ---- a/grub-core/kern/file.c -+++ b/grub-core/kern/file.c -@@ -66,6 +66,8 @@ grub_file_open (const char *name, enum grub_file_type type) - const char *file_name; - grub_file_filter_id_t filter; - -+ grub_dprintf ("file", "Opening `%s' ...\n", name); -+ - device_name = grub_file_get_device_name (name); - if (grub_errno) - goto fail; -@@ -128,6 +130,8 @@ grub_file_open (const char *name, enum grub_file_type type) - if (!file) - grub_file_close (last_file); - -+ grub_dprintf ("file", "Opening `%s' succeeded.\n", name); -+ - return file; - - fail: -@@ -138,6 +142,8 @@ grub_file_open (const char *name, enum grub_file_type type) - - grub_free (file); - -+ grub_dprintf ("file", "Opening `%s' failed.\n", name); -+ - return 0; - } - -@@ -169,6 +175,7 @@ grub_file_read (grub_file_t file, void *buf, grub_size_t len) - - if (len == 0) - return 0; -+ - read_hook = file->read_hook; - read_hook_data = file->read_hook_data; - if (!file->read_hook) -@@ -189,11 +196,18 @@ grub_file_read (grub_file_t file, void *buf, grub_size_t len) - grub_err_t - grub_file_close (grub_file_t file) - { -+ grub_dprintf ("file", "Closing `%s' ...\n", file->name); - if (file->fs->fs_close) - (file->fs->fs_close) (file); - - if (file->device) - grub_device_close (file->device); -+ -+ if (grub_errno == GRUB_ERR_NONE) -+ grub_dprintf ("file", "Closing `%s' succeeded.\n", file->name); -+ else -+ grub_dprintf ("file", "Closing `%s' failed with %d.\n", file->name, grub_errno); -+ - grub_free (file->name); - grub_free (file); - return grub_errno; diff --git a/0158-ieee1275-Avoiding-many-unecessary-open-close.patch b/0158-ieee1275-Avoiding-many-unecessary-open-close.patch deleted file mode 100644 index 6a0ad75b7c3e581a0144d9db8de9c5ceec3ea7f6..0000000000000000000000000000000000000000 --- a/0158-ieee1275-Avoiding-many-unecessary-open-close.patch +++ /dev/null @@ -1,136 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Diego Domingos -Date: Mon, 14 Dec 2020 17:42:45 +0100 -Subject: [PATCH] ieee1275: Avoiding many unecessary open/close - -Signed-off-by: Diego Domingos ---- - grub-core/disk/ieee1275/ofdisk.c | 64 ++++++++++++++++++++++------------------ - 1 file changed, 35 insertions(+), 29 deletions(-) - -diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c -index 03674cb477e..ea7f78ac7d8 100644 ---- a/grub-core/disk/ieee1275/ofdisk.c -+++ b/grub-core/disk/ieee1275/ofdisk.c -@@ -44,7 +44,7 @@ struct ofdisk_hash_ent - }; - - static grub_err_t --grub_ofdisk_get_block_size (const char *device, grub_uint32_t *block_size, -+grub_ofdisk_get_block_size (grub_uint32_t *block_size, - struct ofdisk_hash_ent *op); - - #define OFDISK_HASH_SZ 8 -@@ -461,6 +461,7 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) - grub_ssize_t actual; - grub_uint32_t block_size = 0; - grub_err_t err; -+ struct ofdisk_hash_ent *op; - - if (grub_strncmp (name, "ieee1275/", sizeof ("ieee1275/") - 1) != 0) - return grub_error (GRUB_ERR_UNKNOWN_DEVICE, -@@ -471,6 +472,35 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) - - grub_dprintf ("disk", "Opening `%s'.\n", devpath); - -+ op = ofdisk_hash_find (devpath); -+ if (!op) -+ op = ofdisk_hash_add (devpath, NULL); -+ if (!op) -+ { -+ grub_free (devpath); -+ return grub_errno; -+ } -+ -+ /* Check if the call to open is the same to the last disk already opened */ -+ if (last_devpath && !grub_strcmp(op->open_path,last_devpath)) -+ { -+ goto finish; -+ } -+ -+ /* If not, we need to close the previous disk and open the new one */ -+ else { -+ if (last_ihandle){ -+ grub_ieee1275_close (last_ihandle); -+ } -+ last_ihandle = 0; -+ last_devpath = NULL; -+ -+ grub_ieee1275_open (op->open_path, &last_ihandle); -+ if (! last_ihandle) -+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); -+ last_devpath = op->open_path; -+ } -+ - if (grub_ieee1275_finddevice (devpath, &dev)) - { - grub_free (devpath); -@@ -491,25 +521,18 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) - return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "not a block device"); - } - -+ -+ finish: - /* XXX: There is no property to read the number of blocks. There - should be a property `#blocks', but it is not there. Perhaps it - is possible to use seek for this. */ - disk->total_sectors = GRUB_DISK_SIZE_UNKNOWN; - - { -- struct ofdisk_hash_ent *op; -- op = ofdisk_hash_find (devpath); -- if (!op) -- op = ofdisk_hash_add (devpath, NULL); -- if (!op) -- { -- grub_free (devpath); -- return grub_errno; -- } - disk->id = (unsigned long) op; - disk->data = op->open_path; - -- err = grub_ofdisk_get_block_size (devpath, &block_size, op); -+ err = grub_ofdisk_get_block_size (&block_size, op); - if (err) - { - grub_free (devpath); -@@ -532,13 +555,6 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) - static void - grub_ofdisk_close (grub_disk_t disk) - { -- if (disk->data == last_devpath) -- { -- if (last_ihandle) -- grub_ieee1275_close (last_ihandle); -- last_ihandle = 0; -- last_devpath = NULL; -- } - disk->data = 0; - } - -@@ -685,7 +701,7 @@ grub_ofdisk_init (void) - } - - static grub_err_t --grub_ofdisk_get_block_size (const char *device, grub_uint32_t *block_size, -+grub_ofdisk_get_block_size (grub_uint32_t *block_size, - struct ofdisk_hash_ent *op) - { - struct size_args_ieee1275 -@@ -698,16 +714,6 @@ grub_ofdisk_get_block_size (const char *device, grub_uint32_t *block_size, - grub_ieee1275_cell_t size2; - } args_ieee1275; - -- if (last_ihandle) -- grub_ieee1275_close (last_ihandle); -- -- last_ihandle = 0; -- last_devpath = NULL; -- -- grub_ieee1275_open (device, &last_ihandle); -- if (! last_ihandle) -- return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); -- - *block_size = 0; - - if (op->block_size_fails >= 2) diff --git a/0159-ieee1275-powerpc-implements-fibre-channel-discovery-.patch b/0159-ieee1275-powerpc-implements-fibre-channel-discovery-.patch deleted file mode 100644 index 9fa02bb1748cd09b8bc33e536d1736bca49b5c96..0000000000000000000000000000000000000000 --- a/0159-ieee1275-powerpc-implements-fibre-channel-discovery-.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Diego Domingos -Date: Mon, 14 Dec 2020 17:45:28 +0100 -Subject: [PATCH] ieee1275/powerpc: implements fibre channel discovery for - ofpathname - -grub-ofpathname doesn't work with fibre channel because there is no -function currently implemented for it. -This patch enables it by prividing a function that looks for the port -name, building the entire path for OF devices. - -Signed-off-by: Diego Domingos ---- - grub-core/osdep/linux/ofpath.c | 49 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 49 insertions(+) - -diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c -index a6153d35954..0f5d54e9f2d 100644 ---- a/grub-core/osdep/linux/ofpath.c -+++ b/grub-core/osdep/linux/ofpath.c -@@ -350,6 +350,38 @@ of_path_of_ide(const char *sys_devname __attribute__((unused)), const char *devi - return ret; - } - -+ -+static void -+of_fc_port_name(const char *path, const char *subpath, char *port_name) -+{ -+ char *bname, *basepath, *p; -+ int fd; -+ -+ bname = xmalloc(sizeof(char)*150); -+ basepath = xmalloc(strlen(path)); -+ -+ /* Generate the path to get port name information from the drive */ -+ strncpy(basepath,path,subpath-path); -+ basepath[subpath-path-1] = '\0'; -+ p = get_basename(basepath); -+ snprintf(bname,sizeof(char)*150,"%s/fc_transport/%s/port_name",basepath,p); -+ -+ /* Read the information from the port name */ -+ fd = open (bname, O_RDONLY); -+ if (fd < 0) -+ grub_util_error (_("cannot open `%s': %s"), bname, strerror (errno)); -+ -+ if (read(fd,port_name,sizeof(char)*19) < 0) -+ grub_util_error (_("cannot read `%s': %s"), bname, strerror (errno)); -+ -+ sscanf(port_name,"0x%s",port_name); -+ -+ close(fd); -+ -+ free(bname); -+ free(basepath); -+} -+ - #ifdef __sparc__ - static char * - of_path_of_nvme(const char *sys_devname __attribute__((unused)), -@@ -577,6 +609,16 @@ of_path_of_scsi(const char *sys_devname __attribute__((unused)), const char *dev - digit_string = trailing_digits (device); - if (strncmp (of_path, "/vdevice/", sizeof ("/vdevice/") - 1) == 0) - { -+ if(strstr(of_path,"vfc-client")) -+ { -+ char * port_name = xmalloc(sizeof(char)*17); -+ of_fc_port_name(sysfs_path, p, port_name); -+ -+ snprintf(disk,sizeof(disk),"/%s@%s", disk_name, port_name); -+ free(port_name); -+ } -+ else -+ { - unsigned long id = 0x8000 | (tgt << 8) | (bus << 5) | lun; - if (*digit_string == '\0') - { -@@ -590,6 +632,13 @@ of_path_of_scsi(const char *sys_devname __attribute__((unused)), const char *dev - snprintf(disk, sizeof (disk), - "/%s@%04lx000000000000:%c", disk_name, id, 'a' + (part - 1)); - } -+ } -+ } else if (strstr(of_path,"fibre-channel")||(strstr(of_path,"vfc-client"))){ -+ char * port_name = xmalloc(sizeof(char)*17); -+ of_fc_port_name(sysfs_path, p, port_name); -+ -+ snprintf(disk,sizeof(disk),"/%s@%s", disk_name, port_name); -+ free(port_name); - } - else - { diff --git a/0160-ieee1275-powerpc-enables-device-mapper-discovery.patch b/0160-ieee1275-powerpc-enables-device-mapper-discovery.patch deleted file mode 100644 index 6f1c21b383fd252e4854dc3887291f85548cb242..0000000000000000000000000000000000000000 --- a/0160-ieee1275-powerpc-enables-device-mapper-discovery.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Diego Domingos -Date: Mon, 14 Dec 2020 17:47:16 +0100 -Subject: [PATCH] ieee1275/powerpc: enables device mapper discovery - -this patch enables the device mapper discovery on ofpath.c. Currently, -when we are dealing with a device like /dev/dm-* the ofpath returns null -since there is no function implemented to handle this case. - -This patch implements a function that will look into /sys/block/dm-* -devices and search recursively inside slaves directory to find the root -disk. - -Signed-off-by: Diego Domingos ---- - grub-core/osdep/linux/ofpath.c | 64 +++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 63 insertions(+), 1 deletion(-) - -diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c -index 0f5d54e9f2d..cc849d9c94c 100644 ---- a/grub-core/osdep/linux/ofpath.c -+++ b/grub-core/osdep/linux/ofpath.c -@@ -37,6 +37,7 @@ - #include - #include - #include -+#include - - #ifdef __sparc__ - typedef enum -@@ -755,13 +756,74 @@ strip_trailing_digits (const char *p) - return new; - } - -+static char * -+get_slave_from_dm(const char * device){ -+ char *curr_device, *tmp; -+ char *directory; -+ char *ret = NULL; -+ -+ directory = grub_strdup (device); -+ tmp = get_basename(directory); -+ curr_device = grub_strdup (tmp); -+ *tmp = '\0'; -+ -+ /* Recursively check for slaves devices so we can find the root device */ -+ while ((curr_device[0] == 'd') && (curr_device[1] == 'm') && (curr_device[2] == '-')){ -+ DIR *dp; -+ struct dirent *ep; -+ char* device_path; -+ -+ device_path = grub_xasprintf ("/sys/block/%s/slaves", curr_device); -+ dp = opendir(device_path); -+ free(device_path); -+ -+ if (dp != NULL) -+ { -+ ep = readdir (dp); -+ while (ep != NULL){ -+ -+ /* avoid some system directories */ -+ if (!strcmp(ep->d_name,".")) -+ goto next_dir; -+ if (!strcmp(ep->d_name,"..")) -+ goto next_dir; -+ -+ free (curr_device); -+ free (ret); -+ curr_device = grub_strdup (ep->d_name); -+ ret = grub_xasprintf ("%s%s", directory, curr_device); -+ break; -+ -+ next_dir: -+ ep = readdir (dp); -+ continue; -+ } -+ closedir (dp); -+ } -+ else -+ grub_util_warn (_("cannot open directory `%s'"), device_path); -+ } -+ -+ free (directory); -+ free (curr_device); -+ -+ return ret; -+} -+ - char * - grub_util_devname_to_ofpath (const char *sys_devname) - { -- char *name_buf, *device, *devnode, *devicenode, *ofpath; -+ char *name_buf, *device, *devnode, *devicenode, *ofpath, *realname; - - name_buf = xrealpath (sys_devname); - -+ realname = get_slave_from_dm (name_buf); -+ if (realname) -+ { -+ free (name_buf); -+ name_buf = realname; -+ } -+ - device = get_basename (name_buf); - devnode = strip_trailing_digits (name_buf); - devicenode = strip_trailing_digits (device); diff --git a/0161-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch b/0161-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch deleted file mode 100644 index 01e7e678065830fce114171c60706ea62bc4d9ba..0000000000000000000000000000000000000000 --- a/0161-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch +++ /dev/null @@ -1,245 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Fri, 18 Dec 2020 15:39:26 +0100 -Subject: [PATCH] Add 'at_keyboard_fallback_set' var to force the set manually -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This seems required with HP DL380p Gen 8 systems. -Indeed, with this system, we can see the following sequence: - -1. controller is queried to get current configuration (returns 0x30 which is quite standard) -2. controller is queried to get the current keyboard set in used, using code 0xf0 (first part) -3. controller answers with 0xfa which means "ACK" (== ok) -4. then we send "0" to tell "we want to know which set your are supporting" -5. controller answers with 0xfa ("ACK") -6. controller should then give us 1, 2, 3 or 0x43, 0x41, 0x3f, but here it gives us 0xfe which means "NACK" - -Since there seems no way to determine the current set, and in fact the -controller expects set2 to be used, we need to rely on an environment -variable. -Everything has been tested on this system: using 0xFE (resend command), -making sure we wait for ACK in the 2 steps "write_mode", etc. - -Below is litterature I used to come up with "there is no other -solution": -- https://wiki.osdev.org/%228042%22_PS/2_Controller -- http://www-ug.eecg.toronto.edu/msl/nios_devices/datasheets/PS2%20Keyboard%20Protocol.htm -- http://www.s100computers.com/My%20System%20Pages/MSDOS%20Board/PC%20Keyboard.pdf - -Signed-off-by: Renaud Métrich -Signed-off-by: Robbie Harwood ---- - grub-core/term/at_keyboard.c | 121 ++++++++++++++++++++++++++++++++++--------- - 1 file changed, 96 insertions(+), 25 deletions(-) - -diff --git a/grub-core/term/at_keyboard.c b/grub-core/term/at_keyboard.c -index 26014382608..dac0f946fe6 100644 ---- a/grub-core/term/at_keyboard.c -+++ b/grub-core/term/at_keyboard.c -@@ -31,6 +31,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); - static grub_uint8_t grub_keyboard_controller_orig; - static grub_uint8_t grub_keyboard_orig_set; - struct grub_ps2_state ps2_state; -+static int fallback_set; - - static int ping_sent; - -@@ -76,6 +77,8 @@ at_command (grub_uint8_t data) - break; - return 0; - } -+ if (i == GRUB_AT_TRIES) -+ grub_dprintf ("atkeyb", "at_command() timed out! (stopped after %d tries)\n", i); - return (i != GRUB_AT_TRIES); - } - -@@ -105,6 +108,21 @@ grub_keyboard_controller_read (void) - - #endif - -+static int -+resend_last_result (void) -+{ -+ grub_uint8_t ret; -+ keyboard_controller_wait_until_ready (); -+ grub_dprintf ("atkeyb", "resend_last_result: sending 0xfe\n"); -+ grub_outb (0xfe, KEYBOARD_REG_DATA); -+ ret = wait_ack (); -+ grub_dprintf ("atkeyb", "resend_last_result: wait_ack() returned 0x%x\n", ret); -+ keyboard_controller_wait_until_ready (); -+ ret = grub_inb (KEYBOARD_REG_DATA); -+ grub_dprintf ("atkeyb", "resend_last_result: read 0x%x from controller\n", ret); -+ return ret; -+} -+ - static int - write_mode (int mode) - { -@@ -113,11 +131,14 @@ write_mode (int mode) - { - grub_uint8_t ack; - keyboard_controller_wait_until_ready (); -+ grub_dprintf ("atkeyb", "write_mode: sending 0xf0\n"); - grub_outb (0xf0, KEYBOARD_REG_DATA); - keyboard_controller_wait_until_ready (); -+ grub_dprintf ("atkeyb", "write_mode: sending mode %d\n", mode); - grub_outb (mode, KEYBOARD_REG_DATA); - keyboard_controller_wait_until_ready (); - ack = wait_ack (); -+ grub_dprintf ("atkeyb", "write_mode: wait_ack() returned 0x%x\n", ack); - if (ack == GRUB_AT_NACK) - continue; - if (ack == GRUB_AT_ACK) -@@ -125,6 +146,9 @@ write_mode (int mode) - return 0; - } - -+ if (i == GRUB_AT_TRIES) -+ grub_dprintf ("atkeyb", "write_mode() timed out! (stopped after %d tries)\n", i); -+ - return (i != GRUB_AT_TRIES); - } - -@@ -132,31 +156,66 @@ static int - query_mode (void) - { - grub_uint8_t ret; -+ grub_uint64_t endtime; -+ unsigned i; - int e; -+ char *envvar; - -- e = write_mode (0); -- if (!e) { -- grub_dprintf("atkeyb", "query_mode: write_mode(0) failed\n"); -- return 0; -- } -+ for (i = 0; i < GRUB_AT_TRIES; i++) { -+ grub_dprintf ("atkeyb", "query_mode: sending command to controller\n"); -+ e = write_mode (0); -+ if (!e) { -+ grub_dprintf ("atkeyb", "query_mode: write_mode(0) failed\n"); -+ return 0; -+ } - -- do { -- keyboard_controller_wait_until_ready (); -- ret = grub_inb (KEYBOARD_REG_DATA); -- } while (ret == GRUB_AT_ACK); -- /* QEMU translates the set even in no-translate mode. */ -- if (ret == 0x43 || ret == 1) { -- grub_dprintf("atkeyb", "query_mode: returning 1 (ret=0x%x)\n", ret); -- return 1; -- } -- if (ret == 0x41 || ret == 2) { -- grub_dprintf("atkeyb", "query_mode: returning 2 (ret=0x%x)\n", ret); -- return 2; -+ endtime = grub_get_time_ms () + 20; -+ do { -+ keyboard_controller_wait_until_ready (); -+ ret = grub_inb (KEYBOARD_REG_DATA); -+ grub_dprintf ("atkeyb", "query_mode/loop: read 0x%x from controller\n", ret); -+ } while ((ret == GRUB_AT_ACK || ret == GRUB_AT_NACK) && grub_get_time_ms () < endtime); -+ if (ret == 0xfe) { -+ grub_dprintf ("atkeyb", "query_mode: asking controller to resend last result\n"); -+ ret = resend_last_result(); -+ grub_dprintf ("atkeyb", "query_mode: read 0x%x from controller\n", ret); -+ } -+ /* QEMU translates the set even in no-translate mode. */ -+ if (ret == 0x43 || ret == 1) { -+ grub_dprintf ("atkeyb", "query_mode: controller returned 0x%x, returning 1\n", ret); -+ return 1; -+ } -+ if (ret == 0x41 || ret == 2) { -+ grub_dprintf ("atkeyb", "query_mode: controller returned 0x%x, returning 2\n", ret); -+ return 2; -+ } -+ if (ret == 0x3f || ret == 3) { -+ grub_dprintf ("atkeyb", "query_mode: controller returned 0x%x, returning 3\n", ret); -+ return 3; -+ } -+ grub_dprintf ("atkeyb", "query_mode: controller returned unexpected value 0x%x, retrying\n", ret); - } -- if (ret == 0x3f || ret == 3) { -- grub_dprintf("atkeyb", "query_mode: returning 3 (ret=0x%x)\n", ret); -- return 3; -+ -+ /* -+ * Falling here means we tried querying and the controller returned something -+ * we don't understand, try to use 'at_keyboard_fallback_set' if it exists, -+ * otherwise return 0. -+ */ -+ envvar = grub_env_get ("at_keyboard_fallback_set"); -+ if (envvar) { -+ fallback_set = grub_strtoul (envvar, 0, 10); -+ if ((grub_errno) || (fallback_set < 1) || (fallback_set > 3)) { -+ grub_dprintf ("atkeyb", "WARNING: ignoring unexpected value '%s' for '%s' variable\n", -+ envvar, "at_keyboard_fallback_set"); -+ fallback_set = 0; -+ } else { -+ grub_dprintf ("atkeyb", "query_mode: '%s' specified in environment, returning %d\n", -+ "at_keyboard_fallback_set", fallback_set); -+ } -+ return fallback_set; - } -+ grub_dprintf ("atkeyb", "WARNING: no '%s' specified in environment, returning 0\n", -+ "at_keyboard_fallback_set"); - return 0; - } - -@@ -165,14 +224,25 @@ set_scancodes (void) - { - /* You must have visited computer museum. Keyboard without scancode set - knowledge. Assume XT. */ -- if (!grub_keyboard_orig_set) -- { -- grub_dprintf ("atkeyb", "No sets support assumed\n"); -- ps2_state.current_set = 1; -+ if (!grub_keyboard_orig_set) { -+ if (fallback_set) { -+ grub_dprintf ("atkeyb", "No sets support assumed but set forced to %d\n", fallback_set); -+ ps2_state.current_set = fallback_set; - return; - } -+ grub_dprintf ("atkeyb", "No sets support assumed, forcing to set 1\n"); -+ ps2_state.current_set = 1; -+ return; -+ } - - #if !USE_SCANCODE_SET -+ if (fallback_set) { -+ grub_dprintf ("atkeyb", "queried set is %d but set forced to %d\n", -+ grub_keyboard_orig_set, fallback_set); -+ ps2_state.current_set = fallback_set; -+ return; -+ } -+ - if ((grub_keyboard_controller_orig & KEYBOARD_AT_TRANSLATE) == KEYBOARD_AT_TRANSLATE) { - grub_dprintf ("atkeyb", "queried set is %d but keyboard in Translate mode, so actually in set 1\n", grub_keyboard_orig_set); - ps2_state.current_set = 1; -@@ -261,6 +331,7 @@ grub_at_keyboard_getkey (struct grub_term_input *term __attribute__ ((unused))) - static void - grub_keyboard_controller_init (void) - { -+ grub_dprintf ("atkeyb", "initializing the controller\n"); - ps2_state.at_keyboard_status = 0; - /* Drain input buffer. */ - while (1) -@@ -282,6 +353,7 @@ grub_keyboard_controller_init (void) - grub_keyboard_controller_orig = grub_keyboard_controller_read (); - grub_dprintf ("atkeyb", "grub_keyboard_controller_orig = 0x%x\n", grub_keyboard_controller_orig); - grub_keyboard_orig_set = query_mode (); -+ grub_dprintf ("atkeyb", "grub_keyboard_orig_set = %d\n", grub_keyboard_orig_set); - #endif - set_scancodes (); - keyboard_controller_led (ps2_state.led_status); -@@ -329,7 +401,6 @@ grub_at_restore_hw (void) - return GRUB_ERR_NONE; - } - -- - static struct grub_term_input grub_at_keyboard_term = - { - .name = "at_keyboard", diff --git a/0162-Add-suport-for-signing-grub-with-an-appended-signatu.patch b/0162-Add-suport-for-signing-grub-with-an-appended-signatu.patch deleted file mode 100644 index caab8d58080c155afbe7998d11c9078e2a5cca0e..0000000000000000000000000000000000000000 --- a/0162-Add-suport-for-signing-grub-with-an-appended-signatu.patch +++ /dev/null @@ -1,316 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Rashmica Gupta -Date: Thu, 11 Jun 2020 11:26:23 +1000 -Subject: [PATCH] Add suport for signing grub with an appended signature - -Add infrastructure to allow firmware to verify the integrity of grub -by use of a Linux-kernel-module-style appended signature. We initially -target powerpc-ieee1275, but the code should be extensible to other -platforms. - -Usually these signatures are appended to a file without modifying the -ELF file itself. (This is what the 'sign-file' tool does, for example.) -The verifier loads the signed file from the file system and looks at the -end of the file for the appended signature. However, on powerpc-ieee1275 -platforms, the bootloader is often stored directly in the PReP partition -as raw bytes without a file-system. This makes determining the location -of an appended signature more difficult. - -To address this, we add a new ELF note. - -The name field of shall be the string "Appended-Signature", zero-padded -to 4 byte alignment. The type field shall be 0x41536967 (the ASCII values -for the string "ASig"). It must be the final section in the ELF binary. - -The description shall contain the appended signature structure as defined -by the Linux kernel. The description will also be padded to be a multiple -of 4 bytes. The padding shall be added before the appended signature -structure (not at the end) so that the final bytes of a signed ELF file -are the appended signature magic. - -A subsequent patch documents how to create a grub core.img validly signed -under this scheme. - -Signed-off-by: Daniel Axtens -Signed-off-by: Rashmica Gupta - ---- - -You can experiment with this code with a patched version of SLOF -that verifies these signatures. You can find one at: - https://github.com/daxtens/SLOF - -I will be proposing this for inclusion in a future Power Architecture -Platform Reference (PAPR). ---- - util/grub-install-common.c | 18 ++++++++++++++++-- - util/grub-mkimage.c | 15 +++++++++++++-- - util/grub-mkimagexx.c | 39 ++++++++++++++++++++++++++++++++++++++- - util/mkimage.c | 13 +++++++------ - include/grub/util/install.h | 8 ++++++-- - include/grub/util/mkimage.h | 4 ++-- - 6 files changed, 82 insertions(+), 15 deletions(-) - -diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index 4e212e690c5..aab2a941f85 100644 ---- a/util/grub-install-common.c -+++ b/util/grub-install-common.c -@@ -461,10 +461,12 @@ static size_t npubkeys; - static char *sbat; - static int disable_shim_lock; - static grub_compression_t compression; -+static size_t appsig_size; - - int - grub_install_parse (int key, char *arg) - { -+ const char *end; - switch (key) - { - case 'C': -@@ -562,6 +564,12 @@ grub_install_parse (int key, char *arg) - grub_util_error (_("Unrecognized compression `%s'"), arg); - case GRUB_INSTALL_OPTIONS_GRUB_MKIMAGE: - return 1; -+ case GRUB_INSTALL_OPTIONS_APPENDED_SIGNATURE_SIZE: -+ grub_errno = 0; -+ appsig_size = grub_strtol(arg, &end, 10); -+ if (grub_errno) -+ return 0; -+ return 1; - default: - return 0; - } -@@ -665,7 +673,13 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, - dir, prefix, - outname, dtb ? : "", sbat ? : "", mkimage_target, - compnames[compression], note ? "--note" : "", -- disable_shim_lock ? "--disable-shim-lock" : "", s); -+ disable_shim_lock ? "--disable-shim-lock" : "", -+ "--format '%s' --compression '%s' " -+ "--appended-signature-size %zu %s %s\n", -+ dir, prefix, -+ outname, dtb ? : "", mkimage_target, -+ compnames[compression], appsig_size, -+ note ? "--note" : "", s); - free (s); - - tgt = grub_install_get_image_target (mkimage_target); -@@ -675,7 +689,7 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, - grub_install_generate_image (dir, prefix, fp, outname, - modules.entries, memdisk_path, - pubkeys, npubkeys, config_path, tgt, -- note, compression, dtb, sbat, -+ note, appsig_size, compression, dtb, sbat, - disable_shim_lock); - while (dc--) - grub_install_pop_module (); -diff --git a/util/grub-mkimage.c b/util/grub-mkimage.c -index c0d55993702..8a53310548b 100644 ---- a/util/grub-mkimage.c -+++ b/util/grub-mkimage.c -@@ -84,6 +84,7 @@ static struct argp_option options[] = { - {"sbat", 's', N_("FILE"), 0, N_("SBAT metadata"), 0}, - {"disable-shim-lock", GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK, 0, 0, N_("disable shim_lock verifier"), 0}, - {"verbose", 'v', 0, 0, N_("print verbose messages."), 0}, -+ {"appended-signature-size", 'S', N_("SIZE"), 0, N_("Add a note segment reserving SIZE bytes for an appended signature"), 0}, - { 0, 0, 0, 0, 0, 0 } - }; - -@@ -128,6 +129,7 @@ struct arguments - char *sbat; - int note; - int disable_shim_lock; -+ size_t appsig_size; - const struct grub_install_image_target_desc *image_target; - grub_compression_t comp; - }; -@@ -138,6 +140,7 @@ argp_parser (int key, char *arg, struct argp_state *state) - /* Get the input argument from argp_parse, which we - know is a pointer to our arguments structure. */ - struct arguments *arguments = state->input; -+ const char* end; - - switch (key) - { -@@ -170,6 +173,13 @@ argp_parser (int key, char *arg, struct argp_state *state) - arguments->note = 1; - break; - -+ case 'S': -+ grub_errno = 0; -+ arguments->appsig_size = grub_strtol(arg, &end, 10); -+ if (grub_errno) -+ return 0; -+ break; -+ - case 'm': - if (arguments->memdisk) - free (arguments->memdisk); -@@ -324,8 +334,9 @@ main (int argc, char *argv[]) - arguments.memdisk, arguments.pubkeys, - arguments.npubkeys, arguments.config, - arguments.image_target, arguments.note, -- arguments.comp, arguments.dtb, -- arguments.sbat, arguments.disable_shim_lock); -+ arguments.appsig_size, arguments.comp, -+ arguments.dtb, arguments.sbat, -+ arguments.disable_shim_lock); - - if (grub_util_file_sync (fp) < 0) - grub_util_error (_("cannot sync `%s': %s"), arguments.output ? : "stdout", -diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c -index d78fa3e5330..393119486d3 100644 ---- a/util/grub-mkimagexx.c -+++ b/util/grub-mkimagexx.c -@@ -84,6 +84,15 @@ struct grub_ieee1275_note - struct grub_ieee1275_note_desc descriptor; - }; - -+#define GRUB_APPENDED_SIGNATURE_NOTE_NAME "Appended-Signature" -+#define GRUB_APPENDED_SIGNATURE_NOTE_TYPE 0x41536967 /* "ASig" */ -+ -+struct grub_appended_signature_note -+{ -+ Elf32_Nhdr header; -+ char name[ALIGN_UP(sizeof (GRUB_APPENDED_SIGNATURE_NOTE_NAME), 4)]; -+}; -+ - #define GRUB_XEN_NOTE_NAME "Xen" - - struct fixup_block_list -@@ -207,7 +216,7 @@ grub_arm_reloc_jump24 (grub_uint32_t *target, Elf32_Addr sym_addr) - - void - SUFFIX (grub_mkimage_generate_elf) (const struct grub_install_image_target_desc *image_target, -- int note, char **core_img, size_t *core_size, -+ int note, size_t appsig_size, char **core_img, size_t *core_size, - Elf_Addr target_addr, - struct grub_mkimage_layout *layout) - { -@@ -221,6 +230,12 @@ SUFFIX (grub_mkimage_generate_elf) (const struct grub_install_image_target_desc - int shnum = 4; - int string_size = sizeof (".text") + sizeof ("mods") + 1; - -+ if (appsig_size) -+ { -+ phnum++; -+ footer_size += ALIGN_UP(sizeof (struct grub_appended_signature_note) + appsig_size, 4); -+ } -+ - if (image_target->id != IMAGE_LOONGSON_ELF) - phnum += 2; - -@@ -484,6 +499,28 @@ SUFFIX (grub_mkimage_generate_elf) (const struct grub_install_image_target_desc - phdr->p_offset = grub_host_to_target32 (header_size + program_size); - } - -+ if (appsig_size) { -+ int note_size = ALIGN_UP(sizeof (struct grub_appended_signature_note) + appsig_size, 4); -+ struct grub_appended_signature_note *note_ptr = (struct grub_appended_signature_note *) -+ (elf_img + program_size + header_size + (note ? sizeof (struct grub_ieee1275_note) : 0)); -+ -+ note_ptr->header.n_namesz = grub_host_to_target32 (sizeof (GRUB_APPENDED_SIGNATURE_NOTE_NAME)); -+ /* needs to sit at the end, so we round this up and sign some zero padding */ -+ note_ptr->header.n_descsz = grub_host_to_target32 (ALIGN_UP(appsig_size, 4)); -+ note_ptr->header.n_type = grub_host_to_target32 (GRUB_APPENDED_SIGNATURE_NOTE_TYPE); -+ strcpy (note_ptr->name, GRUB_APPENDED_SIGNATURE_NOTE_NAME); -+ -+ phdr++; -+ phdr->p_type = grub_host_to_target32 (PT_NOTE); -+ phdr->p_flags = grub_host_to_target32 (PF_R); -+ phdr->p_align = grub_host_to_target32 (image_target->voidp_sizeof); -+ phdr->p_vaddr = 0; -+ phdr->p_paddr = 0; -+ phdr->p_filesz = grub_host_to_target32 (note_size); -+ phdr->p_memsz = 0; -+ phdr->p_offset = grub_host_to_target32 (header_size + program_size + (note ? sizeof (struct grub_ieee1275_note) : 0)); -+ } -+ - { - char *str_start = (elf_img + sizeof (*ehdr) + phnum * sizeof (*phdr) - + shnum * sizeof (*shdr)); -diff --git a/util/mkimage.c b/util/mkimage.c -index a26cf76f72f..bab12276010 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -869,8 +869,9 @@ grub_install_generate_image (const char *dir, const char *prefix, - char *memdisk_path, char **pubkey_paths, - size_t npubkeys, char *config_path, - const struct grub_install_image_target_desc *image_target, -- int note, grub_compression_t comp, const char *dtb_path, -- const char *sbat_path, int disable_shim_lock) -+ int note, size_t appsig_size, grub_compression_t comp, -+ const char *dtb_path, const char *sbat_path, -+ int disable_shim_lock) - { - char *kernel_img, *core_img; - size_t total_module_size, core_size; -@@ -1773,11 +1774,11 @@ grub_install_generate_image (const char *dir, const char *prefix, - else - target_addr = image_target->link_addr; - if (image_target->voidp_sizeof == 4) -- grub_mkimage_generate_elf32 (image_target, note, &core_img, &core_size, -- target_addr, &layout); -+ grub_mkimage_generate_elf32 (image_target, note, appsig_size, &core_img, -+ &core_size, target_addr, &layout); - else -- grub_mkimage_generate_elf64 (image_target, note, &core_img, &core_size, -- target_addr, &layout); -+ grub_mkimage_generate_elf64 (image_target, note, appsig_size, &core_img, -+ &core_size, target_addr, &layout); - } - break; - } -diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index 7df3191f47e..cf4531e02b6 100644 ---- a/include/grub/util/install.h -+++ b/include/grub/util/install.h -@@ -67,6 +67,9 @@ - N_("SBAT metadata"), 0 }, \ - { "disable-shim-lock", GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK, 0, 0, \ - N_("disable shim_lock verifier"), 0 }, \ -+ { "appended-signature-size", GRUB_INSTALL_OPTIONS_APPENDED_SIGNATURE_SIZE,\ -+ "SIZE", 0, N_("Add a note segment reserving SIZE bytes for an appended signature"), \ -+ 1}, \ - { "verbose", 'v', 0, 0, \ - N_("print verbose messages."), 1 } - -@@ -128,7 +131,8 @@ enum grub_install_options { - GRUB_INSTALL_OPTIONS_INSTALL_CORE_COMPRESS, - GRUB_INSTALL_OPTIONS_DTB, - GRUB_INSTALL_OPTIONS_SBAT, -- GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK -+ GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK, -+ GRUB_INSTALL_OPTIONS_APPENDED_SIGNATURE_SIZE - }; - - extern char *grub_install_source_directory; -@@ -188,7 +192,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - size_t npubkeys, - char *config_path, - const struct grub_install_image_target_desc *image_target, -- int note, -+ int note, size_t appsig_size, - grub_compression_t comp, const char *dtb_file, - const char *sbat_path, const int disable_shim_lock); - -diff --git a/include/grub/util/mkimage.h b/include/grub/util/mkimage.h -index 3819a67441c..6f1da89b9b6 100644 ---- a/include/grub/util/mkimage.h -+++ b/include/grub/util/mkimage.h -@@ -51,12 +51,12 @@ grub_mkimage_load_image64 (const char *kernel_path, - const struct grub_install_image_target_desc *image_target); - void - grub_mkimage_generate_elf32 (const struct grub_install_image_target_desc *image_target, -- int note, char **core_img, size_t *core_size, -+ int note, size_t appsig_size, char **core_img, size_t *core_size, - Elf32_Addr target_addr, - struct grub_mkimage_layout *layout); - void - grub_mkimage_generate_elf64 (const struct grub_install_image_target_desc *image_target, -- int note, char **core_img, size_t *core_size, -+ int note, size_t appsig_size, char **core_img, size_t *core_size, - Elf64_Addr target_addr, - struct grub_mkimage_layout *layout); - diff --git a/0163-docs-grub-Document-signing-grub-under-UEFI.patch b/0163-docs-grub-Document-signing-grub-under-UEFI.patch deleted file mode 100644 index 9b9b19a718dfbb331b8af80c9c8bf0bd7100c3b7..0000000000000000000000000000000000000000 --- a/0163-docs-grub-Document-signing-grub-under-UEFI.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Sat, 15 Aug 2020 02:00:57 +1000 -Subject: [PATCH] docs/grub: Document signing grub under UEFI - -Before adding information about how grub is signed with an appended -signature scheme, it's worth adding some information about how it -can currently be signed for UEFI. - -Signed-off-by: Daniel Axtens ---- - docs/grub.texi | 22 +++++++++++++++++++++- - 1 file changed, 21 insertions(+), 1 deletion(-) - -diff --git a/docs/grub.texi b/docs/grub.texi -index 4870faaa00a..365d1d6931b 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -5817,6 +5817,7 @@ environment variables and commands are listed in the same order. - * Secure Boot Advanced Targeting:: Embedded information for generation number based revocation - * Measured Boot:: Measuring boot components - * Lockdown:: Lockdown when booting on a secure setup -+* Signing GRUB itself:: Ensuring the integrity of the GRUB core image - @end menu - - @node Authentication and authorisation -@@ -5895,7 +5896,7 @@ commands. - - GRUB's @file{core.img} can optionally provide enforcement that all files - subsequently read from disk are covered by a valid digital signature. --This document does @strong{not} cover how to ensure that your -+This section does @strong{not} cover how to ensure that your - platform's firmware (e.g., Coreboot) validates @file{core.img}. - - If environment variable @code{check_signatures} -@@ -6067,6 +6068,25 @@ be restricted and some operations/commands cannot be executed. - The @samp{lockdown} variable is set to @samp{y} when the GRUB is locked down. - Otherwise it does not exit. - -+@node Signing GRUB itself -+@section Signing GRUB itself -+ -+To ensure a complete secure-boot chain, there must be a way for the code that -+loads GRUB to verify the integrity of the core image. -+ -+This is ultimately platform-specific and individual platforms can define their -+own mechanisms. However, there are general-purpose mechanisms that can be used -+with GRUB. -+ -+@section Signing GRUB for UEFI secure boot -+ -+On UEFI platforms, @file{core.img} is a PE binary. Therefore, it can be signed -+with a tool such as @command{pesign} or @command{sbsign}. Refer to the -+suggestions in @pxref{UEFI secure boot and shim} to ensure that the final -+image works under UEFI secure boot and can maintain the secure-boot chain. It -+will also be necessary to enrol the public key used into a relevant firmware -+key database. -+ - @node Platform limitations - @chapter Platform limitations - diff --git a/0164-docs-grub-Document-signing-grub-with-an-appended-sig.patch b/0164-docs-grub-Document-signing-grub-with-an-appended-sig.patch deleted file mode 100644 index 4d85d93822a8d109216b1730482e0695498c3810..0000000000000000000000000000000000000000 --- a/0164-docs-grub-Document-signing-grub-with-an-appended-sig.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Sat, 15 Aug 2020 02:19:36 +1000 -Subject: [PATCH] docs/grub: Document signing grub with an appended signature - -Signing grub for firmware that verifies an appended signature is a -bit fiddly. I don't want people to have to figure it out from scratch -so document it here. - -Signed-off-by: Daniel Axtens ---- - docs/grub.texi | 42 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 42 insertions(+) - -diff --git a/docs/grub.texi b/docs/grub.texi -index 365d1d6931b..afbde7c1f7b 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -6087,6 +6087,48 @@ image works under UEFI secure boot and can maintain the secure-boot chain. It - will also be necessary to enrol the public key used into a relevant firmware - key database. - -+@section Signing GRUB with an appended signature -+ -+The @file{core.elf} itself can be signed with a Linux kernel module-style -+appended signature. -+ -+To support IEEE1275 platforms where the boot image is often loaded directly -+from a disk partition rather than from a file system, the @file{core.elf} -+can specify the size and location of the appended signature with an ELF -+note added by @command{grub-install}. -+ -+An image can be signed this way using the @command{sign-file} command from -+the Linux kernel: -+ -+@example -+@group -+# grub.key is your private key and certificate.der is your public key -+ -+# Determine the size of the appended signature. It depends on the signing -+# certificate and the hash algorithm -+touch empty -+sign-file SHA256 grub.key certificate.der empty empty.sig -+SIG_SIZE=`stat -c '%s' empty.sig` -+rm empty empty.sig -+ -+# Build a grub image with $SIG_SIZE reserved for the signature -+grub-install --appended-signature-size $SIG_SIZE --modules="..." ... -+ -+# Replace the reserved size with a signature: -+# cut off the last $SIG_SIZE bytes with truncate's minus modifier -+truncate -s -$SIG_SIZE /boot/grub/powerpc-ieee1275/core.elf core.elf.unsigned -+# sign the trimmed file with an appended signature, restoring the correct size -+sign-file SHA256 grub.key certificate.der core.elf.unsigned core.elf.signed -+ -+# Don't forget to install the signed image as required -+# (e.g. on powerpc-ieee1275, to the PReP partition) -+@end group -+@end example -+ -+As with UEFI secure boot, it is necessary to build in the required modules, -+or sign them separately. -+ -+ - @node Platform limitations - @chapter Platform limitations - diff --git a/0165-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch b/0165-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch deleted file mode 100644 index 6e46db010f1c517e287009efbc1147102de1879b..0000000000000000000000000000000000000000 --- a/0165-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 30 Jul 2020 00:13:21 +1000 -Subject: [PATCH] dl: provide a fake grub_dl_set_persistent for the emu target - -Trying to start grub-emu with a module that calls grub_dl_set_persistent -will crash because grub-emu fakes modules and passes NULL to the module -init function. - -Provide an empty function for the emu case. - -Fixes: ee7808e2197c (dl: Add support for persistent modules) -Signed-off-by: Daniel Axtens ---- - include/grub/dl.h | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/include/grub/dl.h b/include/grub/dl.h -index 2f76e6b0437..20d870f2a47 100644 ---- a/include/grub/dl.h -+++ b/include/grub/dl.h -@@ -245,11 +245,22 @@ grub_dl_get (const char *name) - return 0; - } - -+#ifdef GRUB_MACHINE_EMU -+/* -+ * Under grub-emu, modules are faked and NULL is passed to GRUB_MOD_INIT. -+ * So we fake this out to avoid a NULL deref. -+ */ -+static inline void -+grub_dl_set_persistent (grub_dl_t mod __attribute__((unused))) -+{ -+} -+#else - static inline void - grub_dl_set_persistent (grub_dl_t mod) - { - mod->persistent = 1; - } -+#endif - - static inline int - grub_dl_is_persistent (grub_dl_t mod) diff --git a/0166-pgp-factor-out-rsa_pad.patch b/0166-pgp-factor-out-rsa_pad.patch deleted file mode 100644 index a8154e7496544e078887cdd3d1aee8c9ad274ddd..0000000000000000000000000000000000000000 --- a/0166-pgp-factor-out-rsa_pad.patch +++ /dev/null @@ -1,191 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 1 Oct 2020 20:23:48 +1000 -Subject: [PATCH] pgp: factor out rsa_pad - -rsa_pad does the PKCS#1 v1.5 padding for the RSA signature scheme. -We want to use it in other RSA signature verification applications. - -I considered and rejected putting it in lib/crypto.c. That file doesn't -currently require any MPI functions, but rsa_pad does. That's not so -much of a problem for the grub kernel and modules, but crypto.c also -gets built into all the grub utilities. So - despite the utils not -using any asymmetric ciphers - we would need to built the entire MPI -infrastructure in to them. - -A better and simpler solution is just to spin rsa_pad out into its own -PKCS#1 v1.5 module. - -Signed-off-by: Daniel Axtens ---- - grub-core/Makefile.core.def | 8 ++++++ - grub-core/commands/pgp.c | 28 ++------------------- - grub-core/lib/pkcs1_v15.c | 59 +++++++++++++++++++++++++++++++++++++++++++++ - include/grub/pkcs1_v15.h | 27 +++++++++++++++++++++ - 4 files changed, 96 insertions(+), 26 deletions(-) - create mode 100644 grub-core/lib/pkcs1_v15.c - create mode 100644 include/grub/pkcs1_v15.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 81fc274148e..97347ae76f9 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2510,6 +2510,14 @@ module = { - cppflags = '$(CPPFLAGS_GCRY)'; - }; - -+module = { -+ name = pkcs1_v15; -+ common = lib/pkcs1_v15.c; -+ -+ cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare'; -+ cppflags = '$(CPPFLAGS_GCRY)'; -+}; -+ - module = { - name = all_video; - common = lib/fake_module.c; -diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c -index 5daa1e9d00c..2408db4994f 100644 ---- a/grub-core/commands/pgp.c -+++ b/grub-core/commands/pgp.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -411,32 +412,7 @@ static int - rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, - const gcry_md_spec_t *hash, struct grub_public_subkey *sk) - { -- grub_size_t tlen, emlen, fflen; -- grub_uint8_t *em, *emptr; -- unsigned nbits = gcry_mpi_get_nbits (sk->mpis[0]); -- int ret; -- tlen = hash->mdlen + hash->asnlen; -- emlen = (nbits + 7) / 8; -- if (emlen < tlen + 11) -- return 1; -- -- em = grub_malloc (emlen); -- if (!em) -- return 1; -- -- em[0] = 0x00; -- em[1] = 0x01; -- fflen = emlen - tlen - 3; -- for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) -- *emptr = 0xff; -- *emptr++ = 0x00; -- grub_memcpy (emptr, hash->asnoid, hash->asnlen); -- emptr += hash->asnlen; -- grub_memcpy (emptr, hval, hash->mdlen); -- -- ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); -- grub_free (em); -- return ret; -+ return grub_crypto_rsa_pad(hmpi, hval, hash, sk->mpis[0]); - } - - struct grub_pubkey_context -diff --git a/grub-core/lib/pkcs1_v15.c b/grub-core/lib/pkcs1_v15.c -new file mode 100644 -index 00000000000..dbacd563d01 ---- /dev/null -+++ b/grub-core/lib/pkcs1_v15.c -@@ -0,0 +1,59 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2013 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+/* -+ * Given a hash value 'hval', of hash specification 'hash', perform -+ * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' -+ * (see RFC 8017 s 9.2) and place the result in 'hmpi'. -+ */ -+gcry_err_code_t -+grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, -+ const gcry_md_spec_t * hash, gcry_mpi_t mod) -+{ -+ grub_size_t tlen, emlen, fflen; -+ grub_uint8_t *em, *emptr; -+ unsigned nbits = gcry_mpi_get_nbits (mod); -+ int ret; -+ tlen = hash->mdlen + hash->asnlen; -+ emlen = (nbits + 7) / 8; -+ if (emlen < tlen + 11) -+ return GPG_ERR_TOO_SHORT; -+ -+ em = grub_malloc (emlen); -+ if (!em) -+ return 1; -+ -+ em[0] = 0x00; -+ em[1] = 0x01; -+ fflen = emlen - tlen - 3; -+ for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) -+ *emptr = 0xff; -+ *emptr++ = 0x00; -+ grub_memcpy (emptr, hash->asnoid, hash->asnlen); -+ emptr += hash->asnlen; -+ grub_memcpy (emptr, hval, hash->mdlen); -+ -+ ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); -+ grub_free (em); -+ return ret; -+} -diff --git a/include/grub/pkcs1_v15.h b/include/grub/pkcs1_v15.h -new file mode 100644 -index 00000000000..5c338c84a15 ---- /dev/null -+++ b/include/grub/pkcs1_v15.h -@@ -0,0 +1,27 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2013 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+/* -+ * Given a hash value 'hval', of hash specification 'hash', perform -+ * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' -+ * (See RFC 8017 s 9.2) -+ */ -+gcry_err_code_t -+grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, -+ const gcry_md_spec_t * hash, gcry_mpi_t mod); -+ diff --git a/0167-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch b/0167-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch deleted file mode 100644 index 763cdc63f966e9045a2356c42e6bf5f1f8ff7fd4..0000000000000000000000000000000000000000 --- a/0167-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 2 Oct 2020 10:49:26 +1000 -Subject: [PATCH] crypto: move storage for grub_crypto_pk_* to crypto.c - -The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the -pgp module is a bit quirky. - -include/grub/crypto.h contains: - extern struct gcry_pk_spec *grub_crypto_pk_rsa; - -commands/pgp.c contains the actual storage: - struct gcry_pk_spec *grub_crypto_pk_rsa; - -And the module itself saves to the storage in pgp.c: - GRUB_MOD_INIT(gcry_rsa) - { - grub_crypto_pk_rsa = &_gcry_pubkey_spec_rsa; - } - -This is annoying: gcry_rsa now has a dependency on pgp! - -We want to be able to bring in gcry_rsa without bringing in PGP, -so move the storage to crypto.c. - -Previously, gcry_rsa depended on pgp and mpi. Now it depends on -crypto and mpi. As pgp depends on crypto, this doesn't add any new -module dependencies using the PGP verfier. - -[FWIW, the story is different for the symmetric ciphers. cryptodisk -and friends (zfs encryption etc) use grub_crypto_lookup_cipher_by_name() -to get a cipher handle. That depends on grub_ciphers being populated -by people calling grub_cipher_register. import_gcry.py ensures that the -symmetric ciphers call it.] - -Signed-off-by: Daniel Axtens ---- - grub-core/commands/pgp.c | 4 ---- - grub-core/lib/crypto.c | 4 ++++ - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c -index 2408db4994f..355a43844ac 100644 ---- a/grub-core/commands/pgp.c -+++ b/grub-core/commands/pgp.c -@@ -147,10 +147,6 @@ const char *hashes[] = { - [0x0b] = "sha224" - }; - --struct gcry_pk_spec *grub_crypto_pk_dsa; --struct gcry_pk_spec *grub_crypto_pk_ecdsa; --struct gcry_pk_spec *grub_crypto_pk_rsa; -- - static int - dsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, - const gcry_md_spec_t *hash, struct grub_public_subkey *sk); -diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c -index ca334d5a40e..c578128a59d 100644 ---- a/grub-core/lib/crypto.c -+++ b/grub-core/lib/crypto.c -@@ -121,6 +121,10 @@ grub_md_unregister (gcry_md_spec_t *cipher) - } - } - -+struct gcry_pk_spec *grub_crypto_pk_dsa; -+struct gcry_pk_spec *grub_crypto_pk_ecdsa; -+struct gcry_pk_spec *grub_crypto_pk_rsa; -+ - void - grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in, - grub_size_t inlen) diff --git a/0168-posix_wrap-tweaks-in-preparation-for-libtasn1.patch b/0168-posix_wrap-tweaks-in-preparation-for-libtasn1.patch deleted file mode 100644 index a09cab19833a92ac4b34a3464c5b6f0d41b4ab62..0000000000000000000000000000000000000000 --- a/0168-posix_wrap-tweaks-in-preparation-for-libtasn1.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Sat, 2 May 2020 00:27:57 +1000 -Subject: [PATCH] posix_wrap: tweaks in preparation for libtasn1 - - - Define SIZEOF_UNSIGNED_LONG_INT, it's the same as - SIZEOF_UNSIGNED_LONG. - - - Define WORD_BIT, the size in bits of an int. This is a defined - in the Single Unix Specification and in gnulib's limits.h. gnulib - assumes it's 32 bits on all our platforms, including 64 bit - platforms, so we also use that value. - - - Provide strto[u]l[l] preprocessor macros that resolve to - grub_strto[u]l[l]. To avoid gcrypt redefining strtoul, we - also define HAVE_STRTOUL here. - -Signed-off-by: Daniel Axtens ---- - grub-core/lib/posix_wrap/limits.h | 1 + - grub-core/lib/posix_wrap/stdlib.h | 8 ++++++++ - grub-core/lib/posix_wrap/sys/types.h | 1 + - 3 files changed, 10 insertions(+) - -diff --git a/grub-core/lib/posix_wrap/limits.h b/grub-core/lib/posix_wrap/limits.h -index 7217138ffd6..591dbf3289d 100644 ---- a/grub-core/lib/posix_wrap/limits.h -+++ b/grub-core/lib/posix_wrap/limits.h -@@ -37,5 +37,6 @@ - #define LONG_MAX GRUB_LONG_MAX - - #define CHAR_BIT 8 -+#define WORD_BIT 32 - - #endif -diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h -index 7a8d385e973..4634db09f29 100644 ---- a/grub-core/lib/posix_wrap/stdlib.h -+++ b/grub-core/lib/posix_wrap/stdlib.h -@@ -58,4 +58,12 @@ abs (int c) - return (c >= 0) ? c : -c; - } - -+#define strtol grub_strtol -+ -+/* for libgcrypt */ -+#define HAVE_STRTOUL -+#define strtoul grub_strtoul -+ -+#define strtoull grub_strtoull -+ - #endif -diff --git a/grub-core/lib/posix_wrap/sys/types.h b/grub-core/lib/posix_wrap/sys/types.h -index 854eb0122ef..f63412c8da0 100644 ---- a/grub-core/lib/posix_wrap/sys/types.h -+++ b/grub-core/lib/posix_wrap/sys/types.h -@@ -51,6 +51,7 @@ typedef grub_uint8_t byte; - typedef grub_addr_t uintptr_t; - - #define SIZEOF_UNSIGNED_LONG GRUB_CPU_SIZEOF_LONG -+#define SIZEOF_UNSIGNED_LONG_INT GRUB_CPU_SIZEOF_LONG - #define SIZEOF_UNSIGNED_INT 4 - #define SIZEOF_UNSIGNED_LONG_LONG 8 - #define SIZEOF_UNSIGNED_SHORT 2 diff --git a/0169-libtasn1-import-libtasn1-4.16.0.patch b/0169-libtasn1-import-libtasn1-4.16.0.patch deleted file mode 100644 index 89552c884536b70ec7b130ee81660c985908119c..0000000000000000000000000000000000000000 --- a/0169-libtasn1-import-libtasn1-4.16.0.patch +++ /dev/null @@ -1,8934 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 10 Jun 2020 16:31:22 +1000 -Subject: [PATCH] libtasn1: import libtasn1-4.16.0 - -Import a very trimmed-down set of libtasn1 files: - -pushd /tmp -wget https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.16.0.tar.gz -popd -pushd grub-core/lib -mkdir libtasn1 -cp /tmp/libtasn1-4.16.0/{README.md,LICENSE} libtasn1/ -mkdir libtasn1/lib -cp /tmp/libtasn1-4.16.0/lib/{coding.c,decoding.c,element.c,element.h,errors.c,gstr.c,gstr.h,int.h,parser_aux.c,parser_aux.h,structure.c,structure.h} libtasn1/lib -cp /tmp/libtasn1-4.16.0/lib/includes/libtasn1.h ../../include/grub/ -git add libtasn1/ ../../include/grub/libtasn1.h -popd - -Signed-off-by: Daniel Axtens ---- - grub-core/lib/libtasn1/lib/coding.c | 1415 ++++++++++++++++++ - grub-core/lib/libtasn1/lib/decoding.c | 2478 +++++++++++++++++++++++++++++++ - grub-core/lib/libtasn1/lib/element.c | 1111 ++++++++++++++ - grub-core/lib/libtasn1/lib/errors.c | 100 ++ - grub-core/lib/libtasn1/lib/gstr.c | 74 + - grub-core/lib/libtasn1/lib/parser_aux.c | 1173 +++++++++++++++ - grub-core/lib/libtasn1/lib/structure.c | 1220 +++++++++++++++ - grub-core/lib/libtasn1/lib/element.h | 40 + - grub-core/lib/libtasn1/lib/gstr.h | 47 + - grub-core/lib/libtasn1/lib/int.h | 221 +++ - grub-core/lib/libtasn1/lib/parser_aux.h | 172 +++ - grub-core/lib/libtasn1/lib/structure.h | 45 + - include/grub/libtasn1.h | 588 ++++++++ - grub-core/lib/libtasn1/LICENSE | 16 + - grub-core/lib/libtasn1/README.md | 91 ++ - 15 files changed, 8791 insertions(+) - create mode 100644 grub-core/lib/libtasn1/lib/coding.c - create mode 100644 grub-core/lib/libtasn1/lib/decoding.c - create mode 100644 grub-core/lib/libtasn1/lib/element.c - create mode 100644 grub-core/lib/libtasn1/lib/errors.c - create mode 100644 grub-core/lib/libtasn1/lib/gstr.c - create mode 100644 grub-core/lib/libtasn1/lib/parser_aux.c - create mode 100644 grub-core/lib/libtasn1/lib/structure.c - create mode 100644 grub-core/lib/libtasn1/lib/element.h - create mode 100644 grub-core/lib/libtasn1/lib/gstr.h - create mode 100644 grub-core/lib/libtasn1/lib/int.h - create mode 100644 grub-core/lib/libtasn1/lib/parser_aux.h - create mode 100644 grub-core/lib/libtasn1/lib/structure.h - create mode 100644 include/grub/libtasn1.h - create mode 100644 grub-core/lib/libtasn1/LICENSE - create mode 100644 grub-core/lib/libtasn1/README.md - -diff --git a/grub-core/lib/libtasn1/lib/coding.c b/grub-core/lib/libtasn1/lib/coding.c -new file mode 100644 -index 00000000000..245ea64cf0a ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/coding.c -@@ -0,0 +1,1415 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+ -+/*****************************************************/ -+/* File: coding.c */ -+/* Description: Functions to create a DER coding of */ -+/* an ASN1 type. */ -+/*****************************************************/ -+ -+#include -+#include "parser_aux.h" -+#include -+#include "element.h" -+#include "minmax.h" -+#include -+ -+#define MAX_TAG_LEN 16 -+ -+/******************************************************/ -+/* Function : _asn1_error_description_value_not_found */ -+/* Description: creates the ErrorDescription string */ -+/* for the ASN1_VALUE_NOT_FOUND error. */ -+/* Parameters: */ -+/* node: node of the tree where the value is NULL. */ -+/* ErrorDescription: string returned. */ -+/* Return: */ -+/******************************************************/ -+static void -+_asn1_error_description_value_not_found (asn1_node node, -+ char *ErrorDescription) -+{ -+ -+ if (ErrorDescription == NULL) -+ return; -+ -+ Estrcpy (ErrorDescription, ":: value of element '"); -+ _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), -+ ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40); -+ Estrcat (ErrorDescription, "' not found"); -+ -+} -+ -+/** -+ * asn1_length_der: -+ * @len: value to convert. -+ * @der: buffer to hold the returned encoding (may be %NULL). -+ * @der_len: number of meaningful bytes of ANS (der[0]..der[der_len-1]). -+ * -+ * Creates the DER encoding of the provided length value. -+ * The @der buffer must have enough room for the output. The maximum -+ * length this function will encode is %ASN1_MAX_LENGTH_SIZE. -+ * -+ * To know the size of the DER encoding use a %NULL value for @der. -+ **/ -+void -+asn1_length_der (unsigned long int len, unsigned char *der, int *der_len) -+{ -+ int k; -+ unsigned char temp[ASN1_MAX_LENGTH_SIZE]; -+#if SIZEOF_UNSIGNED_LONG_INT > 8 -+ len &= 0xFFFFFFFFFFFFFFFF; -+#endif -+ -+ if (len < 128) -+ { -+ /* short form */ -+ if (der != NULL) -+ der[0] = (unsigned char) len; -+ *der_len = 1; -+ } -+ else -+ { -+ /* Long form */ -+ k = 0; -+ while (len) -+ { -+ temp[k++] = len & 0xFF; -+ len = len >> 8; -+ } -+ *der_len = k + 1; -+ if (der != NULL) -+ { -+ der[0] = ((unsigned char) k & 0x7F) + 128; -+ while (k--) -+ der[*der_len - 1 - k] = temp[k]; -+ } -+ } -+} -+ -+/******************************************************/ -+/* Function : _asn1_tag_der */ -+/* Description: creates the DER coding for the CLASS */ -+/* and TAG parameters. */ -+/* It is limited by the ASN1_MAX_TAG_SIZE variable */ -+/* Parameters: */ -+/* class: value to convert. */ -+/* tag_value: value to convert. */ -+/* ans: string returned. */ -+/* ans_len: number of meaningful bytes of ANS */ -+/* (ans[0]..ans[ans_len-1]). */ -+/* Return: */ -+/******************************************************/ -+static void -+_asn1_tag_der (unsigned char class, unsigned int tag_value, -+ unsigned char ans[ASN1_MAX_TAG_SIZE], int *ans_len) -+{ -+ int k; -+ unsigned char temp[ASN1_MAX_TAG_SIZE]; -+ -+ if (tag_value < 31) -+ { -+ /* short form */ -+ ans[0] = (class & 0xE0) + ((unsigned char) (tag_value & 0x1F)); -+ *ans_len = 1; -+ } -+ else -+ { -+ /* Long form */ -+ ans[0] = (class & 0xE0) + 31; -+ k = 0; -+ while (tag_value != 0) -+ { -+ temp[k++] = tag_value & 0x7F; -+ tag_value >>= 7; -+ -+ if (k > ASN1_MAX_TAG_SIZE - 1) -+ break; /* will not encode larger tags */ -+ } -+ *ans_len = k + 1; -+ while (k--) -+ ans[*ans_len - 1 - k] = temp[k] + 128; -+ ans[*ans_len - 1] -= 128; -+ } -+} -+ -+/** -+ * asn1_octet_der: -+ * @str: the input data. -+ * @str_len: STR length (str[0]..str[*str_len-1]). -+ * @der: encoded string returned. -+ * @der_len: number of meaningful bytes of DER (der[0]..der[der_len-1]). -+ * -+ * Creates a length-value DER encoding for the input data. -+ * The DER encoding of the input data will be placed in the @der variable. -+ * -+ * Note that the OCTET STRING tag is not included in the output. -+ * -+ * This function does not return any value because it is expected -+ * that @der_len will contain enough bytes to store the string -+ * plus the DER encoding. The DER encoding size can be obtained using -+ * asn1_length_der(). -+ **/ -+void -+asn1_octet_der (const unsigned char *str, int str_len, -+ unsigned char *der, int *der_len) -+{ -+ int len_len; -+ -+ if (der == NULL || str_len < 0) -+ return; -+ -+ asn1_length_der (str_len, der, &len_len); -+ memcpy (der + len_len, str, str_len); -+ *der_len = str_len + len_len; -+} -+ -+ -+/** -+ * asn1_encode_simple_der: -+ * @etype: The type of the string to be encoded (ASN1_ETYPE_) -+ * @str: the string data. -+ * @str_len: the string length -+ * @tl: the encoded tag and length -+ * @tl_len: the bytes of the @tl field -+ * -+ * Creates the DER encoding for various simple ASN.1 types like strings etc. -+ * It stores the tag and length in @tl, which should have space for at least -+ * %ASN1_MAX_TL_SIZE bytes. Initially @tl_len should contain the size of @tl. -+ * -+ * The complete DER encoding should consist of the value in @tl appended -+ * with the provided @str. -+ * -+ * Returns: %ASN1_SUCCESS if successful or an error value. -+ **/ -+int -+asn1_encode_simple_der (unsigned int etype, const unsigned char *str, -+ unsigned int str_len, unsigned char *tl, -+ unsigned int *tl_len) -+{ -+ int tag_len, len_len; -+ unsigned tlen; -+ unsigned char der_tag[ASN1_MAX_TAG_SIZE]; -+ unsigned char der_length[ASN1_MAX_LENGTH_SIZE]; -+ unsigned char *p; -+ -+ if (str == NULL) -+ return ASN1_VALUE_NOT_VALID; -+ -+ if (ETYPE_OK (etype) == 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ /* doesn't handle constructed classes */ -+ if (ETYPE_CLASS (etype) != ASN1_CLASS_UNIVERSAL) -+ return ASN1_VALUE_NOT_VALID; -+ -+ _asn1_tag_der (ETYPE_CLASS (etype), ETYPE_TAG (etype), der_tag, &tag_len); -+ -+ asn1_length_der (str_len, der_length, &len_len); -+ -+ if (tag_len <= 0 || len_len <= 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ tlen = tag_len + len_len; -+ -+ if (*tl_len < tlen) -+ return ASN1_MEM_ERROR; -+ -+ p = tl; -+ memcpy (p, der_tag, tag_len); -+ p += tag_len; -+ memcpy (p, der_length, len_len); -+ -+ *tl_len = tlen; -+ -+ return ASN1_SUCCESS; -+} -+ -+/******************************************************/ -+/* Function : _asn1_time_der */ -+/* Description: creates the DER coding for a TIME */ -+/* type (length included). */ -+/* Parameters: */ -+/* str: TIME null-terminated string. */ -+/* der: string returned. */ -+/* der_len: number of meaningful bytes of DER */ -+/* (der[0]..der[ans_len-1]). Initially it */ -+/* if must store the lenght of DER. */ -+/* Return: */ -+/* ASN1_MEM_ERROR when DER isn't big enough */ -+/* ASN1_SUCCESS otherwise */ -+/******************************************************/ -+static int -+_asn1_time_der (unsigned char *str, int str_len, unsigned char *der, -+ int *der_len) -+{ -+ int len_len; -+ int max_len; -+ -+ if (der == NULL) -+ return ASN1_VALUE_NOT_VALID; -+ -+ max_len = *der_len; -+ -+ asn1_length_der (str_len, (max_len > 0) ? der : NULL, &len_len); -+ -+ if ((len_len + str_len) <= max_len) -+ memcpy (der + len_len, str, str_len); -+ *der_len = len_len + str_len; -+ -+ if ((*der_len) > max_len) -+ return ASN1_MEM_ERROR; -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/* -+void -+_asn1_get_utctime_der(unsigned char *der,int *der_len,unsigned char *str) -+{ -+ int len_len,str_len; -+ char temp[20]; -+ -+ if(str==NULL) return; -+ str_len=asn1_get_length_der(der,*der_len,&len_len); -+ if (str_len<0) return; -+ memcpy(temp,der+len_len,str_len); -+ *der_len=str_len+len_len; -+ switch(str_len) -+ { -+ case 11: -+ temp[10]=0; -+ strcat(temp,"00+0000"); -+ break; -+ case 13: -+ temp[12]=0; -+ strcat(temp,"+0000"); -+ break; -+ case 15: -+ temp[15]=0; -+ memmove(temp+12,temp+10,6); -+ temp[10]=temp[11]='0'; -+ break; -+ case 17: -+ temp[17]=0; -+ break; -+ default: -+ return; -+ } -+ strcpy(str,temp); -+} -+*/ -+ -+static -+void encode_val(uint64_t val, unsigned char *der, int max_len, int *der_len) -+{ -+ int first, k; -+ unsigned char bit7; -+ -+ first = 0; -+ for (k = sizeof(val); k >= 0; k--) -+ { -+ bit7 = (val >> (k * 7)) & 0x7F; -+ if (bit7 || first || !k) -+ { -+ if (k) -+ bit7 |= 0x80; -+ if (max_len > (*der_len)) -+ der[*der_len] = bit7; -+ (*der_len)++; -+ first = 1; -+ } -+ } -+} -+ -+/******************************************************/ -+/* Function : _asn1_object_id_der */ -+/* Description: creates the DER coding for an */ -+/* OBJECT IDENTIFIER type (length included). */ -+/* Parameters: */ -+/* str: OBJECT IDENTIFIER null-terminated string. */ -+/* der: string returned. */ -+/* der_len: number of meaningful bytes of DER */ -+/* (der[0]..der[ans_len-1]). Initially it */ -+/* must store the length of DER. */ -+/* Return: */ -+/* ASN1_MEM_ERROR when DER isn't big enough */ -+/* ASN1_SUCCESS if succesful */ -+/* or an error value. */ -+/******************************************************/ -+static int -+_asn1_object_id_der (const char *str, unsigned char *der, int *der_len) -+{ -+ int len_len, counter, max_len; -+ char *temp, *n_end, *n_start; -+ uint64_t val, val1 = 0; -+ int str_len = _asn1_strlen (str); -+ -+ max_len = *der_len; -+ *der_len = 0; -+ -+ if (der == NULL && max_len > 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ temp = malloc (str_len + 2); -+ if (temp == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ -+ memcpy (temp, str, str_len); -+ temp[str_len] = '.'; -+ temp[str_len + 1] = 0; -+ -+ counter = 0; -+ n_start = temp; -+ while ((n_end = strchr (n_start, '.'))) -+ { -+ *n_end = 0; -+ val = _asn1_strtou64 (n_start, NULL, 10); -+ counter++; -+ -+ if (counter == 1) -+ { -+ val1 = val; -+ } -+ else if (counter == 2) -+ { -+ uint64_t val0; -+ -+ if (val1 > 2) -+ { -+ free(temp); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ else if ((val1 == 0 || val1 == 1) && val > 39) -+ { -+ free(temp); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ val0 = 40 * val1 + val; -+ encode_val(val0, der, max_len, der_len); -+ } -+ else -+ { -+ encode_val(val, der, max_len, der_len); -+ } -+ n_start = n_end + 1; -+ } -+ -+ asn1_length_der (*der_len, NULL, &len_len); -+ if (max_len >= (*der_len + len_len)) -+ { -+ memmove (der + len_len, der, *der_len); -+ asn1_length_der (*der_len, der, &len_len); -+ } -+ *der_len += len_len; -+ -+ free (temp); -+ -+ if (max_len < (*der_len)) -+ return ASN1_MEM_ERROR; -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_object_id_der: -+ * @str: An object identifier in numeric, dot format. -+ * @der: buffer to hold the returned encoding (may be %NULL). -+ * @der_len: initially the size of @der; will hold the final size. -+ * @flags: must be zero -+ * -+ * Creates the DER encoding of the provided object identifier. -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding was OK, %ASN1_VALUE_NOT_VALID -+ * if @str is not a valid OID, %ASN1_MEM_ERROR if the @der -+ * vector isn't big enough and in this case @der_len will contain the -+ * length needed. -+ **/ -+int asn1_object_id_der(const char *str, unsigned char *der, int *der_len, unsigned flags) -+{ -+ unsigned char tag_der[MAX_TAG_LEN]; -+ int tag_len = 0, r; -+ int max_len = *der_len; -+ -+ *der_len = 0; -+ -+ _asn1_tag_der (ETYPE_CLASS (ASN1_ETYPE_OBJECT_ID), ETYPE_TAG (ASN1_ETYPE_OBJECT_ID), -+ tag_der, &tag_len); -+ -+ if (max_len > tag_len) -+ { -+ memcpy(der, tag_der, tag_len); -+ } -+ max_len -= tag_len; -+ der += tag_len; -+ -+ r = _asn1_object_id_der (str, der, &max_len); -+ if (r == ASN1_MEM_ERROR || r == ASN1_SUCCESS) -+ { -+ *der_len = max_len + tag_len; -+ } -+ -+ return r; -+} -+ -+static const unsigned char bit_mask[] = -+ { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 }; -+ -+/** -+ * asn1_bit_der: -+ * @str: BIT string. -+ * @bit_len: number of meaningful bits in STR. -+ * @der: string returned. -+ * @der_len: number of meaningful bytes of DER -+ * (der[0]..der[ans_len-1]). -+ * -+ * Creates a length-value DER encoding for the input data -+ * as it would have been for a BIT STRING. -+ * The DER encoded data will be copied in @der. -+ * -+ * Note that the BIT STRING tag is not included in the output. -+ * -+ * This function does not return any value because it is expected -+ * that @der_len will contain enough bytes to store the string -+ * plus the DER encoding. The DER encoding size can be obtained using -+ * asn1_length_der(). -+ **/ -+void -+asn1_bit_der (const unsigned char *str, int bit_len, -+ unsigned char *der, int *der_len) -+{ -+ int len_len, len_byte, len_pad; -+ -+ if (der == NULL) -+ return; -+ -+ len_byte = bit_len >> 3; -+ len_pad = 8 - (bit_len & 7); -+ if (len_pad == 8) -+ len_pad = 0; -+ else -+ len_byte++; -+ asn1_length_der (len_byte + 1, der, &len_len); -+ der[len_len] = len_pad; -+ -+ if (str) -+ memcpy (der + len_len + 1, str, len_byte); -+ der[len_len + len_byte] &= bit_mask[len_pad]; -+ *der_len = len_byte + len_len + 1; -+} -+ -+ -+/******************************************************/ -+/* Function : _asn1_complete_explicit_tag */ -+/* Description: add the length coding to the EXPLICIT */ -+/* tags. */ -+/* Parameters: */ -+/* node: pointer to the tree element. */ -+/* der: string with the DER coding of the whole tree*/ -+/* counter: number of meaningful bytes of DER */ -+/* (der[0]..der[*counter-1]). */ -+/* max_len: size of der vector */ -+/* Return: */ -+/* ASN1_MEM_ERROR if der vector isn't big enough, */ -+/* otherwise ASN1_SUCCESS. */ -+/******************************************************/ -+static int -+_asn1_complete_explicit_tag (asn1_node node, unsigned char *der, -+ int *counter, int *max_len) -+{ -+ asn1_node p; -+ int is_tag_implicit, len2, len3; -+ unsigned char temp[SIZEOF_UNSIGNED_INT]; -+ -+ if (der == NULL && *max_len > 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ is_tag_implicit = 0; -+ -+ if (node->type & CONST_TAG) -+ { -+ p = node->down; -+ if (p == NULL) -+ return ASN1_DER_ERROR; -+ /* When there are nested tags we must complete them reverse to -+ the order they were created. This is because completing a tag -+ modifies all data within it, including the incomplete tags -+ which store buffer positions -- simon@josefsson.org 2002-09-06 -+ */ -+ while (p->right) -+ p = p->right; -+ while (p && p != node->down->left) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_TAG) -+ { -+ if (p->type & CONST_EXPLICIT) -+ { -+ len2 = strtol (p->name, NULL, 10); -+ _asn1_set_name (p, NULL); -+ -+ asn1_length_der (*counter - len2, temp, &len3); -+ if (len3 <= (*max_len)) -+ { -+ memmove (der + len2 + len3, der + len2, -+ *counter - len2); -+ memcpy (der + len2, temp, len3); -+ } -+ *max_len -= len3; -+ *counter += len3; -+ is_tag_implicit = 0; -+ } -+ else -+ { /* CONST_IMPLICIT */ -+ if (!is_tag_implicit) -+ { -+ is_tag_implicit = 1; -+ } -+ } -+ } -+ p = p->left; -+ } -+ } -+ -+ if (*max_len < 0) -+ return ASN1_MEM_ERROR; -+ -+ return ASN1_SUCCESS; -+} -+ -+const tag_and_class_st _asn1_tags[] = { -+ [ASN1_ETYPE_GENERALSTRING] = -+ {ASN1_TAG_GENERALSTRING, ASN1_CLASS_UNIVERSAL, "type:GENERALSTRING"}, -+ [ASN1_ETYPE_NUMERIC_STRING] = -+ {ASN1_TAG_NUMERIC_STRING, ASN1_CLASS_UNIVERSAL, "type:NUMERIC_STR"}, -+ [ASN1_ETYPE_IA5_STRING] = -+ {ASN1_TAG_IA5_STRING, ASN1_CLASS_UNIVERSAL, "type:IA5_STR"}, -+ [ASN1_ETYPE_TELETEX_STRING] = -+ {ASN1_TAG_TELETEX_STRING, ASN1_CLASS_UNIVERSAL, "type:TELETEX_STR"}, -+ [ASN1_ETYPE_PRINTABLE_STRING] = -+ {ASN1_TAG_PRINTABLE_STRING, ASN1_CLASS_UNIVERSAL, "type:PRINTABLE_STR"}, -+ [ASN1_ETYPE_UNIVERSAL_STRING] = -+ {ASN1_TAG_UNIVERSAL_STRING, ASN1_CLASS_UNIVERSAL, "type:UNIVERSAL_STR"}, -+ [ASN1_ETYPE_BMP_STRING] = -+ {ASN1_TAG_BMP_STRING, ASN1_CLASS_UNIVERSAL, "type:BMP_STR"}, -+ [ASN1_ETYPE_UTF8_STRING] = -+ {ASN1_TAG_UTF8_STRING, ASN1_CLASS_UNIVERSAL, "type:UTF8_STR"}, -+ [ASN1_ETYPE_VISIBLE_STRING] = -+ {ASN1_TAG_VISIBLE_STRING, ASN1_CLASS_UNIVERSAL, "type:VISIBLE_STR"}, -+ [ASN1_ETYPE_OCTET_STRING] = -+ {ASN1_TAG_OCTET_STRING, ASN1_CLASS_UNIVERSAL, "type:OCT_STR"}, -+ [ASN1_ETYPE_BIT_STRING] = -+ {ASN1_TAG_BIT_STRING, ASN1_CLASS_UNIVERSAL, "type:BIT_STR"}, -+ [ASN1_ETYPE_OBJECT_ID] = -+ {ASN1_TAG_OBJECT_ID, ASN1_CLASS_UNIVERSAL, "type:OBJ_ID"}, -+ [ASN1_ETYPE_NULL] = {ASN1_TAG_NULL, ASN1_CLASS_UNIVERSAL, "type:NULL"}, -+ [ASN1_ETYPE_BOOLEAN] = -+ {ASN1_TAG_BOOLEAN, ASN1_CLASS_UNIVERSAL, "type:BOOLEAN"}, -+ [ASN1_ETYPE_INTEGER] = -+ {ASN1_TAG_INTEGER, ASN1_CLASS_UNIVERSAL, "type:INTEGER"}, -+ [ASN1_ETYPE_ENUMERATED] = -+ {ASN1_TAG_ENUMERATED, ASN1_CLASS_UNIVERSAL, "type:ENUMERATED"}, -+ [ASN1_ETYPE_SEQUENCE] = -+ {ASN1_TAG_SEQUENCE, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, -+ "type:SEQUENCE"}, -+ [ASN1_ETYPE_SEQUENCE_OF] = -+ {ASN1_TAG_SEQUENCE, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, -+ "type:SEQ_OF"}, -+ [ASN1_ETYPE_SET] = -+ {ASN1_TAG_SET, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, "type:SET"}, -+ [ASN1_ETYPE_SET_OF] = -+ {ASN1_TAG_SET, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, -+ "type:SET_OF"}, -+ [ASN1_ETYPE_GENERALIZED_TIME] = -+ {ASN1_TAG_GENERALIZEDTime, ASN1_CLASS_UNIVERSAL, "type:GENERALIZED_TIME"}, -+ [ASN1_ETYPE_UTC_TIME] = -+ {ASN1_TAG_UTCTime, ASN1_CLASS_UNIVERSAL, "type:UTC_TIME"}, -+}; -+ -+unsigned int _asn1_tags_size = sizeof (_asn1_tags) / sizeof (_asn1_tags[0]); -+ -+/******************************************************/ -+/* Function : _asn1_insert_tag_der */ -+/* Description: creates the DER coding of tags of one */ -+/* NODE. */ -+/* Parameters: */ -+/* node: pointer to the tree element. */ -+/* der: string returned */ -+/* counter: number of meaningful bytes of DER */ -+/* (counter[0]..der[*counter-1]). */ -+/* max_len: size of der vector */ -+/* Return: */ -+/* ASN1_GENERIC_ERROR if the type is unknown, */ -+/* ASN1_MEM_ERROR if der vector isn't big enough, */ -+/* otherwise ASN1_SUCCESS. */ -+/******************************************************/ -+static int -+_asn1_insert_tag_der (asn1_node node, unsigned char *der, int *counter, -+ int *max_len) -+{ -+ asn1_node p; -+ int tag_len, is_tag_implicit; -+ unsigned char class, class_implicit = 0, temp[MAX(SIZEOF_UNSIGNED_INT * 3 + 1, LTOSTR_MAX_SIZE)]; -+ unsigned long tag_implicit = 0; -+ unsigned char tag_der[MAX_TAG_LEN]; -+ -+ is_tag_implicit = 0; -+ -+ if (node->type & CONST_TAG) -+ { -+ p = node->down; -+ while (p) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_TAG) -+ { -+ if (p->type & CONST_APPLICATION) -+ class = ASN1_CLASS_APPLICATION; -+ else if (p->type & CONST_UNIVERSAL) -+ class = ASN1_CLASS_UNIVERSAL; -+ else if (p->type & CONST_PRIVATE) -+ class = ASN1_CLASS_PRIVATE; -+ else -+ class = ASN1_CLASS_CONTEXT_SPECIFIC; -+ -+ if (p->type & CONST_EXPLICIT) -+ { -+ if (is_tag_implicit) -+ _asn1_tag_der (class_implicit, tag_implicit, tag_der, -+ &tag_len); -+ else -+ _asn1_tag_der (class | ASN1_CLASS_STRUCTURED, -+ _asn1_strtoul (p->value, NULL, 10), -+ tag_der, &tag_len); -+ -+ *max_len -= tag_len; -+ if (der && *max_len >= 0) -+ memcpy (der + *counter, tag_der, tag_len); -+ *counter += tag_len; -+ -+ _asn1_ltostr (*counter, (char *) temp); -+ _asn1_set_name (p, (const char *) temp); -+ -+ is_tag_implicit = 0; -+ } -+ else -+ { /* CONST_IMPLICIT */ -+ if (!is_tag_implicit) -+ { -+ if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) || -+ (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF) -+ || (type_field (node->type) == ASN1_ETYPE_SET) -+ || (type_field (node->type) == ASN1_ETYPE_SET_OF)) -+ class |= ASN1_CLASS_STRUCTURED; -+ class_implicit = class; -+ tag_implicit = _asn1_strtoul (p->value, NULL, 10); -+ is_tag_implicit = 1; -+ } -+ } -+ } -+ p = p->right; -+ } -+ } -+ -+ if (is_tag_implicit) -+ { -+ _asn1_tag_der (class_implicit, tag_implicit, tag_der, &tag_len); -+ } -+ else -+ { -+ unsigned type = type_field (node->type); -+ switch (type) -+ { -+ CASE_HANDLED_ETYPES: -+ _asn1_tag_der (_asn1_tags[type].class, _asn1_tags[type].tag, -+ tag_der, &tag_len); -+ break; -+ case ASN1_ETYPE_TAG: -+ case ASN1_ETYPE_CHOICE: -+ case ASN1_ETYPE_ANY: -+ tag_len = 0; -+ break; -+ default: -+ return ASN1_GENERIC_ERROR; -+ } -+ } -+ -+ *max_len -= tag_len; -+ if (der && *max_len >= 0) -+ memcpy (der + *counter, tag_der, tag_len); -+ *counter += tag_len; -+ -+ if (*max_len < 0) -+ return ASN1_MEM_ERROR; -+ -+ return ASN1_SUCCESS; -+} -+ -+/******************************************************/ -+/* Function : _asn1_ordering_set */ -+/* Description: puts the elements of a SET type in */ -+/* the correct order according to DER rules. */ -+/* Parameters: */ -+/* der: string with the DER coding. */ -+/* node: pointer to the SET element. */ -+/* Return: */ -+/* ASN1_SUCCESS if successful */ -+/* or an error value. */ -+/******************************************************/ -+static int -+_asn1_ordering_set (unsigned char *der, int der_len, asn1_node node) -+{ -+ struct vet -+ { -+ int end; -+ unsigned long value; -+ struct vet *next, *prev; -+ }; -+ -+ int counter, len, len2; -+ struct vet *first, *last, *p_vet, *p2_vet; -+ asn1_node p; -+ unsigned char class, *temp; -+ unsigned long tag, t; -+ int err; -+ -+ counter = 0; -+ -+ if (type_field (node->type) != ASN1_ETYPE_SET) -+ return ASN1_VALUE_NOT_VALID; -+ -+ p = node->down; -+ while (p && ((type_field (p->type) == ASN1_ETYPE_TAG) || -+ (type_field (p->type) == ASN1_ETYPE_SIZE))) -+ p = p->right; -+ -+ if ((p == NULL) || (p->right == NULL)) -+ return ASN1_SUCCESS; -+ -+ first = last = NULL; -+ while (p) -+ { -+ p_vet = malloc (sizeof (struct vet)); -+ if (p_vet == NULL) -+ { -+ err = ASN1_MEM_ALLOC_ERROR; -+ goto error; -+ } -+ -+ p_vet->next = NULL; -+ p_vet->prev = last; -+ if (first == NULL) -+ first = p_vet; -+ else -+ last->next = p_vet; -+ last = p_vet; -+ -+ /* tag value calculation */ -+ err = asn1_get_tag_der (der + counter, der_len - counter, &class, &len2, -+ &tag); -+ if (err != ASN1_SUCCESS) -+ goto error; -+ -+ t = ((unsigned int)class) << 24; -+ p_vet->value = t | tag; -+ counter += len2; -+ -+ /* extraction and length */ -+ len2 = asn1_get_length_der (der + counter, der_len - counter, &len); -+ if (len2 < 0) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ counter += len + len2; -+ -+ p_vet->end = counter; -+ p = p->right; -+ } -+ -+ p_vet = first; -+ -+ while (p_vet) -+ { -+ p2_vet = p_vet->next; -+ counter = 0; -+ while (p2_vet) -+ { -+ if (p_vet->value > p2_vet->value) -+ { -+ /* change position */ -+ temp = malloc (p_vet->end - counter); -+ if (temp == NULL) -+ { -+ err = ASN1_MEM_ALLOC_ERROR; -+ goto error; -+ } -+ -+ memcpy (temp, der + counter, p_vet->end - counter); -+ memcpy (der + counter, der + p_vet->end, -+ p2_vet->end - p_vet->end); -+ memcpy (der + counter + p2_vet->end - p_vet->end, temp, -+ p_vet->end - counter); -+ free (temp); -+ -+ tag = p_vet->value; -+ p_vet->value = p2_vet->value; -+ p2_vet->value = tag; -+ -+ p_vet->end = counter + (p2_vet->end - p_vet->end); -+ } -+ counter = p_vet->end; -+ -+ p2_vet = p2_vet->next; -+ p_vet = p_vet->next; -+ } -+ -+ if (p_vet != first) -+ p_vet->prev->next = NULL; -+ else -+ first = NULL; -+ free (p_vet); -+ p_vet = first; -+ } -+ return ASN1_SUCCESS; -+ -+error: -+ while (first != NULL) -+ { -+ p_vet = first; -+ first = first->next; -+ free(p_vet); -+ } -+ return err; -+} -+ -+struct vet -+{ -+ unsigned char *ptr; -+ int size; -+}; -+ -+static int setof_compar(const void *_e1, const void *_e2) -+{ -+ unsigned length; -+ const struct vet *e1 = _e1, *e2 = _e2; -+ int rval; -+ -+ /* The encodings of the component values of a set-of value shall -+ * appear in ascending order, the encodings being compared -+ * as octet strings with the shorter components being -+ * padded at their trailing end with 0-octets. -+ * The padding octets are for comparison purposes and -+ * do not appear in the encodings. -+ */ -+ length = MIN(e1->size, e2->size); -+ -+ rval = memcmp(e1->ptr, e2->ptr, length); -+ if (rval == 0 && e1->size != e2->size) -+ { -+ if (e1->size > e2->size) -+ rval = 1; -+ else if (e2->size > e1->size) -+ rval = -1; -+ } -+ -+ return rval; -+} -+ -+/******************************************************/ -+/* Function : _asn1_ordering_set_of */ -+/* Description: puts the elements of a SET OF type in */ -+/* the correct order according to DER rules. */ -+/* Parameters: */ -+/* der: string with the DER coding. */ -+/* node: pointer to the SET OF element. */ -+/* Return: */ -+/* ASN1_SUCCESS if successful */ -+/* or an error value. */ -+/******************************************************/ -+static int -+_asn1_ordering_set_of (unsigned char *der, int der_len, asn1_node node) -+{ -+ int counter, len, len2; -+ struct vet *list = NULL, *tlist; -+ unsigned list_size = 0; -+ struct vet *p_vet; -+ asn1_node p; -+ unsigned char class; -+ unsigned i; -+ unsigned char *out = NULL; -+ int err; -+ -+ if (der == NULL) -+ return ASN1_VALUE_NOT_VALID; -+ -+ counter = 0; -+ -+ if (type_field (node->type) != ASN1_ETYPE_SET_OF) -+ return ASN1_VALUE_NOT_VALID; -+ -+ p = node->down; -+ while (p && ((type_field (p->type) == ASN1_ETYPE_TAG) || -+ (type_field (p->type) == ASN1_ETYPE_SIZE))) -+ p = p->right; -+ if (p == NULL) -+ return ASN1_VALUE_NOT_VALID; -+ p = p->right; -+ -+ if ((p == NULL) || (p->right == NULL)) -+ return ASN1_SUCCESS; -+ -+ while (p) -+ { -+ list_size++; -+ tlist = realloc (list, list_size*sizeof(struct vet)); -+ if (tlist == NULL) -+ { -+ err = ASN1_MEM_ALLOC_ERROR; -+ goto error; -+ } -+ list = tlist; -+ p_vet = &list[list_size-1]; -+ -+ p_vet->ptr = der+counter; -+ p_vet->size = 0; -+ -+ /* extraction of tag and length */ -+ if (der_len - counter > 0) -+ { -+ err = asn1_get_tag_der (der + counter, der_len - counter, &class, -+ &len, NULL); -+ if (err != ASN1_SUCCESS) -+ goto error; -+ counter += len; -+ p_vet->size += len; -+ -+ len2 = asn1_get_length_der (der + counter, der_len - counter, &len); -+ if (len2 < 0) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ counter += len + len2; -+ p_vet->size += len + len2; -+ -+ } -+ else -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ p = p->right; -+ } -+ -+ if (counter > der_len) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ -+ qsort(list, list_size, sizeof(struct vet), setof_compar); -+ -+ out = malloc(der_len); -+ if (out == NULL) -+ { -+ err = ASN1_MEM_ERROR; -+ goto error; -+ } -+ -+ /* the sum of p_vet->size == der_len */ -+ counter = 0; -+ for (i = 0; i < list_size; i++) -+ { -+ p_vet = &list[i]; -+ memcpy(out+counter, p_vet->ptr, p_vet->size); -+ counter += p_vet->size; -+ } -+ memcpy(der, out, der_len); -+ free(out); -+ -+ err = ASN1_SUCCESS; -+ -+error: -+ free(list); -+ return err; -+} -+ -+/** -+ * asn1_der_coding: -+ * @element: pointer to an ASN1 element -+ * @name: the name of the structure you want to encode (it must be -+ * inside *POINTER). -+ * @ider: vector that will contain the DER encoding. DER must be a -+ * pointer to memory cells already allocated. -+ * @len: number of bytes of *@ider: @ider[0]..@ider[len-1], Initialy -+ * holds the sizeof of der vector. -+ * @ErrorDescription: return the error description or an empty -+ * string if success. -+ * -+ * Creates the DER encoding for the NAME structure (inside *POINTER -+ * structure). -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND -+ * if @name is not a valid element, %ASN1_VALUE_NOT_FOUND if there -+ * is an element without a value, %ASN1_MEM_ERROR if the @ider -+ * vector isn't big enough and in this case @len will contain the -+ * length needed. -+ **/ -+int -+asn1_der_coding (asn1_node_const element, const char *name, void *ider, int *len, -+ char *ErrorDescription) -+{ -+ asn1_node node, p, p2; -+ unsigned char temp[MAX(LTOSTR_MAX_SIZE, SIZEOF_UNSIGNED_LONG_INT * 3 + 1)]; -+ int counter, counter_old, len2, len3, move, max_len, max_len_old; -+ int err; -+ unsigned char *der = ider; -+ -+ if (ErrorDescription) -+ ErrorDescription[0] = 0; -+ -+ node = asn1_find_node (element, name); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ /* Node is now a locally allocated variable. -+ * That is because in some point we modify the -+ * structure, and I don't know why! --nmav -+ */ -+ node = _asn1_copy_structure3 (node); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ max_len = *len; -+ -+ if (der == NULL && max_len > 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ counter = 0; -+ move = DOWN; -+ p = node; -+ -+ while (1) -+ { -+ -+ counter_old = counter; -+ max_len_old = max_len; -+ if (move != UP) -+ { -+ p->start = counter; -+ err = _asn1_insert_tag_der (p, der, &counter, &max_len); -+ if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR) -+ goto error; -+ } -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_NULL: -+ max_len--; -+ if (der != NULL && max_len >= 0) -+ der[counter] = 0; -+ counter++; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_BOOLEAN: -+ if ((p->type & CONST_DEFAULT) && (p->value == NULL)) -+ { -+ counter = counter_old; -+ max_len = max_len_old; -+ } -+ else -+ { -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, -+ ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ max_len -= 2; -+ if (der != NULL && max_len >= 0) -+ { -+ der[counter++] = 1; -+ if (p->value[0] == 'F') -+ der[counter++] = 0; -+ else -+ der[counter++] = 0xFF; -+ } -+ else -+ counter += 2; -+ } -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_INTEGER: -+ case ASN1_ETYPE_ENUMERATED: -+ if ((p->type & CONST_DEFAULT) && (p->value == NULL)) -+ { -+ counter = counter_old; -+ max_len = max_len_old; -+ } -+ else -+ { -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, -+ ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ len2 = asn1_get_length_der (p->value, p->value_len, &len3); -+ if (len2 < 0) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ max_len -= len2 + len3; -+ if (der != NULL && max_len >= 0) -+ memcpy (der + counter, p->value, len3 + len2); -+ counter += len3 + len2; -+ } -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_OBJECT_ID: -+ if ((p->type & CONST_DEFAULT) && (p->value == NULL)) -+ { -+ counter = counter_old; -+ max_len = max_len_old; -+ } -+ else -+ { -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, -+ ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ len2 = max_len; -+ err = _asn1_object_id_der ((char*)p->value, der + counter, &len2); -+ if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR) -+ goto error; -+ -+ max_len -= len2; -+ counter += len2; -+ } -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ case ASN1_ETYPE_UTC_TIME: -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ len2 = max_len; -+ err = _asn1_time_der (p->value, p->value_len, der + counter, &len2); -+ if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR) -+ goto error; -+ -+ max_len -= len2; -+ counter += len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_OCTET_STRING: -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ case ASN1_ETYPE_BIT_STRING: -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ len2 = asn1_get_length_der (p->value, p->value_len, &len3); -+ if (len2 < 0) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ max_len -= len2 + len3; -+ if (der != NULL && max_len >= 0) -+ memcpy (der + counter, p->value, len3 + len2); -+ counter += len3 + len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_SEQUENCE: -+ case ASN1_ETYPE_SET: -+ if (move != UP) -+ { -+ p->tmp_ival = counter; -+ if (p->down == NULL) -+ { -+ move = UP; -+ continue; -+ } -+ else -+ { -+ p2 = p->down; -+ while (p2 && (type_field (p2->type) == ASN1_ETYPE_TAG)) -+ p2 = p2->right; -+ if (p2) -+ { -+ p = p2; -+ move = RIGHT; -+ continue; -+ } -+ move = UP; -+ continue; -+ } -+ } -+ else -+ { /* move==UP */ -+ len2 = p->tmp_ival; -+ p->tmp_ival = 0; -+ if ((type_field (p->type) == ASN1_ETYPE_SET) && (max_len >= 0)) -+ { -+ err = _asn1_ordering_set (der + len2, counter - len2, p); -+ if (err != ASN1_SUCCESS) -+ goto error; -+ } -+ asn1_length_der (counter - len2, temp, &len3); -+ max_len -= len3; -+ if (der != NULL && max_len >= 0) -+ { -+ memmove (der + len2 + len3, der + len2, counter - len2); -+ memcpy (der + len2, temp, len3); -+ } -+ counter += len3; -+ move = RIGHT; -+ } -+ break; -+ case ASN1_ETYPE_SEQUENCE_OF: -+ case ASN1_ETYPE_SET_OF: -+ if (move != UP) -+ { -+ p->tmp_ival = counter; -+ p = p->down; -+ while ((type_field (p->type) == ASN1_ETYPE_TAG) -+ || (type_field (p->type) == ASN1_ETYPE_SIZE)) -+ p = p->right; -+ if (p->right) -+ { -+ p = p->right; -+ move = RIGHT; -+ continue; -+ } -+ else -+ p = _asn1_find_up (p); -+ move = UP; -+ } -+ if (move == UP) -+ { -+ len2 = p->tmp_ival; -+ p->tmp_ival = 0; -+ if ((type_field (p->type) == ASN1_ETYPE_SET_OF) -+ && (counter - len2 > 0) && (max_len >= 0)) -+ { -+ err = _asn1_ordering_set_of (der + len2, counter - len2, p); -+ if (err != ASN1_SUCCESS) -+ goto error; -+ } -+ asn1_length_der (counter - len2, temp, &len3); -+ max_len -= len3; -+ if (der != NULL && max_len >= 0) -+ { -+ memmove (der + len2 + len3, der + len2, counter - len2); -+ memcpy (der + len2, temp, len3); -+ } -+ counter += len3; -+ move = RIGHT; -+ } -+ break; -+ case ASN1_ETYPE_ANY: -+ if (p->value == NULL) -+ { -+ _asn1_error_description_value_not_found (p, ErrorDescription); -+ err = ASN1_VALUE_NOT_FOUND; -+ goto error; -+ } -+ len2 = asn1_get_length_der (p->value, p->value_len, &len3); -+ if (len2 < 0) -+ { -+ err = ASN1_DER_ERROR; -+ goto error; -+ } -+ max_len -= len2; -+ if (der != NULL && max_len >= 0) -+ memcpy (der + counter, p->value + len3, len2); -+ counter += len2; -+ move = RIGHT; -+ break; -+ default: -+ move = (move == UP) ? RIGHT : DOWN; -+ break; -+ } -+ -+ if ((move != DOWN) && (counter != counter_old)) -+ { -+ p->end = counter - 1; -+ err = _asn1_complete_explicit_tag (p, der, &counter, &max_len); -+ if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR) -+ goto error; -+ } -+ -+ if (p == node && move != DOWN) -+ break; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ if (move == RIGHT) -+ { -+ if (p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ *len = counter; -+ -+ if (max_len < 0) -+ { -+ err = ASN1_MEM_ERROR; -+ goto error; -+ } -+ -+ err = ASN1_SUCCESS; -+ -+error: -+ asn1_delete_structure (&node); -+ return err; -+} -diff --git a/grub-core/lib/libtasn1/lib/decoding.c b/grub-core/lib/libtasn1/lib/decoding.c -new file mode 100644 -index 00000000000..ff04eb778cb ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/decoding.c -@@ -0,0 +1,2478 @@ -+/* -+ * Copyright (C) 2002-2016 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+ -+/*****************************************************/ -+/* File: decoding.c */ -+/* Description: Functions to manage DER decoding */ -+/*****************************************************/ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef DEBUG -+# define warn() fprintf(stderr, "%s: %d\n", __func__, __LINE__) -+#else -+# define warn() -+#endif -+ -+#define IS_ERR(len, flags) (len < -1 || ((flags & ASN1_DECODE_FLAG_STRICT_DER) && len < 0)) -+ -+#define HAVE_TWO(x) (x>=2?1:0) -+ -+/* Decoding flags (dflags) used in several decoding functions. -+ * DECODE_FLAG_HAVE_TAG: The provided buffer includes a tag -+ * DECODE_FLAG_CONSTRUCTED: The provided buffer is of indefinite encoding (useful -+ * when no tags are present). -+ * DECODE_FLAG_LEVEL1: Internal flag to indicate a level of recursion for BER strings. -+ * DECODE_FLAG_LEVEL2: Internal flag to indicate two levels of recursion for BER strings. -+ * DECODE_FLAG_LEVEL3: Internal flag to indicate three levels of recursion for BER strings. -+ * This is the maximum levels of recursion possible to prevent stack -+ * exhaustion. -+ */ -+ -+#define DECODE_FLAG_HAVE_TAG 1 -+#define DECODE_FLAG_CONSTRUCTED (1<<1) -+#define DECODE_FLAG_LEVEL1 (1<<2) -+#define DECODE_FLAG_LEVEL2 (1<<3) -+#define DECODE_FLAG_LEVEL3 (1<<4) -+ -+#define DECR_LEN(l, s) do { \ -+ l -= s; \ -+ if (l < 0) { \ -+ warn(); \ -+ result = ASN1_DER_ERROR; \ -+ goto cleanup; \ -+ } \ -+ } while (0) -+ -+static int -+_asn1_get_indefinite_length_string (const unsigned char *der, int der_len, int *len); -+ -+static int -+_asn1_decode_simple_ber (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, unsigned char **str, -+ unsigned int *str_len, unsigned int *ber_len, -+ unsigned dflags); -+ -+static int -+_asn1_decode_simple_der (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, const unsigned char **str, -+ unsigned int *str_len, unsigned dflags); -+ -+static void -+_asn1_error_description_tag_error (asn1_node node, char *ErrorDescription) -+{ -+ -+ Estrcpy (ErrorDescription, ":: tag error near element '"); -+ _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), -+ ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40); -+ Estrcat (ErrorDescription, "'"); -+ -+} -+ -+/** -+ * asn1_get_length_der: -+ * @der: DER data to decode. -+ * @der_len: Length of DER data to decode. -+ * @len: Output variable containing the length of the DER length field. -+ * -+ * Extract a length field from DER data. -+ * -+ * Returns: Return the decoded length value, or -1 on indefinite -+ * length, or -2 when the value was too big to fit in a int, or -4 -+ * when the decoded length value plus @len would exceed @der_len. -+ **/ -+long -+asn1_get_length_der (const unsigned char *der, int der_len, int *len) -+{ -+ unsigned int ans; -+ int k, punt, sum; -+ -+ *len = 0; -+ if (der_len <= 0) -+ return 0; -+ -+ if (!(der[0] & 128)) -+ { -+ /* short form */ -+ *len = 1; -+ ans = der[0]; -+ } -+ else -+ { -+ /* Long form */ -+ k = der[0] & 0x7F; -+ punt = 1; -+ if (k) -+ { /* definite length method */ -+ ans = 0; -+ while (punt <= k && punt < der_len) -+ { -+ if (INT_MULTIPLY_OVERFLOW (ans, 256)) -+ return -2; -+ ans *= 256; -+ -+ if (INT_ADD_OVERFLOW (ans, ((unsigned) der[punt]))) -+ return -2; -+ ans += der[punt]; -+ punt++; -+ } -+ } -+ else -+ { /* indefinite length method */ -+ *len = punt; -+ return -1; -+ } -+ -+ *len = punt; -+ } -+ -+ sum = ans; -+ if (ans >= INT_MAX || INT_ADD_OVERFLOW (sum, (*len))) -+ return -2; -+ sum += *len; -+ -+ if (sum > der_len) -+ return -4; -+ -+ return ans; -+} -+ -+/** -+ * asn1_get_tag_der: -+ * @der: DER data to decode. -+ * @der_len: Length of DER data to decode. -+ * @cls: Output variable containing decoded class. -+ * @len: Output variable containing the length of the DER TAG data. -+ * @tag: Output variable containing the decoded tag (may be %NULL). -+ * -+ * Decode the class and TAG from DER code. -+ * -+ * Returns: Returns %ASN1_SUCCESS on success, or an error. -+ **/ -+int -+asn1_get_tag_der (const unsigned char *der, int der_len, -+ unsigned char *cls, int *len, unsigned long *tag) -+{ -+ unsigned int ris; -+ int punt; -+ -+ if (der == NULL || der_len < 2 || len == NULL) -+ return ASN1_DER_ERROR; -+ -+ *cls = der[0] & 0xE0; -+ if ((der[0] & 0x1F) != 0x1F) -+ { -+ /* short form */ -+ *len = 1; -+ ris = der[0] & 0x1F; -+ } -+ else -+ { -+ /* Long form */ -+ punt = 1; -+ ris = 0; -+ while (punt < der_len && der[punt] & 128) -+ { -+ -+ if (INT_MULTIPLY_OVERFLOW (ris, 128)) -+ return ASN1_DER_ERROR; -+ ris *= 128; -+ -+ if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F)))) -+ return ASN1_DER_ERROR; -+ ris += (der[punt] & 0x7F); -+ punt++; -+ } -+ -+ if (punt >= der_len) -+ return ASN1_DER_ERROR; -+ -+ if (INT_MULTIPLY_OVERFLOW (ris, 128)) -+ return ASN1_DER_ERROR; -+ ris *= 128; -+ -+ if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F)))) -+ return ASN1_DER_ERROR; -+ ris += (der[punt] & 0x7F); -+ punt++; -+ -+ *len = punt; -+ } -+ -+ if (tag) -+ *tag = ris; -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_get_length_ber: -+ * @ber: BER data to decode. -+ * @ber_len: Length of BER data to decode. -+ * @len: Output variable containing the length of the BER length field. -+ * -+ * Extract a length field from BER data. The difference to -+ * asn1_get_length_der() is that this function will return a length -+ * even if the value has indefinite encoding. -+ * -+ * Returns: Return the decoded length value, or negative value when -+ * the value was too big. -+ * -+ * Since: 2.0 -+ **/ -+long -+asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len) -+{ -+ int ret; -+ long err; -+ -+ ret = asn1_get_length_der (ber, ber_len, len); -+ -+ if (ret == -1 && ber_len > 1) -+ { /* indefinite length method */ -+ err = _asn1_get_indefinite_length_string (ber + 1, ber_len-1, &ret); -+ if (err != ASN1_SUCCESS) -+ return -3; -+ } -+ -+ return ret; -+} -+ -+/** -+ * asn1_get_octet_der: -+ * @der: DER data to decode containing the OCTET SEQUENCE. -+ * @der_len: The length of the @der data to decode. -+ * @ret_len: Output variable containing the encoded length of the DER data. -+ * @str: Pre-allocated output buffer to put decoded OCTET SEQUENCE in. -+ * @str_size: Length of pre-allocated output buffer. -+ * @str_len: Output variable containing the length of the contents of the OCTET SEQUENCE. -+ * -+ * Extract an OCTET SEQUENCE from DER data. Note that this function -+ * expects the DER data past the tag field, i.e., the length and -+ * content octets. -+ * -+ * Returns: Returns %ASN1_SUCCESS on success, or an error. -+ **/ -+int -+asn1_get_octet_der (const unsigned char *der, int der_len, -+ int *ret_len, unsigned char *str, int str_size, -+ int *str_len) -+{ -+ int len_len = 0; -+ -+ if (der_len <= 0) -+ return ASN1_GENERIC_ERROR; -+ -+ *str_len = asn1_get_length_der (der, der_len, &len_len); -+ -+ if (*str_len < 0) -+ return ASN1_DER_ERROR; -+ -+ *ret_len = *str_len + len_len; -+ if (str_size >= *str_len) -+ { -+ if (*str_len > 0 && str != NULL) -+ memcpy (str, der + len_len, *str_len); -+ } -+ else -+ { -+ return ASN1_MEM_ERROR; -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/*- -+ * _asn1_get_time_der: -+ * @type: %ASN1_ETYPE_GENERALIZED_TIME or %ASN1_ETYPE_UTC_TIME -+ * @der: DER data to decode containing the time -+ * @der_len: Length of DER data to decode. -+ * @ret_len: Output variable containing the length of the DER data. -+ * @str: Pre-allocated output buffer to put the textual time in. -+ * @str_size: Length of pre-allocated output buffer. -+ * @flags: Zero or %ASN1_DECODE_FLAG_STRICT_DER -+ * -+ * Performs basic checks in the DER encoded time object and returns its textual form. -+ * The textual form will be in the YYYYMMDD000000Z format for GeneralizedTime -+ * and YYMMDD000000Z for UTCTime. -+ * -+ * Returns: %ASN1_SUCCESS on success, or an error. -+ -*/ -+static int -+_asn1_get_time_der (unsigned type, const unsigned char *der, int der_len, int *ret_len, -+ char *str, int str_size, unsigned flags) -+{ -+ int len_len, str_len; -+ unsigned i; -+ unsigned sign_count = 0; -+ unsigned dot_count = 0; -+ const unsigned char *p; -+ -+ if (der_len <= 0 || str == NULL) -+ return ASN1_DER_ERROR; -+ -+ str_len = asn1_get_length_der (der, der_len, &len_len); -+ if (str_len <= 0 || str_size < str_len) -+ return ASN1_DER_ERROR; -+ -+ /* perform some sanity checks on the data */ -+ if (str_len < 8) -+ { -+ warn(); -+ return ASN1_TIME_ENCODING_ERROR; -+ } -+ -+ if ((flags & ASN1_DECODE_FLAG_STRICT_DER) && !(flags & ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME)) -+ { -+ p = &der[len_len]; -+ for (i=0;i<(unsigned)(str_len-1);i++) -+ { -+ if (c_isdigit(p[i]) == 0) -+ { -+ if (type == ASN1_ETYPE_GENERALIZED_TIME) -+ { -+ /* tolerate lax encodings */ -+ if (p[i] == '.' && dot_count == 0) -+ { -+ dot_count++; -+ continue; -+ } -+ -+ /* This is not really valid DER, but there are -+ * structures using that */ -+ if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) && -+ (p[i] == '+' || p[i] == '-') && sign_count == 0) -+ { -+ sign_count++; -+ continue; -+ } -+ } -+ -+ warn(); -+ return ASN1_TIME_ENCODING_ERROR; -+ } -+ } -+ -+ if (sign_count == 0 && p[str_len-1] != 'Z') -+ { -+ warn(); -+ return ASN1_TIME_ENCODING_ERROR; -+ } -+ } -+ memcpy (str, der + len_len, str_len); -+ str[str_len] = 0; -+ *ret_len = str_len + len_len; -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_get_object_id_der: -+ * @der: DER data to decode containing the OBJECT IDENTIFIER -+ * @der_len: Length of DER data to decode. -+ * @ret_len: Output variable containing the length of the DER data. -+ * @str: Pre-allocated output buffer to put the textual object id in. -+ * @str_size: Length of pre-allocated output buffer. -+ * -+ * Converts a DER encoded object identifier to its textual form. This -+ * function expects the DER object identifier without the tag. -+ * -+ * Returns: %ASN1_SUCCESS on success, or an error. -+ **/ -+int -+asn1_get_object_id_der (const unsigned char *der, int der_len, int *ret_len, -+ char *str, int str_size) -+{ -+ int len_len, len, k; -+ int leading, parsed; -+ char temp[LTOSTR_MAX_SIZE]; -+ uint64_t val, val1, val0; -+ -+ *ret_len = 0; -+ if (str && str_size > 0) -+ str[0] = 0; /* no oid */ -+ -+ if (str == NULL || der_len <= 0) -+ return ASN1_GENERIC_ERROR; -+ -+ len = asn1_get_length_der (der, der_len, &len_len); -+ -+ if (len <= 0 || len + len_len > der_len) -+ return ASN1_DER_ERROR; -+ -+ /* leading octet can never be 0x80 */ -+ if (der[len_len] == 0x80) -+ return ASN1_DER_ERROR; -+ -+ val0 = 0; -+ -+ for (k = 0; k < len; k++) -+ { -+ if (INT_LEFT_SHIFT_OVERFLOW (val0, 7)) -+ return ASN1_DER_ERROR; -+ -+ val0 <<= 7; -+ val0 |= der[len_len + k] & 0x7F; -+ if (!(der[len_len + k] & 0x80)) -+ break; -+ } -+ parsed = ++k; -+ -+ /* val0 = (X*40) + Y, X={0,1,2}, Y<=39 when X={0,1} */ -+ /* X = val, Y = val1 */ -+ -+ /* check if X == 0 */ -+ val = 0; -+ val1 = val0; -+ if (val1 > 39) -+ { -+ val = 1; -+ val1 = val0 - 40; -+ if (val1 > 39) -+ { -+ val = 2; -+ val1 = val0 - 80; -+ } -+ } -+ -+ _asn1_str_cpy (str, str_size, _asn1_ltostr (val, temp)); -+ _asn1_str_cat (str, str_size, "."); -+ _asn1_str_cat (str, str_size, _asn1_ltostr (val1, temp)); -+ -+ val = 0; -+ leading = 1; -+ for (k = parsed; k < len; k++) -+ { -+ /* X.690 mandates that the leading byte must never be 0x80 -+ */ -+ if (leading != 0 && der[len_len + k] == 0x80) -+ return ASN1_DER_ERROR; -+ leading = 0; -+ -+ /* check for wrap around */ -+ if (INT_LEFT_SHIFT_OVERFLOW (val, 7)) -+ return ASN1_DER_ERROR; -+ -+ val = val << 7; -+ val |= der[len_len + k] & 0x7F; -+ -+ if (!(der[len_len + k] & 0x80)) -+ { -+ _asn1_str_cat (str, str_size, "."); -+ _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp)); -+ val = 0; -+ leading = 1; -+ } -+ } -+ -+ if (INT_ADD_OVERFLOW (len, len_len)) -+ return ASN1_DER_ERROR; -+ -+ *ret_len = len + len_len; -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_get_bit_der: -+ * @der: DER data to decode containing the BIT SEQUENCE. -+ * @der_len: Length of DER data to decode. -+ * @ret_len: Output variable containing the length of the DER data. -+ * @str: Pre-allocated output buffer to put decoded BIT SEQUENCE in. -+ * @str_size: Length of pre-allocated output buffer. -+ * @bit_len: Output variable containing the size of the BIT SEQUENCE. -+ * -+ * Extract a BIT SEQUENCE from DER data. -+ * -+ * Returns: %ASN1_SUCCESS on success, or an error. -+ **/ -+int -+asn1_get_bit_der (const unsigned char *der, int der_len, -+ int *ret_len, unsigned char *str, int str_size, -+ int *bit_len) -+{ -+ int len_len = 0, len_byte; -+ -+ if (der_len <= 0) -+ return ASN1_GENERIC_ERROR; -+ -+ len_byte = asn1_get_length_der (der, der_len, &len_len) - 1; -+ if (len_byte < 0) -+ return ASN1_DER_ERROR; -+ -+ *ret_len = len_byte + len_len + 1; -+ *bit_len = len_byte * 8 - der[len_len]; -+ -+ if (*bit_len < 0) -+ return ASN1_DER_ERROR; -+ -+ if (str_size >= len_byte) -+ { -+ if (len_byte > 0 && str) -+ memcpy (str, der + len_len + 1, len_byte); -+ } -+ else -+ { -+ return ASN1_MEM_ERROR; -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+/* tag_len: the total tag length (explicit+inner) -+ * inner_tag_len: the inner_tag length -+ */ -+static int -+_asn1_extract_tag_der (asn1_node node, const unsigned char *der, int der_len, -+ int *tag_len, int *inner_tag_len, unsigned flags) -+{ -+ asn1_node p; -+ int counter, len2, len3, is_tag_implicit; -+ int result; -+ unsigned long tag, tag_implicit = 0; -+ unsigned char class, class2, class_implicit = 0; -+ -+ if (der_len <= 0) -+ return ASN1_GENERIC_ERROR; -+ -+ counter = is_tag_implicit = 0; -+ -+ if (node->type & CONST_TAG) -+ { -+ p = node->down; -+ while (p) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_TAG) -+ { -+ if (p->type & CONST_APPLICATION) -+ class2 = ASN1_CLASS_APPLICATION; -+ else if (p->type & CONST_UNIVERSAL) -+ class2 = ASN1_CLASS_UNIVERSAL; -+ else if (p->type & CONST_PRIVATE) -+ class2 = ASN1_CLASS_PRIVATE; -+ else -+ class2 = ASN1_CLASS_CONTEXT_SPECIFIC; -+ -+ if (p->type & CONST_EXPLICIT) -+ { -+ if (asn1_get_tag_der -+ (der + counter, der_len, &class, &len2, -+ &tag) != ASN1_SUCCESS) -+ return ASN1_DER_ERROR; -+ -+ DECR_LEN(der_len, len2); -+ counter += len2; -+ -+ if (flags & ASN1_DECODE_FLAG_STRICT_DER) -+ len3 = -+ asn1_get_length_der (der + counter, der_len, -+ &len2); -+ else -+ len3 = -+ asn1_get_length_ber (der + counter, der_len, -+ &len2); -+ if (len3 < 0) -+ return ASN1_DER_ERROR; -+ -+ DECR_LEN(der_len, len2); -+ counter += len2; -+ -+ if (!is_tag_implicit) -+ { -+ if ((class != (class2 | ASN1_CLASS_STRUCTURED)) || -+ (tag != strtoul ((char *) p->value, NULL, 10))) -+ return ASN1_TAG_ERROR; -+ } -+ else -+ { /* ASN1_TAG_IMPLICIT */ -+ if ((class != class_implicit) || (tag != tag_implicit)) -+ return ASN1_TAG_ERROR; -+ } -+ is_tag_implicit = 0; -+ } -+ else -+ { /* ASN1_TAG_IMPLICIT */ -+ if (!is_tag_implicit) -+ { -+ if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) || -+ (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF) -+ || (type_field (node->type) == ASN1_ETYPE_SET) -+ || (type_field (node->type) == ASN1_ETYPE_SET_OF)) -+ class2 |= ASN1_CLASS_STRUCTURED; -+ class_implicit = class2; -+ tag_implicit = strtoul ((char *) p->value, NULL, 10); -+ is_tag_implicit = 1; -+ } -+ } -+ } -+ p = p->right; -+ } -+ } -+ -+ if (is_tag_implicit) -+ { -+ if (asn1_get_tag_der -+ (der + counter, der_len, &class, &len2, -+ &tag) != ASN1_SUCCESS) -+ return ASN1_DER_ERROR; -+ -+ DECR_LEN(der_len, len2); -+ -+ if ((class != class_implicit) || (tag != tag_implicit)) -+ { -+ if (type_field (node->type) == ASN1_ETYPE_OCTET_STRING) -+ { -+ class_implicit |= ASN1_CLASS_STRUCTURED; -+ if ((class != class_implicit) || (tag != tag_implicit)) -+ return ASN1_TAG_ERROR; -+ } -+ else -+ return ASN1_TAG_ERROR; -+ } -+ } -+ else -+ { -+ unsigned type = type_field (node->type); -+ if (type == ASN1_ETYPE_TAG) -+ { -+ *tag_len = 0; -+ if (inner_tag_len) -+ *inner_tag_len = 0; -+ return ASN1_SUCCESS; -+ } -+ -+ if (asn1_get_tag_der -+ (der + counter, der_len, &class, &len2, -+ &tag) != ASN1_SUCCESS) -+ return ASN1_DER_ERROR; -+ -+ DECR_LEN(der_len, len2); -+ -+ switch (type) -+ { -+ case ASN1_ETYPE_NULL: -+ case ASN1_ETYPE_BOOLEAN: -+ case ASN1_ETYPE_INTEGER: -+ case ASN1_ETYPE_ENUMERATED: -+ case ASN1_ETYPE_OBJECT_ID: -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ case ASN1_ETYPE_BIT_STRING: -+ case ASN1_ETYPE_SEQUENCE: -+ case ASN1_ETYPE_SEQUENCE_OF: -+ case ASN1_ETYPE_SET: -+ case ASN1_ETYPE_SET_OF: -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ case ASN1_ETYPE_UTC_TIME: -+ if ((class != _asn1_tags[type].class) -+ || (tag != _asn1_tags[type].tag)) -+ return ASN1_DER_ERROR; -+ break; -+ -+ case ASN1_ETYPE_OCTET_STRING: -+ /* OCTET STRING is handled differently to allow -+ * BER encodings (structured class). */ -+ if (((class != ASN1_CLASS_UNIVERSAL) -+ && (class != (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED))) -+ || (tag != ASN1_TAG_OCTET_STRING)) -+ return ASN1_DER_ERROR; -+ break; -+ case ASN1_ETYPE_ANY: -+ counter -= len2; -+ break; -+ case ASN1_ETYPE_CHOICE: -+ counter -= len2; -+ break; -+ default: -+ return ASN1_DER_ERROR; -+ break; -+ } -+ } -+ -+ counter += len2; -+ *tag_len = counter; -+ if (inner_tag_len) -+ *inner_tag_len = len2; -+ return ASN1_SUCCESS; -+ -+cleanup: -+ return result; -+} -+ -+static int -+extract_tag_der_recursive(asn1_node node, const unsigned char *der, int der_len, -+ int *ret_len, int *inner_len, unsigned flags) -+{ -+asn1_node p; -+int ris = ASN1_DER_ERROR; -+ -+ if (type_field (node->type) == ASN1_ETYPE_CHOICE) -+ { -+ p = node->down; -+ while (p) -+ { -+ ris = _asn1_extract_tag_der (p, der, der_len, ret_len, inner_len, flags); -+ if (ris == ASN1_SUCCESS) -+ break; -+ p = p->right; -+ } -+ -+ *ret_len = 0; -+ return ris; -+ } -+ else -+ return _asn1_extract_tag_der (node, der, der_len, ret_len, inner_len, flags); -+} -+ -+static int -+_asn1_delete_not_used (asn1_node node) -+{ -+ asn1_node p, p2; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ while (p) -+ { -+ if (p->type & CONST_NOT_USED) -+ { -+ p2 = NULL; -+ if (p != node) -+ { -+ p2 = _asn1_find_left (p); -+ if (!p2) -+ p2 = _asn1_find_up (p); -+ } -+ asn1_delete_structure (&p); -+ p = p2; -+ } -+ -+ if (!p) -+ break; /* reach node */ -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else -+ { -+ if (p == node) -+ p = NULL; -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == node) -+ { -+ p = NULL; -+ break; -+ } -+ if (p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ } -+ return ASN1_SUCCESS; -+} -+ -+static int -+_asn1_get_indefinite_length_string (const unsigned char *der, -+ int der_len, int *len) -+{ -+ int len2, len3, counter, indefinite; -+ int result; -+ unsigned long tag; -+ unsigned char class; -+ -+ counter = indefinite = 0; -+ -+ while (1) -+ { -+ if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0)) -+ { -+ counter += 2; -+ DECR_LEN(der_len, 2); -+ -+ indefinite--; -+ if (indefinite <= 0) -+ break; -+ else -+ continue; -+ } -+ -+ if (asn1_get_tag_der -+ (der + counter, der_len, &class, &len2, -+ &tag) != ASN1_SUCCESS) -+ return ASN1_DER_ERROR; -+ -+ DECR_LEN(der_len, len2); -+ counter += len2; -+ -+ len2 = asn1_get_length_der (der + counter, der_len, &len3); -+ if (len2 < -1) -+ return ASN1_DER_ERROR; -+ -+ if (len2 == -1) -+ { -+ indefinite++; -+ counter += 1; -+ DECR_LEN(der_len, 1); -+ } -+ else -+ { -+ counter += len2 + len3; -+ DECR_LEN(der_len, len2+len3); -+ } -+ } -+ -+ *len = counter; -+ return ASN1_SUCCESS; -+ -+cleanup: -+ return result; -+} -+ -+static void delete_unneeded_choice_fields(asn1_node p) -+{ -+ asn1_node p2; -+ -+ while (p->right) -+ { -+ p2 = p->right; -+ asn1_delete_structure (&p2); -+ } -+} -+ -+ -+/** -+ * asn1_der_decoding2 -+ * @element: pointer to an ASN1 structure. -+ * @ider: vector that contains the DER encoding. -+ * @max_ider_len: pointer to an integer giving the information about the -+ * maximal number of bytes occupied by *@ider. The real size of the DER -+ * encoding is returned through this pointer. -+ * @flags: flags controlling the behaviour of the function. -+ * @errorDescription: null-terminated string contains details when an -+ * error occurred. -+ * -+ * Fill the structure *@element with values of a DER encoding string. The -+ * structure must just be created with function asn1_create_element(). -+ * -+ * If %ASN1_DECODE_FLAG_ALLOW_PADDING flag is set then the function will ignore -+ * padding after the decoded DER data. Upon a successful return the value of -+ * *@max_ider_len will be set to the number of bytes decoded. -+ * -+ * If %ASN1_DECODE_FLAG_STRICT_DER flag is set then the function will -+ * not decode any BER-encoded elements. -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND -+ * if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or -+ * %ASN1_DER_ERROR if the der encoding doesn't match the structure -+ * name (*@ELEMENT deleted). -+ **/ -+int -+asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len, -+ unsigned int flags, char *errorDescription) -+{ -+ asn1_node node, p, p2, p3; -+ char temp[128]; -+ int counter, len2, len3, len4, move, ris, tlen; -+ struct node_tail_cache_st tcache = {NULL, NULL}; -+ unsigned char class; -+ unsigned long tag; -+ int tag_len; -+ int indefinite, result, total_len = *max_ider_len, ider_len = *max_ider_len; -+ int inner_tag_len; -+ unsigned char *ptmp; -+ const unsigned char *ptag; -+ const unsigned char *der = ider; -+ -+ node = *element; -+ -+ if (errorDescription != NULL) -+ errorDescription[0] = 0; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ if (node->type & CONST_OPTION) -+ { -+ result = ASN1_GENERIC_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ counter = 0; -+ move = DOWN; -+ p = node; -+ while (1) -+ { -+ tag_len = 0; -+ inner_tag_len = 0; -+ ris = ASN1_SUCCESS; -+ if (move != UP) -+ { -+ if (p->type & CONST_SET) -+ { -+ p2 = _asn1_find_up (p); -+ len2 = p2->tmp_ival; -+ if (len2 == -1) -+ { -+ if (HAVE_TWO(ider_len) && !der[counter] && !der[counter + 1]) -+ { -+ p = p2; -+ move = UP; -+ counter += 2; -+ DECR_LEN(ider_len, 2); -+ continue; -+ } -+ } -+ else if (counter == len2) -+ { -+ p = p2; -+ move = UP; -+ continue; -+ } -+ else if (counter > len2) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ p2 = p2->down; -+ while (p2) -+ { -+ if ((p2->type & CONST_SET) && (p2->type & CONST_NOT_USED)) -+ { -+ ris = -+ extract_tag_der_recursive (p2, der + counter, -+ ider_len, &len2, NULL, flags); -+ if (ris == ASN1_SUCCESS) -+ { -+ p2->type &= ~CONST_NOT_USED; -+ p = p2; -+ break; -+ } -+ } -+ p2 = p2->right; -+ } -+ if (p2 == NULL) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ -+ /* the position in the DER structure this starts */ -+ p->start = counter; -+ p->end = total_len - 1; -+ -+ if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) -+ { -+ p2 = _asn1_find_up (p); -+ len2 = p2->tmp_ival; -+ if (counter == len2) -+ { -+ if (p->right) -+ { -+ p2 = p->right; -+ move = RIGHT; -+ } -+ else -+ move = UP; -+ -+ if (p->type & CONST_OPTION) -+ asn1_delete_structure (&p); -+ -+ p = p2; -+ continue; -+ } -+ } -+ -+ if (type_field (p->type) == ASN1_ETYPE_CHOICE) -+ { -+ while (p->down) -+ { -+ ris = -+ extract_tag_der_recursive (p->down, der + counter, -+ ider_len, &len2, NULL, flags); -+ -+ if (ris == ASN1_SUCCESS) -+ { -+ delete_unneeded_choice_fields(p->down); -+ break; -+ } -+ else if (ris == ASN1_ERROR_TYPE_ANY) -+ { -+ result = ASN1_ERROR_TYPE_ANY; -+ warn(); -+ goto cleanup; -+ } -+ else -+ { -+ p2 = p->down; -+ asn1_delete_structure (&p2); -+ } -+ } -+ -+ if (p->down == NULL) -+ { -+ if (!(p->type & CONST_OPTION)) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ else if (type_field (p->type) != ASN1_ETYPE_CHOICE) -+ p = p->down; -+ -+ p->start = counter; -+ } -+ -+ if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) -+ { -+ p2 = _asn1_find_up (p); -+ len2 = p2->tmp_ival; -+ -+ if ((len2 != -1) && (counter > len2)) -+ ris = ASN1_TAG_ERROR; -+ } -+ -+ if (ris == ASN1_SUCCESS) -+ ris = -+ extract_tag_der_recursive (p, der + counter, ider_len, -+ &tag_len, &inner_tag_len, flags); -+ -+ if (ris != ASN1_SUCCESS) -+ { -+ if (p->type & CONST_OPTION) -+ { -+ p->type |= CONST_NOT_USED; -+ move = RIGHT; -+ } -+ else if (p->type & CONST_DEFAULT) -+ { -+ _asn1_set_value (p, NULL, 0); -+ move = RIGHT; -+ } -+ else -+ { -+ if (errorDescription != NULL) -+ _asn1_error_description_tag_error (p, errorDescription); -+ -+ result = ASN1_TAG_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ else -+ { -+ DECR_LEN(ider_len, tag_len); -+ counter += tag_len; -+ } -+ } -+ -+ if (ris == ASN1_SUCCESS) -+ { -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_NULL: -+ DECR_LEN(ider_len, 1); -+ if (der[counter]) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ counter++; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_BOOLEAN: -+ DECR_LEN(ider_len, 2); -+ -+ if (der[counter++] != 1) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ if (der[counter++] == 0) -+ _asn1_set_value (p, "F", 1); -+ else -+ _asn1_set_value (p, "T", 1); -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_INTEGER: -+ case ASN1_ETYPE_ENUMERATED: -+ len2 = -+ asn1_get_length_der (der + counter, ider_len, &len3); -+ if (len2 < 0) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len3+len2); -+ -+ _asn1_set_value (p, der + counter, len3 + len2); -+ counter += len3 + len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_OBJECT_ID: -+ result = -+ asn1_get_object_id_der (der + counter, ider_len, &len2, -+ temp, sizeof (temp)); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ -+ tlen = strlen (temp); -+ if (tlen > 0) -+ _asn1_set_value (p, temp, tlen + 1); -+ -+ counter += len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ case ASN1_ETYPE_UTC_TIME: -+ result = -+ _asn1_get_time_der (type_field (p->type), der + counter, ider_len, &len2, temp, -+ sizeof (temp) - 1, flags); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ -+ tlen = strlen (temp); -+ if (tlen > 0) -+ _asn1_set_value (p, temp, tlen); -+ -+ counter += len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_OCTET_STRING: -+ if (counter < inner_tag_len) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ ptag = der + counter - inner_tag_len; -+ if ((flags & ASN1_DECODE_FLAG_STRICT_DER) || !(ptag[0] & ASN1_CLASS_STRUCTURED)) -+ { -+ if (ptag[0] & ASN1_CLASS_STRUCTURED) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ len2 = -+ asn1_get_length_der (der + counter, ider_len, &len3); -+ if (len2 < 0) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len3+len2); -+ -+ _asn1_set_value (p, der + counter, len3 + len2); -+ counter += len3 + len2; -+ } -+ else -+ { -+ unsigned dflags = 0, vlen, ber_len; -+ -+ if (ptag[0] & ASN1_CLASS_STRUCTURED) -+ dflags |= DECODE_FLAG_CONSTRUCTED; -+ -+ result = _asn1_decode_simple_ber(type_field (p->type), der+counter, ider_len, &ptmp, &vlen, &ber_len, dflags); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, ber_len); -+ -+ _asn1_set_value_lv (p, ptmp, vlen); -+ -+ counter += ber_len; -+ free(ptmp); -+ } -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ case ASN1_ETYPE_BIT_STRING: -+ len2 = -+ asn1_get_length_der (der + counter, ider_len, &len3); -+ if (len2 < 0) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len3+len2); -+ -+ _asn1_set_value (p, der + counter, len3 + len2); -+ counter += len3 + len2; -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_SEQUENCE: -+ case ASN1_ETYPE_SET: -+ if (move == UP) -+ { -+ len2 = p->tmp_ival; -+ p->tmp_ival = 0; -+ if (len2 == -1) -+ { /* indefinite length method */ -+ DECR_LEN(ider_len, 2); -+ if ((der[counter]) || der[counter + 1]) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ counter += 2; -+ } -+ else -+ { /* definite length method */ -+ if (len2 != counter) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ move = RIGHT; -+ } -+ else -+ { /* move==DOWN || move==RIGHT */ -+ len3 = -+ asn1_get_length_der (der + counter, ider_len, &len2); -+ if (IS_ERR(len3, flags)) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ counter += len2; -+ -+ if (len3 > 0) -+ { -+ p->tmp_ival = counter + len3; -+ move = DOWN; -+ } -+ else if (len3 == 0) -+ { -+ p2 = p->down; -+ while (p2) -+ { -+ if (type_field (p2->type) != ASN1_ETYPE_TAG) -+ { -+ p3 = p2->right; -+ asn1_delete_structure (&p2); -+ p2 = p3; -+ } -+ else -+ p2 = p2->right; -+ } -+ move = RIGHT; -+ } -+ else -+ { /* indefinite length method */ -+ p->tmp_ival = -1; -+ move = DOWN; -+ } -+ } -+ break; -+ case ASN1_ETYPE_SEQUENCE_OF: -+ case ASN1_ETYPE_SET_OF: -+ if (move == UP) -+ { -+ len2 = p->tmp_ival; -+ if (len2 == -1) -+ { /* indefinite length method */ -+ if (!HAVE_TWO(ider_len) || ((der[counter]) || der[counter + 1])) -+ { -+ result = _asn1_append_sequence_set (p, &tcache); -+ if (result != 0) -+ { -+ warn(); -+ goto cleanup; -+ } -+ p = tcache.tail; -+ move = RIGHT; -+ continue; -+ } -+ -+ p->tmp_ival = 0; -+ tcache.tail = NULL; /* finished decoding this structure */ -+ tcache.head = NULL; -+ DECR_LEN(ider_len, 2); -+ counter += 2; -+ } -+ else -+ { /* definite length method */ -+ if (len2 > counter) -+ { -+ result = _asn1_append_sequence_set (p, &tcache); -+ if (result != 0) -+ { -+ warn(); -+ goto cleanup; -+ } -+ p = tcache.tail; -+ move = RIGHT; -+ continue; -+ } -+ -+ p->tmp_ival = 0; -+ tcache.tail = NULL; /* finished decoding this structure */ -+ tcache.head = NULL; -+ -+ if (len2 != counter) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ } -+ else -+ { /* move==DOWN || move==RIGHT */ -+ len3 = -+ asn1_get_length_der (der + counter, ider_len, &len2); -+ if (IS_ERR(len3, flags)) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ counter += len2; -+ if (len3) -+ { -+ if (len3 > 0) -+ { /* definite length method */ -+ p->tmp_ival = counter + len3; -+ } -+ else -+ { /* indefinite length method */ -+ p->tmp_ival = -1; -+ } -+ -+ p2 = p->down; -+ if (p2 == NULL) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ while ((type_field (p2->type) == ASN1_ETYPE_TAG) -+ || (type_field (p2->type) == ASN1_ETYPE_SIZE)) -+ p2 = p2->right; -+ if (p2->right == NULL) -+ { -+ result = _asn1_append_sequence_set (p, &tcache); -+ if (result != 0) -+ { -+ warn(); -+ goto cleanup; -+ } -+ } -+ p = p2; -+ } -+ } -+ move = RIGHT; -+ break; -+ case ASN1_ETYPE_ANY: -+ /* Check indefinite lenth method in an EXPLICIT TAG */ -+ -+ if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) && (p->type & CONST_TAG) && -+ tag_len == 2 && (der[counter - 1] == 0x80)) -+ indefinite = 1; -+ else -+ indefinite = 0; -+ -+ if (asn1_get_tag_der -+ (der + counter, ider_len, &class, &len2, -+ &tag) != ASN1_SUCCESS) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ -+ len4 = -+ asn1_get_length_der (der + counter + len2, -+ ider_len, &len3); -+ if (IS_ERR(len4, flags)) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ if (len4 != -1) /* definite */ -+ { -+ len2 += len4; -+ -+ DECR_LEN(ider_len, len4+len3); -+ _asn1_set_value_lv (p, der + counter, len2 + len3); -+ counter += len2 + len3; -+ } -+ else /* == -1 */ -+ { /* indefinite length */ -+ ider_len += len2; /* undo DECR_LEN */ -+ -+ if (counter == 0) -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ -+ result = -+ _asn1_get_indefinite_length_string (der + counter, ider_len, &len2); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ DECR_LEN(ider_len, len2); -+ _asn1_set_value_lv (p, der + counter, len2); -+ counter += len2; -+ -+ } -+ -+ /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with -+ an indefinite length method. */ -+ if (indefinite) -+ { -+ DECR_LEN(ider_len, 2); -+ if (!der[counter] && !der[counter + 1]) -+ { -+ counter += 2; -+ } -+ else -+ { -+ result = ASN1_DER_ERROR; -+ warn(); -+ goto cleanup; -+ } -+ } -+ -+ move = RIGHT; -+ break; -+ default: -+ move = (move == UP) ? RIGHT : DOWN; -+ break; -+ } -+ } -+ -+ if (p) -+ { -+ p->end = counter - 1; -+ } -+ -+ if (p == node && move != DOWN) -+ break; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ if ((move == RIGHT) && !(p->type & CONST_SET)) -+ { -+ if (p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ _asn1_delete_not_used (*element); -+ -+ if ((ider_len < 0) || -+ (!(flags & ASN1_DECODE_FLAG_ALLOW_PADDING) && (ider_len != 0))) -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ -+ *max_ider_len = total_len - ider_len; -+ -+ return ASN1_SUCCESS; -+ -+cleanup: -+ asn1_delete_structure (element); -+ return result; -+} -+ -+ -+/** -+ * asn1_der_decoding: -+ * @element: pointer to an ASN1 structure. -+ * @ider: vector that contains the DER encoding. -+ * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1]. -+ * @errorDescription: null-terminated string contains details when an -+ * error occurred. -+ * -+ * Fill the structure *@element with values of a DER encoding -+ * string. The structure must just be created with function -+ * asn1_create_element(). -+ * -+ * Note that the *@element variable is provided as a pointer for -+ * historical reasons. -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND -+ * if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or -+ * %ASN1_DER_ERROR if the der encoding doesn't match the structure -+ * name (*@ELEMENT deleted). -+ **/ -+int -+asn1_der_decoding (asn1_node * element, const void *ider, int ider_len, -+ char *errorDescription) -+{ -+ return asn1_der_decoding2 (element, ider, &ider_len, 0, errorDescription); -+} -+ -+/** -+ * asn1_der_decoding_element: -+ * @structure: pointer to an ASN1 structure -+ * @elementName: name of the element to fill -+ * @ider: vector that contains the DER encoding of the whole structure. -+ * @len: number of bytes of *der: der[0]..der[len-1] -+ * @errorDescription: null-terminated string contains details when an -+ * error occurred. -+ * -+ * Fill the element named @ELEMENTNAME with values of a DER encoding -+ * string. The structure must just be created with function -+ * asn1_create_element(). The DER vector must contain the encoding -+ * string of the whole @STRUCTURE. If an error occurs during the -+ * decoding procedure, the *@STRUCTURE is deleted and set equal to -+ * %NULL. -+ * -+ * This function is deprecated and may just be an alias to asn1_der_decoding -+ * in future versions. Use asn1_der_decoding() instead. -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND -+ * if ELEMENT is %NULL or @elementName == NULL, and -+ * %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding doesn't -+ * match the structure @structure (*ELEMENT deleted). -+ **/ -+int -+asn1_der_decoding_element (asn1_node * structure, const char *elementName, -+ const void *ider, int len, char *errorDescription) -+{ -+ return asn1_der_decoding(structure, ider, len, errorDescription); -+} -+ -+/** -+ * asn1_der_decoding_startEnd: -+ * @element: pointer to an ASN1 element -+ * @ider: vector that contains the DER encoding. -+ * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1] -+ * @name_element: an element of NAME structure. -+ * @start: the position of the first byte of NAME_ELEMENT decoding -+ * (@ider[*start]) -+ * @end: the position of the last byte of NAME_ELEMENT decoding -+ * (@ider[*end]) -+ * -+ * Find the start and end point of an element in a DER encoding -+ * string. I mean that if you have a der encoding and you have already -+ * used the function asn1_der_decoding() to fill a structure, it may -+ * happen that you want to find the piece of string concerning an -+ * element of the structure. -+ * -+ * One example is the sequence "tbsCertificate" inside an X509 -+ * certificate. -+ * -+ * Note that since libtasn1 3.7 the @ider and @ider_len parameters -+ * can be omitted, if the element is already decoded using asn1_der_decoding(). -+ * -+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND -+ * if ELEMENT is %asn1_node EMPTY or @name_element is not a valid -+ * element, %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding -+ * doesn't match the structure ELEMENT. -+ **/ -+int -+asn1_der_decoding_startEnd (asn1_node element, const void *ider, int ider_len, -+ const char *name_element, int *start, int *end) -+{ -+ asn1_node node, node_to_find; -+ int result = ASN1_DER_ERROR; -+ -+ node = element; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ node_to_find = asn1_find_node (node, name_element); -+ -+ if (node_to_find == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ *start = node_to_find->start; -+ *end = node_to_find->end; -+ -+ if (*start == 0 && *end == 0) -+ { -+ if (ider == NULL || ider_len == 0) -+ return ASN1_GENERIC_ERROR; -+ -+ /* it seems asn1_der_decoding() wasn't called before. Do it now */ -+ result = asn1_der_decoding (&node, ider, ider_len, NULL); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ return result; -+ } -+ -+ node_to_find = asn1_find_node (node, name_element); -+ if (node_to_find == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ *start = node_to_find->start; -+ *end = node_to_find->end; -+ } -+ -+ if (*end < *start) -+ return ASN1_GENERIC_ERROR; -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_expand_any_defined_by: -+ * @definitions: ASN1 definitions -+ * @element: pointer to an ASN1 structure -+ * -+ * Expands every "ANY DEFINED BY" element of a structure created from -+ * a DER decoding process (asn1_der_decoding function). The element -+ * ANY must be defined by an OBJECT IDENTIFIER. The type used to -+ * expand the element ANY is the first one following the definition of -+ * the actual value of the OBJECT IDENTIFIER. -+ * -+ * Returns: %ASN1_SUCCESS if Substitution OK, %ASN1_ERROR_TYPE_ANY if -+ * some "ANY DEFINED BY" element couldn't be expanded due to a -+ * problem in OBJECT_ID -> TYPE association, or other error codes -+ * depending on DER decoding. -+ **/ -+int -+asn1_expand_any_defined_by (asn1_node_const definitions, asn1_node * element) -+{ -+ char name[2 * ASN1_MAX_NAME_SIZE + 2], -+ value[ASN1_MAX_NAME_SIZE]; -+ int retCode = ASN1_SUCCESS, result; -+ int len, len2, len3; -+ asn1_node_const p2; -+ asn1_node p, p3, aux = NULL; -+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ const char *definitionsName; -+ -+ if ((definitions == NULL) || (*element == NULL)) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ definitionsName = definitions->name; -+ -+ p = *element; -+ while (p) -+ { -+ -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_ANY: -+ if ((p->type & CONST_DEFINED_BY) && (p->value)) -+ { -+ /* search the "DEF_BY" element */ -+ p2 = p->down; -+ while ((p2) && (type_field (p2->type) != ASN1_ETYPE_CONSTANT)) -+ p2 = p2->right; -+ -+ if (!p2) -+ { -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ -+ p3 = _asn1_find_up (p); -+ -+ if (!p3) -+ { -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ -+ p3 = p3->down; -+ while (p3) -+ { -+ if (!(strcmp (p3->name, p2->name))) -+ break; -+ p3 = p3->right; -+ } -+ -+ if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) || -+ (p3->value == NULL)) -+ { -+ -+ p3 = _asn1_find_up (p); -+ p3 = _asn1_find_up (p3); -+ -+ if (!p3) -+ { -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ -+ p3 = p3->down; -+ -+ while (p3) -+ { -+ if (!(strcmp (p3->name, p2->name))) -+ break; -+ p3 = p3->right; -+ } -+ -+ if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) -+ || (p3->value == NULL)) -+ { -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ } -+ -+ /* search the OBJECT_ID into definitions */ -+ p2 = definitions->down; -+ while (p2) -+ { -+ if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p2->type & CONST_ASSIGN)) -+ { -+ snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name); -+ -+ len = ASN1_MAX_NAME_SIZE; -+ result = -+ asn1_read_value (definitions, name, value, &len); -+ -+ if ((result == ASN1_SUCCESS) -+ && (!_asn1_strcmp (p3->value, value))) -+ { -+ p2 = p2->right; /* pointer to the structure to -+ use for expansion */ -+ while ((p2) && (p2->type & CONST_ASSIGN)) -+ p2 = p2->right; -+ -+ if (p2) -+ { -+ snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name); -+ -+ result = -+ asn1_create_element (definitions, name, &aux); -+ if (result == ASN1_SUCCESS) -+ { -+ _asn1_cpy_name (aux, p); -+ len2 = -+ asn1_get_length_der (p->value, -+ p->value_len, &len3); -+ if (len2 < 0) -+ return ASN1_DER_ERROR; -+ -+ result = -+ asn1_der_decoding (&aux, p->value + len3, -+ len2, -+ errorDescription); -+ if (result == ASN1_SUCCESS) -+ { -+ -+ _asn1_set_right (aux, p->right); -+ _asn1_set_right (p, aux); -+ -+ result = asn1_delete_structure (&p); -+ if (result == ASN1_SUCCESS) -+ { -+ p = aux; -+ aux = NULL; -+ break; -+ } -+ else -+ { /* error with asn1_delete_structure */ -+ asn1_delete_structure (&aux); -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with asn1_der_decoding */ -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with asn1_create_element */ -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with the pointer to the structure to exapand */ -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ } -+ } -+ p2 = p2->right; -+ } /* end while */ -+ -+ if (!p2) -+ { -+ retCode = ASN1_ERROR_TYPE_ANY; -+ break; -+ } -+ -+ } -+ break; -+ default: -+ break; -+ } -+ -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else if (p == *element) -+ { -+ p = NULL; -+ break; -+ } -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == *element) -+ { -+ p = NULL; -+ break; -+ } -+ if (p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ -+ return retCode; -+} -+ -+/** -+ * asn1_expand_octet_string: -+ * @definitions: ASN1 definitions -+ * @element: pointer to an ASN1 structure -+ * @octetName: name of the OCTECT STRING field to expand. -+ * @objectName: name of the OBJECT IDENTIFIER field to use to define -+ * the type for expansion. -+ * -+ * Expands an "OCTET STRING" element of a structure created from a DER -+ * decoding process (the asn1_der_decoding() function). The type used -+ * for expansion is the first one following the definition of the -+ * actual value of the OBJECT IDENTIFIER indicated by OBJECTNAME. -+ * -+ * Returns: %ASN1_SUCCESS if substitution OK, %ASN1_ELEMENT_NOT_FOUND -+ * if @objectName or @octetName are not correct, -+ * %ASN1_VALUE_NOT_VALID if it wasn't possible to find the type to -+ * use for expansion, or other errors depending on DER decoding. -+ **/ -+int -+asn1_expand_octet_string (asn1_node_const definitions, asn1_node * element, -+ const char *octetName, const char *objectName) -+{ -+ char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE]; -+ int retCode = ASN1_SUCCESS, result; -+ int len, len2, len3; -+ asn1_node_const p2; -+ asn1_node aux = NULL; -+ asn1_node octetNode = NULL, objectNode = NULL; -+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ -+ if ((definitions == NULL) || (*element == NULL)) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ octetNode = asn1_find_node (*element, octetName); -+ if (octetNode == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ if (type_field (octetNode->type) != ASN1_ETYPE_OCTET_STRING) -+ return ASN1_ELEMENT_NOT_FOUND; -+ if (octetNode->value == NULL) -+ return ASN1_VALUE_NOT_FOUND; -+ -+ objectNode = asn1_find_node (*element, objectName); -+ if (objectNode == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ if (type_field (objectNode->type) != ASN1_ETYPE_OBJECT_ID) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ if (objectNode->value == NULL) -+ return ASN1_VALUE_NOT_FOUND; -+ -+ -+ /* search the OBJECT_ID into definitions */ -+ p2 = definitions->down; -+ while (p2) -+ { -+ if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p2->type & CONST_ASSIGN)) -+ { -+ strcpy (name, definitions->name); -+ strcat (name, "."); -+ strcat (name, p2->name); -+ -+ len = sizeof (value); -+ result = asn1_read_value (definitions, name, value, &len); -+ -+ if ((result == ASN1_SUCCESS) -+ && (!_asn1_strcmp (objectNode->value, value))) -+ { -+ -+ p2 = p2->right; /* pointer to the structure to -+ use for expansion */ -+ while ((p2) && (p2->type & CONST_ASSIGN)) -+ p2 = p2->right; -+ -+ if (p2) -+ { -+ strcpy (name, definitions->name); -+ strcat (name, "."); -+ strcat (name, p2->name); -+ -+ result = asn1_create_element (definitions, name, &aux); -+ if (result == ASN1_SUCCESS) -+ { -+ _asn1_cpy_name (aux, octetNode); -+ len2 = -+ asn1_get_length_der (octetNode->value, -+ octetNode->value_len, &len3); -+ if (len2 < 0) -+ return ASN1_DER_ERROR; -+ -+ result = -+ asn1_der_decoding (&aux, octetNode->value + len3, -+ len2, errorDescription); -+ if (result == ASN1_SUCCESS) -+ { -+ -+ _asn1_set_right (aux, octetNode->right); -+ _asn1_set_right (octetNode, aux); -+ -+ result = asn1_delete_structure (&octetNode); -+ if (result == ASN1_SUCCESS) -+ { -+ aux = NULL; -+ break; -+ } -+ else -+ { /* error with asn1_delete_structure */ -+ asn1_delete_structure (&aux); -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with asn1_der_decoding */ -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with asn1_create_element */ -+ retCode = result; -+ break; -+ } -+ } -+ else -+ { /* error with the pointer to the structure to exapand */ -+ retCode = ASN1_VALUE_NOT_VALID; -+ break; -+ } -+ } -+ } -+ -+ p2 = p2->right; -+ -+ } -+ -+ if (!p2) -+ retCode = ASN1_VALUE_NOT_VALID; -+ -+ return retCode; -+} -+ -+/*- -+ * _asn1_decode_simple_der: -+ * @etype: The type of the string to be encoded (ASN1_ETYPE_) -+ * @der: the encoded string -+ * @_der_len: the bytes of the encoded string -+ * @str: a pointer to the data -+ * @str_len: the length of the data -+ * @dflags: DECODE_FLAG_* -+ * -+ * Decodes a simple DER encoded type (e.g. a string, which is not constructed). -+ * The output is a pointer inside the @der. -+ * -+ * Returns: %ASN1_SUCCESS if successful or an error value. -+ -*/ -+static int -+_asn1_decode_simple_der (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, const unsigned char **str, -+ unsigned int *str_len, unsigned dflags) -+{ -+ int tag_len, len_len; -+ const unsigned char *p; -+ int der_len = _der_len; -+ unsigned char class; -+ unsigned long tag; -+ long ret; -+ -+ if (der == NULL || der_len == 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ if (ETYPE_OK (etype) == 0 || ETYPE_IS_STRING(etype) == 0) -+ return ASN1_VALUE_NOT_VALID; -+ -+ /* doesn't handle constructed classes */ -+ class = ETYPE_CLASS(etype); -+ if (class != ASN1_CLASS_UNIVERSAL) -+ return ASN1_VALUE_NOT_VALID; -+ -+ p = der; -+ -+ if (dflags & DECODE_FLAG_HAVE_TAG) -+ { -+ ret = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag); -+ if (ret != ASN1_SUCCESS) -+ return ret; -+ -+ if (class != ETYPE_CLASS (etype) || tag != ETYPE_TAG (etype)) -+ { -+ warn(); -+ return ASN1_DER_ERROR; -+ } -+ -+ p += tag_len; -+ der_len -= tag_len; -+ if (der_len <= 0) -+ return ASN1_DER_ERROR; -+ } -+ -+ ret = asn1_get_length_der (p, der_len, &len_len); -+ if (ret < 0) -+ return ASN1_DER_ERROR; -+ -+ p += len_len; -+ der_len -= len_len; -+ if (der_len <= 0) -+ return ASN1_DER_ERROR; -+ -+ *str_len = ret; -+ *str = p; -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_decode_simple_der: -+ * @etype: The type of the string to be encoded (ASN1_ETYPE_) -+ * @der: the encoded string -+ * @_der_len: the bytes of the encoded string -+ * @str: a pointer to the data -+ * @str_len: the length of the data -+ * -+ * Decodes a simple DER encoded type (e.g. a string, which is not constructed). -+ * The output is a pointer inside the @der. -+ * -+ * Returns: %ASN1_SUCCESS if successful or an error value. -+ **/ -+int -+asn1_decode_simple_der (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, const unsigned char **str, -+ unsigned int *str_len) -+{ -+ return _asn1_decode_simple_der(etype, der, _der_len, str, str_len, DECODE_FLAG_HAVE_TAG); -+} -+ -+static int append(uint8_t **dst, unsigned *dst_size, const unsigned char *src, unsigned src_size) -+{ -+ if (src_size == 0) -+ return ASN1_SUCCESS; -+ -+ *dst = _asn1_realloc(*dst, *dst_size+src_size); -+ if (*dst == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ memcpy(*dst + *dst_size, src, src_size); -+ *dst_size += src_size; -+ return ASN1_SUCCESS; -+} -+ -+/*- -+ * _asn1_decode_simple_ber: -+ * @etype: The type of the string to be encoded (ASN1_ETYPE_) -+ * @der: the encoded string -+ * @_der_len: the bytes of the encoded string -+ * @str: a pointer to the data -+ * @str_len: the length of the data -+ * @ber_len: the total length occupied by BER (may be %NULL) -+ * @have_tag: whether a DER tag is included -+ * -+ * Decodes a BER encoded type. The output is an allocated value -+ * of the data. This decodes BER STRINGS only. Other types are -+ * decoded as DER. -+ * -+ * Returns: %ASN1_SUCCESS if successful or an error value. -+ -*/ -+static int -+_asn1_decode_simple_ber (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, unsigned char **str, -+ unsigned int *str_len, unsigned int *ber_len, -+ unsigned dflags) -+{ -+ int tag_len, len_len; -+ const unsigned char *p; -+ int der_len = _der_len; -+ uint8_t *total = NULL; -+ unsigned total_size = 0; -+ unsigned char class; -+ unsigned long tag; -+ unsigned char *out = NULL; -+ const unsigned char *cout = NULL; -+ unsigned out_len; -+ long result; -+ -+ if (ber_len) *ber_len = 0; -+ -+ if (der == NULL || der_len == 0) -+ { -+ warn(); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ if (ETYPE_OK (etype) == 0) -+ { -+ warn(); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ /* doesn't handle constructed + definite classes */ -+ class = ETYPE_CLASS (etype); -+ if (class != ASN1_CLASS_UNIVERSAL) -+ { -+ warn(); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ p = der; -+ -+ if (dflags & DECODE_FLAG_HAVE_TAG) -+ { -+ result = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ return result; -+ } -+ -+ if (tag != ETYPE_TAG (etype)) -+ { -+ warn(); -+ return ASN1_DER_ERROR; -+ } -+ -+ p += tag_len; -+ -+ DECR_LEN(der_len, tag_len); -+ -+ if (ber_len) *ber_len += tag_len; -+ } -+ -+ /* indefinite constructed */ -+ if ((((dflags & DECODE_FLAG_CONSTRUCTED) || class == ASN1_CLASS_STRUCTURED) && ETYPE_IS_STRING(etype)) && -+ !(dflags & DECODE_FLAG_LEVEL3)) -+ { -+ if (der_len == 0) -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ -+ if (der_len > 0 && p[0] == 0x80) /* indefinite */ -+ { -+ len_len = 1; -+ DECR_LEN(der_len, len_len); -+ p += len_len; -+ -+ if (ber_len) *ber_len += len_len; -+ -+ /* decode the available octet strings */ -+ do -+ { -+ unsigned tmp_len; -+ unsigned flags = DECODE_FLAG_HAVE_TAG; -+ -+ if (dflags & DECODE_FLAG_LEVEL1) -+ flags |= DECODE_FLAG_LEVEL2; -+ else if (dflags & DECODE_FLAG_LEVEL2) -+ flags |= DECODE_FLAG_LEVEL3; -+ else -+ flags |= DECODE_FLAG_LEVEL1; -+ -+ result = _asn1_decode_simple_ber(etype, p, der_len, &out, &out_len, &tmp_len, -+ flags); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ p += tmp_len; -+ DECR_LEN(der_len, tmp_len); -+ -+ if (ber_len) *ber_len += tmp_len; -+ -+ DECR_LEN(der_len, 2); /* we need the EOC */ -+ -+ result = append(&total, &total_size, out, out_len); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ free(out); -+ out = NULL; -+ -+ if (p[0] == 0 && p[1] == 0) /* EOC */ -+ { -+ if (ber_len) *ber_len += 2; -+ break; -+ } -+ -+ /* no EOC */ -+ der_len += 2; -+ -+ if (der_len == 2) -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ } -+ while(1); -+ } -+ else /* constructed */ -+ { -+ long const_len; -+ -+ result = asn1_get_length_ber(p, der_len, &len_len); -+ if (result < 0) -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ -+ DECR_LEN(der_len, len_len); -+ p += len_len; -+ -+ const_len = result; -+ -+ if (ber_len) *ber_len += len_len; -+ -+ /* decode the available octet strings */ -+ while(const_len > 0) -+ { -+ unsigned tmp_len; -+ unsigned flags = DECODE_FLAG_HAVE_TAG; -+ -+ if (dflags & DECODE_FLAG_LEVEL1) -+ flags |= DECODE_FLAG_LEVEL2; -+ else if (dflags & DECODE_FLAG_LEVEL2) -+ flags |= DECODE_FLAG_LEVEL3; -+ else -+ flags |= DECODE_FLAG_LEVEL1; -+ -+ result = _asn1_decode_simple_ber(etype, p, der_len, &out, &out_len, &tmp_len, -+ flags); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ p += tmp_len; -+ DECR_LEN(der_len, tmp_len); -+ DECR_LEN(const_len, tmp_len); -+ -+ if (ber_len) *ber_len += tmp_len; -+ -+ result = append(&total, &total_size, out, out_len); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ free(out); -+ out = NULL; -+ } -+ } -+ } -+ else if (class == ETYPE_CLASS(etype)) -+ { -+ if (ber_len) -+ { -+ result = asn1_get_length_der (p, der_len, &len_len); -+ if (result < 0) -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ *ber_len += result + len_len; -+ } -+ -+ /* non-string values are decoded as DER */ -+ result = _asn1_decode_simple_der(etype, der, _der_len, &cout, &out_len, dflags); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ -+ result = append(&total, &total_size, cout, out_len); -+ if (result != ASN1_SUCCESS) -+ { -+ warn(); -+ goto cleanup; -+ } -+ } -+ else -+ { -+ warn(); -+ result = ASN1_DER_ERROR; -+ goto cleanup; -+ } -+ -+ *str = total; -+ *str_len = total_size; -+ -+ return ASN1_SUCCESS; -+cleanup: -+ free(out); -+ free(total); -+ return result; -+} -+ -+/** -+ * asn1_decode_simple_ber: -+ * @etype: The type of the string to be encoded (ASN1_ETYPE_) -+ * @der: the encoded string -+ * @_der_len: the bytes of the encoded string -+ * @str: a pointer to the data -+ * @str_len: the length of the data -+ * @ber_len: the total length occupied by BER (may be %NULL) -+ * -+ * Decodes a BER encoded type. The output is an allocated value -+ * of the data. This decodes BER STRINGS only. Other types are -+ * decoded as DER. -+ * -+ * Returns: %ASN1_SUCCESS if successful or an error value. -+ **/ -+int -+asn1_decode_simple_ber (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, unsigned char **str, -+ unsigned int *str_len, unsigned int *ber_len) -+{ -+ return _asn1_decode_simple_ber(etype, der, _der_len, str, str_len, ber_len, DECODE_FLAG_HAVE_TAG); -+} -diff --git a/grub-core/lib/libtasn1/lib/element.c b/grub-core/lib/libtasn1/lib/element.c -new file mode 100644 -index 00000000000..997eb2725dc ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/element.c -@@ -0,0 +1,1111 @@ -+/* -+ * Copyright (C) 2000-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+/*****************************************************/ -+/* File: element.c */ -+/* Description: Functions with the read and write */ -+/* functions. */ -+/*****************************************************/ -+ -+ -+#include -+#include "parser_aux.h" -+#include -+#include "structure.h" -+#include "c-ctype.h" -+#include "element.h" -+ -+void -+_asn1_hierarchical_name (asn1_node_const node, char *name, int name_size) -+{ -+ asn1_node_const p; -+ char tmp_name[64]; -+ -+ p = node; -+ -+ name[0] = 0; -+ -+ while (p != NULL) -+ { -+ if (p->name[0] != 0) -+ { -+ _asn1_str_cpy (tmp_name, sizeof (tmp_name), name), -+ _asn1_str_cpy (name, name_size, p->name); -+ _asn1_str_cat (name, name_size, "."); -+ _asn1_str_cat (name, name_size, tmp_name); -+ } -+ p = _asn1_find_up (p); -+ } -+ -+ if (name[0] == 0) -+ _asn1_str_cpy (name, name_size, "ROOT"); -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_convert_integer */ -+/* Description: converts an integer from a null terminated string */ -+/* to der decoding. The convertion from a null */ -+/* terminated string to an integer is made with */ -+/* the 'strtol' function. */ -+/* Parameters: */ -+/* value: null terminated string to convert. */ -+/* value_out: convertion result (memory must be already */ -+/* allocated). */ -+/* value_out_size: number of bytes of value_out. */ -+/* len: number of significant byte of value_out. */ -+/* Return: ASN1_MEM_ERROR or ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_convert_integer (const unsigned char *value, unsigned char *value_out, -+ int value_out_size, int *len) -+{ -+ char negative; -+ unsigned char val[SIZEOF_UNSIGNED_LONG_INT]; -+ long valtmp; -+ int k, k2; -+ -+ valtmp = _asn1_strtol (value, NULL, 10); -+ -+ for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++) -+ { -+ val[SIZEOF_UNSIGNED_LONG_INT - k - 1] = (valtmp >> (8 * k)) & 0xFF; -+ } -+ -+ if (val[0] & 0x80) -+ negative = 1; -+ else -+ negative = 0; -+ -+ for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT - 1; k++) -+ { -+ if (negative && (val[k] != 0xFF)) -+ break; -+ else if (!negative && val[k]) -+ break; -+ } -+ -+ if ((negative && !(val[k] & 0x80)) || (!negative && (val[k] & 0x80))) -+ k--; -+ -+ *len = SIZEOF_UNSIGNED_LONG_INT - k; -+ -+ if (SIZEOF_UNSIGNED_LONG_INT - k > value_out_size) -+ /* VALUE_OUT is too short to contain the value conversion */ -+ return ASN1_MEM_ERROR; -+ -+ if (value_out != NULL) -+ { -+ for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) -+ value_out[k2 - k] = val[k2]; -+ } -+ -+#if 0 -+ printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); -+ for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++) -+ printf (", vOut[%d]=%d", k, value_out[k]); -+ printf ("\n"); -+#endif -+ -+ return ASN1_SUCCESS; -+} -+ -+/* Appends a new element into the sequence (or set) defined by this -+ * node. The new element will have a name of '?number', where number -+ * is a monotonically increased serial number. -+ * -+ * The last element in the list may be provided in @pcache, to avoid -+ * traversing the list, an expensive operation in long lists. -+ * -+ * On success it returns in @pcache the added element (which is the -+ * tail in the list of added elements). -+ */ -+int -+_asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache) -+{ -+ asn1_node p, p2; -+ char temp[LTOSTR_MAX_SIZE]; -+ long n; -+ -+ if (!node || !(node->down)) -+ return ASN1_GENERIC_ERROR; -+ -+ p = node->down; -+ while ((type_field (p->type) == ASN1_ETYPE_TAG) -+ || (type_field (p->type) == ASN1_ETYPE_SIZE)) -+ p = p->right; -+ -+ p2 = _asn1_copy_structure3 (p); -+ if (p2 == NULL) -+ return ASN1_GENERIC_ERROR; -+ -+ if (pcache == NULL || pcache->tail == NULL || pcache->head != node) -+ { -+ while (p->right) -+ { -+ p = p->right; -+ } -+ } -+ else -+ { -+ p = pcache->tail; -+ } -+ -+ _asn1_set_right (p, p2); -+ if (pcache) -+ { -+ pcache->head = node; -+ pcache->tail = p2; -+ } -+ -+ if (p->name[0] == 0) -+ _asn1_str_cpy (temp, sizeof (temp), "?1"); -+ else -+ { -+ n = strtol (p->name + 1, NULL, 0); -+ n++; -+ temp[0] = '?'; -+ _asn1_ltostr (n, temp + 1); -+ } -+ _asn1_set_name (p2, temp); -+ /* p2->type |= CONST_OPTION; */ -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_write_value: -+ * @node_root: pointer to a structure -+ * @name: the name of the element inside the structure that you want to set. -+ * @ivalue: vector used to specify the value to set. If len is >0, -+ * VALUE must be a two's complement form integer. if len=0 *VALUE -+ * must be a null terminated string with an integer value. -+ * @len: number of bytes of *value to use to set the value: -+ * value[0]..value[len-1] or 0 if value is a null terminated string -+ * -+ * Set the value of one element inside a structure. -+ * -+ * If an element is OPTIONAL and you want to delete it, you must use -+ * the value=NULL and len=0. Using "pkix.asn": -+ * -+ * result=asn1_write_value(cert, "tbsCertificate.issuerUniqueID", -+ * NULL, 0); -+ * -+ * Description for each type: -+ * -+ * INTEGER: VALUE must contain a two's complement form integer. -+ * -+ * value[0]=0xFF , len=1 -> integer=-1. -+ * value[0]=0xFF value[1]=0xFF , len=2 -> integer=-1. -+ * value[0]=0x01 , len=1 -> integer= 1. -+ * value[0]=0x00 value[1]=0x01 , len=2 -> integer= 1. -+ * value="123" , len=0 -> integer= 123. -+ * -+ * ENUMERATED: As INTEGER (but only with not negative numbers). -+ * -+ * BOOLEAN: VALUE must be the null terminated string "TRUE" or -+ * "FALSE" and LEN != 0. -+ * -+ * value="TRUE" , len=1 -> boolean=TRUE. -+ * value="FALSE" , len=1 -> boolean=FALSE. -+ * -+ * OBJECT IDENTIFIER: VALUE must be a null terminated string with -+ * each number separated by a dot (e.g. "1.2.3.543.1"). LEN != 0. -+ * -+ * value="1 2 840 10040 4 3" , len=1 -> OID=dsa-with-sha. -+ * -+ * UTCTime: VALUE must be a null terminated string in one of these -+ * formats: "YYMMDDhhmmssZ", "YYMMDDhhmmssZ", -+ * "YYMMDDhhmmss+hh'mm'", "YYMMDDhhmmss-hh'mm'", -+ * "YYMMDDhhmm+hh'mm'", or "YYMMDDhhmm-hh'mm'". LEN != 0. -+ * -+ * value="9801011200Z" , len=1 -> time=Jannuary 1st, 1998 -+ * at 12h 00m Greenwich Mean Time -+ * -+ * GeneralizedTime: VALUE must be in one of this format: -+ * "YYYYMMDDhhmmss.sZ", "YYYYMMDDhhmmss.sZ", -+ * "YYYYMMDDhhmmss.s+hh'mm'", "YYYYMMDDhhmmss.s-hh'mm'", -+ * "YYYYMMDDhhmm+hh'mm'", or "YYYYMMDDhhmm-hh'mm'" where ss.s -+ * indicates the seconds with any precision like "10.1" or "01.02". -+ * LEN != 0 -+ * -+ * value="2001010112001.12-0700" , len=1 -> time=Jannuary -+ * 1st, 2001 at 12h 00m 01.12s Pacific Daylight Time -+ * -+ * OCTET STRING: VALUE contains the octet string and LEN is the -+ * number of octets. -+ * -+ * value="$\backslash$x01$\backslash$x02$\backslash$x03" , -+ * len=3 -> three bytes octet string -+ * -+ * GeneralString: VALUE contains the generalstring and LEN is the -+ * number of octets. -+ * -+ * value="$\backslash$x01$\backslash$x02$\backslash$x03" , -+ * len=3 -> three bytes generalstring -+ * -+ * BIT STRING: VALUE contains the bit string organized by bytes and -+ * LEN is the number of bits. -+ * -+ * value="$\backslash$xCF" , len=6 -> bit string="110011" (six -+ * bits) -+ * -+ * CHOICE: if NAME indicates a choice type, VALUE must specify one of -+ * the alternatives with a null terminated string. LEN != 0. Using -+ * "pkix.asn"\: -+ * -+ * result=asn1_write_value(cert, -+ * "certificate1.tbsCertificate.subject", "rdnSequence", -+ * 1); -+ * -+ * ANY: VALUE indicates the der encoding of a structure. LEN != 0. -+ * -+ * SEQUENCE OF: VALUE must be the null terminated string "NEW" and -+ * LEN != 0. With this instruction another element is appended in -+ * the sequence. The name of this element will be "?1" if it's the -+ * first one, "?2" for the second and so on. -+ * -+ * Using "pkix.asn"\: -+ * -+ * result=asn1_write_value(cert, -+ * "certificate1.tbsCertificate.subject.rdnSequence", "NEW", 1); -+ * -+ * SET OF: the same as SEQUENCE OF. Using "pkix.asn": -+ * -+ * result=asn1_write_value(cert, -+ * "tbsCertificate.subject.rdnSequence.?LAST", "NEW", 1); -+ * -+ * Returns: %ASN1_SUCCESS if the value was set, -+ * %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element, and -+ * %ASN1_VALUE_NOT_VALID if @ivalue has a wrong format. -+ **/ -+int -+asn1_write_value (asn1_node node_root, const char *name, -+ const void *ivalue, int len) -+{ -+ asn1_node node, p, p2; -+ unsigned char *temp, *value_temp = NULL, *default_temp = NULL; -+ int len2, k, k2, negative; -+ size_t i; -+ const unsigned char *value = ivalue; -+ unsigned int type; -+ -+ node = asn1_find_node (node_root, name); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ if ((node->type & CONST_OPTION) && (value == NULL) && (len == 0)) -+ { -+ asn1_delete_structure (&node); -+ return ASN1_SUCCESS; -+ } -+ -+ type = type_field (node->type); -+ -+ if ((type == ASN1_ETYPE_SEQUENCE_OF || type == ASN1_ETYPE_SET_OF) && (value == NULL) && (len == 0)) -+ { -+ p = node->down; -+ while ((type_field (p->type) == ASN1_ETYPE_TAG) -+ || (type_field (p->type) == ASN1_ETYPE_SIZE)) -+ p = p->right; -+ -+ while (p->right) -+ asn1_delete_structure (&p->right); -+ -+ return ASN1_SUCCESS; -+ } -+ -+ /* Don't allow element deletion for other types */ -+ if (value == NULL) -+ { -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ switch (type) -+ { -+ case ASN1_ETYPE_BOOLEAN: -+ if (!_asn1_strcmp (value, "TRUE")) -+ { -+ if (node->type & CONST_DEFAULT) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if (p->type & CONST_TRUE) -+ _asn1_set_value (node, NULL, 0); -+ else -+ _asn1_set_value (node, "T", 1); -+ } -+ else -+ _asn1_set_value (node, "T", 1); -+ } -+ else if (!_asn1_strcmp (value, "FALSE")) -+ { -+ if (node->type & CONST_DEFAULT) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if (p->type & CONST_FALSE) -+ _asn1_set_value (node, NULL, 0); -+ else -+ _asn1_set_value (node, "F", 1); -+ } -+ else -+ _asn1_set_value (node, "F", 1); -+ } -+ else -+ return ASN1_VALUE_NOT_VALID; -+ break; -+ case ASN1_ETYPE_INTEGER: -+ case ASN1_ETYPE_ENUMERATED: -+ if (len == 0) -+ { -+ if ((c_isdigit (value[0])) || (value[0] == '-')) -+ { -+ value_temp = malloc (SIZEOF_UNSIGNED_LONG_INT); -+ if (value_temp == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ -+ _asn1_convert_integer (value, value_temp, -+ SIZEOF_UNSIGNED_LONG_INT, &len); -+ } -+ else -+ { /* is an identifier like v1 */ -+ if (!(node->type & CONST_LIST)) -+ return ASN1_VALUE_NOT_VALID; -+ p = node->down; -+ while (p) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_CONSTANT) -+ { -+ if (!_asn1_strcmp (p->name, value)) -+ { -+ value_temp = malloc (SIZEOF_UNSIGNED_LONG_INT); -+ if (value_temp == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ -+ _asn1_convert_integer (p->value, -+ value_temp, -+ SIZEOF_UNSIGNED_LONG_INT, -+ &len); -+ break; -+ } -+ } -+ p = p->right; -+ } -+ if (p == NULL) -+ return ASN1_VALUE_NOT_VALID; -+ } -+ } -+ else -+ { /* len != 0 */ -+ value_temp = malloc (len); -+ if (value_temp == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ memcpy (value_temp, value, len); -+ } -+ -+ if (value_temp[0] & 0x80) -+ negative = 1; -+ else -+ negative = 0; -+ -+ if (negative && (type_field (node->type) == ASN1_ETYPE_ENUMERATED)) -+ { -+ free (value_temp); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ -+ for (k = 0; k < len - 1; k++) -+ if (negative && (value_temp[k] != 0xFF)) -+ break; -+ else if (!negative && value_temp[k]) -+ break; -+ -+ if ((negative && !(value_temp[k] & 0x80)) || -+ (!negative && (value_temp[k] & 0x80))) -+ k--; -+ -+ _asn1_set_value_lv (node, value_temp + k, len - k); -+ -+ if (node->type & CONST_DEFAULT) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if ((c_isdigit (p->value[0])) || (p->value[0] == '-')) -+ { -+ default_temp = malloc (SIZEOF_UNSIGNED_LONG_INT); -+ if (default_temp == NULL) -+ { -+ free (value_temp); -+ return ASN1_MEM_ALLOC_ERROR; -+ } -+ -+ _asn1_convert_integer (p->value, default_temp, -+ SIZEOF_UNSIGNED_LONG_INT, &len2); -+ } -+ else -+ { /* is an identifier like v1 */ -+ if (!(node->type & CONST_LIST)) -+ { -+ free (value_temp); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ p2 = node->down; -+ while (p2) -+ { -+ if (type_field (p2->type) == ASN1_ETYPE_CONSTANT) -+ { -+ if (!_asn1_strcmp (p2->name, p->value)) -+ { -+ default_temp = malloc (SIZEOF_UNSIGNED_LONG_INT); -+ if (default_temp == NULL) -+ { -+ free (value_temp); -+ return ASN1_MEM_ALLOC_ERROR; -+ } -+ -+ _asn1_convert_integer (p2->value, -+ default_temp, -+ SIZEOF_UNSIGNED_LONG_INT, -+ &len2); -+ break; -+ } -+ } -+ p2 = p2->right; -+ } -+ if (p2 == NULL) -+ { -+ free (value_temp); -+ return ASN1_VALUE_NOT_VALID; -+ } -+ } -+ -+ -+ if ((len - k) == len2) -+ { -+ for (k2 = 0; k2 < len2; k2++) -+ if (value_temp[k + k2] != default_temp[k2]) -+ { -+ break; -+ } -+ if (k2 == len2) -+ _asn1_set_value (node, NULL, 0); -+ } -+ free (default_temp); -+ } -+ free (value_temp); -+ break; -+ case ASN1_ETYPE_OBJECT_ID: -+ for (i = 0; i < _asn1_strlen (value); i++) -+ if ((!c_isdigit (value[i])) && (value[i] != '.') && (value[i] != '+')) -+ return ASN1_VALUE_NOT_VALID; -+ if (node->type & CONST_DEFAULT) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if (!_asn1_strcmp (value, p->value)) -+ { -+ _asn1_set_value (node, NULL, 0); -+ break; -+ } -+ } -+ _asn1_set_value (node, value, _asn1_strlen (value) + 1); -+ break; -+ case ASN1_ETYPE_UTC_TIME: -+ { -+ len = _asn1_strlen (value); -+ if (len < 11) -+ return ASN1_VALUE_NOT_VALID; -+ for (k = 0; k < 10; k++) -+ if (!c_isdigit (value[k])) -+ return ASN1_VALUE_NOT_VALID; -+ switch (len) -+ { -+ case 11: -+ if (value[10] != 'Z') -+ return ASN1_VALUE_NOT_VALID; -+ break; -+ case 13: -+ if ((!c_isdigit (value[10])) || (!c_isdigit (value[11])) || -+ (value[12] != 'Z')) -+ return ASN1_VALUE_NOT_VALID; -+ break; -+ case 15: -+ if ((value[10] != '+') && (value[10] != '-')) -+ return ASN1_VALUE_NOT_VALID; -+ for (k = 11; k < 15; k++) -+ if (!c_isdigit (value[k])) -+ return ASN1_VALUE_NOT_VALID; -+ break; -+ case 17: -+ if ((!c_isdigit (value[10])) || (!c_isdigit (value[11]))) -+ return ASN1_VALUE_NOT_VALID; -+ if ((value[12] != '+') && (value[12] != '-')) -+ return ASN1_VALUE_NOT_VALID; -+ for (k = 13; k < 17; k++) -+ if (!c_isdigit (value[k])) -+ return ASN1_VALUE_NOT_VALID; -+ break; -+ default: -+ return ASN1_VALUE_NOT_FOUND; -+ } -+ _asn1_set_value (node, value, len); -+ } -+ break; -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ len = _asn1_strlen (value); -+ _asn1_set_value (node, value, len); -+ break; -+ case ASN1_ETYPE_OCTET_STRING: -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ if (len == 0) -+ len = _asn1_strlen (value); -+ _asn1_set_value_lv (node, value, len); -+ break; -+ case ASN1_ETYPE_BIT_STRING: -+ if (len == 0) -+ len = _asn1_strlen (value); -+ asn1_length_der ((len >> 3) + 2, NULL, &len2); -+ temp = malloc ((len >> 3) + 2 + len2); -+ if (temp == NULL) -+ return ASN1_MEM_ALLOC_ERROR; -+ -+ asn1_bit_der (value, len, temp, &len2); -+ _asn1_set_value_m (node, temp, len2); -+ temp = NULL; -+ break; -+ case ASN1_ETYPE_CHOICE: -+ p = node->down; -+ while (p) -+ { -+ if (!_asn1_strcmp (p->name, value)) -+ { -+ p2 = node->down; -+ while (p2) -+ { -+ if (p2 != p) -+ { -+ asn1_delete_structure (&p2); -+ p2 = node->down; -+ } -+ else -+ p2 = p2->right; -+ } -+ break; -+ } -+ p = p->right; -+ } -+ if (!p) -+ return ASN1_ELEMENT_NOT_FOUND; -+ break; -+ case ASN1_ETYPE_ANY: -+ _asn1_set_value_lv (node, value, len); -+ break; -+ case ASN1_ETYPE_SEQUENCE_OF: -+ case ASN1_ETYPE_SET_OF: -+ if (_asn1_strcmp (value, "NEW")) -+ return ASN1_VALUE_NOT_VALID; -+ _asn1_append_sequence_set (node, NULL); -+ break; -+ default: -+ return ASN1_ELEMENT_NOT_FOUND; -+ break; -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+#define PUT_VALUE( ptr, ptr_size, data, data_size) \ -+ *len = data_size; \ -+ if (ptr_size < data_size) { \ -+ return ASN1_MEM_ERROR; \ -+ } else { \ -+ if (ptr && data_size > 0) \ -+ memcpy (ptr, data, data_size); \ -+ } -+ -+#define PUT_STR_VALUE( ptr, ptr_size, data) \ -+ *len = _asn1_strlen (data) + 1; \ -+ if (ptr_size < *len) { \ -+ return ASN1_MEM_ERROR; \ -+ } else { \ -+ /* this strcpy is checked */ \ -+ if (ptr) { \ -+ _asn1_strcpy (ptr, data); \ -+ } \ -+ } -+ -+#define PUT_AS_STR_VALUE( ptr, ptr_size, data, data_size) \ -+ *len = data_size + 1; \ -+ if (ptr_size < *len) { \ -+ return ASN1_MEM_ERROR; \ -+ } else { \ -+ /* this strcpy is checked */ \ -+ if (ptr) { \ -+ if (data_size > 0) \ -+ memcpy (ptr, data, data_size); \ -+ ptr[data_size] = 0; \ -+ } \ -+ } -+ -+#define ADD_STR_VALUE( ptr, ptr_size, data) \ -+ *len += _asn1_strlen(data); \ -+ if (ptr_size < (int) *len) { \ -+ (*len)++; \ -+ return ASN1_MEM_ERROR; \ -+ } else { \ -+ /* this strcat is checked */ \ -+ if (ptr) _asn1_strcat (ptr, data); \ -+ } -+ -+/** -+ * asn1_read_value: -+ * @root: pointer to a structure. -+ * @name: the name of the element inside a structure that you want to read. -+ * @ivalue: vector that will contain the element's content, must be a -+ * pointer to memory cells already allocated (may be %NULL). -+ * @len: number of bytes of *value: value[0]..value[len-1]. Initialy -+ * holds the sizeof value. -+ * -+ * Returns the value of one element inside a structure. -+ * If an element is OPTIONAL and this returns -+ * %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present -+ * in the der encoding that created the structure. The first element -+ * of a SEQUENCE_OF or SET_OF is named "?1". The second one "?2" and -+ * so on. If the @root provided is a node to specific sequence element, -+ * then the keyword "?CURRENT" is also acceptable and indicates the -+ * current sequence element of this node. -+ * -+ * Note that there can be valid values with length zero. In these case -+ * this function will succeed and @len will be zero. -+ * -+ * INTEGER: VALUE will contain a two's complement form integer. -+ * -+ * integer=-1 -> value[0]=0xFF , len=1. -+ * integer=1 -> value[0]=0x01 , len=1. -+ * -+ * ENUMERATED: As INTEGER (but only with not negative numbers). -+ * -+ * BOOLEAN: VALUE will be the null terminated string "TRUE" or -+ * "FALSE" and LEN=5 or LEN=6. -+ * -+ * OBJECT IDENTIFIER: VALUE will be a null terminated string with -+ * each number separated by a dot (i.e. "1.2.3.543.1"). -+ * -+ * LEN = strlen(VALUE)+1 -+ * -+ * UTCTime: VALUE will be a null terminated string in one of these -+ * formats: "YYMMDDhhmmss+hh'mm'" or "YYMMDDhhmmss-hh'mm'". -+ * LEN=strlen(VALUE)+1. -+ * -+ * GeneralizedTime: VALUE will be a null terminated string in the -+ * same format used to set the value. -+ * -+ * OCTET STRING: VALUE will contain the octet string and LEN will be -+ * the number of octets. -+ * -+ * GeneralString: VALUE will contain the generalstring and LEN will -+ * be the number of octets. -+ * -+ * BIT STRING: VALUE will contain the bit string organized by bytes -+ * and LEN will be the number of bits. -+ * -+ * CHOICE: If NAME indicates a choice type, VALUE will specify the -+ * alternative selected. -+ * -+ * ANY: If NAME indicates an any type, VALUE will indicate the DER -+ * encoding of the structure actually used. -+ * -+ * Returns: %ASN1_SUCCESS if value is returned, -+ * %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element, -+ * %ASN1_VALUE_NOT_FOUND if there isn't any value for the element -+ * selected, and %ASN1_MEM_ERROR if The value vector isn't big enough -+ * to store the result, and in this case @len will contain the number of -+ * bytes needed. On the occasion that the stored data are of zero-length -+ * this function may return %ASN1_SUCCESS even if the provided @len is zero. -+ **/ -+int -+asn1_read_value (asn1_node_const root, const char *name, void *ivalue, int *len) -+{ -+ return asn1_read_value_type (root, name, ivalue, len, NULL); -+} -+ -+/** -+ * asn1_read_value_type: -+ * @root: pointer to a structure. -+ * @name: the name of the element inside a structure that you want to read. -+ * @ivalue: vector that will contain the element's content, must be a -+ * pointer to memory cells already allocated (may be %NULL). -+ * @len: number of bytes of *value: value[0]..value[len-1]. Initialy -+ * holds the sizeof value. -+ * @etype: The type of the value read (ASN1_ETYPE) -+ * -+ * Returns the type and value of one element inside a structure. -+ * If an element is OPTIONAL and this returns -+ * %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present -+ * in the der encoding that created the structure. The first element -+ * of a SEQUENCE_OF or SET_OF is named "?1". The second one "?2" and -+ * so on. If the @root provided is a node to specific sequence element, -+ * then the keyword "?CURRENT" is also acceptable and indicates the -+ * current sequence element of this node. -+ * -+ * Note that there can be valid values with length zero. In these case -+ * this function will succeed and @len will be zero. -+ * -+ * -+ * INTEGER: VALUE will contain a two's complement form integer. -+ * -+ * integer=-1 -> value[0]=0xFF , len=1. -+ * integer=1 -> value[0]=0x01 , len=1. -+ * -+ * ENUMERATED: As INTEGER (but only with not negative numbers). -+ * -+ * BOOLEAN: VALUE will be the null terminated string "TRUE" or -+ * "FALSE" and LEN=5 or LEN=6. -+ * -+ * OBJECT IDENTIFIER: VALUE will be a null terminated string with -+ * each number separated by a dot (i.e. "1.2.3.543.1"). -+ * -+ * LEN = strlen(VALUE)+1 -+ * -+ * UTCTime: VALUE will be a null terminated string in one of these -+ * formats: "YYMMDDhhmmss+hh'mm'" or "YYMMDDhhmmss-hh'mm'". -+ * LEN=strlen(VALUE)+1. -+ * -+ * GeneralizedTime: VALUE will be a null terminated string in the -+ * same format used to set the value. -+ * -+ * OCTET STRING: VALUE will contain the octet string and LEN will be -+ * the number of octets. -+ * -+ * GeneralString: VALUE will contain the generalstring and LEN will -+ * be the number of octets. -+ * -+ * BIT STRING: VALUE will contain the bit string organized by bytes -+ * and LEN will be the number of bits. -+ * -+ * CHOICE: If NAME indicates a choice type, VALUE will specify the -+ * alternative selected. -+ * -+ * ANY: If NAME indicates an any type, VALUE will indicate the DER -+ * encoding of the structure actually used. -+ * -+ * Returns: %ASN1_SUCCESS if value is returned, -+ * %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element, -+ * %ASN1_VALUE_NOT_FOUND if there isn't any value for the element -+ * selected, and %ASN1_MEM_ERROR if The value vector isn't big enough -+ * to store the result, and in this case @len will contain the number of -+ * bytes needed. On the occasion that the stored data are of zero-length -+ * this function may return %ASN1_SUCCESS even if the provided @len is zero. -+ **/ -+int -+asn1_read_value_type (asn1_node_const root, const char *name, void *ivalue, -+ int *len, unsigned int *etype) -+{ -+ asn1_node_const node, p, p2; -+ int len2, len3, result; -+ int value_size = *len; -+ unsigned char *value = ivalue; -+ unsigned type; -+ -+ node = asn1_find_node (root, name); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ type = type_field (node->type); -+ -+ if ((type != ASN1_ETYPE_NULL) && -+ (type != ASN1_ETYPE_CHOICE) && -+ !(node->type & CONST_DEFAULT) && !(node->type & CONST_ASSIGN) && -+ (node->value == NULL)) -+ return ASN1_VALUE_NOT_FOUND; -+ -+ if (etype) -+ *etype = type; -+ switch (type) -+ { -+ case ASN1_ETYPE_NULL: -+ PUT_STR_VALUE (value, value_size, "NULL"); -+ break; -+ case ASN1_ETYPE_BOOLEAN: -+ if ((node->type & CONST_DEFAULT) && (node->value == NULL)) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if (p->type & CONST_TRUE) -+ { -+ PUT_STR_VALUE (value, value_size, "TRUE"); -+ } -+ else -+ { -+ PUT_STR_VALUE (value, value_size, "FALSE"); -+ } -+ } -+ else if (node->value[0] == 'T') -+ { -+ PUT_STR_VALUE (value, value_size, "TRUE"); -+ } -+ else -+ { -+ PUT_STR_VALUE (value, value_size, "FALSE"); -+ } -+ break; -+ case ASN1_ETYPE_INTEGER: -+ case ASN1_ETYPE_ENUMERATED: -+ if ((node->type & CONST_DEFAULT) && (node->value == NULL)) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ if ((c_isdigit (p->value[0])) || (p->value[0] == '-') -+ || (p->value[0] == '+')) -+ { -+ result = _asn1_convert_integer -+ (p->value, value, value_size, len); -+ if (result != ASN1_SUCCESS) -+ return result; -+ } -+ else -+ { /* is an identifier like v1 */ -+ p2 = node->down; -+ while (p2) -+ { -+ if (type_field (p2->type) == ASN1_ETYPE_CONSTANT) -+ { -+ if (!_asn1_strcmp (p2->name, p->value)) -+ { -+ result = _asn1_convert_integer -+ (p2->value, value, value_size, -+ len); -+ if (result != ASN1_SUCCESS) -+ return result; -+ break; -+ } -+ } -+ p2 = p2->right; -+ } -+ } -+ } -+ else -+ { -+ len2 = -1; -+ result = asn1_get_octet_der -+ (node->value, node->value_len, &len2, value, value_size, -+ len); -+ if (result != ASN1_SUCCESS) -+ return result; -+ } -+ break; -+ case ASN1_ETYPE_OBJECT_ID: -+ if (node->type & CONST_ASSIGN) -+ { -+ *len = 0; -+ if (value) -+ value[0] = 0; -+ p = node->down; -+ while (p) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_CONSTANT) -+ { -+ ADD_STR_VALUE (value, value_size, p->value); -+ if (p->right) -+ { -+ ADD_STR_VALUE (value, value_size, "."); -+ } -+ } -+ p = p->right; -+ } -+ (*len)++; -+ } -+ else if ((node->type & CONST_DEFAULT) && (node->value == NULL)) -+ { -+ p = node->down; -+ while (type_field (p->type) != ASN1_ETYPE_DEFAULT) -+ p = p->right; -+ PUT_STR_VALUE (value, value_size, p->value); -+ } -+ else -+ { -+ PUT_STR_VALUE (value, value_size, node->value); -+ } -+ break; -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ case ASN1_ETYPE_UTC_TIME: -+ PUT_AS_STR_VALUE (value, value_size, node->value, node->value_len); -+ break; -+ case ASN1_ETYPE_OCTET_STRING: -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ len2 = -1; -+ result = asn1_get_octet_der -+ (node->value, node->value_len, &len2, value, value_size, -+ len); -+ if (result != ASN1_SUCCESS) -+ return result; -+ break; -+ case ASN1_ETYPE_BIT_STRING: -+ len2 = -1; -+ result = asn1_get_bit_der -+ (node->value, node->value_len, &len2, value, value_size, -+ len); -+ if (result != ASN1_SUCCESS) -+ return result; -+ break; -+ case ASN1_ETYPE_CHOICE: -+ PUT_STR_VALUE (value, value_size, node->down->name); -+ break; -+ case ASN1_ETYPE_ANY: -+ len3 = -1; -+ len2 = asn1_get_length_der (node->value, node->value_len, &len3); -+ if (len2 < 0) -+ return ASN1_DER_ERROR; -+ PUT_VALUE (value, value_size, node->value + len3, len2); -+ break; -+ default: -+ return ASN1_ELEMENT_NOT_FOUND; -+ break; -+ } -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_read_tag: -+ * @root: pointer to a structure -+ * @name: the name of the element inside a structure. -+ * @tagValue: variable that will contain the TAG value. -+ * @classValue: variable that will specify the TAG type. -+ * -+ * Returns the TAG and the CLASS of one element inside a structure. -+ * CLASS can have one of these constants: %ASN1_CLASS_APPLICATION, -+ * %ASN1_CLASS_UNIVERSAL, %ASN1_CLASS_PRIVATE or -+ * %ASN1_CLASS_CONTEXT_SPECIFIC. -+ * -+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if -+ * @name is not a valid element. -+ **/ -+int -+asn1_read_tag (asn1_node_const root, const char *name, int *tagValue, -+ int *classValue) -+{ -+ asn1_node node, p, pTag; -+ -+ node = asn1_find_node (root, name); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node->down; -+ -+ /* pTag will points to the IMPLICIT TAG */ -+ pTag = NULL; -+ if (node->type & CONST_TAG) -+ { -+ while (p) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_TAG) -+ { -+ if ((p->type & CONST_IMPLICIT) && (pTag == NULL)) -+ pTag = p; -+ else if (p->type & CONST_EXPLICIT) -+ pTag = NULL; -+ } -+ p = p->right; -+ } -+ } -+ -+ if (pTag) -+ { -+ *tagValue = _asn1_strtoul (pTag->value, NULL, 10); -+ -+ if (pTag->type & CONST_APPLICATION) -+ *classValue = ASN1_CLASS_APPLICATION; -+ else if (pTag->type & CONST_UNIVERSAL) -+ *classValue = ASN1_CLASS_UNIVERSAL; -+ else if (pTag->type & CONST_PRIVATE) -+ *classValue = ASN1_CLASS_PRIVATE; -+ else -+ *classValue = ASN1_CLASS_CONTEXT_SPECIFIC; -+ } -+ else -+ { -+ unsigned type = type_field (node->type); -+ *classValue = ASN1_CLASS_UNIVERSAL; -+ -+ switch (type) -+ { -+ CASE_HANDLED_ETYPES: -+ *tagValue = _asn1_tags[type].tag; -+ break; -+ case ASN1_ETYPE_TAG: -+ case ASN1_ETYPE_CHOICE: -+ case ASN1_ETYPE_ANY: -+ *tagValue = -1; -+ break; -+ default: -+ break; -+ } -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+/** -+ * asn1_read_node_value: -+ * @node: pointer to a node. -+ * @data: a point to a asn1_data_node_st -+ * -+ * Returns the value a data node inside a asn1_node structure. -+ * The data returned should be handled as constant values. -+ * -+ * Returns: %ASN1_SUCCESS if the node exists. -+ **/ -+int -+asn1_read_node_value (asn1_node_const node, asn1_data_node_st * data) -+{ -+ data->name = node->name; -+ data->value = node->value; -+ data->value_len = node->value_len; -+ data->type = type_field (node->type); -+ -+ return ASN1_SUCCESS; -+} -diff --git a/grub-core/lib/libtasn1/lib/errors.c b/grub-core/lib/libtasn1/lib/errors.c -new file mode 100644 -index 00000000000..cee74daf795 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/errors.c -@@ -0,0 +1,100 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#include -+#ifdef STDC_HEADERS -+#include -+#endif -+ -+#define LIBTASN1_ERROR_ENTRY(name) { #name, name } -+ -+struct libtasn1_error_entry -+{ -+ const char *name; -+ int number; -+}; -+typedef struct libtasn1_error_entry libtasn1_error_entry; -+ -+static const libtasn1_error_entry error_algorithms[] = { -+ LIBTASN1_ERROR_ENTRY (ASN1_SUCCESS), -+ LIBTASN1_ERROR_ENTRY (ASN1_FILE_NOT_FOUND), -+ LIBTASN1_ERROR_ENTRY (ASN1_ELEMENT_NOT_FOUND), -+ LIBTASN1_ERROR_ENTRY (ASN1_IDENTIFIER_NOT_FOUND), -+ LIBTASN1_ERROR_ENTRY (ASN1_DER_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_VALUE_NOT_FOUND), -+ LIBTASN1_ERROR_ENTRY (ASN1_GENERIC_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_VALUE_NOT_VALID), -+ LIBTASN1_ERROR_ENTRY (ASN1_TAG_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_TAG_IMPLICIT), -+ LIBTASN1_ERROR_ENTRY (ASN1_ERROR_TYPE_ANY), -+ LIBTASN1_ERROR_ENTRY (ASN1_SYNTAX_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_MEM_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_MEM_ALLOC_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_DER_OVERFLOW), -+ LIBTASN1_ERROR_ENTRY (ASN1_NAME_TOO_LONG), -+ LIBTASN1_ERROR_ENTRY (ASN1_ARRAY_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_ELEMENT_NOT_EMPTY), -+ LIBTASN1_ERROR_ENTRY (ASN1_TIME_ENCODING_ERROR), -+ LIBTASN1_ERROR_ENTRY (ASN1_RECURSION), -+ {0, 0} -+}; -+ -+/** -+ * asn1_perror: -+ * @error: is an error returned by a libtasn1 function. -+ * -+ * Prints a string to stderr with a description of an error. This -+ * function is like perror(). The only difference is that it accepts -+ * an error returned by a libtasn1 function. -+ * -+ * Since: 1.6 -+ **/ -+void -+asn1_perror (int error) -+{ -+ const char *str = asn1_strerror (error); -+ fprintf (stderr, "LIBTASN1 ERROR: %s\n", str ? str : "(null)"); -+} -+ -+/** -+ * asn1_strerror: -+ * @error: is an error returned by a libtasn1 function. -+ * -+ * Returns a string with a description of an error. This function is -+ * similar to strerror. The only difference is that it accepts an -+ * error (number) returned by a libtasn1 function. -+ * -+ * Returns: Pointer to static zero-terminated string describing error -+ * code. -+ * -+ * Since: 1.6 -+ **/ -+const char * -+asn1_strerror (int error) -+{ -+ const libtasn1_error_entry *p; -+ -+ for (p = error_algorithms; p->name != NULL; p++) -+ if (p->number == error) -+ return p->name + sizeof ("ASN1_") - 1; -+ -+ return NULL; -+} -diff --git a/grub-core/lib/libtasn1/lib/gstr.c b/grub-core/lib/libtasn1/lib/gstr.c -new file mode 100644 -index 00000000000..e91a3a151c0 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/gstr.c -@@ -0,0 +1,74 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#include -+#include "gstr.h" -+ -+/* These function are like strcat, strcpy. They only -+ * do bounds checking (they shouldn't cause buffer overruns), -+ * and they always produce null terminated strings. -+ * -+ * They should be used only with null terminated strings. -+ */ -+void -+_asn1_str_cat (char *dest, size_t dest_tot_size, const char *src) -+{ -+ size_t str_size = strlen (src); -+ size_t dest_size = strlen (dest); -+ -+ if (dest_tot_size - dest_size > str_size) -+ { -+ strcat (dest, src); -+ } -+ else -+ { -+ if (dest_tot_size - dest_size > 0) -+ { -+ strncat (dest, src, (dest_tot_size - dest_size) - 1); -+ dest[dest_tot_size - 1] = 0; -+ } -+ } -+} -+ -+/* Returns the bytes copied (not including the null terminator) */ -+unsigned int -+_asn1_str_cpy (char *dest, size_t dest_tot_size, const char *src) -+{ -+ size_t str_size = strlen (src); -+ -+ if (dest_tot_size > str_size) -+ { -+ strcpy (dest, src); -+ return str_size; -+ } -+ else -+ { -+ if (dest_tot_size > 0) -+ { -+ str_size = dest_tot_size - 1; -+ memcpy (dest, src, str_size); -+ dest[str_size] = 0; -+ return str_size; -+ } -+ else -+ return 0; -+ } -+} -diff --git a/grub-core/lib/libtasn1/lib/parser_aux.c b/grub-core/lib/libtasn1/lib/parser_aux.c -new file mode 100644 -index 00000000000..d5dbbf8765d ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/parser_aux.c -@@ -0,0 +1,1173 @@ -+/* -+ * Copyright (C) 2000-2016 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#include // WORD_BIT -+ -+#include "int.h" -+#include "parser_aux.h" -+#include "gstr.h" -+#include "structure.h" -+#include "element.h" -+#include "c-ctype.h" -+ -+char _asn1_identifierMissing[ASN1_MAX_NAME_SIZE + 1]; /* identifier name not found */ -+ -+/* Return a hash of the N bytes of X using the method described by -+ Bruno Haible in https://www.haible.de/bruno/hashfunc.html. -+ Note that while many hash functions reduce their result via modulo -+ to a 0..table_size-1 range, this function does not do that. -+ -+ This implementation has been changed from size_t -> unsigned int. */ -+ -+#ifdef __clang__ -+__attribute__((no_sanitize("integer"))) -+#endif -+_GL_ATTRIBUTE_PURE -+static unsigned int -+_asn1_hash_name (const char *x) -+{ -+ const unsigned char *s = (unsigned char *) x; -+ unsigned h = 0; -+ -+ while (*s) -+ h = (*s++) + ((h << 9) | (h >> (WORD_BIT - 9))); -+ -+ return h; -+} -+ -+/******************************************************/ -+/* Function : _asn1_add_static_node */ -+/* Description: creates a new NODE_ASN element and */ -+/* puts it in the list pointed by e_list. */ -+/* Parameters: */ -+/* e_list: of type list_type; must be NULL initially */ -+/* type: type of the new element (see ASN1_ETYPE_ */ -+/* and CONST_ constants). */ -+/* Return: pointer to the new element. */ -+/******************************************************/ -+asn1_node -+_asn1_add_static_node (list_type **e_list, unsigned int type) -+{ -+ list_type *p; -+ asn1_node punt; -+ -+ punt = calloc (1, sizeof (struct asn1_node_st)); -+ if (punt == NULL) -+ return NULL; -+ -+ p = malloc (sizeof (list_type)); -+ if (p == NULL) -+ { -+ free (punt); -+ return NULL; -+ } -+ -+ p->node = punt; -+ p->next = *e_list; -+ *e_list = p; -+ -+ punt->type = type; -+ -+ return punt; -+} -+ -+static -+int _asn1_add_static_node2 (list_type **e_list, asn1_node node) -+{ -+ list_type *p; -+ -+ p = malloc (sizeof (list_type)); -+ if (p == NULL) -+ { -+ return -1; -+ } -+ -+ p->node = node; -+ p->next = *e_list; -+ *e_list = p; -+ -+ return 0; -+} -+ -+/** -+ * asn1_find_node: -+ * @pointer: NODE_ASN element pointer. -+ * @name: null terminated string with the element's name to find. -+ * -+ * Searches for an element called @name starting from @pointer. The -+ * name is composed by different identifiers separated by dots. When -+ * *@pointer has a name, the first identifier must be the name of -+ * *@pointer, otherwise it must be the name of one child of *@pointer. -+ * -+ * Returns: the search result, or %NULL if not found. -+ **/ -+asn1_node -+asn1_find_node (asn1_node_const pointer, const char *name) -+{ -+ asn1_node_const p; -+ char *n_end, n[ASN1_MAX_NAME_SIZE + 1]; -+ const char *n_start; -+ unsigned int nsize; -+ unsigned int nhash; -+ -+ if (pointer == NULL) -+ return NULL; -+ -+ if (name == NULL) -+ return NULL; -+ -+ p = pointer; -+ n_start = name; -+ -+ if (name[0] == '?' && name[1] == 'C' && p->name[0] == '?') -+ { /* ?CURRENT */ -+ n_start = strchr(n_start, '.'); -+ if (n_start) -+ n_start++; -+ } -+ else if (p->name[0] != 0) -+ { /* has *pointer got a name ? */ -+ n_end = strchr (n_start, '.'); /* search the first dot */ -+ if (n_end) -+ { -+ nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ -+ memcpy (n, n_start, nsize); -+ n[nsize] = 0; -+ n_start = n_end; -+ n_start++; -+ -+ nhash = _asn1_hash_name (n); -+ } -+ else -+ { -+ _asn1_str_cpy (n, sizeof (n), n_start); -+ nhash = _asn1_hash_name (n); -+ -+ n_start = NULL; -+ } -+ -+ while (p) -+ { -+ if (nhash == p->name_hash && (!strcmp (p->name, n))) -+ break; -+ else -+ p = p->right; -+ } /* while */ -+ -+ if (p == NULL) -+ return NULL; -+ } -+ else -+ { /* *pointer doesn't have a name */ -+ if (n_start[0] == 0) -+ return (asn1_node) p; -+ } -+ -+ while (n_start) -+ { /* Has the end of NAME been reached? */ -+ n_end = strchr (n_start, '.'); /* search the next dot */ -+ if (n_end) -+ { -+ nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ -+ memcpy (n, n_start, nsize); -+ n[nsize] = 0; -+ n_start = n_end; -+ n_start++; -+ -+ nhash = _asn1_hash_name (n); -+ } -+ else -+ { -+ _asn1_str_cpy (n, sizeof (n), n_start); -+ nhash = _asn1_hash_name (n); -+ n_start = NULL; -+ } -+ -+ if (p->down == NULL) -+ return NULL; -+ -+ p = p->down; -+ if (p == NULL) -+ return NULL; -+ -+ /* The identifier "?LAST" indicates the last element -+ in the right chain. */ -+ if (n[0] == '?' && n[1] == 'L') /* ?LAST */ -+ { -+ while (p->right) -+ p = p->right; -+ } -+ else -+ { /* no "?LAST" */ -+ while (p) -+ { -+ if (p->name_hash == nhash && !strcmp (p->name, n)) -+ break; -+ else -+ p = p->right; -+ } -+ } -+ if (p == NULL) -+ return NULL; -+ } /* while */ -+ -+ return (asn1_node) p; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_set_value */ -+/* Description: sets the field VALUE in a NODE_ASN element. The */ -+/* previous value (if exist) will be lost */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* value: pointer to the value that you want to set. */ -+/* len: character number of value. */ -+/* Return: pointer to the NODE_ASN element. */ -+/******************************************************************/ -+asn1_node -+_asn1_set_value (asn1_node node, const void *value, unsigned int len) -+{ -+ if (node == NULL) -+ return node; -+ if (node->value) -+ { -+ if (node->value != node->small_value) -+ free (node->value); -+ node->value = NULL; -+ node->value_len = 0; -+ } -+ -+ if (!len) -+ return node; -+ -+ if (len < sizeof (node->small_value)) -+ { -+ node->value = node->small_value; -+ } -+ else -+ { -+ node->value = malloc (len); -+ if (node->value == NULL) -+ return NULL; -+ } -+ node->value_len = len; -+ -+ memcpy (node->value, value, len); -+ return node; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_set_value_lv */ -+/* Description: sets the field VALUE in a NODE_ASN element. The */ -+/* previous value (if exist) will be lost. The value */ -+/* given is stored as an length-value format (LV */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* value: pointer to the value that you want to set. */ -+/* len: character number of value. */ -+/* Return: pointer to the NODE_ASN element. */ -+/******************************************************************/ -+asn1_node -+_asn1_set_value_lv (asn1_node node, const void *value, unsigned int len) -+{ -+ int len2; -+ void *temp; -+ -+ if (node == NULL) -+ return node; -+ -+ asn1_length_der (len, NULL, &len2); -+ temp = malloc (len + len2); -+ if (temp == NULL) -+ return NULL; -+ -+ asn1_octet_der (value, len, temp, &len2); -+ return _asn1_set_value_m (node, temp, len2); -+} -+ -+/* the same as _asn1_set_value except that it sets an already malloc'ed -+ * value. -+ */ -+asn1_node -+_asn1_set_value_m (asn1_node node, void *value, unsigned int len) -+{ -+ if (node == NULL) -+ return node; -+ -+ if (node->value) -+ { -+ if (node->value != node->small_value) -+ free (node->value); -+ node->value = NULL; -+ node->value_len = 0; -+ } -+ -+ if (!len) -+ return node; -+ -+ node->value = value; -+ node->value_len = len; -+ -+ return node; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_append_value */ -+/* Description: appends to the field VALUE in a NODE_ASN element. */ -+/* */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* value: pointer to the value that you want to be appended. */ -+/* len: character number of value. */ -+/* Return: pointer to the NODE_ASN element. */ -+/******************************************************************/ -+asn1_node -+_asn1_append_value (asn1_node node, const void *value, unsigned int len) -+{ -+ if (node == NULL) -+ return node; -+ -+ if (node->value == NULL) -+ return _asn1_set_value (node, value, len); -+ -+ if (len == 0) -+ return node; -+ -+ if (node->value == node->small_value) -+ { -+ /* value is in node */ -+ int prev_len = node->value_len; -+ node->value_len += len; -+ node->value = malloc (node->value_len); -+ if (node->value == NULL) -+ { -+ node->value_len = 0; -+ return NULL; -+ } -+ -+ if (prev_len > 0) -+ memcpy (node->value, node->small_value, prev_len); -+ -+ memcpy (&node->value[prev_len], value, len); -+ -+ return node; -+ } -+ else /* if (node->value != NULL && node->value != node->small_value) */ -+ { -+ /* value is allocated */ -+ int prev_len = node->value_len; -+ node->value_len += len; -+ -+ node->value = _asn1_realloc (node->value, node->value_len); -+ if (node->value == NULL) -+ { -+ node->value_len = 0; -+ return NULL; -+ } -+ -+ memcpy (&node->value[prev_len], value, len); -+ -+ return node; -+ } -+} -+ -+/******************************************************************/ -+/* Function : _asn1_set_name */ -+/* Description: sets the field NAME in a NODE_ASN element. The */ -+/* previous value (if exist) will be lost */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* name: a null terminated string with the name that you want */ -+/* to set. */ -+/* Return: pointer to the NODE_ASN element. */ -+/******************************************************************/ -+asn1_node -+_asn1_set_name (asn1_node node, const char *name) -+{ -+ if (node == NULL) -+ return node; -+ -+ _asn1_str_cpy (node->name, sizeof (node->name), name ? name : ""); -+ node->name_hash = _asn1_hash_name (node->name); -+ -+ return node; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_cpy_name */ -+/* Description: copies the field NAME in a NODE_ASN element. */ -+/* Parameters: */ -+/* dst: a dest element pointer. */ -+/* src: a source element pointer. */ -+/* Return: pointer to the NODE_ASN element. */ -+/******************************************************************/ -+asn1_node -+_asn1_cpy_name (asn1_node dst, asn1_node_const src) -+{ -+ if (dst == NULL) -+ return dst; -+ -+ if (src == NULL) -+ { -+ dst->name[0] = 0; -+ dst->name_hash = _asn1_hash_name (dst->name); -+ return dst; -+ } -+ -+ _asn1_str_cpy (dst->name, sizeof (dst->name), src->name); -+ dst->name_hash = src->name_hash; -+ -+ return dst; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_set_right */ -+/* Description: sets the field RIGHT in a NODE_ASN element. */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* right: pointer to a NODE_ASN element that you want be pointed*/ -+/* by NODE. */ -+/* Return: pointer to *NODE. */ -+/******************************************************************/ -+asn1_node -+_asn1_set_right (asn1_node node, asn1_node right) -+{ -+ if (node == NULL) -+ return node; -+ node->right = right; -+ if (right) -+ right->left = node; -+ return node; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_get_last_right */ -+/* Description: return the last element along the right chain. */ -+/* Parameters: */ -+/* node: starting element pointer. */ -+/* Return: pointer to the last element along the right chain. */ -+/******************************************************************/ -+asn1_node -+_asn1_get_last_right (asn1_node_const node) -+{ -+ asn1_node_const p; -+ -+ if (node == NULL) -+ return NULL; -+ p = node; -+ while (p->right) -+ p = p->right; -+ return (asn1_node) p; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_remove_node */ -+/* Description: gets free the memory allocated for an NODE_ASN */ -+/* element (not the elements pointed by it). */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* flags: ASN1_DELETE_FLAG_* */ -+/******************************************************************/ -+void -+_asn1_remove_node (asn1_node node, unsigned int flags) -+{ -+ if (node == NULL) -+ return; -+ -+ if (node->value != NULL) -+ { -+ if (flags & ASN1_DELETE_FLAG_ZEROIZE) -+ { -+ safe_memset(node->value, 0, node->value_len); -+ } -+ -+ if (node->value != node->small_value) -+ free (node->value); -+ } -+ free (node); -+} -+ -+/******************************************************************/ -+/* Function : _asn1_find_up */ -+/* Description: return the father of the NODE_ASN element. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* Return: Null if not found. */ -+/******************************************************************/ -+asn1_node -+_asn1_find_up (asn1_node_const node) -+{ -+ asn1_node_const p; -+ -+ if (node == NULL) -+ return NULL; -+ -+ p = node; -+ -+ while ((p->left != NULL) && (p->left->right == p)) -+ p = p->left; -+ -+ return p->left; -+} -+ -+static -+unsigned _asn1_is_up (asn1_node_const up_cand, asn1_node_const down) -+{ -+ asn1_node_const d, u; -+ -+ if (up_cand == NULL || down == NULL) -+ return 0; -+ -+ d = down; -+ -+ while ((u = _asn1_find_up(d)) != NULL && u != d) -+ { -+ if (u == up_cand) -+ return 1; -+ d = u; -+ } -+ -+ return 0; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_delete_node_from_list */ -+/* Description: deletes the list element given */ -+/******************************************************************/ -+void -+_asn1_delete_node_from_list (list_type *list, asn1_node node) -+{ -+ list_type *p = list; -+ -+ while (p) -+ { -+ if (p->node == node) -+ p->node = NULL; -+ p = p->next; -+ } -+} -+ -+/******************************************************************/ -+/* Function : _asn1_delete_list */ -+/* Description: deletes the list elements (not the elements */ -+/* pointed by them). */ -+/******************************************************************/ -+void -+_asn1_delete_list (list_type *e_list) -+{ -+ list_type *p; -+ -+ while (e_list) -+ { -+ p = e_list; -+ e_list = e_list->next; -+ free (p); -+ } -+} -+ -+/******************************************************************/ -+/* Function : _asn1_delete_list_and nodes */ -+/* Description: deletes the list elements and the elements */ -+/* pointed by them. */ -+/******************************************************************/ -+void -+_asn1_delete_list_and_nodes (list_type *e_list) -+{ -+ list_type *p; -+ -+ while (e_list) -+ { -+ p = e_list; -+ e_list = e_list->next; -+ _asn1_remove_node (p->node, 0); -+ free (p); -+ } -+} -+ -+ -+char * -+_asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE]) -+{ -+ uint64_t d, r; -+ char temp[LTOSTR_MAX_SIZE]; -+ int count, k, start; -+ uint64_t val; -+ -+ if (v < 0) -+ { -+ str[0] = '-'; -+ start = 1; -+ val = -((uint64_t)v); -+ } -+ else -+ { -+ val = v; -+ start = 0; -+ } -+ -+ count = 0; -+ do -+ { -+ d = val / 10; -+ r = val - d * 10; -+ temp[start + count] = '0' + (char) r; -+ count++; -+ val = d; -+ } -+ while (val && ((start+count) < LTOSTR_MAX_SIZE-1)); -+ -+ for (k = 0; k < count; k++) -+ str[k + start] = temp[start + count - k - 1]; -+ str[count + start] = 0; -+ return str; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_change_integer_value */ -+/* Description: converts into DER coding the value assign to an */ -+/* INTEGER constant. */ -+/* Parameters: */ -+/* node: root of an ASN1element. */ -+/* Return: */ -+/* ASN1_ELEMENT_NOT_FOUND if NODE is NULL, */ -+/* otherwise ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_change_integer_value (asn1_node node) -+{ -+ asn1_node p; -+ unsigned char val[SIZEOF_UNSIGNED_LONG_INT]; -+ unsigned char val2[SIZEOF_UNSIGNED_LONG_INT + 1]; -+ int len; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ while (p) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_INTEGER) -+ && (p->type & CONST_ASSIGN)) -+ { -+ if (p->value) -+ { -+ _asn1_convert_integer (p->value, val, sizeof (val), &len); -+ asn1_octet_der (val, len, val2, &len); -+ _asn1_set_value (p, val2, len); -+ } -+ } -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else -+ { -+ if (p == node) -+ p = NULL; -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == node) -+ { -+ p = NULL; -+ break; -+ } -+ if (p && p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+#define MAX_CONSTANTS 1024 -+/******************************************************************/ -+/* Function : _asn1_expand_object_id */ -+/* Description: expand the IDs of an OBJECT IDENTIFIER constant. */ -+/* Parameters: */ -+/* list: root of an object list */ -+/* node: root of an ASN1 element. */ -+/* Return: */ -+/* ASN1_ELEMENT_NOT_FOUND if NODE is NULL, */ -+/* otherwise ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_expand_object_id (list_type **list, asn1_node node) -+{ -+ asn1_node p, p2, p3, p4, p5; -+ char name_root[ASN1_MAX_NAME_SIZE], name2[2 * ASN1_MAX_NAME_SIZE + 1]; -+ int move, tlen, tries; -+ unsigned max_constants; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ _asn1_str_cpy (name_root, sizeof (name_root), node->name); -+ -+ p = node; -+ move = DOWN; -+ tries = 0; -+ -+ while (!((p == node) && (move == UP))) -+ { -+ if (move != UP) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) -+ && (p->type & CONST_ASSIGN)) -+ { -+ p2 = p->down; -+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_CONSTANT)) -+ { -+ if (p2->value && !c_isdigit (p2->value[0])) -+ { -+ _asn1_str_cpy (name2, sizeof (name2), name_root); -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -+ p3 = asn1_find_node (node, name2); -+ if (!p3 || _asn1_is_up(p2, p3) || -+ (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) || -+ !(p3->type & CONST_ASSIGN)) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ _asn1_set_down (p, p2->right); -+ if (p2->down) -+ _asn1_delete_structure (*list, &p2->down, 0); -+ _asn1_delete_node_from_list(*list, p2); -+ _asn1_remove_node (p2, 0); -+ p2 = p; -+ p4 = p3->down; -+ max_constants = 0; -+ while (p4) -+ { -+ if (type_field (p4->type) == ASN1_ETYPE_CONSTANT) -+ { -+ max_constants++; -+ if (max_constants == MAX_CONSTANTS) -+ return ASN1_RECURSION; -+ -+ p5 = -+ _asn1_add_single_node (ASN1_ETYPE_CONSTANT); -+ _asn1_set_name (p5, p4->name); -+ if (p4->value) -+ { -+ tlen = _asn1_strlen (p4->value); -+ if (tlen > 0) -+ _asn1_set_value (p5, p4->value, tlen + 1); -+ } -+ _asn1_add_static_node2(list, p5); -+ -+ if (p2 == p) -+ { -+ _asn1_set_right (p5, p->down); -+ _asn1_set_down (p, p5); -+ } -+ else -+ { -+ _asn1_set_right (p5, p2->right); -+ _asn1_set_right (p2, p5); -+ } -+ p2 = p5; -+ } -+ p4 = p4->right; -+ } -+ move = DOWN; -+ -+ tries++; -+ if (tries >= EXPAND_OBJECT_ID_MAX_RECURSION) -+ return ASN1_RECURSION; -+ -+ continue; -+ } -+ } -+ } -+ move = DOWN; -+ } -+ else -+ move = RIGHT; -+ -+ tries = 0; -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ -+ if (p == node) -+ { -+ move = UP; -+ continue; -+ } -+ -+ if (move == RIGHT) -+ { -+ if (p && p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ /*******************************/ -+ /* expand DEFAULT */ -+ /*******************************/ -+ p = node; -+ move = DOWN; -+ -+ while (!((p == node) && (move == UP))) -+ { -+ if (move != UP) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p->type & CONST_DEFAULT)) -+ { -+ p2 = p->down; -+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) -+ { -+ _asn1_str_cpy (name2, sizeof (name2), name_root); -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ if (p2->value) -+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -+ p3 = asn1_find_node (node, name2); -+ if (!p3 || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) -+ || !(p3->type & CONST_ASSIGN)) -+ return ASN1_ELEMENT_NOT_FOUND; -+ p4 = p3->down; -+ name2[0] = 0; -+ while (p4) -+ { -+ if (type_field (p4->type) == ASN1_ETYPE_CONSTANT) -+ { -+ if (p4->value == NULL) -+ return ASN1_VALUE_NOT_FOUND; -+ -+ if (name2[0]) -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), -+ (char *) p4->value); -+ } -+ p4 = p4->right; -+ } -+ tlen = strlen (name2); -+ if (tlen > 0) -+ _asn1_set_value (p2, name2, tlen + 1); -+ } -+ } -+ move = DOWN; -+ } -+ else -+ move = RIGHT; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ -+ if (p == node) -+ { -+ move = UP; -+ continue; -+ } -+ -+ if (move == RIGHT) -+ { -+ if (p && p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_type_set_config */ -+/* Description: sets the CONST_SET and CONST_NOT_USED properties */ -+/* in the fields of the SET elements. */ -+/* Parameters: */ -+/* node: root of an ASN1 element. */ -+/* Return: */ -+/* ASN1_ELEMENT_NOT_FOUND if NODE is NULL, */ -+/* otherwise ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_type_set_config (asn1_node node) -+{ -+ asn1_node p, p2; -+ int move; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ move = DOWN; -+ -+ while (!((p == node) && (move == UP))) -+ { -+ if (move != UP) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_SET) -+ { -+ p2 = p->down; -+ while (p2) -+ { -+ if (type_field (p2->type) != ASN1_ETYPE_TAG) -+ p2->type |= CONST_SET | CONST_NOT_USED; -+ p2 = p2->right; -+ } -+ } -+ move = DOWN; -+ } -+ else -+ move = RIGHT; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ -+ if (p == node) -+ { -+ move = UP; -+ continue; -+ } -+ -+ if (move == RIGHT) -+ { -+ if (p && p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_check_identifier */ -+/* Description: checks the definitions of all the identifiers */ -+/* and the first element of an OBJECT_ID (e.g. {pkix 0 4}). */ -+/* The _asn1_identifierMissing global variable is filled if */ -+/* necessary. */ -+/* Parameters: */ -+/* node: root of an ASN1 element. */ -+/* Return: */ -+/* ASN1_ELEMENT_NOT_FOUND if NODE is NULL, */ -+/* ASN1_IDENTIFIER_NOT_FOUND if an identifier is not defined, */ -+/* otherwise ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_check_identifier (asn1_node_const node) -+{ -+ asn1_node_const p, p2; -+ char name2[ASN1_MAX_NAME_SIZE * 2 + 2]; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ while (p) -+ { -+ if (p->value && type_field (p->type) == ASN1_ETYPE_IDENTIFIER) -+ { -+ _asn1_str_cpy (name2, sizeof (name2), node->name); -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), (char *) p->value); -+ p2 = asn1_find_node (node, name2); -+ if (p2 == NULL) -+ { -+ if (p->value) -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value); -+ else -+ _asn1_strcpy (_asn1_identifierMissing, "(null)"); -+ return ASN1_IDENTIFIER_NOT_FOUND; -+ } -+ } -+ else if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p->type & CONST_DEFAULT)) -+ { -+ p2 = p->down; -+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) -+ { -+ _asn1_str_cpy (name2, sizeof (name2), node->name); -+ if (p2->value) -+ { -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); -+ } -+ else -+ _asn1_strcpy (_asn1_identifierMissing, "(null)"); -+ -+ p2 = asn1_find_node (node, name2); -+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || -+ !(p2->type & CONST_ASSIGN)) -+ return ASN1_IDENTIFIER_NOT_FOUND; -+ else -+ _asn1_identifierMissing[0] = 0; -+ } -+ } -+ else if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p->type & CONST_ASSIGN)) -+ { -+ p2 = p->down; -+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_CONSTANT)) -+ { -+ if (p2->value && !c_isdigit (p2->value[0])) -+ { -+ _asn1_str_cpy (name2, sizeof (name2), node->name); -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); -+ -+ p2 = asn1_find_node (node, name2); -+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) -+ || !(p2->type & CONST_ASSIGN)) -+ return ASN1_IDENTIFIER_NOT_FOUND; -+ else -+ _asn1_identifierMissing[0] = 0; -+ } -+ } -+ } -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (p) -+ { -+ p = _asn1_find_up (p); -+ if (p == node) -+ { -+ p = NULL; -+ break; -+ } -+ if (p && p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_set_default_tag */ -+/* Description: sets the default IMPLICIT or EXPLICIT property in */ -+/* the tagged elements that don't have this declaration. */ -+/* Parameters: */ -+/* node: pointer to a DEFINITIONS element. */ -+/* Return: */ -+/* ASN1_ELEMENT_NOT_FOUND if NODE is NULL or not a pointer to */ -+/* a DEFINITIONS element, */ -+/* otherwise ASN1_SUCCESS */ -+/******************************************************************/ -+int -+_asn1_set_default_tag (asn1_node node) -+{ -+ asn1_node p; -+ -+ if ((node == NULL) || (type_field (node->type) != ASN1_ETYPE_DEFINITIONS)) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ while (p) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_TAG) && -+ !(p->type & CONST_EXPLICIT) && !(p->type & CONST_IMPLICIT)) -+ { -+ if (node->type & CONST_EXPLICIT) -+ p->type |= CONST_EXPLICIT; -+ else -+ p->type |= CONST_IMPLICIT; -+ } -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == node) -+ { -+ p = NULL; -+ break; -+ } -+ if (p && p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ -+ return ASN1_SUCCESS; -+} -diff --git a/grub-core/lib/libtasn1/lib/structure.c b/grub-core/lib/libtasn1/lib/structure.c -new file mode 100644 -index 00000000000..8189c56a4c9 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/structure.c -@@ -0,0 +1,1220 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+ -+/*****************************************************/ -+/* File: structure.c */ -+/* Description: Functions to create and delete an */ -+/* ASN1 tree. */ -+/*****************************************************/ -+ -+ -+#include -+#include -+#include "parser_aux.h" -+#include -+ -+ -+extern char _asn1_identifierMissing[]; -+ -+ -+/******************************************************/ -+/* Function : _asn1_add_single_node */ -+/* Description: creates a new NODE_ASN element. */ -+/* Parameters: */ -+/* type: type of the new element (see ASN1_ETYPE_ */ -+/* and CONST_ constants). */ -+/* Return: pointer to the new element. */ -+/******************************************************/ -+asn1_node -+_asn1_add_single_node (unsigned int type) -+{ -+ asn1_node punt; -+ -+ punt = calloc (1, sizeof (struct asn1_node_st)); -+ if (punt == NULL) -+ return NULL; -+ -+ punt->type = type; -+ -+ return punt; -+} -+ -+ -+/******************************************************************/ -+/* Function : _asn1_find_left */ -+/* Description: returns the NODE_ASN element with RIGHT field that*/ -+/* points the element NODE. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* Return: NULL if not found. */ -+/******************************************************************/ -+asn1_node -+_asn1_find_left (asn1_node_const node) -+{ -+ if ((node == NULL) || (node->left == NULL) || (node->left->down == node)) -+ return NULL; -+ -+ return node->left; -+} -+ -+ -+int -+_asn1_create_static_structure (asn1_node_const pointer, char *output_file_name, -+ char *vector_name) -+{ -+ FILE *file; -+ asn1_node_const p; -+ unsigned long t; -+ -+ file = fopen (output_file_name, "w"); -+ -+ if (file == NULL) -+ return ASN1_FILE_NOT_FOUND; -+ -+ fprintf (file, "#if HAVE_CONFIG_H\n"); -+ fprintf (file, "# include \"config.h\"\n"); -+ fprintf (file, "#endif\n\n"); -+ -+ fprintf (file, "#include \n\n"); -+ -+ fprintf (file, "const asn1_static_node %s[] = {\n", vector_name); -+ -+ p = pointer; -+ -+ while (p) -+ { -+ fprintf (file, " { "); -+ -+ if (p->name[0] != 0) -+ fprintf (file, "\"%s\", ", p->name); -+ else -+ fprintf (file, "NULL, "); -+ -+ t = p->type; -+ if (p->down) -+ t |= CONST_DOWN; -+ if (p->right) -+ t |= CONST_RIGHT; -+ -+ fprintf (file, "%lu, ", t); -+ -+ if (p->value) -+ fprintf (file, "\"%s\"},\n", p->value); -+ else -+ fprintf (file, "NULL },\n"); -+ -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else if (p->right) -+ { -+ p = p->right; -+ } -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == pointer) -+ { -+ p = NULL; -+ break; -+ } -+ if (p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+ -+ fprintf (file, " { NULL, 0, NULL }\n};\n"); -+ -+ fclose (file); -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_array2tree: -+ * @array: specify the array that contains ASN.1 declarations -+ * @definitions: return the pointer to the structure created by -+ * *ARRAY ASN.1 declarations -+ * @errorDescription: return the error description. -+ * -+ * Creates the structures needed to manage the ASN.1 definitions. -+ * @array is a vector created by asn1_parser2array(). -+ * -+ * Returns: %ASN1_SUCCESS if structure was created correctly, -+ * %ASN1_ELEMENT_NOT_EMPTY if *@definitions not NULL, -+ * %ASN1_IDENTIFIER_NOT_FOUND if in the file there is an identifier -+ * that is not defined (see @errorDescription for more information), -+ * %ASN1_ARRAY_ERROR if the array pointed by @array is wrong. -+ **/ -+int -+asn1_array2tree (const asn1_static_node * array, asn1_node * definitions, -+ char *errorDescription) -+{ -+ asn1_node p, p_last = NULL; -+ unsigned long k; -+ int move; -+ int result; -+ unsigned int type; -+ list_type *e_list = NULL; -+ -+ if (errorDescription) -+ errorDescription[0] = 0; -+ -+ if (*definitions != NULL) -+ return ASN1_ELEMENT_NOT_EMPTY; -+ -+ move = UP; -+ -+ for (k = 0; array[k].value || array[k].type || array[k].name; k++) -+ { -+ type = convert_old_type (array[k].type); -+ -+ p = _asn1_add_static_node (&e_list, type & (~CONST_DOWN)); -+ if (array[k].name) -+ _asn1_set_name (p, array[k].name); -+ if (array[k].value) -+ _asn1_set_value (p, array[k].value, strlen (array[k].value) + 1); -+ -+ if (*definitions == NULL) -+ *definitions = p; -+ -+ if (move == DOWN) -+ { -+ if (p_last && p_last->down) -+ _asn1_delete_structure (e_list, &p_last->down, 0); -+ _asn1_set_down (p_last, p); -+ } -+ else if (move == RIGHT) -+ { -+ if (p_last && p_last->right) -+ _asn1_delete_structure (e_list, &p_last->right, 0); -+ _asn1_set_right (p_last, p); -+ } -+ -+ p_last = p; -+ -+ if (type & CONST_DOWN) -+ move = DOWN; -+ else if (type & CONST_RIGHT) -+ move = RIGHT; -+ else -+ { -+ while (p_last != *definitions) -+ { -+ p_last = _asn1_find_up (p_last); -+ -+ if (p_last == NULL) -+ break; -+ -+ if (p_last->type & CONST_RIGHT) -+ { -+ p_last->type &= ~CONST_RIGHT; -+ move = RIGHT; -+ break; -+ } -+ } /* while */ -+ } -+ } /* while */ -+ -+ if (p_last == *definitions) -+ { -+ result = _asn1_check_identifier (*definitions); -+ if (result == ASN1_SUCCESS) -+ { -+ _asn1_change_integer_value (*definitions); -+ result = _asn1_expand_object_id (&e_list, *definitions); -+ } -+ } -+ else -+ { -+ result = ASN1_ARRAY_ERROR; -+ } -+ -+ if (errorDescription != NULL) -+ { -+ if (result == ASN1_IDENTIFIER_NOT_FOUND) -+ { -+ Estrcpy (errorDescription, ":: identifier '"); -+ Estrcat (errorDescription, _asn1_identifierMissing); -+ Estrcat (errorDescription, "' not found"); -+ } -+ else -+ errorDescription[0] = 0; -+ } -+ -+ if (result != ASN1_SUCCESS) -+ { -+ _asn1_delete_list_and_nodes (e_list); -+ *definitions = NULL; -+ } -+ else -+ _asn1_delete_list (e_list); -+ -+ return result; -+} -+ -+/** -+ * asn1_delete_structure: -+ * @structure: pointer to the structure that you want to delete. -+ * -+ * Deletes the structure *@structure. At the end, *@structure is set -+ * to NULL. -+ * -+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if -+ * *@structure was NULL. -+ **/ -+int -+asn1_delete_structure (asn1_node * structure) -+{ -+ return _asn1_delete_structure (NULL, structure, 0); -+} -+ -+/** -+ * asn1_delete_structure2: -+ * @structure: pointer to the structure that you want to delete. -+ * @flags: additional flags (see %ASN1_DELETE_FLAG) -+ * -+ * Deletes the structure *@structure. At the end, *@structure is set -+ * to NULL. -+ * -+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if -+ * *@structure was NULL. -+ **/ -+int -+asn1_delete_structure2 (asn1_node * structure, unsigned int flags) -+{ -+ return _asn1_delete_structure (NULL, structure, flags); -+} -+ -+int -+_asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int flags) -+{ -+ asn1_node p, p2, p3; -+ -+ if (*structure == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = *structure; -+ while (p) -+ { -+ if (p->down) -+ { -+ p = p->down; -+ } -+ else -+ { /* no down */ -+ p2 = p->right; -+ if (p != *structure) -+ { -+ p3 = _asn1_find_up (p); -+ _asn1_set_down (p3, p2); -+ if (e_list) -+ _asn1_delete_node_from_list (e_list, p); -+ _asn1_remove_node (p, flags); -+ p = p3; -+ } -+ else -+ { /* p==root */ -+ p3 = _asn1_find_left (p); -+ if (!p3) -+ { -+ p3 = _asn1_find_up (p); -+ if (p3) -+ _asn1_set_down (p3, p2); -+ else -+ { -+ if (p->right) -+ p->right->left = NULL; -+ } -+ } -+ else -+ _asn1_set_right (p3, p2); -+ if (e_list) -+ _asn1_delete_node_from_list (e_list, p); -+ _asn1_remove_node (p, flags); -+ p = NULL; -+ } -+ } -+ } -+ -+ *structure = NULL; -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_delete_element: -+ * @structure: pointer to the structure that contains the element you -+ * want to delete. -+ * @element_name: element's name you want to delete. -+ * -+ * Deletes the element named *@element_name inside *@structure. -+ * -+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if -+ * the @element_name was not found. -+ **/ -+int -+asn1_delete_element (asn1_node structure, const char *element_name) -+{ -+ asn1_node p2, p3, source_node; -+ -+ source_node = asn1_find_node (structure, element_name); -+ -+ if (source_node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p2 = source_node->right; -+ p3 = _asn1_find_left (source_node); -+ if (!p3) -+ { -+ p3 = _asn1_find_up (source_node); -+ if (p3) -+ _asn1_set_down (p3, p2); -+ else if (source_node->right) -+ source_node->right->left = NULL; -+ } -+ else -+ _asn1_set_right (p3, p2); -+ -+ return asn1_delete_structure (&source_node); -+} -+ -+#ifndef __clang_analyzer__ -+asn1_node -+_asn1_copy_structure3 (asn1_node_const source_node) -+{ -+ asn1_node_const p_s; -+ asn1_node dest_node, p_d, p_d_prev; -+ int move; -+ -+ if (source_node == NULL) -+ return NULL; -+ -+ dest_node = _asn1_add_single_node (source_node->type); -+ -+ p_s = source_node; -+ p_d = dest_node; -+ -+ move = DOWN; -+ -+ do -+ { -+ if (move != UP) -+ { -+ if (p_s->name[0] != 0) -+ _asn1_cpy_name (p_d, p_s); -+ if (p_s->value) -+ _asn1_set_value (p_d, p_s->value, p_s->value_len); -+ if (p_s->down) -+ { -+ p_s = p_s->down; -+ p_d_prev = p_d; -+ p_d = _asn1_add_single_node (p_s->type); -+ _asn1_set_down (p_d_prev, p_d); -+ continue; -+ } -+ p_d->start = p_s->start; -+ p_d->end = p_s->end; -+ } -+ -+ if (p_s == source_node) -+ break; -+ -+ if (p_s->right) -+ { -+ move = RIGHT; -+ p_s = p_s->right; -+ p_d_prev = p_d; -+ p_d = _asn1_add_single_node (p_s->type); -+ _asn1_set_right (p_d_prev, p_d); -+ } -+ else -+ { -+ move = UP; -+ p_s = _asn1_find_up (p_s); -+ p_d = _asn1_find_up (p_d); -+ } -+ } -+ while (p_s != source_node); -+ return dest_node; -+} -+#else -+ -+/* Non-production code */ -+asn1_node -+_asn1_copy_structure3 (asn1_node_const source_node) -+{ -+ return NULL; -+} -+#endif /* __clang_analyzer__ */ -+ -+ -+static asn1_node -+_asn1_copy_structure2 (asn1_node_const root, const char *source_name) -+{ -+ asn1_node source_node; -+ -+ source_node = asn1_find_node (root, source_name); -+ -+ return _asn1_copy_structure3 (source_node); -+ -+} -+ -+ -+static int -+_asn1_type_choice_config (asn1_node node) -+{ -+ asn1_node p, p2, p3, p4; -+ int move, tlen; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node; -+ move = DOWN; -+ -+ while (!((p == node) && (move == UP))) -+ { -+ if (move != UP) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_CHOICE) -+ && (p->type & CONST_TAG)) -+ { -+ p2 = p->down; -+ while (p2) -+ { -+ if (type_field (p2->type) != ASN1_ETYPE_TAG) -+ { -+ p2->type |= CONST_TAG; -+ p3 = _asn1_find_left (p2); -+ while (p3) -+ { -+ if (type_field (p3->type) == ASN1_ETYPE_TAG) -+ { -+ p4 = _asn1_add_single_node (p3->type); -+ tlen = _asn1_strlen (p3->value); -+ if (tlen > 0) -+ _asn1_set_value (p4, p3->value, tlen + 1); -+ _asn1_set_right (p4, p2->down); -+ _asn1_set_down (p2, p4); -+ } -+ p3 = _asn1_find_left (p3); -+ } -+ } -+ p2 = p2->right; -+ } -+ p->type &= ~(CONST_TAG); -+ p2 = p->down; -+ while (p2) -+ { -+ p3 = p2->right; -+ if (type_field (p2->type) == ASN1_ETYPE_TAG) -+ asn1_delete_structure (&p2); -+ p2 = p3; -+ } -+ } -+ move = DOWN; -+ } -+ else -+ move = RIGHT; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ -+ if (p == node) -+ { -+ move = UP; -+ continue; -+ } -+ -+ if (move == RIGHT) -+ { -+ if (p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+static int -+_asn1_expand_identifier (asn1_node * node, asn1_node_const root) -+{ -+ asn1_node p, p2, p3; -+ char name2[ASN1_MAX_NAME_SIZE + 2]; -+ int move; -+ -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = *node; -+ move = DOWN; -+ -+ while (!((p == *node) && (move == UP))) -+ { -+ if (move != UP) -+ { -+ if (type_field (p->type) == ASN1_ETYPE_IDENTIFIER) -+ { -+ snprintf (name2, sizeof (name2), "%s.%s", root->name, p->value); -+ p2 = _asn1_copy_structure2 (root, name2); -+ if (p2 == NULL) -+ { -+ return ASN1_IDENTIFIER_NOT_FOUND; -+ } -+ _asn1_cpy_name (p2, p); -+ p2->right = p->right; -+ p2->left = p->left; -+ if (p->right) -+ p->right->left = p2; -+ p3 = p->down; -+ if (p3) -+ { -+ while (p3->right) -+ p3 = p3->right; -+ _asn1_set_right (p3, p2->down); -+ _asn1_set_down (p2, p->down); -+ } -+ -+ p3 = _asn1_find_left (p); -+ if (p3) -+ _asn1_set_right (p3, p2); -+ else -+ { -+ p3 = _asn1_find_up (p); -+ if (p3) -+ _asn1_set_down (p3, p2); -+ else -+ { -+ p2->left = NULL; -+ } -+ } -+ -+ if (p->type & CONST_SIZE) -+ p2->type |= CONST_SIZE; -+ if (p->type & CONST_TAG) -+ p2->type |= CONST_TAG; -+ if (p->type & CONST_OPTION) -+ p2->type |= CONST_OPTION; -+ if (p->type & CONST_DEFAULT) -+ p2->type |= CONST_DEFAULT; -+ if (p->type & CONST_SET) -+ p2->type |= CONST_SET; -+ if (p->type & CONST_NOT_USED) -+ p2->type |= CONST_NOT_USED; -+ -+ if (p == *node) -+ *node = p2; -+ _asn1_remove_node (p, 0); -+ p = p2; -+ move = DOWN; -+ continue; -+ } -+ move = DOWN; -+ } -+ else -+ move = RIGHT; -+ -+ if (move == DOWN) -+ { -+ if (p->down) -+ p = p->down; -+ else -+ move = RIGHT; -+ } -+ -+ if (p == *node) -+ { -+ move = UP; -+ continue; -+ } -+ -+ if (move == RIGHT) -+ { -+ if (p->right) -+ p = p->right; -+ else -+ move = UP; -+ } -+ if (move == UP) -+ p = _asn1_find_up (p); -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_create_element: -+ * @definitions: pointer to the structure returned by "parser_asn1" function -+ * @source_name: the name of the type of the new structure (must be -+ * inside p_structure). -+ * @element: pointer to the structure created. -+ * -+ * Creates a structure of type @source_name. Example using -+ * "pkix.asn": -+ * -+ * rc = asn1_create_element(cert_def, "PKIX1.Certificate", certptr); -+ * -+ * Returns: %ASN1_SUCCESS if creation OK, %ASN1_ELEMENT_NOT_FOUND if -+ * @source_name is not known. -+ **/ -+int -+asn1_create_element (asn1_node_const definitions, const char *source_name, -+ asn1_node * element) -+{ -+ asn1_node dest_node; -+ int res; -+ -+ dest_node = _asn1_copy_structure2 (definitions, source_name); -+ -+ if (dest_node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ _asn1_set_name (dest_node, ""); -+ -+ res = _asn1_expand_identifier (&dest_node, definitions); -+ _asn1_type_choice_config (dest_node); -+ -+ *element = dest_node; -+ -+ return res; -+} -+ -+ -+/** -+ * asn1_print_structure: -+ * @out: pointer to the output file (e.g. stdout). -+ * @structure: pointer to the structure that you want to visit. -+ * @name: an element of the structure -+ * @mode: specify how much of the structure to print, can be -+ * %ASN1_PRINT_NAME, %ASN1_PRINT_NAME_TYPE, -+ * %ASN1_PRINT_NAME_TYPE_VALUE, or %ASN1_PRINT_ALL. -+ * -+ * Prints on the @out file descriptor the structure's tree starting -+ * from the @name element inside the structure @structure. -+ **/ -+void -+asn1_print_structure (FILE * out, asn1_node_const structure, const char *name, -+ int mode) -+{ -+ asn1_node_const p, root; -+ int k, indent = 0, len, len2, len3; -+ -+ if (out == NULL) -+ return; -+ -+ root = asn1_find_node (structure, name); -+ -+ if (root == NULL) -+ return; -+ -+ p = root; -+ while (p) -+ { -+ if (mode == ASN1_PRINT_ALL) -+ { -+ for (k = 0; k < indent; k++) -+ fprintf (out, " "); -+ fprintf (out, "name:"); -+ if (p->name[0] != 0) -+ fprintf (out, "%s ", p->name); -+ else -+ fprintf (out, "NULL "); -+ } -+ else -+ { -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_CONSTANT: -+ case ASN1_ETYPE_TAG: -+ case ASN1_ETYPE_SIZE: -+ break; -+ default: -+ for (k = 0; k < indent; k++) -+ fprintf (out, " "); -+ fprintf (out, "name:"); -+ if (p->name[0] != 0) -+ fprintf (out, "%s ", p->name); -+ else -+ fprintf (out, "NULL "); -+ } -+ } -+ -+ if (mode != ASN1_PRINT_NAME) -+ { -+ unsigned type = type_field (p->type); -+ switch (type) -+ { -+ case ASN1_ETYPE_CONSTANT: -+ if (mode == ASN1_PRINT_ALL) -+ fprintf (out, "type:CONST"); -+ break; -+ case ASN1_ETYPE_TAG: -+ if (mode == ASN1_PRINT_ALL) -+ fprintf (out, "type:TAG"); -+ break; -+ case ASN1_ETYPE_SIZE: -+ if (mode == ASN1_PRINT_ALL) -+ fprintf (out, "type:SIZE"); -+ break; -+ case ASN1_ETYPE_DEFAULT: -+ fprintf (out, "type:DEFAULT"); -+ break; -+ case ASN1_ETYPE_IDENTIFIER: -+ fprintf (out, "type:IDENTIFIER"); -+ break; -+ case ASN1_ETYPE_ANY: -+ fprintf (out, "type:ANY"); -+ break; -+ case ASN1_ETYPE_CHOICE: -+ fprintf (out, "type:CHOICE"); -+ break; -+ case ASN1_ETYPE_DEFINITIONS: -+ fprintf (out, "type:DEFINITIONS"); -+ break; -+ CASE_HANDLED_ETYPES: -+ fprintf (out, "%s", _asn1_tags[type].desc); -+ break; -+ default: -+ break; -+ } -+ } -+ -+ if ((mode == ASN1_PRINT_NAME_TYPE_VALUE) || (mode == ASN1_PRINT_ALL)) -+ { -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_CONSTANT: -+ if (mode == ASN1_PRINT_ALL) -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ break; -+ case ASN1_ETYPE_TAG: -+ if (mode == ASN1_PRINT_ALL) -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ break; -+ case ASN1_ETYPE_SIZE: -+ if (mode == ASN1_PRINT_ALL) -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ break; -+ case ASN1_ETYPE_DEFAULT: -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ else if (p->type & CONST_TRUE) -+ fprintf (out, " value:TRUE"); -+ else if (p->type & CONST_FALSE) -+ fprintf (out, " value:FALSE"); -+ break; -+ case ASN1_ETYPE_IDENTIFIER: -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ break; -+ case ASN1_ETYPE_INTEGER: -+ if (p->value) -+ { -+ len2 = -1; -+ len = asn1_get_length_der (p->value, p->value_len, &len2); -+ fprintf (out, " value:0x"); -+ if (len > 0) -+ for (k = 0; k < len; k++) -+ fprintf (out, "%02x", (unsigned) (p->value)[k + len2]); -+ } -+ break; -+ case ASN1_ETYPE_ENUMERATED: -+ if (p->value) -+ { -+ len2 = -1; -+ len = asn1_get_length_der (p->value, p->value_len, &len2); -+ fprintf (out, " value:0x"); -+ if (len > 0) -+ for (k = 0; k < len; k++) -+ fprintf (out, "%02x", (unsigned) (p->value)[k + len2]); -+ } -+ break; -+ case ASN1_ETYPE_BOOLEAN: -+ if (p->value) -+ { -+ if (p->value[0] == 'T') -+ fprintf (out, " value:TRUE"); -+ else if (p->value[0] == 'F') -+ fprintf (out, " value:FALSE"); -+ } -+ break; -+ case ASN1_ETYPE_BIT_STRING: -+ if (p->value) -+ { -+ len2 = -1; -+ len = asn1_get_length_der (p->value, p->value_len, &len2); -+ if (len > 0) -+ { -+ fprintf (out, " value(%i):", -+ (len - 1) * 8 - (p->value[len2])); -+ for (k = 1; k < len; k++) -+ fprintf (out, "%02x", (unsigned) (p->value)[k + len2]); -+ } -+ } -+ break; -+ case ASN1_ETYPE_GENERALIZED_TIME: -+ case ASN1_ETYPE_UTC_TIME: -+ if (p->value) -+ { -+ fprintf (out, " value:"); -+ for (k = 0; k < p->value_len; k++) -+ fprintf (out, "%c", (p->value)[k]); -+ } -+ break; -+ case ASN1_ETYPE_GENERALSTRING: -+ case ASN1_ETYPE_NUMERIC_STRING: -+ case ASN1_ETYPE_IA5_STRING: -+ case ASN1_ETYPE_TELETEX_STRING: -+ case ASN1_ETYPE_PRINTABLE_STRING: -+ case ASN1_ETYPE_UNIVERSAL_STRING: -+ case ASN1_ETYPE_UTF8_STRING: -+ case ASN1_ETYPE_VISIBLE_STRING: -+ if (p->value) -+ { -+ len2 = -1; -+ len = asn1_get_length_der (p->value, p->value_len, &len2); -+ fprintf (out, " value:"); -+ if (len > 0) -+ for (k = 0; k < len; k++) -+ fprintf (out, "%c", (p->value)[k + len2]); -+ } -+ break; -+ case ASN1_ETYPE_BMP_STRING: -+ case ASN1_ETYPE_OCTET_STRING: -+ if (p->value) -+ { -+ len2 = -1; -+ len = asn1_get_length_der (p->value, p->value_len, &len2); -+ fprintf (out, " value:"); -+ if (len > 0) -+ for (k = 0; k < len; k++) -+ fprintf (out, "%02x", (unsigned) (p->value)[k + len2]); -+ } -+ break; -+ case ASN1_ETYPE_OBJECT_ID: -+ if (p->value) -+ fprintf (out, " value:%s", p->value); -+ break; -+ case ASN1_ETYPE_ANY: -+ if (p->value) -+ { -+ len3 = -1; -+ len2 = asn1_get_length_der (p->value, p->value_len, &len3); -+ fprintf (out, " value:"); -+ if (len2 > 0) -+ for (k = 0; k < len2; k++) -+ fprintf (out, "%02x", (unsigned) (p->value)[k + len3]); -+ } -+ break; -+ case ASN1_ETYPE_SET: -+ case ASN1_ETYPE_SET_OF: -+ case ASN1_ETYPE_CHOICE: -+ case ASN1_ETYPE_DEFINITIONS: -+ case ASN1_ETYPE_SEQUENCE_OF: -+ case ASN1_ETYPE_SEQUENCE: -+ case ASN1_ETYPE_NULL: -+ break; -+ default: -+ break; -+ } -+ } -+ -+ if (mode == ASN1_PRINT_ALL) -+ { -+ if (p->type & 0x1FFFFF00) -+ { -+ fprintf (out, " attr:"); -+ if (p->type & CONST_UNIVERSAL) -+ fprintf (out, "UNIVERSAL,"); -+ if (p->type & CONST_PRIVATE) -+ fprintf (out, "PRIVATE,"); -+ if (p->type & CONST_APPLICATION) -+ fprintf (out, "APPLICATION,"); -+ if (p->type & CONST_EXPLICIT) -+ fprintf (out, "EXPLICIT,"); -+ if (p->type & CONST_IMPLICIT) -+ fprintf (out, "IMPLICIT,"); -+ if (p->type & CONST_TAG) -+ fprintf (out, "TAG,"); -+ if (p->type & CONST_DEFAULT) -+ fprintf (out, "DEFAULT,"); -+ if (p->type & CONST_TRUE) -+ fprintf (out, "TRUE,"); -+ if (p->type & CONST_FALSE) -+ fprintf (out, "FALSE,"); -+ if (p->type & CONST_LIST) -+ fprintf (out, "LIST,"); -+ if (p->type & CONST_MIN_MAX) -+ fprintf (out, "MIN_MAX,"); -+ if (p->type & CONST_OPTION) -+ fprintf (out, "OPTION,"); -+ if (p->type & CONST_1_PARAM) -+ fprintf (out, "1_PARAM,"); -+ if (p->type & CONST_SIZE) -+ fprintf (out, "SIZE,"); -+ if (p->type & CONST_DEFINED_BY) -+ fprintf (out, "DEF_BY,"); -+ if (p->type & CONST_GENERALIZED) -+ fprintf (out, "GENERALIZED,"); -+ if (p->type & CONST_UTC) -+ fprintf (out, "UTC,"); -+ if (p->type & CONST_SET) -+ fprintf (out, "SET,"); -+ if (p->type & CONST_NOT_USED) -+ fprintf (out, "NOT_USED,"); -+ if (p->type & CONST_ASSIGN) -+ fprintf (out, "ASSIGNMENT,"); -+ } -+ } -+ -+ if (mode == ASN1_PRINT_ALL) -+ { -+ fprintf (out, "\n"); -+ } -+ else -+ { -+ switch (type_field (p->type)) -+ { -+ case ASN1_ETYPE_CONSTANT: -+ case ASN1_ETYPE_TAG: -+ case ASN1_ETYPE_SIZE: -+ break; -+ default: -+ fprintf (out, "\n"); -+ } -+ } -+ -+ if (p->down) -+ { -+ p = p->down; -+ indent += 2; -+ } -+ else if (p == root) -+ { -+ p = NULL; -+ break; -+ } -+ else if (p->right) -+ p = p->right; -+ else -+ { -+ while (1) -+ { -+ p = _asn1_find_up (p); -+ if (p == root) -+ { -+ p = NULL; -+ break; -+ } -+ indent -= 2; -+ if (p->right) -+ { -+ p = p->right; -+ break; -+ } -+ } -+ } -+ } -+} -+ -+ -+ -+/** -+ * asn1_number_of_elements: -+ * @element: pointer to the root of an ASN1 structure. -+ * @name: the name of a sub-structure of ROOT. -+ * @num: pointer to an integer where the result will be stored -+ * -+ * Counts the number of elements of a sub-structure called NAME with -+ * names equal to "?1","?2", ... -+ * -+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if -+ * @name is not known, %ASN1_GENERIC_ERROR if pointer @num is %NULL. -+ **/ -+int -+asn1_number_of_elements (asn1_node_const element, const char *name, int *num) -+{ -+ asn1_node_const node, p; -+ -+ if (num == NULL) -+ return ASN1_GENERIC_ERROR; -+ -+ *num = 0; -+ -+ node = asn1_find_node (element, name); -+ if (node == NULL) -+ return ASN1_ELEMENT_NOT_FOUND; -+ -+ p = node->down; -+ -+ while (p) -+ { -+ if (p->name[0] == '?') -+ (*num)++; -+ p = p->right; -+ } -+ -+ return ASN1_SUCCESS; -+} -+ -+ -+/** -+ * asn1_find_structure_from_oid: -+ * @definitions: ASN1 definitions -+ * @oidValue: value of the OID to search (e.g. "1.2.3.4"). -+ * -+ * Search the structure that is defined just after an OID definition. -+ * -+ * Returns: %NULL when @oidValue not found, otherwise the pointer to a -+ * constant string that contains the element name defined just after -+ * the OID. -+ **/ -+const char * -+asn1_find_structure_from_oid (asn1_node_const definitions, const char *oidValue) -+{ -+ char name[2 * ASN1_MAX_NAME_SIZE + 2]; -+ char value[ASN1_MAX_NAME_SIZE]; -+ asn1_node p; -+ int len; -+ int result; -+ const char *definitionsName; -+ -+ if ((definitions == NULL) || (oidValue == NULL)) -+ return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ -+ -+ definitionsName = definitions->name; -+ -+ /* search the OBJECT_ID into definitions */ -+ p = definitions->down; -+ while (p) -+ { -+ if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) && -+ (p->type & CONST_ASSIGN)) -+ { -+ snprintf(name, sizeof(name), "%s.%s", definitionsName, p->name); -+ -+ len = ASN1_MAX_NAME_SIZE; -+ result = asn1_read_value (definitions, name, value, &len); -+ -+ if ((result == ASN1_SUCCESS) && (!strcmp (oidValue, value))) -+ { -+ p = p->right; -+ if (p == NULL) /* reach the end of ASN1 definitions */ -+ return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ -+ -+ return p->name; -+ } -+ } -+ p = p->right; -+ } -+ -+ return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ -+} -+ -+/** -+ * asn1_copy_node: -+ * @dst: Destination asn1 node. -+ * @dst_name: Field name in destination node. -+ * @src: Source asn1 node. -+ * @src_name: Field name in source node. -+ * -+ * Create a deep copy of a asn1_node variable. That -+ * function requires @dst to be expanded using asn1_create_element(). -+ * -+ * Returns: Return %ASN1_SUCCESS on success. -+ **/ -+int -+asn1_copy_node (asn1_node dst, const char *dst_name, -+ asn1_node_const src, const char *src_name) -+{ -+ int result; -+ asn1_node dst_node; -+ void *data = NULL; -+ int size = 0; -+ -+ result = asn1_der_coding (src, src_name, NULL, &size, NULL); -+ if (result != ASN1_MEM_ERROR) -+ return result; -+ -+ data = malloc (size); -+ if (data == NULL) -+ return ASN1_MEM_ERROR; -+ -+ result = asn1_der_coding (src, src_name, data, &size, NULL); -+ if (result != ASN1_SUCCESS) -+ { -+ free (data); -+ return result; -+ } -+ -+ dst_node = asn1_find_node (dst, dst_name); -+ if (dst_node == NULL) -+ { -+ free (data); -+ return ASN1_ELEMENT_NOT_FOUND; -+ } -+ -+ result = asn1_der_decoding (&dst_node, data, size, NULL); -+ -+ free (data); -+ -+ return result; -+} -+ -+/** -+ * asn1_dup_node: -+ * @src: Source asn1 node. -+ * @src_name: Field name in source node. -+ * -+ * Create a deep copy of a asn1_node variable. This function -+ * will return an exact copy of the provided structure. -+ * -+ * Returns: Return %NULL on failure. -+ **/ -+asn1_node -+asn1_dup_node (asn1_node_const src, const char *src_name) -+{ -+ return _asn1_copy_structure2(src, src_name); -+} -diff --git a/grub-core/lib/libtasn1/lib/element.h b/grub-core/lib/libtasn1/lib/element.h -new file mode 100644 -index 00000000000..440a33f4bb1 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/element.h -@@ -0,0 +1,40 @@ -+/* -+ * Copyright (C) 2000-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#ifndef _ELEMENT_H -+#define _ELEMENT_H -+ -+ -+struct node_tail_cache_st -+{ -+ asn1_node head; /* the first element of the sequence */ -+ asn1_node tail; -+}; -+ -+int _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcached); -+ -+int _asn1_convert_integer (const unsigned char *value, -+ unsigned char *value_out, -+ int value_out_size, int *len); -+ -+void _asn1_hierarchical_name (asn1_node_const node, char *name, int name_size); -+ -+#endif -diff --git a/grub-core/lib/libtasn1/lib/gstr.h b/grub-core/lib/libtasn1/lib/gstr.h -new file mode 100644 -index 00000000000..48229844ff3 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/gstr.h -@@ -0,0 +1,47 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#ifndef GSTR_H -+# define GSTR_H -+ -+unsigned int _asn1_str_cpy (char *dest, size_t dest_tot_size, -+ const char *src); -+void _asn1_str_cat (char *dest, size_t dest_tot_size, const char *src); -+ -+#define Estrcpy(x,y) _asn1_str_cpy(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y) -+#define Estrcat(x,y) _asn1_str_cat(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y) -+ -+inline static -+void safe_memset(void *data, int c, size_t size) -+{ -+ volatile unsigned volatile_zero = 0; -+ volatile char *vdata = (volatile char*)data; -+ -+ /* This is based on a nice trick for safe memset, -+ * sent by David Jacobson in the openssl-dev mailing list. -+ */ -+ -+ if (size > 0) do { -+ memset(data, c, size); -+ } while(vdata[volatile_zero] != c); -+} -+ -+#endif /* GSTR_H */ -diff --git a/grub-core/lib/libtasn1/lib/int.h b/grub-core/lib/libtasn1/lib/int.h -new file mode 100644 -index 00000000000..ea1625786c1 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/int.h -@@ -0,0 +1,221 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#ifndef INT_H -+#define INT_H -+ -+#ifdef HAVE_CONFIG_H -+#include -+#endif -+ -+#include -+#include -+#include -+#include -+ -+#ifdef HAVE_SYS_TYPES_H -+#include -+#endif -+ -+#include -+ -+#define ASN1_SMALL_VALUE_SIZE 16 -+ -+/* This structure is also in libtasn1.h, but then contains less -+ fields. You cannot make any modifications to these first fields -+ without breaking ABI. */ -+struct asn1_node_st -+{ -+ /* public fields: */ -+ char name[ASN1_MAX_NAME_SIZE + 1]; /* Node name */ -+ unsigned int name_hash; -+ unsigned int type; /* Node type */ -+ unsigned char *value; /* Node value */ -+ int value_len; -+ asn1_node down; /* Pointer to the son node */ -+ asn1_node right; /* Pointer to the brother node */ -+ asn1_node left; /* Pointer to the next list element */ -+ /* private fields: */ -+ unsigned char small_value[ASN1_SMALL_VALUE_SIZE]; /* For small values */ -+ -+ /* values used during decoding/coding */ -+ int tmp_ival; -+ unsigned start; /* the start of the DER sequence - if decoded */ -+ unsigned end; /* the end of the DER sequence - if decoded */ -+}; -+ -+typedef struct tag_and_class_st -+{ -+ unsigned tag; -+ unsigned class; -+ const char *desc; -+} tag_and_class_st; -+ -+/* the types that are handled in _asn1_tags */ -+#define CASE_HANDLED_ETYPES \ -+ case ASN1_ETYPE_NULL: \ -+ case ASN1_ETYPE_BOOLEAN: \ -+ case ASN1_ETYPE_INTEGER: \ -+ case ASN1_ETYPE_ENUMERATED: \ -+ case ASN1_ETYPE_OBJECT_ID: \ -+ case ASN1_ETYPE_OCTET_STRING: \ -+ case ASN1_ETYPE_GENERALSTRING: \ -+ case ASN1_ETYPE_NUMERIC_STRING: \ -+ case ASN1_ETYPE_IA5_STRING: \ -+ case ASN1_ETYPE_TELETEX_STRING: \ -+ case ASN1_ETYPE_PRINTABLE_STRING: \ -+ case ASN1_ETYPE_UNIVERSAL_STRING: \ -+ case ASN1_ETYPE_BMP_STRING: \ -+ case ASN1_ETYPE_UTF8_STRING: \ -+ case ASN1_ETYPE_VISIBLE_STRING: \ -+ case ASN1_ETYPE_BIT_STRING: \ -+ case ASN1_ETYPE_SEQUENCE: \ -+ case ASN1_ETYPE_SEQUENCE_OF: \ -+ case ASN1_ETYPE_SET: \ -+ case ASN1_ETYPE_UTC_TIME: \ -+ case ASN1_ETYPE_GENERALIZED_TIME: \ -+ case ASN1_ETYPE_SET_OF -+ -+#define ETYPE_TAG(etype) (_asn1_tags[etype].tag) -+#define ETYPE_CLASS(etype) (_asn1_tags[etype].class) -+#define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \ -+ (etype) <= _asn1_tags_size && \ -+ _asn1_tags[(etype)].desc != NULL)?1:0) -+ -+#define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \ -+ etype == ASN1_ETYPE_NUMERIC_STRING || etype == ASN1_ETYPE_IA5_STRING || \ -+ etype == ASN1_ETYPE_TELETEX_STRING || etype == ASN1_ETYPE_PRINTABLE_STRING || \ -+ etype == ASN1_ETYPE_UNIVERSAL_STRING || etype == ASN1_ETYPE_BMP_STRING || \ -+ etype == ASN1_ETYPE_UTF8_STRING || etype == ASN1_ETYPE_VISIBLE_STRING || \ -+ etype == ASN1_ETYPE_OCTET_STRING)?1:0) -+ -+extern unsigned int _asn1_tags_size; -+extern const tag_and_class_st _asn1_tags[]; -+ -+#define _asn1_strlen(s) strlen((const char *) s) -+#define _asn1_strtol(n,e,b) strtol((const char *) n, e, b) -+#define _asn1_strtoul(n,e,b) strtoul((const char *) n, e, b) -+#define _asn1_strcmp(a,b) strcmp((const char *)a, (const char *)b) -+#define _asn1_strcpy(a,b) strcpy((char *)a, (const char *)b) -+#define _asn1_strcat(a,b) strcat((char *)a, (const char *)b) -+ -+#if SIZEOF_UNSIGNED_LONG_INT == 8 -+# define _asn1_strtou64(n,e,b) strtoul((const char *) n, e, b) -+#else -+# define _asn1_strtou64(n,e,b) strtoull((const char *) n, e, b) -+#endif -+ -+#define MAX_LOG_SIZE 1024 /* maximum number of characters of a log message */ -+ -+/* Define used for visiting trees. */ -+#define UP 1 -+#define RIGHT 2 -+#define DOWN 3 -+ -+/***********************************************************************/ -+/* List of constants to better specify the type of typedef asn1_node_st. */ -+/***********************************************************************/ -+/* Used with TYPE_TAG */ -+#define CONST_UNIVERSAL (1U<<8) -+#define CONST_PRIVATE (1U<<9) -+#define CONST_APPLICATION (1U<<10) -+#define CONST_EXPLICIT (1U<<11) -+#define CONST_IMPLICIT (1U<<12) -+ -+#define CONST_TAG (1U<<13) /* Used in ASN.1 assignement */ -+#define CONST_OPTION (1U<<14) -+#define CONST_DEFAULT (1U<<15) -+#define CONST_TRUE (1U<<16) -+#define CONST_FALSE (1U<<17) -+ -+#define CONST_LIST (1U<<18) /* Used with TYPE_INTEGER and TYPE_BIT_STRING */ -+#define CONST_MIN_MAX (1U<<19) -+ -+#define CONST_1_PARAM (1U<<20) -+ -+#define CONST_SIZE (1U<<21) -+ -+#define CONST_DEFINED_BY (1U<<22) -+ -+/* Those two are deprecated and used for backwards compatibility */ -+#define CONST_GENERALIZED (1U<<23) -+#define CONST_UTC (1U<<24) -+ -+/* #define CONST_IMPORTS (1U<<25) */ -+ -+#define CONST_NOT_USED (1U<<26) -+#define CONST_SET (1U<<27) -+#define CONST_ASSIGN (1U<<28) -+ -+#define CONST_DOWN (1U<<29) -+#define CONST_RIGHT (1U<<30) -+ -+ -+#define ASN1_ETYPE_TIME 17 -+/****************************************/ -+/* Returns the first 8 bits. */ -+/* Used with the field type of asn1_node_st */ -+/****************************************/ -+inline static unsigned int -+type_field (unsigned int ntype) -+{ -+ return (ntype & 0xff); -+} -+ -+/* To convert old types from a static structure */ -+inline static unsigned int -+convert_old_type (unsigned int ntype) -+{ -+ unsigned int type = ntype & 0xff; -+ if (type == ASN1_ETYPE_TIME) -+ { -+ if (ntype & CONST_UTC) -+ type = ASN1_ETYPE_UTC_TIME; -+ else -+ type = ASN1_ETYPE_GENERALIZED_TIME; -+ -+ ntype &= ~(CONST_UTC | CONST_GENERALIZED); -+ ntype &= 0xffffff00; -+ ntype |= type; -+ -+ return ntype; -+ } -+ else -+ return ntype; -+} -+ -+static inline -+void *_asn1_realloc(void *ptr, size_t size) -+{ -+ void *ret; -+ -+ if (size == 0) -+ return ptr; -+ -+ ret = realloc(ptr, size); -+ if (ret == NULL) -+ { -+ free(ptr); -+ } -+ return ret; -+} -+ -+#endif /* INT_H */ -diff --git a/grub-core/lib/libtasn1/lib/parser_aux.h b/grub-core/lib/libtasn1/lib/parser_aux.h -new file mode 100644 -index 00000000000..598e684b355 ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/parser_aux.h -@@ -0,0 +1,172 @@ -+/* -+ * Copyright (C) 2000-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+#ifndef _PARSER_AUX_H -+#define _PARSER_AUX_H -+ -+/***********************************************/ -+/* Type: list_type */ -+/* Description: type used in the list during */ -+/* the structure creation. */ -+/***********************************************/ -+typedef struct list_struct -+{ -+ asn1_node node; -+ struct list_struct *next; -+} list_type; -+ -+/***************************************/ -+/* Functions used by ASN.1 parser */ -+/***************************************/ -+asn1_node _asn1_add_static_node (list_type **e_list, unsigned int type); -+ -+void _asn1_delete_list (list_type *e_list); -+ -+void _asn1_delete_list_and_nodes (list_type *e_list); -+ -+void _asn1_delete_node_from_list (list_type *list, asn1_node node); -+ -+asn1_node -+_asn1_set_value (asn1_node node, const void *value, unsigned int len); -+ -+asn1_node _asn1_set_value_m (asn1_node node, void *value, unsigned int len); -+ -+asn1_node -+_asn1_set_value_lv (asn1_node node, const void *value, unsigned int len); -+ -+asn1_node -+_asn1_append_value (asn1_node node, const void *value, unsigned int len); -+ -+asn1_node _asn1_set_name (asn1_node node, const char *name); -+ -+asn1_node _asn1_cpy_name (asn1_node dst, asn1_node_const src); -+ -+asn1_node _asn1_set_right (asn1_node node, asn1_node right); -+ -+asn1_node _asn1_get_last_right (asn1_node_const node); -+ -+void _asn1_remove_node (asn1_node node, unsigned int flags); -+ -+/* Max 64-bit integer length is 20 chars + 1 for sign + 1 for null termination */ -+#define LTOSTR_MAX_SIZE 22 -+char *_asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE]); -+ -+asn1_node _asn1_find_up (asn1_node_const node); -+ -+int _asn1_change_integer_value (asn1_node node); -+ -+#define EXPAND_OBJECT_ID_MAX_RECURSION 16 -+int _asn1_expand_object_id (list_type **list, asn1_node node); -+ -+int _asn1_type_set_config (asn1_node node); -+ -+int _asn1_check_identifier (asn1_node_const node); -+ -+int _asn1_set_default_tag (asn1_node node); -+ -+/******************************************************************/ -+/* Function : _asn1_get_right */ -+/* Description: returns the element pointed by the RIGHT field of */ -+/* a NODE_ASN element. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* Return: field RIGHT of NODE. */ -+/******************************************************************/ -+inline static asn1_node -+_asn1_get_right (asn1_node_const node) -+{ -+ if (node == NULL) -+ return NULL; -+ return node->right; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_set_down */ -+/* Description: sets the field DOWN in a NODE_ASN element. */ -+/* Parameters: */ -+/* node: element pointer. */ -+/* down: pointer to a NODE_ASN element that you want be pointed */ -+/* by NODE. */ -+/* Return: pointer to *NODE. */ -+/******************************************************************/ -+inline static asn1_node -+_asn1_set_down (asn1_node node, asn1_node down) -+{ -+ if (node == NULL) -+ return node; -+ node->down = down; -+ if (down) -+ down->left = node; -+ return node; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_get_down */ -+/* Description: returns the element pointed by the DOWN field of */ -+/* a NODE_ASN element. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* Return: field DOWN of NODE. */ -+/******************************************************************/ -+inline static asn1_node -+_asn1_get_down (asn1_node_const node) -+{ -+ if (node == NULL) -+ return NULL; -+ return node->down; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_get_name */ -+/* Description: returns the name of a NODE_ASN element. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* Return: a null terminated string. */ -+/******************************************************************/ -+inline static char * -+_asn1_get_name (asn1_node_const node) -+{ -+ if (node == NULL) -+ return NULL; -+ return (char *) node->name; -+} -+ -+/******************************************************************/ -+/* Function : _asn1_mod_type */ -+/* Description: change the field TYPE of an NODE_ASN element. */ -+/* The new value is the old one | (bitwise or) the */ -+/* paramener VALUE. */ -+/* Parameters: */ -+/* node: NODE_ASN element pointer. */ -+/* value: the integer value that must be or-ed with the current */ -+/* value of field TYPE. */ -+/* Return: NODE pointer. */ -+/******************************************************************/ -+inline static asn1_node -+_asn1_mod_type (asn1_node node, unsigned int value) -+{ -+ if (node == NULL) -+ return node; -+ node->type |= value; -+ return node; -+} -+ -+#endif -diff --git a/grub-core/lib/libtasn1/lib/structure.h b/grub-core/lib/libtasn1/lib/structure.h -new file mode 100644 -index 00000000000..99e685da07a ---- /dev/null -+++ b/grub-core/lib/libtasn1/lib/structure.h -@@ -0,0 +1,45 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * The LIBTASN1 library is free software; you can redistribute it -+ * and/or modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ */ -+ -+/*************************************************/ -+/* File: structure.h */ -+/* Description: list of exported object by */ -+/* "structure.c" */ -+/*************************************************/ -+ -+#ifndef _STRUCTURE_H -+#define _STRUCTURE_H -+ -+#include "parser_aux.h" // list_type -+ -+int _asn1_create_static_structure (asn1_node_const pointer, -+ char *output_file_name, char *vector_name); -+ -+asn1_node _asn1_copy_structure3 (asn1_node_const source_node); -+ -+asn1_node _asn1_add_single_node (unsigned int type); -+ -+asn1_node _asn1_find_left (asn1_node_const node); -+ -+int -+_asn1_delete_structure (list_type *e_list, asn1_node *structure, unsigned int flags); -+ -+#endif -diff --git a/include/grub/libtasn1.h b/include/grub/libtasn1.h -new file mode 100644 -index 00000000000..6fd7a30dc35 ---- /dev/null -+++ b/include/grub/libtasn1.h -@@ -0,0 +1,588 @@ -+/* -+ * Copyright (C) 2002-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * LIBTASN1 is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU Lesser General Public License as -+ * published by the Free Software Foundation; either version 2.1 of -+ * the License, or (at your option) any later version. -+ * -+ * LIBTASN1 is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with LIBTASN1; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+ * 02110-1301, USA -+ * -+ */ -+ -+/** -+ * libtasn1:Short_Description: -+ * -+ * GNU ASN.1 library -+ */ -+/** -+ * libtasn1:Long_Description: -+ * -+ * The Libtasn1 library provides Abstract Syntax Notation One (ASN.1, as -+ * specified by the X.680 ITU-T recommendation) parsing and structures -+ * management, and Distinguished Encoding Rules (DER, as per X.690) -+ * encoding and decoding functions. -+ */ -+ -+ -+#ifndef LIBTASN1_H -+#define LIBTASN1_H -+ -+#ifndef ASN1_API -+#if defined ASN1_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY -+#define ASN1_API __attribute__((__visibility__("default"))) -+#elif defined ASN1_BUILDING && defined _MSC_VER && ! defined ASN1_STATIC -+#define ASN1_API __declspec(dllexport) -+#elif defined _MSC_VER && ! defined ASN1_STATIC -+#define ASN1_API __declspec(dllimport) -+#else -+#define ASN1_API -+#endif -+#endif -+ -+#ifdef __GNUC__ -+# define __LIBTASN1_CONST__ __attribute__((const)) -+# define __LIBTASN1_PURE__ __attribute__((pure)) -+#else -+# define __LIBTASN1_CONST__ -+# define __LIBTASN1_PURE__ -+#endif -+ -+#include -+#include -+#include /* for FILE* */ -+ -+#ifdef __cplusplus -+extern "C" -+{ -+#endif -+ -+/** -+ * ASN1_VERSION: -+ * -+ * Version of the library as a string. -+ */ -+#define ASN1_VERSION "4.16.0" -+ -+/** -+ * ASN1_VERSION_MAJOR: -+ * -+ * Major version number of the library. -+ */ -+#define ASN1_VERSION_MAJOR 4 -+ -+/** -+ * ASN1_VERSION_MINOR: -+ * -+ * Minor version number of the library. -+ */ -+#define ASN1_VERSION_MINOR 16 -+ -+/** -+ * ASN1_VERSION_PATCH: -+ * -+ * Patch version number of the library. -+ */ -+#define ASN1_VERSION_PATCH 0 -+ -+/** -+ * ASN1_VERSION_NUMBER: -+ * -+ * Version number of the library as a number. -+ */ -+#define ASN1_VERSION_NUMBER 0x041000 -+ -+ -+#if defined __GNUC__ && !defined ASN1_INTERNAL_BUILD -+# define _ASN1_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -+# if _ASN1_GCC_VERSION >= 30100 -+# define _ASN1_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__)) -+# endif -+#endif -+ -+#ifndef _ASN1_GCC_ATTR_DEPRECATED -+#define _ASN1_GCC_ATTR_DEPRECATED -+#endif -+ -+/*****************************************/ -+/* Errors returned by libtasn1 functions */ -+/*****************************************/ -+#define ASN1_SUCCESS 0 -+#define ASN1_FILE_NOT_FOUND 1 -+#define ASN1_ELEMENT_NOT_FOUND 2 -+#define ASN1_IDENTIFIER_NOT_FOUND 3 -+#define ASN1_DER_ERROR 4 -+#define ASN1_VALUE_NOT_FOUND 5 -+#define ASN1_GENERIC_ERROR 6 -+#define ASN1_VALUE_NOT_VALID 7 -+#define ASN1_TAG_ERROR 8 -+#define ASN1_TAG_IMPLICIT 9 -+#define ASN1_ERROR_TYPE_ANY 10 -+#define ASN1_SYNTAX_ERROR 11 -+#define ASN1_MEM_ERROR 12 -+#define ASN1_MEM_ALLOC_ERROR 13 -+#define ASN1_DER_OVERFLOW 14 -+#define ASN1_NAME_TOO_LONG 15 -+#define ASN1_ARRAY_ERROR 16 -+#define ASN1_ELEMENT_NOT_EMPTY 17 -+#define ASN1_TIME_ENCODING_ERROR 18 -+#define ASN1_RECURSION 19 -+ -+/*************************************/ -+/* Constants used in asn1_visit_tree */ -+/*************************************/ -+#define ASN1_PRINT_NAME 1 -+#define ASN1_PRINT_NAME_TYPE 2 -+#define ASN1_PRINT_NAME_TYPE_VALUE 3 -+#define ASN1_PRINT_ALL 4 -+ -+/*****************************************/ -+/* Constants returned by asn1_read_tag */ -+/*****************************************/ -+#define ASN1_CLASS_UNIVERSAL 0x00 /* old: 1 */ -+#define ASN1_CLASS_APPLICATION 0x40 /* old: 2 */ -+#define ASN1_CLASS_CONTEXT_SPECIFIC 0x80 /* old: 3 */ -+#define ASN1_CLASS_PRIVATE 0xC0 /* old: 4 */ -+#define ASN1_CLASS_STRUCTURED 0x20 -+ -+/*****************************************/ -+/* Constants returned by asn1_read_tag */ -+/*****************************************/ -+#define ASN1_TAG_BOOLEAN 0x01 -+#define ASN1_TAG_INTEGER 0x02 -+#define ASN1_TAG_SEQUENCE 0x10 -+#define ASN1_TAG_SET 0x11 -+#define ASN1_TAG_OCTET_STRING 0x04 -+#define ASN1_TAG_BIT_STRING 0x03 -+#define ASN1_TAG_UTCTime 0x17 -+#define ASN1_TAG_GENERALIZEDTime 0x18 -+#define ASN1_TAG_OBJECT_ID 0x06 -+#define ASN1_TAG_ENUMERATED 0x0A -+#define ASN1_TAG_NULL 0x05 -+#define ASN1_TAG_GENERALSTRING 0x1B -+#define ASN1_TAG_NUMERIC_STRING 0x12 -+#define ASN1_TAG_IA5_STRING 0x16 -+#define ASN1_TAG_TELETEX_STRING 0x14 -+#define ASN1_TAG_PRINTABLE_STRING 0x13 -+#define ASN1_TAG_UNIVERSAL_STRING 0x1C -+#define ASN1_TAG_BMP_STRING 0x1E -+#define ASN1_TAG_UTF8_STRING 0x0C -+#define ASN1_TAG_VISIBLE_STRING 0x1A -+ -+/** -+ * asn1_node: -+ * -+ * Structure definition used for the node of the tree -+ * that represents an ASN.1 DEFINITION. -+ */ -+typedef struct asn1_node_st asn1_node_st; -+ -+typedef asn1_node_st *asn1_node; -+typedef const asn1_node_st *asn1_node_const; -+ -+/** -+ * ASN1_MAX_NAME_SIZE: -+ * -+ * Maximum number of characters of a name -+ * inside a file with ASN1 definitions. -+ */ -+#define ASN1_MAX_NAME_SIZE 64 -+ -+ -+/** -+ * asn1_static_node: -+ * @name: Node name -+ * @type: Node typ -+ * @value: Node value -+ * -+ * For the on-disk format of ASN.1 trees, created by asn1_parser2array(). -+ */ -+struct asn1_static_node_st -+{ -+ const char *name; /* Node name */ -+ unsigned int type; /* Node type */ -+ const void *value; /* Node value */ -+}; -+typedef struct asn1_static_node_st asn1_static_node; -+ -+/* List of constants for field type of node_asn */ -+#define ASN1_ETYPE_INVALID 0 -+#define ASN1_ETYPE_CONSTANT 1 -+#define ASN1_ETYPE_IDENTIFIER 2 -+#define ASN1_ETYPE_INTEGER 3 -+#define ASN1_ETYPE_BOOLEAN 4 -+#define ASN1_ETYPE_SEQUENCE 5 -+#define ASN1_ETYPE_BIT_STRING 6 -+#define ASN1_ETYPE_OCTET_STRING 7 -+#define ASN1_ETYPE_TAG 8 -+#define ASN1_ETYPE_DEFAULT 9 -+#define ASN1_ETYPE_SIZE 10 -+#define ASN1_ETYPE_SEQUENCE_OF 11 -+#define ASN1_ETYPE_OBJECT_ID 12 -+#define ASN1_ETYPE_ANY 13 -+#define ASN1_ETYPE_SET 14 -+#define ASN1_ETYPE_SET_OF 15 -+#define ASN1_ETYPE_DEFINITIONS 16 -+#define ASN1_ETYPE_CHOICE 18 -+#define ASN1_ETYPE_IMPORTS 19 -+#define ASN1_ETYPE_NULL 20 -+#define ASN1_ETYPE_ENUMERATED 21 -+#define ASN1_ETYPE_GENERALSTRING 27 -+#define ASN1_ETYPE_NUMERIC_STRING 28 -+#define ASN1_ETYPE_IA5_STRING 29 -+#define ASN1_ETYPE_TELETEX_STRING 30 -+#define ASN1_ETYPE_PRINTABLE_STRING 31 -+#define ASN1_ETYPE_UNIVERSAL_STRING 32 -+#define ASN1_ETYPE_BMP_STRING 33 -+#define ASN1_ETYPE_UTF8_STRING 34 -+#define ASN1_ETYPE_VISIBLE_STRING 35 -+#define ASN1_ETYPE_UTC_TIME 36 -+#define ASN1_ETYPE_GENERALIZED_TIME 37 -+ -+/** -+ * ASN1_DELETE_FLAG_ZEROIZE: -+ * -+ * Used by: asn1_delete_structure2() -+ * -+ * Zeroize values prior to deinitialization. -+ */ -+#define ASN1_DELETE_FLAG_ZEROIZE 1 -+ -+/** -+ * ASN1_DECODE_FLAG_ALLOW_PADDING: -+ * -+ * Used by: asn1_der_decoding2() -+ * -+ * This flag would allow arbitrary data past the DER data. -+ */ -+#define ASN1_DECODE_FLAG_ALLOW_PADDING 1 -+/** -+ * ASN1_DECODE_FLAG_STRICT_DER: -+ * -+ * Used by: asn1_der_decoding2() -+ * -+ * This flag would ensure that no BER decoding takes place. -+ */ -+#define ASN1_DECODE_FLAG_STRICT_DER (1<<1) -+/** -+ * ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME: -+ * -+ * Used by: asn1_der_decoding2() -+ * -+ * This flag will tolerate Time encoding errors when in strict DER. -+ */ -+#define ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME (1<<2) -+ -+ -+/** -+ * asn1_data_node_st: -+ * @name: Node name -+ * @value: Node value -+ * @value_len: Node value size -+ * @type: Node value type (ASN1_ETYPE_*) -+ * -+ * Data node inside a #asn1_node structure. -+ */ -+struct asn1_data_node_st -+{ -+ const char *name; /* Node name */ -+ const void *value; /* Node value */ -+ unsigned int value_len; /* Node value size */ -+ unsigned int type; /* Node value type (ASN1_ETYPE_*) */ -+}; -+typedef struct asn1_data_node_st asn1_data_node_st; -+ -+/***********************************/ -+/* Fixed constants */ -+/***********************************/ -+ -+/** -+ * ASN1_MAX_ERROR_DESCRIPTION_SIZE: -+ * -+ * Maximum number of characters -+ * of a description message -+ * (null character included). -+ */ -+#define ASN1_MAX_ERROR_DESCRIPTION_SIZE 128 -+ -+/***********************************/ -+/* Functions definitions */ -+/***********************************/ -+ -+extern ASN1_API int -+ asn1_parser2tree (const char *file, -+ asn1_node * definitions, char *error_desc); -+ -+extern ASN1_API int -+ asn1_parser2array (const char *inputFileName, -+ const char *outputFileName, -+ const char *vectorName, char *error_desc); -+ -+extern ASN1_API int -+ asn1_array2tree (const asn1_static_node * array, -+ asn1_node * definitions, char *errorDescription); -+ -+extern ASN1_API void -+ asn1_print_structure (FILE * out, asn1_node_const structure, -+ const char *name, int mode); -+ -+extern ASN1_API int -+ asn1_create_element (asn1_node_const definitions, -+ const char *source_name, asn1_node * element); -+ -+extern ASN1_API int asn1_delete_structure (asn1_node * structure); -+ -+extern ASN1_API int asn1_delete_structure2 (asn1_node * structure, unsigned int flags); -+ -+extern ASN1_API int -+ asn1_delete_element (asn1_node structure, const char *element_name); -+ -+extern ASN1_API int -+ asn1_write_value (asn1_node node_root, const char *name, -+ const void *ivalue, int len); -+ -+extern ASN1_API int -+ asn1_read_value (asn1_node_const root, const char *name, -+ void *ivalue, int *len); -+ -+extern ASN1_API int -+ asn1_read_value_type (asn1_node_const root, const char *name, -+ void *ivalue, int *len, unsigned int *etype); -+ -+extern ASN1_API int -+ asn1_read_node_value (asn1_node_const node, asn1_data_node_st * data); -+ -+extern ASN1_API int -+ asn1_number_of_elements (asn1_node_const element, const char *name, int *num); -+ -+extern ASN1_API int -+ asn1_der_coding (asn1_node_const element, const char *name, -+ void *ider, int *len, char *ErrorDescription); -+ -+extern ASN1_API int -+ asn1_der_decoding2 (asn1_node *element, const void *ider, -+ int *max_ider_len, unsigned int flags, -+ char *errorDescription); -+ -+extern ASN1_API int -+ asn1_der_decoding (asn1_node * element, const void *ider, -+ int ider_len, char *errorDescription); -+ -+/* Do not use. Use asn1_der_decoding() instead. */ -+extern ASN1_API int -+ asn1_der_decoding_element (asn1_node * structure, -+ const char *elementName, -+ const void *ider, int len, -+ char *errorDescription) _ASN1_GCC_ATTR_DEPRECATED; -+ -+extern ASN1_API int -+ asn1_der_decoding_startEnd (asn1_node element, -+ const void *ider, int ider_len, -+ const char *name_element, -+ int *start, int *end); -+ -+extern ASN1_API int -+ asn1_expand_any_defined_by (asn1_node_const definitions, asn1_node * element); -+ -+extern ASN1_API int -+ asn1_expand_octet_string (asn1_node_const definitions, -+ asn1_node * element, -+ const char *octetName, const char *objectName); -+ -+extern ASN1_API int -+ asn1_read_tag (asn1_node_const root, const char *name, -+ int *tagValue, int *classValue); -+ -+extern ASN1_API const char *asn1_find_structure_from_oid (asn1_node_const -+ definitions, -+ const char -+ *oidValue); -+ -+__LIBTASN1_PURE__ -+extern ASN1_API const char *asn1_check_version (const char *req_version); -+ -+__LIBTASN1_PURE__ -+extern ASN1_API const char *asn1_strerror (int error); -+ -+extern ASN1_API void asn1_perror (int error); -+ -+#define ASN1_MAX_TAG_SIZE 4 -+#define ASN1_MAX_LENGTH_SIZE 9 -+#define ASN1_MAX_TL_SIZE (ASN1_MAX_TAG_SIZE+ASN1_MAX_LENGTH_SIZE) -+extern ASN1_API long -+ asn1_get_length_der (const unsigned char *der, int der_len, int *len); -+ -+extern ASN1_API long -+ asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len); -+ -+extern ASN1_API void -+ asn1_length_der (unsigned long int len, unsigned char *der, int *der_len); -+ -+/* Other utility functions. */ -+ -+extern ASN1_API -+ int asn1_decode_simple_der (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, -+ const unsigned char **str, -+ unsigned int *str_len); -+ -+extern ASN1_API -+ int asn1_decode_simple_ber (unsigned int etype, const unsigned char *der, -+ unsigned int _der_len, -+ unsigned char **str, -+ unsigned int *str_len, -+ unsigned int *ber_len); -+ -+extern ASN1_API int -+ asn1_encode_simple_der (unsigned int etype, const unsigned char *str, -+ unsigned int str_len, unsigned char *tl, -+ unsigned int *tl_len); -+ -+extern ASN1_API asn1_node -+ asn1_find_node (asn1_node_const pointer, const char *name); -+ -+extern ASN1_API int -+ asn1_copy_node (asn1_node dst, const char *dst_name, -+ asn1_node_const src, const char *src_name); -+extern ASN1_API asn1_node -+ asn1_dup_node (asn1_node_const src, const char *src_name); -+ -+/* Internal and low-level DER utility functions. */ -+ -+extern ASN1_API int -+ asn1_get_tag_der (const unsigned char *der, int der_len, -+ unsigned char *cls, int *len, unsigned long *tag); -+ -+extern ASN1_API void -+ asn1_octet_der (const unsigned char *str, int str_len, -+ unsigned char *der, int *der_len); -+ -+extern ASN1_API int -+ asn1_get_octet_der (const unsigned char *der, int der_len, -+ int *ret_len, unsigned char *str, -+ int str_size, int *str_len); -+ -+extern ASN1_API void asn1_bit_der (const unsigned char *str, int bit_len, -+ unsigned char *der, int *der_len); -+ -+extern ASN1_API int -+ asn1_get_bit_der (const unsigned char *der, int der_len, -+ int *ret_len, unsigned char *str, -+ int str_size, int *bit_len); -+ -+extern ASN1_API int -+ asn1_get_object_id_der (const unsigned char *der, -+ int der_len, int *ret_len, -+ char *str, int str_size); -+ -+extern ASN1_API int -+ asn1_object_id_der (const char *str, unsigned char *der, int *der_len, -+ unsigned flags); -+ -+/* Compatibility types */ -+ -+/** -+ * asn1_retCode: -+ * -+ * Type formerly returned by libtasn1 functions. -+ * -+ * Deprecated: 3.0: Use int instead. -+ */ -+typedef int asn1_retCode; -+ -+/** -+ * node_asn_struct: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_node instead. -+ */ -+#define node_asn_struct asn1_node_st -+ -+/** -+ * node_asn: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_node instead. -+ */ -+#define node_asn asn1_node_st -+ -+/** -+ * ASN1_TYPE: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_node instead. -+ */ -+#define ASN1_TYPE asn1_node -+ -+/** -+ * ASN1_TYPE_EMPTY: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use NULL instead. -+ */ -+#define ASN1_TYPE_EMPTY NULL -+ -+/** -+ * static_struct_asn: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_static_node instead. -+ */ -+#define static_struct_asn asn1_static_node_st -+ -+/** -+ * ASN1_ARRAY_TYPE: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_static_node instead. -+ */ -+#define ASN1_ARRAY_TYPE asn1_static_node -+ -+/** -+ * asn1_static_node_t: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_static_node instead. -+ */ -+#define asn1_static_node_t asn1_static_node -+ -+/** -+ * node_data_struct: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_data_node_st instead. -+ */ -+#define node_data_struct asn1_data_node_st -+ -+/** -+ * ASN1_DATA_NODE: -+ * -+ * Compat #define. -+ * -+ * Deprecated: 3.0: Use #asn1_data_node_st instead. -+ */ -+#define ASN1_DATA_NODE asn1_data_node_st -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* LIBTASN1_H */ -diff --git a/grub-core/lib/libtasn1/LICENSE b/grub-core/lib/libtasn1/LICENSE -new file mode 100644 -index 00000000000..e8b3628db9b ---- /dev/null -+++ b/grub-core/lib/libtasn1/LICENSE -@@ -0,0 +1,16 @@ -+LICENSING -+========= -+ -+The libtasn1 library is released under the GNU Lesser General Public -+License (LGPL) version 2.1 or later; see [COPYING.LESSER](doc/COPYING.LESSER) -+for the license terms. -+ -+The GNU LGPL applies to the main libtasn1 library, while the -+included applications library are under the GNU GPL version 3. -+The libtasn1 library is located in the lib directory, while the applications -+in src/. -+ -+The documentation in doc/ is under the GNU FDL license 1.3. -+ -+For any copyright year range specified as YYYY-ZZZZ in this package -+note that the range specifies every single year in that closed interval. -diff --git a/grub-core/lib/libtasn1/README.md b/grub-core/lib/libtasn1/README.md -new file mode 100644 -index 00000000000..50a8642296c ---- /dev/null -+++ b/grub-core/lib/libtasn1/README.md -@@ -0,0 +1,91 @@ -+|Branch|CI system|Status| -+|:----:|:-------:|-----:| -+|Master|Gitlab|[![build status](https://gitlab.com/gnutls/libtasn1/badges/master/pipeline.svg)](https://gitlab.com/gnutls/libtasn1/commits/master)[![coverage report](https://gitlab.com/gnutls/libtasn1/badges/master/coverage.svg)](https://gnutls.gitlab.io/libtasn1/coverage)| -+ -+# libtasn1 -+ -+This is GNU Libtasn1, a small ASN.1 library. -+ -+The C library (libtasn1.*) is licensed under the GNU Lesser General -+Public License version 2.1 or later. See the file COPYING.LIB. -+ -+The command line tool, self tests, examples, and other auxilliary -+files, are licensed under the GNU General Public License version 3.0 -+or later. See the file COPYING. -+ -+## Building the library -+ -+We require several tools to build the software, including: -+ -+* [Make](https://www.gnu.org/software/make/) -+* [Automake](https://www.gnu.org/software/automake/) (use 1.11.3 or later) -+* [Autoconf](https://www.gnu.org/software/autoconf/) -+* [Libtool](https://www.gnu.org/software/libtool/) -+* [Texinfo](https://www.gnu.org/software/texinfo/) -+* [help2man](http://www.gnu.org/software/help2man/) -+* [Tar](https://www.gnu.org/software/tar/) -+* [Gzip](https://www.gnu.org/software/gzip/) -+* [bison](https://www.gnu.org/software/bison/) -+* [Texlive & epsf](https://www.tug.org/texlive/) (for PDF manual) -+* [GTK-DOC](https://www.gtk.org/gtk-doc/) (for API manual) -+* [Git](https://git-scm.com/) -+* [libabigail](https://pagure.io/libabigail/) (for abi comparison in make dist) -+* [Valgrind](https://valgrind.org/) (optional) -+ -+The required software is typically distributed with your operating -+system, and the instructions for installing them differ. Here are -+some hints: -+ -+gNewSense/Debian/Ubuntu: -+``` -+sudo apt-get install make git-core autoconf automake libtool -+sudo apt-get install texinfo texlive texlive-generic-recommended texlive-extra-utils -+sudo apt-get install help2man gtk-doc-tools valgrind abigail-tools -+``` -+ -+The next step is to run autoreconf, ./configure, etc: -+ -+``` -+$ ./bootstrap -+``` -+ -+Then build the project normally: -+ -+``` -+$ make -+$ make check -+``` -+ -+Happy hacking! -+ -+ -+## Manual -+ -+The manual is in the `doc/` directory of the release. You can also browse -+the manual online at: -+ -+ - https://gnutls.gitlab.io/libtasn1/ -+ -+ -+## Code coverage report -+ -+The coverage report is at: -+ -+ - https://gnutls.gitlab.io/libtasn1/coverage -+ -+ -+## Issue trackers -+ -+ - [Main issue tracker](https://gitlab.com/gnutls/libtasn1/issues) -+ - [oss-fuzz found issues](https://bugs.chromium.org/p/oss-fuzz/issues/list?q=libtasn1&can=2) -+ -+ -+## Homepage -+ -+The project homepage at the gnu site is at: -+ -+http://www.gnu.org/software/libtasn1/ -+ -+ -+For any copyright year range specified as YYYY-ZZZZ in this package -+note that the range specifies every single year in that closed interval. diff --git a/0170-libtasn1-disable-code-not-needed-in-grub.patch b/0170-libtasn1-disable-code-not-needed-in-grub.patch deleted file mode 100644 index 00f55888d7e83c744e28b78c162d97169c1d324e..0000000000000000000000000000000000000000 --- a/0170-libtasn1-disable-code-not-needed-in-grub.patch +++ /dev/null @@ -1,307 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 1 May 2020 17:12:23 +1000 -Subject: [PATCH] libtasn1: disable code not needed in grub - -We don't expect to be able to write ASN.1, only read it, -so we can disable some code. - -Do that with #if 0/#endif, rather than deletion. This means -that the difference between upstream and grub is smaller, -which should make updating libtasn1 easier in the future. - -With these exclusions we also avoid the need for minmax.h, -which is convenient because it means we don't have to -import it from gnulib. - -Signed-off-by: Daniel Axtens ---- - grub-core/lib/libtasn1/lib/coding.c | 12 ++++++++++-- - grub-core/lib/libtasn1/lib/decoding.c | 2 ++ - grub-core/lib/libtasn1/lib/element.c | 4 ++-- - grub-core/lib/libtasn1/lib/errors.c | 3 +++ - grub-core/lib/libtasn1/lib/structure.c | 10 ++++++---- - include/grub/libtasn1.h | 15 +++++++++++++++ - 6 files changed, 38 insertions(+), 8 deletions(-) - -diff --git a/grub-core/lib/libtasn1/lib/coding.c b/grub-core/lib/libtasn1/lib/coding.c -index 245ea64cf0a..52def598368 100644 ---- a/grub-core/lib/libtasn1/lib/coding.c -+++ b/grub-core/lib/libtasn1/lib/coding.c -@@ -30,11 +30,11 @@ - #include "parser_aux.h" - #include - #include "element.h" --#include "minmax.h" - #include - - #define MAX_TAG_LEN 16 - -+#if 0 - /******************************************************/ - /* Function : _asn1_error_description_value_not_found */ - /* Description: creates the ErrorDescription string */ -@@ -58,6 +58,7 @@ _asn1_error_description_value_not_found (asn1_node node, - Estrcat (ErrorDescription, "' not found"); - - } -+#endif - - /** - * asn1_length_der: -@@ -244,6 +245,7 @@ asn1_encode_simple_der (unsigned int etype, const unsigned char *str, - return ASN1_SUCCESS; - } - -+#if 0 - /******************************************************/ - /* Function : _asn1_time_der */ - /* Description: creates the DER coding for a TIME */ -@@ -281,7 +283,7 @@ _asn1_time_der (unsigned char *str, int str_len, unsigned char *der, - - return ASN1_SUCCESS; - } -- -+#endif - - /* - void -@@ -520,6 +522,7 @@ asn1_bit_der (const unsigned char *str, int bit_len, - } - - -+#if 0 - /******************************************************/ - /* Function : _asn1_complete_explicit_tag */ - /* Description: add the length coding to the EXPLICIT */ -@@ -596,6 +599,7 @@ _asn1_complete_explicit_tag (asn1_node node, unsigned char *der, - - return ASN1_SUCCESS; - } -+#endif - - const tag_and_class_st _asn1_tags[] = { - [ASN1_ETYPE_GENERALSTRING] = -@@ -648,6 +652,8 @@ const tag_and_class_st _asn1_tags[] = { - - unsigned int _asn1_tags_size = sizeof (_asn1_tags) / sizeof (_asn1_tags[0]); - -+ -+#if 0 - /******************************************************/ - /* Function : _asn1_insert_tag_der */ - /* Description: creates the DER coding of tags of one */ -@@ -1413,3 +1419,5 @@ error: - asn1_delete_structure (&node); - return err; - } -+ -+#endif -\ No newline at end of file -diff --git a/grub-core/lib/libtasn1/lib/decoding.c b/grub-core/lib/libtasn1/lib/decoding.c -index ff04eb778cb..42f9a92b5d4 100644 ---- a/grub-core/lib/libtasn1/lib/decoding.c -+++ b/grub-core/lib/libtasn1/lib/decoding.c -@@ -1613,6 +1613,7 @@ asn1_der_decoding (asn1_node * element, const void *ider, int ider_len, - return asn1_der_decoding2 (element, ider, &ider_len, 0, errorDescription); - } - -+#if 0 - /** - * asn1_der_decoding_element: - * @structure: pointer to an ASN1 structure -@@ -1643,6 +1644,7 @@ asn1_der_decoding_element (asn1_node * structure, const char *elementName, - { - return asn1_der_decoding(structure, ider, len, errorDescription); - } -+#endif - - /** - * asn1_der_decoding_startEnd: -diff --git a/grub-core/lib/libtasn1/lib/element.c b/grub-core/lib/libtasn1/lib/element.c -index 997eb2725dc..539008d8e94 100644 ---- a/grub-core/lib/libtasn1/lib/element.c -+++ b/grub-core/lib/libtasn1/lib/element.c -@@ -191,7 +191,7 @@ _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache) - return ASN1_SUCCESS; - } - -- -+#if 0 - /** - * asn1_write_value: - * @node_root: pointer to a structure -@@ -645,7 +645,7 @@ asn1_write_value (asn1_node node_root, const char *name, - - return ASN1_SUCCESS; - } -- -+#endif - - #define PUT_VALUE( ptr, ptr_size, data, data_size) \ - *len = data_size; \ -diff --git a/grub-core/lib/libtasn1/lib/errors.c b/grub-core/lib/libtasn1/lib/errors.c -index cee74daf795..42785e8622b 100644 ---- a/grub-core/lib/libtasn1/lib/errors.c -+++ b/grub-core/lib/libtasn1/lib/errors.c -@@ -57,6 +57,8 @@ static const libtasn1_error_entry error_algorithms[] = { - {0, 0} - }; - -+ -+#if 0 - /** - * asn1_perror: - * @error: is an error returned by a libtasn1 function. -@@ -73,6 +75,7 @@ asn1_perror (int error) - const char *str = asn1_strerror (error); - fprintf (stderr, "LIBTASN1 ERROR: %s\n", str ? str : "(null)"); - } -+#endif - - /** - * asn1_strerror: -diff --git a/grub-core/lib/libtasn1/lib/structure.c b/grub-core/lib/libtasn1/lib/structure.c -index 8189c56a4c9..fcfde01a393 100644 ---- a/grub-core/lib/libtasn1/lib/structure.c -+++ b/grub-core/lib/libtasn1/lib/structure.c -@@ -76,7 +76,7 @@ _asn1_find_left (asn1_node_const node) - return node->left; - } - -- -+#if 0 - int - _asn1_create_static_structure (asn1_node_const pointer, char *output_file_name, - char *vector_name) -@@ -155,7 +155,7 @@ _asn1_create_static_structure (asn1_node_const pointer, char *output_file_name, - - return ASN1_SUCCESS; - } -- -+#endif - - /** - * asn1_array2tree: -@@ -718,7 +718,7 @@ asn1_create_element (asn1_node_const definitions, const char *source_name, - return res; - } - -- -+#if 0 - /** - * asn1_print_structure: - * @out: pointer to the output file (e.g. stdout). -@@ -1058,7 +1058,7 @@ asn1_print_structure (FILE * out, asn1_node_const structure, const char *name, - } - } - } -- -+#endif - - - /** -@@ -1153,6 +1153,7 @@ asn1_find_structure_from_oid (asn1_node_const definitions, const char *oidValue) - return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ - } - -+#if 0 - /** - * asn1_copy_node: - * @dst: Destination asn1 node. -@@ -1202,6 +1203,7 @@ asn1_copy_node (asn1_node dst, const char *dst_name, - - return result; - } -+#endif - - /** - * asn1_dup_node: -diff --git a/include/grub/libtasn1.h b/include/grub/libtasn1.h -index 6fd7a30dc35..785eda2ae3f 100644 ---- a/include/grub/libtasn1.h -+++ b/include/grub/libtasn1.h -@@ -319,6 +319,8 @@ typedef struct asn1_data_node_st asn1_data_node_st; - /* Functions definitions */ - /***********************************/ - -+/* These functions are not used in grub and should not be referenced. */ -+#if 0 - extern ASN1_API int - asn1_parser2tree (const char *file, - asn1_node * definitions, char *error_desc); -@@ -327,14 +329,17 @@ extern ASN1_API int - asn1_parser2array (const char *inputFileName, - const char *outputFileName, - const char *vectorName, char *error_desc); -+#endif - - extern ASN1_API int - asn1_array2tree (const asn1_static_node * array, - asn1_node * definitions, char *errorDescription); - -+#if 0 - extern ASN1_API void - asn1_print_structure (FILE * out, asn1_node_const structure, - const char *name, int mode); -+#endif - - extern ASN1_API int - asn1_create_element (asn1_node_const definitions, -@@ -347,9 +352,11 @@ extern ASN1_API int asn1_delete_structure2 (asn1_node * structure, unsigned int - extern ASN1_API int - asn1_delete_element (asn1_node structure, const char *element_name); - -+#if 0 - extern ASN1_API int - asn1_write_value (asn1_node node_root, const char *name, - const void *ivalue, int len); -+#endif - - extern ASN1_API int - asn1_read_value (asn1_node_const root, const char *name, -@@ -365,9 +372,11 @@ extern ASN1_API int - extern ASN1_API int - asn1_number_of_elements (asn1_node_const element, const char *name, int *num); - -+#if 0 - extern ASN1_API int - asn1_der_coding (asn1_node_const element, const char *name, - void *ider, int *len, char *ErrorDescription); -+#endif - - extern ASN1_API int - asn1_der_decoding2 (asn1_node *element, const void *ider, -@@ -378,12 +387,14 @@ extern ASN1_API int - asn1_der_decoding (asn1_node * element, const void *ider, - int ider_len, char *errorDescription); - -+#if 0 - /* Do not use. Use asn1_der_decoding() instead. */ - extern ASN1_API int - asn1_der_decoding_element (asn1_node * structure, - const char *elementName, - const void *ider, int len, - char *errorDescription) _ASN1_GCC_ATTR_DEPRECATED; -+#endif - - extern ASN1_API int - asn1_der_decoding_startEnd (asn1_node element, -@@ -408,13 +419,17 @@ extern ASN1_API const char *asn1_find_structure_from_oid (asn1_node_const - const char - *oidValue); - -+#if 0 - __LIBTASN1_PURE__ - extern ASN1_API const char *asn1_check_version (const char *req_version); -+#endif - - __LIBTASN1_PURE__ - extern ASN1_API const char *asn1_strerror (int error); - -+#if 0 - extern ASN1_API void asn1_perror (int error); -+#endif - - #define ASN1_MAX_TAG_SIZE 4 - #define ASN1_MAX_LENGTH_SIZE 9 diff --git a/0171-libtasn1-changes-for-grub-compatibility.patch b/0171-libtasn1-changes-for-grub-compatibility.patch deleted file mode 100644 index 9b2275cab19dc1ab55a3e30380e5c2654da263b9..0000000000000000000000000000000000000000 --- a/0171-libtasn1-changes-for-grub-compatibility.patch +++ /dev/null @@ -1,202 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 1 May 2020 20:44:29 +1000 -Subject: [PATCH] libtasn1: changes for grub compatibility - -Do a few things to make libtasn1 compile as part of grub: - - - replace strcat. grub removed strcat so replace it with the appropriate - calls to memcpy and strlen. - - - replace c_isdigit with grub_isdigit (and don't import c-ctype from - gnulib) grub_isdigit provides the same functionality as c_isdigit: it - determines if the input is an ASCII digit without regard for locale. - - - replace GL_ATTRIBUTE_PURE with __attribute__((pure)) which been - supported since gcc-2.96. This avoids messing around with gnulib. - - - adjust libtasn1.h: drop the ASN1_API logic, it's not needed for our - modules. Unconditionally support const and pure attributes and adjust - header paths. - - - adjust header paths to "grub/libtasn1.h". - - - replace a 64 bit division with a call to grub_divmod64, preventing - creation of __udivdi3 calls on 32 bit platforms. - -Signed-off-by: Daniel Axtens ---- - grub-core/lib/libtasn1/lib/decoding.c | 11 ++++++----- - grub-core/lib/libtasn1/lib/element.c | 3 ++- - grub-core/lib/libtasn1/lib/gstr.c | 4 ++-- - grub-core/lib/libtasn1/lib/parser_aux.c | 7 ++++--- - grub-core/lib/libtasn1/lib/int.h | 4 ++-- - include/grub/libtasn1.h | 26 ++++++-------------------- - 6 files changed, 22 insertions(+), 33 deletions(-) - -diff --git a/grub-core/lib/libtasn1/lib/decoding.c b/grub-core/lib/libtasn1/lib/decoding.c -index 42f9a92b5d4..7856858b272 100644 ---- a/grub-core/lib/libtasn1/lib/decoding.c -+++ b/grub-core/lib/libtasn1/lib/decoding.c -@@ -32,7 +32,8 @@ - #include - #include - #include --#include -+ -+#define c_isdigit grub_isdigit - - #ifdef DEBUG - # define warn() fprintf(stderr, "%s: %d\n", __func__, __LINE__) -@@ -2008,8 +2009,8 @@ asn1_expand_octet_string (asn1_node_const definitions, asn1_node * element, - (p2->type & CONST_ASSIGN)) - { - strcpy (name, definitions->name); -- strcat (name, "."); -- strcat (name, p2->name); -+ memcpy (name + strlen(name), ".", sizeof(" . ")); -+ memcpy (name + strlen(name), p2->name, strlen(p2->name) + 1); - - len = sizeof (value); - result = asn1_read_value (definitions, name, value, &len); -@@ -2026,8 +2027,8 @@ asn1_expand_octet_string (asn1_node_const definitions, asn1_node * element, - if (p2) - { - strcpy (name, definitions->name); -- strcat (name, "."); -- strcat (name, p2->name); -+ memcpy (name + strlen(name), ".", sizeof(" . ")); -+ memcpy (name + strlen(name), p2->name, strlen(p2->name) + 1); - - result = asn1_create_element (definitions, name, &aux); - if (result == ASN1_SUCCESS) -diff --git a/grub-core/lib/libtasn1/lib/element.c b/grub-core/lib/libtasn1/lib/element.c -index 539008d8e94..ed761ff56bd 100644 ---- a/grub-core/lib/libtasn1/lib/element.c -+++ b/grub-core/lib/libtasn1/lib/element.c -@@ -30,9 +30,10 @@ - #include "parser_aux.h" - #include - #include "structure.h" --#include "c-ctype.h" - #include "element.h" - -+#define c_isdigit grub_isdigit -+ - void - _asn1_hierarchical_name (asn1_node_const node, char *name, int name_size) - { -diff --git a/grub-core/lib/libtasn1/lib/gstr.c b/grub-core/lib/libtasn1/lib/gstr.c -index e91a3a151c0..e33875c2c7c 100644 ---- a/grub-core/lib/libtasn1/lib/gstr.c -+++ b/grub-core/lib/libtasn1/lib/gstr.c -@@ -36,13 +36,13 @@ _asn1_str_cat (char *dest, size_t dest_tot_size, const char *src) - - if (dest_tot_size - dest_size > str_size) - { -- strcat (dest, src); -+ memcpy (dest + dest_size, src, str_size + 1); - } - else - { - if (dest_tot_size - dest_size > 0) - { -- strncat (dest, src, (dest_tot_size - dest_size) - 1); -+ memcpy (dest + dest_size, src, (dest_tot_size - dest_size) - 1); - dest[dest_tot_size - 1] = 0; - } - } -diff --git a/grub-core/lib/libtasn1/lib/parser_aux.c b/grub-core/lib/libtasn1/lib/parser_aux.c -index d5dbbf8765d..89c9be69dc2 100644 ---- a/grub-core/lib/libtasn1/lib/parser_aux.c -+++ b/grub-core/lib/libtasn1/lib/parser_aux.c -@@ -26,7 +26,8 @@ - #include "gstr.h" - #include "structure.h" - #include "element.h" --#include "c-ctype.h" -+ -+#define c_isdigit grub_isdigit - - char _asn1_identifierMissing[ASN1_MAX_NAME_SIZE + 1]; /* identifier name not found */ - -@@ -40,7 +41,7 @@ char _asn1_identifierMissing[ASN1_MAX_NAME_SIZE + 1]; /* identifier name not fou - #ifdef __clang__ - __attribute__((no_sanitize("integer"))) - #endif --_GL_ATTRIBUTE_PURE -+__attribute__((__pure__)) - static unsigned int - _asn1_hash_name (const char *x) - { -@@ -634,7 +635,7 @@ _asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE]) - count = 0; - do - { -- d = val / 10; -+ d = grub_divmod64(val, 10, NULL); - r = val - d * 10; - temp[start + count] = '0' + (char) r; - count++; -diff --git a/grub-core/lib/libtasn1/lib/int.h b/grub-core/lib/libtasn1/lib/int.h -index ea1625786c1..4a568efee9c 100644 ---- a/grub-core/lib/libtasn1/lib/int.h -+++ b/grub-core/lib/libtasn1/lib/int.h -@@ -35,7 +35,7 @@ - #include - #endif - --#include -+#include "grub/libtasn1.h" - - #define ASN1_SMALL_VALUE_SIZE 16 - -@@ -115,7 +115,7 @@ extern const tag_and_class_st _asn1_tags[]; - #define _asn1_strtoul(n,e,b) strtoul((const char *) n, e, b) - #define _asn1_strcmp(a,b) strcmp((const char *)a, (const char *)b) - #define _asn1_strcpy(a,b) strcpy((char *)a, (const char *)b) --#define _asn1_strcat(a,b) strcat((char *)a, (const char *)b) -+#define _asn1_strcat(a,b) memcpy((char *)a + strlen((const char *)a), (const char *)b, strlen((const char *)b) + 1) - - #if SIZEOF_UNSIGNED_LONG_INT == 8 - # define _asn1_strtou64(n,e,b) strtoul((const char *) n, e, b) -diff --git a/include/grub/libtasn1.h b/include/grub/libtasn1.h -index 785eda2ae3f..28dbf16c4e0 100644 ---- a/include/grub/libtasn1.h -+++ b/include/grub/libtasn1.h -@@ -38,29 +38,15 @@ - #ifndef LIBTASN1_H - #define LIBTASN1_H - --#ifndef ASN1_API --#if defined ASN1_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY --#define ASN1_API __attribute__((__visibility__("default"))) --#elif defined ASN1_BUILDING && defined _MSC_VER && ! defined ASN1_STATIC --#define ASN1_API __declspec(dllexport) --#elif defined _MSC_VER && ! defined ASN1_STATIC --#define ASN1_API __declspec(dllimport) --#else -+/* grub: ASN1_API is not used */ - #define ASN1_API --#endif --#endif - --#ifdef __GNUC__ --# define __LIBTASN1_CONST__ __attribute__((const)) --# define __LIBTASN1_PURE__ __attribute__((pure)) --#else --# define __LIBTASN1_CONST__ --# define __LIBTASN1_PURE__ --#endif -+/* grub: all our supported compilers support these attributes */ -+#define __LIBTASN1_CONST__ __attribute__((const)) -+#define __LIBTASN1_PURE__ __attribute__((pure)) - --#include --#include --#include /* for FILE* */ -+#include -+#include - - #ifdef __cplusplus - extern "C" diff --git a/0172-libtasn1-compile-into-asn1-module.patch b/0172-libtasn1-compile-into-asn1-module.patch deleted file mode 100644 index 67be4e877eae6ed1503768ce0dfc9135c2dcd6d7..0000000000000000000000000000000000000000 --- a/0172-libtasn1-compile-into-asn1-module.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 5 Jun 2020 17:47:25 +1000 -Subject: [PATCH] libtasn1: compile into asn1 module - -Create a wrapper file that specifies the module license. -Set up the makefile so it is built. - -Signed-off-by: Daniel Axtens ---- - grub-core/Makefile.core.def | 15 +++++++++++++++ - grub-core/lib/libtasn1_wrap/wrap.c | 26 ++++++++++++++++++++++++++ - 2 files changed, 41 insertions(+) - create mode 100644 grub-core/lib/libtasn1_wrap/wrap.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 97347ae76f9..21d2c541850 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2576,3 +2576,18 @@ module = { - common = commands/i386/wrmsr.c; - enable = x86; - }; -+ -+module = { -+ name = asn1; -+ common = lib/libtasn1/lib/decoding.c; -+ common = lib/libtasn1/lib/coding.c; -+ common = lib/libtasn1/lib/element.c; -+ common = lib/libtasn1/lib/structure.c; -+ common = lib/libtasn1/lib/parser_aux.c; -+ common = lib/libtasn1/lib/gstr.c; -+ common = lib/libtasn1/lib/errors.c; -+ common = lib/libtasn1_wrap/wrap.c; -+ cflags = '$(CFLAGS_POSIX) $(CFLAGS_GNULIB)'; -+ // -Wno-type-limits comes from libtasn1's configure.ac -+ cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB) -I$(srcdir)/lib/libtasn1/lib -Wno-type-limits'; -+}; -diff --git a/grub-core/lib/libtasn1_wrap/wrap.c b/grub-core/lib/libtasn1_wrap/wrap.c -new file mode 100644 -index 00000000000..622ba942e33 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/wrap.c -@@ -0,0 +1,26 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+ -+/* -+ * libtasn1 is provided under LGPL2.1+, which is compatible -+ * with GPL3+. As Grub as a whole is under GPL3+, this module -+ * is therefore under GPL3+ also. -+ */ -+GRUB_MOD_LICENSE ("GPLv3+"); diff --git a/0173-test_asn1-test-module-for-libtasn1.patch b/0173-test_asn1-test-module-for-libtasn1.patch deleted file mode 100644 index b659558b0273b1e0d47e3bdf85c0ca6e32404de8..0000000000000000000000000000000000000000 --- a/0173-test_asn1-test-module-for-libtasn1.patch +++ /dev/null @@ -1,1457 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 10 Jun 2020 17:48:42 +1000 -Subject: [PATCH] test_asn1: test module for libtasn1 - -Import tests from libtasn1 that don't use functionality we don't -import. I have put them here rather than in the libtasn1 directory -because: - - - They need much more significant changes to run in the grub - context. - - - I don't expect they will need to be changed when updating - libtasn1: I expect the old tests will usually continue to pass on - new versions. - -This doesn't test the full decoder but that will be exercised in -test suites for coming patch sets. - -Signed-off-by: Daniel Axtens ---- - Makefile.util.def | 6 + - grub-core/Makefile.core.def | 13 ++ - .../lib/libtasn1_wrap/tests/CVE-2018-1000654.c | 61 ++++++ - grub-core/lib/libtasn1_wrap/tests/Test_overflow.c | 138 ++++++++++++++ - grub-core/lib/libtasn1_wrap/tests/Test_simple.c | 207 ++++++++++++++++++++ - grub-core/lib/libtasn1_wrap/tests/Test_strings.c | 150 +++++++++++++++ - .../lib/libtasn1_wrap/tests/object-id-decoding.c | 116 +++++++++++ - .../lib/libtasn1_wrap/tests/object-id-encoding.c | 120 ++++++++++++ - grub-core/lib/libtasn1_wrap/tests/octet-string.c | 211 +++++++++++++++++++++ - grub-core/lib/libtasn1_wrap/tests/reproducers.c | 81 ++++++++ - grub-core/lib/libtasn1_wrap/wrap_tests.c | 75 ++++++++ - .../tests/CVE-2018-1000654-1_asn1_tab.h | 32 ++++ - .../tests/CVE-2018-1000654-2_asn1_tab.h | 36 ++++ - grub-core/lib/libtasn1_wrap/wrap_tests.h | 38 ++++ - .gitignore | 1 + - tests/test_asn1.in | 12 ++ - 16 files changed, 1297 insertions(+) - create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_overflow.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_simple.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_strings.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/octet-string.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/reproducers.c - create mode 100644 grub-core/lib/libtasn1_wrap/wrap_tests.c - create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h - create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h - create mode 100644 grub-core/lib/libtasn1_wrap/wrap_tests.h - create mode 100644 tests/test_asn1.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index 9927c2cfd6a..3f191aa8095 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1306,6 +1306,12 @@ script = { - common = tests/syslinux_test.in; - }; - -+script = { -+ testcase; -+ name = test_asn1; -+ common = tests/test_asn1.in; -+}; -+ - program = { - testcase; - name = example_unit_test; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 21d2c541850..b4aaccf7b57 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2591,3 +2591,16 @@ module = { - // -Wno-type-limits comes from libtasn1's configure.ac - cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB) -I$(srcdir)/lib/libtasn1/lib -Wno-type-limits'; - }; -+ -+module = { -+ name = test_asn1; -+ common = lib/libtasn1_wrap/tests/CVE-2018-1000654.c; -+ common = lib/libtasn1_wrap/tests/object-id-decoding.c; -+ common = lib/libtasn1_wrap/tests/object-id-encoding.c; -+ common = lib/libtasn1_wrap/tests/octet-string.c; -+ common = lib/libtasn1_wrap/tests/reproducers.c; -+ common = lib/libtasn1_wrap/tests/Test_overflow.c; -+ common = lib/libtasn1_wrap/tests/Test_simple.c; -+ common = lib/libtasn1_wrap/tests/Test_strings.c; -+ common = lib/libtasn1_wrap/wrap_tests.c; -+}; -diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c -new file mode 100644 -index 00000000000..534e304521e ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c -@@ -0,0 +1,61 @@ -+/* -+ * Copyright (C) 2002-2018 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ */ -+ -+/****************************************************************/ -+/* Description: reproducer for CVE-2018-1000654 */ -+/****************************************************************/ -+ -+#include -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+#include "CVE-2018-1000654-1_asn1_tab.h" -+#include "CVE-2018-1000654-2_asn1_tab.h" -+ -+void -+test_CVE_2018_1000654 (void) -+{ -+ int result; -+ asn1_node definitions = NULL; -+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ -+ result = asn1_array2tree (CVE_2018_1000654_1_asn1_tab, &definitions, errorDescription); -+ if (result != ASN1_RECURSION) -+ { -+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n", -+ asn1_strerror (result), errorDescription); -+ return; -+ } -+ -+ asn1_delete_structure (&definitions); -+ -+ result = asn1_array2tree (CVE_2018_1000654_2_asn1_tab, &definitions, errorDescription); -+ if (result != ASN1_RECURSION) -+ { -+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n", -+ asn1_strerror (result), errorDescription); -+ return; -+ } -+ -+ asn1_delete_structure (&definitions); -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c b/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c -new file mode 100644 -index 00000000000..f48aea0ef8b ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c -@@ -0,0 +1,138 @@ -+/* -+ * Copyright (C) 2012-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ */ -+ -+/* Written by Simon Josefsson */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+void -+test_overflow(void) -+{ -+ /* Test that values larger than long are rejected. This has worked -+ fine with all versions of libtasn1. */ -+ -+ { -+ unsigned char der[] = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"; -+ long l; -+ int len; -+ -+ l = asn1_get_length_der (der, sizeof der, &len); -+ -+ if (l != -2L) -+ { -+ grub_fatal ("ERROR: asn1_get_length_der bignum (l %ld len %d)\n", l, len); -+ return; -+ } -+ } -+ -+ /* Test that values larger than int but smaller than long are -+ rejected. This limitation was introduced with libtasn1 2.12. */ -+#if (GRUB_LONG_MAX > GRUB_INT_MAX) -+ { -+ unsigned long num = ((long) GRUB_UINT_MAX) << 2; -+ unsigned char der[20]; -+ int der_len; -+ long l; -+ int len; -+ -+ asn1_length_der (num, der, &der_len); -+ -+ l = asn1_get_length_der (der, der_len, &len); -+ -+ if (l != -2L) -+ { -+ grub_fatal ("ERROR: asn1_get_length_der intnum (l %ld len %d)\n", l, -+ len); -+ return; -+ } -+ } -+#endif -+ -+ /* Test that values larger than would fit in the input string are -+ rejected. This problem was fixed in libtasn1 2.12. */ -+ { -+ unsigned long num = 64; -+ unsigned char der[20]; -+ int der_len; -+ long l; -+ int len; -+ -+ asn1_length_der (num, der, &der_len); -+ -+ der_len = sizeof (der); -+ l = asn1_get_length_der (der, der_len, &len); -+ -+ if (l != -4L) -+ { -+ grub_fatal ("ERROR: asn1_get_length_der overflow-small (l %ld len %d)\n", -+ l, len); -+ return; -+ } -+ } -+ -+ /* Test that values larger than would fit in the input string are -+ rejected. This problem was fixed in libtasn1 2.12. */ -+ { -+ unsigned long num = 1073741824; -+ unsigned char der[20]; -+ int der_len; -+ long l; -+ int len; -+ -+ asn1_length_der (num, der, &der_len); -+ -+ der_len = sizeof (der); -+ l = asn1_get_length_der (der, der_len, &len); -+ -+ if (l != -4L) -+ { -+ grub_fatal ("ERROR: asn1_get_length_der overflow-large1 (l %ld len %d)\n", -+ l, len); -+ return; -+ } -+ } -+ -+ /* Test that values larger than would fit in the input string are -+ rejected. This problem was fixed in libtasn1 2.12. */ -+ { -+ unsigned long num = 2147483649; -+ unsigned char der[20]; -+ int der_len; -+ long l; -+ int len; -+ -+ asn1_length_der (num, der, &der_len); -+ -+ der_len = sizeof (der); -+ l = asn1_get_length_der (der, der_len, &len); -+ -+ if (l != -2L) -+ { -+ grub_fatal ("ERROR: asn1_get_length_der overflow-large2 (l %ld len %d)\n", -+ l, len); -+ return; -+ } -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_simple.c b/grub-core/lib/libtasn1_wrap/tests/Test_simple.c -new file mode 100644 -index 00000000000..9f01006ddf4 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/Test_simple.c -@@ -0,0 +1,207 @@ -+/* -+ * Copyright (C) 2011-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ * Written by Simon Josefsson -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+struct tv -+{ -+ int bitlen; -+ const char *bitstr; -+ int derlen; -+ const char *der; -+}; -+ -+static const struct tv tv[] = { -+ {0, "", 2, "\x01\x00"}, -+ {1, "\x00", 3, "\x02\x07\x00"}, -+ {2, "\x00", 3, "\x02\x06\x00"}, -+ {3, "\x00", 3, "\x02\x05\x00"}, -+ {4, "\x00", 3, "\x02\x04\x00"}, -+ {5, "\x00", 3, "\x02\x03\x00"}, -+ {6, "\x00", 3, "\x02\x02\x00"}, -+ {7, "\x00", 3, "\x02\x01\x00"}, -+ {8, "\x00\x00", 3, "\x02\x00\x00"}, -+ {9, "\x00\x00", 4, "\x03\x07\x00\x00"}, -+ {10, "\x00\x00", 4, "\x03\x06\x00\x00"}, -+ {11, "\x00\x00", 4, "\x03\x05\x00\x00"}, -+ {12, "\x00\x00", 4, "\x03\x04\x00\x00"}, -+ {13, "\x00\x00", 4, "\x03\x03\x00\x00"}, -+ {14, "\x00\x00", 4, "\x03\x02\x00\x00"}, -+ {15, "\x00\x00", 4, "\x03\x01\x00\x00"}, -+ {16, "\x00\x00", 4, "\x03\x00\x00\x00"}, -+ {17, "\x00\x00\x00", 5, "\x04\x07\x00\x00\x00"}, -+ {18, "\x00\x00\x00", 5, "\x04\x06\x00\x00\x00"}, -+ {19, "\x00\x00\x00", 5, "\x04\x05\x00\x00\x00"}, -+ {1, "\xFF", 3, "\x02\x07\x80"}, -+ {2, "\xFF", 3, "\x02\x06\xc0"}, -+ {3, "\xFF", 3, "\x02\x05\xe0"}, -+ {4, "\xFF", 3, "\x02\x04\xf0"}, -+ {5, "\xFF", 3, "\x02\x03\xf8"}, -+ {6, "\xFF", 3, "\x02\x02\xfc"}, -+ {7, "\xFF", 3, "\x02\x01\xfe"}, -+ {8, "\xFF\xFF", 3, "\x02\x00\xff"}, -+ {9, "\xFF\xFF", 4, "\x03\x07\xff\x80"}, -+ {10, "\xFF\xFF", 4, "\x03\x06\xff\xc0"}, -+ {11, "\xFF\xFF", 4, "\x03\x05\xff\xe0"}, -+ {12, "\xFF\xFF", 4, "\x03\x04\xff\xf0"}, -+ {13, "\xFF\xFF", 4, "\x03\x03\xff\xf8"}, -+ {14, "\xFF\xFF", 4, "\x03\x02\xff\xfc"}, -+ {15, "\xFF\xFF", 4, "\x03\x01\xff\xfe"}, -+ {16, "\xFF\xFF", 4, "\x03\x00\xff\xff"}, -+ {17, "\xFF\xFF\xFF", 5, "\x04\x07\xff\xff\x80"}, -+ {18, "\xFF\xFF\xFF", 5, "\x04\x06\xff\xff\xc0"}, -+ {19, "\xFF\xFF\xFF", 5, "\x04\x05\xff\xff\xe0"}, -+}; -+ -+void -+test_simple (void) -+{ -+ int result; -+ unsigned char der[100]; -+ unsigned char str[100]; -+ int der_len = sizeof (der); -+ int str_size = sizeof (str); -+ int ret_len, bit_len; -+ grub_size_t i; -+ -+ /* Dummy test */ -+ -+ asn1_bit_der (NULL, 0, der, &der_len); -+ result = asn1_get_bit_der (der, 0, &ret_len, str, str_size, &bit_len); -+ if (result != ASN1_GENERIC_ERROR) -+ { -+ grub_fatal ("asn1_get_bit_der zero\n"); -+ return; -+ } -+ -+ /* Encode short strings with increasing bit lengths */ -+ -+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++) -+ { -+ /* Encode */ -+ -+ asn1_bit_der ((const unsigned char *) tv[i].bitstr, tv[i].bitlen, -+ der, &der_len); -+ -+#if 0 -+ { -+ size_t j; -+ for (j = 0; j < der_len; j++) -+ printf ("\\x%02x", der[j]); -+ printf ("\n"); -+ } -+#endif -+ -+ if (der_len != tv[i].derlen || grub_memcmp (der, tv[i].der, der_len) != 0) -+ { -+ grub_fatal ("asn1_bit_der iter %lu\n", (unsigned long) i); -+ return; -+ } -+ -+ /* Decode it */ -+ -+ result = asn1_get_bit_der (der, der_len, &ret_len, str, -+ str_size, &bit_len); -+ if (result != ASN1_SUCCESS || ret_len != tv[i].derlen -+ || bit_len != tv[i].bitlen) -+ { -+ grub_fatal ("asn1_get_bit_der iter %lu, err: %d\n", (unsigned long) i, result); -+ return; -+ } -+ } -+ -+ -+ /* Decode sample from "A Layman's Guide to a Subset of ASN.1, BER, -+ and DER" section 5.4 "BIT STRING": "The BER encoding of the BIT -+ STRING value "011011100101110111" can be any of the following, -+ among others, depending on the choice of padding bits, the form -+ of length octets [...]". -+ */ -+ -+ /* 03 04 06 6e 5d c0 DER encoding */ -+ -+ grub_memcpy (der, "\x04\x06\x6e\x5d\xc0", 5); -+ der_len = 5; -+ -+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len); -+ if (result != ASN1_SUCCESS || ret_len != 5 -+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xc0", 3) != 0) -+ { -+ grub_fatal ("asn1_get_bit_der example\n"); -+ return; -+ } -+ -+ der_len = sizeof (der); -+ asn1_bit_der (str, bit_len, der, &der_len); -+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0) -+ { -+ grub_fatal ("asn1_bit_der example roundtrip\n"); -+ return; -+ } -+ -+ /* 03 04 06 6e 5d e0 padded with "100000" */ -+ -+ grub_memcpy (der, "\x04\x06\x6e\x5d\xe0", 5); -+ der_len = 5; -+ -+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len); -+ if (result != ASN1_SUCCESS || ret_len != 5 -+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xe0", 3) != 0) -+ { -+ grub_fatal ("asn1_get_bit_der example padded\n"); -+ return; -+ } -+ -+ der_len = sizeof (der); -+ asn1_bit_der (str, bit_len, der, &der_len); -+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0) -+ { -+ grub_fatal ("asn1_bit_der example roundtrip\n"); -+ return; -+ } -+ -+ /* 03 81 04 06 6e 5d c0 long form of length octets */ -+ -+ grub_memcpy (der, "\x81\x04\x06\x6e\x5d\xc0", 6); -+ der_len = 6; -+ -+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len); -+ -+ if (result != ASN1_SUCCESS || ret_len != 6 -+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xc0", 3) != 0) -+ { -+ grub_fatal ("asn1_get_bit_der example long form\n"); -+ return; -+ } -+ -+ der_len = sizeof (der); -+ asn1_bit_der (str, bit_len, der, &der_len); -+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0) -+ { -+ grub_fatal ("asn1_bit_der example roundtrip\n"); -+ return; -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_strings.c b/grub-core/lib/libtasn1_wrap/tests/Test_strings.c -new file mode 100644 -index 00000000000..dbe1474b204 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/Test_strings.c -@@ -0,0 +1,150 @@ -+/* -+ * Copyright (C) 2012-2014 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ * Written by Simon Josefsson -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+struct tv -+{ -+ unsigned int etype; -+ unsigned int str_len; -+ const void *str; -+ unsigned int der_len; -+ const void *der; -+}; -+ -+static const struct tv tv[] = { -+ {ASN1_ETYPE_IA5_STRING, 20, -+ "\x63\x73\x63\x61\x40\x70\x61\x73\x73\x70\x6f\x72\x74\x2e\x67\x6f\x76\x2e\x67\x72", -+ 22, -+ "\x16\x14\x63\x73\x63\x61\x40\x70\x61\x73\x73\x70\x6f\x72\x74\x2e\x67\x6f\x76\x2e\x67\x72"}, -+ {ASN1_ETYPE_PRINTABLE_STRING, 5, "\x4e\x69\x6b\x6f\x73", -+ 7, "\x13\x05\x4e\x69\x6b\x6f\x73"}, -+ {ASN1_ETYPE_UTF8_STRING, 12, "Αττική", -+ 14, "\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae"}, -+ {ASN1_ETYPE_TELETEX_STRING, 15, -+ "\x53\x69\x6d\x6f\x6e\x20\x4a\x6f\x73\x65\x66\x73\x73\x6f\x6e", -+ 17, -+ "\x14\x0f\x53\x69\x6d\x6f\x6e\x20\x4a\x6f\x73\x65\x66\x73\x73\x6f\x6e"}, -+ {ASN1_ETYPE_OCTET_STRING, 36, -+ "\x30\x22\x80\x0F\x32\x30\x31\x31\x30\x38\x32\x31\x30\x38\x30\x30\x30\x36\x5A\x81\x0F\x32\x30\x31\x31\x30\x38\x32\x33\x32\x30\x35\x39\x35\x39\x5A", -+ 38, -+ "\x04\x24\x30\x22\x80\x0F\x32\x30\x31\x31\x30\x38\x32\x31\x30\x38\x30\x30\x30\x36\x5A\x81\x0F\x32\x30\x31\x31\x30\x38\x32\x33\x32\x30\x35\x39\x35\x39\x5A"} -+}; -+ -+#define SSTR(x) sizeof(x)-1,x -+static const struct tv ber[] = { -+ {ASN1_ETYPE_OCTET_STRING, -+ SSTR("\xa0\xa0"), -+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x00\x00")}, -+ {ASN1_ETYPE_OCTET_STRING, -+ SSTR("\xa0\xa0\xb0\xb0\xb0"), -+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x00\x00")}, -+ {ASN1_ETYPE_OCTET_STRING, -+ SSTR("\xa0\xa0\xb0\xb0\xb0\xa1\xa1"), -+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x24\x80\x04\x82\x00\x02\xa1\xa1\x00\x00\x00\x00")}, -+ {ASN1_ETYPE_OCTET_STRING, -+ SSTR("\xa0\xa0\xb0\xb0\xb0\xa1\xa1\xc1"), -+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x24\x80\x04\x82\x00\x02\xa1\xa1\x04\x82\x00\x01\xc1\x00\x00\x00\x00")}, -+}; -+ -+void -+test_strings () -+{ -+ int ret; -+ unsigned char tl[ASN1_MAX_TL_SIZE]; -+ unsigned int tl_len, der_len, str_len; -+ const unsigned char *str; -+ unsigned char *b; -+ unsigned int i; -+ -+ /* Dummy test */ -+ -+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++) -+ { -+ /* Encode */ -+ tl_len = sizeof (tl); -+ ret = asn1_encode_simple_der (tv[i].etype, tv[i].str, tv[i].str_len, -+ tl, &tl_len); -+ if (ret != ASN1_SUCCESS) -+ { -+ grub_fatal ("Encoding error in %u: %s\n", i, -+ asn1_strerror (ret)); -+ return; -+ } -+ der_len = tl_len + tv[i].str_len; -+ -+ if (der_len != tv[i].der_len || grub_memcmp (tl, tv[i].der, tl_len) != 0) -+ { -+ grub_fatal ( -+ "DER encoding differs in %u! (size: %u, expected: %u)\n", -+ i, der_len, tv[i].der_len); -+ return; -+ } -+ -+ /* decoding */ -+ ret = -+ asn1_decode_simple_der (tv[i].etype, tv[i].der, tv[i].der_len, &str, -+ &str_len); -+ if (ret != ASN1_SUCCESS) -+ { -+ grub_fatal ("Decoding error in %u: %s\n", i, -+ asn1_strerror (ret)); -+ return; -+ } -+ -+ if (str_len != tv[i].str_len || grub_memcmp (str, tv[i].str, str_len) != 0) -+ { -+ grub_fatal ( -+ "DER decoded data differ in %u! (size: %u, expected: %u)\n", -+ i, der_len, tv[i].str_len); -+ return; -+ } -+ } -+ -+ /* BER decoding */ -+ for (i = 0; i < sizeof (ber) / sizeof (ber[0]); i++) -+ { -+ /* decoding */ -+ ret = -+ asn1_decode_simple_ber (ber[i].etype, ber[i].der, ber[i].der_len, &b, -+ &str_len, NULL); -+ if (ret != ASN1_SUCCESS) -+ { -+ grub_fatal ("BER decoding error in %u: %s\n", i, -+ asn1_strerror (ret)); -+ return; -+ } -+ -+ if (str_len != ber[i].str_len || grub_memcmp (b, ber[i].str, str_len) != 0) -+ { -+ grub_fatal ( -+ "BER decoded data differ in %u! (size: %u, expected: %u)\n", -+ i, str_len, ber[i].str_len); -+ return; -+ } -+ grub_free(b); -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c b/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c -new file mode 100644 -index 00000000000..d367bbfb5a7 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c -@@ -0,0 +1,116 @@ -+/* -+ * Copyright (C) 2016 Red Hat, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+struct tv -+{ -+ int der_len; -+ const unsigned char *der; -+ const char *oid; -+ int expected_error; -+}; -+ -+static const struct tv tv[] = { -+ {.der_len = 5, -+ .der = (void *) "\x06\x03\x80\x37\x03", -+ .oid = "2.999.3", -+ .expected_error = ASN1_DER_ERROR /* leading 0x80 */ -+ }, -+ {.der_len = 12, -+ .der = (void *) "\x06\x0a\x2b\x06\x01\x80\x01\x92\x08\x09\x05\x01", -+ .oid = "1.3.6.1.4.1.2312.9.5.1", -+ .expected_error = ASN1_DER_ERROR /* leading 0x80 */ -+ }, -+ {.der_len = 6, -+ .der = (void *) "\x06\x04\x01\x02\x03\x04", -+ .oid = "0.1.2.3.4", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 5, -+ .der = (void *) "\x06\x03\x51\x02\x03", -+ .oid = "2.1.2.3", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 5, -+ .der = (void *) "\x06\x03\x88\x37\x03", -+ .oid = "2.999.3", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 12, -+ .der = (void *) "\x06\x0a\x2b\x06\x01\x04\x01\x92\x08\x09\x05\x01", -+ .oid = "1.3.6.1.4.1.2312.9.5.1", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 19, -+ .der = (void *) "\x06\x11\xfa\x80\x00\x00\x00\x0e\x01\x0e\xfa\x80\x00\x00\x00\x0e\x63\x6f\x6d", -+ .oid = "2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 19, -+ .der = -+ (void *) -+ "\x06\x11\x2b\x06\x01\x04\x01\x92\x08\x09\x02\xaa\xda\xbe\xbe\xfa\x72\x01\x07", -+ .oid = "1.3.6.1.4.1.2312.9.2.1467399257458.1.7", -+ .expected_error = ASN1_SUCCESS}, -+}; -+ -+void -+test_object_id_decoding (void) -+{ -+ char str[128]; -+ int ret, ret_len; -+ grub_size_t i; -+ -+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++) -+ { -+ /* decode */ -+ ret = -+ asn1_get_object_id_der (tv[i].der+1, -+ tv[i].der_len-1, &ret_len, str, -+ sizeof (str)); -+ if (ret != tv[i].expected_error) -+ { -+ grub_fatal ( -+ "%d: asn1_get_object_id_der iter %lu: got '%s' expected %d\n", -+ __LINE__, (unsigned long) i, asn1_strerror(ret), tv[i].expected_error); -+ return; -+ } -+ -+ if (tv[i].expected_error != ASN1_SUCCESS) -+ continue; -+ -+ if (ret_len != tv[i].der_len-1) -+ { -+ grub_fatal ( -+ "%d: iter %lu: error in DER, length returned is %d, had %d\n", -+ __LINE__, (unsigned long)i, ret_len, tv[i].der_len-1); -+ return; -+ } -+ -+ if (grub_strcmp (tv[i].oid, str) != 0) -+ { -+ grub_fatal ( -+ "%d: strcmp iter %lu: got invalid OID: %s, expected: %s\n", -+ __LINE__, (unsigned long) i, str, tv[i].oid); -+ return; -+ } -+ -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c b/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c -new file mode 100644 -index 00000000000..3a83b58c59f ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c -@@ -0,0 +1,120 @@ -+/* -+ * Copyright (C) 2019 Nikos Mavrogiannopoulos -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+struct tv -+{ -+ int der_len; -+ const unsigned char *der; -+ const char *oid; -+ int expected_error; -+}; -+ -+static const struct tv tv[] = { -+ {.der_len = 0, -+ .der = (void *) "", -+ .oid = "5.999.3", -+ .expected_error = ASN1_VALUE_NOT_VALID /* cannot start with 5 */ -+ }, -+ {.der_len = 0, -+ .der = (void *) "", -+ .oid = "0.48.9", -+ .expected_error = ASN1_VALUE_NOT_VALID /* second field cannot be 48 */ -+ }, -+ {.der_len = 0, -+ .der = (void *) "", -+ .oid = "1.40.9", -+ .expected_error = ASN1_VALUE_NOT_VALID /* second field cannot be 40 */ -+ }, -+ {.der_len = 4, -+ .der = (void *) "\x06\x02\x4f\x63", -+ .oid = "1.39.99", -+ .expected_error = ASN1_SUCCESS, -+ }, -+ {.der_len = 6, -+ .der = (void *) "\x06\x04\x01\x02\x03\x04", -+ .oid = "0.1.2.3.4", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 5, -+ .der = (void *) "\x06\x03\x51\x02\x03", -+ .oid = "2.1.2.3", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 5, -+ .der = (void *) "\x06\x03\x88\x37\x03", -+ .oid = "2.999.3", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 12, -+ .der = (void *) "\x06\x0a\x2b\x06\x01\x04\x01\x92\x08\x09\x05\x01", -+ .oid = "1.3.6.1.4.1.2312.9.5.1", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 19, -+ .der = (void *) "\x06\x11\xfa\x80\x00\x00\x00\x0e\x01\x0e\xfa\x80\x00\x00\x00\x0e\x63\x6f\x6d", -+ .oid = "2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109", -+ .expected_error = ASN1_SUCCESS}, -+ {.der_len = 19, -+ .der = -+ (void *) -+ "\x06\x11\x2b\x06\x01\x04\x01\x92\x08\x09\x02\xaa\xda\xbe\xbe\xfa\x72\x01\x07", -+ .oid = "1.3.6.1.4.1.2312.9.2.1467399257458.1.7", -+ .expected_error = ASN1_SUCCESS}, -+}; -+ -+void -+test_object_id_encoding(void) -+{ -+ unsigned char der[128]; -+ int ret, der_len, i; -+ -+ for (i = 0; i < (int)(sizeof (tv) / sizeof (tv[0])); i++) -+ { -+ der_len = sizeof(der); -+ ret = asn1_object_id_der(tv[i].oid, der, &der_len, 0); -+ if (ret != ASN1_SUCCESS) -+ { -+ if (ret == tv[i].expected_error) -+ continue; -+ grub_fatal ( -+ "%d: iter %lu, encoding of OID failed: %s\n", -+ __LINE__, (unsigned long) i, asn1_strerror(ret)); -+ return; -+ } -+ else if (ret != tv[i].expected_error) -+ { -+ grub_fatal ( -+ "%d: iter %lu, encoding of OID %s succeeded when expecting failure\n", -+ __LINE__, (unsigned long) i, tv[i].oid); -+ return; -+ } -+ -+ if (der_len != tv[i].der_len || grub_memcmp(der, tv[i].der, der_len) != 0) -+ { -+ grub_fatal ( -+ "%d: iter %lu, re-encoding of OID %s resulted to different string (%d vs %d bytes)\n", -+ __LINE__, (unsigned long) i, tv[i].oid, der_len, tv[i].der_len); -+ -+ return; -+ } -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/octet-string.c b/grub-core/lib/libtasn1_wrap/tests/octet-string.c -new file mode 100644 -index 00000000000..d8a049e8df0 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/octet-string.c -@@ -0,0 +1,211 @@ -+/* -+ * Copyright (C) 2011-2020 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ * Written by Simon Josefsson and Nikos Mavrogiannopoulos -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+ -+struct tv -+{ -+ const char *name; -+ int der_len; -+ const unsigned char *der_str; -+ int len; -+ const unsigned char *string; -+ int expected_error; -+ int ber; -+}; -+ -+static const struct tv tv[] = { -+ {.name = "primitive octet strings", -+ .der_len = 10, -+ .der_str = -+ (void*)"\x04\x08\x01\x23\x45\x67\x89\xab\xcd\xef", -+ .len = 8, -+ .string = -+ (void*)"\x01\x23\x45\x67\x89\xab\xcd\xef", -+ .ber = 0}, -+ {.der_len = 22, -+ .der_str = -+ (void*)"\x04\x14\x13\x00\xd9\xa8\x47\xf7\xf2\x1c\xf4\xb0\xec\x5f\xc1\x73\xe5\x1b\x25\xc2\x62\x27", -+ .len = 20, -+ .string = -+ (void*)"\x13\x00\xD9\xA8\x47\xF7\xF2\x1C\xF4\xB0\xEC\x5F\xC1\x73\xE5\x1B\x25\xC2\x62\x27"}, -+ -+ {.name = "long type of length", -+ .der_len = 23, -+ .der_str = -+ (void*)"\x04\x81\x14\x13\x00\xd9\xa8\x47\xf7\xf2\x1c\xf4\xb0\xec\x5f\xc1\x73\xe5\x1b\x25\xc2\x62\x27", -+ .len = 20, -+ .string = -+ (void*)"\x13\x00\xD9\xA8\x47\xF7\xF2\x1C\xF4\xB0\xEC\x5F\xC1\x73\xE5\x1B\x25\xC2\x62\x27", -+ .ber = 1}, -+ {.der_len = 11, -+ .der_str = -+ (void*)"\x04\x81\x08\x01\x23\x45\x67\x89\xab\xcd\xef", -+ .len = 8, -+ .string = -+ (void*)"\x01\x23\x45\x67\x89\xab\xcd\xef", -+ .ber = 1}, -+ -+ {.name = "constructed - indefinite", -+ .der_len = 11, -+ .der_str = (void*)"\x24\x80\x04\x05\x01\x02\x03\x04\x05\x00\x00", -+ .len = 5, -+ .string = (void*)"\x01\x02\x03\x04\x05", -+ .ber = 1, -+ }, -+ -+ {.name = "constructed - definite - concat", -+ .der_len = 12, -+ .der_str = (void*)"\x24\x0a\x04\x04\x0a\x0b\x0c\x0d\x04\x02\x0e\x0f", -+ .len = 6, -+ .string = (void*)"\x0a\x0b\x0c\x0d\x0e\x0f", -+ .ber = 1, -+ }, -+ {.name = "constructed - definite - recursive", -+ .der_len = 15, -+ .der_str = (void*)"\x24\x0d\x04\x04\x0a\x0b\x0c\x0d\x24\x05\x04\x00\x04\x01\x0f", -+ .len = 5, -+ .string = (void*)"\x0a\x0b\x0c\x0d\x0f", -+ .ber = 1, -+ }, -+ {.name = "constructed - definite - single", -+ .der_len = 7, -+ .der_str = (void*)"\x24\x05\x04\x03\x01\x02\x03", -+ .len = 3, -+ .string = (void*)"\x01\x02\x03", -+ .ber = 1, -+ }, -+ -+ /* a large amount of recursive indefinite encoding */ -+ {.name = "a large amount of recursive indefinite encoding", -+ .der_len = 29325, -+ .der_str = (void*)"\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80", -+ .len = 0, -+ .ber = 1, -+ .expected_error = ASN1_DER_ERROR -+ } -+}; -+ -+void -+test_octet_string (void) -+{ -+ unsigned char str[100]; -+ unsigned char der[100]; -+ int der_len = sizeof (der); -+ int str_size = sizeof (str); -+ unsigned char *tmp = NULL; -+ int ret, ret_len; -+ grub_size_t i; -+ -+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++) -+ { -+ /* Decode */ -+ -+ if (tv[i].ber == 0) -+ { -+ str_size = sizeof (str); -+ ret = -+ asn1_get_octet_der (tv[i].der_str + 1, -+ tv[i].der_len - 1, &ret_len, str, -+ sizeof (str), &str_size); -+ if (ret != tv[i].expected_error) -+ { -+ grub_fatal ( -+ "%d: asn1_get_octet_der: %s: got %d expected %d\n", -+ __LINE__, tv[i].name, ret, -+ tv[i].expected_error); -+ return; -+ } -+ if (tv[i].expected_error) -+ continue; -+ -+ if (ret_len != tv[i].der_len - 1) -+ { -+ grub_fatal ( -+ "%d: error in DER, length returned is %d, had %d\n", -+ __LINE__, ret_len, tv[i].der_len - 1); -+ return; -+ } -+ -+ if (str_size != tv[i].len -+ || grub_memcmp (tv[i].string, str, tv[i].len) != 0) -+ { -+ grub_fatal ( -+ "%d: memcmp: %s: got invalid decoding\n", -+ __LINE__, tv[i].name); -+ -+ return; -+ } -+ -+ /* Encode */ -+ der_len = sizeof (der); -+ asn1_octet_der (str, str_size, der, &der_len); -+ -+ if (der_len != tv[i].der_len - 1 -+ || grub_memcmp (tv[i].der_str + 1, der, tv[i].der_len - 1) != 0) -+ { -+ grub_fatal ( -+ "encoding: %s: got invalid encoding\n", -+ tv[i].name); -+ return; -+ } -+ } -+ -+ ret = -+ asn1_decode_simple_ber (ASN1_ETYPE_OCTET_STRING, -+ tv[i].der_str, tv[i].der_len, -+ &tmp, (unsigned int*)&str_size, (unsigned int*)&der_len); -+ if (ret != tv[i].expected_error) -+ { -+ grub_fatal ( -+ "%d: asn1_decode_simple_ber: %s: got %s expected %s\n", -+ __LINE__, tv[i].name, asn1_strerror(ret), asn1_strerror(tv[i].expected_error)); -+ return; -+ } -+ if (tv[i].expected_error) -+ continue; -+ -+ if (der_len != tv[i].der_len) -+ { -+ grub_fatal ( -+ "%d: error: %s: DER, length returned is %d, had %d\n", -+ __LINE__, tv[i].name, der_len, tv[i].der_len); -+ return; -+ } -+ -+ if (str_size != tv[i].len || grub_memcmp (tv[i].string, tmp, tv[i].len) != 0) -+ { -+ grub_fatal ( -+ "%d: memcmp: %s: got invalid decoding\n", -+ __LINE__, tv[i].name); -+ return; -+ } -+ grub_free (tmp); -+ tmp = NULL; -+ -+ } -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/reproducers.c b/grub-core/lib/libtasn1_wrap/tests/reproducers.c -new file mode 100644 -index 00000000000..dc7268d4c6c ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/reproducers.c -@@ -0,0 +1,81 @@ -+/* -+ * Copyright (C) 2019 Free Software Foundation, Inc. -+ * -+ * This file is part of LIBTASN1. -+ * -+ * This program is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program. If not, see . -+ * -+ */ -+ -+/****************************************************************/ -+/* Description: run reproducers for several fixed issues */ -+/****************************************************************/ -+ -+#include -+#include -+#include -+#include "../wrap_tests.h" -+ -+#define CONST_DOWN (1U<<29) -+ -+/* produces endless loop (fixed by d4b624b2): -+ * The following translates into a single node with all pointers -+ * (right,left,down) set to NULL. */ -+const asn1_static_node endless_asn1_tab[] = { -+ { "TEST_TREE", 536875024, NULL }, -+ { NULL, 0, NULL } -+}; -+ -+/* produces memory leak (fixed by f16d1ff9): -+ * 152 bytes in 1 blocks are definitely lost in loss record 1 of 1 -+ * at 0x4837B65: calloc (vg_replace_malloc.c:762) -+ * by 0x4851C0D: _asn1_add_static_node (parser_aux.c:71) -+ * by 0x4853AAC: asn1_array2tree (structure.c:200) -+ * by 0x10923B: main (single_node.c:67) -+ */ -+const asn1_static_node tab[] = { -+{ "a", CONST_DOWN, "" }, -+{ "b", 0, "" }, -+{ "c", 0, "" }, -+{ NULL, 0, NULL } -+}; -+ -+void -+test_reproducers (void) -+{ -+ int result; -+ asn1_node definitions = NULL; -+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ -+ result = asn1_array2tree (endless_asn1_tab, &definitions, errorDescription); -+ if (result != ASN1_SUCCESS) -+ { -+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n", -+ asn1_strerror (result), errorDescription); -+ return; -+ } -+ -+ asn1_delete_structure (&definitions); -+ -+ definitions = NULL; -+ result = asn1_array2tree (tab, &definitions, errorDescription); -+ if (result != ASN1_SUCCESS) -+ { -+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n", -+ asn1_strerror (result), errorDescription); -+ return; -+ } -+ -+ asn1_delete_structure (&definitions); -+} -diff --git a/grub-core/lib/libtasn1_wrap/wrap_tests.c b/grub-core/lib/libtasn1_wrap/wrap_tests.c -new file mode 100644 -index 00000000000..75fcd21f0d5 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/wrap_tests.c -@@ -0,0 +1,75 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include "wrap_tests.h" -+ -+/* -+ * libtasn1 tests - from which this is derived - are provided under GPL3+. -+ */ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_command_t cmd; -+ -+static grub_err_t -+grub_cmd_asn1test (grub_command_t cmdd __attribute__((unused)), -+ int argc __attribute__((unused)), -+ char **args __attribute__((unused))) -+{ -+ grub_printf ("test_CVE_2018_1000654\n"); -+ test_CVE_2018_1000654 (); -+ -+ grub_printf ("test_object_id_decoding\n"); -+ test_object_id_decoding (); -+ -+ grub_printf ("test_object_id_encoding\n"); -+ test_object_id_encoding (); -+ -+ grub_printf ("test_octet_string\n"); -+ test_octet_string (); -+ -+ grub_printf ("test_overflow\n"); -+ test_overflow (); -+ -+ grub_printf ("test_reproducers\n"); -+ test_overflow (); -+ -+ grub_printf ("test_simple\n"); -+ test_simple (); -+ -+ grub_printf ("test_strings\n"); -+ test_strings (); -+ -+ grub_printf ("ASN.1 self-tests passed\n"); -+ -+ return GRUB_ERR_NONE; -+} -+ -+ -+GRUB_MOD_INIT(test_asn1) -+{ -+ cmd = grub_register_command ("test_asn1", grub_cmd_asn1test, NULL, -+ "Run self-tests for the ASN.1 parser."); -+} -+ -+GRUB_MOD_FINI(test_asn1) -+{ -+ grub_unregister_command (cmd); -+} -diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h -new file mode 100644 -index 00000000000..1e7d3d64f55 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h -@@ -0,0 +1,32 @@ -+#if HAVE_CONFIG_H -+# include "config.h" -+#endif -+ -+#include -+ -+const asn1_static_node CVE_2018_1000654_1_asn1_tab[] = { -+ { "TEST_TREE", 536875024, NULL }, -+ { NULL, 1610612748, NULL }, -+ { "iso", 1073741825, "1"}, -+ { "identified-organization", 1073741825, "3"}, -+ { "dod", 1073741825, "6"}, -+ { "internet", 1073741825, "1"}, -+ { "security", 1073741825, "5"}, -+ { "mechanisms", 1073741825, "5"}, -+ { "pkix", 1073741825, "7"}, -+ { "id-mod", 1073741825, "0"}, -+ { "id-pkix1-implicit-88", 1, "2"}, -+ { "id-xnyTest", 1879048204, NULL }, -+ { NULL, 1073741825, "id-ix"}, -+ { NULL, 1073741825, "29"}, -+ { NULL, 1, "1"}, -+ { "id-ix", 1880096780, "OBJECR"}, -+ { NULL, 1073741825, "id-ix"}, -+ { NULL, 1073741825, "29"}, -+ { NULL, 1, "2"}, -+ { "id-xnyTest", 805306380, NULL }, -+ { NULL, 1073741825, "id-ix"}, -+ { NULL, 1073741825, "29"}, -+ { NULL, 1, "1"}, -+ { NULL, 0, NULL } -+}; -diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h -new file mode 100644 -index 00000000000..e2561e5ec6d ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h -@@ -0,0 +1,36 @@ -+#if HAVE_CONFIG_H -+# include "config.h" -+#endif -+ -+#include -+ -+const asn1_static_node CVE_2018_1000654_2_asn1_tab[] = { -+ { "TEST_TREE", 536875024, NULL }, -+ { NULL, 1610612748, NULL }, -+ { "iso", 1073741825, "1"}, -+ { "identified-organization", 1073741825, "3"}, -+ { "dod", 1073741825, "6"}, -+ { "internet", 1073741825, "1"}, -+ { "security", 1073741825, "5"}, -+ { "mechanisms", 1073741825, "5"}, -+ { "pkix", 1073741825, "7"}, -+ { "id-mod", 1073741825, "0"}, -+ { "id-pkix1-implicit-88", 1, "2"}, -+ { "id-oneTest", 1879048204, NULL }, -+ { NULL, 1073741825, "id-two"}, -+ { NULL, 1073741825, "9"}, -+ { NULL, 1, "1"}, -+ { "id-two", 1879048204, NULL }, -+ { NULL, 1073741825, "id-three"}, -+ { NULL, 1073741825, "2"}, -+ { NULL, 1, "2"}, -+ { "id-three", 1879048204, NULL }, -+ { NULL, 1073741825, "id-four"}, -+ { NULL, 1073741825, "3"}, -+ { NULL, 1, "3"}, -+ { "id-four", 805306380, NULL }, -+ { NULL, 1073741825, "id-two"}, -+ { NULL, 1073741825, "3"}, -+ { NULL, 1, "3"}, -+ { NULL, 0, NULL } -+}; -diff --git a/grub-core/lib/libtasn1_wrap/wrap_tests.h b/grub-core/lib/libtasn1_wrap/wrap_tests.h -new file mode 100644 -index 00000000000..555e56dd202 ---- /dev/null -+++ b/grub-core/lib/libtasn1_wrap/wrap_tests.h -@@ -0,0 +1,38 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef LIBTASN1_WRAP_TESTS_H -+#define LIBTASN1_WRAP_TESTS_H -+ -+void test_CVE_2018_1000654 (void); -+ -+void test_object_id_encoding (void); -+ -+void test_object_id_decoding (void); -+ -+void test_octet_string (void); -+ -+void test_overflow (void); -+ -+void test_reproducers (void); -+ -+void test_simple (void); -+ -+void test_strings (void); -+ -+#endif -diff --git a/.gitignore b/.gitignore -index 594d0134d33..856e69bc5c1 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -264,6 +264,7 @@ widthspec.bin - /stamp-h1 - /syslinux_test - /tar_test -+/test_asn1 - /test_sha512sum - /test_unset - /tests/syslinux/ubuntu10.04_grub.cfg -diff --git a/tests/test_asn1.in b/tests/test_asn1.in -new file mode 100644 -index 00000000000..8173c5c270e ---- /dev/null -+++ b/tests/test_asn1.in -@@ -0,0 +1,12 @@ -+#! @BUILD_SHEBANG@ -+set -e -+ -+. "@builddir@/grub-core/modinfo.sh" -+ -+out=`echo test_asn1 | @builddir@/grub-shell` -+ -+if [ "$(echo "$out" | tail -n 1)" != "ASN.1 self-tests passed" ]; then -+ echo "ASN.1 test failure: $out" -+ exit 1 -+fi -+ diff --git a/0174-grub-install-support-embedding-x509-certificates.patch b/0174-grub-install-support-embedding-x509-certificates.patch deleted file mode 100644 index bd02e6de5ad78f67ce47ae539cafe416cf562e29..0000000000000000000000000000000000000000 --- a/0174-grub-install-support-embedding-x509-certificates.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Alastair D'Silva -Date: Mon, 6 Jul 2020 13:33:04 +1000 -Subject: [PATCH] grub-install: support embedding x509 certificates - -To support verification of appended signatures, we need a way to -embed the necessary public keys. Existing appended signature schemes -in the Linux kernel use X.509 certificates, so allow certificates to -be embedded in the grub core image in the same way as PGP keys. - -Signed-off-by: Alastair D'Silva -Signed-off-by: Daniel Axtens ---- - grub-core/commands/pgp.c | 2 +- - util/grub-install-common.c | 22 +++++++++++++++++++++- - util/grub-mkimage.c | 15 +++++++++++++-- - util/mkimage.c | 38 ++++++++++++++++++++++++++++++++++++-- - include/grub/kernel.h | 4 +++- - include/grub/util/install.h | 7 +++++-- - 6 files changed, 79 insertions(+), 9 deletions(-) - -diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c -index 355a43844ac..b81ac0ae46c 100644 ---- a/grub-core/commands/pgp.c -+++ b/grub-core/commands/pgp.c -@@ -944,7 +944,7 @@ GRUB_MOD_INIT(pgp) - grub_memset (&pseudo_file, 0, sizeof (pseudo_file)); - - /* Not an ELF module, skip. */ -- if (header->type != OBJ_TYPE_PUBKEY) -+ if (header->type != OBJ_TYPE_GPG_PUBKEY) - continue; - - pseudo_file.fs = &pseudo_fs; -diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index aab2a941f85..422f82362c7 100644 ---- a/util/grub-install-common.c -+++ b/util/grub-install-common.c -@@ -460,6 +460,8 @@ static char **pubkeys; - static size_t npubkeys; - static char *sbat; - static int disable_shim_lock; -+static char **x509keys; -+static size_t nx509keys; - static grub_compression_t compression; - static size_t appsig_size; - -@@ -500,6 +502,11 @@ grub_install_parse (int key, char *arg) - return 1; - case GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK: - disable_shim_lock = 1; -+ case 'x': -+ x509keys = xrealloc (x509keys, -+ sizeof (x509keys[0]) -+ * (nx509keys + 1)); -+ x509keys[nx509keys++] = xstrdup (arg); - return 1; - - case GRUB_INSTALL_OPTIONS_VERBOSITY: -@@ -627,6 +634,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, - for (pk = pubkeys; pk < pubkeys + npubkeys; pk++) - slen += 20 + grub_strlen (*pk); - -+ for (pk = x509keys; pk < x509keys + nx509keys; pk++) -+ slen += 10 + grub_strlen (*pk); -+ - for (md = modules.entries; *md; md++) - { - slen += 10 + grub_strlen (*md); -@@ -655,6 +665,14 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, - *p++ = ' '; - } - -+ for (pk = x509keys; pk < x509keys + nx509keys; pk++) -+ { -+ p = grub_stpcpy (p, "--x509 '"); -+ p = grub_stpcpy (p, *pk); -+ *p++ = '\''; -+ *p++ = ' '; -+ } -+ - for (md = modules.entries; *md; md++) - { - *p++ = '\''; -@@ -688,7 +706,9 @@ grub_install_make_image_wrap_file (const char *dir, const char *prefix, - - grub_install_generate_image (dir, prefix, fp, outname, - modules.entries, memdisk_path, -- pubkeys, npubkeys, config_path, tgt, -+ pubkeys, npubkeys, -+ x509keys, nx509keys, -+ config_path, tgt, - note, appsig_size, compression, dtb, sbat, - disable_shim_lock); - while (dc--) -diff --git a/util/grub-mkimage.c b/util/grub-mkimage.c -index 8a53310548b..e1f1112784a 100644 ---- a/util/grub-mkimage.c -+++ b/util/grub-mkimage.c -@@ -75,7 +75,8 @@ static struct argp_option options[] = { - /* TRANSLATORS: "embed" is a verb (command description). "*/ - {"config", 'c', N_("FILE"), 0, N_("embed FILE as an early config"), 0}, - /* TRANSLATORS: "embed" is a verb (command description). "*/ -- {"pubkey", 'k', N_("FILE"), 0, N_("embed FILE as public key for signature checking"), 0}, -+ {"pubkey", 'k', N_("FILE"), 0, N_("embed FILE as public key for PGP signature checking"), 0}, -+ {"x509", 'x', N_("FILE"), 0, N_("embed FILE as an x509 certificate for appended signature checking"), 0}, - /* TRANSLATORS: NOTE is a name of segment. */ - {"note", 'n', 0, 0, N_("add NOTE segment for CHRP IEEE1275"), 0}, - {"output", 'o', N_("FILE"), 0, N_("output a generated image to FILE [default=stdout]"), 0}, -@@ -124,6 +125,8 @@ struct arguments - char *dtb; - char **pubkeys; - size_t npubkeys; -+ char **x509keys; -+ size_t nx509keys; - char *font; - char *config; - char *sbat; -@@ -206,6 +209,13 @@ argp_parser (int key, char *arg, struct argp_state *state) - arguments->pubkeys[arguments->npubkeys++] = xstrdup (arg); - break; - -+ case 'x': -+ arguments->x509keys = xrealloc (arguments->x509keys, -+ sizeof (arguments->x509keys[0]) -+ * (arguments->nx509keys + 1)); -+ arguments->x509keys[arguments->nx509keys++] = xstrdup (arg); -+ break; -+ - case 'c': - if (arguments->config) - free (arguments->config); -@@ -332,7 +342,8 @@ main (int argc, char *argv[]) - grub_install_generate_image (arguments.dir, arguments.prefix, fp, - arguments.output, arguments.modules, - arguments.memdisk, arguments.pubkeys, -- arguments.npubkeys, arguments.config, -+ arguments.npubkeys, arguments.x509keys, -+ arguments.nx509keys, arguments.config, - arguments.image_target, arguments.note, - arguments.appsig_size, arguments.comp, - arguments.dtb, arguments.sbat, -diff --git a/util/mkimage.c b/util/mkimage.c -index bab12276010..8319e8dfbde 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -867,7 +867,8 @@ void - grub_install_generate_image (const char *dir, const char *prefix, - FILE *out, const char *outname, char *mods[], - char *memdisk_path, char **pubkey_paths, -- size_t npubkeys, char *config_path, -+ size_t npubkeys, char **x509key_paths, -+ size_t nx509keys, char *config_path, - const struct grub_install_image_target_desc *image_target, - int note, size_t appsig_size, grub_compression_t comp, - const char *dtb_path, const char *sbat_path, -@@ -913,6 +914,19 @@ grub_install_generate_image (const char *dir, const char *prefix, - } - } - -+ { -+ size_t i; -+ for (i = 0; i < nx509keys; i++) -+ { -+ size_t curs; -+ curs = ALIGN_ADDR (grub_util_get_image_size (x509key_paths[i])); -+ grub_util_info ("the size of x509 public key %u is 0x%" -+ GRUB_HOST_PRIxLONG_LONG, -+ (unsigned) i, (unsigned long long) curs); -+ total_module_size += curs + sizeof (struct grub_module_header); -+ } -+ } -+ - if (memdisk_path) - { - memdisk_size = ALIGN_UP(grub_util_get_image_size (memdisk_path), 512); -@@ -1034,7 +1048,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - curs = grub_util_get_image_size (pubkey_paths[i]); - - header = (struct grub_module_header *) (kernel_img + offset); -- header->type = grub_host_to_target32 (OBJ_TYPE_PUBKEY); -+ header->type = grub_host_to_target32 (OBJ_TYPE_GPG_PUBKEY); - header->size = grub_host_to_target32 (curs + sizeof (*header)); - offset += sizeof (*header); - -@@ -1043,6 +1057,26 @@ grub_install_generate_image (const char *dir, const char *prefix, - } - } - -+ { -+ size_t i; -+ for (i = 0; i < nx509keys; i++) -+ { -+ size_t curs; -+ struct grub_module_header *header; -+ -+ curs = grub_util_get_image_size (x509key_paths[i]); -+ -+ header = (struct grub_module_header *) (kernel_img + offset); -+ header->type = grub_host_to_target32 (OBJ_TYPE_X509_PUBKEY); -+ header->size = grub_host_to_target32 (curs + sizeof (*header)); -+ offset += sizeof (*header); -+ -+ grub_util_load_image (x509key_paths[i], kernel_img + offset); -+ offset += ALIGN_ADDR (curs); -+ } -+ } -+ -+ - if (memdisk_path) - { - struct grub_module_header *header; -diff --git a/include/grub/kernel.h b/include/grub/kernel.h -index 55849777eaa..98edc0863f6 100644 ---- a/include/grub/kernel.h -+++ b/include/grub/kernel.h -@@ -30,7 +30,9 @@ enum - OBJ_TYPE_PREFIX, - OBJ_TYPE_PUBKEY, - OBJ_TYPE_DTB, -- OBJ_TYPE_DISABLE_SHIM_LOCK -+ OBJ_TYPE_DISABLE_SHIM_LOCK, -+ OBJ_TYPE_GPG_PUBKEY, -+ OBJ_TYPE_X509_PUBKEY, - }; - - /* The module header. */ -diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index cf4531e02b6..51f3b13ac13 100644 ---- a/include/grub/util/install.h -+++ b/include/grub/util/install.h -@@ -67,6 +67,8 @@ - N_("SBAT metadata"), 0 }, \ - { "disable-shim-lock", GRUB_INSTALL_OPTIONS_DISABLE_SHIM_LOCK, 0, 0, \ - N_("disable shim_lock verifier"), 0 }, \ -+ { "x509key", 'x', N_("FILE"), 0, \ -+ N_("embed FILE as an x509 certificate for signature checking"), 0}, \ - { "appended-signature-size", GRUB_INSTALL_OPTIONS_APPENDED_SIGNATURE_SIZE,\ - "SIZE", 0, N_("Add a note segment reserving SIZE bytes for an appended signature"), \ - 1}, \ -@@ -188,8 +190,9 @@ void - grub_install_generate_image (const char *dir, const char *prefix, - FILE *out, - const char *outname, char *mods[], -- char *memdisk_path, char **pubkey_paths, -- size_t npubkeys, -+ char *memdisk_path, -+ char **pubkey_paths, size_t npubkeys, -+ char **x509key_paths, size_t nx509keys, - char *config_path, - const struct grub_install_image_target_desc *image_target, - int note, size_t appsig_size, diff --git a/0175-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch b/0175-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch deleted file mode 100644 index 7b7d70c48a5f2d9286e7c1afbe4cc44a7375ac94..0000000000000000000000000000000000000000 --- a/0175-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch +++ /dev/null @@ -1,639 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 30 Jul 2020 01:35:10 +1000 -Subject: [PATCH] appended signatures: import GNUTLS's ASN.1 description files - -In order to parse PKCS#7 messages and X.509 certificates with libtasn1, -we need some information about how they are encoded. - -We get these from GNUTLS, which has the benefit that they support the -features we need and are well tested. - -The GNUTLS license is LGPLv2.1+, which is GPLv3 compatible, allowing -us to import it without issue. - -Signed-off-by: Daniel Axtens ---- - grub-core/commands/appendedsig/gnutls_asn1_tab.c | 121 ++++++ - grub-core/commands/appendedsig/pkix_asn1_tab.c | 484 +++++++++++++++++++++++ - 2 files changed, 605 insertions(+) - create mode 100644 grub-core/commands/appendedsig/gnutls_asn1_tab.c - create mode 100644 grub-core/commands/appendedsig/pkix_asn1_tab.c - -diff --git a/grub-core/commands/appendedsig/gnutls_asn1_tab.c b/grub-core/commands/appendedsig/gnutls_asn1_tab.c -new file mode 100644 -index 00000000000..ddd1314e63b ---- /dev/null -+++ b/grub-core/commands/appendedsig/gnutls_asn1_tab.c -@@ -0,0 +1,121 @@ -+#include -+#include -+ -+const asn1_static_node gnutls_asn1_tab[] = { -+ { "GNUTLS", 536872976, NULL }, -+ { NULL, 1073741836, NULL }, -+ { "RSAPublicKey", 1610612741, NULL }, -+ { "modulus", 1073741827, NULL }, -+ { "publicExponent", 3, NULL }, -+ { "RSAPrivateKey", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "modulus", 1073741827, NULL }, -+ { "publicExponent", 1073741827, NULL }, -+ { "privateExponent", 1073741827, NULL }, -+ { "prime1", 1073741827, NULL }, -+ { "prime2", 1073741827, NULL }, -+ { "exponent1", 1073741827, NULL }, -+ { "exponent2", 1073741827, NULL }, -+ { "coefficient", 1073741827, NULL }, -+ { "otherPrimeInfos", 16386, "OtherPrimeInfos"}, -+ { "ProvableSeed", 1610612741, NULL }, -+ { "algorithm", 1073741836, NULL }, -+ { "seed", 7, NULL }, -+ { "OtherPrimeInfos", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "OtherPrimeInfo"}, -+ { "OtherPrimeInfo", 1610612741, NULL }, -+ { "prime", 1073741827, NULL }, -+ { "exponent", 1073741827, NULL }, -+ { "coefficient", 3, NULL }, -+ { "AlgorithmIdentifier", 1610612741, NULL }, -+ { "algorithm", 1073741836, NULL }, -+ { "parameters", 541081613, NULL }, -+ { "algorithm", 1, NULL }, -+ { "DigestInfo", 1610612741, NULL }, -+ { "digestAlgorithm", 1073741826, "DigestAlgorithmIdentifier"}, -+ { "digest", 7, NULL }, -+ { "DigestAlgorithmIdentifier", 1073741826, "AlgorithmIdentifier"}, -+ { "DSAPublicKey", 1073741827, NULL }, -+ { "DSAParameters", 1610612741, NULL }, -+ { "p", 1073741827, NULL }, -+ { "q", 1073741827, NULL }, -+ { "g", 3, NULL }, -+ { "DSASignatureValue", 1610612741, NULL }, -+ { "r", 1073741827, NULL }, -+ { "s", 3, NULL }, -+ { "DSAPrivateKey", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "p", 1073741827, NULL }, -+ { "q", 1073741827, NULL }, -+ { "g", 1073741827, NULL }, -+ { "Y", 1073741827, NULL }, -+ { "priv", 3, NULL }, -+ { "DHParameter", 1610612741, NULL }, -+ { "prime", 1073741827, NULL }, -+ { "base", 1073741827, NULL }, -+ { "privateValueLength", 16387, NULL }, -+ { "ECParameters", 1610612754, NULL }, -+ { "namedCurve", 12, NULL }, -+ { "ECPrivateKey", 1610612741, NULL }, -+ { "Version", 1073741827, NULL }, -+ { "privateKey", 1073741831, NULL }, -+ { "parameters", 1610637314, "ECParameters"}, -+ { NULL, 2056, "0"}, -+ { "publicKey", 536895494, NULL }, -+ { NULL, 2056, "1"}, -+ { "PrincipalName", 1610612741, NULL }, -+ { "name-type", 1610620931, NULL }, -+ { NULL, 2056, "0"}, -+ { "name-string", 536879115, NULL }, -+ { NULL, 1073743880, "1"}, -+ { NULL, 27, NULL }, -+ { "KRB5PrincipalName", 1610612741, NULL }, -+ { "realm", 1610620955, NULL }, -+ { NULL, 2056, "0"}, -+ { "principalName", 536879106, "PrincipalName"}, -+ { NULL, 2056, "1"}, -+ { "RSAPSSParameters", 1610612741, NULL }, -+ { "hashAlgorithm", 1610637314, "AlgorithmIdentifier"}, -+ { NULL, 2056, "0"}, -+ { "maskGenAlgorithm", 1610637314, "AlgorithmIdentifier"}, -+ { NULL, 2056, "1"}, -+ { "saltLength", 1610653699, NULL }, -+ { NULL, 1073741833, "20"}, -+ { NULL, 2056, "2"}, -+ { "trailerField", 536911875, NULL }, -+ { NULL, 1073741833, "1"}, -+ { NULL, 2056, "3"}, -+ { "GOSTParameters", 1610612741, NULL }, -+ { "publicKeyParamSet", 1073741836, NULL }, -+ { "digestParamSet", 16396, NULL }, -+ { "GOSTParametersOld", 1610612741, NULL }, -+ { "publicKeyParamSet", 1073741836, NULL }, -+ { "digestParamSet", 1073741836, NULL }, -+ { "encryptionParamSet", 16396, NULL }, -+ { "GOSTPrivateKey", 1073741831, NULL }, -+ { "GOSTPrivateKeyOld", 1073741827, NULL }, -+ { "IssuerSignTool", 1610612741, NULL }, -+ { "signTool", 1073741858, NULL }, -+ { "cATool", 1073741858, NULL }, -+ { "signToolCert", 1073741858, NULL }, -+ { "cAToolCert", 34, NULL }, -+ { "Gost28147-89-EncryptedKey", 1610612741, NULL }, -+ { "encryptedKey", 1073741831, NULL }, -+ { "maskKey", 1610637319, NULL }, -+ { NULL, 4104, "0"}, -+ { "macKey", 7, NULL }, -+ { "SubjectPublicKeyInfo", 1610612741, NULL }, -+ { "algorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "subjectPublicKey", 6, NULL }, -+ { "GostR3410-TransportParameters", 1610612741, NULL }, -+ { "encryptionParamSet", 1073741836, NULL }, -+ { "ephemeralPublicKey", 1610637314, "SubjectPublicKeyInfo"}, -+ { NULL, 4104, "0"}, -+ { "ukm", 7, NULL }, -+ { "GostR3410-KeyTransport", 536870917, NULL }, -+ { "sessionEncryptedKey", 1073741826, "Gost28147-89-EncryptedKey"}, -+ { "transportParameters", 536895490, "GostR3410-TransportParameters"}, -+ { NULL, 4104, "0"}, -+ { NULL, 0, NULL } -+}; -diff --git a/grub-core/commands/appendedsig/pkix_asn1_tab.c b/grub-core/commands/appendedsig/pkix_asn1_tab.c -new file mode 100644 -index 00000000000..adef69d95ce ---- /dev/null -+++ b/grub-core/commands/appendedsig/pkix_asn1_tab.c -@@ -0,0 +1,484 @@ -+#include -+#include -+ -+const asn1_static_node pkix_asn1_tab[] = { -+ { "PKIX1", 536875024, NULL }, -+ { NULL, 1073741836, NULL }, -+ { "PrivateKeyUsagePeriod", 1610612741, NULL }, -+ { "notBefore", 1610637349, NULL }, -+ { NULL, 4104, "0"}, -+ { "notAfter", 536895525, NULL }, -+ { NULL, 4104, "1"}, -+ { "AuthorityKeyIdentifier", 1610612741, NULL }, -+ { "keyIdentifier", 1610637319, NULL }, -+ { NULL, 4104, "0"}, -+ { "authorityCertIssuer", 1610637314, "GeneralNames"}, -+ { NULL, 4104, "1"}, -+ { "authorityCertSerialNumber", 536895490, "CertificateSerialNumber"}, -+ { NULL, 4104, "2"}, -+ { "SubjectKeyIdentifier", 1073741831, NULL }, -+ { "KeyUsage", 1073741830, NULL }, -+ { "DirectoryString", 1610612754, NULL }, -+ { "teletexString", 1612709918, NULL }, -+ { "MAX", 524298, "1"}, -+ { "printableString", 1612709919, NULL }, -+ { "MAX", 524298, "1"}, -+ { "universalString", 1612709920, NULL }, -+ { "MAX", 524298, "1"}, -+ { "utf8String", 1612709922, NULL }, -+ { "MAX", 524298, "1"}, -+ { "bmpString", 1612709921, NULL }, -+ { "MAX", 524298, "1"}, -+ { "ia5String", 538968093, NULL }, -+ { "MAX", 524298, "1"}, -+ { "SubjectAltName", 1073741826, "GeneralNames"}, -+ { "GeneralNames", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "GeneralName"}, -+ { "GeneralName", 1610612754, NULL }, -+ { "otherName", 1610620930, "AnotherName"}, -+ { NULL, 4104, "0"}, -+ { "rfc822Name", 1610620957, NULL }, -+ { NULL, 4104, "1"}, -+ { "dNSName", 1610620957, NULL }, -+ { NULL, 4104, "2"}, -+ { "x400Address", 1610620941, NULL }, -+ { NULL, 4104, "3"}, -+ { "directoryName", 1610620939, NULL }, -+ { NULL, 1073743880, "4"}, -+ { NULL, 2, "RelativeDistinguishedName"}, -+ { "ediPartyName", 1610620941, NULL }, -+ { NULL, 4104, "5"}, -+ { "uniformResourceIdentifier", 1610620957, NULL }, -+ { NULL, 4104, "6"}, -+ { "iPAddress", 1610620935, NULL }, -+ { NULL, 4104, "7"}, -+ { "registeredID", 536879116, NULL }, -+ { NULL, 4104, "8"}, -+ { "AnotherName", 1610612741, NULL }, -+ { "type-id", 1073741836, NULL }, -+ { "value", 541073421, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "type-id", 1, NULL }, -+ { "IssuerAltName", 1073741826, "GeneralNames"}, -+ { "BasicConstraints", 1610612741, NULL }, -+ { "cA", 1610645508, NULL }, -+ { NULL, 131081, NULL }, -+ { "pathLenConstraint", 537411587, NULL }, -+ { "0", 10, "MAX"}, -+ { "CRLDistributionPoints", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "DistributionPoint"}, -+ { "DistributionPoint", 1610612741, NULL }, -+ { "distributionPoint", 1610637314, "DistributionPointName"}, -+ { NULL, 2056, "0"}, -+ { "reasons", 1610637314, "ReasonFlags"}, -+ { NULL, 4104, "1"}, -+ { "cRLIssuer", 536895490, "GeneralNames"}, -+ { NULL, 4104, "2"}, -+ { "DistributionPointName", 1610612754, NULL }, -+ { "fullName", 1610620930, "GeneralNames"}, -+ { NULL, 4104, "0"}, -+ { "nameRelativeToCRLIssuer", 536879106, "RelativeDistinguishedName"}, -+ { NULL, 4104, "1"}, -+ { "ReasonFlags", 1073741830, NULL }, -+ { "ExtKeyUsageSyntax", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 12, NULL }, -+ { "AuthorityInfoAccessSyntax", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "AccessDescription"}, -+ { "AccessDescription", 1610612741, NULL }, -+ { "accessMethod", 1073741836, NULL }, -+ { "accessLocation", 2, "GeneralName"}, -+ { "Attribute", 1610612741, NULL }, -+ { "type", 1073741836, NULL }, -+ { "values", 536870927, NULL }, -+ { NULL, 13, NULL }, -+ { "AttributeTypeAndValue", 1610612741, NULL }, -+ { "type", 1073741836, NULL }, -+ { "value", 13, NULL }, -+ { "Name", 1610612754, NULL }, -+ { "rdnSequence", 536870923, NULL }, -+ { NULL, 2, "RelativeDistinguishedName"}, -+ { "DistinguishedName", 1610612747, NULL }, -+ { NULL, 2, "RelativeDistinguishedName"}, -+ { "RelativeDistinguishedName", 1612709903, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "AttributeTypeAndValue"}, -+ { "Certificate", 1610612741, NULL }, -+ { "tbsCertificate", 1073741826, "TBSCertificate"}, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 6, NULL }, -+ { "TBSCertificate", 1610612741, NULL }, -+ { "version", 1610653699, NULL }, -+ { NULL, 1073741833, "0"}, -+ { NULL, 2056, "0"}, -+ { "serialNumber", 1073741826, "CertificateSerialNumber"}, -+ { "signature", 1073741826, "AlgorithmIdentifier"}, -+ { "issuer", 1073741826, "Name"}, -+ { "validity", 1073741826, "Validity"}, -+ { "subject", 1073741826, "Name"}, -+ { "subjectPublicKeyInfo", 1073741826, "SubjectPublicKeyInfo"}, -+ { "issuerUniqueID", 1610637314, "UniqueIdentifier"}, -+ { NULL, 4104, "1"}, -+ { "subjectUniqueID", 1610637314, "UniqueIdentifier"}, -+ { NULL, 4104, "2"}, -+ { "extensions", 536895490, "Extensions"}, -+ { NULL, 2056, "3"}, -+ { "CertificateSerialNumber", 1073741827, NULL }, -+ { "Validity", 1610612741, NULL }, -+ { "notBefore", 1073741826, "Time"}, -+ { "notAfter", 2, "Time"}, -+ { "Time", 1610612754, NULL }, -+ { "utcTime", 1073741860, NULL }, -+ { "generalTime", 37, NULL }, -+ { "UniqueIdentifier", 1073741830, NULL }, -+ { "SubjectPublicKeyInfo", 1610612741, NULL }, -+ { "algorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "subjectPublicKey", 6, NULL }, -+ { "Extensions", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "Extension"}, -+ { "Extension", 1610612741, NULL }, -+ { "extnID", 1073741836, NULL }, -+ { "critical", 1610645508, NULL }, -+ { NULL, 131081, NULL }, -+ { "extnValue", 7, NULL }, -+ { "CertificateList", 1610612741, NULL }, -+ { "tbsCertList", 1073741826, "TBSCertList"}, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 6, NULL }, -+ { "TBSCertList", 1610612741, NULL }, -+ { "version", 1073758211, NULL }, -+ { "signature", 1073741826, "AlgorithmIdentifier"}, -+ { "issuer", 1073741826, "Name"}, -+ { "thisUpdate", 1073741826, "Time"}, -+ { "nextUpdate", 1073758210, "Time"}, -+ { "revokedCertificates", 1610629131, NULL }, -+ { NULL, 536870917, NULL }, -+ { "userCertificate", 1073741826, "CertificateSerialNumber"}, -+ { "revocationDate", 1073741826, "Time"}, -+ { "crlEntryExtensions", 16386, "Extensions"}, -+ { "crlExtensions", 536895490, "Extensions"}, -+ { NULL, 2056, "0"}, -+ { "AlgorithmIdentifier", 1610612741, NULL }, -+ { "algorithm", 1073741836, NULL }, -+ { "parameters", 541081613, NULL }, -+ { "algorithm", 1, NULL }, -+ { "Dss-Sig-Value", 1610612741, NULL }, -+ { "r", 1073741827, NULL }, -+ { "s", 3, NULL }, -+ { "Dss-Parms", 1610612741, NULL }, -+ { "p", 1073741827, NULL }, -+ { "q", 1073741827, NULL }, -+ { "g", 3, NULL }, -+ { "pkcs-7-ContentInfo", 1610612741, NULL }, -+ { "contentType", 1073741836, NULL }, -+ { "content", 541073421, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "contentType", 1, NULL }, -+ { "pkcs-7-DigestInfo", 1610612741, NULL }, -+ { "digestAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "digest", 7, NULL }, -+ { "pkcs-7-SignedData", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "digestAlgorithms", 1073741826, "pkcs-7-DigestAlgorithmIdentifiers"}, -+ { "encapContentInfo", 1073741826, "pkcs-7-EncapsulatedContentInfo"}, -+ { "certificates", 1610637314, "pkcs-7-CertificateSet"}, -+ { NULL, 4104, "0"}, -+ { "crls", 1610637314, "pkcs-7-CertificateRevocationLists"}, -+ { NULL, 4104, "1"}, -+ { "signerInfos", 2, "pkcs-7-SignerInfos"}, -+ { "pkcs-7-DigestAlgorithmIdentifiers", 1610612751, NULL }, -+ { NULL, 2, "AlgorithmIdentifier"}, -+ { "pkcs-7-EncapsulatedContentInfo", 1610612741, NULL }, -+ { "eContentType", 1073741836, NULL }, -+ { "eContent", 536895501, NULL }, -+ { NULL, 2056, "0"}, -+ { "pkcs-7-CertificateRevocationLists", 1610612751, NULL }, -+ { NULL, 13, NULL }, -+ { "pkcs-7-CertificateChoices", 1610612754, NULL }, -+ { "certificate", 13, NULL }, -+ { "pkcs-7-CertificateSet", 1610612751, NULL }, -+ { NULL, 2, "pkcs-7-CertificateChoices"}, -+ { "IssuerAndSerialNumber", 1610612741, NULL }, -+ { "issuer", 1073741826, "Name"}, -+ { "serialNumber", 2, "CertificateSerialNumber"}, -+ { "pkcs-7-SignerInfo", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "sid", 1073741826, "SignerIdentifier"}, -+ { "digestAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signedAttrs", 1610637314, "SignedAttributes"}, -+ { NULL, 4104, "0"}, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 1073741831, NULL }, -+ { "unsignedAttrs", 536895490, "SignedAttributes"}, -+ { NULL, 4104, "1"}, -+ { "SignedAttributes", 1612709903, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "Attribute"}, -+ { "SignerIdentifier", 1610612754, NULL }, -+ { "issuerAndSerialNumber", 1073741826, "IssuerAndSerialNumber"}, -+ { "subjectKeyIdentifier", 536879111, NULL }, -+ { NULL, 4104, "0"}, -+ { "pkcs-7-SignerInfos", 1610612751, NULL }, -+ { NULL, 2, "pkcs-7-SignerInfo"}, -+ { "pkcs-10-CertificationRequestInfo", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "subject", 1073741826, "Name"}, -+ { "subjectPKInfo", 1073741826, "SubjectPublicKeyInfo"}, -+ { "attributes", 536879106, "Attributes"}, -+ { NULL, 4104, "0"}, -+ { "Attributes", 1610612751, NULL }, -+ { NULL, 2, "Attribute"}, -+ { "pkcs-10-CertificationRequest", 1610612741, NULL }, -+ { "certificationRequestInfo", 1073741826, "pkcs-10-CertificationRequestInfo"}, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 6, NULL }, -+ { "pkcs-9-at-challengePassword", 1879048204, NULL }, -+ { "iso", 1073741825, "1"}, -+ { "member-body", 1073741825, "2"}, -+ { "us", 1073741825, "840"}, -+ { "rsadsi", 1073741825, "113549"}, -+ { "pkcs", 1073741825, "1"}, -+ { NULL, 1073741825, "9"}, -+ { NULL, 1, "7"}, -+ { "pkcs-9-challengePassword", 1610612754, NULL }, -+ { "printableString", 1073741855, NULL }, -+ { "utf8String", 34, NULL }, -+ { "pkcs-9-localKeyId", 1073741831, NULL }, -+ { "pkcs-8-PrivateKeyInfo", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "privateKeyAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "privateKey", 1073741831, NULL }, -+ { "attributes", 536895490, "Attributes"}, -+ { NULL, 4104, "0"}, -+ { "pkcs-8-EncryptedPrivateKeyInfo", 1610612741, NULL }, -+ { "encryptionAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "encryptedData", 2, "pkcs-8-EncryptedData"}, -+ { "pkcs-8-EncryptedData", 1073741831, NULL }, -+ { "pkcs-5-des-CBC-params", 1612709895, NULL }, -+ { NULL, 1048586, "8"}, -+ { "pkcs-5-des-EDE3-CBC-params", 1612709895, NULL }, -+ { NULL, 1048586, "8"}, -+ { "pkcs-5-aes128-CBC-params", 1612709895, NULL }, -+ { NULL, 1048586, "16"}, -+ { "pkcs-5-aes192-CBC-params", 1612709895, NULL }, -+ { NULL, 1048586, "16"}, -+ { "pkcs-5-aes256-CBC-params", 1612709895, NULL }, -+ { NULL, 1048586, "16"}, -+ { "Gost28147-89-Parameters", 1610612741, NULL }, -+ { "iv", 1073741831, NULL }, -+ { "encryptionParamSet", 12, NULL }, -+ { "pkcs-5-PBE-params", 1610612741, NULL }, -+ { "salt", 1073741831, NULL }, -+ { "iterationCount", 3, NULL }, -+ { "pkcs-5-PBES2-params", 1610612741, NULL }, -+ { "keyDerivationFunc", 1073741826, "AlgorithmIdentifier"}, -+ { "encryptionScheme", 2, "AlgorithmIdentifier"}, -+ { "pkcs-5-PBKDF2-params", 1610612741, NULL }, -+ { "salt", 1610612754, NULL }, -+ { "specified", 1073741831, NULL }, -+ { "otherSource", 2, "AlgorithmIdentifier"}, -+ { "iterationCount", 1611137027, NULL }, -+ { "1", 10, "MAX"}, -+ { "keyLength", 1611153411, NULL }, -+ { "1", 10, "MAX"}, -+ { "prf", 16386, "AlgorithmIdentifier"}, -+ { "pkcs-12-PFX", 1610612741, NULL }, -+ { "version", 1610874883, NULL }, -+ { "v3", 1, "3"}, -+ { "authSafe", 1073741826, "pkcs-7-ContentInfo"}, -+ { "macData", 16386, "pkcs-12-MacData"}, -+ { "pkcs-12-PbeParams", 1610612741, NULL }, -+ { "salt", 1073741831, NULL }, -+ { "iterations", 3, NULL }, -+ { "pkcs-12-MacData", 1610612741, NULL }, -+ { "mac", 1073741826, "pkcs-7-DigestInfo"}, -+ { "macSalt", 1073741831, NULL }, -+ { "iterations", 536903683, NULL }, -+ { NULL, 9, "1"}, -+ { "pkcs-12-AuthenticatedSafe", 1610612747, NULL }, -+ { NULL, 2, "pkcs-7-ContentInfo"}, -+ { "pkcs-12-SafeContents", 1610612747, NULL }, -+ { NULL, 2, "pkcs-12-SafeBag"}, -+ { "pkcs-12-SafeBag", 1610612741, NULL }, -+ { "bagId", 1073741836, NULL }, -+ { "bagValue", 1614815245, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "badId", 1, NULL }, -+ { "bagAttributes", 536887311, NULL }, -+ { NULL, 2, "Attribute"}, -+ { "pkcs-12-CertBag", 1610612741, NULL }, -+ { "certId", 1073741836, NULL }, -+ { "certValue", 541073421, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "certId", 1, NULL }, -+ { "pkcs-12-CRLBag", 1610612741, NULL }, -+ { "crlId", 1073741836, NULL }, -+ { "crlValue", 541073421, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "crlId", 1, NULL }, -+ { "pkcs-12-SecretBag", 1610612741, NULL }, -+ { "secretTypeId", 1073741836, NULL }, -+ { "secretValue", 541073421, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "secretTypeId", 1, NULL }, -+ { "pkcs-7-Data", 1073741831, NULL }, -+ { "pkcs-7-EncryptedData", 1610612741, NULL }, -+ { "version", 1073741827, NULL }, -+ { "encryptedContentInfo", 1073741826, "pkcs-7-EncryptedContentInfo"}, -+ { "unprotectedAttrs", 536895490, "pkcs-7-UnprotectedAttributes"}, -+ { NULL, 4104, "1"}, -+ { "pkcs-7-EncryptedContentInfo", 1610612741, NULL }, -+ { "contentType", 1073741836, NULL }, -+ { "contentEncryptionAlgorithm", 1073741826, "pkcs-7-ContentEncryptionAlgorithmIdentifier"}, -+ { "encryptedContent", 536895495, NULL }, -+ { NULL, 4104, "0"}, -+ { "pkcs-7-ContentEncryptionAlgorithmIdentifier", 1073741826, "AlgorithmIdentifier"}, -+ { "pkcs-7-UnprotectedAttributes", 1612709903, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "Attribute"}, -+ { "ProxyCertInfo", 1610612741, NULL }, -+ { "pCPathLenConstraint", 1611153411, NULL }, -+ { "0", 10, "MAX"}, -+ { "proxyPolicy", 2, "ProxyPolicy"}, -+ { "ProxyPolicy", 1610612741, NULL }, -+ { "policyLanguage", 1073741836, NULL }, -+ { "policy", 16391, NULL }, -+ { "certificatePolicies", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "PolicyInformation"}, -+ { "PolicyInformation", 1610612741, NULL }, -+ { "policyIdentifier", 1073741836, NULL }, -+ { "policyQualifiers", 538984459, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "PolicyQualifierInfo"}, -+ { "PolicyQualifierInfo", 1610612741, NULL }, -+ { "policyQualifierId", 1073741836, NULL }, -+ { "qualifier", 541065229, NULL }, -+ { "policyQualifierId", 1, NULL }, -+ { "CPSuri", 1073741853, NULL }, -+ { "UserNotice", 1610612741, NULL }, -+ { "noticeRef", 1073758210, "NoticeReference"}, -+ { "explicitText", 16386, "DisplayText"}, -+ { "NoticeReference", 1610612741, NULL }, -+ { "organization", 1073741826, "DisplayText"}, -+ { "noticeNumbers", 536870923, NULL }, -+ { NULL, 3, NULL }, -+ { "DisplayText", 1610612754, NULL }, -+ { "ia5String", 1612709917, NULL }, -+ { "200", 524298, "1"}, -+ { "visibleString", 1612709923, NULL }, -+ { "200", 524298, "1"}, -+ { "bmpString", 1612709921, NULL }, -+ { "200", 524298, "1"}, -+ { "utf8String", 538968098, NULL }, -+ { "200", 524298, "1"}, -+ { "OCSPRequest", 1610612741, NULL }, -+ { "tbsRequest", 1073741826, "TBSRequest"}, -+ { "optionalSignature", 536895490, "Signature"}, -+ { NULL, 2056, "0"}, -+ { "TBSRequest", 1610612741, NULL }, -+ { "version", 1610653699, NULL }, -+ { NULL, 1073741833, "0"}, -+ { NULL, 2056, "0"}, -+ { "requestorName", 1610637314, "GeneralName"}, -+ { NULL, 2056, "1"}, -+ { "requestList", 1610612747, NULL }, -+ { NULL, 2, "Request"}, -+ { "requestExtensions", 536895490, "Extensions"}, -+ { NULL, 2056, "2"}, -+ { "Signature", 1610612741, NULL }, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 1073741830, NULL }, -+ { "certs", 536895499, NULL }, -+ { NULL, 1073743880, "0"}, -+ { NULL, 2, "Certificate"}, -+ { "Request", 1610612741, NULL }, -+ { "reqCert", 1073741826, "CertID"}, -+ { "singleRequestExtensions", 536895490, "Extensions"}, -+ { NULL, 2056, "0"}, -+ { "CertID", 1610612741, NULL }, -+ { "hashAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "issuerNameHash", 1073741831, NULL }, -+ { "issuerKeyHash", 1073741831, NULL }, -+ { "serialNumber", 2, "CertificateSerialNumber"}, -+ { "OCSPResponse", 1610612741, NULL }, -+ { "responseStatus", 1073741826, "OCSPResponseStatus"}, -+ { "responseBytes", 536895490, "ResponseBytes"}, -+ { NULL, 2056, "0"}, -+ { "OCSPResponseStatus", 1610874901, NULL }, -+ { "successful", 1073741825, "0"}, -+ { "malformedRequest", 1073741825, "1"}, -+ { "internalError", 1073741825, "2"}, -+ { "tryLater", 1073741825, "3"}, -+ { "sigRequired", 1073741825, "5"}, -+ { "unauthorized", 1, "6"}, -+ { "ResponseBytes", 1610612741, NULL }, -+ { "responseType", 1073741836, NULL }, -+ { "response", 7, NULL }, -+ { "BasicOCSPResponse", 1610612741, NULL }, -+ { "tbsResponseData", 1073741826, "ResponseData"}, -+ { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"}, -+ { "signature", 1073741830, NULL }, -+ { "certs", 536895499, NULL }, -+ { NULL, 1073743880, "0"}, -+ { NULL, 2, "Certificate"}, -+ { "ResponseData", 1610612741, NULL }, -+ { "version", 1610653699, NULL }, -+ { NULL, 1073741833, "0"}, -+ { NULL, 2056, "0"}, -+ { "responderID", 1073741826, "ResponderID"}, -+ { "producedAt", 1073741861, NULL }, -+ { "responses", 1610612747, NULL }, -+ { NULL, 2, "SingleResponse"}, -+ { "responseExtensions", 536895490, "Extensions"}, -+ { NULL, 2056, "1"}, -+ { "ResponderID", 1610612754, NULL }, -+ { "byName", 1610620939, NULL }, -+ { NULL, 1073743880, "1"}, -+ { NULL, 2, "RelativeDistinguishedName"}, -+ { "byKey", 536879111, NULL }, -+ { NULL, 2056, "2"}, -+ { "SingleResponse", 1610612741, NULL }, -+ { "certID", 1073741826, "CertID"}, -+ { "certStatus", 1073741826, "CertStatus"}, -+ { "thisUpdate", 1073741861, NULL }, -+ { "nextUpdate", 1610637349, NULL }, -+ { NULL, 2056, "0"}, -+ { "singleExtensions", 536895490, "Extensions"}, -+ { NULL, 2056, "1"}, -+ { "CertStatus", 1610612754, NULL }, -+ { "good", 1610620948, NULL }, -+ { NULL, 4104, "0"}, -+ { "revoked", 1610620930, "RevokedInfo"}, -+ { NULL, 4104, "1"}, -+ { "unknown", 536879106, "UnknownInfo"}, -+ { NULL, 4104, "2"}, -+ { "RevokedInfo", 1610612741, NULL }, -+ { "revocationTime", 1073741861, NULL }, -+ { "revocationReason", 537157653, NULL }, -+ { NULL, 1073743880, "0"}, -+ { "unspecified", 1, "0"}, -+ { "UnknownInfo", 1073741844, NULL }, -+ { "NameConstraints", 1610612741, NULL }, -+ { "permittedSubtrees", 1610637314, "GeneralSubtrees"}, -+ { NULL, 4104, "0"}, -+ { "excludedSubtrees", 536895490, "GeneralSubtrees"}, -+ { NULL, 4104, "1"}, -+ { "GeneralSubtrees", 1612709899, NULL }, -+ { "MAX", 1074266122, "1"}, -+ { NULL, 2, "GeneralSubtree"}, -+ { "GeneralSubtree", 1610612741, NULL }, -+ { "base", 1073741826, "GeneralName"}, -+ { "minimum", 1610653699, NULL }, -+ { NULL, 1073741833, "0"}, -+ { NULL, 4104, "0"}, -+ { "maximum", 536895491, NULL }, -+ { NULL, 4104, "1"}, -+ { "TlsFeatures", 536870923, NULL }, -+ { NULL, 3, NULL }, -+ { NULL, 0, NULL } -+}; diff --git a/0176-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch b/0176-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch deleted file mode 100644 index 04bf1df4523208fd8b3a2770aa114b34a129ed72..0000000000000000000000000000000000000000 --- a/0176-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch +++ /dev/null @@ -1,1528 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 30 Jul 2020 01:33:46 +1000 -Subject: [PATCH] appended signatures: parse PKCS#7 signedData and X.509 - certificates - -This code allows us to parse: - - - PKCS#7 signedData messages. Only a single signerInfo is supported, - which is all that the Linux sign-file utility supports creating - out-of-the-box. Only RSA, SHA-256 and SHA-512 are supported. - Any certificate embedded in the PKCS#7 message will be ignored. - - - X.509 certificates: at least enough to verify the signatures on the - PKCS#7 messages. We expect that the certificates embedded in grub will - be leaf certificates, not CA certificates. The parser enforces this. - -Signed-off-by: Daniel Axtens ---- - grub-core/commands/appendedsig/asn1util.c | 102 +++ - grub-core/commands/appendedsig/pkcs7.c | 305 +++++++++ - grub-core/commands/appendedsig/x509.c | 958 +++++++++++++++++++++++++++ - grub-core/commands/appendedsig/appendedsig.h | 110 +++ - 4 files changed, 1475 insertions(+) - create mode 100644 grub-core/commands/appendedsig/asn1util.c - create mode 100644 grub-core/commands/appendedsig/pkcs7.c - create mode 100644 grub-core/commands/appendedsig/x509.c - create mode 100644 grub-core/commands/appendedsig/appendedsig.h - -diff --git a/grub-core/commands/appendedsig/asn1util.c b/grub-core/commands/appendedsig/asn1util.c -new file mode 100644 -index 00000000000..eff095a9df2 ---- /dev/null -+++ b/grub-core/commands/appendedsig/asn1util.c -@@ -0,0 +1,102 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "appendedsig.h" -+ -+asn1_node _gnutls_gnutls_asn = ASN1_TYPE_EMPTY; -+asn1_node _gnutls_pkix_asn = ASN1_TYPE_EMPTY; -+ -+extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[]; -+extern const ASN1_ARRAY_TYPE pkix_asn1_tab[]; -+ -+/* -+ * Read a value from an ASN1 node, allocating memory to store it. -+ * -+ * It will work for anything where the size libtasn1 returns is right: -+ * - Integers -+ * - Octet strings -+ * - DER encoding of other structures -+ * It will _not_ work for things where libtasn1 size requires adjustment: -+ * - Strings that require an extra NULL byte at the end -+ * - Bit strings because libtasn1 returns the length in bits, not bytes. -+ * -+ * If the function returns a non-NULL value, the caller must free it. -+ */ -+void * -+grub_asn1_allocate_and_read (asn1_node node, const char *name, -+ const char *friendly_name, int *content_size) -+{ -+ int result; -+ grub_uint8_t *tmpstr = NULL; -+ int tmpstr_size = 0; -+ -+ result = asn1_read_value (node, name, NULL, &tmpstr_size); -+ if (result != ASN1_MEM_ERROR) -+ { -+ grub_snprintf (grub_errmsg, sizeof (grub_errmsg), -+ _ -+ ("Reading size of %s did not return expected status: %s"), -+ friendly_name, asn1_strerror (result)); -+ grub_errno = GRUB_ERR_BAD_FILE_TYPE; -+ return NULL; -+ } -+ -+ tmpstr = grub_malloc (tmpstr_size); -+ if (tmpstr == NULL) -+ { -+ grub_snprintf (grub_errmsg, sizeof (grub_errmsg), -+ "Could not allocate memory to store %s", friendly_name); -+ grub_errno = GRUB_ERR_OUT_OF_MEMORY; -+ return NULL; -+ } -+ -+ result = asn1_read_value (node, name, tmpstr, &tmpstr_size); -+ if (result != ASN1_SUCCESS) -+ { -+ grub_free (tmpstr); -+ grub_snprintf (grub_errmsg, sizeof (grub_errmsg), -+ "Error reading %s: %s", -+ friendly_name, asn1_strerror (result)); -+ grub_errno = GRUB_ERR_BAD_FILE_TYPE; -+ return NULL; -+ } -+ -+ *content_size = tmpstr_size; -+ -+ return tmpstr; -+} -+ -+int -+asn1_init (void) -+{ -+ int res; -+ res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL); -+ if (res != ASN1_SUCCESS) -+ { -+ return res; -+ } -+ res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix_asn, NULL); -+ return res; -+} -diff --git a/grub-core/commands/appendedsig/pkcs7.c b/grub-core/commands/appendedsig/pkcs7.c -new file mode 100644 -index 00000000000..dc6afe203f7 ---- /dev/null -+++ b/grub-core/commands/appendedsig/pkcs7.c -@@ -0,0 +1,305 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include "appendedsig.h" -+#include -+#include -+#include -+ -+ -+static char asn1_error[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ -+/* -+ * RFC 5652 s 5.1 -+ */ -+const char *signedData_oid = "1.2.840.113549.1.7.2"; -+ -+/* -+ * RFC 4055 s 2.1 -+ */ -+const char *sha256_oid = "2.16.840.1.101.3.4.2.1"; -+const char *sha512_oid = "2.16.840.1.101.3.4.2.3"; -+ -+static grub_err_t -+process_content (grub_uint8_t * content, int size, -+ struct pkcs7_signedData *msg) -+{ -+ int res; -+ asn1_node signed_part; -+ grub_err_t err = GRUB_ERR_NONE; -+ char algo_oid[MAX_OID_LEN]; -+ int algo_oid_size = sizeof (algo_oid); -+ int algo_count; -+ char version; -+ int version_size = sizeof (version); -+ grub_uint8_t *result_buf; -+ int result_size = 0; -+ int crls_size = 0; -+ gcry_error_t gcry_err; -+ -+ res = asn1_create_element (_gnutls_pkix_asn, "PKIX1.pkcs-7-SignedData", -+ &signed_part); -+ if (res != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for PKCS#7 signed part."); -+ } -+ -+ res = asn1_der_decoding2 (&signed_part, content, &size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error reading PKCS#7 signed data: %s", asn1_error); -+ goto cleanup_signed_part; -+ } -+ -+ /* SignedData ::= SEQUENCE { -+ * version CMSVersion, -+ * digestAlgorithms DigestAlgorithmIdentifiers, -+ * encapContentInfo EncapsulatedContentInfo, -+ * certificates [0] IMPLICIT CertificateSet OPTIONAL, -+ * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, -+ * signerInfos SignerInfos } -+ */ -+ -+ /* version per the algo in 5.1, must be 1 */ -+ res = asn1_read_value (signed_part, "version", &version, &version_size); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error reading signedData version: %s", -+ asn1_strerror (res)); -+ goto cleanup_signed_part; -+ } -+ -+ if (version != 1) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Unexpected signature version v%d, only v1 supported", -+ version); -+ goto cleanup_signed_part; -+ } -+ -+ /* -+ * digestAlgorithms DigestAlgorithmIdentifiers -+ * -+ * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier -+ * DigestAlgorithmIdentifer is an X.509 AlgorithmIdentifier (10.1.1) -+ * -+ * RFC 4055 s 2.1: -+ * sha256Identifier AlgorithmIdentifier ::= { id-sha256, NULL } -+ * sha512Identifier AlgorithmIdentifier ::= { id-sha512, NULL } -+ * -+ * We only support 1 element in the set, and we do not check parameters atm. -+ */ -+ res = -+ asn1_number_of_elements (signed_part, "digestAlgorithms", &algo_count); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error counting number of digest algorithms: %s", -+ asn1_strerror (res)); -+ goto cleanup_signed_part; -+ } -+ -+ if (algo_count != 1) -+ { -+ err = -+ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Only 1 digest algorithm is supported"); -+ goto cleanup_signed_part; -+ } -+ -+ res = -+ asn1_read_value (signed_part, "digestAlgorithms.?1.algorithm", algo_oid, -+ &algo_oid_size); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error reading digest algorithm: %s", -+ asn1_strerror (res)); -+ goto cleanup_signed_part; -+ } -+ -+ if (grub_strncmp (sha512_oid, algo_oid, algo_oid_size) == 0) -+ { -+ msg->hash = grub_crypto_lookup_md_by_name ("sha512"); -+ } -+ else if (grub_strncmp (sha256_oid, algo_oid, algo_oid_size) == 0) -+ { -+ msg->hash = grub_crypto_lookup_md_by_name ("sha256"); -+ } -+ else -+ { -+ err = -+ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Only SHA-256 and SHA-512 hashes are supported, found OID %s", -+ algo_oid); -+ goto cleanup_signed_part; -+ } -+ -+ if (!msg->hash) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Hash algorithm for OID %s not loaded", algo_oid); -+ goto cleanup_signed_part; -+ } -+ -+ /* -+ * We ignore the certificates, but we don't permit CRLs. -+ * A CRL entry might be revoking the certificate we're using, and we have -+ * no way of dealing with that at the moment. -+ */ -+ res = asn1_read_value (signed_part, "crls", NULL, &crls_size); -+ if (res != ASN1_ELEMENT_NOT_FOUND) -+ { -+ err = -+ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "PKCS#7 messages with embedded CRLs are not supported"); -+ goto cleanup_signed_part; -+ } -+ -+ /* read the signature */ -+ result_buf = -+ grub_asn1_allocate_and_read (signed_part, "signerInfos.?1.signature", -+ "signature data", &result_size); -+ if (!result_buf) -+ { -+ err = grub_errno; -+ goto cleanup_signed_part; -+ } -+ -+ gcry_err = -+ gcry_mpi_scan (&(msg->sig_mpi), GCRYMPI_FMT_USG, result_buf, result_size, -+ NULL); -+ if (gcry_err != GPG_ERR_NO_ERROR) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error loading signature into MPI structure: %d", -+ gcry_err); -+ goto cleanup_result; -+ } -+ -+cleanup_result: -+ grub_free (result_buf); -+cleanup_signed_part: -+ asn1_delete_structure (&signed_part); -+ -+ return err; -+} -+ -+grub_err_t -+parse_pkcs7_signedData (void *sigbuf, grub_size_t data_size, -+ struct pkcs7_signedData *msg) -+{ -+ int res; -+ asn1_node content_info; -+ grub_err_t err = GRUB_ERR_NONE; -+ char content_oid[MAX_OID_LEN]; -+ grub_uint8_t *content; -+ int content_size; -+ int content_oid_size = sizeof (content_oid); -+ int size; -+ -+ if (data_size > GRUB_INT_MAX) -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, -+ "Cannot parse a PKCS#7 message where data size > INT_MAX"); -+ size = (int) data_size; -+ -+ res = asn1_create_element (_gnutls_pkix_asn, -+ "PKIX1.pkcs-7-ContentInfo", &content_info); -+ if (res != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for PKCS#7 data: %s", -+ asn1_strerror (res)); -+ } -+ -+ res = asn1_der_decoding2 (&content_info, sigbuf, &size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error decoding PKCS#7 message DER: %s", asn1_error); -+ goto cleanup; -+ } -+ -+ /* -+ * ContentInfo ::= SEQUENCE { -+ * contentType ContentType, -+ * content [0] EXPLICIT ANY DEFINED BY contentType } -+ * -+ * ContentType ::= OBJECT IDENTIFIER -+ */ -+ res = -+ asn1_read_value (content_info, "contentType", content_oid, -+ &content_oid_size); -+ if (res != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Error reading PKCS#7 content type: %s", -+ asn1_strerror (res)); -+ goto cleanup; -+ } -+ -+ /* OID for SignedData defined in 5.1 */ -+ if (grub_strncmp (signedData_oid, content_oid, content_oid_size) != 0) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_SIGNATURE, -+ "Unexpected content type in PKCS#7 message: OID %s", -+ content_oid); -+ goto cleanup; -+ } -+ -+ content = -+ grub_asn1_allocate_and_read (content_info, "content", -+ "PKCS#7 message content", &content_size); -+ if (!content) -+ { -+ err = grub_errno; -+ goto cleanup; -+ } -+ -+ err = process_content (content, content_size, msg); -+ grub_free (content); -+ -+cleanup: -+ asn1_delete_structure (&content_info); -+ return err; -+} -+ -+/* -+ * Release all the storage associated with the PKCS#7 message. -+ * If the caller dynamically allocated the message, it must free it. -+ */ -+void -+pkcs7_signedData_release (struct pkcs7_signedData *msg) -+{ -+ gcry_mpi_release (msg->sig_mpi); -+} -diff --git a/grub-core/commands/appendedsig/x509.c b/grub-core/commands/appendedsig/x509.c -new file mode 100644 -index 00000000000..2b38b3670a2 ---- /dev/null -+++ b/grub-core/commands/appendedsig/x509.c -@@ -0,0 +1,958 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "appendedsig.h" -+ -+static char asn1_error[ASN1_MAX_ERROR_DESCRIPTION_SIZE]; -+ -+/* -+ * RFC 3279 2.3.1 RSA Keys -+ */ -+const char *rsaEncryption_oid = "1.2.840.113549.1.1.1"; -+ -+/* -+ * RFC 5280 Appendix A -+ */ -+const char *commonName_oid = "2.5.4.3"; -+ -+/* -+ * RFC 5280 4.2.1.3 Key Usage -+ */ -+const char *keyUsage_oid = "2.5.29.15"; -+ -+/* -+ * RFC 5280 4.2.1.9 Basic Constraints -+ */ -+const char *basicConstraints_oid = "2.5.29.19"; -+ -+/* -+ * RFC 3279 2.3.1 -+ * -+ * The RSA public key MUST be encoded using the ASN.1 type RSAPublicKey: -+ * -+ * RSAPublicKey ::= SEQUENCE { -+ * modulus INTEGER, -- n -+ * publicExponent INTEGER } -- e -+ * -+ * where modulus is the modulus n, and publicExponent is the public -+ * exponent e. -+ */ -+static grub_err_t -+grub_parse_rsa_pubkey (grub_uint8_t * der, int dersize, -+ struct x509_certificate *certificate) -+{ -+ int result; -+ asn1_node spk = ASN1_TYPE_EMPTY; -+ grub_uint8_t *m_data, *e_data; -+ int m_size, e_size; -+ grub_err_t err = GRUB_ERR_NONE; -+ gcry_error_t gcry_err; -+ -+ result = -+ asn1_create_element (_gnutls_gnutls_asn, "GNUTLS.RSAPublicKey", &spk); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Cannot create storage for public key ASN.1 data"); -+ } -+ -+ result = asn1_der_decoding2 (&spk, der, &dersize, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Cannot decode certificate public key DER: %s", -+ asn1_error); -+ goto cleanup; -+ } -+ -+ m_data = -+ grub_asn1_allocate_and_read (spk, "modulus", "RSA modulus", &m_size); -+ if (!m_data) -+ { -+ err = grub_errno; -+ goto cleanup; -+ } -+ -+ e_data = -+ grub_asn1_allocate_and_read (spk, "publicExponent", "RSA public exponent", -+ &e_size); -+ if (!e_data) -+ { -+ err = grub_errno; -+ goto cleanup_m_data; -+ } -+ -+ /* -+ * convert m, e to mpi -+ * -+ * nscanned is not set for FMT_USG, it's only set for FMT_PGP, -+ * so we can't verify it -+ */ -+ gcry_err = -+ gcry_mpi_scan (&certificate->mpis[0], GCRYMPI_FMT_USG, m_data, m_size, -+ NULL); -+ if (gcry_err != GPG_ERR_NO_ERROR) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error loading RSA modulus into MPI structure: %d", -+ gcry_err); -+ goto cleanup_e_data; -+ } -+ -+ gcry_err = -+ gcry_mpi_scan (&certificate->mpis[1], GCRYMPI_FMT_USG, e_data, e_size, -+ NULL); -+ if (gcry_err != GPG_ERR_NO_ERROR) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error loading RSA exponent into MPI structure: %d", -+ gcry_err); -+ goto cleanup_m_mpi; -+ } -+ -+ grub_free (e_data); -+ grub_free (m_data); -+ asn1_delete_structure (&spk); -+ return GRUB_ERR_NONE; -+ -+cleanup_m_mpi: -+ gcry_mpi_release (certificate->mpis[0]); -+cleanup_e_data: -+ grub_free (e_data); -+cleanup_m_data: -+ grub_free (m_data); -+cleanup: -+ asn1_delete_structure (&spk); -+ return err; -+} -+ -+ -+/* -+ * RFC 5280: -+ * SubjectPublicKeyInfo ::= SEQUENCE { -+ * algorithm AlgorithmIdentifier, -+ * subjectPublicKey BIT STRING } -+ * -+ * AlgorithmIdentifiers come from RFC 3279, we are not strictly compilant as we -+ * only support RSA Encryption. -+ */ -+ -+static grub_err_t -+grub_x509_read_subject_public_key (asn1_node asn, -+ struct x509_certificate *results) -+{ -+ int result; -+ grub_err_t err; -+ const char *algo_name = -+ "tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm"; -+ const char *params_name = -+ "tbsCertificate.subjectPublicKeyInfo.algorithm.parameters"; -+ const char *pk_name = -+ "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey"; -+ char algo_oid[MAX_OID_LEN]; -+ int algo_size = sizeof (algo_oid); -+ char params_value[2]; -+ int params_size = sizeof (params_value); -+ grub_uint8_t *key_data = NULL; -+ int key_size = 0; -+ unsigned int key_type; -+ -+ /* algorithm: see notes for rsaEncryption_oid */ -+ result = asn1_read_value (asn, algo_name, algo_oid, &algo_size); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading x509 public key algorithm: %s", -+ asn1_strerror (result)); -+ } -+ -+ if (grub_strncmp (algo_oid, rsaEncryption_oid, sizeof (rsaEncryption_oid)) -+ != 0) -+ { -+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Unsupported x509 public key algorithm: %s", -+ algo_oid); -+ } -+ -+ /* -+ * RFC 3279 2.3.1 -+ * The rsaEncryption OID is intended to be used in the algorithm field -+ * of a value of type AlgorithmIdentifier. The parameters field MUST -+ * have ASN.1 type NULL for this algorithm identifier. -+ */ -+ result = asn1_read_value (asn, params_name, params_value, ¶ms_size); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading x509 public key parameters: %s", -+ asn1_strerror (result)); -+ } -+ -+ if (params_value[0] != ASN1_TAG_NULL) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Invalid x509 public key parameters: expected NULL"); -+ } -+ -+ /* -+ * RFC 3279 2.3.1: The DER encoded RSAPublicKey is the value of the BIT -+ * STRING subjectPublicKey. -+ */ -+ result = asn1_read_value_type (asn, pk_name, NULL, &key_size, &key_type); -+ if (result != ASN1_MEM_ERROR) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading size of x509 public key: %s", -+ asn1_strerror (result)); -+ } -+ if (key_type != ASN1_ETYPE_BIT_STRING) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unexpected ASN.1 type when reading x509 public key: %x", -+ key_type); -+ } -+ -+ /* length is in bits */ -+ key_size = (key_size + 7) / 8; -+ -+ key_data = grub_malloc (key_size); -+ if (!key_data) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Out of memory for x509 public key"); -+ } -+ -+ result = asn1_read_value (asn, pk_name, key_data, &key_size); -+ if (result != ASN1_SUCCESS) -+ { -+ grub_free (key_data); -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading public key data"); -+ } -+ key_size = (key_size + 7) / 8; -+ -+ err = grub_parse_rsa_pubkey (key_data, key_size, results); -+ grub_free (key_data); -+ -+ return err; -+} -+ -+/* Decode a string as defined in Appendix A */ -+static grub_err_t -+decode_string (char *der, int der_size, char **string, -+ grub_size_t * string_size) -+{ -+ asn1_node strasn; -+ int result; -+ char *choice; -+ int choice_size = 0; -+ int tmp_size = 0; -+ grub_err_t err = GRUB_ERR_NONE; -+ -+ result = -+ asn1_create_element (_gnutls_pkix_asn, "PKIX1.DirectoryString", &strasn); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for certificate: %s", -+ asn1_strerror (result)); -+ } -+ -+ result = asn1_der_decoding2 (&strasn, der, &der_size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Could not parse DER for DirectoryString: %s", -+ asn1_error); -+ goto cleanup; -+ } -+ -+ choice = -+ grub_asn1_allocate_and_read (strasn, "", "DirectoryString choice", -+ &choice_size); -+ if (!choice) -+ { -+ err = grub_errno; -+ goto cleanup; -+ } -+ -+ if (grub_strncmp ("utf8String", choice, choice_size)) -+ { -+ err = -+ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Only UTF-8 DirectoryStrings are supported, got %s", -+ choice); -+ goto cleanup_choice; -+ } -+ -+ result = asn1_read_value (strasn, "utf8String", NULL, &tmp_size); -+ if (result != ASN1_MEM_ERROR) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading size of UTF-8 string: %s", -+ asn1_strerror (result)); -+ goto cleanup_choice; -+ } -+ -+ /* read size does not include trailing null */ -+ tmp_size++; -+ -+ *string = grub_malloc (tmp_size); -+ if (!*string) -+ { -+ err = -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Cannot allocate memory for DirectoryString contents"); -+ goto cleanup_choice; -+ } -+ -+ result = asn1_read_value (strasn, "utf8String", *string, &tmp_size); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading out UTF-8 string in DirectoryString: %s", -+ asn1_strerror (result)); -+ grub_free (*string); -+ goto cleanup_choice; -+ } -+ *string_size = tmp_size + 1; -+ (*string)[tmp_size] = '\0'; -+ -+cleanup_choice: -+ grub_free (choice); -+cleanup: -+ asn1_delete_structure (&strasn); -+ return err; -+} -+ -+/* -+ * TBSCertificate ::= SEQUENCE { -+ * version [0] EXPLICIT Version DEFAULT v1, -+ * ... -+ * -+ * Version ::= INTEGER { v1(0), v2(1), v3(2) } -+ */ -+static grub_err_t -+check_version (asn1_node certificate) -+{ -+ int rc; -+ const char *name = "tbsCertificate.version"; -+ grub_uint8_t version; -+ int len = 1; -+ -+ rc = asn1_read_value (certificate, name, &version, &len); -+ -+ /* require version 3 */ -+ if (rc != ASN1_SUCCESS || len != 1) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading certificate version"); -+ -+ if (version != 0x02) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Invalid x509 certificate version, expected v3 (0x02), got 0x%02x", -+ version); -+ -+ return GRUB_ERR_NONE; -+} -+ -+/* -+ * This is an X.501 Name, which is complex. -+ * -+ * For simplicity, we extract only the CN. -+ */ -+static grub_err_t -+read_name (asn1_node asn, const char *name_path, char **name, -+ grub_size_t * name_size) -+{ -+ int seq_components, set_components; -+ int result; -+ int i, j; -+ char *top_path, *set_path, *type_path, *val_path; -+ char type[MAX_OID_LEN]; -+ int type_len = sizeof (type); -+ int string_size = 0; -+ char *string_der; -+ grub_err_t err; -+ -+ *name = NULL; -+ -+ top_path = grub_xasprintf ("%s.rdnSequence", name_path); -+ if (!top_path) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not allocate memory for %s name parsing path", -+ name_path); -+ -+ result = asn1_number_of_elements (asn, top_path, &seq_components); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error counting name components: %s", -+ asn1_strerror (result)); -+ goto cleanup; -+ } -+ -+ for (i = 1; i <= seq_components; i++) -+ { -+ set_path = grub_xasprintf ("%s.?%d", top_path, i); -+ if (!set_path) -+ { -+ err = -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not allocate memory for %s name set parsing path", -+ name_path); -+ goto cleanup_set; -+ } -+ /* this brings us, hopefully, to a set */ -+ result = asn1_number_of_elements (asn, set_path, &set_components); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error counting name sub-components components (element %d): %s", -+ i, asn1_strerror (result)); -+ goto cleanup_set; -+ } -+ for (j = 1; j <= set_components; j++) -+ { -+ type_path = grub_xasprintf ("%s.?%d.?%d.type", top_path, i, j); -+ if (!type_path) -+ { -+ err = -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not allocate memory for %s name component type path", -+ name_path); -+ goto cleanup_set; -+ } -+ type_len = sizeof (type); -+ result = asn1_read_value (asn, type_path, type, &type_len); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading %s name component type: %s", -+ name_path, asn1_strerror (result)); -+ goto cleanup_type; -+ } -+ -+ if (grub_strncmp (type, commonName_oid, type_len) != 0) -+ { -+ grub_free (type_path); -+ continue; -+ } -+ -+ val_path = grub_xasprintf ("%s.?%d.?%d.value", top_path, i, j); -+ if (!val_path) -+ { -+ err = -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not allocate memory for %s name component value path", -+ name_path); -+ goto cleanup_set; -+ } -+ -+ string_der = -+ grub_asn1_allocate_and_read (asn, val_path, name_path, -+ &string_size); -+ if (!string_der) -+ { -+ err = grub_errno; -+ goto cleanup_val_path; -+ } -+ -+ err = decode_string (string_der, string_size, name, name_size); -+ if (err) -+ goto cleanup_string; -+ -+ grub_free (string_der); -+ grub_free (type_path); -+ grub_free (val_path); -+ break; -+ } -+ grub_free (set_path); -+ -+ if (*name) -+ break; -+ } -+ -+ return GRUB_ERR_NONE; -+ -+cleanup_string: -+ grub_free (string_der); -+cleanup_val_path: -+ grub_free (val_path); -+cleanup_type: -+ grub_free (type_path); -+cleanup_set: -+ grub_free (set_path); -+cleanup: -+ grub_free (top_path); -+ return err; -+} -+ -+/* -+ * details here -+ */ -+static grub_err_t -+verify_key_usage (grub_uint8_t * value, int value_size) -+{ -+ asn1_node usageasn; -+ int result; -+ grub_err_t err = GRUB_ERR_NONE; -+ grub_uint8_t usage = 0xff; -+ int usage_size = 1; -+ -+ result = -+ asn1_create_element (_gnutls_pkix_asn, "PKIX1.KeyUsage", &usageasn); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for key usage"); -+ } -+ -+ result = asn1_der_decoding2 (&usageasn, value, &value_size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error parsing DER for Key Usage: %s", asn1_error); -+ goto cleanup; -+ } -+ -+ result = asn1_read_value (usageasn, "", &usage, &usage_size); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading Key Usage value: %s", -+ asn1_strerror (result)); -+ goto cleanup; -+ } -+ -+ /* Only the first bit is permitted to be set */ -+ if (usage != 0x80) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, "Unexpected Key Usage value: %x", -+ usage); -+ goto cleanup; -+ } -+ -+cleanup: -+ asn1_delete_structure (&usageasn); -+ return err; -+} -+ -+/* -+ * BasicConstraints ::= SEQUENCE { -+ * cA BOOLEAN DEFAULT FALSE, -+ * pathLenConstraint INTEGER (0..MAX) OPTIONAL } -+ */ -+static grub_err_t -+verify_basic_constraints (grub_uint8_t * value, int value_size) -+{ -+ asn1_node basicasn; -+ int result; -+ grub_err_t err = GRUB_ERR_NONE; -+ char cA[6]; /* FALSE or TRUE */ -+ int cA_size = sizeof (cA); -+ -+ result = -+ asn1_create_element (_gnutls_pkix_asn, "PKIX1.BasicConstraints", -+ &basicasn); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for Basic Constraints"); -+ } -+ -+ result = asn1_der_decoding2 (&basicasn, value, &value_size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error parsing DER for Basic Constraints: %s", -+ asn1_error); -+ goto cleanup; -+ } -+ -+ result = asn1_read_value (basicasn, "cA", cA, &cA_size); -+ if (result == ASN1_ELEMENT_NOT_FOUND) -+ { -+ /* Not present, default is False, so this is OK */ -+ err = GRUB_ERR_NONE; -+ goto cleanup; -+ } -+ else if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading Basic Constraints cA value: %s", -+ asn1_strerror (result)); -+ goto cleanup; -+ } -+ -+ /* The certificate must not be a CA certificate */ -+ if (grub_strncmp ("FALSE", cA, cA_size) != 0) -+ { -+ err = grub_error (GRUB_ERR_BAD_FILE_TYPE, "Unexpected CA value: %s", -+ cA); -+ goto cleanup; -+ } -+ -+cleanup: -+ asn1_delete_structure (&basicasn); -+ return err; -+} -+ -+ -+/* -+ * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension -+ * -+ * Extension ::= SEQUENCE { -+ * extnID OBJECT IDENTIFIER, -+ * critical BOOLEAN DEFAULT FALSE, -+ * extnValue OCTET STRING -+ * -- contains the DER encoding of an ASN.1 value -+ * -- corresponding to the extension type identified -+ * -- by extnID -+ * } -+ * -+ * We require that a certificate: -+ * - contain the Digital Signature usage only -+ * - not be a CA -+ * - MUST not contain any other critical extensions (RFC 5280 s 4.2) -+ */ -+static grub_err_t -+verify_extensions (asn1_node cert) -+{ -+ int result; -+ int ext, num_extensions = 0; -+ int usage_present = 0, constraints_present = 0; -+ char *oid_path, *critical_path, *value_path; -+ char extnID[MAX_OID_LEN]; -+ int extnID_size; -+ grub_err_t err; -+ char critical[6]; /* we get either "TRUE" or "FALSE" */ -+ int critical_size; -+ grub_uint8_t *value; -+ int value_size; -+ -+ result = -+ asn1_number_of_elements (cert, "tbsCertificate.extensions", -+ &num_extensions); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error counting number of extensions: %s", -+ asn1_strerror (result)); -+ } -+ -+ if (num_extensions < 2) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Insufficient number of extensions for certificate, need at least 2, got %d", -+ num_extensions); -+ } -+ -+ for (ext = 1; ext <= num_extensions; ext++) -+ { -+ oid_path = grub_xasprintf ("tbsCertificate.extensions.?%d.extnID", ext); -+ -+ extnID_size = sizeof (extnID); -+ result = asn1_read_value (cert, oid_path, extnID, &extnID_size); -+ if (result != GRUB_ERR_NONE) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading extension OID: %s", -+ asn1_strerror (result)); -+ goto cleanup_oid_path; -+ } -+ -+ critical_path = -+ grub_xasprintf ("tbsCertificate.extensions.?%d.critical", ext); -+ critical_size = sizeof (critical); -+ result = -+ asn1_read_value (cert, critical_path, critical, &critical_size); -+ if (result == ASN1_ELEMENT_NOT_FOUND) -+ { -+ critical[0] = '\0'; -+ } -+ else if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading extension criticality: %s", -+ asn1_strerror (result)); -+ goto cleanup_critical_path; -+ } -+ -+ value_path = -+ grub_xasprintf ("tbsCertificate.extensions.?%d.extnValue", ext); -+ value = -+ grub_asn1_allocate_and_read (cert, value_path, -+ "certificate extension value", -+ &value_size); -+ if (!value) -+ { -+ err = grub_errno; -+ goto cleanup_value_path; -+ } -+ -+ /* -+ * Now we must see if we recognise the OID. -+ * If we have an unrecognised critical extension we MUST bail. -+ */ -+ if (grub_strncmp (keyUsage_oid, extnID, extnID_size) == 0) -+ { -+ err = verify_key_usage (value, value_size); -+ if (err != GRUB_ERR_NONE) -+ { -+ goto cleanup_value; -+ } -+ usage_present++; -+ } -+ else if (grub_strncmp (basicConstraints_oid, extnID, extnID_size) == 0) -+ { -+ err = verify_basic_constraints (value, value_size); -+ if (err != GRUB_ERR_NONE) -+ { -+ goto cleanup_value; -+ } -+ constraints_present++; -+ } -+ else if (grub_strncmp ("TRUE", critical, critical_size) == 0) -+ { -+ /* -+ * per the RFC, we must not process a certificate with -+ * a critical extension we do not understand. -+ */ -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unhandled critical x509 extension with OID %s", -+ extnID); -+ goto cleanup_value; -+ } -+ -+ grub_free (value); -+ grub_free (value_path); -+ grub_free (critical_path); -+ grub_free (oid_path); -+ } -+ -+ if (usage_present != 1) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unexpected number of Key Usage extensions - expected 1, got %d", -+ usage_present); -+ } -+ if (constraints_present != 1) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unexpected number of basic constraints extensions - expected 1, got %d", -+ constraints_present); -+ } -+ return GRUB_ERR_NONE; -+ -+cleanup_value: -+ grub_free (value); -+cleanup_value_path: -+ grub_free (value_path); -+cleanup_critical_path: -+ grub_free (critical_path); -+cleanup_oid_path: -+ grub_free (oid_path); -+ return err; -+} -+ -+/* -+ * Parse a certificate whose DER-encoded form is in @data, of size @data_size. -+ * Return the results in @results, which must point to an allocated x509 certificate. -+ */ -+grub_err_t -+certificate_import (void *data, grub_size_t data_size, -+ struct x509_certificate *results) -+{ -+ int result = 0; -+ asn1_node cert; -+ grub_err_t err; -+ int size; -+ int tmp_size; -+ -+ if (data_size > GRUB_INT_MAX) -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, -+ "Cannot parse a certificate where data size > INT_MAX"); -+ size = (int) data_size; -+ -+ result = asn1_create_element (_gnutls_pkix_asn, "PKIX1.Certificate", &cert); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for certificate: %s", -+ asn1_strerror (result)); -+ } -+ -+ result = asn1_der_decoding2 (&cert, data, &size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Could not parse DER for certificate: %s", asn1_error); -+ goto cleanup; -+ } -+ -+ /* -+ * TBSCertificate ::= SEQUENCE { -+ * version [0] EXPLICIT Version DEFAULT v1 -+ */ -+ err = check_version (cert); -+ if (err != GRUB_ERR_NONE) -+ { -+ goto cleanup; -+ } -+ -+ /* -+ * serialNumber CertificateSerialNumber, -+ * -+ * CertificateSerialNumber ::= INTEGER -+ */ -+ results->serial = -+ grub_asn1_allocate_and_read (cert, "tbsCertificate.serialNumber", -+ "certificate serial number", &tmp_size); -+ if (!results->serial) -+ { -+ err = grub_errno; -+ goto cleanup; -+ } -+ /* -+ * It's safe to cast the signed int to an unsigned here, we know -+ * length is non-negative -+ */ -+ results->serial_len = tmp_size; -+ -+ /* -+ * signature AlgorithmIdentifier, -+ * -+ * We don't load the signature or issuer at the moment, -+ * as we don't attempt x509 verification. -+ */ -+ -+ /* -+ * issuer Name, -+ * -+ * The RFC only requires the serial number to be unique within -+ * issuers, so to avoid ambiguity we _technically_ ought to make -+ * this available. -+ */ -+ -+ /* -+ * validity Validity, -+ * -+ * Validity ::= SEQUENCE { -+ * notBefore Time, -+ * notAfter Time } -+ * -+ * We can't validate this reasonably, we have no true time source on several -+ * platforms. For now we do not parse them. -+ */ -+ -+ /* -+ * subject Name, -+ * -+ * This is an X501 name, we parse out just the CN. -+ */ -+ err = -+ read_name (cert, "tbsCertificate.subject", &results->subject, -+ &results->subject_len); -+ if (err != GRUB_ERR_NONE) -+ goto cleanup_serial; -+ -+ /* -+ * TBSCertificate ::= SEQUENCE { -+ * ... -+ * subjectPublicKeyInfo SubjectPublicKeyInfo, -+ * ... -+ */ -+ err = grub_x509_read_subject_public_key (cert, results); -+ if (err != GRUB_ERR_NONE) -+ goto cleanup_name; -+ -+ /* -+ * TBSCertificate ::= SEQUENCE { -+ * ... -+ * extensions [3] EXPLICIT Extensions OPTIONAL -+ * -- If present, version MUST be v3 -+ * } -+ */ -+ -+ err = verify_extensions (cert); -+ if (err != GRUB_ERR_NONE) -+ goto cleanup_name; -+ -+ -+ /* -+ * We do not read or check the signature on the certificate: -+ * as discussed we do not try to validate the certificate but trust -+ * it implictly. -+ */ -+ -+ asn1_delete_structure (&cert); -+ return GRUB_ERR_NONE; -+ -+ -+cleanup_name: -+ grub_free (results->subject); -+cleanup_serial: -+ grub_free (results->serial); -+cleanup: -+ asn1_delete_structure (&cert); -+ return err; -+} -+ -+/* -+ * Release all the storage associated with the x509 certificate. -+ * If the caller dynamically allocated the certificate, it must free it. -+ * The caller is also responsible for maintenance of the linked list. -+ */ -+void -+certificate_release (struct x509_certificate *cert) -+{ -+ grub_free (cert->subject); -+ grub_free (cert->serial); -+ gcry_mpi_release (cert->mpis[0]); -+ gcry_mpi_release (cert->mpis[1]); -+} -diff --git a/grub-core/commands/appendedsig/appendedsig.h b/grub-core/commands/appendedsig/appendedsig.h -new file mode 100644 -index 00000000000..9792ef3901e ---- /dev/null -+++ b/grub-core/commands/appendedsig/appendedsig.h -@@ -0,0 +1,110 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+ -+extern asn1_node _gnutls_gnutls_asn; -+extern asn1_node _gnutls_pkix_asn; -+ -+#define MAX_OID_LEN 32 -+ -+/* -+ * One or more x509 certificates. -+ * -+ * We do limited parsing: extracting only the serial, CN and RSA public key. -+ */ -+struct x509_certificate -+{ -+ struct x509_certificate *next; -+ -+ grub_uint8_t *serial; -+ grub_size_t serial_len; -+ -+ char *subject; -+ grub_size_t subject_len; -+ -+ /* We only support RSA public keys. This encodes [modulus, publicExponent] */ -+ gcry_mpi_t mpis[2]; -+}; -+ -+/* -+ * A PKCS#7 signedData message. -+ * -+ * We make no attempt to match intelligently, so we don't save any info about -+ * the signer. We also support only 1 signerInfo, so we only store a single -+ * MPI for the signature. -+ */ -+struct pkcs7_signedData -+{ -+ const gcry_md_spec_t *hash; -+ gcry_mpi_t sig_mpi; -+}; -+ -+ -+/* Do libtasn1 init */ -+int asn1_init (void); -+ -+/* -+ * Import a DER-encoded certificate at 'data', of size 'size'. -+ * -+ * Place the results into 'results', which must be already allocated. -+ */ -+grub_err_t -+certificate_import (void *data, grub_size_t size, -+ struct x509_certificate *results); -+ -+/* -+ * Release all the storage associated with the x509 certificate. -+ * If the caller dynamically allocated the certificate, it must free it. -+ * The caller is also responsible for maintenance of the linked list. -+ */ -+void certificate_release (struct x509_certificate *cert); -+ -+/* -+ * Parse a PKCS#7 message, which must be a signedData message. -+ * -+ * The message must be in 'sigbuf' and of size 'data_size'. The result is -+ * placed in 'msg', which must already be allocated. -+ */ -+grub_err_t -+parse_pkcs7_signedData (void *sigbuf, grub_size_t data_size, -+ struct pkcs7_signedData *msg); -+ -+/* -+ * Release all the storage associated with the PKCS#7 message. -+ * If the caller dynamically allocated the message, it must free it. -+ */ -+void pkcs7_signedData_release (struct pkcs7_signedData *msg); -+ -+/* -+ * Read a value from an ASN1 node, allocating memory to store it. -+ * -+ * It will work for anything where the size libtasn1 returns is right: -+ * - Integers -+ * - Octet strings -+ * - DER encoding of other structures -+ * It will _not_ work for things where libtasn1 size requires adjustment: -+ * - Strings that require an extra NULL byte at the end -+ * - Bit strings because libtasn1 returns the length in bits, not bytes. -+ * -+ * If the function returns a non-NULL value, the caller must free it. -+ */ -+void *grub_asn1_allocate_and_read (asn1_node node, const char *name, -+ const char *friendly_name, -+ int *content_size); diff --git a/0177-appended-signatures-support-verifying-appended-signa.patch b/0177-appended-signatures-support-verifying-appended-signa.patch deleted file mode 100644 index 262efc0df50b414f27662b970c6bf841e2259e54..0000000000000000000000000000000000000000 --- a/0177-appended-signatures-support-verifying-appended-signa.patch +++ /dev/null @@ -1,716 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 30 Jul 2020 01:35:43 +1000 -Subject: [PATCH] appended signatures: support verifying appended signatures - -Building on the parsers and the ability to embed x509 certificates, as -well as the existing gcrypt functionality, add a module for verifying -appended signatures. - -This includes a verifier that requires that Linux kernels and grub modules -have appended signatures, and commands to manage the list of trusted -certificates for verification. - -Verification must be enabled by setting check_appended_signatures. If -GRUB is locked down when the module is loaded, verification will be -enabled and locked automatically. - -As with the PGP verifier, it is not a complete secure-boot solution: -other mechanisms, such as a password or lockdown, must be used to ensure -that a user cannot drop to the grub shell and disable verification. - -Signed-off-by: Daniel Axtens ---- - grub-core/Makefile.core.def | 12 + - grub-core/commands/appendedsig/appendedsig.c | 645 +++++++++++++++++++++++++++ - include/grub/file.h | 2 + - 3 files changed, 659 insertions(+) - create mode 100644 grub-core/commands/appendedsig/appendedsig.c - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index b4aaccf7b57..77321d218c8 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -980,6 +980,18 @@ module = { - cppflags = '-I$(srcdir)/lib/posix_wrap'; - }; - -+module = { -+ name = appendedsig; -+ common = commands/appendedsig/appendedsig.c; -+ common = commands/appendedsig/x509.c; -+ common = commands/appendedsig/pkcs7.c; -+ common = commands/appendedsig/asn1util.c; -+ common = commands/appendedsig/gnutls_asn1_tab.c; -+ common = commands/appendedsig/pkix_asn1_tab.c; -+ cflags = '$(CFLAGS_POSIX)'; -+ cppflags = '-I$(srcdir)/lib/posix_wrap'; -+}; -+ - module = { - name = hdparm; - common = commands/hdparm.c; -diff --git a/grub-core/commands/appendedsig/appendedsig.c b/grub-core/commands/appendedsig/appendedsig.c -new file mode 100644 -index 00000000000..dc294cd339e ---- /dev/null -+++ b/grub-core/commands/appendedsig/appendedsig.c -@@ -0,0 +1,645 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020-2021 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "appendedsig.h" -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+const char magic[] = "~Module signature appended~\n"; -+ -+/* -+ * This structure is extracted from scripts/sign-file.c in the linux kernel -+ * source. It was licensed as LGPLv2.1+, which is GPLv3+ compatible. -+ */ -+struct module_signature -+{ -+ grub_uint8_t algo; /* Public-key crypto algorithm [0] */ -+ grub_uint8_t hash; /* Digest algorithm [0] */ -+ grub_uint8_t id_type; /* Key identifier type [PKEY_ID_PKCS7] */ -+ grub_uint8_t signer_len; /* Length of signer's name [0] */ -+ grub_uint8_t key_id_len; /* Length of key identifier [0] */ -+ grub_uint8_t __pad[3]; -+ grub_uint32_t sig_len; /* Length of signature data */ -+} GRUB_PACKED; -+ -+ -+/* This represents an entire, parsed, appended signature */ -+struct grub_appended_signature -+{ -+ grub_size_t signature_len; /* Length of PKCS#7 data + -+ * metadata + magic */ -+ -+ struct module_signature sig_metadata; /* Module signature metadata */ -+ struct pkcs7_signedData pkcs7; /* Parsed PKCS#7 data */ -+}; -+ -+/* Trusted certificates for verifying appended signatures */ -+struct x509_certificate *grub_trusted_key; -+ -+/* -+ * Force gcry_rsa to be a module dependency. -+ * -+ * If we use grub_crypto_pk_rsa, then then the gcry_rsa module won't be built -+ * in if you add 'appendedsig' to grub-install --modules. You would need to -+ * add 'gcry_rsa' too. That's confusing and seems suboptimal, especially when -+ * we only support RSA. -+ * -+ * Dynamic loading also causes some concerns. We can't load gcry_rsa from the -+ * the filesystem after we install the verifier - we won't be able to verify -+ * it without having it already present. We also shouldn't load it before we -+ * install the verifier, because that would mean it wouldn't be verified - an -+ * attacker could insert any code they wanted into the module. -+ * -+ * So instead, reference the internal symbol from gcry_rsa. That creates a -+ * direct dependency on gcry_rsa, so it will be built in when this module -+ * is built in. Being built in (assuming the core image is itself signed!) -+ * also resolves our concerns about loading from the filesystem. -+ */ -+extern gcry_pk_spec_t _gcry_pubkey_spec_rsa; -+ -+static int check_sigs = 0; -+ -+static const char * -+grub_env_read_sec (struct grub_env_var *var __attribute__ ((unused)), -+ const char *val __attribute__ ((unused))) -+{ -+ if (check_sigs == 2) -+ return "forced"; -+ else if (check_sigs == 1) -+ return "enforce"; -+ else -+ return "no"; -+} -+ -+static char * -+grub_env_write_sec (struct grub_env_var *var __attribute__((unused)), -+ const char *val) -+{ -+ /* Do not allow the value to be changed if set to forced */ -+ if (check_sigs == 2) -+ return grub_strdup ("forced"); -+ -+ if ((*val == '2') || (*val == 'f')) -+ check_sigs = 2; -+ else if ((*val == '1') || (*val == 'e')) -+ check_sigs = 1; -+ else if ((*val == '0') || (*val == 'n')) -+ check_sigs = 0; -+ -+ return grub_strdup (grub_env_read_sec (NULL, NULL)); -+} -+ -+static grub_err_t -+read_cert_from_file (grub_file_t f, struct x509_certificate *certificate) -+{ -+ grub_err_t err; -+ grub_uint8_t *buf = NULL; -+ grub_ssize_t read_size; -+ grub_off_t total_read_size = 0; -+ grub_off_t file_size = grub_file_size (f); -+ -+ -+ if (file_size == GRUB_FILE_SIZE_UNKNOWN) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, -+ N_("Cannot parse a certificate file of unknown size")); -+ -+ buf = grub_zalloc (file_size); -+ if (!buf) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ N_("Could not allocate buffer for certificate file contents")); -+ -+ while (total_read_size < file_size) -+ { -+ read_size = -+ grub_file_read (f, &buf[total_read_size], -+ file_size - total_read_size); -+ if (read_size < 0) -+ { -+ err = grub_error (GRUB_ERR_READ_ERROR, -+ N_("Error reading certificate file")); -+ goto cleanup_buf; -+ } -+ total_read_size += read_size; -+ } -+ -+ err = certificate_import (buf, total_read_size, certificate); -+ if (err != GRUB_ERR_NONE) -+ goto cleanup_buf; -+ -+ return GRUB_ERR_NONE; -+ -+cleanup_buf: -+ grub_free (buf); -+ return err; -+} -+ -+static grub_err_t -+extract_appended_signature (grub_uint8_t * buf, grub_size_t bufsize, -+ struct grub_appended_signature *sig) -+{ -+ grub_err_t err; -+ grub_size_t pkcs7_size; -+ grub_size_t remaining_len; -+ grub_uint8_t *appsigdata = buf + bufsize - grub_strlen (magic); -+ -+ if (bufsize < grub_strlen (magic)) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("File too short for signature magic")); -+ -+ if (grub_memcmp (appsigdata, (grub_uint8_t *) magic, grub_strlen (magic))) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("Missing or invalid signature magic")); -+ -+ remaining_len = bufsize - grub_strlen (magic); -+ -+ if (remaining_len < sizeof (struct module_signature)) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("File too short for signature metadata")); -+ -+ appsigdata -= sizeof (struct module_signature); -+ -+ /* extract the metadata */ -+ grub_memcpy (&(sig->sig_metadata), appsigdata, -+ sizeof (struct module_signature)); -+ -+ remaining_len -= sizeof (struct module_signature); -+ -+ if (sig->sig_metadata.id_type != 2) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("Wrong signature type")); -+ -+#ifdef GRUB_TARGET_WORDS_BIGENDIAN -+ pkcs7_size = sig->sig_metadata.sig_len; -+#else -+ pkcs7_size = __builtin_bswap32 (sig->sig_metadata.sig_len); -+#endif -+ -+ if (pkcs7_size > remaining_len) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("File too short for PKCS#7 message")); -+ -+ grub_dprintf ("appendedsig", "sig len %" PRIuGRUB_SIZE "\n", pkcs7_size); -+ -+ sig->signature_len = -+ grub_strlen (magic) + sizeof (struct module_signature) + pkcs7_size; -+ -+ /* rewind pointer and parse pkcs7 data */ -+ appsigdata -= pkcs7_size; -+ -+ err = parse_pkcs7_signedData (appsigdata, pkcs7_size, &sig->pkcs7); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_verify_appended_signature (grub_uint8_t * buf, grub_size_t bufsize) -+{ -+ grub_err_t err = GRUB_ERR_NONE; -+ grub_size_t datasize; -+ void *context; -+ unsigned char *hash; -+ gcry_mpi_t hashmpi; -+ gcry_err_code_t rc; -+ struct x509_certificate *pk; -+ struct grub_appended_signature sig; -+ -+ if (!grub_trusted_key) -+ return grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("No trusted keys to verify against")); -+ -+ err = extract_appended_signature (buf, bufsize, &sig); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ -+ datasize = bufsize - sig.signature_len; -+ -+ context = grub_zalloc (sig.pkcs7.hash->contextsize); -+ if (!context) -+ return grub_errno; -+ -+ sig.pkcs7.hash->init (context); -+ sig.pkcs7.hash->write (context, buf, datasize); -+ sig.pkcs7.hash->final (context); -+ hash = sig.pkcs7.hash->read (context); -+ grub_dprintf ("appendedsig", -+ "data size %" PRIxGRUB_SIZE ", hash %02x%02x%02x%02x...\n", -+ datasize, hash[0], hash[1], hash[2], hash[3]); -+ -+ err = GRUB_ERR_BAD_SIGNATURE; -+ for (pk = grub_trusted_key; pk; pk = pk->next) -+ { -+ rc = grub_crypto_rsa_pad (&hashmpi, hash, sig.pkcs7.hash, pk->mpis[0]); -+ if (rc) -+ { -+ err = grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("Error padding hash for RSA verification: %d"), -+ rc); -+ goto cleanup; -+ } -+ -+ rc = _gcry_pubkey_spec_rsa.verify (0, hashmpi, &sig.pkcs7.sig_mpi, -+ pk->mpis, NULL, NULL); -+ gcry_mpi_release (hashmpi); -+ -+ if (rc == 0) -+ { -+ grub_dprintf ("appendedsig", "verify with key '%s' succeeded\n", -+ pk->subject); -+ err = GRUB_ERR_NONE; -+ break; -+ } -+ -+ grub_dprintf ("appendedsig", "verify with key '%s' failed with %d\n", -+ pk->subject, rc); -+ } -+ -+ /* If we didn't verify, provide a neat message */ -+ if (err != GRUB_ERR_NONE) -+ err = grub_error (GRUB_ERR_BAD_SIGNATURE, -+ N_("Failed to verify signature against a trusted key")); -+ -+cleanup: -+ grub_free (context); -+ pkcs7_signedData_release (&sig.pkcs7); -+ -+ return err; -+} -+ -+static grub_err_t -+grub_cmd_verify_signature (grub_command_t cmd __attribute__((unused)), -+ int argc, char **args) -+{ -+ grub_file_t f; -+ grub_err_t err = GRUB_ERR_NONE; -+ grub_uint8_t *data; -+ grub_ssize_t read_size; -+ grub_off_t file_size, total_read_size = 0; -+ -+ if (argc < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected")); -+ -+ grub_dprintf ("appendedsig", "verifying %s\n", args[0]); -+ -+ f = grub_file_open (args[0], GRUB_FILE_TYPE_VERIFY_SIGNATURE); -+ if (!f) -+ { -+ err = grub_errno; -+ goto cleanup; -+ } -+ -+ file_size = grub_file_size (f); -+ if (file_size == GRUB_FILE_SIZE_UNKNOWN) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, -+ N_("Cannot verify the signature of a file of unknown size")); -+ -+ data = grub_malloc (file_size); -+ if (!data) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ N_("Could not allocate data buffer size " -+ PRIuGRUB_UINT64_T " for verification"), file_size); -+ -+ while (total_read_size < file_size) -+ { -+ read_size = -+ grub_file_read (f, &data[total_read_size], -+ file_size - total_read_size); -+ if (read_size < 0) -+ { -+ err = grub_error (GRUB_ERR_READ_ERROR, -+ N_("Error reading file to verify")); -+ goto cleanup_data; -+ } -+ total_read_size += read_size; -+ } -+ -+ err = grub_verify_appended_signature (data, file_size); -+ -+cleanup_data: -+ grub_free (data); -+cleanup: -+ if (f) -+ grub_file_close (f); -+ return err; -+} -+ -+static grub_err_t -+grub_cmd_distrust (grub_command_t cmd __attribute__((unused)), -+ int argc, char **args) -+{ -+ unsigned long cert_num, i; -+ struct x509_certificate *cert, *prev; -+ -+ if (argc != 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("One argument expected")); -+ -+ grub_errno = GRUB_ERR_NONE; -+ cert_num = grub_strtoul (args[0], NULL, 10); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; -+ -+ if (cert_num < 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, -+ N_("Certificate number too small - numbers start at 1")); -+ -+ if (cert_num == 1) -+ { -+ cert = grub_trusted_key; -+ grub_trusted_key = cert->next; -+ -+ certificate_release (cert); -+ grub_free (cert); -+ return GRUB_ERR_NONE; -+ } -+ i = 2; -+ prev = grub_trusted_key; -+ cert = grub_trusted_key->next; -+ while (cert) -+ { -+ if (i == cert_num) -+ { -+ prev->next = cert->next; -+ certificate_release (cert); -+ grub_free (cert); -+ return GRUB_ERR_NONE; -+ } -+ i++; -+ prev = cert; -+ cert = cert->next; -+ } -+ -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, -+ N_("No certificate number %d found - only %d certificates in the store"), -+ cert_num, i - 1); -+} -+ -+static grub_err_t -+grub_cmd_trust (grub_command_t cmd __attribute__((unused)), -+ int argc, char **args) -+{ -+ grub_file_t certf; -+ struct x509_certificate *cert = NULL; -+ grub_err_t err; -+ -+ if (argc != 1) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected")); -+ -+ certf = grub_file_open (args[0], -+ GRUB_FILE_TYPE_CERTIFICATE_TRUST -+ | GRUB_FILE_TYPE_NO_DECOMPRESS); -+ if (!certf) -+ return grub_errno; -+ -+ -+ cert = grub_zalloc (sizeof (struct x509_certificate)); -+ if (!cert) -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ N_("Could not allocate memory for certificate")); -+ -+ err = read_cert_from_file (certf, cert); -+ grub_file_close (certf); -+ if (err != GRUB_ERR_NONE) -+ { -+ grub_free (cert); -+ return err; -+ } -+ grub_dprintf ("appendedsig", "Loaded certificate with CN: %s\n", -+ cert->subject); -+ -+ cert->next = grub_trusted_key; -+ grub_trusted_key = cert; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_cmd_list (grub_command_t cmd __attribute__((unused)), -+ int argc __attribute__((unused)), -+ char **args __attribute__((unused))) -+{ -+ struct x509_certificate *cert; -+ int cert_num = 1; -+ grub_size_t i; -+ -+ for (cert = grub_trusted_key; cert; cert = cert->next) -+ { -+ grub_printf (N_("Certificate %d:\n"), cert_num); -+ -+ grub_printf (N_("\tSerial: ")); -+ for (i = 0; i < cert->serial_len - 1; i++) -+ { -+ grub_printf ("%02x:", cert->serial[i]); -+ } -+ grub_printf ("%02x\n", cert->serial[cert->serial_len - 1]); -+ -+ grub_printf ("\tCN: %s\n\n", cert->subject); -+ cert_num++; -+ -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+appendedsig_init (grub_file_t io __attribute__((unused)), -+ enum grub_file_type type, -+ void **context __attribute__((unused)), -+ enum grub_verify_flags *flags) -+{ -+ if (!check_sigs) -+ { -+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; -+ return GRUB_ERR_NONE; -+ } -+ -+ switch (type & GRUB_FILE_TYPE_MASK) -+ { -+ case GRUB_FILE_TYPE_CERTIFICATE_TRUST: -+ /* -+ * This is a certificate to add to trusted keychain. -+ * -+ * This needs to be verified or blocked. Ideally we'd write an x509 -+ * verifier, but we lack the hubris required to take this on. Instead, -+ * require that it have an appended signature. -+ */ -+ -+ /* Fall through */ -+ -+ case GRUB_FILE_TYPE_LINUX_KERNEL: -+ case GRUB_FILE_TYPE_GRUB_MODULE: -+ /* -+ * Appended signatures are only defined for ELF binaries. -+ * Out of an abundance of caution, we only verify Linux kernels and -+ * GRUB modules at this point. -+ */ -+ *flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK; -+ return GRUB_ERR_NONE; -+ -+ case GRUB_FILE_TYPE_ACPI_TABLE: -+ case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE: -+ /* -+ * It is possible to use appended signature verification without -+ * lockdown - like the PGP verifier. When combined with an embedded -+ * config file in a signed grub binary, this could still be a meaningful -+ * secure-boot chain - so long as it isn't subverted by something like a -+ * rouge ACPI table or DT image. Defer them explicitly. -+ */ -+ *flags = GRUB_VERIFY_FLAGS_DEFER_AUTH; -+ return GRUB_ERR_NONE; -+ -+ default: -+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; -+ return GRUB_ERR_NONE; -+ } -+} -+ -+static grub_err_t -+appendedsig_write (void *ctxt __attribute__((unused)), -+ void *buf, grub_size_t size) -+{ -+ return grub_verify_appended_signature (buf, size); -+} -+ -+struct grub_file_verifier grub_appendedsig_verifier = { -+ .name = "appendedsig", -+ .init = appendedsig_init, -+ .write = appendedsig_write, -+}; -+ -+static grub_ssize_t -+pseudo_read (struct grub_file *file, char *buf, grub_size_t len) -+{ -+ grub_memcpy (buf, (grub_uint8_t *) file->data + file->offset, len); -+ return len; -+} -+ -+/* Filesystem descriptor. */ -+static struct grub_fs pseudo_fs = { -+ .name = "pseudo", -+ .fs_read = pseudo_read -+}; -+ -+static grub_command_t cmd_verify, cmd_list, cmd_distrust, cmd_trust; -+ -+GRUB_MOD_INIT (appendedsig) -+{ -+ int rc; -+ struct grub_module_header *header; -+ -+ /* If in lockdown, immediately enter forced mode */ -+ if (grub_is_lockdown () == GRUB_LOCKDOWN_ENABLED) -+ check_sigs = 2; -+ -+ grub_trusted_key = NULL; -+ -+ grub_register_variable_hook ("check_appended_signatures", -+ grub_env_read_sec, -+ grub_env_write_sec); -+ grub_env_export ("check_appended_signatures"); -+ -+ rc = asn1_init (); -+ if (rc) -+ grub_fatal ("Error initing ASN.1 data structures: %d: %s\n", rc, -+ asn1_strerror (rc)); -+ -+ FOR_MODULES (header) -+ { -+ struct grub_file pseudo_file; -+ struct x509_certificate *pk = NULL; -+ grub_err_t err; -+ -+ /* Not an ELF module, skip. */ -+ if (header->type != OBJ_TYPE_X509_PUBKEY) -+ continue; -+ -+ grub_memset (&pseudo_file, 0, sizeof (pseudo_file)); -+ pseudo_file.fs = &pseudo_fs; -+ pseudo_file.size = header->size - sizeof (struct grub_module_header); -+ pseudo_file.data = (char *) header + sizeof (struct grub_module_header); -+ -+ grub_dprintf ("appendedsig", -+ "Found an x509 key, size=%" PRIuGRUB_UINT64_T "\n", -+ pseudo_file.size); -+ -+ pk = grub_zalloc (sizeof (struct x509_certificate)); -+ if (!pk) -+ { -+ grub_fatal ("Out of memory loading initial certificates"); -+ } -+ -+ err = read_cert_from_file (&pseudo_file, pk); -+ if (err != GRUB_ERR_NONE) -+ grub_fatal ("Error loading initial key: %s", grub_errmsg); -+ -+ grub_dprintf ("appendedsig", "loaded certificate CN='%s'\n", pk->subject); -+ -+ pk->next = grub_trusted_key; -+ grub_trusted_key = pk; -+ } -+ -+ cmd_trust = -+ grub_register_command ("trust_certificate", grub_cmd_trust, -+ N_("X509_CERTIFICATE"), -+ N_("Add X509_CERTIFICATE to trusted certificates.")); -+ cmd_list = -+ grub_register_command ("list_certificates", grub_cmd_list, 0, -+ N_("Show the list of trusted x509 certificates.")); -+ cmd_verify = -+ grub_register_command ("verify_appended", grub_cmd_verify_signature, -+ N_("FILE"), -+ N_("Verify FILE against the trusted x509 certificates.")); -+ cmd_distrust = -+ grub_register_command ("distrust_certificate", grub_cmd_distrust, -+ N_("CERT_NUMBER"), -+ N_("Remove CERT_NUMBER (as listed by list_certificates) from trusted certificates.")); -+ -+ grub_verifier_register (&grub_appendedsig_verifier); -+ grub_dl_set_persistent (mod); -+} -+ -+GRUB_MOD_FINI (appendedsig) -+{ -+ /* -+ * grub_dl_set_persistent should prevent this from actually running, but -+ * it does still run under emu. -+ */ -+ -+ grub_verifier_unregister (&grub_appendedsig_verifier); -+ grub_unregister_command (cmd_verify); -+ grub_unregister_command (cmd_list); -+ grub_unregister_command (cmd_trust); -+ grub_unregister_command (cmd_distrust); -+} -diff --git a/include/grub/file.h b/include/grub/file.h -index 31567483ccf..96827a4f896 100644 ---- a/include/grub/file.h -+++ b/include/grub/file.h -@@ -80,6 +80,8 @@ enum grub_file_type - GRUB_FILE_TYPE_PUBLIC_KEY, - /* File holding public key to add to trused keys. */ - GRUB_FILE_TYPE_PUBLIC_KEY_TRUST, -+ /* File holding x509 certificiate to add to trusted keys. */ -+ GRUB_FILE_TYPE_CERTIFICATE_TRUST, - /* File of which we intend to print a blocklist to the user. */ - GRUB_FILE_TYPE_PRINT_BLOCKLIST, - /* File we intend to use for test loading or testing speed. */ diff --git a/0178-appended-signatures-verification-tests.patch b/0178-appended-signatures-verification-tests.patch deleted file mode 100644 index 9f6c3c62d250045d5d3ae9b7bfc175f6a90b205f..0000000000000000000000000000000000000000 --- a/0178-appended-signatures-verification-tests.patch +++ /dev/null @@ -1,897 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 30 Jul 2020 01:31:02 +1000 -Subject: [PATCH] appended signatures: verification tests - -These tests are run through all_functional_test and test a range -of commands and behaviours. - -Signed-off-by: Daniel Axtens ---- - grub-core/Makefile.core.def | 6 + - grub-core/tests/appended_signature_test.c | 281 +++++++++++++++ - grub-core/tests/lib/functional_test.c | 1 + - grub-core/tests/appended_signatures.h | 557 ++++++++++++++++++++++++++++++ - 4 files changed, 845 insertions(+) - create mode 100644 grub-core/tests/appended_signature_test.c - create mode 100644 grub-core/tests/appended_signatures.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 77321d218c8..6bddc841b85 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2161,6 +2161,12 @@ module = { - common = tests/setjmp_test.c; - }; - -+module = { -+ name = appended_signature_test; -+ common = tests/appended_signature_test.c; -+ common = tests/appended_signatures.h; -+}; -+ - module = { - name = signature_test; - common = tests/signature_test.c; -diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c -new file mode 100644 -index 00000000000..88a485200d8 ---- /dev/null -+++ b/grub-core/tests/appended_signature_test.c -@@ -0,0 +1,281 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2020 IBM Corporation. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "appended_signatures.h" -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+#define DEFINE_TEST_CASE(case_name) \ -+static char * \ -+get_ ## case_name (grub_size_t *sz) \ -+{ \ -+ char *ret; \ -+ *sz = case_name ## _len; \ -+ ret = grub_malloc (*sz); \ -+ if (ret) \ -+ grub_memcpy (ret, case_name, *sz); \ -+ return ret; \ -+} \ -+\ -+static struct grub_procfs_entry case_name ## _entry = \ -+{ \ -+ .name = #case_name, \ -+ .get_contents = get_ ## case_name \ -+} -+ -+#define DO_TEST(case_name, is_valid) \ -+{ \ -+ grub_procfs_register (#case_name, &case_name ## _entry); \ -+ do_verify ("(proc)/" #case_name, is_valid); \ -+ grub_procfs_unregister (&case_name ## _entry); \ -+} -+ -+ -+DEFINE_TEST_CASE (hi_signed); -+DEFINE_TEST_CASE (hi_signed_sha256); -+DEFINE_TEST_CASE (hj_signed); -+DEFINE_TEST_CASE (short_msg); -+DEFINE_TEST_CASE (unsigned_msg); -+DEFINE_TEST_CASE (hi_signed_2nd); -+ -+static char * -+get_certificate_der (grub_size_t * sz) -+{ -+ char *ret; -+ *sz = certificate_der_len; -+ ret = grub_malloc (*sz); -+ if (ret) -+ grub_memcpy (ret, certificate_der, *sz); -+ return ret; -+} -+ -+static struct grub_procfs_entry certificate_der_entry = { -+ .name = "certificate.der", -+ .get_contents = get_certificate_der -+}; -+ -+static char * -+get_certificate2_der (grub_size_t * sz) -+{ -+ char *ret; -+ *sz = certificate2_der_len; -+ ret = grub_malloc (*sz); -+ if (ret) -+ grub_memcpy (ret, certificate2_der, *sz); -+ return ret; -+} -+ -+static struct grub_procfs_entry certificate2_der_entry = { -+ .name = "certificate2.der", -+ .get_contents = get_certificate2_der -+}; -+ -+static char * -+get_certificate_printable_der (grub_size_t * sz) -+{ -+ char *ret; -+ *sz = certificate_printable_der_len; -+ ret = grub_malloc (*sz); -+ if (ret) -+ grub_memcpy (ret, certificate_printable_der, *sz); -+ return ret; -+} -+ -+static struct grub_procfs_entry certificate_printable_der_entry = { -+ .name = "certificate_printable.der", -+ .get_contents = get_certificate_printable_der -+}; -+ -+ -+static void -+do_verify (const char *f, int is_valid) -+{ -+ grub_command_t cmd; -+ char *args[] = { (char *) f, NULL }; -+ grub_err_t err; -+ -+ cmd = grub_command_find ("verify_appended"); -+ if (!cmd) -+ { -+ grub_test_assert (0, "can't find command `%s'", "verify_appended"); -+ return; -+ } -+ err = (cmd->func) (cmd, 1, args); -+ if (is_valid) -+ { -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "verification of %s failed: %d: %s", f, grub_errno, -+ grub_errmsg); -+ } -+ else -+ { -+ grub_test_assert (err == GRUB_ERR_BAD_SIGNATURE, -+ "verification of %s unexpectedly succeeded", f); -+ } -+ grub_errno = GRUB_ERR_NONE; -+ -+} -+ -+static void -+appended_signature_test (void) -+{ -+ grub_command_t cmd_trust, cmd_distrust; -+ char *trust_args[] = { (char *) "(proc)/certificate.der", NULL }; -+ char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL }; -+ char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der", -+ NULL }; -+ char *distrust_args[] = { (char *) "1", NULL }; -+ char *distrust2_args[] = { (char *) "2", NULL }; -+ grub_err_t err; -+ -+ grub_procfs_register ("certificate.der", &certificate_der_entry); -+ grub_procfs_register ("certificate2.der", &certificate2_der_entry); -+ grub_procfs_register ("certificate_printable.der", -+ &certificate_printable_der_entry); -+ -+ cmd_trust = grub_command_find ("trust_certificate"); -+ if (!cmd_trust) -+ { -+ grub_test_assert (0, "can't find command `%s'", "trust_certificate"); -+ return; -+ } -+ err = (cmd_trust->func) (cmd_trust, 1, trust_args); -+ -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "loading certificate failed: %d: %s", grub_errno, -+ grub_errmsg); -+ -+ /* If we have no certificate the remainder of the tests are meaningless */ -+ if (err != GRUB_ERR_NONE) -+ return; -+ -+ /* -+ * Reload the command: this works around some 'interesting' behaviour in the -+ * dynamic command dispatcher. The first time you call cmd->func you get a -+ * dispatcher that loads the module, finds the real cmd, calls it, and then -+ * releases some internal storage. This means it's not safe to call a second -+ * time and we need to reload it. -+ */ -+ cmd_trust = grub_command_find ("trust_certificate"); -+ -+ DO_TEST (hi_signed, 1); -+ DO_TEST (hi_signed_sha256, 1); -+ DO_TEST (hj_signed, 0); -+ DO_TEST (short_msg, 0); -+ DO_TEST (unsigned_msg, 0); -+ -+ /* -+ * in enforcing mode, we shouldn't be able to load a certificate that isn't -+ * signed by an existing trusted key. -+ * -+ * However, procfs files automatically skip the verification test, so we can't -+ * easily test this. -+ */ -+ -+ /* -+ * verify that testing with 2 trusted certs works -+ */ -+ DO_TEST (hi_signed_2nd, 0); -+ -+ err = (cmd_trust->func) (cmd_trust, 1, trust_args2); -+ -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "loading certificate 2 failed: %d: %s", grub_errno, -+ grub_errmsg); -+ -+ if (err != GRUB_ERR_NONE) -+ return; -+ -+ DO_TEST (hi_signed_2nd, 1); -+ DO_TEST (hi_signed, 1); -+ -+ /* -+ * Check certificate removal. They're added to the _top_ of the list and -+ * removed by position in the list. Current the list looks like [#2, #1]. -+ * -+ * First test removing the second certificate in the list, which is -+ * certificate #1, giving us just [#2]. -+ */ -+ cmd_distrust = grub_command_find ("distrust_certificate"); -+ if (!cmd_distrust) -+ { -+ grub_test_assert (0, "can't find command `%s'", "distrust_certificate"); -+ return; -+ } -+ -+ err = (cmd_distrust->func) (cmd_distrust, 1, distrust2_args); -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "distrusting certificate 1 failed: %d: %s", grub_errno, -+ grub_errmsg); -+ DO_TEST (hi_signed_2nd, 1); -+ DO_TEST (hi_signed, 0); -+ -+ /* -+ * Now reload certificate #1. This will make the list look like [#1, #2] -+ */ -+ err = (cmd_trust->func) (cmd_trust, 1, trust_args); -+ -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "reloading certificate 1 failed: %d: %s", grub_errno, -+ grub_errmsg); -+ DO_TEST (hi_signed, 1); -+ -+ /* Remove the first certificate in the list, giving us just [#2] */ -+ err = (cmd_distrust->func) (cmd_distrust, 1, distrust_args); -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "distrusting certificate 1 (first time) failed: %d: %s", -+ grub_errno, grub_errmsg); -+ DO_TEST (hi_signed_2nd, 1); -+ DO_TEST (hi_signed, 0); -+ -+ /* -+ * Remove the first certificate again, giving an empty list. -+ * -+ * verify_appended should fail if there are no certificates to verify against. -+ */ -+ err = (cmd_distrust->func) (cmd_distrust, 1, distrust_args); -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "distrusting certificate 1 (second time) failed: %d: %s", -+ grub_errno, grub_errmsg); -+ DO_TEST (hi_signed_2nd, 0); -+ -+ /* -+ * Lastly, check a certificate that uses printableString rather than -+ * utf8String loads properly. -+ */ -+ err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable); -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "distrusting printable certificate failed: %d: %s", -+ grub_errno, grub_errmsg); -+ -+ grub_procfs_unregister (&certificate_der_entry); -+ grub_procfs_unregister (&certificate2_der_entry); -+ grub_procfs_unregister (&certificate_printable_der_entry); -+} -+ -+GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test); -diff --git a/grub-core/tests/lib/functional_test.c b/grub-core/tests/lib/functional_test.c -index 96781fb39b5..403fa5c789a 100644 ---- a/grub-core/tests/lib/functional_test.c -+++ b/grub-core/tests/lib/functional_test.c -@@ -73,6 +73,7 @@ grub_functional_all_tests (grub_extcmd_context_t ctxt __attribute__ ((unused)), - grub_dl_load ("xnu_uuid_test"); - grub_dl_load ("pbkdf2_test"); - grub_dl_load ("signature_test"); -+ grub_dl_load ("appended_signature_test"); - grub_dl_load ("sleep_test"); - grub_dl_load ("bswap_test"); - grub_dl_load ("ctz_test"); -diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h -new file mode 100644 -index 00000000000..aa3dc6278e3 ---- /dev/null -+++ b/grub-core/tests/appended_signatures.h -@@ -0,0 +1,557 @@ -+unsigned char certificate_der[] = { -+ 0x30, 0x82, 0x03, 0x88, 0x30, 0x82, 0x02, 0x70, 0xa0, 0x03, 0x02, 0x01, -+ 0x02, 0x02, 0x14, 0x25, 0x2e, 0xb8, 0xfd, 0x12, 0x62, 0x2e, 0xcd, 0x5d, -+ 0xa7, 0x53, 0xd2, 0x0b, 0xc2, 0x61, 0x7c, 0x14, 0xe0, 0x0f, 0x5c, 0x30, -+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, -+ 0x05, 0x00, 0x30, 0x49, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, -+ 0x03, 0x0c, 0x1f, 0x47, 0x72, 0x75, 0x62, 0x20, 0x41, 0x70, 0x70, 0x65, -+ 0x6e, 0x64, 0x65, 0x64, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, -+ 0x72, 0x65, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1d, -+ 0x30, 0x1b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, -+ 0x01, 0x16, 0x0e, 0x64, 0x6a, 0x61, 0x40, 0x61, 0x78, 0x74, 0x65, 0x6e, -+ 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x30, 0x30, -+ 0x37, 0x30, 0x39, 0x30, 0x36, 0x32, 0x32, 0x30, 0x37, 0x5a, 0x18, 0x0f, -+ 0x32, 0x31, 0x32, 0x30, 0x30, 0x36, 0x31, 0x35, 0x30, 0x36, 0x32, 0x32, -+ 0x30, 0x37, 0x5a, 0x30, 0x52, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, -+ 0x04, 0x03, 0x0c, 0x28, 0x47, 0x72, 0x75, 0x62, 0x20, 0x41, 0x70, 0x70, -+ 0x65, 0x6e, 0x64, 0x65, 0x64, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, -+ 0x75, 0x72, 0x65, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x69, 0x67, -+ 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x4b, 0x65, 0x79, 0x31, 0x1d, 0x30, 0x1b, -+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, -+ 0x0e, 0x64, 0x6a, 0x61, 0x40, 0x61, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x2e, -+ 0x6e, 0x65, 0x74, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, -+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, -+ 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, -+ 0xcd, 0xe8, 0x1c, 0x08, 0x68, 0x2e, 0xcb, 0xfe, 0x8c, 0x4b, 0x3b, 0x61, -+ 0xe7, 0x8e, 0x80, 0x58, 0x85, 0x85, 0xea, 0xc8, 0x3b, 0x42, 0xba, 0x72, -+ 0x84, 0x65, 0x20, 0xbc, 0x48, 0xa2, 0x25, 0x49, 0x6e, 0x1c, 0xb9, 0x7d, -+ 0xeb, 0xc1, 0x0c, 0xa8, 0xb7, 0xcc, 0x13, 0x78, 0xba, 0x11, 0xa4, 0x98, -+ 0xd7, 0xd0, 0x7c, 0xdd, 0xf5, 0x5a, 0xb7, 0xcd, 0x31, 0x0e, 0xcd, 0x9e, -+ 0xa7, 0x19, 0xf0, 0xbd, 0x0f, 0xa6, 0xfe, 0x8a, 0x11, 0x97, 0xed, 0x8b, -+ 0xe5, 0x16, 0xa6, 0x21, 0x13, 0x36, 0xad, 0x05, 0x49, 0xec, 0x29, 0x12, -+ 0x38, 0xa7, 0x4b, 0x0f, 0xa1, 0xfb, 0x72, 0xc0, 0xc0, 0x09, 0x67, 0x78, -+ 0xa8, 0xb6, 0xd6, 0x1a, 0x39, 0xc0, 0xa8, 0xbf, 0x5f, 0x14, 0x89, 0x5c, -+ 0xbc, 0x41, 0x0c, 0x0c, 0x5d, 0x42, 0x2e, 0x1c, 0xdf, 0x1f, 0x1d, 0xc9, -+ 0x43, 0x94, 0x5b, 0x6e, 0x8f, 0x15, 0x8c, 0x8f, 0x94, 0x73, 0x4f, 0x97, -+ 0x54, 0xf1, 0x86, 0x8a, 0xbc, 0xe4, 0xe4, 0x93, 0xc1, 0x5e, 0xc2, 0x3e, -+ 0x31, 0x5e, 0xd4, 0x85, 0x57, 0x14, 0xd0, 0x11, 0x07, 0x65, 0xf4, 0x7c, -+ 0x8f, 0x07, 0x57, 0xe1, 0x22, 0xd4, 0x78, 0x47, 0x65, 0x4e, 0xa9, 0xb3, -+ 0xaa, 0xce, 0xc7, 0x36, 0xfe, 0xda, 0x66, 0x02, 0xb6, 0x8d, 0x18, 0x2f, -+ 0x3b, 0x41, 0x8d, 0x02, 0x08, 0x72, 0x4b, 0x69, 0xbd, 0x1e, 0x58, 0xfc, -+ 0x1b, 0x64, 0x04, 0x52, 0x35, 0x35, 0xe2, 0x3d, 0x3e, 0xde, 0xd6, 0x64, -+ 0xf4, 0xec, 0x57, 0x7e, 0x65, 0x59, 0x00, 0xa6, 0xd3, 0x4b, 0x09, 0x93, -+ 0x2a, 0x95, 0x0f, 0x30, 0xb6, 0xa1, 0x8c, 0xe7, 0x8b, 0x49, 0xa4, 0x1d, -+ 0x25, 0x2d, 0x65, 0x48, 0x8a, 0x0f, 0xcf, 0x2a, 0xa2, 0xe1, 0xef, 0x72, -+ 0x92, 0xc3, 0xf5, 0x21, 0x37, 0x83, 0x9b, 0x6d, 0x0b, 0x1b, 0xb3, 0xa2, -+ 0x32, 0x38, 0x11, 0xb1, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x5d, 0x30, -+ 0x5b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, -+ 0x02, 0x30, 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, -+ 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, -+ 0x16, 0x04, 0x14, 0xe5, 0x2a, 0x4f, 0xf2, 0x84, 0x91, 0x57, 0x91, 0xaf, -+ 0x12, 0xd2, 0xf1, 0xa1, 0x87, 0x73, 0x0f, 0x90, 0x25, 0xa0, 0x7a, 0x30, -+ 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, -+ 0x56, 0xd1, 0xfd, 0xe2, 0x1e, 0x7e, 0x1c, 0x63, 0x4f, 0x47, 0xdb, 0xe4, -+ 0xc4, 0x51, 0x04, 0x03, 0x9a, 0x48, 0x35, 0x6e, 0x30, 0x0d, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, -+ 0x82, 0x01, 0x01, 0x00, 0x65, 0x82, 0xd5, 0x88, 0x30, 0xe2, 0x2c, 0x47, -+ 0xf3, 0x31, 0x39, 0xa1, 0x75, 0x9a, 0xb0, 0x8a, 0x6c, 0x4b, 0xac, 0xdf, -+ 0x09, 0x7b, 0x90, 0xb6, 0x9e, 0x76, 0x62, 0x94, 0xc1, 0x3a, 0x99, 0x49, -+ 0x68, 0x29, 0x47, 0x42, 0xc3, 0x06, 0xcb, 0x88, 0x75, 0xe6, 0x79, 0x13, -+ 0x8c, 0x4b, 0x49, 0x6a, 0xb5, 0x56, 0x95, 0xc0, 0x42, 0x21, 0x9b, 0xd4, -+ 0x61, 0xd0, 0x02, 0x41, 0xdd, 0x20, 0x61, 0xe5, 0x91, 0xdf, 0x75, 0x00, -+ 0x25, 0x0e, 0x99, 0x65, 0x5c, 0x54, 0x49, 0x32, 0xa3, 0xe2, 0xcd, 0xa1, -+ 0x5f, 0x40, 0xf3, 0xc5, 0x81, 0xd9, 0x3c, 0xa3, 0x63, 0x5a, 0x38, 0x79, -+ 0xab, 0x77, 0x98, 0xde, 0x8f, 0x4e, 0x9e, 0x26, 0xbc, 0x4e, 0x80, 0x9e, -+ 0x8f, 0xbe, 0xf1, 0x00, 0xb3, 0x78, 0xb9, 0x4b, 0x1d, 0xc7, 0xa4, 0x83, -+ 0x59, 0x56, 0x11, 0xd1, 0x11, 0x1e, 0x50, 0x39, 0xd5, 0x78, 0x14, 0xf3, -+ 0xb9, 0x1d, 0xda, 0xe4, 0xc4, 0x63, 0x74, 0x26, 0xab, 0xa3, 0xfd, 0x9d, -+ 0x58, 0xa2, 0xee, 0x7b, 0x28, 0x34, 0xa3, 0xbe, 0x85, 0x7e, 0xaa, 0x97, -+ 0xb7, 0x5b, 0x9d, 0xa9, 0x4d, 0x96, 0xdb, 0x6b, 0x21, 0xe1, 0x96, 0x5d, -+ 0xc7, 0xad, 0x23, 0x03, 0x9a, 0x16, 0xdb, 0xa4, 0x1f, 0x63, 0xef, 0xaf, -+ 0x1e, 0x4f, 0xf8, 0x27, 0xdc, 0x4b, 0xfc, 0x2b, 0x68, 0x2e, 0xa0, 0xd3, -+ 0xae, 0xf2, 0xce, 0xf5, 0xfc, 0x97, 0x92, 0xd2, 0x29, 0x0f, 0x4f, 0x4b, -+ 0x29, 0xeb, 0x06, 0xcb, 0xf8, 0x21, 0x6e, 0xbc, 0x8b, 0x5c, 0xc5, 0xc9, -+ 0xf7, 0xe2, 0x7c, 0x47, 0xcd, 0x43, 0x98, 0xc4, 0xa3, 0x9a, 0xd7, 0x3e, -+ 0xdc, 0x01, 0x13, 0x28, 0x96, 0xc4, 0x60, 0x83, 0xe2, 0x79, 0xa1, 0x46, -+ 0xef, 0xf5, 0xa4, 0x7b, 0x00, 0xe3, 0x3d, 0x7d, 0xbc, 0xa8, 0x98, 0x49, -+ 0xa8, 0xcf, 0x3b, 0x41, 0xb6, 0x09, 0x97, 0x07 -+}; -+unsigned int certificate_der_len = 908; -+ -+unsigned char hi_signed[] = { -+ 0x68, 0x69, 0x0a, 0x30, 0x82, 0x01, 0xc0, 0x06, 0x09, 0x2a, 0x86, 0x48, -+ 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x01, 0xb1, 0x30, 0x82, -+ 0x01, 0xad, 0x02, 0x01, 0x01, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, -+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x30, 0x0b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x31, 0x82, 0x01, -+ 0x8a, 0x30, 0x82, 0x01, 0x86, 0x02, 0x01, 0x01, 0x30, 0x61, 0x30, 0x49, -+ 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1f, 0x47, -+ 0x72, 0x75, 0x62, 0x20, 0x41, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x64, -+ 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, -+ 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x0e, 0x64, -+ 0x6a, 0x61, 0x40, 0x61, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x2e, 0x6e, 0x65, -+ 0x74, 0x02, 0x14, 0x25, 0x2e, 0xb8, 0xfd, 0x12, 0x62, 0x2e, 0xcd, 0x5d, -+ 0xa7, 0x53, 0xd2, 0x0b, 0xc2, 0x61, 0x7c, 0x14, 0xe0, 0x0f, 0x5c, 0x30, -+ 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0xc7, 0x69, 0x35, 0x21, 0x66, -+ 0x4d, 0x50, 0xd4, 0x73, 0xde, 0xbd, 0x3a, 0xf6, 0x45, 0xe3, 0xe4, 0xd0, -+ 0xb6, 0xa1, 0xe7, 0xc0, 0xa2, 0xc9, 0xf4, 0xf0, 0x05, 0x8c, 0xa4, 0x16, -+ 0x9e, 0x81, 0x0d, 0x21, 0x68, 0xf3, 0xfe, 0x03, 0x96, 0x77, 0x31, 0x69, -+ 0x01, 0xd8, 0x26, 0xd9, 0x48, 0x95, 0xcf, 0xd1, 0x17, 0xb1, 0x0b, 0x6b, -+ 0x2c, 0xf1, 0xb0, 0xab, 0x65, 0x65, 0x56, 0xf8, 0x0c, 0xa7, 0xf7, 0xbb, -+ 0xf6, 0x5a, 0x55, 0x98, 0x14, 0x07, 0x8d, 0x2a, 0xbc, 0x16, 0x48, 0x94, -+ 0xab, 0x2f, 0x85, 0x97, 0x90, 0x51, 0x78, 0xa0, 0xda, 0x60, 0xb5, 0x41, -+ 0x4b, 0xe8, 0x78, 0xc5, 0xa6, 0x04, 0x9d, 0x54, 0x2a, 0x85, 0xfd, 0x86, -+ 0x0b, 0x6d, 0xc2, 0xd2, 0xad, 0x07, 0xff, 0x16, 0x42, 0x82, 0xe3, 0x5c, -+ 0xaa, 0x22, 0x59, 0x78, 0x92, 0xea, 0x94, 0xc3, 0x41, 0xb7, 0xa1, 0x86, -+ 0x44, 0xea, 0xd1, 0xdb, 0xe5, 0xac, 0x30, 0x32, 0xfb, 0x7d, 0x3f, 0xf7, -+ 0x8b, 0x11, 0x7f, 0x80, 0x3b, 0xe5, 0xc7, 0x82, 0x0f, 0x92, 0x07, 0x14, -+ 0x66, 0x01, 0x6e, 0x85, 0xab, 0x3a, 0x14, 0xcf, 0x76, 0xd1, 0x7e, 0x14, -+ 0x85, 0xca, 0x01, 0x73, 0x72, 0x38, 0xdc, 0xde, 0x30, 0x5c, 0xfb, 0xc0, -+ 0x3d, 0x93, 0xef, 0x9c, 0xbc, 0xf8, 0xcc, 0xd2, 0xbf, 0x47, 0xec, 0xf8, -+ 0x88, 0x9b, 0xe1, 0x43, 0xbe, 0xa7, 0x47, 0x96, 0xb6, 0x5d, 0x46, 0x0e, -+ 0x7a, 0x78, 0x38, 0x19, 0xbc, 0xb5, 0xbc, 0x9b, 0x3c, 0x39, 0x92, 0x70, -+ 0x0d, 0x9d, 0x8a, 0x35, 0xaf, 0xb4, 0x9e, 0xf4, 0xef, 0xc1, 0xb8, 0x25, -+ 0xd0, 0x14, 0x91, 0xd6, 0xc2, 0xb6, 0xc7, 0x3c, 0x72, 0x91, 0x0f, 0xad, -+ 0xde, 0xb2, 0x36, 0xf8, 0x4e, 0x59, 0xd4, 0xa4, 0x21, 0x9f, 0x03, 0x95, -+ 0x48, 0x01, 0xb4, 0x05, 0xc3, 0x39, 0x60, 0x51, 0x08, 0xd0, 0xbe, 0x00, -+ 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc4, 0x7e, -+ 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x61, -+ 0x74, 0x75, 0x72, 0x65, 0x20, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, -+ 0x64, 0x7e, 0x0a -+}; -+unsigned int hi_signed_len = 495; -+ -+unsigned char hj_signed[] = { -+ 0x68, 0x6a, 0x0a, 0x30, 0x82, 0x01, 0xc0, 0x06, 0x09, 0x2a, 0x86, 0x48, -+ 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x01, 0xb1, 0x30, 0x82, -+ 0x01, 0xad, 0x02, 0x01, 0x01, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, -+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x30, 0x0b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x31, 0x82, 0x01, -+ 0x8a, 0x30, 0x82, 0x01, 0x86, 0x02, 0x01, 0x01, 0x30, 0x61, 0x30, 0x49, -+ 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1f, 0x47, -+ 0x72, 0x75, 0x62, 0x20, 0x41, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x64, -+ 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, -+ 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x0e, 0x64, -+ 0x6a, 0x61, 0x40, 0x61, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x2e, 0x6e, 0x65, -+ 0x74, 0x02, 0x14, 0x25, 0x2e, 0xb8, 0xfd, 0x12, 0x62, 0x2e, 0xcd, 0x5d, -+ 0xa7, 0x53, 0xd2, 0x0b, 0xc2, 0x61, 0x7c, 0x14, 0xe0, 0x0f, 0x5c, 0x30, -+ 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0xc7, 0x69, 0x35, 0x21, 0x66, -+ 0x4d, 0x50, 0xd4, 0x73, 0xde, 0xbd, 0x3a, 0xf6, 0x45, 0xe3, 0xe4, 0xd0, -+ 0xb6, 0xa1, 0xe7, 0xc0, 0xa2, 0xc9, 0xf4, 0xf0, 0x05, 0x8c, 0xa4, 0x16, -+ 0x9e, 0x81, 0x0d, 0x21, 0x68, 0xf3, 0xfe, 0x03, 0x96, 0x77, 0x31, 0x69, -+ 0x01, 0xd8, 0x26, 0xd9, 0x48, 0x95, 0xcf, 0xd1, 0x17, 0xb1, 0x0b, 0x6b, -+ 0x2c, 0xf1, 0xb0, 0xab, 0x65, 0x65, 0x56, 0xf8, 0x0c, 0xa7, 0xf7, 0xbb, -+ 0xf6, 0x5a, 0x55, 0x98, 0x14, 0x07, 0x8d, 0x2a, 0xbc, 0x16, 0x48, 0x94, -+ 0xab, 0x2f, 0x85, 0x97, 0x90, 0x51, 0x78, 0xa0, 0xda, 0x60, 0xb5, 0x41, -+ 0x4b, 0xe8, 0x78, 0xc5, 0xa6, 0x04, 0x9d, 0x54, 0x2a, 0x85, 0xfd, 0x86, -+ 0x0b, 0x6d, 0xc2, 0xd2, 0xad, 0x07, 0xff, 0x16, 0x42, 0x82, 0xe3, 0x5c, -+ 0xaa, 0x22, 0x59, 0x78, 0x92, 0xea, 0x94, 0xc3, 0x41, 0xb7, 0xa1, 0x86, -+ 0x44, 0xea, 0xd1, 0xdb, 0xe5, 0xac, 0x30, 0x32, 0xfb, 0x7d, 0x3f, 0xf7, -+ 0x8b, 0x11, 0x7f, 0x80, 0x3b, 0xe5, 0xc7, 0x82, 0x0f, 0x92, 0x07, 0x14, -+ 0x66, 0x01, 0x6e, 0x85, 0xab, 0x3a, 0x14, 0xcf, 0x76, 0xd1, 0x7e, 0x14, -+ 0x85, 0xca, 0x01, 0x73, 0x72, 0x38, 0xdc, 0xde, 0x30, 0x5c, 0xfb, 0xc0, -+ 0x3d, 0x93, 0xef, 0x9c, 0xbc, 0xf8, 0xcc, 0xd2, 0xbf, 0x47, 0xec, 0xf8, -+ 0x88, 0x9b, 0xe1, 0x43, 0xbe, 0xa7, 0x47, 0x96, 0xb6, 0x5d, 0x46, 0x0e, -+ 0x7a, 0x78, 0x38, 0x19, 0xbc, 0xb5, 0xbc, 0x9b, 0x3c, 0x39, 0x92, 0x70, -+ 0x0d, 0x9d, 0x8a, 0x35, 0xaf, 0xb4, 0x9e, 0xf4, 0xef, 0xc1, 0xb8, 0x25, -+ 0xd0, 0x14, 0x91, 0xd6, 0xc2, 0xb6, 0xc7, 0x3c, 0x72, 0x91, 0x0f, 0xad, -+ 0xde, 0xb2, 0x36, 0xf8, 0x4e, 0x59, 0xd4, 0xa4, 0x21, 0x9f, 0x03, 0x95, -+ 0x48, 0x01, 0xb4, 0x05, 0xc3, 0x39, 0x60, 0x51, 0x08, 0xd0, 0xbe, 0x00, -+ 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc4, 0x7e, -+ 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x61, -+ 0x74, 0x75, 0x72, 0x65, 0x20, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, -+ 0x64, 0x7e, 0x0a -+}; -+unsigned int hj_signed_len = 495; -+ -+unsigned char hi_signed_sha256[] = { -+ 0x68, 0x69, 0x0a, 0x30, 0x82, 0x01, 0xc0, 0x06, 0x09, 0x2a, 0x86, 0x48, -+ 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x01, 0xb1, 0x30, 0x82, -+ 0x01, 0xad, 0x02, 0x01, 0x01, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, -+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x31, 0x82, 0x01, -+ 0x8a, 0x30, 0x82, 0x01, 0x86, 0x02, 0x01, 0x01, 0x30, 0x61, 0x30, 0x49, -+ 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1f, 0x47, -+ 0x72, 0x75, 0x62, 0x20, 0x41, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x64, -+ 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, -+ 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x0e, 0x64, -+ 0x6a, 0x61, 0x40, 0x61, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x2e, 0x6e, 0x65, -+ 0x74, 0x02, 0x14, 0x25, 0x2e, 0xb8, 0xfd, 0x12, 0x62, 0x2e, 0xcd, 0x5d, -+ 0xa7, 0x53, 0xd2, 0x0b, 0xc2, 0x61, 0x7c, 0x14, 0xe0, 0x0f, 0x5c, 0x30, -+ 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x7b, 0x5e, 0x82, 0x1d, 0x21, -+ 0xb6, 0x40, 0xd3, 0x33, 0x79, 0xa7, 0x52, 0x2b, 0xfc, 0x46, 0x51, 0x26, -+ 0xfe, 0x0f, 0x81, 0x90, 0x81, 0xab, 0x57, 0x5e, 0xf6, 0x45, 0x41, 0xa3, -+ 0x7b, 0x48, 0xdd, 0xd6, 0x59, 0x60, 0x51, 0x31, 0x14, 0x14, 0x7b, 0xb4, -+ 0x55, 0x7b, 0x4d, 0xfe, 0x09, 0x7a, 0x5d, 0xae, 0xc4, 0x58, 0x50, 0x80, -+ 0x75, 0xf2, 0x23, 0x20, 0x62, 0xe3, 0x7c, 0x26, 0x1d, 0x2a, 0x4d, 0x9f, -+ 0x89, 0xf0, 0x4f, 0x95, 0x8a, 0x80, 0x6e, 0x1a, 0xea, 0x87, 0xdb, 0x1f, -+ 0xf3, 0xda, 0x04, 0x91, 0x37, 0xea, 0x0a, 0xfb, 0x6c, 0xc9, 0x3d, 0x73, -+ 0xf9, 0x58, 0x7c, 0x15, 0x6b, 0xa2, 0x52, 0x5a, 0x97, 0xff, 0xd6, 0xb0, -+ 0xf1, 0xbf, 0xa5, 0x04, 0x6d, 0x91, 0xc1, 0x54, 0x05, 0xdc, 0x7f, 0x5d, -+ 0x19, 0xaf, 0x55, 0xec, 0x51, 0xfb, 0x66, 0x0a, 0xa4, 0x4e, 0x96, 0x47, -+ 0x43, 0x54, 0x7c, 0x64, 0xa8, 0xaa, 0xb4, 0x90, 0x02, 0xf3, 0xa7, 0x0b, -+ 0xb7, 0xbf, 0x06, 0xdb, 0x5e, 0x9c, 0x32, 0x6d, 0x45, 0x14, 0x1c, 0xaf, -+ 0x46, 0x30, 0x08, 0x55, 0x49, 0x78, 0xfa, 0x57, 0xda, 0x3d, 0xf5, 0xa0, -+ 0xef, 0x11, 0x0a, 0x81, 0x0d, 0x82, 0xcd, 0xaf, 0xdb, 0xda, 0x0e, 0x1a, -+ 0x44, 0xd1, 0xee, 0xc4, 0xb8, 0xde, 0x97, 0xb4, 0xda, 0xb4, 0x8b, 0x4f, -+ 0x58, 0x24, 0x59, 0xc0, 0xe0, 0x08, 0x97, 0x14, 0x68, 0xbe, 0x31, 0x09, -+ 0x5e, 0x67, 0x45, 0xf0, 0xcb, 0x81, 0x4f, 0x17, 0x44, 0x61, 0xe0, 0xe2, -+ 0xf0, 0xfc, 0x1e, 0xb9, 0x73, 0xaf, 0x42, 0xff, 0x33, 0xde, 0x61, 0x6b, -+ 0x7f, 0xc2, 0x69, 0x0d, 0x66, 0x54, 0xae, 0xf6, 0xde, 0x20, 0x47, 0x44, -+ 0x9b, 0x73, 0xd1, 0x07, 0x6e, 0x77, 0x37, 0x0a, 0xbb, 0x7f, 0xa0, 0x93, -+ 0x2d, 0x8d, 0x44, 0xba, 0xe2, 0xdd, 0x34, 0x32, 0xd7, 0x56, 0x71, 0x00, -+ 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc4, 0x7e, -+ 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x61, -+ 0x74, 0x75, 0x72, 0x65, 0x20, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x65, -+ 0x64, 0x7e, 0x0a -+}; -+unsigned int hi_signed_sha256_len = 495; -+ -+unsigned char short_msg[] = { -+ 0x68, 0x69, 0x0a -+}; -+unsigned int short_msg_len = 3; -+ -+unsigned char unsigned_msg[] = { -+ 0x53, 0x65, 0x64, 0x20, 0x75, 0x74, 0x20, 0x70, 0x65, 0x72, 0x73, 0x70, -+ 0x69, 0x63, 0x69, 0x61, 0x74, 0x69, 0x73, 0x20, 0x75, 0x6e, 0x64, 0x65, -+ 0x20, 0x6f, 0x6d, 0x6e, 0x69, 0x73, 0x20, 0x69, 0x73, 0x74, 0x65, 0x20, -+ 0x6e, 0x61, 0x74, 0x75, 0x73, 0x20, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x20, -+ 0x73, 0x69, 0x74, 0x20, 0x76, 0x6f, 0x6c, 0x75, 0x70, 0x74, 0x61, 0x74, -+ 0x65, 0x6d, 0x20, 0x61, 0x63, 0x63, 0x75, 0x73, 0x61, 0x6e, 0x74, 0x69, -+ 0x75, 0x6d, 0x20, 0x64, 0x6f, 0x6c, 0x6f, 0x72, 0x65, 0x6d, 0x71, 0x75, -+ 0x65, 0x20, 0x6c, 0x61, 0x75, 0x64, 0x61, 0x6e, 0x74, 0x69, 0x75, 0x6d, -+ 0x2c, 0x20, 0x74, 0x6f, 0x74, 0x61, 0x6d, 0x20, 0x72, 0x65, 0x6d, 0x20, -+ 0x61, 0x70, 0x65, 0x72, 0x69, 0x61, 0x6d, 0x2c, 0x20, 0x65, 0x61, 0x71, -+ 0x75, 0x65, 0x20, 0x69, 0x70, 0x73, 0x61, 0x20, 0x71, 0x75, 0x61, 0x65, -+ 0x20, 0x61, 0x62, 0x20, 0x69, 0x6c, 0x6c, 0x6f, 0x20, 0x69, 0x6e, 0x76, -+ 0x65, 0x6e, 0x74, 0x6f, 0x72, 0x65, 0x20, 0x76, 0x65, 0x72, 0x69, 0x74, -+ 0x61, 0x74, 0x69, 0x73, 0x20, 0x65, 0x74, 0x20, 0x71, 0x75, 0x61, 0x73, -+ 0x69, 0x20, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x6f, -+ 0x20, 0x62, 0x65, 0x61, 0x74, 0x61, 0x65, 0x20, 0x76, 0x69, 0x74, 0x61, -+ 0x65, 0x20, 0x64, 0x69, 0x63, 0x74, 0x61, 0x20, 0x73, 0x75, 0x6e, 0x74, -+ 0x20, 0x65, 0x78, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x62, 0x6f, 0x2e, 0x20, -+ 0x4e, 0x65, 0x6d, 0x6f, 0x20, 0x65, 0x6e, 0x69, 0x6d, 0x20, 0x69, 0x70, -+ 0x73, 0x61, 0x6d, 0x20, 0x76, 0x6f, 0x6c, 0x75, 0x70, 0x74, 0x61, 0x74, -+ 0x65, 0x6d, 0x20, 0x71, 0x75, 0x69, 0x61, 0x20, 0x76, 0x6f, 0x6c, 0x75, -+ 0x70, 0x74, 0x61, 0x73, 0x20, 0x73, 0x69, 0x74, 0x20, 0x61, 0x73, 0x70, -+ 0x65, 0x72, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x20, 0x61, 0x75, 0x74, 0x20, -+ 0x6f, 0x64, 0x69, 0x74, 0x20, 0x61, 0x75, 0x74, 0x20, 0x66, 0x75, 0x67, -+ 0x69, 0x74, 0x2c, 0x20, 0x73, 0x65, 0x64, 0x20, 0x71, 0x75, 0x69, 0x61, -+ 0x20, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x71, 0x75, 0x75, 0x6e, 0x74, 0x75, -+ 0x72, 0x20, 0x6d, 0x61, 0x67, 0x6e, 0x69, 0x20, 0x64, 0x6f, 0x6c, 0x6f, -+ 0x72, 0x65, 0x73, 0x20, 0x65, 0x6f, 0x73, 0x20, 0x71, 0x75, 0x69, 0x20, -+ 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x65, 0x20, 0x76, 0x6f, 0x6c, 0x75, -+ 0x70, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x20, 0x73, 0x65, 0x71, 0x75, 0x69, -+ 0x20, 0x6e, 0x65, 0x73, 0x63, 0x69, 0x75, 0x6e, 0x74, 0x2e, 0x20, 0x4e, -+ 0x65, 0x71, 0x75, 0x65, 0x20, 0x70, 0x6f, 0x72, 0x72, 0x6f, 0x20, 0x71, -+ 0x75, 0x69, 0x73, 0x71, 0x75, 0x61, 0x6d, 0x20, 0x65, 0x73, 0x74, 0x2c, -+ 0x20, 0x71, 0x75, 0x69, 0x20, 0x64, 0x6f, 0x6c, 0x6f, 0x72, 0x65, 0x6d, -+ 0x20, 0x69, 0x70, 0x73, 0x75, 0x6d, 0x20, 0x71, 0x75, 0x69, 0x61, 0x20, -+ 0x64, 0x6f, 0x6c, 0x6f, 0x72, 0x20, 0x73, 0x69, 0x74, 0x20, 0x61, 0x6d, -+ 0x65, 0x74, 0x2c, 0x20, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x74, 0x65, -+ 0x74, 0x75, 0x72, 0x2c, 0x20, 0x61, 0x64, 0x69, 0x70, 0x69, 0x73, 0x63, -+ 0x69, 0x20, 0x76, 0x65, 0x6c, 0x69, 0x74, 0x2c, 0x20, 0x73, 0x65, 0x64, -+ 0x20, 0x71, 0x75, 0x69, 0x61, 0x20, 0x6e, 0x6f, 0x6e, 0x20, 0x6e, 0x75, -+ 0x6d, 0x71, 0x75, 0x61, 0x6d, 0x20, 0x65, 0x69, 0x75, 0x73, 0x20, 0x6d, -+ 0x6f, 0x64, 0x69, 0x20, 0x74, 0x65, 0x6d, 0x70, 0x6f, 0x72, 0x61, 0x20, -+ 0x69, 0x6e, 0x63, 0x69, 0x64, 0x75, 0x6e, 0x74, 0x20, 0x75, 0x74, 0x20, -+ 0x6c, 0x61, 0x62, 0x6f, 0x72, 0x65, 0x20, 0x65, 0x74, 0x20, 0x64, 0x6f, -+ 0x6c, 0x6f, 0x72, 0x65, 0x20, 0x6d, 0x61, 0x67, 0x6e, 0x61, 0x6d, 0x20, -+ 0x61, 0x6c, 0x69, 0x71, 0x75, 0x61, 0x6d, 0x20, 0x71, 0x75, 0x61, 0x65, -+ 0x72, 0x61, 0x74, 0x20, 0x76, 0x6f, 0x6c, 0x75, 0x70, 0x74, 0x61, 0x74, -+ 0x65, 0x6d, 0x2e, 0x20, 0x55, 0x74, 0x20, 0x65, 0x6e, 0x69, 0x6d, 0x20, -+ 0x61, 0x64, 0x20, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x61, 0x20, 0x76, 0x65, -+ 0x6e, 0x69, 0x61, 0x6d, 0x2c, 0x20, 0x71, 0x75, 0x69, 0x73, 0x20, 0x6e, -+ 0x6f, 0x73, 0x74, 0x72, 0x75, 0x6d, 0x20, 0x65, 0x78, 0x65, 0x72, 0x63, -+ 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x65, 0x6d, 0x20, 0x75, 0x6c, -+ 0x6c, 0x61, 0x6d, 0x20, 0x63, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x69, 0x73, -+ 0x20, 0x73, 0x75, 0x73, 0x63, 0x69, 0x70, 0x69, 0x74, 0x20, 0x6c, 0x61, -+ 0x62, 0x6f, 0x72, 0x69, 0x6f, 0x73, 0x61, 0x6d, 0x2c, 0x20, 0x6e, 0x69, -+ 0x73, 0x69, 0x20, 0x75, 0x74, 0x20, 0x61, 0x6c, 0x69, 0x71, 0x75, 0x69, -+ 0x64, 0x20, 0x65, 0x78, 0x20, 0x65, 0x61, 0x20, 0x63, 0x6f, 0x6d, 0x6d, -+ 0x6f, 0x64, 0x69, 0x20, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x71, 0x75, 0x61, -+ 0x74, 0x75, 0x72, 0x3f, 0x20, 0x51, 0x75, 0x69, 0x73, 0x20, 0x61, 0x75, -+ 0x74, 0x65, 0x6d, 0x20, 0x76, 0x65, 0x6c, 0x20, 0x65, 0x75, 0x6d, 0x20, -+ 0x69, 0x75, 0x72, 0x65, 0x20, 0x72, 0x65, 0x70, 0x72, 0x65, 0x68, 0x65, -+ 0x6e, 0x64, 0x65, 0x72, 0x69, 0x74, 0x20, 0x71, 0x75, 0x69, 0x20, 0x69, -+ 0x6e, 0x20, 0x65, 0x61, 0x20, 0x76, 0x6f, 0x6c, 0x75, 0x70, 0x74, 0x61, -+ 0x74, 0x65, 0x20, 0x76, 0x65, 0x6c, 0x69, 0x74, 0x20, 0x65, 0x73, 0x73, -+ 0x65, 0x20, 0x71, 0x75, 0x61, 0x6d, 0x20, 0x6e, 0x69, 0x68, 0x69, 0x6c, -+ 0x20, 0x6d, 0x6f, 0x6c, 0x65, 0x73, 0x74, 0x69, 0x61, 0x65, 0x20, 0x63, -+ 0x6f, 0x6e, 0x73, 0x65, 0x71, 0x75, 0x61, 0x74, 0x75, 0x72, 0x2c, 0x20, -+ 0x76, 0x65, 0x6c, 0x20, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x20, 0x71, 0x75, -+ 0x69, 0x20, 0x64, 0x6f, 0x6c, 0x6f, 0x72, 0x65, 0x6d, 0x20, 0x65, 0x75, -+ 0x6d, 0x20, 0x66, 0x75, 0x67, 0x69, 0x61, 0x74, 0x20, 0x71, 0x75, 0x6f, -+ 0x20, 0x76, 0x6f, 0x6c, 0x75, 0x70, 0x74, 0x61, 0x73, 0x20, 0x6e, 0x75, -+ 0x6c, 0x6c, 0x61, 0x20, 0x70, 0x61, 0x72, 0x69, 0x61, 0x74, 0x75, 0x72, -+ 0x3f, 0x0a -+}; -+unsigned int unsigned_msg_len = 866; -+ -+unsigned char certificate2_der[] = { -+ 0x30, 0x82, 0x05, 0x52, 0x30, 0x82, 0x03, 0x3a, 0xa0, 0x03, 0x02, 0x01, -+ 0x02, 0x02, 0x14, 0x5b, 0x5e, 0x59, 0xf2, 0x5f, 0x75, 0x4c, 0x8e, 0xc5, -+ 0x3a, 0x91, 0x07, 0xe9, 0xe7, 0x6d, 0x3c, 0xd0, 0x7f, 0x91, 0xff, 0x30, -+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, -+ 0x05, 0x00, 0x30, 0x3a, 0x31, 0x38, 0x30, 0x36, 0x06, 0x03, 0x55, 0x04, -+ 0x03, 0x0c, 0x2f, 0x47, 0x72, 0x75, 0x62, 0x20, 0x32, 0x6e, 0x64, 0x20, -+ 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, -+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, -+ 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, -+ 0x74, 0x79, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x30, 0x30, 0x37, 0x32, 0x38, -+ 0x31, 0x33, 0x32, 0x34, 0x32, 0x39, 0x5a, 0x18, 0x0f, 0x32, 0x31, 0x32, -+ 0x30, 0x30, 0x37, 0x30, 0x34, 0x31, 0x33, 0x32, 0x34, 0x32, 0x39, 0x5a, -+ 0x30, 0x2b, 0x31, 0x29, 0x30, 0x27, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, -+ 0x20, 0x47, 0x72, 0x75, 0x62, 0x20, 0x32, 0x6e, 0x64, 0x20, 0x43, 0x65, -+ 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x53, 0x69, -+ 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x4b, 0x65, 0x79, 0x30, 0x82, 0x02, -+ 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, -+ 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, -+ 0x0a, 0x02, 0x82, 0x02, 0x01, 0x00, 0xb0, 0x2f, 0x50, 0x01, 0x9c, 0x0e, -+ 0xd6, 0x8c, 0x07, 0xca, 0xc1, 0xcf, 0xbc, 0x03, 0xdd, 0xd3, 0xfa, 0xe3, -+ 0x4f, 0x71, 0xc1, 0x30, 0xaa, 0x09, 0x96, 0xe4, 0xd0, 0x6c, 0x42, 0x93, -+ 0xdb, 0x35, 0xf6, 0x7e, 0x1b, 0x67, 0xc0, 0xc2, 0x2d, 0x5b, 0xec, 0xca, -+ 0x35, 0x06, 0x32, 0x6c, 0x7b, 0x2c, 0xd3, 0x71, 0x2b, 0xe9, 0x7a, 0x19, -+ 0xd1, 0xf2, 0xa0, 0x7f, 0xd7, 0x4d, 0x6e, 0x28, 0xbb, 0xae, 0x49, 0x4a, -+ 0xbc, 0xea, 0x47, 0x67, 0xb8, 0x36, 0xa6, 0xf5, 0x0d, 0x0e, 0x20, 0x14, -+ 0x0c, 0x66, 0x67, 0x28, 0xb5, 0x97, 0x8b, 0x1f, 0x5e, 0x32, 0x06, 0x29, -+ 0x9c, 0x99, 0x92, 0x0f, 0x73, 0xac, 0xfd, 0xd2, 0x1d, 0xf2, 0xa8, 0x55, -+ 0x9d, 0x1b, 0xd8, 0x3d, 0xb0, 0x76, 0x9a, 0xb6, 0x6c, 0x9f, 0x62, 0x37, -+ 0x2f, 0xc0, 0xef, 0x44, 0xb3, 0x0d, 0x4a, 0x3e, 0x4f, 0x7d, 0xbd, 0xdb, -+ 0xd8, 0x75, 0x5f, 0x68, 0xe3, 0xf0, 0xec, 0x82, 0x66, 0x7c, 0x31, 0x70, -+ 0xa9, 0xa1, 0x6f, 0x38, 0x9f, 0xdf, 0xf5, 0xf0, 0x7d, 0x23, 0x9d, 0x34, -+ 0xa5, 0x85, 0xd3, 0xdf, 0x68, 0x41, 0xfc, 0x4f, 0x89, 0x45, 0x3c, 0x24, -+ 0x81, 0xa6, 0xf2, 0x3c, 0x02, 0x26, 0x09, 0x48, 0xdd, 0xfe, 0x4b, 0xb6, -+ 0x66, 0xbf, 0x8f, 0xe5, 0x5f, 0xf0, 0x5d, 0x8a, 0x61, 0x2e, 0x5f, 0x9f, -+ 0x80, 0xd9, 0xd5, 0xe6, 0x41, 0xd8, 0x10, 0x5e, 0x7a, 0xc6, 0xdb, 0x89, -+ 0xc7, 0xca, 0x6c, 0x5b, 0xb1, 0x4e, 0x7d, 0x0c, 0x03, 0xfd, 0x50, 0xca, -+ 0xbf, 0xbb, 0xe2, 0x69, 0x4b, 0x4e, 0xc2, 0x3d, 0x75, 0xfa, 0xd1, 0xcc, -+ 0xd6, 0xf9, 0x39, 0xb9, 0xdc, 0x53, 0xad, 0x62, 0xfb, 0x1b, 0x94, 0x26, -+ 0x7f, 0x21, 0x54, 0x5c, 0xb7, 0xdc, 0xe7, 0x96, 0x8c, 0xce, 0x75, 0xe0, -+ 0x17, 0x01, 0x3a, 0x3c, 0x77, 0x6e, 0xa4, 0x8b, 0x7a, 0x83, 0x28, 0x7a, -+ 0xf7, 0xb0, 0x5f, 0xfc, 0x7f, 0x2d, 0x2e, 0xec, 0xf5, 0xeb, 0x9c, 0x63, -+ 0x74, 0xd0, 0xe5, 0xdc, 0x19, 0xe4, 0x71, 0xc5, 0x4a, 0x8a, 0x54, 0xa4, -+ 0xe0, 0x7d, 0x4e, 0xbf, 0x53, 0x30, 0xaf, 0xd0, 0xeb, 0x96, 0xc3, 0xbb, -+ 0x65, 0xf7, 0x67, 0xf5, 0xae, 0xd3, 0x96, 0xf2, 0x63, 0xc8, 0x69, 0xf7, -+ 0x47, 0xcb, 0x27, 0x79, 0xe1, 0xff, 0x2f, 0x68, 0xdf, 0x1e, 0xb3, 0xb8, -+ 0x0c, 0xc5, 0x58, 0x73, 0xcc, 0xfe, 0x8c, 0xda, 0x4e, 0x3b, 0x01, 0x04, -+ 0xcd, 0xcb, 0xb8, 0x3e, 0x06, 0xfd, 0x4c, 0x0a, 0x9f, 0x5e, 0x76, 0x8c, -+ 0x0c, 0x83, 0x75, 0x09, 0x08, 0xb2, 0xdb, 0xf4, 0x49, 0x4e, 0xa0, 0xf2, -+ 0x0c, 0x7b, 0x87, 0x38, 0x9e, 0x22, 0x67, 0xbd, 0xd1, 0x97, 0x57, 0x24, -+ 0xf1, 0x46, 0x07, 0xf9, 0xd2, 0x1b, 0xec, 0x25, 0x5e, 0x67, 0xd9, 0x66, -+ 0x23, 0x1b, 0xd3, 0xe4, 0xaa, 0xec, 0x88, 0xf0, 0x7e, 0x15, 0x83, 0x51, -+ 0x31, 0x67, 0x51, 0x76, 0x5f, 0x55, 0xd7, 0x36, 0xdf, 0x4a, 0x84, 0x0b, -+ 0x6f, 0x5c, 0xbb, 0x5b, 0x8f, 0x37, 0x23, 0x7f, 0xf8, 0x17, 0x84, 0xa2, -+ 0x70, 0x20, 0x07, 0x0c, 0x90, 0x3a, 0x04, 0xfd, 0xf0, 0x08, 0x4a, 0xb1, -+ 0x16, 0x0f, 0xe6, 0xf6, 0x40, 0x51, 0x83, 0xd2, 0x87, 0x40, 0x9c, 0x1c, -+ 0x9f, 0x13, 0x38, 0x17, 0xd3, 0x34, 0x58, 0xad, 0x05, 0x71, 0xa0, 0x73, -+ 0xca, 0x40, 0xa6, 0xa4, 0x81, 0x02, 0xee, 0xa8, 0x72, 0x41, 0xa1, 0x41, -+ 0x18, 0x64, 0x8a, 0x86, 0x8a, 0x5d, 0xe6, 0x4f, 0x0a, 0xc5, 0x95, 0x98, -+ 0xf9, 0x78, 0xfe, 0x19, 0x0d, 0xc9, 0xb3, 0x89, 0xc1, 0x2b, 0x09, 0xbe, -+ 0xf1, 0xd2, 0x04, 0x5d, 0xcc, 0x28, 0xf5, 0x4b, 0xd2, 0x20, 0x4f, 0xc5, -+ 0x41, 0x9d, 0x8c, 0x85, 0xd8, 0xb0, 0x68, 0x5e, 0xc1, 0x0c, 0xb7, 0x24, -+ 0x4d, 0x67, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x5d, 0x30, 0x5b, 0x30, -+ 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, -+ 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, -+ 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, -+ 0x14, 0xac, 0xf5, 0x47, 0x17, 0xd9, 0x7d, 0xc1, 0xb1, 0xc4, 0x41, 0xe1, -+ 0x41, 0x60, 0xcb, 0x37, 0x11, 0x60, 0x28, 0x78, 0x5f, 0x30, 0x1f, 0x06, -+ 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x21, 0x94, -+ 0xfb, 0xf9, 0xb2, 0x43, 0xe9, 0x33, 0xd7, 0x50, 0x7d, 0xc7, 0x37, 0xdb, -+ 0xd5, 0x82, 0x5a, 0x4e, 0xbe, 0x1b, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, -+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x02, -+ 0x01, 0x00, 0x96, 0x70, 0x65, 0x26, 0x42, 0xf8, 0xdc, 0x69, 0xde, 0xcf, -+ 0x41, 0x3a, 0x2e, 0x7f, 0x5b, 0xf1, 0xf9, 0x3b, 0x9b, 0xd2, 0x4e, 0x64, -+ 0x48, 0x81, 0xe4, 0x5d, 0x1e, 0x22, 0xce, 0x68, 0x63, 0x62, 0xe5, 0x1b, -+ 0x9b, 0xf2, 0xc7, 0x12, 0xda, 0x1e, 0x9b, 0x90, 0x84, 0x79, 0x48, 0x12, -+ 0xe6, 0x21, 0x6f, 0x2f, 0x7e, 0x18, 0x77, 0xdb, 0x8c, 0xc4, 0xd1, 0x0d, -+ 0x91, 0xbf, 0x39, 0x22, 0x0f, 0x64, 0xcf, 0x25, 0x2e, 0x8c, 0x1f, 0x91, -+ 0x81, 0xb5, 0xe9, 0x6c, 0x02, 0x3a, 0xf8, 0x07, 0xa2, 0x6f, 0x46, 0x5d, -+ 0x7b, 0xfd, 0x43, 0xff, 0x41, 0x0f, 0xe2, 0x57, 0x1c, 0xbd, 0x48, 0x60, -+ 0x53, 0x11, 0x48, 0x87, 0x88, 0x9d, 0x13, 0x82, 0x40, 0x68, 0x44, 0x2c, -+ 0xc6, 0xc8, 0x95, 0x27, 0x4f, 0xb6, 0xb9, 0x4a, 0x22, 0x0a, 0xfd, 0xe4, -+ 0x46, 0x8f, 0x35, 0x12, 0x98, 0x5a, 0x34, 0x6f, 0x2b, 0x57, 0x62, 0xa1, -+ 0x4d, 0x8d, 0x79, 0x37, 0xe4, 0x6b, 0x8a, 0x32, 0x5b, 0xcb, 0xef, 0x79, -+ 0x11, 0xed, 0xa7, 0xf8, 0x7a, 0x1c, 0xbd, 0x86, 0xdc, 0x0e, 0x2e, 0xfd, -+ 0xd3, 0x51, 0xbb, 0x73, 0xad, 0x00, 0xa0, 0x1b, 0xf9, 0x1d, 0xd1, 0x4a, -+ 0xe4, 0xd4, 0x02, 0x63, 0x2b, 0x39, 0x5f, 0x18, 0x08, 0x2f, 0x42, 0xb7, -+ 0x23, 0x4b, 0x48, 0x46, 0x1f, 0x63, 0x87, 0xae, 0x6d, 0xd5, 0xdb, 0x60, -+ 0xf8, 0x5f, 0xd3, 0x13, 0xec, 0xca, 0xdd, 0x60, 0x60, 0x79, 0x52, 0x70, -+ 0x47, 0xae, 0x1d, 0x38, 0x78, 0x71, 0xcf, 0xb3, 0x04, 0x03, 0xbe, 0xba, -+ 0x81, 0xba, 0x74, 0xb1, 0x30, 0x35, 0xdc, 0xea, 0x21, 0x4a, 0x9b, 0x70, -+ 0xfb, 0xd6, 0x60, 0x59, 0x78, 0x0c, 0x4d, 0x39, 0x19, 0x1d, 0xe5, 0x75, -+ 0xba, 0x07, 0xf4, 0x22, 0x37, 0x64, 0xb7, 0xf2, 0x9a, 0xc9, 0x11, 0x2d, -+ 0x8e, 0x58, 0xa6, 0xcf, 0x83, 0xf1, 0xcb, 0x6c, 0x7f, 0x02, 0xbd, 0xda, -+ 0x03, 0x92, 0xa9, 0x45, 0x24, 0x56, 0xc5, 0xbd, 0x41, 0xd1, 0x20, 0x86, -+ 0xc0, 0xb6, 0xb7, 0xe8, 0xa7, 0xb2, 0x46, 0xf7, 0x8e, 0xa9, 0x38, 0x0e, -+ 0x23, 0x77, 0x3c, 0x0d, 0x66, 0x83, 0x6a, 0x1a, 0x6b, 0x7f, 0x54, 0x11, -+ 0x58, 0x0d, 0x4a, 0xb5, 0x74, 0x60, 0xca, 0xed, 0xff, 0x91, 0x47, 0xd9, -+ 0x29, 0xe0, 0xaa, 0x8c, 0xa8, 0x8f, 0x10, 0x4c, 0x15, 0x7d, 0xce, 0x95, -+ 0xf9, 0x87, 0x1e, 0x18, 0x38, 0x18, 0xfc, 0xcc, 0xaf, 0x91, 0x17, 0x3f, -+ 0xfa, 0xf0, 0x8a, 0x09, 0x6f, 0xba, 0x4e, 0x53, 0xf7, 0xfa, 0x4f, 0x20, -+ 0xa3, 0xf4, 0x4a, 0x5a, 0xde, 0x17, 0x1c, 0x29, 0x6a, 0x6f, 0x03, 0x48, -+ 0xdf, 0xad, 0x4f, 0xe4, 0xbc, 0x71, 0xc4, 0x72, 0x32, 0x11, 0x84, 0xac, -+ 0x09, 0xd2, 0x18, 0x44, 0x35, 0xf1, 0xcd, 0xaf, 0xa8, 0x98, 0xe0, 0x8b, -+ 0xec, 0xa0, 0x83, 0x37, 0xc3, 0x35, 0x85, 0xd6, 0xd8, 0x1b, 0xe0, 0x75, -+ 0xdc, 0xfd, 0xde, 0xc9, 0xeb, 0xd5, 0x18, 0x0f, 0xd3, 0x4c, 0x2f, 0x71, -+ 0xdc, 0x48, 0xe3, 0x14, 0xeb, 0xda, 0x00, 0x24, 0x24, 0x9e, 0xa3, 0x8e, -+ 0x3e, 0x08, 0x6f, 0x22, 0x24, 0xd6, 0xc4, 0x85, 0x8f, 0x68, 0x00, 0x4a, -+ 0x82, 0x4c, 0x33, 0x6e, 0xa5, 0x35, 0x7b, 0xeb, 0x4b, 0xdc, 0xa0, 0xa6, -+ 0x65, 0x6f, 0x5a, 0x7a, 0xdf, 0x8a, 0x01, 0x52, 0xa1, 0x6c, 0xff, 0x59, -+ 0x22, 0x7f, 0xe1, 0x96, 0x1b, 0x19, 0xb8, 0xf9, 0x5d, 0x44, 0x9f, 0x91, -+ 0x03, 0x3c, 0x3d, 0xa1, 0x2a, 0xb6, 0x5a, 0x51, 0xa0, 0xce, 0x4a, 0x88, -+ 0x22, 0x72, 0x9c, 0xdc, 0xc0, 0x47, 0x76, 0x35, 0x84, 0x75, 0x9b, 0x87, -+ 0x5c, 0xd3, 0xcf, 0xe7, 0xdd, 0xa3, 0x57, 0x14, 0xdf, 0x00, 0xfd, 0x19, -+ 0x2a, 0x7d, 0x89, 0x27, 0x1c, 0x78, 0x97, 0x04, 0x58, 0x48 -+}; -+unsigned int certificate2_der_len = 1366; -+ -+unsigned char hi_signed_2nd[] = { -+ 0x68, 0x69, 0x0a, 0x30, 0x82, 0x02, 0xb1, 0x06, 0x09, 0x2a, 0x86, 0x48, -+ 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0xa2, 0x30, 0x82, -+ 0x02, 0x9e, 0x02, 0x01, 0x01, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, -+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x30, 0x0b, 0x06, 0x09, -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x31, 0x82, 0x02, -+ 0x7b, 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x01, 0x30, 0x52, 0x30, 0x3a, -+ 0x31, 0x38, 0x30, 0x36, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x2f, 0x47, -+ 0x72, 0x75, 0x62, 0x20, 0x32, 0x6e, 0x64, 0x20, 0x43, 0x65, 0x72, 0x74, -+ 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x54, 0x65, 0x73, 0x74, -+ 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, -+ 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x02, 0x14, -+ 0x5b, 0x5e, 0x59, 0xf2, 0x5f, 0x75, 0x4c, 0x8e, 0xc5, 0x3a, 0x91, 0x07, -+ 0xe9, 0xe7, 0x6d, 0x3c, 0xd0, 0x7f, 0x91, 0xff, 0x30, 0x0b, 0x06, 0x09, -+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x30, 0x0d, 0x06, -+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, -+ 0x04, 0x82, 0x02, 0x00, 0x0e, 0xc2, 0x30, 0x38, 0x81, 0x23, 0x68, 0x90, -+ 0xae, 0x5f, 0xce, 0xf7, 0x27, 0xb1, 0x8c, 0x2e, 0x12, 0x10, 0xc6, 0x99, -+ 0xdc, 0x4d, 0x4b, 0x79, 0xda, 0xe4, 0x32, 0x10, 0x46, 0x1c, 0x16, 0x07, -+ 0x87, 0x66, 0x55, 0xff, 0x64, 0x1c, 0x61, 0x25, 0xd5, 0xb9, 0xe1, 0xfe, -+ 0xea, 0x5a, 0xcd, 0x56, 0xa5, 0xc3, 0xbe, 0xb1, 0x61, 0xc7, 0x6f, 0x5f, -+ 0x69, 0x20, 0x64, 0x50, 0x6f, 0x12, 0x78, 0xb6, 0x0c, 0x72, 0x44, 0x4f, -+ 0x60, 0x0f, 0x9f, 0xa2, 0x83, 0x3b, 0xc2, 0x83, 0xd5, 0x14, 0x1f, 0x6f, -+ 0x3e, 0xb2, 0x47, 0xb5, 0x58, 0xc5, 0xa7, 0xb4, 0x82, 0x53, 0x2e, 0x53, -+ 0x95, 0x4e, 0x3d, 0xe4, 0x62, 0xe8, 0xa1, 0xaf, 0xae, 0xbf, 0xa9, 0xd2, -+ 0x22, 0x07, 0xbe, 0x71, 0x37, 0x2c, 0x5a, 0xa7, 0x6c, 0xaf, 0x14, 0xc0, -+ 0x6c, 0x2f, 0xbf, 0x4f, 0x15, 0xc2, 0x0f, 0x8b, 0xdc, 0x68, 0x45, 0xdf, -+ 0xf3, 0xa5, 0x7f, 0x11, 0x6a, 0x54, 0xcd, 0x67, 0xb9, 0x2e, 0x7d, 0x05, -+ 0xe3, 0x1c, 0x1d, 0xcc, 0x77, 0x8e, 0x97, 0xb1, 0xa0, 0x11, 0x09, 0x3d, -+ 0x90, 0x54, 0xfc, 0x7e, 0xbb, 0xbb, 0x21, 0x23, 0x03, 0x44, 0xbf, 0x7d, -+ 0x2c, 0xc9, 0x15, 0x42, 0xe5, 0xa0, 0x3b, 0xa2, 0xd1, 0x5b, 0x73, 0x81, -+ 0xff, 0xfa, 0x90, 0xfc, 0x27, 0x7b, 0x2f, 0x86, 0x9c, 0x1d, 0x14, 0x36, -+ 0x94, 0xa2, 0x6e, 0xe8, 0x9d, 0xa0, 0x5f, 0xfc, 0x5a, 0x0d, 0xa4, 0xd5, -+ 0x2f, 0x8d, 0xd6, 0x00, 0xfa, 0x93, 0x5b, 0x09, 0x7f, 0x42, 0x78, 0xcc, -+ 0x8c, 0x49, 0xda, 0xd9, 0xf6, 0x43, 0xe7, 0xe1, 0x3c, 0xa2, 0xe2, 0x70, -+ 0xe2, 0x6a, 0x99, 0xc5, 0xd6, 0xa2, 0xe3, 0x0b, 0xd4, 0x09, 0xac, 0x94, -+ 0xaf, 0xb7, 0xf0, 0xb3, 0x0c, 0x1e, 0xf5, 0x16, 0x4f, 0x53, 0x9a, 0xe3, -+ 0xcc, 0xe2, 0x0c, 0x4a, 0xb9, 0xe6, 0x06, 0xbb, 0xf7, 0x41, 0x43, 0x20, -+ 0x04, 0xee, 0x99, 0x2f, 0xd8, 0x9f, 0xda, 0x3f, 0xfd, 0x49, 0xb8, 0xc2, -+ 0xbd, 0xd9, 0xc5, 0x72, 0xfd, 0xe3, 0xce, 0x1c, 0xbc, 0xe4, 0x39, 0xac, -+ 0x2a, 0x99, 0xe9, 0xb4, 0x3e, 0x74, 0x10, 0xeb, 0xd5, 0x14, 0xcc, 0xdb, -+ 0xf1, 0x04, 0x63, 0x36, 0xfb, 0x1f, 0x2b, 0xe2, 0x73, 0xd4, 0xd8, 0x49, -+ 0x31, 0xa8, 0x55, 0xcc, 0xa7, 0x76, 0x36, 0x6e, 0x18, 0xdc, 0xb9, 0xb0, -+ 0x29, 0x99, 0xcf, 0x49, 0xbf, 0xf9, 0xdb, 0x7f, 0x24, 0x42, 0x02, 0xcb, -+ 0xc1, 0xaa, 0xcb, 0xba, 0x18, 0x85, 0x86, 0xc7, 0xf4, 0x1c, 0x62, 0x76, -+ 0xbc, 0x73, 0xfb, 0xe4, 0x15, 0xb8, 0xdd, 0x5d, 0xa6, 0x68, 0x39, 0xa5, -+ 0x3d, 0x33, 0xaf, 0xd5, 0x92, 0x4d, 0x48, 0xdb, 0x22, 0xc0, 0xdc, 0x49, -+ 0x5f, 0x7b, 0xa8, 0xd2, 0x62, 0x2d, 0xa7, 0x39, 0x93, 0x48, 0xe7, 0x6b, -+ 0x23, 0xba, 0xd4, 0xe0, 0xc1, 0x29, 0x55, 0xc4, 0x34, 0xe3, 0xac, 0x25, -+ 0xa7, 0x15, 0xad, 0xab, 0xb3, 0xb7, 0x25, 0xca, 0x37, 0x88, 0x40, 0x2e, -+ 0x47, 0x6e, 0x92, 0x20, 0x09, 0x2e, 0x5a, 0xec, 0xf2, 0xfb, 0xb3, 0xa0, -+ 0x16, 0xb6, 0x93, 0xf2, 0xf5, 0x8b, 0xfe, 0xaf, 0x25, 0xee, 0x2e, 0x98, -+ 0x6c, 0x0a, 0xfe, 0xae, 0x0b, 0x57, 0xf5, 0x9f, 0x3c, 0x80, 0xe9, 0x8b, -+ 0xaf, 0x92, 0x8a, 0xad, 0xe7, 0xa0, 0xe4, 0xe6, 0x0a, 0xa0, 0xc7, 0x83, -+ 0xb5, 0x48, 0x58, 0x5f, 0x55, 0x9e, 0x9b, 0x27, 0xcd, 0x31, 0x1f, 0x3e, -+ 0x50, 0x5a, 0x91, 0xad, 0x21, 0x1b, 0x97, 0x5b, 0xe8, 0xfa, 0x29, 0x8a, -+ 0xa4, 0x17, 0xe8, 0xab, 0x87, 0x02, 0xd6, 0x18, 0x8c, 0x9f, 0x65, 0xb7, -+ 0x2a, 0xfa, 0xde, 0x5f, 0x77, 0x30, 0x6c, 0x04, 0x22, 0xe6, 0x58, 0x26, -+ 0x14, 0x0d, 0x9c, 0x41, 0x0a, 0x82, 0x77, 0xdb, 0x40, 0xa1, 0x58, 0xac, -+ 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xb5, -+ 0x7e, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x20, 0x73, 0x69, 0x67, 0x6e, -+ 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, -+ 0x65, 0x64, 0x7e, 0x0a -+}; -+unsigned int hi_signed_2nd_len = 736; -+ -+unsigned char certificate_printable_der[] = { -+ 0x30, 0x82, 0x03, 0x39, 0x30, 0x82, 0x02, 0x21, 0xa0, 0x03, 0x02, 0x01, -+ 0x02, 0x02, 0x09, 0x00, 0xde, 0xf6, 0x22, 0xc4, 0xf2, 0xf1, 0x86, 0x02, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x0b, 0x05, 0x00, 0x30, 0x2a, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, -+ 0x04, 0x03, 0x13, 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, -+ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, -+ 0x43, 0x41, 0x20, 0x32, 0x20, 0x28, 0x62, 0x65, 0x74, 0x61, 0x29, 0x30, -+ 0x1e, 0x17, 0x0d, 0x31, 0x34, 0x31, 0x30, 0x33, 0x31, 0x31, 0x34, 0x31, -+ 0x39, 0x32, 0x33, 0x5a, 0x17, 0x0d, 0x33, 0x37, 0x31, 0x30, 0x32, 0x35, -+ 0x31, 0x34, 0x31, 0x39, 0x32, 0x33, 0x5a, 0x30, 0x2f, 0x31, 0x2d, 0x30, -+ 0x2b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x52, 0x65, 0x64, 0x20, -+ 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, -+ 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, -+ 0x33, 0x20, 0x28, 0x62, 0x65, 0x74, 0x61, 0x29, 0x30, 0x82, 0x01, 0x22, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, -+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xbd, 0xda, 0xa1, 0xed, 0x8d, 0x8e, 0x15, -+ 0x5c, 0xf8, 0x01, 0x77, 0x48, 0x4a, 0x60, 0x96, 0xf9, 0x27, 0xfa, 0xe2, -+ 0xb1, 0x69, 0x0f, 0x51, 0x19, 0x52, 0x7e, 0xc4, 0x34, 0x8e, 0xe1, 0x9b, -+ 0x9c, 0xa4, 0xb1, 0x5c, 0xd6, 0x81, 0x98, 0x78, 0xfe, 0xa9, 0xe5, 0x0b, -+ 0x00, 0xba, 0x9c, 0x64, 0x7e, 0xc7, 0xcc, 0x72, 0xb1, 0x73, 0x4b, 0x11, -+ 0x07, 0x52, 0xf0, 0x20, 0x96, 0x8b, 0x99, 0x39, 0xde, 0xdb, 0xfa, 0x3d, -+ 0x45, 0xe2, 0x98, 0x7b, 0x0c, 0x41, 0xe4, 0x0c, 0xb5, 0x5d, 0x92, 0x74, -+ 0x39, 0x96, 0xe1, 0x97, 0x97, 0xa1, 0xad, 0x2e, 0xcc, 0xd0, 0x1b, 0x4d, -+ 0x9d, 0xbd, 0x3e, 0xa9, 0x36, 0x8e, 0xcc, 0xc7, 0x5f, 0x6a, 0x7d, 0x39, -+ 0x5e, 0x0b, 0x8d, 0xca, 0xe4, 0x83, 0xe9, 0x3b, 0x5c, 0x86, 0x47, 0xd4, -+ 0xba, 0x7d, 0x98, 0x26, 0xa1, 0xf4, 0xe8, 0x90, 0x6b, 0x0f, 0xf1, 0x6b, -+ 0x8c, 0xe3, 0xa2, 0x80, 0x3c, 0x96, 0xf1, 0x0a, 0xb6, 0x66, 0xc0, 0x4b, -+ 0x61, 0xf7, 0x74, 0xcd, 0xd3, 0x7b, 0x8e, 0x5e, 0x39, 0xda, 0x99, 0x20, -+ 0x33, 0x93, 0xd3, 0xf0, 0x7f, 0xad, 0x35, 0xe9, 0x88, 0x8d, 0x9c, 0xbf, -+ 0x65, 0xf1, 0x47, 0x02, 0xf9, 0x7c, 0xed, 0x27, 0x5f, 0x4a, 0x65, 0x3c, -+ 0xcf, 0x5f, 0x0e, 0x88, 0x95, 0x74, 0xde, 0xfb, 0x9e, 0x2e, 0x91, 0x9b, -+ 0x45, 0x37, 0xc8, 0x85, 0xff, 0xe3, 0x41, 0x70, 0xfe, 0xd5, 0xef, 0x0e, -+ 0x82, 0x22, 0x08, 0xb7, 0x3b, 0x44, 0x3e, 0xdc, 0x5b, 0x7f, 0xba, 0xbf, -+ 0xe6, 0x58, 0x9d, 0x02, 0x6e, 0x75, 0xbf, 0x50, 0xec, 0xcf, 0x3f, 0xa5, -+ 0x91, 0x0a, 0xe2, 0x59, 0x2c, 0xc3, 0xe7, 0x05, 0x03, 0xe8, 0xf2, 0x6f, -+ 0x2a, 0x04, 0x68, 0x9a, 0x31, 0x32, 0x8f, 0x04, 0x35, 0xcd, 0x1f, 0x34, -+ 0xcc, 0x4f, 0x79, 0x5a, 0x99, 0x8d, 0x9d, 0x5c, 0xf5, 0x02, 0x03, 0x01, -+ 0x00, 0x01, 0xa3, 0x5d, 0x30, 0x5b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, -+ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0b, 0x06, 0x03, -+ 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, -+ 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x65, 0xc5, 0xbe, 0xca, -+ 0xe6, 0x59, 0x6a, 0xfd, 0x6c, 0x71, 0xc4, 0xa7, 0x98, 0xc6, 0x25, 0x8d, -+ 0x7b, 0x67, 0x05, 0xd0, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, -+ 0x18, 0x30, 0x16, 0x80, 0x14, 0x81, 0xf8, 0xee, 0x47, 0x5c, 0x3e, 0xed, -+ 0xfb, 0xce, 0xa5, 0x84, 0xbe, 0xd7, 0xae, 0xdb, 0xd3, 0x7d, 0x64, 0xb3, -+ 0x2a, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, -+ 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x66, 0x1e, 0x3d, -+ 0x1d, 0x53, 0x33, 0xde, 0x4e, 0xc7, 0xc4, 0xf4, 0xdf, 0xda, 0x18, 0x19, -+ 0x8a, 0xa9, 0xff, 0xe2, 0x63, 0x2b, 0xbe, 0xf2, 0x61, 0x63, 0xe2, 0xf6, -+ 0xed, 0x47, 0x1a, 0x71, 0x02, 0xec, 0x2a, 0xef, 0x89, 0x77, 0xe3, 0xfd, -+ 0x86, 0x69, 0xf1, 0x3f, 0x0d, 0xf9, 0x6e, 0xf9, 0x3b, 0xad, 0x26, 0x47, -+ 0xb7, 0xf2, 0x0d, 0xad, 0x23, 0xa3, 0x67, 0x3b, 0xcb, 0x6d, 0x9e, 0x03, -+ 0x0f, 0xbc, 0x69, 0x73, 0x9f, 0xd4, 0xa5, 0x0f, 0x6f, 0xf8, 0xab, 0x4d, -+ 0x36, 0xd1, 0xe0, 0xe0, 0x5d, 0x20, 0x43, 0x90, 0xc4, 0x65, 0x61, 0x93, -+ 0xe2, 0x0f, 0x51, 0x59, 0x0a, 0xf7, 0x88, 0x70, 0x57, 0xb9, 0x04, 0xa9, -+ 0x32, 0x57, 0x9c, 0xb3, 0x57, 0x38, 0x8b, 0x8e, 0x46, 0xc8, 0x32, 0x6c, -+ 0xb4, 0xf3, 0x96, 0x7f, 0x4b, 0xf0, 0x88, 0xf9, 0x7f, 0xe2, 0x71, 0xe1, -+ 0x8b, 0xe2, 0x14, 0xf1, 0x4b, 0x25, 0x00, 0x48, 0x1c, 0x7e, 0xe5, 0x8d, -+ 0x65, 0x2d, 0xeb, 0x72, 0x4f, 0x92, 0x44, 0xf3, 0xe6, 0xe0, 0xd0, 0xdf, -+ 0x85, 0xa8, 0x13, 0x4a, 0xfb, 0x99, 0xca, 0x14, 0x2c, 0x97, 0x80, 0x93, -+ 0x27, 0xd3, 0x20, 0xf8, 0x6d, 0x29, 0x28, 0x2c, 0xb9, 0x77, 0xea, 0xb1, -+ 0x63, 0xbd, 0x7d, 0x53, 0xfd, 0x4a, 0x62, 0x64, 0x0b, 0x98, 0xa8, 0xae, -+ 0x11, 0xfc, 0x6e, 0x8d, 0x63, 0xd4, 0x15, 0x55, 0xc6, 0x4c, 0x74, 0xf5, -+ 0x5f, 0xa0, 0xb9, 0x2c, 0x2d, 0x9a, 0x7a, 0x87, 0x6e, 0xf0, 0x5e, 0x25, -+ 0xed, 0xfc, 0xd8, 0xc4, 0x34, 0x33, 0x32, 0xad, 0x01, 0xd4, 0x4b, 0x49, -+ 0x51, 0xc2, 0x07, 0x7f, 0x90, 0x6d, 0xea, 0xf5, 0x4c, 0x41, 0x71, 0x64, -+ 0xeb, 0x1f, 0x29, 0xa3, 0x1f, 0x64, 0xa2, 0x1e, 0x0e, 0x6f, 0xa1, 0x67, -+ 0x99, 0x8d, 0x98, 0x1c, 0xb8, 0x53, 0x9d, 0x30, 0x1d, 0xae, 0x32, 0x56, -+ 0xd2 -+}; -+unsigned int certificate_printable_der_len = 829; diff --git a/0179-appended-signatures-documentation.patch b/0179-appended-signatures-documentation.patch deleted file mode 100644 index 864cfa3198e02b1ccfc59fd49cdbda13e7818035..0000000000000000000000000000000000000000 --- a/0179-appended-signatures-documentation.patch +++ /dev/null @@ -1,341 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 1 Oct 2020 13:02:09 +1000 -Subject: [PATCH] appended signatures: documentation - -This explains how appended signatures can be used to form part of -a secure boot chain, and documents the commands and variables -introduced. - -Signed-off-by: Daniel Axtens ---- - docs/grub.texi | 199 ++++++++++++++++++++++++++++++++++++++++++++++++++++----- - 1 file changed, 182 insertions(+), 17 deletions(-) - -diff --git a/docs/grub.texi b/docs/grub.texi -index afbde7c1f7b..4816be85611 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -3214,6 +3214,7 @@ These variables have special meaning to GRUB. - - @menu - * biosnum:: -+* check_appended_signatures:: - * check_signatures:: - * chosen:: - * cmdpath:: -@@ -3273,11 +3274,18 @@ For an alternative approach which also changes BIOS drive mappings for the - chain-loaded system, @pxref{drivemap}. - - -+@node check_appended_signatures -+@subsection check_appended_signatures -+ -+This variable controls whether GRUB enforces appended signature validation on -+certain loaded files. @xref{Using appended signatures}. -+ -+ - @node check_signatures - @subsection check_signatures - --This variable controls whether GRUB enforces digital signature --validation on loaded files. @xref{Using digital signatures}. -+This variable controls whether GRUB enforces GPG-style digital signature -+validation on loaded files. @xref{Using GPG-style digital signatures}. - - @node chosen - @subsection chosen -@@ -3994,6 +4002,7 @@ you forget a command, you can run the command @command{help} - * date:: Display or set current date and time - * devicetree:: Load a device tree blob - * distrust:: Remove a pubkey from trusted keys -+* distrust_certificate:: Remove a certificate from the list of trusted certificates - * drivemap:: Map a drive to another - * echo:: Display a line of text - * eval:: Evaluate agruments as GRUB commands -@@ -4010,6 +4019,7 @@ you forget a command, you can run the command @command{help} - * keystatus:: Check key modifier status - * linux:: Load a Linux kernel - * linux16:: Load a Linux kernel (16-bit mode) -+* list_certificates:: List trusted certificates - * list_env:: List variables in environment block - * list_trusted:: List trusted public keys - * load_env:: Load variables from environment block -@@ -4047,8 +4057,10 @@ you forget a command, you can run the command @command{help} - * test:: Check file types and compare values - * true:: Do nothing, successfully - * trust:: Add public key to list of trusted keys -+* trust_certificate:: Add an x509 certificate to the list of trusted certificates - * unset:: Unset an environment variable - @comment * vbeinfo:: List available video modes -+* verify_appended:: Verify appended digital signature - * verify_detached:: Verify detached digital signature - * videoinfo:: List available video modes - @comment * xen_*:: Xen boot commands for AArch64 -@@ -4376,9 +4388,28 @@ These keys are used to validate signatures when environment variable - @code{check_signatures} is set to @code{enforce} - (@pxref{check_signatures}), and by some invocations of - @command{verify_detached} (@pxref{verify_detached}). @xref{Using --digital signatures}, for more information. -+GPG-style digital signatures}, for more information. - @end deffn - -+ -+@node distrust_certificate -+@subsection distrust_certificate -+ -+@deffn Command distrust_certificate cert_number -+Remove the x509 certificate numbered @var{cert_number} from GRUB's keyring of -+trusted x509 certificates for verifying appended signatures. -+ -+@var{cert_number} is the certificate number as listed by -+@command{list_certificates} (@pxref{list_certificates}). -+ -+These certificates are used to validate appended signatures when environment -+variable @code{check_appended_signatures} is set to @code{enforce} or -+@code{forced} (@pxref{check_appended_signatures}), and by -+@command{verify_appended} (@pxref{verify_appended}). See -+@xref{Using appended signatures} for more information. -+@end deffn -+ -+ - @node drivemap - @subsection drivemap - -@@ -4636,6 +4667,21 @@ This command is only available on x86 systems. - @end deffn - - -+@node list_certificates -+@subsection list_certificates -+ -+@deffn Command list_certificates -+List all x509 certificates trusted by GRUB for validating appended signatures. -+The output is a numbered list of certificates, showing the certificate's serial -+number and Common Name. -+ -+The certificate number can be used as an argument to -+@command{distrust_certificate} (@pxref{distrust_certificate}). -+ -+See @xref{Using appended signatures} for more information. -+@end deffn -+ -+ - @node list_env - @subsection list_env - -@@ -4655,7 +4701,7 @@ The output is in GPG's v4 key fingerprint format (i.e., the output of - @code{gpg --fingerprint}). The least significant four bytes (last - eight hexadecimal digits) can be used as an argument to - @command{distrust} (@pxref{distrust}). --@xref{Using digital signatures}, for more information about uses for -+@xref{Using GPG-style digital signatures}, for more information about uses for - these keys. - @end deffn - -@@ -4690,8 +4736,13 @@ When used with care, @option{--skip-sig} and the whitelist enable an - administrator to configure a system to boot only signed - configurations, but to allow the user to select from among multiple - configurations, and to enable ``one-shot'' boot attempts and --``savedefault'' behavior. @xref{Using digital signatures}, for more -+``savedefault'' behavior. @xref{Using GPG-style digital signatures}, for more - information. -+ -+Extra care should be taken when combining this command with appended signatures -+(@pxref{Using appended signatures}), as this file is not validated by an -+appended signature and could set @code{check_appended_signatures=no} if GRUB is -+not in @pxref{Lockdown} mode. - @end deffn - - -@@ -4987,7 +5038,7 @@ read. It is possible to modify a digitally signed environment block - file from within GRUB using this command, such that its signature will - no longer be valid on subsequent boots. Care should be taken in such - advanced configurations to avoid rendering the system --unbootable. @xref{Using digital signatures}, for more information. -+unbootable. @xref{Using GPG-style digital signatures}, for more information. - @end deffn - - -@@ -5387,11 +5438,32 @@ signatures when environment variable @code{check_signatures} is set to - must itself be properly signed. The @option{--skip-sig} option can be - used to disable signature-checking when reading @var{pubkey_file} - itself. It is expected that @option{--skip-sig} is useful for testing --and manual booting. @xref{Using digital signatures}, for more -+and manual booting. @xref{Using GPG-style digital signatures}, for more - information. - @end deffn - - -+@node trust_certificate -+@subsection trust_certificate -+ -+@deffn Command trust_certificate x509_certificate -+Read an DER-formatted x509 certificate from the file @var{x509_certificate} -+and add it to GRUB's internal list of trusted x509 certificates. These -+certificates are used to validate appended signatures when the environment -+variable @code{check_appended_signatures} is set to @code{enforce} or -+@code{forced}. -+ -+Note that if @code{check_appended_signatures} is set to @code{enforce} or -+@code{forced} when @command{trust_certificate} is executed, then -+@var{x509_certificate} must itself bear an appended signature. (It is not -+sufficient that @var{x509_certificate} be signed by a trusted certificate -+according to the x509 rules: grub does not include support for validating -+signatures within x509 certificates themselves.) -+ -+See @xref{Using appended signatures} for more information. -+@end deffn -+ -+ - @node unset - @subsection unset - -@@ -5410,6 +5482,18 @@ only on PC BIOS platforms. - @end deffn - @end ignore - -+@node verify_appended -+@subsection verify_appended -+ -+@deffn Command verify_appended file -+Verifies an appended signature on @var{file} against the trusted certificates -+known to GRUB (See @pxref{list_certificates}, @pxref{trust_certificate}, and -+@pxref{distrust_certificate}). -+ -+Exit code @code{$?} is set to 0 if the signature validates -+successfully. If validation fails, it is set to a non-zero value. -+See @xref{Using appended signatures}, for more information. -+@end deffn - - @node verify_detached - @subsection verify_detached -@@ -5428,7 +5512,7 @@ tried. - - Exit code @code{$?} is set to 0 if the signature validates - successfully. If validation fails, it is set to a non-zero value. --@xref{Using digital signatures}, for more information. -+@xref{Using GPG-style digital signatures}, for more information. - @end deffn - - @node videoinfo -@@ -5811,13 +5895,14 @@ environment variables and commands are listed in the same order. - @chapter Security - - @menu --* Authentication and authorisation:: Users and access control --* Using digital signatures:: Booting digitally signed code --* UEFI secure boot and shim:: Booting digitally signed PE files --* Secure Boot Advanced Targeting:: Embedded information for generation number based revocation --* Measured Boot:: Measuring boot components --* Lockdown:: Lockdown when booting on a secure setup --* Signing GRUB itself:: Ensuring the integrity of the GRUB core image -+* Authentication and authorisation:: Users and access control -+* Using GPG-style digital signatures:: Booting digitally signed code -+* Using appended signatures:: An alternative approach to booting digitally signed code -+* UEFI secure boot and shim:: Booting digitally signed PE files -+* Secure Boot Advanced Targeting:: Embedded information for generation number based revocation -+* Measured Boot:: Measuring boot components -+* Lockdown:: Lockdown when booting on a secure setup -+* Signing GRUB itself:: Ensuring the integrity of the GRUB core image - @end menu - - @node Authentication and authorisation -@@ -5891,8 +5976,8 @@ generating configuration files with authentication. You can use - adding @kbd{set superusers=} and @kbd{password} or @kbd{password_pbkdf2} - commands. - --@node Using digital signatures --@section Using digital signatures in GRUB -+@node Using GPG-style digital signatures -+@section Using GPG-style digital signatures in GRUB - - GRUB's @file{core.img} can optionally provide enforcement that all files - subsequently read from disk are covered by a valid digital signature. -@@ -5985,6 +6070,86 @@ or BIOS) configuration to cause the machine to boot from a different - (attacker-controlled) device. GRUB is at best only one link in a - secure boot chain. - -+@node Using appended signatures -+@section Using appended signatures in GRUB -+ -+GRUB supports verifying Linux-style 'appended signatures' for secure boot. -+Appended signatures are PKCS#7 messages containing a signature over the -+contents of a file, plus some metadata, appended to the end of a file. A file -+with an appended signature ends with the magic string: -+ -+@example -+~Module signature appended~\n -+@end example -+ -+where @code{\n} represents the line-feed character, @code{0x0a}. -+ -+Certificates can be managed at boot time using the @pxref{trust_certificate}, -+@pxref{distrust_certificate} and @pxref{list_certificates} commands. -+Certificates can also be built in to the core image using the @code{--x509} -+parameter to @command{grub-install} or @command{grub-mkimage}. -+ -+A file can be explictly verified using the @pxref{verify_appended} command. -+ -+Only signatures made with the SHA-256 or SHA-512 hash algorithm are supported, -+and only RSA signatures are supported. -+ -+A file can be signed with the @command{sign-file} utility supplied with the -+Linux kernel source. For example, if you have @code{signing.key} as the private -+key and @code{certificate.der} as the x509 certificate containing the public key: -+ -+@example -+sign-file SHA256 signing.key certificate.der vmlinux vmlinux.signed -+@end example -+ -+Enforcement of signature verification is controlled by the -+@code{check_appended_signatures} variable. -+ -+@itemize -+@item @samp{no}: no verification is performed. This is the default when GRUB -+ is not in @pxref{Lockdown} mode. -+@item @samp{enforce}: verification is performed. Verification can be disabled -+ by setting the variable back to @samp{no}. -+@item @samp{forced}: verification is performed and cannot be disabled. This is -+ set when GRUB is in Lockdown when the appendedsig module is loaded. -+@end itemize -+ -+Unlike GPG-style signatures, not all files loaded by GRUB are required to be -+signed. Once verification is turned on, the following file types will have -+appended signatures verified: -+ -+@itemize -+@item Linux kernels -+@item GRUB modules, except those built into the core image -+@item Any new certificate files to be trusted -+@end itemize -+ -+ACPI tables and Device Tree images will not be checked for appended signatures -+but must be verified by another mechanism such as GPG-style signatures before -+they will be loaded. -+ -+Unless lockdown mode is enabled, signature checking does @strong{not} -+stop an attacker with console access from dropping manually to the GRUB -+console and executing: -+ -+@example -+set check_appended_signatures=no -+@end example -+ -+Refer to the section on password-protecting GRUB (@pxref{Authentication -+and authorisation}) for more information on preventing this. -+ -+Additionally, unless lockdown mode is enabled: -+ -+@itemize -+@item Special care must be taken around the @command{loadenv} command, which -+ can be used to turn off @code{check_appended_signature}. -+ -+@item If the grub configuration file is loaded from the disk, anyone who can -+ modify the file on disk can turn off @code{check_appended_signature}. -+ Consider embedding the configuration into the core grub image. -+@end itemize -+ - @node UEFI secure boot and shim - @section UEFI secure boot and shim support - diff --git a/0180-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch b/0180-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch deleted file mode 100644 index 40c3b3e843aeb8ae83d43012f63e5d9bae11606c..0000000000000000000000000000000000000000 --- a/0180-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 28 Sep 2020 11:11:17 +1000 -Subject: [PATCH] ieee1275: enter lockdown based on /ibm,secure-boot - -If the 'ibm,secure-boot' property of the root node is 2 or greater, -enter lockdown. - -Signed-off-by: Daniel Axtens ---- - grub-core/Makefile.core.def | 1 + - grub-core/kern/ieee1275/init.c | 27 +++++++++++++++++++++++++++ - include/grub/lockdown.h | 3 ++- - docs/grub.texi | 4 ++-- - 4 files changed, 32 insertions(+), 3 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 6bddc841b85..3f3459b2c70 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -323,6 +323,7 @@ kernel = { - powerpc_ieee1275 = kern/powerpc/cache.S; - powerpc_ieee1275 = kern/powerpc/dl.c; - powerpc_ieee1275 = kern/powerpc/compiler-rt.S; -+ powerpc_ieee1275 = kern/lockdown.c; - - sparc64_ieee1275 = kern/sparc64/cache.S; - sparc64_ieee1275 = kern/sparc64/dl.c; -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index 937c1bc44cb..fc7d9712729 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -44,6 +44,7 @@ - #ifdef __sparc__ - #include - #endif -+#include - - /* The minimal heap size we can live with. */ - #define HEAP_MIN_SIZE (unsigned long) (2 * 1024 * 1024) -@@ -271,6 +272,30 @@ grub_parse_cmdline (void) - } - } - -+static void -+grub_get_ieee1275_secure_boot (void) -+{ -+ grub_ieee1275_phandle_t root; -+ int rc; -+ grub_uint32_t is_sb; -+ -+ grub_ieee1275_finddevice ("/", &root); -+ -+ rc = grub_ieee1275_get_integer_property (root, "ibm,secure-boot", &is_sb, -+ sizeof (is_sb), 0); -+ -+ /* ibm,secure-boot: -+ * 0 - disabled -+ * 1 - audit -+ * 2 - enforce -+ * 3 - enforce + OS-specific behaviour -+ * -+ * We only support enforce. -+ */ -+ if (rc >= 0 && is_sb >= 2) -+ grub_lockdown (); -+} -+ - grub_addr_t grub_modbase; - - void -@@ -296,6 +321,8 @@ grub_machine_init (void) - #else - grub_install_get_time_ms (grub_rtc_get_time_ms); - #endif -+ -+ grub_get_ieee1275_secure_boot (); - } - - void -diff --git a/include/grub/lockdown.h b/include/grub/lockdown.h -index 40531fa823b..ebfee4bf06e 100644 ---- a/include/grub/lockdown.h -+++ b/include/grub/lockdown.h -@@ -24,7 +24,8 @@ - #define GRUB_LOCKDOWN_DISABLED 0 - #define GRUB_LOCKDOWN_ENABLED 1 - --#ifdef GRUB_MACHINE_EFI -+#if defined(GRUB_MACHINE_EFI) || \ -+ (defined(__powerpc__) && defined(GRUB_MACHINE_IEEE1275)) - extern void - EXPORT_FUNC (grub_lockdown) (void); - extern int -diff --git a/docs/grub.texi b/docs/grub.texi -index 4816be85611..a4da9c2a1b9 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -6227,8 +6227,8 @@ Measured boot is currently only supported on EFI platforms. - @section Lockdown when booting on a secure setup - - The GRUB can be locked down when booted on a secure boot environment, for example --if the UEFI secure boot is enabled. On a locked down configuration, the GRUB will --be restricted and some operations/commands cannot be executed. -+if UEFI or Power secure boot is enabled. On a locked down configuration, the -+GRUB will be restricted and some operations/commands cannot be executed. - - The @samp{lockdown} variable is set to @samp{y} when the GRUB is locked down. - Otherwise it does not exit. diff --git a/0181-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch b/0181-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch deleted file mode 100644 index 52fa9d23ad87b40be5fd125a7df1ecac8726751c..0000000000000000000000000000000000000000 --- a/0181-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 14 Apr 2021 20:10:23 +1000 -Subject: [PATCH] ieee1275: drop HEAP_MAX_ADDR, HEAP_MIN_SIZE - -HEAP_MAX_ADDR is confusing. Currently it is set to 32MB, except -on ieee1275 on x86, where it is 64MB. - -There is a comment which purports to explain it: - -/* If possible, we will avoid claiming heap above this address, because it - seems to cause relocation problems with OSes that link at 4 MiB */ - -This doesn't make a lot of sense when the constants are well above 4MB -already. It was not always this way. Prior to -commit 7b5d0fe4440c ("Increase heap limit") in 2010, HEAP_MAX_SIZE and -HEAP_MAX_ADDR were indeed 4MB. However, when the constants were increased -the comment was left unchanged. - -It's been over a decade. It doesn't seem like we have problems with -claims over 4MB on powerpc or x86 ieee1275. (sparc does things completely -differently and never used the constant.) - -Drop the constant and the check. - -The only use of HEAP_MIN_SIZE was to potentially override the -HEAP_MAX_ADDR check. It is now unused. Remove it. - -Signed-off-by: Daniel Axtens ---- - grub-core/kern/ieee1275/init.c | 17 ----------------- - 1 file changed, 17 deletions(-) - -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index fc7d9712729..0dcd114ce54 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -46,9 +46,6 @@ - #endif - #include - --/* The minimal heap size we can live with. */ --#define HEAP_MIN_SIZE (unsigned long) (2 * 1024 * 1024) -- - /* The maximum heap size we're going to claim */ - #ifdef __i386__ - #define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024) -@@ -56,14 +53,6 @@ - #define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024) - #endif - --/* If possible, we will avoid claiming heap above this address, because it -- seems to cause relocation problems with OSes that link at 4 MiB */ --#ifdef __i386__ --#define HEAP_MAX_ADDR (unsigned long) (64 * 1024 * 1024) --#else --#define HEAP_MAX_ADDR (unsigned long) (32 * 1024 * 1024) --#endif -- - extern char _end[]; - - #ifdef __sparc__ -@@ -185,12 +174,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - if (*total + len > HEAP_MAX_SIZE) - len = HEAP_MAX_SIZE - *total; - -- /* Avoid claiming anything above HEAP_MAX_ADDR, if possible. */ -- if ((addr < HEAP_MAX_ADDR) && /* if it's too late, don't bother */ -- (addr + len > HEAP_MAX_ADDR) && /* if it wasn't available anyway, don't bother */ -- (*total + (HEAP_MAX_ADDR - addr) > HEAP_MIN_SIZE)) /* only limit ourselves when we can afford to */ -- len = HEAP_MAX_ADDR - addr; -- - /* In theory, firmware should already prevent this from happening by not - listing our own image in /memory/available. The check below is intended - as a safeguard in case that doesn't happen. However, it doesn't protect diff --git a/0182-ieee1275-claim-more-memory.patch b/0182-ieee1275-claim-more-memory.patch deleted file mode 100644 index 001a9df04b0b8148294a459f0235ea83ae393d0d..0000000000000000000000000000000000000000 --- a/0182-ieee1275-claim-more-memory.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 15 Apr 2020 23:28:29 +1000 -Subject: [PATCH] ieee1275: claim more memory - -On powerpc-ieee1275, we are running out of memory trying to verify -anything. This is because: - - - we have to load an entire file into memory to verify it. This is - extremely difficult to change with appended signatures. - - We only have 32MB of heap. - - Distro kernels are now often around 30MB. - -So we want to claim more memory from OpenFirmware for our heap. - -There are some complications: - - - The grub mm code isn't the only thing that will make claims on - memory from OpenFirmware: - - * PFW/SLOF will have claimed some for their own use. - - * The ieee1275 loader will try to find other bits of memory that we - haven't claimed to place the kernel and initrd when we go to boot. - - * Once we load Linux, it will also try to claim memory. It claims - memory without any reference to /memory/available, it just starts - at min(top of RMO, 768MB) and works down. So we need to avoid this - area. See arch/powerpc/kernel/prom_init.c as of v5.11. - - - The smallest amount of memory a ppc64 KVM guest can have is 256MB. - It doesn't work with distro kernels but can work with custom kernels. - We should maintain support for that. (ppc32 can boot with even less, - and we shouldn't break that either.) - - - Even if a VM has more memory, the memory OpenFirmware makes available - as Real Memory Area can be restricted. A freshly created LPAR on a - PowerVM machine is likely to have only 256MB available to OpenFirmware - even if it has many gigabytes of memory allocated. - -EFI systems will attempt to allocate 1/4th of the available memory, -clamped to between 1M and 1600M. That seems like a good sort of -approach, we just need to figure out if 1/4 is the right fraction -for us. - -We don't know in advance how big the kernel and initrd are going to be, -which makes figuring out how much memory we can take a bit tricky. - -To figure out how much memory we should leave unused, I looked at: - - - an Ubuntu 20.04.1 ppc64le pseries KVM guest: - vmlinux: ~30MB - initrd: ~50MB - - - a RHEL8.2 ppc64le pseries KVM guest: - vmlinux: ~30MB - initrd: ~30MB - -Ubuntu VMs struggle to boot with just 256MB under SLOF. -RHEL likewise has a higher minimum supported memory figure. -So lets first consider a distro kernel and 512MB of addressible memory. -(This is the default case for anything booting under PFW.) Say we lose -131MB to PFW (based on some tests). This leaves us 381MB. 1/4 of 381MB -is ~95MB. That should be enough to verify a 30MB vmlinux and should -leave plenty of space to load Linux and the initrd. - -If we consider 256MB of RMA under PFW, we have just 125MB remaining. 1/4 -of that is a smidge under 32MB, which gives us very poor odds of verifying -a distro-sized kernel. However, if we need 80MB just to put the kernel -and initrd in memory, we can't claim any more than 45MB anyway. So 1/4 -will do. We'll come back to this later. - -grub is always built as a 32-bit binary, even if it's loading a ppc64 -kernel. So we can't address memory beyond 4GB. This gives a natural cap -of 1GB for powerpc-ieee1275. - -Also apply this 1/4 approach to i386-ieee1275, but keep the 32MB cap. - -make check still works for both i386 and powerpc and I've booted -powerpc grub with this change under SLOF and PFW. - -Signed-off-by: Daniel Axtens ---- - grub-core/kern/ieee1275/init.c | 81 +++++++++++++++++++++++++++++++++--------- - docs/grub-dev.texi | 6 ++-- - 2 files changed, 69 insertions(+), 18 deletions(-) - -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index 0dcd114ce54..c61d91a0285 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -46,11 +46,12 @@ - #endif - #include - --/* The maximum heap size we're going to claim */ -+/* The maximum heap size we're going to claim. Not used by sparc. -+ We allocate 1/4 of the available memory under 4G, up to this limit. */ - #ifdef __i386__ - #define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024) --#else --#define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024) -+#else // __powerpc__ -+#define HEAP_MAX_SIZE (unsigned long) (1 * 1024 * 1024 * 1024) - #endif - - extern char _end[]; -@@ -147,16 +148,45 @@ grub_claim_heap (void) - + GRUB_KERNEL_MACHINE_STACK_SIZE), 0x200000); - } - #else --/* Helper for grub_claim_heap. */ -+/* Helper for grub_claim_heap on powerpc. */ -+static int -+heap_size (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, -+ void *data) -+{ -+ grub_uint32_t total = *(grub_uint32_t *)data; -+ -+ if (type != GRUB_MEMORY_AVAILABLE) -+ return 0; -+ -+ /* Do not consider memory beyond 4GB */ -+ if (addr > 0xffffffffUL) -+ return 0; -+ -+ if (addr + len > 0xffffffffUL) -+ len = 0xffffffffUL - addr; -+ -+ total += len; -+ *(grub_uint32_t *)data = total; -+ -+ return 0; -+} -+ - static int - heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - void *data) - { -- unsigned long *total = data; -+ grub_uint32_t total = *(grub_uint32_t *)data; - - if (type != GRUB_MEMORY_AVAILABLE) - return 0; - -+ /* Do not consider memory beyond 4GB */ -+ if (addr > 0xffffffffUL) -+ return 0; -+ -+ if (addr + len > 0xffffffffUL) -+ len = 0xffffffffUL - addr; -+ - if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_NO_PRE1_5M_CLAIM)) - { - if (addr + len <= 0x180000) -@@ -170,10 +200,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - } - len -= 1; /* Required for some firmware. */ - -- /* Never exceed HEAP_MAX_SIZE */ -- if (*total + len > HEAP_MAX_SIZE) -- len = HEAP_MAX_SIZE - *total; -- - /* In theory, firmware should already prevent this from happening by not - listing our own image in /memory/available. The check below is intended - as a safeguard in case that doesn't happen. However, it doesn't protect -@@ -185,6 +211,18 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - len = 0; - } - -+ /* If this block contains 0x30000000 (768MB), do not claim below that. -+ Linux likes to claim memory at min(RMO top, 768MB) and works down -+ without reference to /memory/available. */ -+ if ((addr < 0x30000000) && ((addr + len) > 0x30000000)) -+ { -+ len = len - (0x30000000 - addr); -+ addr = 0x30000000; -+ } -+ -+ if (len > total) -+ len = total; -+ - if (len) - { - grub_err_t err; -@@ -193,10 +231,12 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - if (err) - return err; - grub_mm_init_region ((void *) (grub_addr_t) addr, len); -+ total -= len; - } - -- *total += len; -- if (*total >= HEAP_MAX_SIZE) -+ *(grub_uint32_t *)data = total; -+ -+ if (total == 0) - return 1; - - return 0; -@@ -205,13 +245,22 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - static void - grub_claim_heap (void) - { -- unsigned long total = 0; -+ grub_uint32_t total = 0; - - if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM)) -- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, -- 1, &total); -- else -- grub_machine_mmap_iterate (heap_init, &total); -+ { -+ heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, -+ 1, &total); -+ return; -+ } -+ -+ grub_machine_mmap_iterate (heap_size, &total); -+ -+ total = total / 4; -+ if (total > HEAP_MAX_SIZE) -+ total = HEAP_MAX_SIZE; -+ -+ grub_machine_mmap_iterate (heap_init, &total); - } - #endif - -diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi -index 19f708ee662..90083772c8a 100644 ---- a/docs/grub-dev.texi -+++ b/docs/grub-dev.texi -@@ -1047,7 +1047,9 @@ space is limited to 4GiB. GRUB allocates pages from EFI for its heap, at most - 1.6 GiB. - - On i386-ieee1275 and powerpc-ieee1275 GRUB uses same stack as IEEE1275. --It allocates at most 32MiB for its heap. -+ -+On i386-ieee1275, GRUB allocates at most 32MiB for its heap. On -+powerpc-ieee1275, GRUB allocates up to 1GiB. - - On sparc64-ieee1275 stack is 256KiB and heap is 2MiB. - -@@ -1075,7 +1077,7 @@ In short: - @item i386-qemu @tab 60 KiB @tab < 4 GiB - @item *-efi @tab ? @tab < 1.6 GiB - @item i386-ieee1275 @tab ? @tab < 32 MiB --@item powerpc-ieee1275 @tab ? @tab < 32 MiB -+@item powerpc-ieee1275 @tab ? @tab < 1 GiB - @item sparc64-ieee1275 @tab 256KiB @tab 2 MiB - @item arm-uboot @tab 256KiB @tab 2 MiB - @item mips(el)-qemu_mips @tab 2MiB @tab 253 MiB diff --git a/0183-ieee1275-request-memory-with-ibm-client-architecture.patch b/0183-ieee1275-request-memory-with-ibm-client-architecture.patch deleted file mode 100644 index 6e6c1f0cf798dc4c9c7a5aca77cb1c9e6e26465f..0000000000000000000000000000000000000000 --- a/0183-ieee1275-request-memory-with-ibm-client-architecture.patch +++ /dev/null @@ -1,268 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 16 Apr 2021 11:48:46 +1000 -Subject: [PATCH] ieee1275: request memory with ibm,client-architecture-support - -On PowerVM, the first time we boot a Linux partition, we may only get -256MB of real memory area, even if the partition has more memory. - -This isn't really enough. Fortunately, the Power Architecture Platform -Reference (PAPR) defines a method we can call to ask for more memory. -This is part of the broad and powerful ibm,client-architecture-support -(CAS) method. - -CAS can do an enormous amount of things on a PAPR platform: as well as -asking for memory, you can set the supported processor level, the interrupt -controller, hash vs radix mmu, and so on. We want to touch as little of -this as possible because we don't want to step on the toes of the future OS. - -If: - - - we are running under what we think is PowerVM (compatible property of / - begins with "IBM"), and - - - the full amount of RMA is less than 512MB (as determined by the reg - property of /memory) - -then call CAS as follows: (refer to the Linux on Power Architecture -Reference, LoPAR, which is public, at B.5.2.3): - - - Use the "any" PVR value and supply 2 option vectors. - - - Set option vector 1 (PowerPC Server Processor Architecture Level) - to "ignore". - - - Set option vector 2 with default or Linux-like options, including a - min-rma-size of 512MB. - -This will cause a CAS reboot and the partition will restart with 512MB -of RMA. Grub will notice the 512MB and not call CAS again. - -(A partition can be configured with only 256MB of memory, which would -mean this request couldn't be satisfied, but PFW refuses to load with -only 256MB of memory, so it's a bit moot. SLOF will run fine with 256MB, -but we will never call CAS under qemu/SLOF because /compatible won't -begin with "IBM".) - -One of the first things Linux does while still running under OpenFirmware -is to call CAS with a much fuller set of options (including asking for -512MB of memory). This includes a much more restrictive set of PVR values -and processor support levels, and this will induce another reboot. On this -reboot grub will again notice the higher RMA, and not call CAS. We will get -to Linux, Linux will call CAS but because the values are now set for Linux -this will not induce another CAS reboot and we will finally boot. - -On all subsequent boots, everything will be configured with 512MB of RMA -and all the settings Linux likes, so there will be no further CAS reboots. - -(phyp is super sticky with the RMA size - it persists even on cold boots. -So if you've ever booted Linux in a partition, you'll probably never have -grub call CAS. It'll only ever fire the first time a partition loads grub, -or if you deliberately lower the amount of memory your partition has below -512MB.) - -Signed-off-by: Daniel Axtens ---- - grub-core/kern/ieee1275/cmain.c | 3 + - grub-core/kern/ieee1275/init.c | 144 ++++++++++++++++++++++++++++++++++++++- - include/grub/ieee1275/ieee1275.h | 8 ++- - 3 files changed, 152 insertions(+), 3 deletions(-) - -diff --git a/grub-core/kern/ieee1275/cmain.c b/grub-core/kern/ieee1275/cmain.c -index 04df9d2c667..6435628ec57 100644 ---- a/grub-core/kern/ieee1275/cmain.c -+++ b/grub-core/kern/ieee1275/cmain.c -@@ -127,6 +127,9 @@ grub_ieee1275_find_options (void) - break; - } - } -+ -+ if (grub_strncmp (tmp, "IBM,", 4) == 0) -+ grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY); - } - - if (is_smartfirmware) -diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c -index c61d91a0285..9704715c837 100644 ---- a/grub-core/kern/ieee1275/init.c -+++ b/grub-core/kern/ieee1275/init.c -@@ -242,6 +242,135 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, - return 0; - } - -+/* How much memory does OF believe it has? (regardless of whether -+ it's accessible or not) */ -+static grub_err_t -+grub_ieee1275_total_mem (grub_uint64_t *total) -+{ -+ grub_ieee1275_phandle_t root; -+ grub_ieee1275_phandle_t memory; -+ grub_uint32_t reg[4]; -+ grub_ssize_t reg_size; -+ grub_uint32_t address_cells = 1; -+ grub_uint32_t size_cells = 1; -+ grub_uint64_t size; -+ -+ /* If we fail to get to the end, report 0. */ -+ *total = 0; -+ -+ /* Determine the format of each entry in `reg'. */ -+ grub_ieee1275_finddevice ("/", &root); -+ grub_ieee1275_get_integer_property (root, "#address-cells", &address_cells, -+ sizeof address_cells, 0); -+ grub_ieee1275_get_integer_property (root, "#size-cells", &size_cells, -+ sizeof size_cells, 0); -+ -+ if (size_cells > address_cells) -+ address_cells = size_cells; -+ -+ /* Load `/memory/reg'. */ -+ if (grub_ieee1275_finddevice ("/memory", &memory)) -+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, -+ "couldn't find /memory node"); -+ if (grub_ieee1275_get_integer_property (memory, "reg", reg, -+ sizeof reg, ®_size)) -+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, -+ "couldn't examine /memory/reg property"); -+ if (reg_size < 0 || (grub_size_t) reg_size > sizeof (reg)) -+ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, -+ "/memory response buffer exceeded"); -+ -+ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_BROKEN_ADDRESS_CELLS)) -+ { -+ address_cells = 1; -+ size_cells = 1; -+ } -+ -+ /* Decode only the size */ -+ size = reg[address_cells]; -+ if (size_cells == 2) -+ size = (size << 32) | reg[address_cells + 1]; -+ -+ *total = size; -+ -+ return grub_errno; -+} -+ -+/* Based on linux - arch/powerpc/kernel/prom_init.c */ -+struct option_vector2 { -+ grub_uint8_t byte1; -+ grub_uint16_t reserved; -+ grub_uint32_t real_base; -+ grub_uint32_t real_size; -+ grub_uint32_t virt_base; -+ grub_uint32_t virt_size; -+ grub_uint32_t load_base; -+ grub_uint32_t min_rma; -+ grub_uint32_t min_load; -+ grub_uint8_t min_rma_percent; -+ grub_uint8_t max_pft_size; -+} __attribute__((packed)); -+ -+struct pvr_entry { -+ grub_uint32_t mask; -+ grub_uint32_t entry; -+}; -+ -+struct cas_vector { -+ struct { -+ struct pvr_entry terminal; -+ } pvr_list; -+ grub_uint8_t num_vecs; -+ grub_uint8_t vec1_size; -+ grub_uint8_t vec1; -+ grub_uint8_t vec2_size; -+ struct option_vector2 vec2; -+} __attribute__((packed)); -+ -+/* Call ibm,client-architecture-support to try to get more RMA. -+ We ask for 512MB which should be enough to verify a distro kernel. -+ We ignore most errors: if we don't succeed we'll proceed with whatever -+ memory we have. */ -+static void -+grub_ieee1275_ibm_cas (void) -+{ -+ int rc; -+ grub_ieee1275_ihandle_t root; -+ struct cas_args { -+ struct grub_ieee1275_common_hdr common; -+ grub_ieee1275_cell_t method; -+ grub_ieee1275_ihandle_t ihandle; -+ grub_ieee1275_cell_t cas_addr; -+ grub_ieee1275_cell_t result; -+ } args; -+ struct cas_vector vector = { -+ .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */ -+ .num_vecs = 2 - 1, -+ .vec1_size = 0, -+ .vec1 = 0x80, /* ignore */ -+ .vec2_size = 1 + sizeof(struct option_vector2) - 2, -+ .vec2 = { -+ 0, 0, -1, -1, -1, -1, -1, 512, -1, 0, 48 -+ }, -+ }; -+ -+ INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2); -+ args.method = (grub_ieee1275_cell_t)"ibm,client-architecture-support"; -+ rc = grub_ieee1275_open("/", &root); -+ if (rc) { -+ grub_error (GRUB_ERR_IO, "could not open root when trying to call CAS"); -+ return; -+ } -+ args.ihandle = root; -+ args.cas_addr = (grub_ieee1275_cell_t)&vector; -+ -+ grub_printf("Calling ibm,client-architecture-support..."); -+ IEEE1275_CALL_ENTRY_FN (&args); -+ grub_printf("done\n"); -+ -+ grub_ieee1275_close(root); -+} -+ - static void - grub_claim_heap (void) - { -@@ -249,11 +378,22 @@ grub_claim_heap (void) - - if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM)) - { -- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, -- 1, &total); -+ heap_init (GRUB_IEEE1275_STATIC_HEAP_START, -+ GRUB_IEEE1275_STATIC_HEAP_LEN, 1, &total); - return; - } - -+ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY)) -+ { -+ grub_uint64_t rma_size; -+ grub_err_t err; -+ -+ err = grub_ieee1275_total_mem (&rma_size); -+ /* if we have an error, don't call CAS, just hope for the best */ -+ if (!err && rma_size < (512 * 1024 * 1024)) -+ grub_ieee1275_ibm_cas(); -+ } -+ - grub_machine_mmap_iterate (heap_size, &total); - - total = total / 4; -diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h -index b5a1d49bbc3..e0a6c2ce1e6 100644 ---- a/include/grub/ieee1275/ieee1275.h -+++ b/include/grub/ieee1275/ieee1275.h -@@ -149,7 +149,13 @@ enum grub_ieee1275_flag - - GRUB_IEEE1275_FLAG_RAW_DEVNAMES, - -- GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT -+ GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT, -+ -+ /* On PFW, the first time we boot a Linux partition, we may only get 256MB -+ of real memory area, even if the partition has more memory. Set this flag -+ if we think we're running under PFW. Then, if this flag is set, and the -+ RMA is only 256MB in size, try asking for more with CAS. */ -+ GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY, - }; - - extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag); diff --git a/0184-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch b/0184-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch deleted file mode 100644 index a237a217af6c59c4de2a6f39131349acb18922d7..0000000000000000000000000000000000000000 --- a/0184-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch +++ /dev/null @@ -1,315 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Sat, 8 May 2021 02:27:58 +0200 -Subject: [PATCH] appendedsig/x509: Also handle the Extended Key Usage - extension - -Red Hat certificates have both Key Usage and Extended Key Usage extensions -present, but the appended signatures x509 parser doesn't handle the latter -and so buils due finding an unrecognised critical extension: - -Error loading initial key: -../../grub-core/commands/appendedsig/x509.c:780:Unhandled critical x509 extension with OID 2.5.29.37 - -Fix this by also parsing the Extended Key Usage extension and handle it by -verifying that the certificate has a single purpose, that is code signing. - -Signed-off-by: Javier Martinez Canillas -Signed-off-by: Daniel Axtens ---- - grub-core/commands/appendedsig/x509.c | 94 ++++++++++++++++++++++++++++++- - grub-core/tests/appended_signature_test.c | 29 +++++++++- - grub-core/tests/appended_signatures.h | 81 ++++++++++++++++++++++++++ - 3 files changed, 201 insertions(+), 3 deletions(-) - -diff --git a/grub-core/commands/appendedsig/x509.c b/grub-core/commands/appendedsig/x509.c -index 2b38b3670a2..42ec65c54aa 100644 ---- a/grub-core/commands/appendedsig/x509.c -+++ b/grub-core/commands/appendedsig/x509.c -@@ -47,6 +47,12 @@ const char *keyUsage_oid = "2.5.29.15"; - */ - const char *basicConstraints_oid = "2.5.29.19"; - -+/* -+ * RFC 5280 4.2.1.12 Extended Key Usage -+ */ -+const char *extendedKeyUsage_oid = "2.5.29.37"; -+const char *codeSigningUsage_oid = "1.3.6.1.5.5.7.3.3"; -+ - /* - * RFC 3279 2.3.1 - * -@@ -637,6 +643,77 @@ cleanup: - return err; - } - -+/* -+ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId -+ * -+ * KeyPurposeId ::= OBJECT IDENTIFIER -+ */ -+static grub_err_t -+verify_extended_key_usage (grub_uint8_t * value, int value_size) -+{ -+ asn1_node extendedasn; -+ int result, count; -+ grub_err_t err = GRUB_ERR_NONE; -+ char usage[MAX_OID_LEN]; -+ int usage_size = sizeof (usage); -+ -+ result = -+ asn1_create_element (_gnutls_pkix_asn, "PKIX1.ExtKeyUsageSyntax", -+ &extendedasn); -+ if (result != ASN1_SUCCESS) -+ { -+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "Could not create ASN.1 structure for Extended Key Usage"); -+ } -+ -+ result = asn1_der_decoding2 (&extendedasn, value, &value_size, -+ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error parsing DER for Extended Key Usage: %s", -+ asn1_error); -+ goto cleanup; -+ } -+ -+ /* -+ * If EKUs are present, there must be exactly 1 and it must be a -+ * codeSigning usage. -+ */ -+ result = asn1_number_of_elements(extendedasn, "", &count); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error counting number of Extended Key Usages: %s", -+ asn1_strerror (result)); -+ goto cleanup; -+ } -+ -+ result = asn1_read_value (extendedasn, "?1", usage, &usage_size); -+ if (result != ASN1_SUCCESS) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Error reading Extended Key Usage: %s", -+ asn1_strerror (result)); -+ goto cleanup; -+ } -+ -+ if (grub_strncmp (codeSigningUsage_oid, usage, usage_size) != 0) -+ { -+ err = -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unexpected Extended Key Usage OID, got: %s", -+ usage); -+ goto cleanup; -+ } -+ -+cleanup: -+ asn1_delete_structure (&extendedasn); -+ return err; -+} - - /* - * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension -@@ -660,7 +737,7 @@ verify_extensions (asn1_node cert) - { - int result; - int ext, num_extensions = 0; -- int usage_present = 0, constraints_present = 0; -+ int usage_present = 0, constraints_present = 0, extended_usage_present = 0; - char *oid_path, *critical_path, *value_path; - char extnID[MAX_OID_LEN]; - int extnID_size; -@@ -754,6 +831,15 @@ verify_extensions (asn1_node cert) - } - constraints_present++; - } -+ else if (grub_strncmp (extendedKeyUsage_oid, extnID, extnID_size) == 0) -+ { -+ err = verify_extended_key_usage (value, value_size); -+ if (err != GRUB_ERR_NONE) -+ { -+ goto cleanup_value; -+ } -+ extended_usage_present++; -+ } - else if (grub_strncmp ("TRUE", critical, critical_size) == 0) - { - /* -@@ -785,6 +871,12 @@ verify_extensions (asn1_node cert) - "Unexpected number of basic constraints extensions - expected 1, got %d", - constraints_present); - } -+ if (extended_usage_present > 1) -+ { -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "Unexpected number of Extended Key Usage extensions - expected 0 or 1, got %d", -+ extended_usage_present); -+ } - return GRUB_ERR_NONE; - - cleanup_value: -diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c -index 88a485200d8..dbba0616621 100644 ---- a/grub-core/tests/appended_signature_test.c -+++ b/grub-core/tests/appended_signature_test.c -@@ -111,6 +111,22 @@ static struct grub_procfs_entry certificate_printable_der_entry = { - .get_contents = get_certificate_printable_der - }; - -+static char * -+get_certificate_eku_der (grub_size_t * sz) -+{ -+ char *ret; -+ *sz = certificate_eku_der_len; -+ ret = grub_malloc (*sz); -+ if (ret) -+ grub_memcpy (ret, certificate_eku_der, *sz); -+ return ret; -+} -+ -+static struct grub_procfs_entry certificate_eku_der_entry = { -+ .name = "certificate_eku.der", -+ .get_contents = get_certificate_eku_der -+}; -+ - - static void - do_verify (const char *f, int is_valid) -@@ -149,6 +165,7 @@ appended_signature_test (void) - char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL }; - char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der", - NULL }; -+ char *trust_args_eku[] = { (char *) "(proc)/certificate_eku.der", NULL }; - char *distrust_args[] = { (char *) "1", NULL }; - char *distrust2_args[] = { (char *) "2", NULL }; - grub_err_t err; -@@ -157,6 +174,7 @@ appended_signature_test (void) - grub_procfs_register ("certificate2.der", &certificate2_der_entry); - grub_procfs_register ("certificate_printable.der", - &certificate_printable_der_entry); -+ grub_procfs_register ("certificate_eku.der", &certificate_eku_der_entry); - - cmd_trust = grub_command_find ("trust_certificate"); - if (!cmd_trust) -@@ -266,16 +284,23 @@ appended_signature_test (void) - - /* - * Lastly, check a certificate that uses printableString rather than -- * utf8String loads properly. -+ * utf8String loads properly, and that a certificate with an appropriate -+ * extended key usage loads. - */ - err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable); - grub_test_assert (err == GRUB_ERR_NONE, -- "distrusting printable certificate failed: %d: %s", -+ "trusting printable certificate failed: %d: %s", -+ grub_errno, grub_errmsg); -+ -+ err = (cmd_trust->func) (cmd_trust, 1, trust_args_eku); -+ grub_test_assert (err == GRUB_ERR_NONE, -+ "trusting certificate with extended key usage failed: %d: %s", - grub_errno, grub_errmsg); - - grub_procfs_unregister (&certificate_der_entry); - grub_procfs_unregister (&certificate2_der_entry); - grub_procfs_unregister (&certificate_printable_der_entry); -+ grub_procfs_unregister (&certificate_eku_der_entry); - } - - GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test); -diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h -index aa3dc6278e3..2e5ebd7d8bd 100644 ---- a/grub-core/tests/appended_signatures.h -+++ b/grub-core/tests/appended_signatures.h -@@ -555,3 +555,84 @@ unsigned char certificate_printable_der[] = { - 0xd2 - }; - unsigned int certificate_printable_der_len = 829; -+ -+unsigned char certificate_eku_der[] = { -+ 0x30, 0x82, 0x03, 0x90, 0x30, 0x82, 0x02, 0x78, 0xa0, 0x03, 0x02, 0x01, -+ 0x02, 0x02, 0x09, 0x00, 0xd3, 0x9c, 0x41, 0x33, 0xdd, 0x6b, 0x5f, 0x45, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x0b, 0x05, 0x00, 0x30, 0x47, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, -+ 0x04, 0x03, 0x0c, 0x18, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, -+ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, -+ 0x43, 0x41, 0x20, 0x36, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2a, 0x86, -+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x13, 0x73, 0x65, 0x63, -+ 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, 0x64, 0x68, 0x61, 0x74, -+ 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, -+ 0x31, 0x35, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, 0x17, 0x0d, 0x33, -+ 0x38, 0x30, 0x31, 0x31, 0x37, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, -+ 0x30, 0x4e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, -+ 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63, -+ 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67, -+ 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x36, 0x30, 0x32, 0x31, 0x22, 0x30, 0x20, -+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, -+ 0x13, 0x73, 0x65, 0x63, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, -+ 0x64, 0x68, 0x61, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, -+ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, -+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, -+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xaa, 0x6f, 0xbb, 0x92, 0x77, 0xd7, 0x15, -+ 0xef, 0x88, 0x80, 0x88, 0xc0, 0xe7, 0x89, 0xeb, 0x35, 0x76, 0xf4, 0x85, -+ 0x05, 0x0f, 0x19, 0xe4, 0x5f, 0x25, 0xdd, 0xc1, 0xa2, 0xe5, 0x5c, 0x06, -+ 0xfb, 0xf1, 0x06, 0xb5, 0x65, 0x45, 0xcb, 0xbd, 0x19, 0x33, 0x54, 0xb5, -+ 0x1a, 0xcd, 0xe4, 0xa8, 0x35, 0x2a, 0xfe, 0x9c, 0x53, 0xf4, 0xc6, 0x76, -+ 0xdb, 0x1f, 0x8a, 0xd4, 0x7b, 0x18, 0x11, 0xaf, 0xa3, 0x90, 0xd4, 0xdd, -+ 0x4d, 0xd5, 0x42, 0xcc, 0x14, 0x9a, 0x64, 0x6b, 0xc0, 0x7f, 0xaa, 0x1c, -+ 0x94, 0x47, 0x4d, 0x79, 0xbd, 0x57, 0x9a, 0xbf, 0x99, 0x4e, 0x96, 0xa9, -+ 0x31, 0x2c, 0xa9, 0xe7, 0x14, 0x65, 0x86, 0xc8, 0xac, 0x79, 0x5e, 0x78, -+ 0xa4, 0x3c, 0x00, 0x24, 0xd3, 0xf7, 0xe1, 0xf5, 0x12, 0xad, 0xa0, 0x29, -+ 0xe5, 0xfe, 0x80, 0xae, 0xf8, 0xaa, 0x60, 0x36, 0xe7, 0xe8, 0x94, 0xcb, -+ 0xe9, 0xd1, 0xcc, 0x0b, 0x4d, 0xf7, 0xde, 0xeb, 0x52, 0xd2, 0x73, 0x09, -+ 0x28, 0xdf, 0x48, 0x99, 0x53, 0x9f, 0xc5, 0x9a, 0xd4, 0x36, 0xa3, 0xc6, -+ 0x5e, 0x8d, 0xbe, 0xd5, 0xdc, 0x76, 0xb4, 0x74, 0xb8, 0x26, 0x18, 0x27, -+ 0xfb, 0xf2, 0xfb, 0xd0, 0x9b, 0x3d, 0x7f, 0x10, 0xe2, 0xab, 0x44, 0xc7, -+ 0x88, 0x7f, 0xb4, 0x3d, 0x3e, 0xa3, 0xff, 0x6d, 0x06, 0x4b, 0x3e, 0x55, -+ 0xb2, 0x84, 0xf4, 0xad, 0x54, 0x88, 0x81, 0xc3, 0x9c, 0xf8, 0xb6, 0x68, -+ 0x96, 0x38, 0x8b, 0xcd, 0x90, 0x6d, 0x25, 0x4b, 0xbf, 0x0c, 0x44, 0x90, -+ 0xa5, 0x5b, 0x98, 0xd0, 0x40, 0x2f, 0xbb, 0x0d, 0xa8, 0x4b, 0x8a, 0x62, -+ 0x82, 0x46, 0x46, 0x18, 0x38, 0xae, 0x82, 0x07, 0xd0, 0xb4, 0x2f, 0x16, -+ 0x79, 0x55, 0x9f, 0x1b, 0xc5, 0x08, 0x6d, 0x85, 0xdf, 0x3f, 0xa9, 0x9b, -+ 0x4b, 0xc6, 0x28, 0xd3, 0x58, 0x72, 0x3d, 0x37, 0x11, 0x02, 0x03, 0x01, -+ 0x00, 0x01, 0xa3, 0x78, 0x30, 0x76, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, -+ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, -+ 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, -+ 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, -+ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03, -+ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6c, -+ 0xe4, 0x6c, 0x27, 0xaa, 0xcd, 0x0d, 0x4b, 0x74, 0x21, 0xa4, 0xf6, 0x5f, -+ 0x87, 0xb5, 0x31, 0xfe, 0x10, 0xbb, 0xa7, 0x30, 0x1f, 0x06, 0x03, 0x55, -+ 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xe8, 0x6a, 0x1c, 0xab, -+ 0x2c, 0x48, 0xf9, 0x60, 0x36, 0xa2, 0xf0, 0x7b, 0x8e, 0xd2, 0x9d, 0xb4, -+ 0x2a, 0x28, 0x98, 0xc8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, -+ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, -+ 0x55, 0x34, 0xe2, 0xfa, 0xf6, 0x89, 0x86, 0xad, 0x92, 0x21, 0xec, 0xb9, -+ 0x54, 0x0e, 0x18, 0x47, 0x0d, 0x1b, 0xa7, 0x58, 0xad, 0x69, 0xe4, 0xef, -+ 0x3b, 0xe6, 0x8d, 0xdd, 0xda, 0x0c, 0x45, 0xf6, 0xe8, 0x96, 0xa4, 0x29, -+ 0x0f, 0xbb, 0xcf, 0x16, 0xae, 0x93, 0xd0, 0xcb, 0x2a, 0x26, 0x1a, 0x7b, -+ 0xfc, 0x51, 0x22, 0x76, 0x98, 0x31, 0xa7, 0x0f, 0x29, 0x35, 0x79, 0xbf, -+ 0xe2, 0x4f, 0x0f, 0x14, 0xf5, 0x1f, 0xcb, 0xbf, 0x87, 0x65, 0x13, 0x32, -+ 0xa3, 0x19, 0x4a, 0xd1, 0x3f, 0x45, 0xd4, 0x4b, 0xe2, 0x00, 0x26, 0xa9, -+ 0x3e, 0xd7, 0xa5, 0x37, 0x9f, 0xf5, 0xad, 0x61, 0xe2, 0x40, 0xa9, 0x74, -+ 0x24, 0x53, 0xf2, 0x78, 0xeb, 0x10, 0x9b, 0x2c, 0x27, 0x88, 0x46, 0xcb, -+ 0xe4, 0x60, 0xca, 0xf5, 0x06, 0x24, 0x40, 0x2a, 0x97, 0x3a, 0xcc, 0xd0, -+ 0x81, 0xb1, 0x15, 0xa3, 0x4f, 0xd0, 0x2b, 0x4f, 0xca, 0x6e, 0xaa, 0x24, -+ 0x31, 0xb3, 0xac, 0xa6, 0x75, 0x05, 0xfe, 0x8a, 0xf4, 0x41, 0xc4, 0x06, -+ 0x8a, 0xc7, 0x0a, 0x83, 0x4e, 0x49, 0xd4, 0x3f, 0x83, 0x50, 0xec, 0x57, -+ 0x04, 0x97, 0x14, 0x49, 0xf5, 0xe1, 0xb1, 0x7a, 0x9c, 0x09, 0x4f, 0x61, -+ 0x87, 0xc3, 0x97, 0x22, 0x17, 0xc2, 0xeb, 0xcc, 0x32, 0x81, 0x31, 0x21, -+ 0x3f, 0x10, 0x57, 0x5b, 0x43, 0xbe, 0xcd, 0x68, 0x82, 0xbe, 0xe5, 0xc1, -+ 0x65, 0x94, 0x7e, 0xc2, 0x34, 0x76, 0x2b, 0xcf, 0x89, 0x3c, 0x2b, 0x81, -+ 0x23, 0x72, 0x95, 0xcf, 0xc9, 0x67, 0x19, 0x2a, 0xd5, 0x5c, 0xca, 0xa3, -+ 0x46, 0xbd, 0x48, 0x06, 0x0b, 0xa6, 0xa3, 0x96, 0x50, 0x28, 0xc7, 0x7e, -+ 0xcf, 0x62, 0xf2, 0xfa, 0xc4, 0xf2, 0x53, 0xe3, 0xc9, 0xe8, 0x2e, 0xdd, -+ 0x29, 0x37, 0x07, 0x47, 0xff, 0xff, 0x8a, 0x32, 0xbd, 0xa2, 0xb7, 0x21, -+ 0x89, 0xa0, 0x55, 0xf7 -+}; -+unsigned int certificate_eku_der_len = 916; diff --git a/0185-ieee1275-ofdisk-retry-on-open-failure.patch b/0185-ieee1275-ofdisk-retry-on-open-failure.patch deleted file mode 100644 index 275d14f45411b4273c85451f947e6b5855fc38d9..0000000000000000000000000000000000000000 --- a/0185-ieee1275-ofdisk-retry-on-open-failure.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Diego Domingos -Date: Wed, 10 Mar 2021 14:17:52 -0500 -Subject: [PATCH] ieee1275/ofdisk: retry on open failure - -This patch aims to make grub more robust when booting from SAN/Multipath disks. - -If a path is failing intermittently so grub will retry the OPEN and READ the -disk (grub_ieee1275_open and grub_ieee1275_read) until the total amount of times -specified in MAX_RETRIES. - -Signed-off-by: Diego Domingos ---- - grub-core/disk/ieee1275/ofdisk.c | 25 ++++++++++++++++++++----- - include/grub/ieee1275/ofdisk.h | 8 ++++++++ - 2 files changed, 28 insertions(+), 5 deletions(-) - -diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c -index ea7f78ac7d8..55346849d35 100644 ---- a/grub-core/disk/ieee1275/ofdisk.c -+++ b/grub-core/disk/ieee1275/ofdisk.c -@@ -225,7 +225,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) - char *buf, *bufptr; - unsigned i; - -- if (grub_ieee1275_open (alias->path, &ihandle)) -+ -+ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle) -+ if (! ihandle) - return; - - /* This method doesn't need memory allocation for the table. Open -@@ -305,7 +307,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) - return; - } - -- if (grub_ieee1275_open (alias->path, &ihandle)) -+ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle); -+ -+ if (! ihandle) - { - grub_free (buf); - grub_free (table); -@@ -495,7 +499,7 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) - last_ihandle = 0; - last_devpath = NULL; - -- grub_ieee1275_open (op->open_path, &last_ihandle); -+ RETRY_IEEE1275_OFDISK_OPEN(op->open_path, &last_ihandle); - if (! last_ihandle) - return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); - last_devpath = op->open_path; -@@ -571,7 +575,7 @@ grub_ofdisk_prepare (grub_disk_t disk, grub_disk_addr_t sector) - last_ihandle = 0; - last_devpath = NULL; - -- grub_ieee1275_open (disk->data, &last_ihandle); -+ RETRY_IEEE1275_OFDISK_OPEN(disk->data, &last_ihandle); - if (! last_ihandle) - return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); - last_devpath = disk->data; -@@ -598,12 +602,23 @@ grub_ofdisk_read (grub_disk_t disk, grub_disk_addr_t sector, - return err; - grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, - &actual); -- if (actual != (grub_ssize_t) (size << disk->log_sector_size)) -+ int i = 0; -+ while(actual != (grub_ssize_t) (size << disk->log_sector_size)){ -+ if (i>MAX_RETRIES){ - return grub_error (GRUB_ERR_READ_ERROR, N_("failure reading sector 0x%llx " - "from `%s'"), - (unsigned long long) sector, - disk->name); -+ } -+ last_devpath = NULL; -+ err = grub_ofdisk_prepare (disk, sector); -+ if (err) -+ return err; - -+ grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, -+ &actual); -+ i++; -+ } - return 0; - } - -diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h -index 2f69e3f191d..7d2d5409305 100644 ---- a/include/grub/ieee1275/ofdisk.h -+++ b/include/grub/ieee1275/ofdisk.h -@@ -22,4 +22,12 @@ - extern void grub_ofdisk_init (void); - extern void grub_ofdisk_fini (void); - -+#define MAX_RETRIES 20 -+ -+ -+#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \ -+ if(!grub_ieee1275_open(device, last_ihandle)) \ -+ break; \ -+ grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); } -+ - #endif /* ! GRUB_INIT_HEADER */ diff --git a/0186-Allow-chainloading-EFI-apps-from-loop-mounts.patch b/0186-Allow-chainloading-EFI-apps-from-loop-mounts.patch deleted file mode 100644 index 66e61a7ec3d4d09b69934b7795aee7ad64f57a61..0000000000000000000000000000000000000000 --- a/0186-Allow-chainloading-EFI-apps-from-loop-mounts.patch +++ /dev/null @@ -1,138 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Fri, 11 Jun 2021 13:51:20 +0200 -Subject: [PATCH] Allow chainloading EFI apps from loop mounts. - -Signed-off-by: Dimitri John Ledkov -Signed-off-by: Robbie Harwood ---- - grub-core/disk/loopback.c | 9 +-------- - grub-core/loader/efi/chainloader.c | 23 +++++++++++++++++++++++ - include/grub/loopback.h | 30 ++++++++++++++++++++++++++++++ - 3 files changed, 54 insertions(+), 8 deletions(-) - create mode 100644 include/grub/loopback.h - -diff --git a/grub-core/disk/loopback.c b/grub-core/disk/loopback.c -index 41bebd14fe3..99f47924ec2 100644 ---- a/grub-core/disk/loopback.c -+++ b/grub-core/disk/loopback.c -@@ -21,20 +21,13 @@ - #include - #include - #include -+#include - #include - #include - #include - - GRUB_MOD_LICENSE ("GPLv3+"); - --struct grub_loopback --{ -- char *devname; -- grub_file_t file; -- struct grub_loopback *next; -- unsigned long id; --}; -- - static struct grub_loopback *loopback_list; - static unsigned long last_id = 0; - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index d41e8ea14a8..3af6b122926 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -901,6 +902,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_status_t status; - grub_efi_boot_services_t *b; - grub_device_t dev = 0; -+ grub_device_t orig_dev = 0; - grub_efi_device_path_t *dp = 0; - char *filename; - void *boot_image = 0; -@@ -958,6 +960,15 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - if (! dev) - goto fail; - -+ /* if device is loopback, use underlying dev */ -+ if (dev->disk->dev->id == GRUB_DISK_DEVICE_LOOPBACK_ID) -+ { -+ struct grub_loopback *d; -+ orig_dev = dev; -+ d = dev->disk->data; -+ dev = d->file->device; -+ } -+ - if (dev->disk) - dev_handle = grub_efidisk_get_device_handle (dev->disk); - else if (dev->net && dev->net->server) -@@ -1065,6 +1076,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -+ if (orig_dev) -+ { -+ dev = orig_dev; -+ orig_dev = 0; -+ } -+ - rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); - grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); - if (rc > 0) -@@ -1087,6 +1104,12 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - // -1 fall-through to fail - - fail: -+ if (orig_dev) -+ { -+ dev = orig_dev; -+ orig_dev = 0; -+ } -+ - if (dev) - grub_device_close (dev); - -diff --git a/include/grub/loopback.h b/include/grub/loopback.h -new file mode 100644 -index 00000000000..3b9a9e32e80 ---- /dev/null -+++ b/include/grub/loopback.h -@@ -0,0 +1,30 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2019 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_LOOPBACK_HEADER -+#define GRUB_LOOPBACK_HEADER 1 -+ -+struct grub_loopback -+{ -+ char *devname; -+ grub_file_t file; -+ struct grub_loopback *next; -+ unsigned long id; -+}; -+ -+#endif /* ! GRUB_LOOPBACK_HEADER */ diff --git a/0187-efinet-Add-DHCP-proxy-support.patch b/0187-efinet-Add-DHCP-proxy-support.patch deleted file mode 100644 index dcaac6fb39cc5c82e7a1beff8be45c80a4a599a9..0000000000000000000000000000000000000000 --- a/0187-efinet-Add-DHCP-proxy-support.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Ian Page Hands -Date: Tue, 8 Jun 2021 13:48:56 -0400 -Subject: [PATCH] efinet: Add DHCP proxy support - -If a proxyDHCP configuration is used, the server name, server IP and boot -file values should be taken from the DHCP proxy offer instead of the DHCP -server ack packet. Currently that case is not handled, add support for it. - -Signed-off-by: Ian Page Hands -Signed-off-by: Robbie Harwood ---- - grub-core/net/drivers/efi/efinet.c | 25 +++++++++++++++++++++++-- - 1 file changed, 23 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index e11d759f19a..1a24f38a21a 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -850,10 +850,31 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device, - else - { - grub_dprintf ("efinet", "using ipv4 and dhcp\n"); -+ -+ struct grub_net_bootp_packet *dhcp_ack = &pxe_mode->dhcp_ack; -+ -+ if (pxe_mode->proxy_offer_received) -+ { -+ grub_dprintf ("efinet", "proxy offer receive"); -+ struct grub_net_bootp_packet *proxy_offer = &pxe_mode->proxy_offer; -+ -+ if (proxy_offer && dhcp_ack->boot_file[0] == '\0') -+ { -+ grub_dprintf ("efinet", "setting values from proxy offer"); -+ /* Here we got a proxy offer and the dhcp_ack has a nil boot_file -+ * Copy the proxy DHCP offer details into the bootp_packet we are -+ * sending forward as they are the deatils we need. -+ */ -+ *dhcp_ack->server_name = *proxy_offer->server_name; -+ *dhcp_ack->boot_file = *proxy_offer->boot_file; -+ dhcp_ack->server_ip = proxy_offer->server_ip; -+ } -+ } -+ - grub_net_configure_by_dhcp_ack (card->name, card, 0, - (struct grub_net_bootp_packet *) -- packet_buf, -- packet_bufsz, -+ &pxe_mode->dhcp_ack, -+ sizeof (pxe_mode->dhcp_ack), - 1, device, path); - grub_dprintf ("efinet", "device: `%s' path: `%s'\n", *device, *path); - } diff --git a/0188-fs-ext2-Ignore-checksum-seed-incompat-feature.patch b/0188-fs-ext2-Ignore-checksum-seed-incompat-feature.patch deleted file mode 100644 index b4a5fd4ddfd9c0cec1c37c7ca8dfdb59ce380fa4..0000000000000000000000000000000000000000 --- a/0188-fs-ext2-Ignore-checksum-seed-incompat-feature.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Fri, 11 Jun 2021 00:01:29 +0200 -Subject: [PATCH] fs/ext2: Ignore checksum seed incompat feature - -This incompat feature is used to denote that the filesystem stored its -metadata checksum seed in the superblock. This is used to allow tune2fs -to change the UUID on a mounted metadata_csum filesystem without having -to rewrite all the disk metadata. - -But GRUB doesn't use the metadata checksum in anyway, so can just ignore -this feature if is enabled. This is consistent with GRUB filesystem code -in general which just does a best effort to access the filesystem's data. - -It may be removed from the ignored list in the future if supports to do -metadata checksumming verification is added to the read-only FS driver. - -Suggested-by: Eric Sandeen -Suggested-by: Lukas Czerner -Signed-off-by: Javier Martinez Canillas ---- - grub-core/fs/ext2.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/ext2.c b/grub-core/fs/ext2.c -index e7dd78e6635..731d346f886 100644 ---- a/grub-core/fs/ext2.c -+++ b/grub-core/fs/ext2.c -@@ -103,6 +103,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define EXT4_FEATURE_INCOMPAT_64BIT 0x0080 - #define EXT4_FEATURE_INCOMPAT_MMP 0x0100 - #define EXT4_FEATURE_INCOMPAT_FLEX_BG 0x0200 -+#define EXT4_FEATURE_INCOMPAT_CSUM_SEED 0x2000 - #define EXT4_FEATURE_INCOMPAT_ENCRYPT 0x10000 - - /* The set of back-incompatible features this driver DOES support. Add (OR) -@@ -123,9 +124,16 @@ GRUB_MOD_LICENSE ("GPLv3+"); - * mmp: Not really back-incompatible - was added as such to - * avoid multiple read-write mounts. Safe to ignore for this - * RO driver. -+ * checksum seed: Not really back-incompatible - was added to allow tools -+ * such as tune2fs to change the UUID on a mounted metadata -+ * checksummed filesystem. Safe to ignore for now since the -+ * driver doesn't support checksum verification. But it must -+ * be removed from this list if that support is added later. -+ * - */ - #define EXT2_DRIVER_IGNORED_INCOMPAT ( EXT3_FEATURE_INCOMPAT_RECOVER \ -- | EXT4_FEATURE_INCOMPAT_MMP) -+ | EXT4_FEATURE_INCOMPAT_MMP \ -+ | EXT4_FEATURE_INCOMPAT_CSUM_SEED) - - - #define EXT3_JOURNAL_MAGIC_NUMBER 0xc03b3998U diff --git a/0189-Don-t-update-the-cmdline-when-generating-legacy-menu.patch b/0189-Don-t-update-the-cmdline-when-generating-legacy-menu.patch deleted file mode 100644 index 2e13f399aa675fcc8d2c3bff461978cb625830bc..0000000000000000000000000000000000000000 --- a/0189-Don-t-update-the-cmdline-when-generating-legacy-menu.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Thu, 17 Jun 2021 14:31:42 +0200 -Subject: [PATCH] Don't update the cmdline when generating legacy menuentry - commands - -On OPAL ppc64le machines with an old petitboot version that doesn't have -support to parse BLS snippets, the grub2-mkconfig script is executed to -generate menuentry commands from the BLS snippets. - -In this case, the script is executed with the --no-grubenv-update option -that indicates that no side effects should happen when running the script. - -But the options field in the BLS snippets are updated regardless, only do -the update if --no-grubenv-update was not used. - -Signed-off-by: Javier Martinez Canillas ---- - util/grub.d/10_linux.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 6bceabf3dc9..b95a9a8d7ca 100644 ---- a/util/grub.d/10_linux.in -+++ b/util/grub.d/10_linux.in -@@ -261,7 +261,9 @@ if [ -z "\${kernelopts}" ]; then - fi - EOF - -- update_bls_cmdline -+ if [ "x${GRUB_GRUBENV_UPDATE}" = "xyes" ]; then -+ update_bls_cmdline -+ fi - - if [ "x${BLS_POPULATE_MENU}" = "xtrue" ]; then - populate_menu diff --git a/0190-Suppress-gettext-error-message.patch b/0190-Suppress-gettext-error-message.patch deleted file mode 100644 index c42dd0d53118d24b9b4cea22f13e6b65584ea4ac..0000000000000000000000000000000000000000 --- a/0190-Suppress-gettext-error-message.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Paulo Flabiano Smorigo -Date: Tue, 29 Jun 2021 13:17:42 +0200 -Subject: [PATCH] Suppress gettext error message - -Colin Watson's patch from comment #11 on the upstream bug: -https://savannah.gnu.org/bugs/?35880#comment11 - -Resolves: rhbz#1592124 - -Signed-off-by: Paulo Flabiano Smorigo ---- - grub-core/gettext/gettext.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c -index 4d02e62c109..7ec81ca0b48 100644 ---- a/grub-core/gettext/gettext.c -+++ b/grub-core/gettext/gettext.c -@@ -424,6 +424,13 @@ grub_gettext_init_ext (struct grub_gettext_context *ctx, - grub_free (lang); - } - -+ /* If no translations are available, fall back to untranslated text. */ -+ if (err == GRUB_ERR_FILE_NOT_FOUND) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ return 0; -+ } -+ - if (locale[0] == 'e' && locale[1] == 'n' - && (locale[2] == '\0' || locale[2] == '_')) - grub_errno = err = GRUB_ERR_NONE; diff --git a/0192-templates-Check-for-EFI-at-runtime-instead-of-config.patch b/0192-templates-Check-for-EFI-at-runtime-instead-of-config.patch deleted file mode 100644 index e36afa113d9eb7dc5615400dcf67facb14f93152..0000000000000000000000000000000000000000 --- a/0192-templates-Check-for-EFI-at-runtime-instead-of-config.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 6 Jul 2021 00:38:40 +0200 -Subject: [PATCH] templates: Check for EFI at runtime instead of config - generation time - -The 30_uefi-firmware template checks if an OsIndicationsSupported UEFI var -exists and EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, to decide whether -a "fwsetup" menu entry would be added or not to the GRUB menu. - -But this has the problem that it will only work if the configuration file -was created on an UEFI machine that supports booting to a firmware UI. - -This for example doesn't support creating GRUB config files when executing -on systems that support both UEFI and legacy BIOS booting. Since creating -the config file from legacy BIOS wouldn't allow to access the firmware UI. - -To prevent this, make the template to unconditionally create the grub.cfg -snippet but check at runtime if was booted through UEFI to decide if this -entry should be added. That way it won't be added when booting with BIOS. - -There's no need to check if EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit is set, -since that's already done by the "fwsetup" command when is executed. - -Resolves: rhbz#1823864 - -Signed-off-by: Javier Martinez Canillas ---- - util/grub.d/30_uefi-firmware.in | 21 ++++++++------------- - 1 file changed, 8 insertions(+), 13 deletions(-) - -diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in -index d344d3883d7..b6041b55e2a 100644 ---- a/util/grub.d/30_uefi-firmware.in -+++ b/util/grub.d/30_uefi-firmware.in -@@ -26,19 +26,14 @@ export TEXTDOMAINDIR="@localedir@" - - . "$pkgdatadir/grub-mkconfig_lib" - --EFI_VARS_DIR=/sys/firmware/efi/efivars --EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c --OS_INDICATIONS="$EFI_VARS_DIR/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE" -+LABEL="UEFI Firmware Settings" - --if [ -e "$OS_INDICATIONS" ] && \ -- [ "$(( $(printf 0x%x \'"$(cat $OS_INDICATIONS | cut -b5)"\') & 1 ))" = 1 ]; then -- LABEL="UEFI Firmware Settings" -+gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2 - -- gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2 -- -- cat << EOF --menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { -- fwsetup --} --EOF -+cat << EOF -+if [ "\$grub_platform" = "efi" ]; then -+ menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' { -+ fwsetup -+ } - fi -+EOF diff --git a/0193-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch b/0193-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch deleted file mode 100644 index 65b4aec54b51585670ec186dbd795214baad484f..0000000000000000000000000000000000000000 --- a/0193-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Tue, 6 Jul 2021 01:10:18 +0200 -Subject: [PATCH] efi: Print an error if boot to firmware setup is not - supported - -The "fwsetup" command is only registered if the firmware supports booting -to the firmware setup UI. But it could be possible that the GRUB config -already contains a "fwsetup" entry, because it was generated in a machine -that has support for this feature. - -To prevent users getting a "can't find command `fwsetup`" error if it is -not supported by the firmware, let's just always register the command but -print a more accurate message if the firmware doesn't support this option. - -Resolves: rhbz#1823864 - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/commands/efi/efifwsetup.c | 43 ++++++++++++++++++++----------------- - 1 file changed, 23 insertions(+), 20 deletions(-) - -diff --git a/grub-core/commands/efi/efifwsetup.c b/grub-core/commands/efi/efifwsetup.c -index eaca0328388..328c45e82e0 100644 ---- a/grub-core/commands/efi/efifwsetup.c -+++ b/grub-core/commands/efi/efifwsetup.c -@@ -27,6 +27,25 @@ - - GRUB_MOD_LICENSE ("GPLv3+"); - -+static grub_efi_boolean_t -+efifwsetup_is_supported (void) -+{ -+ grub_efi_uint64_t *os_indications_supported = NULL; -+ grub_size_t oi_size = 0; -+ grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; -+ -+ grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size, -+ (void **) &os_indications_supported); -+ -+ if (!os_indications_supported) -+ return 0; -+ -+ if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI) -+ return 1; -+ -+ return 0; -+} -+ - static grub_err_t - grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), - int argc __attribute__ ((unused)), -@@ -38,6 +57,10 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), - grub_size_t oi_size; - grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; - -+ if (!efifwsetup_is_supported ()) -+ return grub_error (GRUB_ERR_INVALID_COMMAND, -+ N_("Reboot to firmware setup is not supported")); -+ - grub_efi_get_variable ("OsIndications", &global, &oi_size, - (void **) &old_os_indications); - -@@ -56,28 +79,8 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), - - static grub_command_t cmd = NULL; - --static grub_efi_boolean_t --efifwsetup_is_supported (void) --{ -- grub_efi_uint64_t *os_indications_supported = NULL; -- grub_size_t oi_size = 0; -- grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; -- -- grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size, -- (void **) &os_indications_supported); -- -- if (!os_indications_supported) -- return 0; -- -- if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI) -- return 1; -- -- return 0; --} -- - GRUB_MOD_INIT (efifwsetup) - { -- if (efifwsetup_is_supported ()) - cmd = grub_register_command ("fwsetup", grub_cmd_fwsetup, NULL, - N_("Reboot into firmware setup menu.")); - diff --git a/0194-arm64-Fix-EFI-loader-kernel-image-allocation.patch b/0194-arm64-Fix-EFI-loader-kernel-image-allocation.patch deleted file mode 100644 index 0472a42f3511e081b54059d895b09d35ea6666f8..0000000000000000000000000000000000000000 --- a/0194-arm64-Fix-EFI-loader-kernel-image-allocation.patch +++ /dev/null @@ -1,218 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Benjamin Herrenschmidt -Date: Mon, 2 Aug 2021 23:10:01 +1000 -Subject: [PATCH] arm64: Fix EFI loader kernel image allocation - -We are currently allocating just enough memory for the file size, -which means that the kernel BSS is in limbo (and not even zeroed). - -We are also not honoring the alignment specified in the image -PE header. - -This makes us use the PE optional header in which the kernel puts the -actual size it needs, including BSS, and make sure we clear it, and -honors the specified alignment for the image. - -Signed-off-by: Benjamin Herrenschmidt -[pjones: arm: check for the PE magic for the compiled arch] -Signed-off-by: Peter Jones -Signed-off-by: Robbie Harwood ---- - grub-core/loader/arm64/linux.c | 100 +++++++++++++++++++++++++++-------------- - include/grub/arm/linux.h | 1 + - include/grub/arm64/linux.h | 1 + - 3 files changed, 68 insertions(+), 34 deletions(-) - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index 47f8cf0d84b..f18d90bd749 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -41,6 +41,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - static grub_dl_t my_mod; - static int loaded; - -+static void *kernel_alloc_addr; -+static grub_uint32_t kernel_alloc_pages; - static void *kernel_addr; - static grub_uint64_t kernel_size; - static grub_uint32_t handover_offset; -@@ -204,9 +206,8 @@ grub_linux_unload (void) - GRUB_EFI_BYTES_TO_PAGES (initrd_end - initrd_start)); - initrd_start = initrd_end = 0; - grub_free (linux_args); -- if (kernel_addr) -- grub_efi_free_pages ((grub_addr_t) kernel_addr, -- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -+ if (kernel_alloc_addr) -+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); - grub_fdt_unload (); - return GRUB_ERR_NONE; - } -@@ -311,14 +312,35 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - return grub_errno; - } - -+static grub_err_t -+parse_pe_header (void *kernel, grub_uint64_t *total_size, -+ grub_uint32_t *entry_offset, -+ grub_uint32_t *alignment) -+{ -+ struct linux_arch_kernel_header *lh = kernel; -+ struct grub_armxx_linux_pe_header *pe; -+ -+ pe = (void *)((unsigned long)kernel + lh->hdr_offset); -+ -+ if (pe->opt.magic != GRUB_PE32_PEXX_MAGIC) -+ return grub_error(GRUB_ERR_BAD_OS, "Invalid PE optional header magic"); -+ -+ *total_size = pe->opt.image_size; -+ *entry_offset = pe->opt.entry_addr; -+ *alignment = pe->opt.section_alignment; -+ -+ return GRUB_ERR_NONE; -+} -+ - static grub_err_t - grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) - { - grub_file_t file = 0; -- struct linux_arch_kernel_header lh; -- struct grub_armxx_linux_pe_header *pe; - grub_err_t err; -+ grub_off_t filelen; -+ grub_uint32_t align; -+ void *kernel = NULL; - int rc; - - grub_dl_ref (my_mod); -@@ -333,40 +355,24 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - if (!file) - goto fail; - -- kernel_size = grub_file_size (file); -- -- if (grub_file_read (file, &lh, sizeof (lh)) < (long) sizeof (lh)) -- return grub_errno; -- -- if (grub_arch_efi_linux_check_image (&lh) != GRUB_ERR_NONE) -- goto fail; -- -- grub_loader_unset(); -- -- grub_dprintf ("linux", "kernel file size: %lld\n", (long long) kernel_size); -- kernel_addr = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -- grub_dprintf ("linux", "kernel numpages: %lld\n", -- (long long) GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -- if (!kernel_addr) -+ filelen = grub_file_size (file); -+ kernel = grub_malloc(filelen); -+ if (!kernel) - { -- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("cannot allocate kernel load buffer")); - goto fail; - } - -- grub_file_seek (file, 0); -- if (grub_file_read (file, kernel_addr, kernel_size) -- < (grub_int64_t) kernel_size) -+ if (grub_file_read (file, kernel, filelen) < (grub_ssize_t)filelen) - { -- if (!grub_errno) -- grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), argv[0]); -+ grub_error (GRUB_ERR_FILE_READ_ERROR, N_("Can't read kernel %s"), -+ argv[0]); - goto fail; - } - -- grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); -- - if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { -- rc = grub_linuxefi_secure_validate (kernel_addr, kernel_size); -+ rc = grub_linuxefi_secure_validate (kernel, filelen); - if (rc <= 0) - { - grub_error (GRUB_ERR_INVALID_COMMAND, -@@ -375,8 +381,32 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - } - -- pe = (void *)((unsigned long)kernel_addr + lh.hdr_offset); -- handover_offset = pe->opt.entry_addr; -+ if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE) -+ goto fail; -+ if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE) -+ goto fail; -+ grub_dprintf ("linux", "kernel mem size : %lld\n", (long long) kernel_size); -+ grub_dprintf ("linux", "kernel entry offset : %d\n", handover_offset); -+ grub_dprintf ("linux", "kernel alignment : 0x%x\n", align); -+ -+ grub_loader_unset(); -+ -+ kernel_alloc_pages = GRUB_EFI_BYTES_TO_PAGES (kernel_size + align - 1); -+ kernel_alloc_addr = grub_efi_allocate_any_pages (kernel_alloc_pages); -+ grub_dprintf ("linux", "kernel numpages: %d\n", kernel_alloc_pages); -+ if (!kernel_alloc_addr) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ kernel_addr = (void *)ALIGN_UP((grub_uint64_t)kernel_alloc_addr, align); -+ -+ grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); -+ grub_memcpy (kernel_addr, kernel, grub_min(filelen, kernel_size)); -+ if (kernel_size > filelen) -+ grub_memset ((char *)kernel_addr + filelen, 0, kernel_size - filelen); -+ grub_free(kernel); -+ kernel = NULL; - - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); - linux_args = grub_malloc (cmdline_size); -@@ -400,6 +430,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - - fail: -+ if (kernel) -+ grub_free (kernel); -+ - if (file) - grub_file_close (file); - -@@ -412,9 +445,8 @@ fail: - if (linux_args && !loaded) - grub_free (linux_args); - -- if (kernel_addr && !loaded) -- grub_efi_free_pages ((grub_addr_t) kernel_addr, -- GRUB_EFI_BYTES_TO_PAGES (kernel_size)); -+ if (kernel_alloc_addr && !loaded) -+ grub_efi_free_pages ((grub_addr_t) kernel_alloc_addr, kernel_alloc_pages); - - return grub_errno; - } -diff --git a/include/grub/arm/linux.h b/include/grub/arm/linux.h -index b582f67f661..966a5074f53 100644 ---- a/include/grub/arm/linux.h -+++ b/include/grub/arm/linux.h -@@ -44,6 +44,7 @@ struct grub_arm_linux_pe_header - - #if defined(__arm__) - # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM_MAGIC_SIGNATURE -+# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE32_MAGIC - # define linux_arch_kernel_header linux_arm_kernel_header - # define grub_armxx_linux_pe_header grub_arm_linux_pe_header - #endif -diff --git a/include/grub/arm64/linux.h b/include/grub/arm64/linux.h -index ea030312df3..422bf2bf24b 100644 ---- a/include/grub/arm64/linux.h -+++ b/include/grub/arm64/linux.h -@@ -48,6 +48,7 @@ struct grub_arm64_linux_pe_header - - #if defined(__aarch64__) - # define GRUB_LINUX_ARMXX_MAGIC_SIGNATURE GRUB_LINUX_ARM64_MAGIC_SIGNATURE -+# define GRUB_PE32_PEXX_MAGIC GRUB_PE32_PE64_MAGIC - # define linux_arch_kernel_header linux_arm64_kernel_header - # define grub_armxx_linux_pe_header grub_arm64_linux_pe_header - #endif diff --git a/0195-normal-main-Discover-the-device-to-read-the-config-f.patch b/0195-normal-main-Discover-the-device-to-read-the-config-f.patch deleted file mode 100644 index 800903884efbc16d89521bf248817a21f631b1ca..0000000000000000000000000000000000000000 --- a/0195-normal-main-Discover-the-device-to-read-the-config-f.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Javier Martinez Canillas -Date: Mon, 30 Aug 2021 12:31:18 +0200 -Subject: [PATCH] normal/main: Discover the device to read the config from as a - fallback - -The GRUB core.img is generated locally, when this is done the grub2-probe -tool figures out the device and partition that needs to be read to parse -the GRUB configuration file. - -But in some cases the core.img can't be generated on the host and instead -has to be done at package build time. For example, if needs to get signed -with a key that's only available on the package building infrastructure. - -If that's the case, the prefix variable won't have a device and partition -but only a directory path. So there's no way for GRUB to know from which -device has to read the configuration file. - -To allow GRUB to continue working on that scenario, fallback to iterating -over all the available devices, if reading the config failed when using -the prefix and fw_path variables. - -Signed-off-by: Javier Martinez Canillas ---- - grub-core/normal/main.c | 58 +++++++++++++++++++++++++++++++++++++++++++------ - 1 file changed, 51 insertions(+), 7 deletions(-) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index 4ebdbd228d4..b72fe3d653c 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -337,18 +337,13 @@ grub_enter_normal_mode (const char *config) - } - - static grub_err_t --grub_try_normal (const char *variable) -+grub_try_normal_prefix (const char *prefix) - { - char *config; -- const char *prefix; - grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; - const char *net_search_cfg; - int disable_net_search = 0; - -- prefix = grub_env_get (variable); -- if (!prefix) -- return GRUB_ERR_FILE_NOT_FOUND; -- - net_search_cfg = grub_env_get ("feature_net_search_cfg"); - if (net_search_cfg && net_search_cfg[0] == 'n') - disable_net_search = 1; -@@ -362,7 +357,7 @@ grub_try_normal (const char *variable) - config = grub_malloc (config_len); - - if (! config) -- return GRUB_ERR_FILE_NOT_FOUND; -+ return err; - - grub_snprintf (config, config_len, "%s/grub.cfg", prefix); - err = grub_net_search_config_file (config); -@@ -391,6 +386,53 @@ grub_try_normal (const char *variable) - return err; - } - -+static int -+grub_try_normal_dev (const char *name, void *data) -+{ -+ grub_err_t err; -+ const char *prefix = grub_xasprintf ("(%s)%s", name, (char *)data); -+ -+ if (!prefix) -+ return 0; -+ -+ err = grub_try_normal_prefix (prefix); -+ if (err == GRUB_ERR_NONE) -+ return 1; -+ -+ return 0; -+} -+ -+static grub_err_t -+grub_try_normal_discover (void) -+{ -+ char *prefix = grub_env_get ("prefix"); -+ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; -+ -+ if (!prefix) -+ return err; -+ -+ if (grub_device_iterate (grub_try_normal_dev, (void *)prefix)) -+ return GRUB_ERR_NONE; -+ -+ return err; -+} -+ -+static grub_err_t -+grub_try_normal (const char *variable) -+{ -+ grub_err_t err = GRUB_ERR_FILE_NOT_FOUND; -+ const char *prefix; -+ -+ if (!variable) -+ return err; -+ -+ prefix = grub_env_get (variable); -+ if (!prefix) -+ return err; -+ -+ return grub_try_normal_prefix (prefix); -+} -+ - /* Enter normal mode from rescue mode. */ - static grub_err_t - grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), -@@ -405,6 +447,8 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), - err = grub_try_normal ("fw_path"); - if (err == GRUB_ERR_FILE_NOT_FOUND) - err = grub_try_normal ("prefix"); -+ if (err == GRUB_ERR_FILE_NOT_FOUND) -+ err = grub_try_normal_discover (); - if (err == GRUB_ERR_FILE_NOT_FOUND) - grub_enter_normal_mode (0); - } diff --git a/0196-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch b/0196-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch deleted file mode 100644 index 7f3161e29b03ee56071298ef2d346b73181f4699..0000000000000000000000000000000000000000 --- a/0196-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 19 Jul 2021 14:35:55 +1000 -Subject: [PATCH] powerpc: adjust setting of prefix for signed binary case - -On RHEL-signed powerpc grub, we sign a grub with -p /grub2 and expect -that there's a boot partition. - -Unfortunately grub_set_prefix_and_root tries to convert this to -($fwdevice)/grub2. This ends up being (ieee1275/disk)/grub2 and that -falls apart pretty quickly - there's no file-system on ieee1275/disk, -and it makes the search routine try things like -(ieee1275/disk,msdos2)(ieee1275/disk)/grub2 which also doesn't work. - -Detect if we would be about to create (ieee1275/disk)/path and don't: -preserve a prefix of /path instead and hope the search later finds us. - -Related: rhbz#1899864 - -Signed-off-by: Daniel Axtens -[rharwood@redhat.com: squash in fixup commit] -Signed-off-by: Robbie Harwood ---- - grub-core/kern/main.c | 49 ++++++++++++++++++++++++++++++++++++++++++++----- - 1 file changed, 44 insertions(+), 5 deletions(-) - -diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c -index b573be6650d..3fc34014726 100644 ---- a/grub-core/kern/main.c -+++ b/grub-core/kern/main.c -@@ -216,13 +216,52 @@ grub_set_prefix_and_root (void) - if (device) - { - char *prefix_set; -- -- prefix_set = grub_xasprintf ("(%s)%s", device, path ? : ""); -- if (prefix_set) -+ -+#ifdef __powerpc__ -+ /* We have to be careful here on powerpc-ieee1275 + signed grub. We -+ will have signed something with a prefix that doesn't have a device -+ because we cannot know in advance what partition we're on. -+ -+ We will have had !device earlier, so we will have set device=fwdevice -+ However, we want to make sure we do not end up setting prefix to be -+ ($fwdevice)/path, because we will then end up trying to boot or search -+ based on a prefix of (ieee1275/disk)/path, which will not work because -+ it's missing a partition. -+ -+ Also: -+ - You can end up with a device with an FS directly on it, without -+ a partition, e.g. ieee1275/cdrom. -+ -+ - powerpc-ieee1275 + grub-install sets e.g. prefix=(,gpt2)/path, -+ which will have now been extended to device=$fwdisk,partition -+ and path=/path -+ -+ - PowerVM will give us device names like -+ ieee1275//vdevice/v-scsi@3000006c/disk@8100000000000000 -+ and we don't want to try to encode some sort of truth table about -+ what sorts of paths represent disks with partition tables and those -+ without partition tables. -+ -+ So we act unless there is a comma in the device, which would indicate -+ a partition has already been specified. -+ -+ (If we only have a path, the code in normal to discover config files -+ will try both without partitions and then with any partitions so we -+ will cover both CDs and HDs.) -+ */ -+ if (grub_strchr (device, ',') == NULL) -+ grub_env_set ("prefix", path); -+ else -+#endif - { -- grub_env_set ("prefix", prefix_set); -- grub_free (prefix_set); -+ prefix_set = grub_xasprintf ("(%s)%s", device, path ? : ""); -+ if (prefix_set) -+ { -+ grub_env_set ("prefix", prefix_set); -+ grub_free (prefix_set); -+ } - } -+ - grub_env_set ("root", device); - } - diff --git a/0197-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch b/0197-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch deleted file mode 100644 index 893d8b41ae9c07042910f48e22c628da99c8930b..0000000000000000000000000000000000000000 --- a/0197-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch +++ /dev/null @@ -1,118 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Erwan Velu -Date: Wed, 25 Aug 2021 15:31:52 +0200 -Subject: [PATCH] fs/xfs: Fix unreadable filesystem with v4 superblock - -The commit 8b1e5d193 (fs/xfs: Add bigtime incompat feature support) -introduced the bigtime support by adding some features in v3 inodes. -This change extended grub_xfs_inode struct by 76 bytes but also changed -the computation of XFS_V2_INODE_SIZE and XFS_V3_INODE_SIZE. Prior this -commit, XFS_V2_INODE_SIZE was 100 bytes. After the commit it's 84 bytes -XFS_V2_INODE_SIZE becomes 16 bytes too small. - -As a result, the data structures aren't properly aligned and the GRUB -generates "attempt to read or write outside of partition" errors when -trying to read the XFS filesystem: - - GNU GRUB version 2.11 - .... - grub> set debug=efi,gpt,xfs - grub> insmod part_gpt - grub> ls (hd0,gpt1)/ - partmap/gpt.c:93: Read a valid GPT header - partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125 - fs/xfs.c:931: Reading sb - fs/xfs.c:270: Validating superblock - fs/xfs.c:295: XFS v4 superblock detected - fs/xfs.c:962: Reading root ino 128 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:515: Reading inode (739521961424144223) - 344365866970255880, 3840 - error: attempt to read or write outside of partition. - -This commit change the XFS_V2_INODE_SIZE computation by subtracting 76 -bytes instead of 92 bytes from the actual size of grub_xfs_inode struct. -This 76 bytes value comes from added members: - 20 grub_uint8_t unused5 - 1 grub_uint64_t flags2 - 48 grub_uint8_t unused6 - -This patch explicitly splits the v2 and v3 parts of the structure. -The unused4 is still ending of the v2 structures and the v3 starts -at unused5. Thanks to this we will avoid future corruptions of v2 -or v3 inodes. - -The XFS_V2_INODE_SIZE is returning to its expected size and the -filesystem is back to a readable state: - - GNU GRUB version 2.11 - .... - grub> set debug=efi,gpt,xfs - grub> insmod part_gpt - grub> ls (hd0,gpt1)/ - partmap/gpt.c:93: Read a valid GPT header - partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125 - fs/xfs.c:931: Reading sb - fs/xfs.c:270: Validating superblock - fs/xfs.c:295: XFS v4 superblock detected - fs/xfs.c:962: Reading root ino 128 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:931: Reading sb - fs/xfs.c:270: Validating superblock - fs/xfs.c:295: XFS v4 superblock detected - fs/xfs.c:962: Reading root ino 128 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:515: Reading inode (128) - 64, 0 - fs/xfs.c:515: Reading inode (131) - 64, 768 - efi/ fs/xfs.c:515: Reading inode (3145856) - 1464904, 0 - grub2/ fs/xfs.c:515: Reading inode (132) - 64, 1024 - grub/ fs/xfs.c:515: Reading inode (139) - 64, 2816 - grub> - -Fixes: 8b1e5d193 (fs/xfs: Add bigtime incompat feature support) - -Signed-off-by: Erwan Velu -Tested-by: Carlos Maiolino -Reviewed-by: Daniel Kiper -(cherry picked from commit a4b495520e4dc41a896a8b916a64eda9970c50ea) ---- - grub-core/fs/xfs.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c -index 0f524c3a8a6..e3816d1ec4a 100644 ---- a/grub-core/fs/xfs.c -+++ b/grub-core/fs/xfs.c -@@ -192,6 +192,11 @@ struct grub_xfs_time_legacy - grub_uint32_t nanosec; - } GRUB_PACKED; - -+/* -+ * The struct grub_xfs_inode layout was taken from the -+ * struct xfs_dinode_core which is described here: -+ * https://mirrors.edge.kernel.org/pub/linux/utils/fs/xfs/docs/xfs_filesystem_structure.pdf -+ */ - struct grub_xfs_inode - { - grub_uint8_t magic[2]; -@@ -208,14 +213,15 @@ struct grub_xfs_inode - grub_uint32_t nextents; - grub_uint16_t unused3; - grub_uint8_t fork_offset; -- grub_uint8_t unused4[37]; -+ grub_uint8_t unused4[17]; /* Last member of inode v2. */ -+ grub_uint8_t unused5[20]; /* First member of inode v3. */ - grub_uint64_t flags2; -- grub_uint8_t unused5[48]; -+ grub_uint8_t unused6[48]; /* Last member of inode v3. */ - } GRUB_PACKED; - - #define XFS_V3_INODE_SIZE sizeof(struct grub_xfs_inode) --/* Size of struct grub_xfs_inode until fork_offset (included). */ --#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 92) -+/* Size of struct grub_xfs_inode v2, up to unused4 member included. */ -+#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 76) - - struct grub_xfs_dirblock_tail - { diff --git a/0198-Print-module-name-on-license-check-failure.patch b/0198-Print-module-name-on-license-check-failure.patch deleted file mode 100644 index c4b9a134421e5169874b9aa25e036ed8fef6dab8..0000000000000000000000000000000000000000 --- a/0198-Print-module-name-on-license-check-failure.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Tue, 12 Oct 2021 12:34:23 -0400 -Subject: [PATCH] Print module name on license check failure - -At the very least, this will make it easier to track down the problem -module - or, if something else has gone wrong, provide more information -for debugging. - -Signed-off-by: Robbie Harwood ---- - grub-core/kern/dl.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index 9557254035e..f3044945742 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -528,14 +528,16 @@ grub_dl_find_section_index (Elf_Ehdr *e, const char *name) - Be sure to understand your license obligations. - */ - static grub_err_t --grub_dl_check_license (Elf_Ehdr *e) -+grub_dl_check_license (grub_dl_t mod, Elf_Ehdr *e) - { - Elf_Shdr *s = grub_dl_find_section (e, ".module_license"); - if (s && (grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3") == 0 - || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3+") == 0 - || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv2+") == 0)) - return GRUB_ERR_NONE; -- return grub_error (GRUB_ERR_BAD_MODULE, "incompatible license"); -+ return grub_error (GRUB_ERR_BAD_MODULE, -+ "incompatible license in module %s: %s", mod->name, -+ (char *) e + s->sh_offset); - } - - static grub_err_t -@@ -743,8 +745,8 @@ grub_dl_load_core_noinit (void *addr, grub_size_t size) - constitutes linking) and GRUB core being licensed under GPLv3+. - Be sure to understand your license obligations. - */ -- if (grub_dl_check_license (e) -- || grub_dl_resolve_name (mod, e) -+ if (grub_dl_resolve_name (mod, e) -+ || grub_dl_check_license (mod, e) - || grub_dl_resolve_dependencies (mod, e) - || grub_dl_load_segments (mod, e) - || grub_dl_resolve_symbols (mod, e) diff --git a/0199-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch b/0199-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch deleted file mode 100644 index a80727e0bb16e2a24f1b006fb3d10300207996a3..0000000000000000000000000000000000000000 --- a/0199-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 22 Oct 2021 09:53:15 +1100 -Subject: [PATCH] powerpc-ieee1275: load grub at 4MB, not 2MB - -This was first reported under PFW but reproduces under SLOF. - - - The core.elf was 2126152 = 0x207148 bytes in size with the following - program headers (per readelf): - -Entry point 0x200000 -There are 4 program headers, starting at offset 52 - -Program Headers: - Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align - LOAD 0x000160 0x00200000 0x00200000 0x21f98 0x2971c RWE 0x8 - GNU_STACK 0x0220f8 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4 - LOAD 0x0220f8 0x00232000 0x00232000 0x1e4e50 0x1e4e50 RWE 0x4 - NOTE 0x206f48 0x00000000 0x00000000 0x00200 0x00000 R 0x4 - - - SLOF places the ELF file at 0x4000 (after the reserved space for - interrupt handlers etc.) upwards. The image was 2126152 = 0x207148 - bytes in size, so it runs from 0x4000 - 0x20b148. We'll call 0x4000 the - load address. - -0x0 0x4000 0x20b148 - |----------|--------------| - | reserved | ELF contents | - - - SLOF then copies the first LOAD program header (for .text). That runs - for 0x21f98 bytes. It runs from - (load addr + 0x160) to (load addr + 0x160 + 0x21f98) - = 0x4160 to 0x260f8 - and we copy it to 0x200000 to 0x221f98. This overwrites the end of the - image: - -0x0 0x4000 0x200000 0x221f98 - |----------|------------|---------------| - | reserved | ELF cont.. | .text section | - - - SLOF zeros the bss up to PhysAddr + MemSize = 0x22971c - -0x0 0x4000 0x200000 0x221f98 0x22971c - |----------|------------|---------------|--------| - | reserved | ELF cont.. | .text section | bss 0s | - - - SLOF then goes to fulfil the next LOAD header (for mods), which is - for 0x1e4e50 bytes. We copy from - (load addr + 0x220f8) to (load addr + 0x220f8 + 0x1e4e50) - = 0x260f8 to 0x20af48 - and we copy it to 0x232000 to 0x416e50: - -0x0 0x4000 0x200000 0x221f98 0x22971c - |----------|------------|---------------|--------| - | reserved | ELF cont.. | .text section | bss 0s | - |-------------| - | copied area | - 0x260f8 0x20af48 - - This goes poorly: - -0x0 0x4000 0x200000 0x221f98 0x22971c 0x232000 0x40bf08 0x416e50 - |----------|------------|---------------|--------|-----|-----------|-------------| - | reserved | ELF cont.. | .text section | bss 0s | pad | some mods | .text start | - -This matches the observations on the running system - 0x40bf08 was where -the contents of memory no longer matched the contents of the ELF file. - -This was reported as a license verification failure on SLOF as the -last module's .module_license section fell past where the corruption -began. - -Signed-off-by: Daniel Axtens -[rharwood@redhat.com: trim very detailed commit message] -Signed-off-by: Robbie Harwood ---- - grub-core/Makefile.core.def | 2 +- - include/grub/offsets.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 3f3459b2c70..6b00eb55575 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -89,7 +89,7 @@ kernel = { - i386_xen_pvh_ldflags = '$(TARGET_IMG_BASE_LDOPT),0x100000'; - - mips_loongson_ldflags = '-Wl,-Ttext,0x80200000'; -- powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x200000'; -+ powerpc_ieee1275_ldflags = '-Wl,-Ttext,0x400000'; - sparc64_ieee1275_ldflags = '-Wl,-Ttext,0x4400'; - mips_arc_ldflags = '-Wl,-Ttext,$(TARGET_LINK_ADDR)'; - mips_qemu_mips_ldflags = '-Wl,-Ttext,0x80200000'; -diff --git a/include/grub/offsets.h b/include/grub/offsets.h -index 871e1cd4c38..69211aa798b 100644 ---- a/include/grub/offsets.h -+++ b/include/grub/offsets.h -@@ -63,7 +63,7 @@ - #define GRUB_KERNEL_SPARC64_IEEE1275_LINK_ADDR 0x4400 - - #define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ALIGN 4 --#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x200000 -+#define GRUB_KERNEL_POWERPC_IEEE1275_LINK_ADDR 0x400000 - - #define GRUB_KERNEL_MIPS_LOONGSON_LINK_ADDR 0x80200000 - diff --git a/0200-grub-mkconfig-restore-umask-for-grub.cfg.patch b/0200-grub-mkconfig-restore-umask-for-grub.cfg.patch deleted file mode 100644 index 7c7bee0e60f5eb8d1f55dccd2d0052aa7f672663..0000000000000000000000000000000000000000 --- a/0200-grub-mkconfig-restore-umask-for-grub.cfg.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang via Grub-devel -Date: Fri, 3 Dec 2021 16:13:28 +0800 -Subject: [PATCH] grub-mkconfig: restore umask for grub.cfg - -Since commit: - - ab2e53c8a grub-mkconfig: Honor a symlink when generating configuration -by grub-mkconfig - -has inadvertently discarded umask for creating grub.cfg in the process -of grub-mkconfig. The resulting wrong permission (0644) would allow -unprivileged users to read grub's configuration file content. This -presents a low confidentiality risk as grub.cfg may contain non-secured -plain-text passwords. - -This patch restores the missing umask and set the file mode of creation -to 0600 preventing unprivileged access. - -Fixes: CVE-2021-3981 - -Signed-off-by: Michael Chang ---- - util/grub-mkconfig.in | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index f55339a3f64..520a672cd2c 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -311,7 +311,9 @@ and /etc/grub.d/* files or please file a bug report with - exit 1 - else - # none of the children aborted with error, install the new grub.cfg -+ oldumask=$(umask); umask 077 - cat ${grub_cfg}.new > ${grub_cfg} -+ umask $oldumask - rm -f ${grub_cfg}.new - fi - fi diff --git a/0201-fs-btrfs-Use-full-btrfs-bootloader-area.patch b/0201-fs-btrfs-Use-full-btrfs-bootloader-area.patch deleted file mode 100644 index ecfc58cd684f5430edd68e7f3523da02fcbebcd9..0000000000000000000000000000000000000000 --- a/0201-fs-btrfs-Use-full-btrfs-bootloader-area.patch +++ /dev/null @@ -1,160 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Mon, 13 Dec 2021 14:25:49 +0800 -Subject: [PATCH] fs/btrfs: Use full btrfs bootloader area - -Up to now GRUB can only embed to the first 64 KiB before primary -superblock of btrfs, effectively limiting the GRUB core size. That -could consequently pose restrictions to feature enablement like -advanced zstd compression. - -This patch attempts to utilize full unused area reserved by btrfs for -the bootloader outlined in the document [1]: - - The first 1MiB on each device is unused with the exception of primary - superblock that is on the offset 64KiB and spans 4KiB. - -Apart from that, adjacent sectors to superblock and first block group -are not used for embedding in case of overflow and logged access to -adjacent sectors could be useful for tracing it up. - -This patch has been tested to provide out of the box support for btrfs -zstd compression with which GRUB has been installed to the partition. - -[1] https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)#BOOTLOADER_SUPPORT - -Signed-off-by: Michael Chang -Reviewed-by: Daniel Kiper -(cherry picked from commit b0f06a81c6f31b6fa20be67a96b6683bba8210c9) ---- - grub-core/fs/btrfs.c | 90 ++++++++++++++++++++++++++++++++++++++++++++-------- - include/grub/disk.h | 2 ++ - 2 files changed, 79 insertions(+), 13 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 4cc86e9b79e..07c0ff874b8 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -2476,6 +2476,33 @@ grub_btrfs_label (grub_device_t device, char **label) - } - - #ifdef GRUB_UTIL -+ -+struct embed_region { -+ unsigned int start; -+ unsigned int secs; -+}; -+ -+/* -+ * https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)#BOOTLOADER_SUPPORT -+ * The first 1 MiB on each device is unused with the exception of primary -+ * superblock that is on the offset 64 KiB and spans 4 KiB. -+ */ -+ -+static const struct { -+ struct embed_region available; -+ struct embed_region used[6]; -+} btrfs_head = { -+ .available = {0, GRUB_DISK_KiB_TO_SECTORS (1024)}, /* The first 1 MiB. */ -+ .used = { -+ {0, 1}, /* boot.S. */ -+ {GRUB_DISK_KiB_TO_SECTORS (64) - 1, 1}, /* Overflow guard. */ -+ {GRUB_DISK_KiB_TO_SECTORS (64), GRUB_DISK_KiB_TO_SECTORS (4)}, /* 4 KiB superblock. */ -+ {GRUB_DISK_KiB_TO_SECTORS (68), 1}, /* Overflow guard. */ -+ {GRUB_DISK_KiB_TO_SECTORS (1024) - 1, 1}, /* Overflow guard. */ -+ {0, 0} /* Array terminator. */ -+ } -+}; -+ - static grub_err_t - grub_btrfs_embed (grub_device_t device __attribute__ ((unused)), - unsigned int *nsectors, -@@ -2483,25 +2510,62 @@ grub_btrfs_embed (grub_device_t device __attribute__ ((unused)), - grub_embed_type_t embed_type, - grub_disk_addr_t **sectors) - { -- unsigned i; -+ unsigned int i, j, n = 0; -+ const struct embed_region *u; -+ grub_disk_addr_t *map; - - if (embed_type != GRUB_EMBED_PCBIOS) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - "BtrFS currently supports only PC-BIOS embedding"); - -- if (64 * 2 - 1 < *nsectors) -- return grub_error (GRUB_ERR_OUT_OF_RANGE, -- N_("your core.img is unusually large. " -- "It won't fit in the embedding area")); -- -- *nsectors = 64 * 2 - 1; -- if (*nsectors > max_nsectors) -- *nsectors = max_nsectors; -- *sectors = grub_calloc (*nsectors, sizeof (**sectors)); -- if (!*sectors) -+ map = grub_calloc (btrfs_head.available.secs, sizeof (*map)); -+ if (map == NULL) - return grub_errno; -- for (i = 0; i < *nsectors; i++) -- (*sectors)[i] = i + 1; -+ -+ /* -+ * Populating the map array so that it can be used to index if a disk -+ * address is available to embed: -+ * - 0: available, -+ * - 1: unavailable. -+ */ -+ for (u = btrfs_head.used; u->secs; ++u) -+ { -+ unsigned int end = u->start + u->secs; -+ -+ if (end > btrfs_head.available.secs) -+ end = btrfs_head.available.secs; -+ for (i = u->start; i < end; ++i) -+ map[i] = 1; -+ } -+ -+ /* Adding up n until it matches total size of available embedding area. */ -+ for (i = 0; i < btrfs_head.available.secs; ++i) -+ if (map[i] == 0) -+ n++; -+ -+ if (n < *nsectors) -+ { -+ grub_free (map); -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, -+ N_("your core.img is unusually large. " -+ "It won't fit in the embedding area")); -+ } -+ -+ if (n > max_nsectors) -+ n = max_nsectors; -+ -+ /* -+ * Populating the array so that it can used to index disk block address for -+ * an image file's offset to be embedded on disk (the unit is in sectors): -+ * - i: The disk block address relative to btrfs_head.available.start, -+ * - j: The offset in image file. -+ */ -+ for (i = 0, j = 0; i < btrfs_head.available.secs && j < n; ++i) -+ if (map[i] == 0) -+ map[j++] = btrfs_head.available.start + i; -+ -+ *nsectors = n; -+ *sectors = map; - - return GRUB_ERR_NONE; - } -diff --git a/include/grub/disk.h b/include/grub/disk.h -index f95aca929a6..06210a70492 100644 ---- a/include/grub/disk.h -+++ b/include/grub/disk.h -@@ -182,6 +182,8 @@ typedef struct grub_disk_memberlist *grub_disk_memberlist_t; - /* Return value of grub_disk_native_sectors() in case disk size is unknown. */ - #define GRUB_DISK_SIZE_UNKNOWN 0xffffffffffffffffULL - -+#define GRUB_DISK_KiB_TO_SECTORS(x) ((x) << (10 - GRUB_DISK_SECTOR_BITS)) -+ - /* Convert sector number from one sector size to another. */ - static inline grub_disk_addr_t - grub_convert_sector (grub_disk_addr_t sector, diff --git a/0202-rpm-sort-add-prereqs-for-declaration-of-strchrnul.patch b/0202-rpm-sort-add-prereqs-for-declaration-of-strchrnul.patch deleted file mode 100644 index 98473476ca63ad95d2e1e61cfa001a16a9cff7de..0000000000000000000000000000000000000000 --- a/0202-rpm-sort-add-prereqs-for-declaration-of-strchrnul.patch +++ /dev/null @@ -1,42 +0,0 @@ -From da43f9b55b5084a1c9f72785fa29ec62e70658c2 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Thu, 5 May 2022 18:01:05 -0400 -Subject: [PATCH] rpm-sort: add prereqs for declaration of strchrnul() - -Reference:https://src.fedoraproject.org/rpms/grub2/c/ea7cfdf72690c5d6e15af02a3e395a40dd24f7c7 -Conflict:NA - -Signed-off-by: Robbie Harwood ---- - util/grub-rpm-sort.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/util/grub-rpm-sort.c b/util/grub-rpm-sort.c -index 8345944..71d038b 100644 ---- a/util/grub-rpm-sort.c -+++ b/util/grub-rpm-sort.c -@@ -1,13 +1,17 @@ -+#define _GNU_SOURCE 1 -+ - #include -+ -+#include -+#include -+#include - #include - #include -+#include - #include - #include -+#include - #include --#include --#include --#include --#include - - static size_t - read_file (const char *input, char **ret) --- -2.27.0 - diff --git a/1000-port-Add-LoongArch-support.patch b/1000-port-Add-LoongArch-support.patch deleted file mode 100644 index 4d19b9692116f1d9b2dda7dca831dd7580801e69..0000000000000000000000000000000000000000 --- a/1000-port-Add-LoongArch-support.patch +++ /dev/null @@ -1,3574 +0,0 @@ -From 781cdb1573ffb77ed6d507d8daa7c6ff92256c57 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Thu, 12 Jan 2023 14:44:13 +0800 -Subject: [PATCH] port: Add LoongArch support - -This patch adds support for LoongArch. From now on, we can boot up -grub as a UEFI application on LoongArch platform. - -Signed-off-by: yangqiming -Signed-off-by: mengyingkun ---- - Makefile.util.def | 1 + - bootstrap.conf | 4 + - configure.ac | 24 + - gentpl.py | 9 +- - grub-core/Makefile.am | 6 + - grub-core/Makefile.core.def | 23 + - grub-core/kern/dl.c | 9 +- - grub-core/kern/efi/mm.c | 3 +- - grub-core/kern/loongarch64/cache.S | 26 + - grub-core/kern/loongarch64/dl.c | 150 +++++ - grub-core/kern/loongarch64/dl_helper.c | 264 +++++++++ - grub-core/kern/loongarch64/efi/init.c | 73 +++ - grub-core/kern/loongarch64/efi/startup.S | 45 ++ - grub-core/kern/loongarch64/init.c | 47 ++ - .../lib/gnulib-patches/fix-loongarch.patch | 26 + - grub-core/lib/loongarch64/relocator.c | 163 ++++++ - grub-core/lib/loongarch64/relocator_asm.S | 51 ++ - grub-core/lib/loongarch64/setjmp.S | 68 +++ - grub-core/lib/setjmp.S | 2 + - grub-core/loader/efi/chainloader.c | 2 + - grub-core/loader/loongarch64/linux-efi.c | 144 +++++ - grub-core/loader/loongarch64/linux-elf.c | 529 ++++++++++++++++++ - grub-core/loader/loongarch64/linux.c | 398 +++++++++++++ - include/grub/efi/api.h | 2 +- - include/grub/efi/efi.h | 6 +- - include/grub/efi/pe32.h | 4 + - include/grub/elf.h | 30 + - include/grub/fdt.h | 4 +- - include/grub/loongarch64/efi/loader.h | 25 + - include/grub/loongarch64/efi/memory.h | 15 + - include/grub/loongarch64/efi/time.h | 0 - include/grub/loongarch64/io.h | 62 ++ - include/grub/loongarch64/linux.h | 144 +++++ - include/grub/loongarch64/loongarch64.h | 30 + - include/grub/loongarch64/memory.h | 59 ++ - include/grub/loongarch64/reloc.h | 113 ++++ - include/grub/loongarch64/relocator.h | 38 ++ - include/grub/loongarch64/setjmp.h | 27 + - include/grub/loongarch64/time.h | 39 ++ - include/grub/loongarch64/types.h | 34 ++ - include/grub/util/install.h | 1 + - util/grub-install-common.c | 1 + - util/grub-install.c | 16 + - util/grub-mkimagexx.c | 99 +++- - util/grub-module-verifier.c | 15 + - util/mkimage.c | 16 + - 46 files changed, 2833 insertions(+), 14 deletions(-) - create mode 100644 grub-core/kern/loongarch64/cache.S - create mode 100644 grub-core/kern/loongarch64/dl.c - create mode 100644 grub-core/kern/loongarch64/dl_helper.c - create mode 100644 grub-core/kern/loongarch64/efi/init.c - create mode 100644 grub-core/kern/loongarch64/efi/startup.S - create mode 100644 grub-core/kern/loongarch64/init.c - create mode 100644 grub-core/lib/gnulib-patches/fix-loongarch.patch - create mode 100644 grub-core/lib/loongarch64/relocator.c - create mode 100644 grub-core/lib/loongarch64/relocator_asm.S - create mode 100644 grub-core/lib/loongarch64/setjmp.S - create mode 100644 grub-core/loader/loongarch64/linux-efi.c - create mode 100644 grub-core/loader/loongarch64/linux-elf.c - create mode 100644 grub-core/loader/loongarch64/linux.c - create mode 100644 include/grub/loongarch64/efi/loader.h - create mode 100644 include/grub/loongarch64/efi/memory.h - create mode 100644 include/grub/loongarch64/efi/time.h - create mode 100644 include/grub/loongarch64/io.h - create mode 100644 include/grub/loongarch64/linux.h - create mode 100644 include/grub/loongarch64/loongarch64.h - create mode 100644 include/grub/loongarch64/memory.h - create mode 100644 include/grub/loongarch64/reloc.h - create mode 100644 include/grub/loongarch64/relocator.h - create mode 100644 include/grub/loongarch64/setjmp.h - create mode 100644 include/grub/loongarch64/time.h - create mode 100644 include/grub/loongarch64/types.h - -diff --git a/Makefile.util.def b/Makefile.util.def -index b7a6311..932a8c2 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -169,6 +169,7 @@ library = { - common = grub-core/kern/ia64/dl_helper.c; - common = grub-core/kern/arm/dl_helper.c; - common = grub-core/kern/arm64/dl_helper.c; -+ common = grub-core/kern/loongarch64/dl_helper.c; - common = grub-core/lib/minilzo/minilzo.c; - common = grub-core/lib/xzembed/xz_dec_bcj.c; - common = grub-core/lib/xzembed/xz_dec_lzma2.c; -diff --git a/bootstrap.conf b/bootstrap.conf -index 03f1093..854d3c0 100644 ---- a/bootstrap.conf -+++ b/bootstrap.conf -@@ -85,6 +85,10 @@ cp -a INSTALL INSTALL.grub - - bootstrap_post_import_hook () { - set -e -+ for patchname in fix-loongarch; do -+ patch -d gnulib -p1 \ -+ < "grub-core/lib/gnulib-patches/$patchname.patch" -+ done - for patchname in \ - 0001-Support-POTFILES-shell \ - 0002-Handle-gettext_printf-shell-function \ -diff --git a/configure.ac b/configure.ac -index 0a9522a..d03e089 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -149,6 +149,10 @@ case "$target_cpu" in - riscv64*) - target_cpu=riscv64 - ;; -+ loongarch64) -+ target_cpu=loongarch64 -+ machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_CPU_LOONGARCH64=1" -+ ;; - esac - - # Specify the platform (such as firmware). -@@ -167,6 +171,7 @@ if test "x$with_platform" = x; then - powerpc64-*) platform=ieee1275 ;; - powerpc64le-*) platform=ieee1275 ;; - sparc64-*) platform=ieee1275 ;; -+ loongarch64-*) platform=efi ;; - mipsel-*) platform=loongson ;; - mips-*) platform=arc ;; - ia64-*) platform=efi ;; -@@ -218,6 +223,7 @@ case "$target_cpu"-"$platform" in - mipsel-yeeloong) platform=loongson ;; - mipsel-fuloong) platform=loongson ;; - mipsel-loongson) ;; -+ loongarch64-efi) ;; - arm-uboot) ;; - arm-coreboot) ;; - arm-efi) ;; -@@ -276,6 +282,7 @@ case "$platform" in - pc) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_PCBIOS=1" ;; - emu) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_EMU=1" ;; - loongson) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_MIPS_LOONGSON=1" ;; -+ loongson64) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_LOONARCH64=1" ;; - qemu_mips) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_MIPS_QEMU_MIPS=1" ;; - arc) machine_CPPFLAGS="$machine_CPPFLAGS -DGRUB_MACHINE_ARC=1" ;; - esac -@@ -890,6 +897,21 @@ if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$p - TARGET_CFLAGS="$TARGET_CFLAGS -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-3dnow" - fi - -+if test "x$target_cpu" = xloongarch64; then -+ AC_CACHE_CHECK([whether _mno_explicit_relocs works], [grub_cv_cc_mno_explicit_relocs], [ -+ CFLAGS="$TARGET_CFLAGS -mno-explicit-relocs -Werror" -+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])], -+ [grub_cv_cc_mno_explicit_relocs=yes], -+ [grub_cv_cc_mno_explicit_relocs=no]) -+ ]) -+ if test "x$grub_cv_cc_mno_explicit_relocs" = xyes; then -+ TARGET_CFLAGS="$TARGET_CFLAGS -mno-explicit-relocs -fno-plt" -+ TARGET_CCASFLAGS="$TARGET_CCASFLAGS -mno-explicit-relocs -fno-plt" -+ fi -+ TARGET_CFLAGS="$TARGET_CFLAGS -Wa,-mla-global-with-abs" -+ TARGET_CCASFLAGS="$TARGET_CCASFLAGS -Wa,-mla-global-with-abs" -+fi -+ - # Should grub utils get the host CFLAGS, or the target CFLAGS? - AC_ARG_WITH([utils], - AS_HELP_STRING([--with-utils=host|target|build], -@@ -2166,6 +2188,8 @@ AM_CONDITIONAL([COND_mips_arc], [test "(" x$target_cpu = xmips -o x$target_cpu = - AM_CONDITIONAL([COND_sparc64_ieee1275], [test x$target_cpu = xsparc64 -a x$platform = xieee1275]) - AM_CONDITIONAL([COND_sparc64_emu], [test x$target_cpu = xsparc64 -a x$platform = xemu]) - AM_CONDITIONAL([COND_powerpc_ieee1275], [test x$target_cpu = xpowerpc -a x$platform = xieee1275]) -+AM_CONDITIONAL([COND_loongarch64_efi], [test x$target_cpu = xloongarch64 -a x$platform = xefi]) -+AM_CONDITIONAL([COND_loongarch64], [test x$target_cpu = xloongarch64]) - AM_CONDITIONAL([COND_mips], [test x$target_cpu = xmips -o x$target_cpu = xmipsel]) - AM_CONDITIONAL([COND_mipsel], [test x$target_cpu = xmipsel]) - AM_CONDITIONAL([COND_mipseb], [test x$target_cpu = xmips]) -diff --git a/gentpl.py b/gentpl.py -index 59f62ef..f03aff8 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -32,7 +32,8 @@ GRUB_PLATFORMS = [ "emu", "i386_pc", "i386_efi", "i386_qemu", "i386_coreboot", - "mips_loongson", "sparc64_ieee1275", - "powerpc_ieee1275", "mips_arc", "ia64_efi", - "mips_qemu_mips", "arm_uboot", "arm_efi", "arm64_efi", -- "arm_coreboot", "riscv32_efi", "riscv64_efi" ] -+ "arm_coreboot", "riscv32_efi", "riscv64_efi", -+ "loongarch64_efi" ] - - GROUPS = {} - -@@ -49,11 +50,12 @@ GROUPS["arm"] = [ "arm_uboot", "arm_efi", "arm_coreboot" ] - GROUPS["arm64"] = [ "arm64_efi" ] - GROUPS["riscv32"] = [ "riscv32_efi" ] - GROUPS["riscv64"] = [ "riscv64_efi" ] -+GROUPS["loongarch64"] = [ "loongarch64_efi" ] - - # Groups based on firmware - GROUPS["pc"] = [ "i386_pc" ] - GROUPS["efi"] = [ "i386_efi", "x86_64_efi", "ia64_efi", "arm_efi", "arm64_efi", -- "riscv32_efi", "riscv64_efi" ] -+ "riscv32_efi", "riscv64_efi", "loongarch64_efi" ] - GROUPS["ieee1275"] = [ "i386_ieee1275", "sparc64_ieee1275", "powerpc_ieee1275" ] - GROUPS["uboot"] = [ "arm_uboot" ] - GROUPS["xen"] = [ "i386_xen", "x86_64_xen" ] -@@ -80,7 +82,8 @@ GROUPS["terminfomodule"] = GRUB_PLATFORMS[:]; - for i in GROUPS["terminfoinkernel"]: GROUPS["terminfomodule"].remove(i) - - # Flattened Device Trees (FDT) --GROUPS["fdt"] = [ "arm64_efi", "arm_uboot", "arm_efi", "riscv32_efi", "riscv64_efi" ] -+GROUPS["fdt"] = [ "arm64_efi", "arm_uboot", "arm_efi", "riscv32_efi", -+ "riscv64_efi", "loongarch64_efi" ] - - # Needs software helpers for division - # Must match GRUB_DIVISION_IN_SOFTWARE in misc.h -diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am -index dd49939..6582f16 100644 ---- a/grub-core/Makefile.am -+++ b/grub-core/Makefile.am -@@ -240,6 +240,12 @@ KERNEL_HEADER_FILES += $(top_builddir)/include/grub/machine/memory.h - KERNEL_HEADER_FILES += $(top_builddir)/include/grub/machine/kernel.h - endif - -+if COND_loongarch64_efi -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/efi/efi.h -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/efi/disk.h -+KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/acpi.h -+endif -+ - if COND_powerpc_ieee1275 - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/ieee1275/ieee1275.h - KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/terminfo.h -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 6b00eb5..016d345 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -103,6 +103,9 @@ kernel = { - arm_coreboot_ldflags = '-Wl,-r,-d'; - arm_coreboot_stripflags = '--strip-unneeded -K start -R .note -R .comment -R .note.gnu.gold-version'; - -+ loongarch64_efi_ldflags = '-Wl,-r,-d'; -+ loongarch64_efi_stripflags = '--strip-unneeded -K start -R .note -R .comment -R .note.gnu.gold-version -R .eh_frame'; -+ - i386_pc_startup = kern/i386/pc/startup.S; - i386_efi_startup = kern/i386/efi/startup.S; - x86_64_efi_startup = kern/x86_64/efi/startup.S; -@@ -122,6 +125,7 @@ kernel = { - arm64_efi_startup = kern/arm64/efi/startup.S; - riscv32_efi_startup = kern/riscv/efi/startup.S; - riscv64_efi_startup = kern/riscv/efi/startup.S; -+ loongarch64_efi_startup = kern/loongarch64/efi/startup.S; - - common = kern/buffer.c; - common = kern/command.c; -@@ -270,6 +274,9 @@ kernel = { - riscv64_efi = kern/riscv/efi/init.c; - riscv64_efi = kern/efi/fdt.c; - -+ loongarch64_efi = kern/loongarch64/efi/init.c; -+ loongarch64_efi = kern/efi/fdt.c; -+ - i386_pc = kern/i386/pc/init.c; - i386_pc = kern/i386/pc/mmap.c; - i386_pc = term/i386/pc/console.c; -@@ -351,6 +358,12 @@ kernel = { - riscv64 = kern/riscv/cache_flush.S; - riscv64 = kern/riscv/dl.c; - -+ loongarch64 = kern/loongarch64/init.c; -+ loongarch64 = kern/loongarch64/dl.c; -+ loongarch64 = kern/loongarch64/dl_helper.c; -+ loongarch64 = kern/loongarch64/cache.S; -+ loongarch64 = kern/generic/rtc_get_time_ms.c; -+ - fdt = lib/fdt.c; - - emu = disk/host.c; -@@ -864,6 +877,7 @@ module = { - enable = arm_coreboot; - enable = riscv32_efi; - enable = riscv64_efi; -+ enable = loongarch64_efi; - }; - - module = { -@@ -941,6 +955,7 @@ module = { - i386_multiboot = commands/acpihalt.c; - i386_efi = commands/acpihalt.c; - x86_64_efi = commands/acpihalt.c; -+ loongarch64_efi = commands/acpihalt.c; - i386_multiboot = lib/i386/halt.c; - i386_coreboot = lib/i386/halt.c; - i386_qemu = lib/i386/halt.c; -@@ -1715,6 +1730,8 @@ module = { - x86_64_xen = lib/x86_64/xen/relocator.S; - xen = lib/i386/relocator_common_c.c; - x86_64_efi = lib/x86_64/efi/relocator.c; -+ loongarch64 = lib/loongarch64/relocator_asm.S; -+ loongarch64 = lib/loongarch64/relocator.c; - - extra_dist = lib/i386/relocator_common.S; - extra_dist = kern/powerpc/cache_flush.S; -@@ -1724,6 +1741,7 @@ module = { - enable = x86; - enable = i386_xen_pvh; - enable = xen; -+ enable = loongarch64; - }; - - module = { -@@ -1756,6 +1774,7 @@ module = { - extra_dist = lib/arm/setjmp.S; - extra_dist = lib/arm64/setjmp.S; - extra_dist = lib/riscv/setjmp.S; -+ extra_dist = lib/loongarch64/setjmp.S; - }; - - module = { -@@ -1854,6 +1873,9 @@ module = { - arm64 = loader/arm64/linux.c; - riscv32 = loader/riscv/linux.c; - riscv64 = loader/riscv/linux.c; -+ loongarch64 = loader/loongarch64/linux.c; -+ loongarch64 = loader/loongarch64/linux-elf.c; -+ loongarch64 = loader/loongarch64/linux-efi.c; - emu = loader/emu/linux.c; - - common = loader/linux.c; -@@ -1953,6 +1975,7 @@ module = { - enable = riscv32_efi; - enable = riscv64_efi; - enable = mips; -+ enable = loongarch64_efi; - }; - - module = { -diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c -index f304494..8c82ea1 100644 ---- a/grub-core/kern/dl.c -+++ b/grub-core/kern/dl.c -@@ -278,7 +278,8 @@ grub_dl_load_segments (grub_dl_t mod, const Elf_Ehdr *e) - unsigned i; - const Elf_Shdr *s; - grub_size_t tsize = 0, talign = 1; --#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) -+#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) && \ -+ !defined(__loongarch__) - grub_size_t tramp; - grub_size_t got; - grub_err_t err; -@@ -294,7 +295,8 @@ grub_dl_load_segments (grub_dl_t mod, const Elf_Ehdr *e) - talign = s->sh_addralign; - } - --#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) -+#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) && \ -+ !defined(__loongarch__) - err = grub_arch_dl_get_tramp_got_size (e, &tramp, &got); - if (err) - return err; -@@ -357,7 +359,8 @@ grub_dl_load_segments (grub_dl_t mod, const Elf_Ehdr *e) - mod->segment = seg; - } - } --#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) -+#if !defined (__i386__) && !defined (__x86_64__) && !defined(__riscv) && \ -+ !defined(__loongarch__) - ptr = (char *) ALIGN_UP ((grub_addr_t) ptr, GRUB_ARCH_DL_TRAMP_ALIGN); - mod->tramp = ptr; - mod->trampptr = ptr; -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 8553fcd..9d723a9 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -699,7 +699,8 @@ grub_efi_mm_init (void) - 2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE)); - } - --#if defined (__aarch64__) || defined (__arm__) || defined (__riscv) -+#if defined (__aarch64__) || defined (__arm__) || defined (__riscv) \ -+ || defined (__loongarch__) - grub_err_t - grub_efi_get_ram_base(grub_addr_t *base_addr) - { -diff --git a/grub-core/kern/loongarch64/cache.S b/grub-core/kern/loongarch64/cache.S -new file mode 100644 -index 0000000..d291c67 ---- /dev/null -+++ b/grub-core/kern/loongarch64/cache.S -@@ -0,0 +1,26 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+ -+FUNCTION (grub_arch_sync_caches) -+ jr $ra -+ -+FUNCTION (grub_arch_sync_dma_caches) -+ jr $ra -+ -diff --git a/grub-core/kern/loongarch64/dl.c b/grub-core/kern/loongarch64/dl.c -new file mode 100644 -index 0000000..47196a2 ---- /dev/null -+++ b/grub-core/kern/loongarch64/dl.c -@@ -0,0 +1,150 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Check if EHDR is a valid ELF header. */ -+grub_err_t -+grub_arch_dl_check_header (void *ehdr) -+{ -+ Elf_Ehdr *e = ehdr; -+ -+ /* Check the magic numbers. */ -+ if (e->e_ident[EI_CLASS] != ELFCLASS64 -+ || e->e_ident[EI_DATA] != ELFDATA2LSB || e->e_machine != EM_LOONGARCH) -+ return grub_error (GRUB_ERR_BAD_OS, N_("invalid arch-dependent ELF magic")); -+ -+ return GRUB_ERR_NONE; -+} -+ -+#pragma GCC diagnostic ignored "-Wcast-align" -+ -+/* -+ * Unified function for both REL and RELA. -+ */ -+grub_err_t -+grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr, -+ Elf_Shdr *s, grub_dl_segment_t seg) -+{ -+ Elf_Rel *rel, *max; -+ struct grub_loongarch64_stack stack; -+ grub_loongarch64_stack_init (&stack); -+ -+ for (rel = (Elf_Rel *) ((char *) ehdr + s->sh_offset), -+ max = (Elf_Rel *) ((char *) rel + s->sh_size); -+ rel < max; -+ rel = (Elf_Rel *) ((char *) rel + s->sh_entsize)) -+ { -+ Elf_Sym *sym; -+ void *place; -+ grub_uint64_t sym_addr; -+ -+ if (rel->r_offset >= seg->size) -+ return grub_error (GRUB_ERR_BAD_MODULE, -+ "reloc offset is outside the segment"); -+ -+ sym = (Elf_Sym *) ((char*)mod->symtab -+ + mod->symsize * ELF_R_SYM (rel->r_info)); -+ -+ sym_addr = sym->st_value; -+ if (s->sh_type == SHT_RELA) -+ sym_addr += ((Elf_Rela *) rel)->r_addend; -+ -+ place = (void *) ((grub_addr_t)seg->addr + rel->r_offset); -+ -+ switch (ELF_R_TYPE (rel->r_info)) -+ { -+ case R_LARCH_64: -+ { -+ grub_uint64_t *abs_place = place; -+ -+ grub_dprintf ("dl", "reloc_abs64 %p => 0x%016llx, %p\n", -+ place, (unsigned long long) sym_addr, abs_place); -+ -+ *abs_place += (grub_uint64_t) sym_addr; -+ } -+ break; -+ case R_LARCH_MARK_LA: -+ break; -+ case R_LARCH_SOP_PUSH_PCREL: -+ case R_LARCH_SOP_PUSH_PLT_PCREL: -+ grub_loongarch64_sop_push (&stack, sym_addr - (grub_uint64_t)place); -+ break; -+ case R_LARCH_B26: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_ssize_t off = sym_addr - (grub_addr_t) place; -+ -+ grub_loongarch64_b26 (abs_place, off); -+ } -+ break; -+ case R_LARCH_ABS_HI20: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_loongarch64_xxx_hi20 (abs_place, sym_addr); -+ } -+ break; -+ case R_LARCH_ABS64_LO20: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_loongarch64_xxx64_lo20 (abs_place, sym_addr); -+ } -+ break; -+ case R_LARCH_ABS64_HI12: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_loongarch64_xxx64_hi12 (abs_place, sym_addr); -+ } -+ break; -+ case R_LARCH_PCALA_HI20: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_int32_t off = (((sym_addr + 0x800) & ~0xfffULL) - ((grub_addr_t)place & ~0xfffULL)); -+ -+ grub_loongarch64_xxx_hi20 (abs_place, off); -+ } -+ break; -+ case R_LARCH_ABS_LO12: -+ case R_LARCH_PCALA_LO12: -+ { -+ grub_uint32_t *abs_place = place; -+ grub_loongarch64_xxx_lo12 (abs_place, sym_addr); -+ } -+ break; -+ GRUB_LOONGARCH64_RELOCATION (&stack, place, sym_addr) -+ default: -+ { -+ char rel_info[17]; /* log16(2^64) = 16, plus NUL. */ -+ -+ grub_snprintf (rel_info, sizeof (rel_info) - 1, "%" PRIxGRUB_UINT64_T, -+ (grub_uint64_t) ELF_R_TYPE (rel->r_info)); -+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ N_("relocation 0x%s is not implemented yet"), rel_info); -+ } -+ break; -+ } -+ } -+ return GRUB_ERR_NONE; -+} -diff --git a/grub-core/kern/loongarch64/dl_helper.c b/grub-core/kern/loongarch64/dl_helper.c -new file mode 100644 -index 0000000..68275fe ---- /dev/null -+++ b/grub-core/kern/loongarch64/dl_helper.c -@@ -0,0 +1,264 @@ -+/* dl_helper.c - relocation helper functions for modules and grub-mkimage */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static void grub_loongarch64_stack_push (grub_loongarch64_stack_t stack, grub_uint64_t x); -+static grub_uint64_t grub_loongarch64_stack_pop (grub_loongarch64_stack_t stack); -+ -+void -+grub_loongarch64_stack_init (grub_loongarch64_stack_t stack) -+{ -+ stack->top = -1; -+ stack->count = LOONGARCH64_STACK_MAX; -+} -+ -+static void -+grub_loongarch64_stack_push (grub_loongarch64_stack_t stack, grub_uint64_t x) -+{ -+ if (stack->top == stack->count) -+ return; -+ stack->data[++stack->top] = x; -+} -+ -+static grub_uint64_t -+grub_loongarch64_stack_pop (grub_loongarch64_stack_t stack) -+{ -+ if (stack->top == -1) -+ return -1; -+ return stack->data[stack->top--]; -+} -+ -+void -+grub_loongarch64_sop_push (grub_loongarch64_stack_t stack, grub_int64_t offset) -+{ -+ grub_loongarch64_stack_push (stack, offset); -+} -+ -+/* opr2 = pop (), opr1 = pop (), push (opr1 - opr2) */ -+void -+grub_loongarch64_sop_sub (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b; -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ grub_loongarch64_stack_push (stack, a - b); -+} -+ -+/* opr2 = pop (), opr1 = pop (), push (opr1 << opr2) */ -+void -+grub_loongarch64_sop_sl (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b; -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ grub_loongarch64_stack_push (stack, a << b); -+} -+ -+/* opr2 = pop (), opr1 = pop (), push (opr1 >> opr2) */ -+void -+grub_loongarch64_sop_sr (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b; -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ grub_loongarch64_stack_push (stack, a >> b); -+} -+ -+/* opr2 = pop (), opr1 = pop (), push (opr1 + opr2) */ -+void -+grub_loongarch64_sop_add (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b; -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ grub_loongarch64_stack_push (stack, a + b); -+} -+ -+/* opr2 = pop (), opr1 = pop (), push (opr1 & opr2) */ -+void -+grub_loongarch64_sop_and (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b; -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ grub_loongarch64_stack_push (stack, a & b); -+} -+ -+/* opr3 = pop (), opr2 = pop (), opr1 = pop (), push (opr1 ? opr2 : opr3) */ -+void -+grub_loongarch64_sop_if_else (grub_loongarch64_stack_t stack) -+{ -+ grub_uint64_t a, b, c; -+ c = grub_loongarch64_stack_pop (stack); -+ b = grub_loongarch64_stack_pop (stack); -+ a = grub_loongarch64_stack_pop (stack); -+ -+ if (a) { -+ grub_loongarch64_stack_push (stack, b); -+ } else { -+ grub_loongarch64_stack_push (stack, c); -+ } -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [14 ... 10] = opr1 [4 ... 0] */ -+void -+grub_loongarch64_sop_32_s_10_5 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place |= ((a & 0x1f) << 10); -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [21 ... 10] = opr1 [11 ... 0] */ -+void -+grub_loongarch64_sop_32_u_10_12 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place = *place | ((a & 0xfff) << 10); -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [21 ... 10] = opr1 [11 ... 0] */ -+void -+grub_loongarch64_sop_32_s_10_12 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place = (*place) | ((a & 0xfff) << 10); -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [25 ... 10] = opr1 [15 ... 0] */ -+void -+grub_loongarch64_sop_32_s_10_16 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place = (*place) | ((a & 0xffff) << 10); -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [25 ... 10] = opr1 [17 ... 2] */ -+void -+grub_loongarch64_sop_32_s_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place = (*place) | (((a >> 2) & 0xffff) << 10); -+} -+ -+/* opr1 = pop (), (*(uint32_t *) PC) [24 ... 5] = opr1 [19 ... 0] */ -+void -+grub_loongarch64_sop_32_s_5_20 (grub_loongarch64_stack_t stack, grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place = (*place) | ((a & 0xfffff)<<5); -+} -+ -+/* opr1 = pop (), -+ (*(uint32_t *) PC) [4 ... 0] = opr1 [22 ... 18] -+ (*(uint32_t *) PC) [25 ...10] = opr1 [17 ... 2] -+ */ -+void -+grub_loongarch64_sop_32_s_0_5_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ -+ *place =(*place) | (((a >> 2) & 0xffff) << 10); -+ *place =(*place) | ((a >> 18) & 0x1f); -+} -+ -+/* -+ opr1 = pop () -+ (*(uint32_t *) PC) [9 ... 0] = opr1 [27 ... 18], -+ (*(uint32_t *) PC) [25 ... 10] = opr1 [17 ... 2] -+*/ -+void -+grub_loongarch64_sop_32_s_0_10_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place) -+{ -+ grub_uint64_t a = grub_loongarch64_stack_pop (stack); -+ *place =(*place) | (((a >> 2) & 0xffff) << 10); -+ *place =(*place) | ((a >> 18) & 0x3ff); -+} -+ -+void grub_loongarch64_b26 (grub_uint32_t *place, grub_int64_t offset) -+{ -+ grub_uint32_t val; -+ const grub_uint32_t insmask = grub_cpu_to_le32_compile_time (0xfc000000); -+ -+ grub_dprintf ("dl", " reloc_xxxx64 %p %c= 0x%llx\n", -+ place, offset > 0 ? '+' : '-', -+ offset < 0 ? (long long) -(unsigned long long) offset : offset); -+ -+ val = ((offset >> 18) & 0x3ff) | (((offset >> 2) & 0xffff) << 10); -+ -+ *place &= insmask; -+ *place |= grub_cpu_to_le32 (val) & ~insmask; -+} -+ -+void grub_loongarch64_xxx_hi20 (grub_uint32_t *place, grub_int64_t offset) -+{ -+ const grub_uint32_t insmask = grub_cpu_to_le32_compile_time (0xfe00001f); -+ grub_uint32_t val; -+ -+ offset >>= 12; -+ val = ((offset & 0xfffff) << 5); -+ -+ *place &= insmask; -+ *place |= grub_cpu_to_le32 (val) & ~insmask; -+} -+ -+void grub_loongarch64_xxx_lo12 (grub_uint32_t *place, grub_int64_t offset) -+{ -+ const grub_uint32_t insmask = grub_cpu_to_le32_compile_time (0xffc003ff); -+ -+ *place &= insmask; -+ *place |= grub_cpu_to_le32 (offset << 10) & ~insmask; -+} -+ -+void grub_loongarch64_xxx64_hi12 (grub_uint32_t *place, grub_int64_t offset) -+{ -+ const grub_uint32_t insmask = grub_cpu_to_le32_compile_time (0xffc003ff); -+ grub_uint32_t val; -+ -+ offset >>= 52; -+ val = ((offset & 0xfff) << 10); -+ -+ *place &= insmask; -+ *place |= grub_cpu_to_le32 (val) & ~insmask; -+} -+ -+void grub_loongarch64_xxx64_lo20 (grub_uint32_t *place, grub_int64_t offset) -+{ -+ const grub_uint32_t insmask = grub_cpu_to_le32_compile_time (0xfe00001f); -+ grub_uint32_t val; -+ -+ offset >>= 32; -+ val = ((offset & 0xfffff) << 5); -+ -+ *place &= insmask; -+ *place |= grub_cpu_to_le32 (val) & ~insmask; -+} -diff --git a/grub-core/kern/loongarch64/efi/init.c b/grub-core/kern/loongarch64/efi/init.c -new file mode 100644 -index 0000000..7f7c866 ---- /dev/null -+++ b/grub-core/kern/loongarch64/efi/init.c -@@ -0,0 +1,73 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2013 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static grub_uint64_t tmr; -+static grub_efi_event_t tmr_evt; -+ -+static grub_uint64_t -+grub_efi_get_time_ms (void) -+{ -+ return tmr; -+} -+ -+static void -+grub_loongson_increment_timer (grub_efi_event_t event __attribute__ ((unused)), -+ void *context __attribute__ ((unused))) -+{ -+ tmr += 10; -+} -+ -+void -+grub_machine_init (void) -+{ -+ grub_efi_boot_services_t *b; -+ -+ grub_efi_init (); -+ -+ b = grub_efi_system_table->boot_services; -+ efi_call_5 (b->create_event, GRUB_EFI_EVT_TIMER | GRUB_EFI_EVT_NOTIFY_SIGNAL, -+ GRUB_EFI_TPL_CALLBACK, grub_loongson_increment_timer, NULL, &tmr_evt); -+ efi_call_3 (b->set_timer, tmr_evt, GRUB_EFI_TIMER_PERIODIC, 100000); -+ -+ grub_install_get_time_ms (grub_efi_get_time_ms); -+} -+ -+void -+grub_machine_fini (int flags) -+{ -+ grub_efi_boot_services_t *b; -+ -+ if (!(flags & GRUB_LOADER_FLAG_NORETURN)) -+ return; -+ -+ b = grub_efi_system_table->boot_services; -+ -+ efi_call_3 (b->set_timer, tmr_evt, GRUB_EFI_TIMER_CANCEL, 0); -+ efi_call_1 (b->close_event, tmr_evt); -+ -+ grub_efi_fini (); -+} -diff --git a/grub-core/kern/loongarch64/efi/startup.S b/grub-core/kern/loongarch64/efi/startup.S -new file mode 100644 -index 0000000..1ffff08 ---- /dev/null -+++ b/grub-core/kern/loongarch64/efi/startup.S -@@ -0,0 +1,45 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2013 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+ -+ .file "startup.S" -+ .text -+ .globl start, _start -+ .align 4 -+ -+FUNCTION(start) -+FUNCTION(_start) -+ /* -+ * EFI_SYSTEM_TABLE and EFI_HANDLE are passed in a1/a0. -+ */ -+ addi.d $sp, $sp, -16 -+ st.d $ra, $sp, 0 -+ -+ la $a2, grub_efi_image_handle -+ st.d $a0, $a2, 0 -+ la $a2, grub_efi_system_table -+ st.d $a1, $a2, 0 -+ -+ bl grub_main -+ -+1: -+ ld.d $ra, $sp, 0 -+ addi.d $sp, $sp, 16 -+ jr $ra -+ -diff --git a/grub-core/kern/loongarch64/init.c b/grub-core/kern/loongarch64/init.c -new file mode 100644 -index 0000000..b2de930 ---- /dev/null -+++ b/grub-core/kern/loongarch64/init.c -@@ -0,0 +1,47 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+ -+grub_uint32_t grub_arch_cpuclock; -+ -+/* FIXME: use interrupt to count high. */ -+grub_uint64_t -+grub_get_rtc (void) -+{ -+ static grub_uint32_t high = 0; -+ static grub_uint32_t last = 0; -+ grub_uint32_t low; -+ -+ asm volatile ("csrrd %0, " GRUB_CPU_LOONGARCH_COP0_TIMER_COUNT : "=r" (low)); -+ if (low < last) -+ high++; -+ last = low; -+ -+ return (((grub_uint64_t) high) << 32) | low; -+} -+ -+void -+grub_timer_init (grub_uint32_t cpuclock) -+{ -+ grub_arch_cpuclock = cpuclock; -+ grub_install_get_time_ms (grub_rtc_get_time_ms); -+} -diff --git a/grub-core/lib/gnulib-patches/fix-loongarch.patch b/grub-core/lib/gnulib-patches/fix-loongarch.patch -new file mode 100644 -index 0000000..fa0b09a ---- /dev/null -+++ b/grub-core/lib/gnulib-patches/fix-loongarch.patch -@@ -0,0 +1,26 @@ -+diff --git a/build-aux/config.guess b/build-aux/config.guess -+index 8e2a58b..927581d 100755 -+--- a/build-aux/config.guess -++++ b/build-aux/config.guess -+@@ -990,6 +990,9 @@ EOF -+ k1om:Linux:*:*) -+ echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" -+ exit ;; -++ loongarch32:Linux:*:* | loongarch64:Linux:*:* | loongarchx32:Linux:*:*) -++ echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" -++ exit ;; -+ m32r*:Linux:*:*) -+ echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" -+ exit ;; -+diff --git a/build-aux/config.sub b/build-aux/config.sub -+index 1fc4cde..6303428 100755 -+--- a/build-aux/config.sub -++++ b/build-aux/config.sub -+@@ -1184,6 +1184,7 @@ case $cpu-$vendor in -+ | k1om \ -+ | le32 | le64 \ -+ | lm32 \ -++ | loongarch32 | loongarch64 | loongarchx32 \ -+ | m32c | m32r | m32rle \ -+ | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k | v70 | w65 \ -+ | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip \ -diff --git a/grub-core/lib/loongarch64/relocator.c b/grub-core/lib/loongarch64/relocator.c -new file mode 100644 -index 0000000..faa4553 ---- /dev/null -+++ b/grub-core/lib/loongarch64/relocator.c -@@ -0,0 +1,163 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+ -+#include -+#include -+#include -+#include -+ -+#include -+#include -+ -+extern grub_uint8_t grub_relocator_forward_start; -+extern grub_uint8_t grub_relocator_forward_end; -+extern grub_uint8_t grub_relocator_backward_start; -+extern grub_uint8_t grub_relocator_backward_end; -+ -+#define REGW_SIZEOF (4 * sizeof (grub_uint32_t)) -+#define JUMP_SIZEOF (2 * sizeof (grub_uint32_t)) -+ -+#define RELOCATOR_SRC_SIZEOF(x) (&grub_relocator_##x##_end \ -+ - &grub_relocator_##x##_start) -+#define RELOCATOR_SIZEOF(x) (RELOCATOR_SRC_SIZEOF(x) \ -+ + REGW_SIZEOF * 3) -+grub_size_t grub_relocator_align = sizeof (grub_uint64_t); -+grub_size_t grub_relocator_forward_size; -+grub_size_t grub_relocator_backward_size; -+grub_size_t grub_relocator_jumper_size = JUMP_SIZEOF + REGW_SIZEOF; -+ -+void -+grub_cpu_relocator_init (void) -+{ -+ grub_relocator_forward_size = RELOCATOR_SIZEOF(forward); -+ grub_relocator_backward_size = RELOCATOR_SIZEOF(backward); -+} -+ -+static void -+write_reg (int regn, grub_uint64_t val, void **target) -+{ -+ grub_uint32_t lu12iw=0x14000000; -+ grub_uint32_t ori=0x03800000; -+ grub_uint32_t lu32id=0x16000000; -+ grub_uint32_t lu52id=0x03000000; -+ -+ *(grub_uint32_t *) *target = (lu12iw | (grub_uint32_t)((val & 0xfffff000)>>12<<5) | (grub_uint32_t)regn);; -+ *target = ((grub_uint32_t *) *target) + 1; -+ *(grub_uint32_t *) *target = (ori | (grub_uint32_t)((val & 0xfff)<<10) | (grub_uint32_t)(regn | regn<<5)); -+ *target = ((grub_uint32_t *) *target) + 1; -+ *(grub_uint32_t *) *target = (lu32id | (grub_uint32_t)((val & 0xfffff00000000)>>32<<5) | (grub_uint32_t)regn);; -+ *target = ((grub_uint32_t *) *target) + 1; -+ *(grub_uint32_t *) *target = (lu52id | (grub_uint32_t)((val & 0xfff0000000000000)>>52<<10) | (grub_uint32_t)(regn | regn<<5));; -+ *target = ((grub_uint32_t *) *target) + 1; -+} -+ -+static void -+write_jump (int regn, void **target) -+{ -+ grub_uint32_t jirl=0x4c000000; -+ -+ *(grub_uint32_t *) *target = (jirl | (grub_uint32_t)(regn<<5)); -+ *target = ((grub_uint32_t *) *target) + 1; -+} -+ -+void -+grub_cpu_relocator_jumper (void *rels, grub_addr_t addr) -+{ -+ write_reg (1, addr, &rels); -+ write_jump (1, &rels); -+} -+ -+void -+grub_cpu_relocator_backward (void *ptr0, void *src, void *dest, -+ grub_size_t size) -+{ -+ void *ptr = ptr0; -+ write_reg (8, (grub_uint64_t) src, &ptr); -+ write_reg (9, (grub_uint64_t) dest, &ptr); -+ write_reg (10, (grub_uint64_t) size, &ptr); -+ grub_memcpy (ptr, &grub_relocator_backward_start, -+ RELOCATOR_SRC_SIZEOF (backward)); -+} -+ -+void -+grub_cpu_relocator_forward (void *ptr0, void *src, void *dest, -+ grub_size_t size) -+{ -+ void *ptr = ptr0; -+ write_reg (8, (grub_uint64_t) src, &ptr); -+ write_reg (9, (grub_uint64_t) dest, &ptr); -+ write_reg (10, (grub_uint64_t) size, &ptr); -+ grub_memcpy (ptr, &grub_relocator_forward_start, -+ RELOCATOR_SRC_SIZEOF (forward)); -+} -+ -+grub_err_t -+grub_relocator64_boot (struct grub_relocator *rel, -+ struct grub_relocator64_state state) -+{ -+ grub_relocator_chunk_t ch; -+ void *ptr; -+ grub_err_t err; -+ void *relst; -+ grub_size_t relsize; -+ grub_size_t stateset_size = 31 * REGW_SIZEOF + JUMP_SIZEOF; -+ unsigned i; -+ grub_addr_t vtarget; -+ -+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0, -+ (0xffffffff - stateset_size) -+ + 1, stateset_size, -+ grub_relocator_align, -+ GRUB_RELOCATOR_PREFERENCE_NONE, 0); -+ if (err) -+ return err; -+ -+ ptr = get_virtual_current_address (ch); -+ for (i = 1; i < 32; i++) -+ write_reg (i, state.gpr[i], &ptr); -+ write_jump (state.jumpreg, &ptr); -+ -+ vtarget = (grub_addr_t) grub_map_memory (get_physical_target_address (ch), -+ stateset_size); -+ -+ err = grub_relocator_prepare_relocs (rel, vtarget, &relst, &relsize); -+ if (err) -+ return err; -+ -+ grub_arch_sync_caches ((void *) relst, relsize); -+ -+ asm volatile ( -+ "ibar 0 \n"); -+ -+ grub_uint64_t val; -+ __asm__ __volatile__( -+ "li.w %0, 0x4\n\t" -+ "csrxchg $r0, %0, 0x0\n\t" -+ : "=r"(val) -+ : -+ : -+ ); -+ -+ ((void (*) (void)) relst) (); -+ -+ /* Not reached. */ -+ return GRUB_ERR_NONE; -+} -diff --git a/grub-core/lib/loongarch64/relocator_asm.S b/grub-core/lib/loongarch64/relocator_asm.S -new file mode 100644 -index 0000000..ffdccc9 ---- /dev/null -+++ b/grub-core/lib/loongarch64/relocator_asm.S -@@ -0,0 +1,51 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+ -+ .p2align 4 /* force 16-byte alignment */ -+ -+VARIABLE (grub_relocator_forward_start) -+ -+copycont1: -+ ld.d $r11,$r8,0 -+ st.d $r11,$r9,0 -+ addi.d $r8, $r8, 8 -+ addi.d $r10, $r10, -8 -+ addi.d $r9, $r9, 8 -+ bne $r10, $r0, copycont1 -+ -+VARIABLE (grub_relocator_forward_end) -+ -+VARIABLE (grub_relocator_backward_start) -+ -+ add.d $r9, $r9, $r10 -+ add.d $r8, $r8, $r10 -+ /* Backward movsl is implicitly off-by-one. compensate that. */ -+ addi.d $r9, $r9, -8 -+ addi.d $r8, $r8, -8 -+copycont2: -+ ld.w $r11,$r8,0 -+ st.w $r11,$r9,0 -+ addi.d $r8, $r8, -8 -+ addi.d $r10, $r10, -8 -+ addi.d $r9, $r9, -8 -+ bne $r10, $r0, copycont2 -+ -+VARIABLE (grub_relocator_backward_end) -+ -diff --git a/grub-core/lib/loongarch64/setjmp.S b/grub-core/lib/loongarch64/setjmp.S -new file mode 100644 -index 0000000..bb09959 ---- /dev/null -+++ b/grub-core/lib/loongarch64/setjmp.S -@@ -0,0 +1,68 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2021 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+ -+ .file "setjmp.S" -+ -+GRUB_MOD_LICENSE "GPLv3+" -+ -+ .text -+ -+/* -+ * int grub_setjmp (jmp_buf env) -+ */ -+FUNCTION(grub_setjmp) -+ st.d $s0, $a0, 0x0 -+ st.d $s1, $a0, 0x8 -+ st.d $s2, $a0, 0x10 -+ st.d $s3, $a0, 0x18 -+ st.d $s4, $a0, 0x20 -+ st.d $s5, $a0, 0x28 -+ st.d $s6, $a0, 0x30 -+ st.d $s7, $a0, 0x38 -+ st.d $s8, $a0, 0x40 -+ st.d $fp, $a0, 0x48 -+ st.d $sp, $a0, 0x50 -+ st.d $ra, $a0, 0x58 -+ -+ move $a0, $zero -+ jr $ra -+ -+/* -+ * void grub_longjmp (jmp_buf env, int val) -+ */ -+FUNCTION(grub_longjmp) -+ ld.d $s0, $a0, 0x0 -+ ld.d $s1, $a0, 0x8 -+ ld.d $s2, $a0, 0x10 -+ ld.d $s3, $a0, 0x18 -+ ld.d $s4, $a0, 0x20 -+ ld.d $s5, $a0, 0x28 -+ ld.d $s6, $a0, 0x30 -+ ld.d $s7, $a0, 0x38 -+ ld.d $s8, $a0, 0x40 -+ ld.d $fp, $a0, 0x48 -+ ld.d $sp, $a0, 0x50 -+ ld.d $ra, $a0, 0x58 -+ -+ li.w $a0, 1 -+ beqz $a1, .L0 -+ move $a0, $a1 -+.L0: -+ jr $ra -diff --git a/grub-core/lib/setjmp.S b/grub-core/lib/setjmp.S -index aa297ab..da71fc7 100644 ---- a/grub-core/lib/setjmp.S -+++ b/grub-core/lib/setjmp.S -@@ -15,6 +15,8 @@ - #include "./arm/setjmp.S" - #elif defined(__aarch64__) - #include "./arm64/setjmp.S" -+#elif defined(__loongarch64) -+#include "./loongarch64/setjmp.S" - #elif defined(__riscv) - #include "./riscv/setjmp.S" - #else -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index fb874f1..faf60ef 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -345,6 +345,8 @@ static const grub_uint16_t machine_type __attribute__((__unused__)) = - GRUB_PE32_MACHINE_I386; - #elif defined(__ia64__) - GRUB_PE32_MACHINE_IA64; -+#elif defined(__loongarch64) -+ GRUB_PE32_MACHINE_LOONGARCH64; - #elif defined(__riscv) && (__riscv_xlen == 32) - GRUB_PE32_MACHINE_RISCV32; - #elif defined(__riscv) && (__riscv_xlen == 64) -diff --git a/grub-core/loader/loongarch64/linux-efi.c b/grub-core/loader/loongarch64/linux-efi.c -new file mode 100644 -index 0000000..4dcefd9 ---- /dev/null -+++ b/grub-core/loader/loongarch64/linux-efi.c -@@ -0,0 +1,144 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2021 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define GRUB_EFI_PE_MAGIC 0x5A4D -+ -+grub_err_t -+finalize_efi_params_linux (struct linux_loongarch64_kernel_params *kernel_params) -+{ -+ int node, retval; -+ -+ void *fdt; -+ -+ fdt = grub_fdt_load (GRUB_EFI_LINUX_FDT_EXTRA_SPACE); -+ -+ if (!fdt) -+ goto failure; -+ -+ node = grub_fdt_find_subnode (fdt, 0, "chosen"); -+ if (node < 0) -+ node = grub_fdt_add_subnode (fdt, 0, "chosen"); -+ -+ if (node < 1) -+ goto failure; -+ -+ /* Set initrd info */ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ grub_dprintf ("linux", "Initrd @ %p-%p\n", -+ (void *) kernel_params->ramdisk_addr, -+ (void *) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -+ -+ retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-start", -+ kernel_params->ramdisk_addr); -+ if (retval) -+ goto failure; -+ retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-end", -+ kernel_params->ramdisk_addr + kernel_params->ramdisk_size); -+ if (retval) -+ goto failure; -+ } -+ -+ if (grub_fdt_install() != GRUB_ERR_NONE) -+ goto failure; -+ -+ return GRUB_ERR_NONE; -+ -+failure: -+ grub_fdt_unload(); -+ return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+} -+ -+grub_err_t -+grub_arch_efi_linux_check_image (struct linux_arch_kernel_header * lh) -+{ -+ if ((lh->code0 & 0xffff) == GRUB_EFI_PE_MAGIC) -+ return GRUB_ERR_NONE; -+ else -+ return 1; -+ -+ grub_dprintf ("linux", "UEFI stub kernel:\n"); -+ grub_dprintf ("linux", "PE/COFF header @ %08x\n", lh->hdr_offset); -+ -+ return GRUB_ERR_NONE; -+} -+ -+grub_err_t -+grub_arch_efi_linux_boot_image (grub_addr_t addr, grub_size_t size, char *args) -+{ -+ grub_efi_memory_mapped_device_path_t *mempath; -+ grub_efi_handle_t image_handle; -+ grub_efi_boot_services_t *b; -+ grub_efi_status_t status; -+ grub_efi_loaded_image_t *loaded_image; -+ int len; -+ -+ mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t)); -+ if (!mempath) -+ return grub_errno; -+ -+ mempath[0].header.type = GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE; -+ mempath[0].header.subtype = GRUB_EFI_MEMORY_MAPPED_DEVICE_PATH_SUBTYPE; -+ mempath[0].header.length = grub_cpu_to_le16_compile_time (sizeof (*mempath)); -+ mempath[0].memory_type = GRUB_EFI_LOADER_DATA; -+ mempath[0].start_address = addr; -+ mempath[0].end_address = addr + size; -+ -+ mempath[1].header.type = GRUB_EFI_END_DEVICE_PATH_TYPE; -+ mempath[1].header.subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -+ mempath[1].header.length = sizeof (grub_efi_device_path_t); -+ -+ b = grub_efi_system_table->boot_services; -+ status = b->load_image (0, grub_efi_image_handle, -+ (grub_efi_device_path_t *) mempath, -+ (void *) addr, size, &image_handle); -+ if (status != GRUB_EFI_SUCCESS) -+ return grub_error (GRUB_ERR_BAD_OS, "cannot load image"); -+ -+ grub_dprintf ("linux", "linux command line: '%s'\n", args); -+ -+ /* Convert command line to UCS-2 */ -+ loaded_image = grub_efi_get_loaded_image (image_handle); -+ loaded_image->load_options_size = len = -+ (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t); -+ loaded_image->load_options = -+ grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+ if (!loaded_image->load_options) -+ return grub_errno; -+ -+ loaded_image->load_options_size = -+ 2 * grub_utf8_to_utf16 (loaded_image->load_options, len, -+ (grub_uint8_t *) args, len, NULL); -+ -+ grub_dprintf ("linux", "starting image %p\n", image_handle); -+ status = b->start_image (image_handle, 0, NULL); -+ -+ /* When successful, not reached */ -+ b->unload_image (image_handle); -+ grub_efi_free_pages ((grub_addr_t) loaded_image->load_options, -+ GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size)); -+ -+ return grub_errno; -+} -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -new file mode 100644 -index 0000000..85585b4 ---- /dev/null -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -0,0 +1,529 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2021 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define GRUB_ADDRESS_TYPE_SYSRAM 1 -+#define GRUB_ADDRESS_TYPE_RESERVED 2 -+#define GRUB_ADDRESS_TYPE_ACPI 3 -+#define GRUB_ADDRESS_TYPE_NVS 4 -+#define GRUB_ADDRESS_TYPE_PMEM 5 -+#define GRUB_EFI_LOONGSON_BPI_TABLE_GUID \ -+ { 0x4660f721, 0x2ec5, 0x416a, \ -+ { 0x89, 0x9a, 0x43, 0x18, 0x02, 0x50, 0xa0, 0xc9 } \ -+ } -+ -+static struct grub_relocator *relocator; -+ -+void grub_linux_loongarch_elf_relocator_unload (void) -+{ -+ grub_relocator_unload (relocator); -+} -+ -+static grub_err_t -+allocate_fdt_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_params) -+{ -+ int node, retval; -+ grub_err_t err; -+ unsigned int size; -+ grub_efi_uintn_t mmap_size; -+ grub_efi_uintn_t desc_size; -+ grub_efi_uint32_t desc_version; -+ grub_efi_memory_descriptor_t *mmap_buf; -+ -+ size = GRUB_FDT_EMPTY_TREE_SZ + FDT_ADDR_SIZE_EXTRA + GRUB_EFI_LINUX_FDT_EXTRA_SPACE; -+ -+ kernel_params->fdt = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (size)); -+ if (!kernel_params->fdt) -+ return GRUB_ERR_OUT_OF_MEMORY; -+ -+ grub_fdt_create_empty_tree (kernel_params->fdt, size); -+ grub_fdt_set_prop32 (kernel_params->fdt, 0, FDT_ADDR_CELLS_STRING, 2); -+ grub_fdt_set_prop32 (kernel_params->fdt, 0, FDT_SIZE_CELLS_STRING, 2); -+ -+ node = grub_fdt_find_subnode (kernel_params->fdt, 0, "chosen"); -+ if (node < 0) -+ node = grub_fdt_add_subnode (kernel_params->fdt, 0, "chosen"); -+ if (node < 1) -+ goto failure; -+ -+ grub_dprintf ("loongson", "command_line %s, len %ld\n", -+ (char *)kernel_params->linux_args, -+ grub_strlen(kernel_params->linux_args) + 1); -+ if ((kernel_params->linux_args != NULL) && (grub_strlen(kernel_params->linux_args) > 0)) { -+ retval = grub_fdt_set_prop (kernel_params->fdt, node, "bootargs", kernel_params->linux_args, -+ grub_strlen(kernel_params->linux_args) + 1); -+ if (retval) -+ goto failure; -+ } -+ -+ /* Set initrd info */ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ grub_dprintf ("linux", "Initrd @ %p-%p\n", -+ (void *) kernel_params->ramdisk_addr, -+ (void *) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -+ -+ retval = grub_fdt_set_prop64 (kernel_params->fdt, node, "linux,initrd-start", -+ kernel_params->ramdisk_addr); -+ if (retval) -+ goto failure; -+ retval = grub_fdt_set_prop64 (kernel_params->fdt, node, "linux,initrd-end", -+ (grub_uint64_t) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -+ if (retval) -+ goto failure; -+ } -+ -+ node = grub_fdt_find_subnode (kernel_params->fdt, 0, "chosen"); -+ retval = grub_fdt_set_prop64 (kernel_params->fdt, node, "linux,uefi-system-table", -+ (grub_uint64_t)grub_efi_system_table); -+ if (retval) -+ goto failure; -+ -+ mmap_size = grub_efi_find_mmap_size (); -+ if (! mmap_size) -+ return grub_errno; -+ mmap_buf = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (mmap_size)); -+ if (! mmap_buf) -+ return grub_error (GRUB_ERR_IO, "cannot allocate memory map"); -+ err = grub_efi_finish_boot_services (&mmap_size, mmap_buf, NULL, -+ &desc_size, &desc_version); -+ if (err) -+ return err; -+ -+ if (!mmap_buf || !mmap_size || !desc_size) -+ return GRUB_ERR_BAD_ARGUMENT; -+ -+ retval = grub_fdt_set_prop64 (kernel_params->fdt, node, "linux,uefi-mmap-start", -+ (grub_uint64_t)mmap_buf); -+ if (retval) -+ goto failure; -+ -+ retval = grub_fdt_set_prop32 (kernel_params->fdt, node, "linux,uefi-mmap-size", -+ mmap_size); -+ if (retval) -+ goto failure; -+ -+ retval = grub_fdt_set_prop32 (kernel_params->fdt, node, "linux,uefi-mmap-desc-size", -+ desc_size); -+ if (retval) -+ goto failure; -+ -+ retval = grub_fdt_set_prop32 (kernel_params->fdt, node, "linux,uefi-mmap-desc-ver", -+ desc_version); -+ if (retval) -+ goto failure; -+ -+ return GRUB_ERR_NONE; -+ -+failure: -+ if (!kernel_params->fdt) { -+ return GRUB_ERR_BAD_OS; -+ } -+ grub_efi_free_pages ((grub_addr_t) kernel_params->fdt, -+ GRUB_EFI_BYTES_TO_PAGES (grub_fdt_get_totalsize (kernel_params->fdt))); -+ kernel_params->fdt = NULL; -+ return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+} -+ -+static void -+grub_linux_loongarch_elf_make_argv (struct linux_loongarch64_kernel_params *kernel_params) -+{ -+ static void* linux_args_addr; -+ int size; -+ grub_uint64_t *linux_argv; -+ char *args, *p, *linux_args; -+ int i, argc; -+ grub_err_t err; -+ -+ argc = kernel_params->linux_argc; -+ args = kernel_params->linux_args; -+ -+ /* new size */ -+ p = args; -+ size = (argc + 3 + 1) * sizeof (grub_uint64_t); /* orig arguments */ -+ for (i = 0; i < argc; i++) -+ { -+ size += ALIGN_UP (grub_strlen (p) + 1, 4); -+ p += grub_strlen (p) + 1; -+ } -+ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ size += ALIGN_UP (sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), 4) \ -+ + ALIGN_UP (sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), 4) \ -+ + ALIGN_UP (sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), -+ 4); -+ } -+ size = ALIGN_UP (size, 8); -+ -+ /* alloc memory */ -+ linux_args_addr = grub_linux_loongarch_alloc_virtual_mem_align (size, 8, &err); -+ -+ linux_argv = linux_args_addr; -+ linux_args = (char *)(linux_argv + (argc + 1 + 3)); -+ p = args; -+ for (i = 0; i < argc; i++) -+ { -+ grub_memcpy (linux_args, p, grub_strlen (p) + 1); -+ *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; -+ linux_argv++; -+ linux_args += ALIGN_UP (grub_strlen (p) + 1, 4); -+ p += grub_strlen (p) + 1; -+ } -+ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ /* rd_start */ -+ grub_snprintf (linux_args, -+ sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), -+ "rd_start=0x%lx", -+ (grub_uint64_t) kernel_params->ramdisk_addr); -+ *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; -+ linux_argv++; -+ linux_args += ALIGN_UP (sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), 4); -+ kernel_params->linux_argc++; -+ -+ /* rd_size */ -+ grub_snprintf (linux_args, -+ sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), -+ "rd_size=0x%lx", -+ (grub_uint64_t) kernel_params->ramdisk_size); -+ *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; -+ linux_argv++; -+ linux_args += ALIGN_UP (sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), 4); -+ kernel_params->linux_argc++; -+ -+ /* initrd */ -+ grub_snprintf (linux_args, -+ sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), -+ "initrd=0x%lx,0x%lx", -+ ((grub_uint64_t) kernel_params->ramdisk_addr & 0xffffffff), -+ (grub_uint64_t) kernel_params->ramdisk_size); -+ *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; -+ linux_argv++; -+ linux_args += ALIGN_UP (sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), 4); -+ kernel_params->linux_argc++; -+ } -+ -+ /* Reserve space for initrd arguments. */ -+ *linux_argv = 0; -+ -+ grub_free (kernel_params->linux_args); -+ kernel_params->linux_argv = (grub_addr_t) linux_args_addr; -+} -+ -+grub_err_t -+grub_linux_loongarch_elf_linux_boot_image (struct linux_loongarch64_kernel_params -+ *kernel_params) -+{ -+ struct boot_params_interface *boot_params = NULL; -+ struct grub_relocator64_state state; -+ grub_err_t err; -+ -+ /* linux kernel type is ELF */ -+ grub_memset (&state, 0, sizeof (state)); -+ -+ state.jumpreg = 1; -+ state.gpr[1] = kernel_params->kernel_addr; /* ra */ -+ if (grub_linux_loongarch_elf_get_boot_params (&boot_params) == 0) -+ { -+ grub_printf("not find param, is fdt boot\n"); -+ if (allocate_fdt_and_exit_boot (kernel_params) != GRUB_ERR_NONE) -+ return grub_errno; -+ state.gpr[4] = 1 << FLAGS_EFI_SUPPORT_BIT; /* a0 = flag */ -+ state.gpr[5] = (grub_uint64_t)kernel_params->fdt; /* a1 = fdt */ -+ state.gpr[6] = 0; /* a2 = flag */ -+ } else { -+ grub_printf("find param, is bpi boot\n"); -+ grub_linux_loongarch_elf_make_argv (kernel_params); -+ state.gpr[4] = kernel_params->linux_argc; /* a0 = argc */ -+ state.gpr[5] = kernel_params->linux_argv; /* a1 = args */ -+ state.gpr[6] = (grub_uint64_t) boot_params; /* a2 = envp */ -+ err = grub_linux_loongarch_elf_boot_params (boot_params); -+ if (err) -+ return err; -+ } -+ -+ /* Boot the ELF kernel */ -+ grub_relocator64_boot (relocator, state); -+ -+ return GRUB_ERR_NONE; -+} -+ -+void* -+grub_linux_loongarch_alloc_virtual_mem_addr (grub_addr_t addr, -+ grub_size_t size, -+ grub_err_t *err) -+{ -+ relocator = grub_relocator_new (); -+ if (!relocator) -+ return NULL; -+ -+ grub_relocator_chunk_t ch; -+ *err = grub_relocator_alloc_chunk_addr (relocator, &ch, -+ grub_vtop ((void *) addr), -+ size); -+ if (*err) -+ return NULL; -+ return get_virtual_current_address (ch); -+} -+ -+void* -+grub_linux_loongarch_alloc_virtual_mem_align (grub_size_t size, -+ grub_size_t align, -+ grub_err_t *err) -+{ -+ grub_relocator_chunk_t ch; -+ -+ *err = grub_relocator_alloc_chunk_align (relocator, &ch, -+ 0, (0xffffffff - size) + 1, -+ size, align, -+ GRUB_RELOCATOR_PREFERENCE_LOW, 0); -+ return get_virtual_current_address (ch); -+} -+ -+int -+grub_linux_loongarch_elf_get_boot_params (struct boot_params_interface **boot_params) -+{ -+ grub_efi_configuration_table_t *tables; -+ grub_efi_guid_t bpi_guid = GRUB_EFI_LOONGSON_BPI_TABLE_GUID; -+ unsigned int i; -+ int found = 0; -+ -+ /* Look for Loongson BPI in UEFI config tables. */ -+ tables = grub_efi_system_table->configuration_table; -+ -+ for (i = 0; i < grub_efi_system_table->num_table_entries; i++) -+ if (grub_memcmp (&tables[i].vendor_guid, &bpi_guid, sizeof (bpi_guid)) == 0) -+ { -+ *boot_params = tables[i].vendor_table; -+ char *p = (char*) &((*boot_params)->signature); -+ if (grub_strncmp (p, "BPI", 3) == 0) -+ { -+ found = 1; -+ break; -+ } -+ } -+ return found; -+} -+ -+static grub_uint8_t -+grub_kernel_update_checksum (const grub_uint8_t *buffer, grub_efi_uintn_t length) -+{ -+ grub_uint8_t sum; -+ grub_efi_uintn_t count; -+ -+ for (sum = 0, count = 0; count < length; count++) -+ { -+ sum = (grub_uint8_t) (sum + *(buffer + count)); -+ } -+ -+ return (grub_uint8_t) (0x100 - sum); -+} -+ -+static grub_uint32_t -+grub_efi_loongarch64_memmap_sort (struct memmap array[], -+ grub_uint32_t length, -+ struct loongsonlist_mem_map* bpmem, -+ grub_uint32_t index, -+ grub_uint32_t memtype) -+{ -+ grub_uint64_t tempmemsize = 0; -+ grub_uint32_t j = 0; -+ grub_uint32_t t = 0; -+ -+ for(j = 0; j < length;) -+ { -+ tempmemsize = array[j].mem_size; -+ for(t = j + 1; t < length; t++) -+ { -+ if(array[j].mem_start + tempmemsize == array[t].mem_start) -+ { -+ tempmemsize += array[t].mem_size; -+ } -+ else -+ { -+ break; -+ } -+ } -+ bpmem->map[index].mem_type = memtype; -+ bpmem->map[index].mem_start = array[j].mem_start; -+ bpmem->map[index].mem_size = tempmemsize; -+ grub_printf("map[%d]:type %"PRIuGRUB_UINT32_T", start 0x%" -+ PRIxGRUB_UINT64_T", end 0x%"PRIxGRUB_UINT64_T"\n", -+ index, -+ bpmem->map[index].mem_type, -+ bpmem->map[index].mem_start, -+ bpmem->map[index].mem_start+ bpmem->map[index].mem_size -+ ); -+ j = t; -+ index++; -+ } -+ return index; -+} -+ -+grub_err_t -+grub_linux_loongarch_elf_boot_params (struct boot_params_interface *boot_params) -+{ -+ grub_int8_t checksum = 0; -+ grub_err_t err; -+ -+ struct loongsonlist_mem_map *loongson_mem_map = NULL; -+ struct _extention_list_hdr * listpointer = NULL; -+ grub_uint32_t tmp_index = 0; -+ grub_efi_memory_descriptor_t * lsdesc = NULL; -+ -+ grub_uint32_t free_index = 0; -+ grub_uint32_t reserve_index = 0; -+ grub_uint32_t acpi_table_index = 0; -+ grub_uint32_t acpi_nvs_index = 0; -+ -+ grub_efi_uintn_t mmap_size; -+ grub_efi_uintn_t desc_size; -+ grub_efi_memory_descriptor_t *mmap_buf; -+ -+ struct memmap reserve_mem[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; -+ struct memmap free_mem[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; -+ struct memmap acpi_table_mem[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; -+ struct memmap acpi_nvs_mem[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; -+ -+ grub_memset (reserve_mem, 0, sizeof(struct memmap) * GRUB_LOONGSON3_BOOT_MEM_MAP_MAX); -+ grub_memset (free_mem, 0, sizeof(struct memmap) * GRUB_LOONGSON3_BOOT_MEM_MAP_MAX); -+ grub_memset (acpi_table_mem, 0, sizeof(struct memmap) * GRUB_LOONGSON3_BOOT_MEM_MAP_MAX); -+ grub_memset (acpi_nvs_mem, 0, sizeof(struct memmap) * GRUB_LOONGSON3_BOOT_MEM_MAP_MAX); -+ -+ /* Check extlist headers */ -+ listpointer = boot_params->extlist; -+ for( ;listpointer != NULL; listpointer = listpointer->next) -+ { -+ char *pl= (char *)&(listpointer->signature); -+ if(grub_strncmp(pl, "MEM", 3) == 0) -+ { -+ loongson_mem_map = (struct loongsonlist_mem_map *)listpointer; -+ break; -+ } -+ } -+ -+ mmap_size = grub_efi_find_mmap_size (); -+ if (! mmap_size) -+ return grub_errno; -+ mmap_buf = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (mmap_size)); -+ if (! mmap_buf) -+ return grub_error (GRUB_ERR_IO, "cannot allocate memory map"); -+ -+ err = grub_efi_finish_boot_services (&mmap_size, mmap_buf, NULL, -+ &desc_size, NULL); -+ if (err) -+ return err; -+ -+ if (!mmap_buf || !mmap_size || !desc_size) -+ return -1; -+ -+ /* -+ According to UEFI SPEC,mmap_buf is the accurate Memory Map array \ -+ now we can fill platform specific memory structure. -+ */ -+ for (lsdesc = mmap_buf; lsdesc < (grub_efi_memory_descriptor_t *)((char *)mmap_buf + mmap_size); -+ lsdesc = (grub_efi_memory_descriptor_t *)((char *)lsdesc + desc_size)) -+ { -+ /* System RAM */ -+ if((lsdesc->type != GRUB_EFI_ACPI_RECLAIM_MEMORY) && \ -+ (lsdesc->type != GRUB_EFI_ACPI_MEMORY_NVS) && \ -+ (lsdesc->type != GRUB_EFI_RUNTIME_SERVICES_DATA) && \ -+ (lsdesc->type != GRUB_EFI_RUNTIME_SERVICES_CODE) && \ -+ (lsdesc->type != GRUB_EFI_RESERVED_MEMORY_TYPE) && \ -+ (lsdesc->type != GRUB_EFI_PAL_CODE)) -+ { -+ free_mem[free_index].mem_type = GRUB_ADDRESS_TYPE_SYSRAM; -+ free_mem[free_index].mem_start = (lsdesc->physical_start) & GRUB_EFI_MAX_PHY_ADDRESS; -+ free_mem[free_index].mem_size = lsdesc->num_pages * GRUB_EFI_PAGE_SIZE; -+ free_index++; -+ -+ /*ACPI*/ -+ }else if((lsdesc->type == GRUB_EFI_ACPI_RECLAIM_MEMORY)){ -+ acpi_table_mem[acpi_table_index].mem_type = GRUB_ADDRESS_TYPE_ACPI; -+ acpi_table_mem[acpi_table_index].mem_start = (lsdesc->physical_start) & GRUB_EFI_MAX_PHY_ADDRESS; -+ acpi_table_mem[acpi_table_index].mem_size = lsdesc->num_pages * GRUB_EFI_PAGE_SIZE; -+ acpi_table_index++; -+ }else if((lsdesc->type == GRUB_EFI_ACPI_MEMORY_NVS)){ -+ acpi_nvs_mem[acpi_nvs_index].mem_type = GRUB_ADDRESS_TYPE_NVS; -+ acpi_nvs_mem[acpi_nvs_index].mem_start = (lsdesc->physical_start) & GRUB_EFI_MAX_PHY_ADDRESS; -+ acpi_nvs_mem[acpi_nvs_index].mem_size = lsdesc->num_pages * GRUB_EFI_PAGE_SIZE; -+ acpi_nvs_index++; -+ -+ /* Reserve */ -+ }else{ -+ reserve_mem[reserve_index].mem_type = GRUB_ADDRESS_TYPE_RESERVED; -+ reserve_mem[reserve_index].mem_start = (lsdesc->physical_start) & GRUB_EFI_MAX_PHY_ADDRESS; -+ reserve_mem[reserve_index].mem_size = lsdesc->num_pages * GRUB_EFI_PAGE_SIZE; -+ reserve_index++; -+ } -+ } -+ -+ tmp_index = loongson_mem_map->map_count; -+ /*System RAM Sort*/ -+ tmp_index = grub_efi_loongarch64_memmap_sort(free_mem, -+ free_index, -+ loongson_mem_map, -+ tmp_index, -+ GRUB_ADDRESS_TYPE_SYSRAM); -+ /*ACPI Sort*/ -+ tmp_index = grub_efi_loongarch64_memmap_sort(acpi_table_mem, -+ acpi_table_index, -+ loongson_mem_map, -+ tmp_index, -+ GRUB_ADDRESS_TYPE_ACPI); -+ tmp_index = grub_efi_loongarch64_memmap_sort(acpi_nvs_mem, -+ acpi_nvs_index, -+ loongson_mem_map, -+ tmp_index, -+ GRUB_ADDRESS_TYPE_NVS); -+ -+ /*Reserve Sort*/ -+ { -+ grub_uint64_t loongarch_addr; -+ asm volatile ("csrrd %0, 0x181" : "=r" (loongarch_addr)); -+ if ((loongarch_addr & 0xff00000000000000) == 0x9000000000000000) -+ tmp_index = grub_efi_loongarch64_memmap_sort(reserve_mem, -+ reserve_index, -+ loongson_mem_map, -+ tmp_index, -+ GRUB_ADDRESS_TYPE_RESERVED); -+ else -+ tmp_index = grub_efi_loongarch64_memmap_sort(reserve_mem, -+ reserve_index, -+ loongson_mem_map, -+ tmp_index, -+ GRUB_ADDRESS_TYPE_RESERVED + 1); -+ } -+ loongson_mem_map->map_count = tmp_index; -+ loongson_mem_map->header.checksum = 0; -+ -+ checksum = grub_kernel_update_checksum ((grub_uint8_t *) loongson_mem_map, -+ loongson_mem_map->header.length); -+ loongson_mem_map->header.checksum = checksum; -+ -+ return grub_errno; -+} -diff --git a/grub-core/loader/loongarch64/linux.c b/grub-core/loader/loongarch64/linux.c -new file mode 100644 -index 0000000..783054b ---- /dev/null -+++ b/grub-core/loader/loongarch64/linux.c -@@ -0,0 +1,398 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2021 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+#define INITRD_MAX_ADDRESS_OFFSET (32ULL * 1024 * 1024 * 1024) -+ -+static struct linux_loongarch64_kernel_params kernel_params; -+ -+static grub_addr_t phys_addr; -+static grub_dl_t my_mod; -+static int loaded; -+static int is_bpi_boot; -+static int grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_BAD; -+ -+static grub_err_t -+grub_linux_boot (void) -+{ -+ -+ if (grub_loongarch_linux_type == GRUB_LOONGARCH_LINUX_EFI) { -+ if (finalize_efi_params_linux (&kernel_params) != GRUB_ERR_NONE) -+ return grub_errno; -+ return (grub_arch_efi_linux_boot_image((grub_addr_t) kernel_params.kernel_addr, -+ kernel_params.kernel_size, -+ kernel_params.linux_args)); -+ } -+ if (grub_loongarch_linux_type == GRUB_LOONGARCH_LINUX_ELF) { -+ return grub_linux_loongarch_elf_linux_boot_image (&kernel_params); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_linux_unload (void) -+{ -+ -+ if (grub_loongarch_linux_type == GRUB_LOONGARCH_LINUX_EFI) { -+ if (kernel_params.ramdisk_addr) -+ grub_efi_free_pages ((grub_efi_physical_address_t) kernel_params.ramdisk_addr, -+ GRUB_EFI_BYTES_TO_PAGES (kernel_params.ramdisk_size)); -+ kernel_params.ramdisk_size = 0; -+ -+ if (kernel_params.kernel_addr) -+ grub_efi_free_pages ((grub_addr_t) kernel_params.kernel_addr, -+ GRUB_EFI_BYTES_TO_PAGES (kernel_params.kernel_size)); -+ kernel_params.kernel_addr = 0; -+ } -+ -+ if (grub_loongarch_linux_type == GRUB_LOONGARCH_LINUX_ELF) { -+ grub_free (kernel_params.linux_args); -+ kernel_params.linux_args = 0; -+ grub_linux_loongarch_elf_relocator_unload (); -+ } -+ -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_BAD; -+ -+ return GRUB_ERR_NONE; -+} -+ -+grub_err_t -+grub_linux_loongarch_elf_load_kernel (grub_elf_t elf, const char *filename) -+{ -+ Elf64_Addr base; -+ grub_err_t err; -+ grub_uint8_t *playground; -+ grub_uint64_t addr; -+ int flag; -+ -+ /* Linux's entry point incorrectly contains a virtual address. */ -+ kernel_params.kernel_addr = elf->ehdr.ehdr64.e_entry; -+ kernel_params.kernel_size = grub_elf64_size (elf, &base, 0); -+ -+ if (kernel_params.kernel_size == 0) -+ return grub_errno; -+ -+ phys_addr = base; -+ kernel_params.kernel_size = ALIGN_UP (base + kernel_params.kernel_size - base, 8); -+ -+ asm volatile ("csrrd %0, 0x181" : "=r" (addr)); -+ if (addr & 0x1) { -+ flag = GRUB_ELF_LOAD_FLAGS_NONE; -+ } else { -+ flag = GRUB_ELF_LOAD_FLAGS_30BITS; -+ base &= ~ELF64_LOADMASK; -+ kernel_params.kernel_addr &= ~ELF64_LOADMASK; -+ } -+ -+ playground = grub_linux_loongarch_alloc_virtual_mem_addr (phys_addr, -+ kernel_params.kernel_size, -+ &err); -+ if (playground == NULL) -+ return err; -+ -+ /* Now load the segments into the area we claimed. */ -+ return grub_elf64_load (elf, filename, playground - base, -+ flag, 0, 0); -+} -+ -+static grub_err_t -+grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ grub_file_t file = 0; -+ struct linux_arch_kernel_header lh; -+ struct boot_params_interface *boot_params = NULL; -+ grub_elf_t elf = NULL; -+ grub_err_t err; -+ grub_size_t cmdline_size; -+ int i; -+ -+ grub_dl_ref (my_mod); -+ -+ /* Release the previously used memory. */ -+ grub_loader_unset (); -+ -+ if (argc == 0) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL); -+ if (!file) -+ goto fail; -+ -+ kernel_params.kernel_size = grub_file_size (file); -+ grub_dprintf ("linux", "kernel file size: %" PRIuGRUB_SIZE "\n", -+ kernel_params.kernel_size); -+ -+ if (grub_file_read (file, &lh, sizeof (lh)) < (long) sizeof (lh)) -+ return grub_errno; -+ -+ if (grub_arch_efi_linux_check_image (&lh) == GRUB_ERR_NONE) { -+ grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_EFI; -+ } -+ -+ if (grub_loongarch_linux_type != GRUB_LOONGARCH_LINUX_EFI) { -+ elf = grub_elf_file (file, argv[0]); -+ if (elf != NULL) -+ { -+ /* linux kernel type is ELF */ -+ grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_ELF; -+ if (elf->ehdr.ehdr64.e_type != ET_EXEC) -+ { -+ grub_error (GRUB_ERR_UNKNOWN_OS, -+ N_("this ELF file is not of the right type")); -+ goto fail; -+ } -+ if (elf->ehdr.ehdr64.e_machine != EM_LOONGARCH) -+ { -+ grub_error (GRUB_ERR_BAD_OS, "invalid magic number"); -+ goto fail; -+ } -+ -+ if (grub_elf_is_elf64 (elf)) -+ { -+ err = grub_linux_loongarch_elf_load_kernel (elf, argv[0]); -+ if (err) -+ goto fail; -+ } else { -+ grub_error (GRUB_ERR_BAD_OS, N_("invalid arch-dependent ELF magic")); -+ goto fail; -+ } -+ grub_dprintf ("linux", "kernel @ %p\n", (void*) elf->ehdr.ehdr64.e_entry); -+ } -+ } else { -+ if (grub_file_seek (file, 0) == (grub_off_t) -1) -+ goto fail; -+ -+ if (grub_file_read (file, &lh, sizeof (lh)) < (grub_ssize_t) sizeof (lh)) -+ { -+ if (!grub_errno) -+ grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -+ argv[0]); -+ goto fail; -+ } -+ -+ if (grub_arch_efi_linux_check_image (&lh) != GRUB_ERR_NONE) -+ { -+ goto fail; -+ } -+ /* linux kernel type is EFI */ -+ grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_EFI; -+ kernel_params.kernel_addr = (grub_addr_t) grub_efi_allocate_any_pages ( -+ GRUB_EFI_BYTES_TO_PAGES (kernel_params.kernel_size)); -+ grub_dprintf ("linux", "kernel numpages: %" PRIuGRUB_SIZE "\n", -+ GRUB_EFI_BYTES_TO_PAGES (kernel_params.kernel_size)); -+ if (!kernel_params.kernel_addr) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ -+ grub_file_seek (file, 0); -+ if (grub_file_read (file, (void*) kernel_params.kernel_addr, kernel_params.kernel_size) -+ < (grub_int64_t) kernel_params.kernel_size) -+ { -+ if (!grub_errno) -+ grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), argv[0]); -+ goto fail; -+ } -+ -+ grub_dprintf ("linux", "kernel @ %p\n", (void*) kernel_params.kernel_addr); -+ } -+ -+ cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); -+ kernel_params.linux_argc = argc; -+ kernel_params.linux_args = grub_malloc (cmdline_size); -+ if (!kernel_params.linux_args) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ -+ grub_memcpy (kernel_params.linux_args, LINUX_IMAGE, sizeof (LINUX_IMAGE)); -+ -+ if (grub_linux_loongarch_elf_get_boot_params (&boot_params) == 1) -+ is_bpi_boot = 1; -+ else -+ is_bpi_boot = 0; -+ -+ if (is_bpi_boot == 0) -+ { -+ err = grub_create_loader_cmdline (argc, argv, -+ (char*) ((grub_addr_t) kernel_params.linux_args + sizeof (LINUX_IMAGE) - 1), -+ cmdline_size, -+ GRUB_VERIFY_KERNEL_CMDLINE); -+ if (err) -+ goto fail; -+ } else { -+ /* save args from linux cmdline */ -+ char *p = kernel_params.linux_args; -+ -+ p += sizeof (LINUX_IMAGE) - 1; -+ for (i=0; i < argc; i++) -+ { -+ grub_memcpy (p, argv[i], grub_strlen(argv[i]) + 1); -+ p += grub_strlen(argv[i]) + 1; -+ } -+ } -+ -+ if (grub_errno == GRUB_ERR_NONE) -+ { -+ grub_loader_set (grub_linux_boot, grub_linux_unload, 0); -+ loaded = 1; -+ } -+ -+fail: -+ if (elf != NULL) { -+ /* grub_elf_close will call grub_file_close() */ -+ grub_elf_close (elf); -+ } else { -+ if (file) -+ grub_file_close (file); -+ } -+ -+ if (grub_errno != GRUB_ERR_NONE) -+ { -+ grub_dl_unref (my_mod); -+ loaded = 0; -+ } -+ -+ if (kernel_params.linux_args && !loaded) -+ grub_free (kernel_params.linux_args); -+ -+ if (grub_loongarch_linux_type == GRUB_LOONGARCH_LINUX_EFI) { -+ if (kernel_params.kernel_addr && !loaded) -+ grub_efi_free_pages ((grub_addr_t) kernel_params.kernel_addr, -+ GRUB_EFI_BYTES_TO_PAGES (kernel_params.kernel_size)); -+ } -+ -+ return grub_errno; -+} -+ -+/* -+ * This function returns a pointer to a legally allocated initrd buffer, -+ * or NULL if unsuccessful -+ */ -+static void * -+allocate_initrd_mem (int initrd_pages) -+{ -+ grub_addr_t max_addr; -+ -+ if (grub_efi_get_ram_base (&max_addr) != GRUB_ERR_NONE) -+ return NULL; -+ -+ max_addr += INITRD_MAX_ADDRESS_OFFSET - 1; -+ -+ return grub_efi_allocate_pages_real (max_addr, initrd_pages, -+ GRUB_EFI_ALLOCATE_MAX_ADDRESS, -+ GRUB_EFI_LOADER_DATA); -+} -+ -+ -+static grub_err_t -+grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char *argv[]) -+{ -+ struct grub_linux_initrd_context initrd_ctx = { 0, 0, 0 }; -+ grub_size_t initrd_size; -+ void *initrd_mem = NULL; -+ -+ if (argc == 0) -+ { -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -+ goto fail; -+ } -+ -+ if (!loaded) -+ { -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("you need to load the kernel first")); -+ goto fail; -+ } -+ -+ if (grub_initrd_init (argc, argv, &initrd_ctx)) -+ goto fail; -+ -+ initrd_size = grub_get_initrd_size (&initrd_ctx); -+ grub_dprintf ("linux", "Loading initrd\n"); -+ -+ if (is_bpi_boot == 0) { -+ grub_size_t initrd_pages; -+ initrd_pages = (GRUB_EFI_BYTES_TO_PAGES (initrd_size)); -+ initrd_mem = allocate_initrd_mem (initrd_pages); -+ } else { -+ grub_err_t err; -+ initrd_mem = grub_linux_loongarch_alloc_virtual_mem_align (initrd_size, 0x10000, &err); -+ if (err) -+ goto fail; -+ } -+ -+ if (!initrd_mem) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ -+ if (grub_initrd_load (&initrd_ctx, argv, initrd_mem)) -+ goto fail; -+ -+ /* save ramdisk addr and size */ -+ kernel_params.ramdisk_addr = (grub_addr_t) initrd_mem; -+ kernel_params.ramdisk_size = initrd_size; -+ grub_dprintf ("linux", "ramdisk [addr=%p, size=0x%lx]\n", -+ (void *) initrd_mem, initrd_size); -+fail: -+ grub_initrd_close (&initrd_ctx); -+ if (is_bpi_boot == 0) { -+ if (initrd_mem && !kernel_params.ramdisk_addr) -+ grub_efi_free_pages ((grub_addr_t) initrd_mem, -+ GRUB_EFI_BYTES_TO_PAGES (initrd_size)); -+ } -+ return grub_errno; -+} -+ -+static grub_command_t cmd_linux, cmd_initrd; -+ -+GRUB_MOD_INIT(linux) -+{ -+ cmd_linux = grub_register_command ("linux", grub_cmd_linux, -+ N_("FILE [ARGS...]"), N_("Load Linux.")); -+ cmd_initrd = grub_register_command ("initrd", grub_cmd_initrd, -+ N_("FILE"), N_("Load initrd.")); -+ my_mod = mod; -+} -+ -+GRUB_MOD_FINI(linux) -+{ -+ grub_unregister_command (cmd_linux); -+ grub_unregister_command (cmd_initrd); -+} -diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h -index f431f49..a74ce39 100644 ---- a/include/grub/efi/api.h -+++ b/include/grub/efi/api.h -@@ -2104,7 +2104,7 @@ typedef struct grub_efi_ip6_config_manual_address grub_efi_ip6_config_manual_add - - #if (GRUB_TARGET_SIZEOF_VOID_P == 4) || defined (__ia64__) \ - || defined (__aarch64__) || defined (__MINGW64__) || defined (__CYGWIN__) \ -- || defined(__riscv) -+ || defined(__riscv) || defined (__loongarch64) - - #define efi_call_0(func) func() - #define efi_call_1(func, a) func(a) -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 8dfc89a..c816359 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -135,13 +135,17 @@ extern void (*EXPORT_VAR(grub_efi_net_config)) (grub_efi_handle_t hnd, - char **device, - char **path); - --#if defined(__arm__) || defined(__aarch64__) || defined(__riscv) -+#if defined(__arm__) || defined(__aarch64__) || defined(__riscv) || defined(__loongarch__) - void *EXPORT_FUNC(grub_efi_get_firmware_fdt)(void); - grub_err_t EXPORT_FUNC(grub_efi_get_ram_base)(grub_addr_t *); - #include - grub_err_t grub_arch_efi_linux_check_image(struct linux_arch_kernel_header *lh); -+#if defined(__loongarch__) -+grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, grub_size_t size, char *args); -+#else - grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, char *args); - #endif -+#endif - - grub_addr_t grub_efi_section_addr (const char *section); - -diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h -index a43adf2..f8f2402 100644 ---- a/include/grub/efi/pe32.h -+++ b/include/grub/efi/pe32.h -@@ -79,6 +79,8 @@ struct grub_pe32_coff_header - #define GRUB_PE32_MACHINE_ARM64 0xAA64 - #define GRUB_PE32_MACHINE_RISCV32 0x5032 - #define GRUB_PE32_MACHINE_RISCV64 0x5064 -+#define GRUB_PE32_MACHINE_LOONGARCH32 0x6232 -+#define GRUB_PE32_MACHINE_LOONGARCH64 0x6264 - - #define GRUB_PE32_RELOCS_STRIPPED 0x0001 - #define GRUB_PE32_EXECUTABLE_IMAGE 0x0002 -@@ -338,6 +340,8 @@ struct grub_pe32_fixup_block - #define GRUB_PE32_REL_BASED_ARM_MOV32T 7 - #define GRUB_PE32_REL_BASED_RISCV_LOW12I 7 - #define GRUB_PE32_REL_BASED_RISCV_LOW12S 8 -+#define GRUB_PE32_REL_BASED_LOONGARCH32_MARK_LA 8 -+#define GRUB_PE32_REL_BASED_LOONGARCH64_MARK_LA 8 - #define GRUB_PE32_REL_BASED_IA64_IMM64 9 - #define GRUB_PE32_REL_BASED_DIR64 10 - #define GRUB_PE32_REL_BASED_HIGH3ADJ 11 -diff --git a/include/grub/elf.h b/include/grub/elf.h -index c478933..73175bd 100644 ---- a/include/grub/elf.h -+++ b/include/grub/elf.h -@@ -248,6 +248,7 @@ typedef struct - #define EM_NUM 95 - #define EM_AARCH64 183 /* ARM 64-bit architecture */ - #define EM_RISCV 243 /* RISC-V */ -+#define EM_LOONGARCH 258 /* LoongArch */ - - /* If it is necessary to assign new unofficial EM_* values, please - pick large random numbers (0x8523, 0xa7f2, etc.) to minimize the -@@ -2531,6 +2532,35 @@ typedef Elf32_Addr Elf32_Conflict; - #define R_RISCV_SET32 56 - #define R_RISCV_32_PCREL 57 - -+/* LoongArch relocations */ -+#define R_LARCH_NONE 0 -+#define R_LARCH_64 2 -+#define R_LARCH_MARK_LA 20 -+#define R_LARCH_SOP_PUSH_PCREL 22 -+#define R_LARCH_SOP_PUSH_ABSOLUTE 23 -+#define R_LARCH_SOP_PUSH_PLT_PCREL 29 -+#define R_LARCH_SOP_SUB 32 -+#define R_LARCH_SOP_SL 33 -+#define R_LARCH_SOP_SR 34 -+#define R_LARCH_SOP_ADD 35 -+#define R_LARCH_SOP_AND 36 -+#define R_LARCH_SOP_IF_ELSE 37 -+#define R_LARCH_SOP_POP_32_S_10_5 38 -+#define R_LARCH_SOP_POP_32_U_10_12 39 -+#define R_LARCH_SOP_POP_32_S_10_12 40 -+#define R_LARCH_SOP_POP_32_S_10_16 41 -+#define R_LARCH_SOP_POP_32_S_10_16_S2 42 -+#define R_LARCH_SOP_POP_32_S_5_20 43 -+#define R_LARCH_SOP_POP_32_S_0_5_10_16_S2 44 -+#define R_LARCH_SOP_POP_32_S_0_10_10_16_S2 45 -+#define R_LARCH_B26 66 -+#define R_LARCH_ABS_HI20 67 -+#define R_LARCH_ABS_LO12 68 -+#define R_LARCH_ABS64_LO20 69 -+#define R_LARCH_ABS64_HI12 70 -+#define R_LARCH_PCALA_HI20 71 -+#define R_LARCH_PCALA_LO12 72 -+ - #ifdef GRUB_TARGET_WORDSIZE - #if GRUB_TARGET_WORDSIZE == 32 - -diff --git a/include/grub/fdt.h b/include/grub/fdt.h -index 3514aa4..ba2f9a9 100644 ---- a/include/grub/fdt.h -+++ b/include/grub/fdt.h -@@ -20,7 +20,7 @@ - #define GRUB_FDT_HEADER 1 - - #if !defined(GRUB_MACHINE_EMU) && \ -- (defined(__arm__) || defined(__aarch64__) || defined(__riscv)) -+ (defined(__arm__) || defined(__aarch64__) || defined(__riscv) || defined(__loongarch__)) - - #include - #include -@@ -148,6 +148,6 @@ int EXPORT_FUNC(grub_fdt_set_prop) (void *fdt, unsigned int nodeoffset, const ch - }) - - #endif /* !defined(GRUB_MACHINE_EMU) && \ -- (defined(__arm__) || defined(__aarch64__) || defined(__riscv)) */ -+ (defined(__arm__) || defined(__aarch64__) || defined(__riscv) || defined(__loongarch__)) */ - - #endif /* ! GRUB_FDT_HEADER */ -diff --git a/include/grub/loongarch64/efi/loader.h b/include/grub/loongarch64/efi/loader.h -new file mode 100644 -index 0000000..71a0159 ---- /dev/null -+++ b/include/grub/loongarch64/efi/loader.h -@@ -0,0 +1,25 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2003,2004,2006,2007,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_LOADER_MACHINE_HEADER -+#define GRUB_LOADER_MACHINE_HEADER 1 -+ -+#include -+#include -+ -+#endif /* ! GRUB_LOADER_MACHINE_HEADER */ -diff --git a/include/grub/loongarch64/efi/memory.h b/include/grub/loongarch64/efi/memory.h -new file mode 100644 -index 0000000..2d3f36e ---- /dev/null -+++ b/include/grub/loongarch64/efi/memory.h -@@ -0,0 +1,15 @@ -+#ifndef GRUB_MEMORY_CPU_HEADER -+#include -+ -+ -+static inline grub_uint64_t grub_efi_max_usable_address(void) -+{ -+ grub_uint64_t addr; -+ asm volatile ("csrrd %0, 0x181" : "=r" (addr)); -+ return addr |= 0xffffffffffUL; -+} -+ -+#define GRUB_EFI_MAX_USABLE_ADDRESS (grub_efi_max_usable_address()) -+#define GRUB_EFI_MAX_ALLOCATION_ADDRESS GRUB_EFI_MAX_USABLE_ADDRESS -+ -+#endif /* ! GRUB_MEMORY_CPU_HEADER */ -diff --git a/include/grub/loongarch64/efi/time.h b/include/grub/loongarch64/efi/time.h -new file mode 100644 -index 0000000..e69de29 -diff --git a/include/grub/loongarch64/io.h b/include/grub/loongarch64/io.h -new file mode 100644 -index 0000000..5f34103 ---- /dev/null -+++ b/include/grub/loongarch64/io.h -@@ -0,0 +1,62 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_IO_H -+#define GRUB_IO_H 1 -+ -+#include -+ -+typedef grub_addr_t grub_port_t; -+ -+static __inline unsigned char -+grub_inb (grub_port_t port) -+{ -+ return *(volatile grub_uint8_t *) port; -+} -+ -+static __inline unsigned short int -+grub_inw (grub_port_t port) -+{ -+ return *(volatile grub_uint16_t *) port; -+} -+ -+static __inline unsigned int -+grub_inl (grub_port_t port) -+{ -+ return *(volatile grub_uint32_t *) port; -+} -+ -+static __inline void -+grub_outb (unsigned char value, grub_port_t port) -+{ -+ *(volatile grub_uint8_t *) port = value; -+} -+ -+static __inline void -+grub_outw (unsigned short int value, grub_port_t port) -+{ -+ *(volatile grub_uint16_t *) port = value; -+} -+ -+static __inline void -+grub_outl (unsigned int value, grub_port_t port) -+{ -+ *(volatile grub_uint32_t *) port = value; -+} -+ -+#endif /* _SYS_IO_H */ -diff --git a/include/grub/loongarch64/linux.h b/include/grub/loongarch64/linux.h -new file mode 100644 -index 0000000..af1f51d ---- /dev/null -+++ b/include/grub/loongarch64/linux.h -@@ -0,0 +1,144 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2021 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_LOONGARCH64_LINUX_HEADER -+#define GRUB_LOONGARCH64_LINUX_HEADER 1 -+ -+#include -+ -+/* LoongArch linux kernel type */ -+#define GRUB_LOONGARCH_LINUX_BAD 0 -+#define GRUB_LOONGARCH_LINUX_ELF 1 -+#define GRUB_LOONGARCH_LINUX_EFI 2 -+ -+#define GRUB_LOONGSON3_BOOT_MEM_MAP_MAX 128 -+ -+#define GRUB_LINUX_LOONGARCH_MAGIC_SIGNATURE 0x6E6F73676E6F6F4C /* 'Loongson' */ -+#define linux_arch_kernel_header linux_loongarch64_kernel_header -+ -+/* From linux/Documentation/loongarch/booting.txt -+ * -+ * 0-1: MZ -+ * 0x28: LoongArch\0 -+ * 0x3c: PE/COFF头偏移 -+ * 0x20e:内核版本号偏移-512 -+ * riscv的version字段在0x20偏移处,现在LoongArch没有使用,是0 -+ */ -+struct linux_loongarch64_kernel_header -+{ -+ grub_uint32_t code0; /* Executable code */ -+ grub_uint32_t code1; /* Executable code */ -+ grub_uint64_t text_offset; /* Image load offset */ -+ grub_uint64_t res0; /* reserved */ -+ grub_uint64_t res1; /* reserved */ -+ grub_uint64_t res2; /* reserved */ -+ grub_uint64_t magic; /* Magic number, little endian, "Loongson" */ -+ grub_uint64_t res3; /* reserved */ -+ grub_uint32_t res4; /* reserved */ -+ grub_uint32_t hdr_offset; /* Offset of PE/COFF header */ -+}; -+ -+struct linux_loongarch64_kernel_params -+{ -+ grub_addr_t kernel_addr; /* kernel entry address */ -+ grub_size_t kernel_size; /* kernel size */ -+ grub_addr_t ramdisk_addr; /* initrd load address */ -+ grub_size_t ramdisk_size; /* initrd size */ -+ int linux_argc; /* cmdline parameters number*/ -+ grub_addr_t linux_argv; /* cmdline parameters address*/ -+ void* linux_args; -+ void* fdt; -+}; -+ -+#include -+#include -+ -+#define GRUB_EFI_MAX_PHY_ADDRESS 0xffffffffffffULL -+#define ELF32_LOADMASK (0xf0000000UL) -+#define ELF64_LOADMASK (0xf000000000000000ULL) -+#define FLAGS_EFI_SUPPORT_BIT 0 -+ -+#define FDT_ADDR_CELLS_STRING "#address-cells" -+#define FDT_SIZE_CELLS_STRING "#size-cells" -+#define FDT_ADDR_SIZE_EXTRA ((2 * grub_fdt_prop_entry_size (sizeof(grub_uint32_t))) + \ -+ sizeof (FDT_ADDR_CELLS_STRING) + \ -+ sizeof (FDT_SIZE_CELLS_STRING)) -+ -+/* From arch/loongarch/include/asm/mach-loongson64/boot_param.h */ -+struct _extention_list_hdr { -+ grub_uint64_t signature; -+ grub_uint32_t length; -+ grub_uint8_t revision; -+ grub_uint8_t checksum; -+ union { -+ struct _extention_list_hdr *next; -+ grub_uint64_t next_offset; -+ }; -+ -+} GRUB_PACKED; -+ -+struct boot_params_interface { -+ grub_uint64_t signature; /* {"B", "P", "I", "0", "1", ... } */ -+ grub_efi_system_table_t *systemtable; -+ union { -+ struct _extention_list_hdr *extlist; -+ grub_uint64_t extlist_offset; -+ }; -+ grub_uint64_t flags; -+}GRUB_PACKED; -+ -+struct loongsonlist_mem_map { -+ struct _extention_list_hdr header; /* {"M", "E", "M"} */ -+ grub_uint8_t map_count; -+ struct memmap { -+ grub_uint32_t mem_type; -+ grub_uint64_t mem_start; -+ grub_uint64_t mem_size; -+ } GRUB_PACKED map[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; -+}GRUB_PACKED; -+ -+grub_err_t -+finalize_efi_params_linux (struct linux_loongarch64_kernel_params *kernel_params); -+ -+grub_err_t -+grub_linux_loongarch_elf_linux_boot_image (struct linux_loongarch64_kernel_params -+ *kernel_params); -+ -+void* -+grub_linux_loongarch_alloc_virtual_mem_addr (grub_addr_t addr, -+ grub_size_t size, -+ grub_err_t *err); -+ -+void* -+grub_linux_loongarch_alloc_virtual_mem_align (grub_size_t size, -+ grub_size_t align, -+ grub_err_t *err); -+ -+void -+grub_linux_loongarch_elf_relocator_unload (void); -+ -+int -+grub_linux_loongarch_elf_get_boot_params (struct boot_params_interface **boot_params); -+ -+grub_err_t -+grub_linux_loongarch_elf_boot_params (struct boot_params_interface *boot_params); -+ -+grub_err_t -+grub_linux_loongarch_elf_load_kernel (grub_elf_t elf, const char *filename); -+ -+#endif /* ! GRUB_LOONGARCH64_LINUX_HEADER */ -diff --git a/include/grub/loongarch64/loongarch64.h b/include/grub/loongarch64/loongarch64.h -new file mode 100644 -index 0000000..ea3be3d ---- /dev/null -+++ b/include/grub/loongarch64/loongarch64.h -@@ -0,0 +1,30 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2010,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_REGISTERS_CPU_HEADER -+#define GRUB_REGISTERS_CPU_HEADER 1 -+ -+#ifdef ASM_FILE -+#define GRUB_CPU_REGISTER_WRAP(x) x -+#else -+#define GRUB_CPU_REGISTER_WRAP(x) #x -+#endif -+ -+#define GRUB_CPU_LOONGARCH_COP0_TIMER_COUNT GRUB_CPU_REGISTER_WRAP(9) -+ -+#endif -diff --git a/include/grub/loongarch64/memory.h b/include/grub/loongarch64/memory.h -new file mode 100644 -index 0000000..cc9faef ---- /dev/null -+++ b/include/grub/loongarch64/memory.h -@@ -0,0 +1,59 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_MEMORY_CPU_HEADER -+#define GRUB_MEMORY_CPU_HEADER 1 -+ -+#ifndef ASM_FILE -+#include -+#include -+#include -+#endif -+ -+#ifndef ASM_FILE -+ -+typedef grub_addr_t grub_phys_addr_t; -+ -+static inline grub_phys_addr_t -+grub_vtop (void *a) -+{ -+ if (-1 == ((grub_int64_t) a >> 32)) -+ return ((grub_phys_addr_t) a) & 0x1fffffffUL; -+ return ((grub_phys_addr_t) a) & 0xffffffffffffUL; -+} -+ -+static inline void * -+grub_map_memory (grub_phys_addr_t a, grub_size_t size) -+{ -+ grub_uint64_t addr; -+ asm volatile ("csrrd %0, 0x181" : "=r" (addr)); -+ if (addr & 0x1) -+ return (void *) (a | (addr & 0xffffffffffffff00UL)); -+ else -+ return (void *) a; -+} -+ -+static inline void -+grub_unmap_memory (void *a __attribute__ ((unused)), -+ grub_size_t size __attribute__ ((unused))) -+{ -+} -+ -+#endif -+ -+#endif -diff --git a/include/grub/loongarch64/reloc.h b/include/grub/loongarch64/reloc.h -new file mode 100644 -index 0000000..2106ba2 ---- /dev/null -+++ b/include/grub/loongarch64/reloc.h -@@ -0,0 +1,113 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_LOONGARCH64_RELOC_H -+#define GRUB_LOONGARCH64_RELOC_H 1 -+#include -+ -+#define LOONGARCH64_STACK_MAX 16 -+ -+struct grub_loongarch64_stack -+{ -+ grub_uint64_t data[LOONGARCH64_STACK_MAX]; -+ int count; -+ int top; -+}; -+ -+typedef struct grub_loongarch64_stack* grub_loongarch64_stack_t; -+ -+void grub_loongarch64_stack_init (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_push (grub_loongarch64_stack_t stack, -+ grub_int64_t offset); -+void grub_loongarch64_sop_sub (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_sl (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_sr (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_add (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_and (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_if_else (grub_loongarch64_stack_t stack); -+void grub_loongarch64_sop_32_s_10_5 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_u_10_12 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_10_12 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_10_16 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_5_20 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_0_5_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+void grub_loongarch64_sop_32_s_0_10_10_16_s2 (grub_loongarch64_stack_t stack, -+ grub_uint64_t *place); -+ -+void grub_loongarch64_b26 (grub_uint32_t *place, grub_int64_t offset); -+void grub_loongarch64_xxx_hi20 (grub_uint32_t *place, grub_int64_t offset); -+void grub_loongarch64_xxx_lo12 (grub_uint32_t *place, grub_int64_t offset); -+void grub_loongarch64_xxx64_hi12 (grub_uint32_t *place, grub_int64_t offset); -+void grub_loongarch64_xxx64_lo20 (grub_uint32_t *place, grub_int64_t offset); -+ -+#define GRUB_LOONGARCH64_RELOCATION(STACK, PLACE, OFFSET) \ -+ case R_LARCH_SOP_PUSH_ABSOLUTE: \ -+ grub_loongarch64_sop_push (STACK, OFFSET); \ -+ break; \ -+ case R_LARCH_SOP_SUB: \ -+ grub_loongarch64_sop_sub (STACK); \ -+ break; \ -+ case R_LARCH_SOP_SL: \ -+ grub_loongarch64_sop_sl (STACK); \ -+ break; \ -+ case R_LARCH_SOP_SR: \ -+ grub_loongarch64_sop_sr (STACK); \ -+ break; \ -+ case R_LARCH_SOP_ADD: \ -+ grub_loongarch64_sop_add (STACK); \ -+ break; \ -+ case R_LARCH_SOP_AND: \ -+ grub_loongarch64_sop_and (STACK); \ -+ break; \ -+ case R_LARCH_SOP_IF_ELSE: \ -+ grub_loongarch64_sop_if_else (STACK); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_10_5: \ -+ grub_loongarch64_sop_32_s_10_5 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_U_10_12: \ -+ grub_loongarch64_sop_32_u_10_12 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_10_12: \ -+ grub_loongarch64_sop_32_s_10_12 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_10_16: \ -+ grub_loongarch64_sop_32_s_10_16 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_10_16_S2: \ -+ grub_loongarch64_sop_32_s_10_16_s2 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_5_20: \ -+ grub_loongarch64_sop_32_s_5_20 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_0_5_10_16_S2: \ -+ grub_loongarch64_sop_32_s_0_5_10_16_s2 (STACK, PLACE); \ -+ break; \ -+ case R_LARCH_SOP_POP_32_S_0_10_10_16_S2: \ -+ grub_loongarch64_sop_32_s_0_10_10_16_s2 (STACK, PLACE); \ -+ break; -+ -+#endif /* GRUB_LOONGARCH64_RELOC_H */ -diff --git a/include/grub/loongarch64/relocator.h b/include/grub/loongarch64/relocator.h -new file mode 100644 -index 0000000..cef3aaa ---- /dev/null -+++ b/include/grub/loongarch64/relocator.h -@@ -0,0 +1,38 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2022 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_RELOCATOR_CPU_HEADER -+#define GRUB_RELOCATOR_CPU_HEADER 1 -+ -+#include -+#include -+#include -+ -+struct grub_relocator64_state -+{ -+ /* gpr[0] is ignored since it's hardwired to 0. */ -+ grub_uint64_t gpr[32]; -+ /* Register holding target $pc. */ -+ int jumpreg; -+}; -+ -+grub_err_t -+grub_relocator64_boot (struct grub_relocator *rel, -+ struct grub_relocator64_state state); -+ -+#endif /* ! GRUB_RELOCATOR_CPU_HEADER */ -diff --git a/include/grub/loongarch64/setjmp.h b/include/grub/loongarch64/setjmp.h -new file mode 100644 -index 0000000..d9a0776 ---- /dev/null -+++ b/include/grub/loongarch64/setjmp.h -@@ -0,0 +1,27 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2004,2006,2007,2009,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_SETJMP_CPU_HEADER -+#define GRUB_SETJMP_CPU_HEADER 1 -+ -+typedef grub_uint64_t grub_jmp_buf[12]; -+ -+int grub_setjmp (grub_jmp_buf env) RETURNS_TWICE; -+void grub_longjmp (grub_jmp_buf env, int val) __attribute__ ((noreturn)); -+ -+#endif /* ! GRUB_SETJMP_CPU_HEADER */ -diff --git a/include/grub/loongarch64/time.h b/include/grub/loongarch64/time.h -new file mode 100644 -index 0000000..c9a7334 ---- /dev/null -+++ b/include/grub/loongarch64/time.h -@@ -0,0 +1,39 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2003,2004,2005,2007,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef KERNEL_CPU_TIME_HEADER -+#define KERNEL_CPU_TIME_HEADER 1 -+ -+#ifndef GRUB_UTIL -+ -+#define GRUB_TICKS_PER_SECOND (grub_arch_cpuclock / 2) -+ -+void grub_timer_init (grub_uint32_t cpuclock); -+ -+/* Return the real time in ticks. */ -+grub_uint64_t grub_get_rtc (void); -+ -+extern grub_uint32_t grub_arch_cpuclock; -+#endif -+ -+static inline void -+grub_cpu_idle(void) -+{ -+} -+ -+#endif -diff --git a/include/grub/loongarch64/types.h b/include/grub/loongarch64/types.h -new file mode 100644 -index 0000000..2dbefbf ---- /dev/null -+++ b/include/grub/loongarch64/types.h -@@ -0,0 +1,34 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2006,2007,2009,2017 Free Software Foundation, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#ifndef GRUB_TYPES_CPU_HEADER -+#define GRUB_TYPES_CPU_HEADER 1 -+ -+/* The size of void *. */ -+#define GRUB_TARGET_SIZEOF_VOID_P 8 -+ -+/* The size of long. */ -+#define GRUB_TARGET_SIZEOF_LONG 8 -+ -+#ifdef GRUB_CPU_LOONGARCH -+/* loongarch is little-endian. */ -+#undef GRUB_TARGET_WORDS_BIGENDIAN -+ -+#endif /* ! GRUB_TYPES_CPU_HEADER */ -+ -+#endif -diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index 51f3b13..a728afc 100644 ---- a/include/grub/util/install.h -+++ b/include/grub/util/install.h -@@ -114,6 +114,7 @@ enum grub_install_plat - GRUB_INSTALL_PLATFORM_ARM_COREBOOT, - GRUB_INSTALL_PLATFORM_RISCV32_EFI, - GRUB_INSTALL_PLATFORM_RISCV64_EFI, -+ GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI, - GRUB_INSTALL_PLATFORM_MAX - }; - -diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index 4833407..60d2c00 100644 ---- a/util/grub-install-common.c -+++ b/util/grub-install-common.c -@@ -939,6 +939,7 @@ static struct - [GRUB_INSTALL_PLATFORM_ARM_COREBOOT] = { "arm", "coreboot" }, - [GRUB_INSTALL_PLATFORM_RISCV32_EFI] = { "riscv32", "efi" }, - [GRUB_INSTALL_PLATFORM_RISCV64_EFI] = { "riscv64", "efi" }, -+ [GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI] = { "loongarch64", "efi" }, - }; - - char * -diff --git a/util/grub-install.c b/util/grub-install.c -index 5babc7a..c8f15df 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -332,6 +332,8 @@ get_default_platform (void) - #else - return NULL; - #endif -+#elif defined (__loongarch64) -+ return "loongarch64-efi"; - #else - return NULL; - #endif -@@ -487,6 +489,7 @@ have_bootdev (enum grub_install_plat pl) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_I386_IEEE1275: - case GRUB_INSTALL_PLATFORM_SPARC64_IEEE1275: - case GRUB_INSTALL_PLATFORM_POWERPC_IEEE1275: -@@ -906,6 +909,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_I386_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - case GRUB_INSTALL_PLATFORM_X86_64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - is_efi = 1; - grub_util_error (_("this utility cannot be used for EFI platforms" - " because it does not support UEFI Secure Boot")); -@@ -933,6 +937,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - case GRUB_INSTALL_PLATFORM_I386_IEEE1275: - case GRUB_INSTALL_PLATFORM_SPARC64_IEEE1275: -@@ -980,6 +985,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - case GRUB_INSTALL_PLATFORM_I386_IEEE1275: - case GRUB_INSTALL_PLATFORM_ARM_UBOOT: -@@ -1133,6 +1139,9 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: - efi_file = "BOOTRISCV64.EFI"; - break; -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: -+ efi_file = "BOOTLOONGARCH64.EFI"; -+ break; - default: - grub_util_error ("%s", _("You've found a bug")); - break; -@@ -1166,6 +1175,9 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: - efi_file = "grubriscv64.efi"; - break; -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: -+ efi_file = "grubloongarch64.efi"; -+ break; - default: - efi_file = "grub.efi"; - break; -@@ -1470,6 +1482,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - g = grub_util_guess_efi_drive (*curdev); - break; -@@ -1614,6 +1627,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - core_name = "core.efi"; - snprintf (mkimage_target, sizeof (mkimage_target), -@@ -1719,6 +1733,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - case GRUB_INSTALL_PLATFORM_MIPSEL_QEMU_MIPS: - case GRUB_INSTALL_PLATFORM_MIPS_QEMU_MIPS: -@@ -1973,6 +1988,7 @@ main (int argc, char *argv[]) - case GRUB_INSTALL_PLATFORM_ARM64_EFI: - case GRUB_INSTALL_PLATFORM_RISCV32_EFI: - case GRUB_INSTALL_PLATFORM_RISCV64_EFI: -+ case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI: - case GRUB_INSTALL_PLATFORM_IA64_EFI: - { - char *dst = grub_util_path_concat (2, efidir, efi_file); -diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c -index 3931194..cf582a9 100644 ---- a/util/grub-mkimagexx.c -+++ b/util/grub-mkimagexx.c -@@ -44,6 +44,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -1160,7 +1161,60 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd, - } - break; - } --#endif -+ case EM_LOONGARCH: -+ { -+ grub_int64_t pc; -+ grub_uint32_t *t32 = (grub_uint32_t *) target; -+ -+ sym_addr += addend; -+ pc = offset + target_section_addr + image_target->vaddr_offset; -+ -+ switch (ELF_R_TYPE (info)) -+ { -+ case R_LARCH_64: -+ { -+ grub_uint64_t *t64 = (grub_uint64_t *) target; -+ *t64 = grub_host_to_target64 (grub_target_to_host64 (*t64) + sym_addr); -+ } -+ break; -+ case R_LARCH_MARK_LA: -+ break; -+ case R_LARCH_B26: -+ { -+ grub_int64_t off; -+ off = sym_addr - target_section_addr - offset -+ - image_target->vaddr_offset; -+ grub_loongarch64_b26 (t32, off); -+ } -+ break; -+ case R_LARCH_ABS_HI20: -+ grub_loongarch64_xxx_hi20 (t32, sym_addr); -+ break; -+ case R_LARCH_ABS64_LO20: -+ grub_loongarch64_xxx64_lo20 (t32, sym_addr); -+ break; -+ case R_LARCH_ABS64_HI12: -+ grub_loongarch64_xxx64_hi12 (t32, sym_addr); -+ break; -+ case R_LARCH_PCALA_HI20: -+ { -+ grub_int32_t hi20; -+ hi20 = (((sym_addr + 0x800) & ~0xfffULL) - (pc & ~0xfffULL)); -+ grub_loongarch64_xxx_hi20 (t32, hi20); -+ } -+ break; -+ case R_LARCH_ABS_LO12: -+ case R_LARCH_PCALA_LO12: -+ grub_loongarch64_xxx_lo12 (t32, sym_addr); -+ break; -+ default: -+ grub_util_error (_("relocation 0x%x is not implemented yet"), -+ (unsigned int) ELF_R_TYPE (info)); -+ break; -+ } -+ break; -+ } -+#endif /* defined(MKIMAGE_ELF64) */ - #if defined(MKIMAGE_ELF32) - case EM_ARM: - { -@@ -1538,7 +1592,10 @@ add_fixup_entry (struct fixup_block_list **cblock, grub_uint16_t type, - - /* The spec does not mention the requirement of a Page RVA. - Here, align the address with a 4K boundary for safety. */ -- b->page_rva = (addr & ~(0x1000 - 1)); -+#ifdef GRUB_CPU_LOONGARCH64 -+ if (type) -+#endif -+ b->page_rva = (addr & ~(0x1000 - 1)); - b->block_size = sizeof (*b); - } - -@@ -1548,7 +1605,11 @@ add_fixup_entry (struct fixup_block_list **cblock, grub_uint16_t type, - - /* Add a new entry. */ - cur_index = ((b->block_size - sizeof (*b)) >> 1); -+#ifdef GRUB_CPU_LOONGARCH64 -+ entry = GRUB_PE32_FIXUP_ENTRY (type, type ? (addr - b->page_rva) : addr); -+#else - entry = GRUB_PE32_FIXUP_ENTRY (type, addr - b->page_rva); -+#endif - b->entries[cur_index] = grub_host_to_target16 (entry); - b->block_size += 2; - } -@@ -1704,7 +1765,39 @@ translate_relocation_pe (struct translate_context *ctx, - break; - } - break; -- break; -+#if defined(MKIMAGE_ELF64) -+ case EM_LOONGARCH: -+ switch (ELF_R_TYPE (info)) -+ { -+ case R_LARCH_64: -+ ctx->current_address = add_fixup_entry (&ctx->lst, -+ GRUB_PE32_REL_BASED_DIR64, addr, 0, -+ ctx->current_address, image_target); -+ break; -+ case R_LARCH_MARK_LA: -+ ctx->current_address = add_fixup_entry (&ctx->lst, -+ GRUB_PE32_REL_BASED_LOONGARCH64_MARK_LA, -+ addr, 0, ctx->current_address, image_target); -+ break; -+ /* Relative relocations do not require fixup entries. */ -+ case R_LARCH_B26: -+ case R_LARCH_ABS_HI20: -+ case R_LARCH_ABS_LO12: -+ case R_LARCH_ABS64_LO20: -+ case R_LARCH_ABS64_HI12: -+ case R_LARCH_PCALA_HI20: -+ case R_LARCH_PCALA_LO12: -+ grub_util_info (" %s: not adding fixup: 0x%08x : 0x%08x", -+ __FUNCTION__, (unsigned int) addr, -+ (unsigned int) ctx->current_address); -+ break; -+ default: -+ grub_util_error (_("relocation 0x%x is not implemented yet"), -+ (unsigned int) ELF_R_TYPE (info)); -+ break; -+ } -+ break; -+#endif /* defined(MKIMAGE_ELF64) */ - #if defined(MKIMAGE_ELF32) - case EM_ARM: - switch (ELF_R_TYPE (info)) -diff --git a/util/grub-module-verifier.c b/util/grub-module-verifier.c -index 163529c..071d1c3 100644 ---- a/util/grub-module-verifier.c -+++ b/util/grub-module-verifier.c -@@ -176,6 +176,21 @@ struct grub_module_verifier_arch archs[] = { - -1 - } - }, -+ { "loongarch64", 8, 0, EM_LOONGARCH, GRUB_MODULE_VERIFY_SUPPORTS_REL | GRUB_MODULE_VERIFY_SUPPORTS_RELA, (int[]){ -+ R_LARCH_NONE, -+ R_LARCH_64, -+ R_LARCH_MARK_LA, -+ R_LARCH_B26, -+ R_LARCH_ABS_HI20, -+ R_LARCH_ABS_LO12, -+ R_LARCH_ABS64_LO20, -+ R_LARCH_ABS64_HI12, -+ R_LARCH_PCALA_HI20, -+ R_LARCH_PCALA_LO12, -+ -1 -+ }, (int[]){ -+ -1 -+ } }, - }; - - struct platform_whitelist { -diff --git a/util/mkimage.c b/util/mkimage.c -index 8319e8d..4e09dfc 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -654,6 +654,22 @@ static const struct grub_install_image_target_desc image_targets[] = - .pe_target = GRUB_PE32_MACHINE_RISCV64, - .elf_target = EM_RISCV, - }, -+ { -+ .dirname = "loongarch64-efi", -+ .names = { "loongarch64-efi", NULL }, -+ .voidp_sizeof = 8, -+ .bigendian = 0, -+ .id = IMAGE_EFI, -+ .flags = PLATFORM_FLAGS_NONE, -+ .total_module_size = TARGET_NO_FIELD, -+ .decompressor_compressed_size = TARGET_NO_FIELD, -+ .decompressor_uncompressed_size = TARGET_NO_FIELD, -+ .decompressor_uncompressed_addr = TARGET_NO_FIELD, -+ .section_align = GRUB_PE32_SECTION_ALIGNMENT, -+ .vaddr_offset = EFI64_HEADER_SIZE, -+ .pe_target = GRUB_PE32_MACHINE_LOONGARCH64, -+ .elf_target = EM_LOONGARCH, -+ }, - }; - - #include --- -2.33.0 - diff --git a/1001-loongarch-Modify-the-location-where-initrd-is-loaded.patch b/1001-loongarch-Modify-the-location-where-initrd-is-loaded.patch deleted file mode 100644 index abbf1b5696831603c274e18548d1c2dcf7d951e0..0000000000000000000000000000000000000000 --- a/1001-loongarch-Modify-the-location-where-initrd-is-loaded.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 062741f3d9878bcbd4556f3bfe73d1bead458255 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Thu, 2 Feb 2023 20:32:17 +0800 -Subject: [PATCH] loongarch: Modify the location where initrd is loaded into - memory - -Try to allocate memory from higher than 256MB to -avoid kernel relocation overlaying initrd. If failed, -allocate memory in range 0~256MB, and high address -takes precedence. - -Signed-off-by: mengyingkun ---- - grub-core/loader/loongarch64/linux-elf.c | 21 +++++++++++++++++++++ - grub-core/loader/loongarch64/linux.c | 2 +- - include/grub/loongarch64/linux.h | 5 +++++ - 3 files changed, 27 insertions(+), 1 deletion(-) - -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -index 85585b4..8260e4c 100644 ---- a/grub-core/loader/loongarch64/linux-elf.c -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -304,6 +304,27 @@ grub_linux_loongarch_alloc_virtual_mem_align (grub_size_t size, - return get_virtual_current_address (ch); - } - -+void* -+grub_linux_loongarch_alloc_initrd_mem_align (grub_size_t size, -+ grub_size_t align, -+ grub_err_t *err) -+{ -+ grub_relocator_chunk_t ch; -+ -+ /* Firstly try to allocate from memory higher than 256MB */ -+ *err = grub_relocator_alloc_chunk_align (relocator, &ch, -+ 0x10000000, (0xffffffff - size) + 1, size, align, -+ GRUB_RELOCATOR_PREFERENCE_LOW, 0); -+ if (*err != GRUB_ERR_NONE) -+ { -+ /* Failed, try to allocate in range 0 ~ 256MB */ -+ *err = grub_relocator_alloc_chunk_align (relocator, &ch, -+ 0, (0xfffffff - size) + 1, size, align, -+ GRUB_RELOCATOR_PREFERENCE_HIGH, 0); -+ } -+ return get_virtual_current_address (ch); -+} -+ - int - grub_linux_loongarch_elf_get_boot_params (struct boot_params_interface **boot_params) - { -diff --git a/grub-core/loader/loongarch64/linux.c b/grub-core/loader/loongarch64/linux.c -index 783054b..4c02194 100644 ---- a/grub-core/loader/loongarch64/linux.c -+++ b/grub-core/loader/loongarch64/linux.c -@@ -351,7 +351,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - initrd_mem = allocate_initrd_mem (initrd_pages); - } else { - grub_err_t err; -- initrd_mem = grub_linux_loongarch_alloc_virtual_mem_align (initrd_size, 0x10000, &err); -+ initrd_mem = grub_linux_loongarch_alloc_initrd_mem_align (initrd_size, 0x10000, &err); - if (err) - goto fail; - } -diff --git a/include/grub/loongarch64/linux.h b/include/grub/loongarch64/linux.h -index af1f51d..f4b198a 100644 ---- a/include/grub/loongarch64/linux.h -+++ b/include/grub/loongarch64/linux.h -@@ -129,6 +129,11 @@ grub_linux_loongarch_alloc_virtual_mem_align (grub_size_t size, - grub_size_t align, - grub_err_t *err); - -+void* -+grub_linux_loongarch_alloc_initrd_mem_align (grub_size_t size, -+ grub_size_t align, -+ grub_err_t *err); -+ - void - grub_linux_loongarch_elf_relocator_unload (void); - --- -2.33.0 - diff --git a/1002-loongarch-Add-EFI-frame-buffer-support.patch b/1002-loongarch-Add-EFI-frame-buffer-support.patch deleted file mode 100644 index ca432afd8a1de630aeed547323c6746df3dbfb4c..0000000000000000000000000000000000000000 --- a/1002-loongarch-Add-EFI-frame-buffer-support.patch +++ /dev/null @@ -1,337 +0,0 @@ -From 1ebd229556ba767f76c829b6d00d8a7b5bf28e65 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Wed, 8 Feb 2023 09:24:05 +0800 -Subject: [PATCH] loongarch: Add EFI frame buffer support - -Signed-off-by: yangqiming -Signed-off-by: mengyingkun ---- - grub-core/loader/loongarch64/linux-elf.c | 232 +++++++++++++++++++++++ - include/grub/loongarch64/linux.h | 47 +++++ - 2 files changed, 279 insertions(+) - -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -index 8260e4c..852e8f4 100644 ---- a/grub-core/loader/loongarch64/linux-elf.c -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - #define GRUB_ADDRESS_TYPE_SYSRAM 1 - #define GRUB_ADDRESS_TYPE_RESERVED 2 -@@ -34,13 +35,242 @@ - { 0x89, 0x9a, 0x43, 0x18, 0x02, 0x50, 0xa0, 0xc9 } \ - } - -+#define GRUB_EFI_LARCH_SCREEN_INFO_GUID \ -+ { 0x07fd51a6, 0x9532, 0x926f, \ -+ { 0x51, 0xdc, 0x6a, 0x63, 0x60, 0x2f, 0x84, 0xb4 } \ -+ } -+ -+#define GRUB_EFI_LARCH_CONSOLE_OUT_DEVICE_GUID \ -+ { 0xd3b36f2c, 0xd551, 0x11d4, \ -+ { 0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d } \ -+ } -+ - static struct grub_relocator *relocator; -+static grub_efi_guid_t screen_info_guid = GRUB_EFI_LARCH_SCREEN_INFO_GUID; - - void grub_linux_loongarch_elf_relocator_unload (void) - { - grub_relocator_unload (relocator); - } - -+static void -+find_bits (unsigned long mask, grub_efi_uint8_t *pos, grub_efi_uint8_t *size) -+{ -+ grub_efi_uint8_t first, len; -+ -+ first = 0; -+ len = 0; -+ -+ if (mask) -+ { -+ while (!(mask & 0x1)) -+ { -+ mask = mask >> 1; -+ first++; -+ } -+ -+ while (mask & 0x1) -+ { -+ mask = mask >> 1; -+ len++; -+ } -+ } -+ -+ *pos = first; -+ *size = len; -+} -+ -+static void -+setup_pixel_info (struct screen_info *si, grub_efi_uint32_t pixels_per_scan_line, -+ struct grub_efi_gop_pixel_bitmask pixel_info, int pixel_format) -+{ -+ if (pixel_format == GRUB_EFI_GOT_RGBA8) -+ { -+ si->lfb_depth = 32; -+ si->lfb_linelength = pixels_per_scan_line * 4; -+ si->red_size = 8; -+ si->red_pos = 0; -+ si->green_size = 8; -+ si->green_pos = 8; -+ si->blue_size = 8; -+ si->blue_pos = 16; -+ si->rsvd_size = 8; -+ si->rsvd_pos = 24; -+ } -+ else if (pixel_format == GRUB_EFI_GOT_BGRA8) -+ { -+ si->lfb_depth = 32; -+ si->lfb_linelength = pixels_per_scan_line * 4; -+ si->red_size = 8; -+ si->red_pos = 16; -+ si->green_size = 8; -+ si->green_pos = 8; -+ si->blue_size = 8; -+ si->blue_pos = 0; -+ si->rsvd_size = 8; -+ si->rsvd_pos = 24; -+ } -+ else if (pixel_format == GRUB_EFI_GOT_BITMASK) -+ { -+ find_bits(pixel_info.r, &si->red_pos, &si->red_size); -+ find_bits(pixel_info.g, &si->green_pos, &si->green_size); -+ find_bits(pixel_info.b, &si->blue_pos, &si->blue_size); -+ find_bits(pixel_info.a, &si->rsvd_pos, &si->rsvd_size); -+ si->lfb_depth = si->red_size + si->green_size + -+ si->blue_size + si->rsvd_size; -+ si->lfb_linelength = (pixels_per_scan_line * si->lfb_depth) / 8; -+ } -+ else -+ { -+ si->lfb_depth = 4; -+ si->lfb_linelength = si->lfb_width / 2; -+ si->red_size = 0; -+ si->red_pos = 0; -+ si->green_size = 0; -+ si->green_pos = 0; -+ si->blue_size = 0; -+ si->blue_pos = 0; -+ si->rsvd_size = 0; -+ si->rsvd_pos = 0; -+ } -+} -+ -+static struct screen_info * -+alloc_screen_info (void) -+{ -+ grub_efi_status_t status; -+ grub_efi_boot_services_t *b; -+ struct screen_info *si; -+ -+ b = grub_efi_system_table->boot_services; -+ status = efi_call_3 (b->allocate_pool, GRUB_EFI_RUNTIME_SERVICES_DATA, -+ sizeof(*si), (void**)&si); -+ if (status != GRUB_EFI_SUCCESS) -+ return NULL; -+ -+ status = b->install_configuration_table (&screen_info_guid, si); -+ if (status == GRUB_EFI_SUCCESS) -+ return si; -+ -+ efi_call_1 (b->free_pool, si); -+ -+ return NULL; -+} -+ -+static struct screen_info * -+setup_screen_info (void) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_handle_t gop_handle; -+ struct screen_info *si = NULL; -+ struct grub_efi_gop *gop, *first_gop; -+ grub_efi_handle_t *handles; -+ grub_efi_uintn_t num_handles, i; -+ grub_efi_guid_t graphics_output_guid = GRUB_EFI_GOP_GUID; -+ grub_efi_uint16_t width, height; -+ grub_efi_uint32_t ext_lfb_base, pixels_per_scan_line; -+ grub_efi_uint64_t fb_base; -+ struct grub_efi_gop_pixel_bitmask pixel_info; -+ grub_efi_gop_pixel_format_t pixel_format; -+ -+ si = alloc_screen_info(); -+ if (!si) -+ return NULL; -+ -+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, -+ &graphics_output_guid, NULL, &num_handles); -+ if (!handles || num_handles == 0) -+ goto free_screen_info; -+ -+ gop = NULL; -+ first_gop = NULL; -+ -+ for (i = 0; i < num_handles; i++) -+ { -+ struct grub_efi_gop_mode *mode; -+ struct grub_efi_gop_mode_info *info = NULL; -+ grub_efi_guid_t conout_proto = GRUB_EFI_LARCH_CONSOLE_OUT_DEVICE_GUID; -+ void *dummy = NULL; -+ grub_efi_uint8_t conout_found = 0; -+ grub_efi_uint64_t current_fb_base; -+ -+ gop_handle = handles[i]; -+ gop = grub_efi_open_protocol (gop_handle, &graphics_output_guid, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ -+ dummy = grub_efi_open_protocol (gop_handle, &conout_proto, -+ GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ if (dummy != NULL) -+ conout_found = 1; -+ -+ mode = gop->mode; -+ info = mode->info; -+ current_fb_base = mode->fb_base; -+ -+ if ((!first_gop || conout_found) && -+ info->pixel_format != GRUB_EFI_GOT_BLT_ONLY) -+ { -+ /* -+ * Systems that use the UEFI Console Splitter may -+ * provide multiple GOP devices, not all of which are -+ * backed by real hardware. The workaround is to search -+ * for a GOP implementing the ConOut protocol, and if -+ * one isn't found, to just fall back to the first GOP. -+ */ -+ width = info->width; -+ height = info->height; -+ pixel_format = info->pixel_format; -+ pixel_info = info->pixel_bitmask; -+ pixels_per_scan_line = info->pixels_per_scanline; -+ fb_base = current_fb_base; -+ -+ /* -+ * Once we've found a GOP supporting ConOut, -+ * don't bother looking any further. -+ */ -+ first_gop = gop; -+ if (conout_found) -+ break; -+ } -+ } -+ -+ /* Did we find any GOPs? */ -+ if (!first_gop) -+ goto free_screen_info; -+ -+ /* EFI framebuffer */ -+ si->orig_video_isVGA = GRUB_VIDEO_TYPE_EFI; -+ -+ si->lfb_width = width; -+ si->lfb_height = height; -+ si->lfb_base = fb_base; -+ grub_dprintf ("loongson", "Screen info fb base: 0x%"PRIxGRUB_UINT32_T"\n", -+ si->lfb_base); -+ -+ ext_lfb_base = (grub_uint64_t)fb_base >> 32; -+ if (ext_lfb_base) { -+ si->capabilities |= GRUB_VIDEO_CAPABILITY_64BIT_BASE; -+ si->ext_lfb_base = ext_lfb_base; -+ } -+ si->pages = 1; -+ -+ setup_pixel_info(si, pixels_per_scan_line, pixel_info, pixel_format); -+ -+ si->lfb_size = si->lfb_linelength * si->lfb_height; -+ si->capabilities |= GRUB_VIDEO_CAPABILITY_SKIP_QUIRKS; -+ -+ return si; -+ -+free_screen_info: -+ b = grub_efi_system_table->boot_services; -+ b->install_configuration_table (&screen_info_guid, NULL); -+ if (si) -+ efi_call_1 (b->free_pool, si); -+ -+ grub_dprintf ("loongson", "No screen info\n"); -+ return NULL; -+} -+ - static grub_err_t - allocate_fdt_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_params) - { -@@ -242,6 +472,8 @@ grub_linux_loongarch_elf_linux_boot_image (struct linux_loongarch64_kernel_param - struct grub_relocator64_state state; - grub_err_t err; - -+ setup_screen_info (); -+ - /* linux kernel type is ELF */ - grub_memset (&state, 0, sizeof (state)); - -diff --git a/include/grub/loongarch64/linux.h b/include/grub/loongarch64/linux.h -index f4b198a..c010982 100644 ---- a/include/grub/loongarch64/linux.h -+++ b/include/grub/loongarch64/linux.h -@@ -79,6 +79,53 @@ struct linux_loongarch64_kernel_params - sizeof (FDT_ADDR_CELLS_STRING) + \ - sizeof (FDT_SIZE_CELLS_STRING)) - -+/* -+ * These are set up by the setup-routine at boot-time: -+ */ -+struct screen_info { -+ grub_efi_uint8_t orig_x; /* 0x00 */ -+ grub_efi_uint8_t orig_y; /* 0x01 */ -+ grub_efi_uint16_t ext_mem_k; /* 0x02 */ -+ grub_efi_uint16_t orig_video_page; /* 0x04 */ -+ grub_efi_uint8_t orig_video_mode; /* 0x06 */ -+ grub_efi_uint8_t orig_video_cols; /* 0x07 */ -+ grub_efi_uint8_t flags; /* 0x08 */ -+ grub_efi_uint8_t unused2; /* 0x09 */ -+ grub_efi_uint16_t orig_video_ega_bx;/* 0x0a */ -+ grub_efi_uint16_t unused3; /* 0x0c */ -+ grub_efi_uint8_t orig_video_lines; /* 0x0e */ -+ grub_efi_uint8_t orig_video_isVGA; /* 0x0f */ -+ grub_efi_uint16_t orig_video_points;/* 0x10 */ -+ -+ /* VESA graphic mode -- linear frame buffer */ -+ grub_efi_uint16_t lfb_width; /* 0x12 */ -+ grub_efi_uint16_t lfb_height; /* 0x14 */ -+ grub_efi_uint16_t lfb_depth; /* 0x16 */ -+ grub_efi_uint32_t lfb_base; /* 0x18 */ -+ grub_efi_uint32_t lfb_size; /* 0x1c */ -+ grub_efi_uint16_t cl_magic, cl_offset; /* 0x20 */ -+ grub_efi_uint16_t lfb_linelength; /* 0x24 */ -+ grub_efi_uint8_t red_size; /* 0x26 */ -+ grub_efi_uint8_t red_pos; /* 0x27 */ -+ grub_efi_uint8_t green_size; /* 0x28 */ -+ grub_efi_uint8_t green_pos; /* 0x29 */ -+ grub_efi_uint8_t blue_size; /* 0x2a */ -+ grub_efi_uint8_t blue_pos; /* 0x2b */ -+ grub_efi_uint8_t rsvd_size; /* 0x2c */ -+ grub_efi_uint8_t rsvd_pos; /* 0x2d */ -+ grub_efi_uint16_t vesapm_seg; /* 0x2e */ -+ grub_efi_uint16_t vesapm_off; /* 0x30 */ -+ grub_efi_uint16_t pages; /* 0x32 */ -+ grub_efi_uint16_t vesa_attributes; /* 0x34 */ -+ grub_efi_uint32_t capabilities; /* 0x36 */ -+ grub_efi_uint32_t ext_lfb_base; /* 0x3a */ -+ grub_efi_uint8_t _reserved[2]; /* 0x3e */ -+} __attribute__((packed)); -+ -+#define GRUB_VIDEO_TYPE_EFI 0x70 -+#define GRUB_VIDEO_CAPABILITY_SKIP_QUIRKS (1 << 0) -+#define GRUB_VIDEO_CAPABILITY_64BIT_BASE (1 << 1) /* Frame buffer base is 64-bit */ -+ - /* From arch/loongarch/include/asm/mach-loongson64/boot_param.h */ - struct _extention_list_hdr { - grub_uint64_t signature; --- -2.33.0 - diff --git a/1003-loongarch-Add-support-for-v4.0-interface.patch b/1003-loongarch-Add-support-for-v4.0-interface.patch deleted file mode 100644 index 86296044d19163dcfae69874e515344a2a67e4fc..0000000000000000000000000000000000000000 --- a/1003-loongarch-Add-support-for-v4.0-interface.patch +++ /dev/null @@ -1,434 +0,0 @@ -From d984a64ff93443630fde3211e1a8ec42d92a6b56 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Mon, 13 Feb 2023 14:40:16 +0800 -Subject: [PATCH] loongarch: Add support for v4.0 interface - -This patch adds support for parameter passing converntion -between bootloader and kernel, defined in the document -"loongson devsys firmware kernel interface specification v4.0" - -Signed-off-by: yangqiming -Signed-off-by: mengyingkun ---- - grub-core/lib/loongarch64/relocator.c | 2 +- - grub-core/loader/loongarch64/linux-elf.c | 177 ++++++++++++++++++++--- - grub-core/loader/loongarch64/linux.c | 49 ++----- - include/grub/loongarch64/linux.h | 20 +++ - 4 files changed, 190 insertions(+), 58 deletions(-) - -diff --git a/grub-core/lib/loongarch64/relocator.c b/grub-core/lib/loongarch64/relocator.c -index faa4553..587fc58 100644 ---- a/grub-core/lib/loongarch64/relocator.c -+++ b/grub-core/lib/loongarch64/relocator.c -@@ -122,7 +122,7 @@ grub_relocator64_boot (struct grub_relocator *rel, - unsigned i; - grub_addr_t vtarget; - -- err = grub_relocator_alloc_chunk_align (rel, &ch, 0, -+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0x3000000, - (0xffffffff - stateset_size) - + 1, stateset_size, - grub_relocator_align, -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -index 852e8f4..15f9984 100644 ---- a/grub-core/loader/loongarch64/linux-elf.c -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -25,11 +25,14 @@ - #include - #include - -+#define GRUB_EFI_MMAP_NR_SLACK_SLOTS 8 -+ - #define GRUB_ADDRESS_TYPE_SYSRAM 1 - #define GRUB_ADDRESS_TYPE_RESERVED 2 - #define GRUB_ADDRESS_TYPE_ACPI 3 - #define GRUB_ADDRESS_TYPE_NVS 4 - #define GRUB_ADDRESS_TYPE_PMEM 5 -+ - #define GRUB_EFI_LOONGSON_BPI_TABLE_GUID \ - { 0x4660f721, 0x2ec5, 0x416a, \ - { 0x89, 0x9a, 0x43, 0x18, 0x02, 0x50, 0xa0, 0xc9 } \ -@@ -45,6 +48,16 @@ - { 0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d } \ - } - -+#define GRUB_EFI_LARCH_BOOT_MEMMAP_GUID \ -+ { 0x800f683f, 0xd08b, 0x423a, \ -+ { 0xa2, 0x93, 0x96, 0x5c, 0x3c, 0x6f, 0xe2, 0xb4 } \ -+ } -+ -+#define GRUB_EFI_LARCH_INITRD_MEDIA_GUID \ -+ { 0x5568e427, 0x68fc, 0x4f3d, \ -+ { 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68 } \ -+ } -+ - static struct grub_relocator *relocator; - static grub_efi_guid_t screen_info_guid = GRUB_EFI_LARCH_SCREEN_INFO_GUID; - -@@ -271,6 +284,135 @@ free_screen_info: - return NULL; - } - -+static grub_err_t -+allocate_memmap_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_params) -+{ -+ grub_err_t err; -+ grub_efi_status_t status; -+ grub_efi_uintn_t mmap_size, desc_size, size; -+ grub_efi_uint32_t desc_version; -+ grub_efi_memory_descriptor_t *mmap_buf; -+ grub_efi_boot_services_t *b; -+ struct efi_boot_memmap *m, tmp; -+ struct efi_initrd *tbl = NULL; -+ grub_efi_guid_t boot_memmap_guid = GRUB_EFI_LARCH_BOOT_MEMMAP_GUID; -+ grub_efi_guid_t initrd_media_guid = GRUB_EFI_LARCH_INITRD_MEDIA_GUID; -+ -+ setup_screen_info(); -+ -+ b = grub_efi_system_table->boot_services; -+ -+ grub_dprintf ("loongson", "ramdisk_addr:0x%"PRIxGRUB_UINT64_T", \ -+ size:0x%"PRIxGRUB_UINT64_T"\n", -+ kernel_params->ramdisk_addr, -+ kernel_params->ramdisk_size); -+#if 0 -+ char string[64]; -+ -+ /* Set initrd info to cmdline*/ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ grub_printf ( "Initrd @ %p-%p\n", -+ (void *) kernel_params->ramdisk_addr, -+ (void *) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -+ /* initrd */ -+ grub_snprintf (string, -+ sizeof (GRUB_INITRD_STRING), -+ "initrd=0x%lx,0x%lx", -+ ((grub_uint64_t) kernel_params->ramdisk_addr & 0xffffffff), -+ (grub_uint64_t) kernel_params->ramdisk_size); -+ *(char*) ((grub_addr_t) kernel_params->linux_args + kernel_params->ramdisk_args_len - 2) = ' '; -+ grub_memcpy ((char*) ((grub_addr_t) kernel_params->linux_args + kernel_params->ramdisk_args_len - 1), -+ string, sizeof (GRUB_INITRD_STRING)); -+ } -+#else -+ /* Set initrd info to system table*/ -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ { -+ tbl = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -+ if (!tbl) -+ return grub_error (GRUB_ERR_IO, "cannot allocate tbl memory"); -+ tbl->base = kernel_params->ramdisk_addr; -+ tbl->size = kernel_params->ramdisk_size; -+ -+ status = b->install_configuration_table (&initrd_media_guid, tbl); -+ if (status != GRUB_EFI_SUCCESS) { -+ grub_error (GRUB_ERR_IO, "failed to install initrd media"); -+ goto free_tbl; -+ } -+ } -+#endif -+ -+ tmp.map_size = 0; -+ status = grub_efi_get_memory_map (&tmp.map_size, NULL, &tmp.map_key, -+ &tmp.desc_size, &tmp.desc_ver); -+ if (status != 0) { -+ grub_error (GRUB_ERR_IO, "cannot get memory map"); -+ goto uninstall_initrd_table; -+ } -+ size = tmp.map_size + tmp.desc_size * GRUB_EFI_MMAP_NR_SLACK_SLOTS; -+ m = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (sizeof(*m) + size)); -+ if (!m) { -+ grub_error (GRUB_ERR_IO, "cannot allocate m memory"); -+ goto uninstall_initrd_table; -+ } -+ -+ status = b->install_configuration_table (&boot_memmap_guid, m); -+ if (status != GRUB_EFI_SUCCESS) { -+ grub_error (GRUB_ERR_IO, "failed to install boot memmap"); -+ goto free_m; -+ } -+ -+ m->buff_size = m->map_size = size; -+ if (grub_efi_get_memory_map (&m->map_size, m->map, -+ &m->map_key, &m->desc_size, -+ &m->desc_ver) <= 0) -+ { -+ grub_error (GRUB_ERR_IO, "cannot get EFI memory map"); -+ goto uninstall_mem_table; -+ } -+ -+ mmap_size = grub_efi_find_mmap_size (); -+ if (! mmap_size) -+ goto uninstall_mem_table; -+ -+ mmap_buf = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (mmap_size)); -+ err = grub_efi_finish_boot_services (&mmap_size, mmap_buf, NULL, -+ &desc_size, &desc_version); -+ if (err) { -+ grub_error (GRUB_ERR_IO, "failed to finish boot services"); -+ goto free_map; -+ } -+ -+ return 0; -+ -+free_map: -+ if (mmap_buf) -+ grub_efi_free_pages ((grub_addr_t) mmap_buf, -+ GRUB_EFI_BYTES_TO_PAGES (mmap_size)); -+ -+uninstall_mem_table: -+ b->install_configuration_table (&boot_memmap_guid, NULL); -+ -+free_m: -+ if (m) -+ grub_efi_free_pages ((grub_addr_t) m, -+ GRUB_EFI_BYTES_TO_PAGES (sizeof(*m) + size)); -+ -+uninstall_initrd_table: -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -+ b->install_configuration_table (&initrd_media_guid, NULL); -+ -+free_tbl: -+ if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) { -+ if (tbl) -+ grub_efi_free_pages ((grub_addr_t) tbl, -+ GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -+ } -+ -+ return grub_error(GRUB_ERR_BAD_OS, "failed to V40 boot"); -+} -+ - static grub_err_t - allocate_fdt_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_params) - { -@@ -400,12 +542,11 @@ grub_linux_loongarch_elf_make_argv (struct linux_loongarch64_kernel_params *kern - } - - if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -- { -- size += ALIGN_UP (sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), 4) \ -- + ALIGN_UP (sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), 4) \ -- + ALIGN_UP (sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), -- 4); -- } -+ { -+ size += ALIGN_UP (sizeof (GRUB_RD_START_STRING), 4) -+ + ALIGN_UP (sizeof (GRUB_RD_SIZE_STRING), 4) -+ + ALIGN_UP (sizeof (GRUB_INITRD_STRING), 4); -+ } - size = ALIGN_UP (size, 8); - - /* alloc memory */ -@@ -427,33 +568,33 @@ grub_linux_loongarch_elf_make_argv (struct linux_loongarch64_kernel_params *kern - { - /* rd_start */ - grub_snprintf (linux_args, -- sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), -+ sizeof (GRUB_RD_START_STRING), - "rd_start=0x%lx", - (grub_uint64_t) kernel_params->ramdisk_addr); - *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; - linux_argv++; -- linux_args += ALIGN_UP (sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), 4); -+ linux_args += ALIGN_UP (sizeof (GRUB_RD_START_STRING), 4); - kernel_params->linux_argc++; - - /* rd_size */ - grub_snprintf (linux_args, -- sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), -+ sizeof (GRUB_RD_SIZE_STRING), - "rd_size=0x%lx", - (grub_uint64_t) kernel_params->ramdisk_size); - *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; - linux_argv++; -- linux_args += ALIGN_UP (sizeof ("rd_size=0xXXXXXXXXXXXXXXXX"), 4); -+ linux_args += ALIGN_UP (sizeof (GRUB_RD_SIZE_STRING), 4); - kernel_params->linux_argc++; - - /* initrd */ - grub_snprintf (linux_args, -- sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), -+ sizeof (GRUB_INITRD_STRING), - "initrd=0x%lx,0x%lx", - ((grub_uint64_t) kernel_params->ramdisk_addr & 0xffffffff), - (grub_uint64_t) kernel_params->ramdisk_size); - *linux_argv = (grub_uint64_t) (grub_addr_t) linux_args; - linux_argv++; -- linux_args += ALIGN_UP (sizeof ("initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX"), 4); -+ linux_args += ALIGN_UP (sizeof (GRUB_INITRD_STRING), 4); - kernel_params->linux_argc++; - } - -@@ -472,8 +613,6 @@ grub_linux_loongarch_elf_linux_boot_image (struct linux_loongarch64_kernel_param - struct grub_relocator64_state state; - grub_err_t err; - -- setup_screen_info (); -- - /* linux kernel type is ELF */ - grub_memset (&state, 0, sizeof (state)); - -@@ -481,14 +620,14 @@ grub_linux_loongarch_elf_linux_boot_image (struct linux_loongarch64_kernel_param - state.gpr[1] = kernel_params->kernel_addr; /* ra */ - if (grub_linux_loongarch_elf_get_boot_params (&boot_params) == 0) - { -- grub_printf("not find param, is fdt boot\n"); -- if (allocate_fdt_and_exit_boot (kernel_params) != GRUB_ERR_NONE) -+ grub_dprintf("loongson", "V4.0 boot\n"); -+ if (allocate_memmap_and_exit_boot (kernel_params) != GRUB_ERR_NONE) - return grub_errno; - state.gpr[4] = 1 << FLAGS_EFI_SUPPORT_BIT; /* a0 = flag */ -- state.gpr[5] = (grub_uint64_t)kernel_params->fdt; /* a1 = fdt */ -- state.gpr[6] = 0; /* a2 = flag */ -+ state.gpr[5] = (grub_uint64_t)kernel_params->linux_args; /* a1 = cmdline */ -+ state.gpr[6] = (grub_uint64_t)grub_efi_system_table; /* a2 = system_table */ - } else { -- grub_printf("find param, is bpi boot\n"); -+ grub_dprintf("loongson", "BPI boot\n"); - grub_linux_loongarch_elf_make_argv (kernel_params); - state.gpr[4] = kernel_params->linux_argc; /* a0 = argc */ - state.gpr[5] = kernel_params->linux_argv; /* a1 = args */ -diff --git a/grub-core/loader/loongarch64/linux.c b/grub-core/loader/loongarch64/linux.c -index 4c02194..03b7940 100644 ---- a/grub-core/loader/loongarch64/linux.c -+++ b/grub-core/loader/loongarch64/linux.c -@@ -230,7 +230,10 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "kernel @ %p\n", (void*) kernel_params.kernel_addr); - } - -- cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); -+ cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE) -+ + sizeof (GRUB_INITRD_STRING); -+ kernel_params.ramdisk_args_len = grub_loader_cmdline_size (argc, argv) -+ + sizeof (LINUX_IMAGE); - kernel_params.linux_argc = argc; - kernel_params.linux_args = grub_malloc (cmdline_size); - if (!kernel_params.linux_args) -@@ -250,7 +253,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - { - err = grub_create_loader_cmdline (argc, argv, - (char*) ((grub_addr_t) kernel_params.linux_args + sizeof (LINUX_IMAGE) - 1), -- cmdline_size, -+ kernel_params.ramdisk_args_len, - GRUB_VERIFY_KERNEL_CMDLINE); - if (err) - goto fail; -@@ -299,26 +302,6 @@ fail: - return grub_errno; - } - --/* -- * This function returns a pointer to a legally allocated initrd buffer, -- * or NULL if unsuccessful -- */ --static void * --allocate_initrd_mem (int initrd_pages) --{ -- grub_addr_t max_addr; -- -- if (grub_efi_get_ram_base (&max_addr) != GRUB_ERR_NONE) -- return NULL; -- -- max_addr += INITRD_MAX_ADDRESS_OFFSET - 1; -- -- return grub_efi_allocate_pages_real (max_addr, initrd_pages, -- GRUB_EFI_ALLOCATE_MAX_ADDRESS, -- GRUB_EFI_LOADER_DATA); --} -- -- - static grub_err_t - grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - int argc, char *argv[]) -@@ -326,6 +309,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - struct grub_linux_initrd_context initrd_ctx = { 0, 0, 0 }; - grub_size_t initrd_size; - void *initrd_mem = NULL; -+ grub_err_t err; - - if (argc == 0) - { -@@ -345,16 +329,9 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - initrd_size = grub_get_initrd_size (&initrd_ctx); - grub_dprintf ("linux", "Loading initrd\n"); - -- if (is_bpi_boot == 0) { -- grub_size_t initrd_pages; -- initrd_pages = (GRUB_EFI_BYTES_TO_PAGES (initrd_size)); -- initrd_mem = allocate_initrd_mem (initrd_pages); -- } else { -- grub_err_t err; -- initrd_mem = grub_linux_loongarch_alloc_initrd_mem_align (initrd_size, 0x10000, &err); -- if (err) -- goto fail; -- } -+ initrd_mem = grub_linux_loongarch_alloc_initrd_mem_align (initrd_size, 0x1000, &err); -+ if (err) -+ goto fail; - - if (!initrd_mem) - { -@@ -369,14 +346,10 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - kernel_params.ramdisk_addr = (grub_addr_t) initrd_mem; - kernel_params.ramdisk_size = initrd_size; - grub_dprintf ("linux", "ramdisk [addr=%p, size=0x%lx]\n", -- (void *) initrd_mem, initrd_size); -+ (void *) initrd_mem, initrd_size); - fail: - grub_initrd_close (&initrd_ctx); -- if (is_bpi_boot == 0) { -- if (initrd_mem && !kernel_params.ramdisk_addr) -- grub_efi_free_pages ((grub_addr_t) initrd_mem, -- GRUB_EFI_BYTES_TO_PAGES (initrd_size)); -- } -+ - return grub_errno; - } - -diff --git a/include/grub/loongarch64/linux.h b/include/grub/loongarch64/linux.h -index c010982..f20a719 100644 ---- a/include/grub/loongarch64/linux.h -+++ b/include/grub/loongarch64/linux.h -@@ -59,6 +59,7 @@ struct linux_loongarch64_kernel_params - grub_size_t kernel_size; /* kernel size */ - grub_addr_t ramdisk_addr; /* initrd load address */ - grub_size_t ramdisk_size; /* initrd size */ -+ int ramdisk_args_len; /* position of initrd in linux_args */ - int linux_argc; /* cmdline parameters number*/ - grub_addr_t linux_argv; /* cmdline parameters address*/ - void* linux_args; -@@ -73,12 +74,31 @@ struct linux_loongarch64_kernel_params - #define ELF64_LOADMASK (0xf000000000000000ULL) - #define FLAGS_EFI_SUPPORT_BIT 0 - -+/*initrd info*/ -+#define GRUB_RD_START_STRING "rd_start=0xXXXXXXXXXXXXXXXX" -+#define GRUB_RD_SIZE_STRING "rd_size=0xXXXXXXXXXXXXXXXX" -+#define GRUB_INITRD_STRING "initrd=0xXXXXXXXXXXXXXXXX,0xXXXXXXXXXXXXXXXX" -+ - #define FDT_ADDR_CELLS_STRING "#address-cells" - #define FDT_SIZE_CELLS_STRING "#size-cells" - #define FDT_ADDR_SIZE_EXTRA ((2 * grub_fdt_prop_entry_size (sizeof(grub_uint32_t))) + \ - sizeof (FDT_ADDR_CELLS_STRING) + \ - sizeof (FDT_SIZE_CELLS_STRING)) - -+struct efi_boot_memmap { -+ grub_efi_uintn_t map_size; -+ grub_efi_uintn_t desc_size; -+ grub_efi_uint32_t desc_ver; -+ grub_efi_uintn_t map_key; -+ grub_efi_uintn_t buff_size; -+ grub_efi_memory_descriptor_t map[]; -+}; -+ -+struct efi_initrd { -+ grub_efi_uintn_t base; -+ grub_efi_uintn_t size; -+}; -+ - /* - * These are set up by the setup-routine at boot-time: - */ --- -2.33.0 - diff --git a/1004-loongarch-Add-support-for-new-EFI-screen-info-GUID.patch b/1004-loongarch-Add-support-for-new-EFI-screen-info-GUID.patch deleted file mode 100644 index de359aa90cc79a7a10f40bd7f56531c7db5d3b65..0000000000000000000000000000000000000000 --- a/1004-loongarch-Add-support-for-new-EFI-screen-info-GUID.patch +++ /dev/null @@ -1,62 +0,0 @@ -From dc3d6e1b080e61a02a8e02e090e3910ca168e616 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Fri, 10 Mar 2023 11:00:51 +0800 -Subject: [PATCH] loongarch: Add support for new EFI screen info GUID - -Support new screen info GUID defined by upstream kernel, and -keep compatible with old GUID defined by loongson. - -Signed-off-by: mengyingkun ---- - grub-core/loader/loongarch64/linux-elf.c | 16 +++++++++++++++- - 1 file changed, 15 insertions(+), 1 deletion(-) - -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -index 15f9984..86a90e7 100644 ---- a/grub-core/loader/loongarch64/linux-elf.c -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -58,8 +58,14 @@ - { 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68 } \ - } - -+#define GRUB_EFI_SCREEN_INFO_GUID \ -+ { 0xe03fc20a, 0x85dc, 0x406e, \ -+ { 0xb9, 0x0e, 0x4a, 0xb5, 0x02, 0x37, 0x1d, 0x95 } \ -+ } -+ - static struct grub_relocator *relocator; --static grub_efi_guid_t screen_info_guid = GRUB_EFI_LARCH_SCREEN_INFO_GUID; -+static grub_efi_guid_t compat_screen_info_guid = GRUB_EFI_LARCH_SCREEN_INFO_GUID; -+static grub_efi_guid_t screen_info_guid = GRUB_EFI_SCREEN_INFO_GUID; - - void grub_linux_loongarch_elf_relocator_unload (void) - { -@@ -161,10 +167,17 @@ alloc_screen_info (void) - if (status != GRUB_EFI_SUCCESS) - return NULL; - -+ status = b->install_configuration_table (&compat_screen_info_guid, si); -+ if (status != GRUB_EFI_SUCCESS) -+ goto free_mem; -+ - status = b->install_configuration_table (&screen_info_guid, si); - if (status == GRUB_EFI_SUCCESS) - return si; - -+free_table: -+ b->install_configuration_table (&compat_screen_info_guid, NULL); -+free_mem: - efi_call_1 (b->free_pool, si); - - return NULL; -@@ -276,6 +289,7 @@ setup_screen_info (void) - - free_screen_info: - b = grub_efi_system_table->boot_services; -+ b->install_configuration_table (&compat_screen_info_guid, NULL); - b->install_configuration_table (&screen_info_guid, NULL); - if (si) - efi_call_1 (b->free_pool, si); --- -2.33.0 - diff --git a/1005-loongarch-Force-initrd-load-address-64KiB-alignment.patch b/1005-loongarch-Force-initrd-load-address-64KiB-alignment.patch deleted file mode 100644 index 1d460b5566ff7038c6a9ad45b43353253936dced..0000000000000000000000000000000000000000 --- a/1005-loongarch-Force-initrd-load-address-64KiB-alignment.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 1107e231094bf2e6cde9daea3bb22b1fccb92bc5 Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Sat, 18 Mar 2023 09:33:41 +0800 -Subject: [PATCH] loongarch: Force initrd load address 64KiB alignment - -Signed-off-by: mengyingkun ---- - grub-core/loader/loongarch64/linux.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/loader/loongarch64/linux.c b/grub-core/loader/loongarch64/linux.c -index 03b7940..5f1d845 100644 ---- a/grub-core/loader/loongarch64/linux.c -+++ b/grub-core/loader/loongarch64/linux.c -@@ -329,7 +329,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - initrd_size = grub_get_initrd_size (&initrd_ctx); - grub_dprintf ("linux", "Loading initrd\n"); - -- initrd_mem = grub_linux_loongarch_alloc_initrd_mem_align (initrd_size, 0x1000, &err); -+ initrd_mem = grub_linux_loongarch_alloc_initrd_mem_align (initrd_size, 0x10000, &err); - if (err) - goto fail; - --- -2.33.0 - diff --git a/1006-loongarch-Implement-cache-synchronization-operation.patch b/1006-loongarch-Implement-cache-synchronization-operation.patch deleted file mode 100644 index bbe927bb9bdef17c944e786d10c240abb6072a3c..0000000000000000000000000000000000000000 --- a/1006-loongarch-Implement-cache-synchronization-operation.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 7dccf456ce7fe693c6e488a812dc8f14ea592eeb Mon Sep 17 00:00:00 2001 -From: mengyingkun -Date: Wed, 22 Mar 2023 09:29:42 +0800 -Subject: [PATCH] loongarch: Implement cache synchronization operation - -When the module is loaded, ICACHE and DCACHE need to flush -before calling init function. If the caches are not flushed, -loader will crash unexpectedly. - -Signed-off-by: mengyingkun ---- - grub-core/kern/loongarch64/cache.S | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/kern/loongarch64/cache.S b/grub-core/kern/loongarch64/cache.S -index d291c67..6e32d37 100644 ---- a/grub-core/kern/loongarch64/cache.S -+++ b/grub-core/kern/loongarch64/cache.S -@@ -19,6 +19,8 @@ - #include - - FUNCTION (grub_arch_sync_caches) -+ ibar 0 -+ dbar 0 - jr $ra - - FUNCTION (grub_arch_sync_dma_caches) --- -2.33.0 - diff --git a/1007-loongarch-Fix-the-initrd-parameter-passing.patch b/1007-loongarch-Fix-the-initrd-parameter-passing.patch deleted file mode 100644 index 93a07475885ea7369d687183546275eff0657c3c..0000000000000000000000000000000000000000 --- a/1007-loongarch-Fix-the-initrd-parameter-passing.patch +++ /dev/null @@ -1,276 +0,0 @@ -From 3881d41c2fcd1eece2faca8b08577e8e8b30257c Mon Sep 17 00:00:00 2001 -From: Yingkun Meng -Date: Mon, 7 Aug 2023 11:47:54 +0800 -Subject: [PATCH] loongarch: Fix the initrd parameter passing - -When booting with EFI kernel, the kernel can't get -initrd parameter, resulting in the inability to -find the initrd. - -Change-Id: I61c6cee35853cd3ee5ce98a0bce949f6833d85b1 -Signed-off-by: Yingkun Meng ---- - grub-core/loader/loongarch64/linux-efi.c | 44 +--------------- - grub-core/loader/loongarch64/linux-elf.c | 53 +++---------------- - grub-core/loader/loongarch64/linux.c | 66 ++++++++++++++++++++++++ - include/grub/loongarch64/linux.h | 6 +++ - 4 files changed, 80 insertions(+), 89 deletions(-) - -diff --git a/grub-core/loader/loongarch64/linux-efi.c b/grub-core/loader/loongarch64/linux-efi.c -index 4dcefd9d9e27..8e2726163725 100644 ---- a/grub-core/loader/loongarch64/linux-efi.c -+++ b/grub-core/loader/loongarch64/linux-efi.c -@@ -16,11 +16,9 @@ - * along with GRUB. If not, see . - */ - #include --#include - #include - #include - #include --#include - #include - - #define GRUB_EFI_PE_MAGIC 0x5A4D -@@ -28,47 +26,7 @@ - grub_err_t - finalize_efi_params_linux (struct linux_loongarch64_kernel_params *kernel_params) - { -- int node, retval; -- -- void *fdt; -- -- fdt = grub_fdt_load (GRUB_EFI_LINUX_FDT_EXTRA_SPACE); -- -- if (!fdt) -- goto failure; -- -- node = grub_fdt_find_subnode (fdt, 0, "chosen"); -- if (node < 0) -- node = grub_fdt_add_subnode (fdt, 0, "chosen"); -- -- if (node < 1) -- goto failure; -- -- /* Set initrd info */ -- if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -- { -- grub_dprintf ("linux", "Initrd @ %p-%p\n", -- (void *) kernel_params->ramdisk_addr, -- (void *) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -- -- retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-start", -- kernel_params->ramdisk_addr); -- if (retval) -- goto failure; -- retval = grub_fdt_set_prop64 (fdt, node, "linux,initrd-end", -- kernel_params->ramdisk_addr + kernel_params->ramdisk_size); -- if (retval) -- goto failure; -- } -- -- if (grub_fdt_install() != GRUB_ERR_NONE) -- goto failure; -- -- return GRUB_ERR_NONE; -- --failure: -- grub_fdt_unload(); -- return grub_error(GRUB_ERR_BAD_OS, "failed to install/update FDT"); -+ return grub_loongarch_setup_initrd_params(); - } - - grub_err_t -diff --git a/grub-core/loader/loongarch64/linux-elf.c b/grub-core/loader/loongarch64/linux-elf.c -index 86a90e76b4c3..28d3c90ad6e6 100644 ---- a/grub-core/loader/loongarch64/linux-elf.c -+++ b/grub-core/loader/loongarch64/linux-elf.c -@@ -308,54 +308,22 @@ allocate_memmap_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_pa - grub_efi_memory_descriptor_t *mmap_buf; - grub_efi_boot_services_t *b; - struct efi_boot_memmap *m, tmp; -- struct efi_initrd *tbl = NULL; - grub_efi_guid_t boot_memmap_guid = GRUB_EFI_LARCH_BOOT_MEMMAP_GUID; -- grub_efi_guid_t initrd_media_guid = GRUB_EFI_LARCH_INITRD_MEDIA_GUID; - - setup_screen_info(); - -- b = grub_efi_system_table->boot_services; -- - grub_dprintf ("loongson", "ramdisk_addr:0x%"PRIxGRUB_UINT64_T", \ - size:0x%"PRIxGRUB_UINT64_T"\n", - kernel_params->ramdisk_addr, - kernel_params->ramdisk_size); --#if 0 -- char string[64]; - -- /* Set initrd info to cmdline*/ -- if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -- { -- grub_printf ( "Initrd @ %p-%p\n", -- (void *) kernel_params->ramdisk_addr, -- (void *) (kernel_params->ramdisk_addr + kernel_params->ramdisk_size)); -- /* initrd */ -- grub_snprintf (string, -- sizeof (GRUB_INITRD_STRING), -- "initrd=0x%lx,0x%lx", -- ((grub_uint64_t) kernel_params->ramdisk_addr & 0xffffffff), -- (grub_uint64_t) kernel_params->ramdisk_size); -- *(char*) ((grub_addr_t) kernel_params->linux_args + kernel_params->ramdisk_args_len - 2) = ' '; -- grub_memcpy ((char*) ((grub_addr_t) kernel_params->linux_args + kernel_params->ramdisk_args_len - 1), -- string, sizeof (GRUB_INITRD_STRING)); -- } --#else - /* Set initrd info to system table*/ -- if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -- { -- tbl = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -- if (!tbl) -- return grub_error (GRUB_ERR_IO, "cannot allocate tbl memory"); -- tbl->base = kernel_params->ramdisk_addr; -- tbl->size = kernel_params->ramdisk_size; -- -- status = b->install_configuration_table (&initrd_media_guid, tbl); -- if (status != GRUB_EFI_SUCCESS) { -- grub_error (GRUB_ERR_IO, "failed to install initrd media"); -- goto free_tbl; -+ err = grub_loongarch_setup_initrd_params(); -+ if (err != GRUB_ERR_NONE) -+ { -+ grub_error(GRUB_ERR_IO, "failed to install initrd media"); -+ return err; - } -- } --#endif - - tmp.map_size = 0; - status = grub_efi_get_memory_map (&tmp.map_size, NULL, &tmp.map_key, -@@ -371,6 +339,7 @@ allocate_memmap_and_exit_boot (struct linux_loongarch64_kernel_params *kernel_pa - goto uninstall_initrd_table; - } - -+ b = grub_efi_system_table->boot_services; - status = b->install_configuration_table (&boot_memmap_guid, m); - if (status != GRUB_EFI_SUCCESS) { - grub_error (GRUB_ERR_IO, "failed to install boot memmap"); -@@ -414,15 +383,7 @@ free_m: - GRUB_EFI_BYTES_TO_PAGES (sizeof(*m) + size)); - - uninstall_initrd_table: -- if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) -- b->install_configuration_table (&initrd_media_guid, NULL); -- --free_tbl: -- if (kernel_params->ramdisk_addr && kernel_params->ramdisk_size) { -- if (tbl) -- grub_efi_free_pages ((grub_addr_t) tbl, -- GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -- } -+ grub_loongarch_remove_initrd_params(); - - return grub_error(GRUB_ERR_BAD_OS, "failed to V40 boot"); - } -diff --git a/grub-core/loader/loongarch64/linux.c b/grub-core/loader/loongarch64/linux.c -index 5f1d8453b090..0b65249e64d9 100644 ---- a/grub-core/loader/loongarch64/linux.c -+++ b/grub-core/loader/loongarch64/linux.c -@@ -29,6 +29,11 @@ GRUB_MOD_LICENSE ("GPLv3+"); - - #define INITRD_MAX_ADDRESS_OFFSET (32ULL * 1024 * 1024 * 1024) - -+#define GRUB_EFI_LARCH_INITRD_MEDIA_GUID \ -+ { 0x5568e427, 0x68fc, 0x4f3d, \ -+ { 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68 } \ -+ } -+ - static struct linux_loongarch64_kernel_params kernel_params; - - static grub_addr_t phys_addr; -@@ -36,6 +41,67 @@ static grub_dl_t my_mod; - static int loaded; - static int is_bpi_boot; - static int grub_loongarch_linux_type = GRUB_LOONGARCH_LINUX_BAD; -+struct efi_initrd *initrd_tbl; -+ -+grub_err_t -+grub_loongarch_setup_initrd_params (void) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_guid_t initrd_media_guid = GRUB_EFI_LARCH_INITRD_MEDIA_GUID; -+ grub_efi_status_t status; -+ -+ if (!kernel_params.ramdisk_addr || !kernel_params.ramdisk_size) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, -+ N_("you need to load the initrd first")); -+ return GRUB_ERR_BAD_ARGUMENT; -+ } -+ -+ /* Set initrd info to system table*/ -+ b = grub_efi_system_table->boot_services; -+ initrd_tbl = grub_efi_allocate_any_pages (GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -+ if (!initrd_tbl) -+ return grub_error (GRUB_ERR_IO, "cannot allocate tbl memory"); -+ -+ initrd_tbl->base = kernel_params.ramdisk_addr; -+ initrd_tbl->size = kernel_params.ramdisk_size; -+ status = b->install_configuration_table (&initrd_media_guid, initrd_tbl); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_error (GRUB_ERR_IO, "failed to install initrd media"); -+ goto free_tbl; -+ } -+ -+ return GRUB_ERR_NONE; -+ -+free_tbl: -+ if (initrd_tbl) -+ { -+ grub_efi_free_pages ((grub_addr_t) initrd_tbl, -+ GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -+ } -+ -+ return GRUB_ERR_IO; -+} -+ -+void -+grub_loongarch_remove_initrd_params (void) -+{ -+ grub_efi_boot_services_t *b; -+ grub_efi_guid_t initrd_media_guid = GRUB_EFI_LARCH_INITRD_MEDIA_GUID; -+ -+ if (!initrd_tbl) -+ return; -+ -+ b = grub_efi_system_table->boot_services; -+ b->install_configuration_table (&initrd_media_guid, NULL); -+ -+ grub_efi_free_pages ((grub_addr_t) initrd_tbl, -+ GRUB_EFI_BYTES_TO_PAGES (sizeof(struct efi_initrd))); -+ -+ initrd_tbl = NULL; -+} -+ - - static grub_err_t - grub_linux_boot (void) -diff --git a/include/grub/loongarch64/linux.h b/include/grub/loongarch64/linux.h -index f20a719b1386..462ce69cabd4 100644 ---- a/include/grub/loongarch64/linux.h -+++ b/include/grub/loongarch64/linux.h -@@ -179,6 +179,12 @@ struct loongsonlist_mem_map { - } GRUB_PACKED map[GRUB_LOONGSON3_BOOT_MEM_MAP_MAX]; - }GRUB_PACKED; - -+grub_err_t -+grub_loongarch_setup_initrd_params (void); -+ -+void -+grub_loongarch_remove_initrd_params (void); -+ - grub_err_t - finalize_efi_params_linux (struct linux_loongarch64_kernel_params *kernel_params); - --- -2.33.0 - diff --git a/1008-loongarch-Disable-relaxation-relocations.patch b/1008-loongarch-Disable-relaxation-relocations.patch deleted file mode 100644 index 0ee70f9b7f310c4d7022ef915282c6f7e40d9e3c..0000000000000000000000000000000000000000 --- a/1008-loongarch-Disable-relaxation-relocations.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 115c628cc44f89207858d0c79e970e43da75c772 Mon Sep 17 00:00:00 2001 -From: Yingkun Meng -Date: Tue, 5 Dec 2023 19:22:14 +0800 -Subject: [PATCH] loongarch: Disable relaxation relocations - -commit 87247635c0d583cfbc1947107d23b40877d107b8 upstream. - -A working GRUB cannot be built with upcoming binutils and GCC, because linker -relaxation was added [1] causing new unsupported relocations to appear in modules. - -So we pass -mno-relax to GCC if it is supported, to disable relaxation and make -GRUB forward-compatible with new toolchains. - -While similar code already exists for sparc64 in configure.ac, sparc64 sets -LDFLAGS while LoongArch requires CFLAGS to be set. If we only set LDFLAGS on -LoongArch, GCC will still generate relaxation relocations in the .o files, so -the sparc64 code cannot be reused. - -[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=56576f4a722b7398d35802ecf7d4185c27d6d69b - -Signed-off-by: Xiaotian Wu -Signed-off-by: Yingkun Meng -Change-Id: I09ef306dc8a0f8a59e9b7dbc53ae3fd3cc09ec55 ---- - configure.ac | 23 +++++++++++++++++++++++ - 1 file changed, 23 insertions(+) - -diff --git a/configure.ac b/configure.ac -index 0db9d7d111b8..e010bc0db465 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -908,6 +908,29 @@ if test "x$target_cpu" = xloongarch64; then - TARGET_CFLAGS="$TARGET_CFLAGS -mno-explicit-relocs -fno-plt" - TARGET_CCASFLAGS="$TARGET_CCASFLAGS -mno-explicit-relocs -fno-plt" - fi -+ -+ AC_CACHE_CHECK([for no-relax options], grub_cv_target_cc_mno_relax, [ -+ grub_cv_target_cc_mno_relax=no -+ for cand in "-mno-relax" "-Wa,-mno-relax"; do -+ if test x"$grub_cv_target_cc_mno_relax" != xno ; then -+ break -+ fi -+ CFLAGS="$TARGET_CFLAGS $cand -Werror" -+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ -+ asm (".globl start; start:"); -+ void __main (void); -+ void __main (void) {} -+ int main (void); -+ ]], [[]])], [grub_cv_target_cc_mno_relax="$cand"], []) -+ done -+ ]) -+ CFLAGS="$TARGET_CFLAGS" -+ -+ if test x"$grub_cv_target_cc_mno_relax" != xno ; then -+ TARGET_CFLAGS="$TARGET_CFLAGS $grub_cv_target_cc_mno_relax" -+ TARGET_CCASFLAGS="$TARGET_CCASFLAGS $grub_cv_target_cc_mno_relax" -+ fi -+ - TARGET_CFLAGS="$TARGET_CFLAGS -Wa,-mla-global-with-abs" - TARGET_CCASFLAGS="$TARGET_CCASFLAGS -Wa,-mla-global-with-abs" - fi --- -2.33.0 - diff --git a/Revert-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_C.patch b/Revert-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_C.patch deleted file mode 100644 index 6bc2c97853d2e123cc251d2c5c67b3a4b5f36438..0000000000000000000000000000000000000000 --- a/Revert-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_C.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 53b5629c9402e2d504866b6934303a8f8c2a5641 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Wed, 10 May 2023 19:11:17 +0800 -Subject: [PATCH] Revert "EFI: allocate kernel in EFI_RUNTIME_SERVICES_CODE - instead of EFI_LOADER_DATA." - -Allocates the kernel code as EFI_RUNTIME_SERVICES_CODE will cause the allocated -memory to be marked as "reserved" by BIOS, which will result in this memory being -always unavailable to the kernel. - -Let's fix it by reverting backport-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch. - -Signed-off-by: Qiumiao Zhang ---- - grub-core/loader/i386/efi/linux.c | 19 ++++++------------- - 1 file changed, 6 insertions(+), 13 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 92b2fb5..9e5c11a 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -86,9 +86,7 @@ kernel_free(void *addr, grub_efi_uintn_t size) - } - - static void * --kernel_alloc(grub_efi_uintn_t size, -- grub_efi_memory_type_t memtype, -- const char * const errmsg) -+kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) - { - void *addr = 0; - unsigned int i; -@@ -114,7 +112,7 @@ kernel_alloc(grub_efi_uintn_t size, - prev_max = max; - addr = grub_efi_allocate_pages_real (max, pages, - max_addresses[i].alloc_type, -- memtype); -+ GRUB_EFI_LOADER_DATA); - if (addr) - grub_dprintf ("linux", "Allocated at %p\n", addr); - } -@@ -244,8 +242,7 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - } - } - -- initrd_mem = kernel_alloc(size, GRUB_EFI_RUNTIME_SERVICES_DATA, -- N_("can't allocate initrd")); -+ initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); - if (initrd_mem == NULL) - goto fail; - grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); -@@ -396,8 +393,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -- params = kernel_alloc (sizeof(*params), GRUB_EFI_RUNTIME_SERVICES_DATA, -- "cannot allocate kernel parameters"); -+ params = kernel_alloc (sizeof(*params), "cannot allocate kernel parameters"); - if (!params) - goto fail; - grub_dprintf ("linux", "params = %p\n", params); -@@ -419,9 +415,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "new lh is at %p\n", lh); - - grub_dprintf ("linux", "setting up cmdline\n"); -- cmdline = kernel_alloc (lh->cmdline_size + 1, -- GRUB_EFI_RUNTIME_SERVICES_DATA, -- N_("can't allocate cmdline")); -+ cmdline = kernel_alloc (lh->cmdline_size + 1, N_("can't allocate cmdline")); - if (!cmdline) - goto fail; - grub_dprintf ("linux", "cmdline = %p\n", cmdline); -@@ -467,8 +461,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - kernel_size = lh->init_size; -- kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE, -- N_("can't allocate kernel")); -+ kernel_mem = kernel_alloc (kernel_size, N_("can't allocate kernel")); - restore_addresses(); - if (!kernel_mem) - goto fail; --- -2.19.1 - diff --git a/add-TPCM-support-with-ipmi-channel.patch b/add-TPCM-support-with-ipmi-channel.patch deleted file mode 100644 index d1511d9a3aee9598b1adc9e855bfe03c3e89f9c9..0000000000000000000000000000000000000000 --- a/add-TPCM-support-with-ipmi-channel.patch +++ /dev/null @@ -1,773 +0,0 @@ -From 2d7ef4b34427e1e1b2f55fdcc7868e7ce001a194 Mon Sep 17 00:00:00 2001 -From: "t.feng" -Date: Tue, 28 Feb 2023 16:25:30 +0800 -Subject: [PATCH] add tpcm support with ipmi channel - -t.feng(2): -add tpcm support with ipmi channel -use uefi hash interface - -zhangqiumiao(3): -reset response length when getting results failed -fix firmwarehash length and uiCmdLength error -clean code - -zhangqiumiao(4): -skip verification when just opening the grub.cfg without loading it -support control switch -modify GRUB_IPMI_TIMEOUT_MS from 7000 to 2000 - -Signed-off-by: "t.feng" -Signed-off-by: zhangqiumiao ---- - grub-core/Makefile.core.def | 6 + - grub-core/commands/efi/tpcm.c | 476 ++++++++++++++++++++++++++++++++++ - include/grub/efi/tpcm.h | 236 +++++++++++++++++ - 3 files changed, 718 insertions(+) - create mode 100644 grub-core/commands/efi/tpcm.c - create mode 100644 include/grub/efi/tpcm.h - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 6b00eb5..ee6ff17 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -2564,6 +2564,12 @@ module = { - enable = efi; - }; - -+module = { -+ name = tpcm_kunpeng; -+ common = commands/efi/tpcm.c; -+ enable = efi; -+}; -+ - module = { - name = tr; - common = commands/tr.c; -diff --git a/grub-core/commands/efi/tpcm.c b/grub-core/commands/efi/tpcm.c -new file mode 100644 -index 0000000..57a4cea ---- /dev/null -+++ b/grub-core/commands/efi/tpcm.c -@@ -0,0 +1,476 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+#define TRANS(value) (((value << 24 ) & 0xFF000000) | \ -+ ((value << 8 ) & 0x00FF0000) | \ -+ ((value >> 8 ) & 0x0000FF00) | \ -+ ((value >> 24 ) & 0x000000FF)) -+ -+static grub_efi_guid_t gIpmiInterfaceProtocolGuid = EFI_TPCM_GUID; -+static grub_efi_guid_t hash2_service_binding_guid = GRUB_EFI_HASH2_SERVICE_BINDING_PROTOCOL_GUID; -+static grub_efi_guid_t hash2_guid = GRUB_EFI_HASH2_PROTOCOL_GUID; -+static grub_efi_guid_t sm3_guid = GRUB_HASH_ALGORITHM_SM3_GUID; -+ -+static grub_efi_ipmi_interface_protocol_t *tpcm_ipmi; -+static grub_efi_uint16_t grub_tcpm_file_type = GRUB_FILE_TYPE_NONE; -+ -+static grub_uint32_t bm_stage_base = 2000; -+static grub_efi_uint8_t permissive = 0; -+ -+static grub_efi_handle_t -+grub_efi_service_binding (grub_efi_guid_t *service_binding_guid) -+{ -+ grub_efi_service_binding_t *service; -+ grub_efi_status_t status; -+ grub_efi_handle_t child_dev = NULL; -+ grub_efi_handle_t *handles; -+ grub_efi_uintn_t num_handles; -+ -+ handles = grub_efi_locate_handle (GRUB_EFI_BY_PROTOCOL, service_binding_guid, 0, &num_handles); -+ if (!handles) -+ { -+ grub_printf ("couldn't locate service binding protocol handles\n"); -+ return NULL; -+ } -+ -+ service = grub_efi_open_protocol (handles[0], service_binding_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ if (!service) -+ { -+ grub_printf ("couldn't open efi service binding protocol\n"); -+ return NULL; -+ } -+ -+ status = efi_call_2 (service->create_child, service, &child_dev); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("Failed to create child device of efi service %x\n", status); -+ return NULL; -+ } -+ -+ return child_dev; -+} -+ -+static inline void -+util_dump_hex (const char *name, void *p, int bytes) -+{ -+ -+ int i = 0; -+ char *data = p; -+ int add_newline = 1; -+ grub_dprintf ("tpcm", "%s length=%d:\n", name, bytes); -+ if (bytes != 0) -+ { -+ grub_dprintf ("tpcm", "%02x ", (unsigned char)data[i]); -+ i++; -+ } -+ while (i < bytes) -+ { -+ grub_dprintf ("tpcm", "%02x ", (unsigned char)data[i]); -+ i++; -+ if (i % 16 == 0) -+ { -+ grub_dprintf("tpcm", "\n"); -+ add_newline = 0; -+ } -+ else -+ add_newline = 1; -+ } -+ if (add_newline) -+ grub_dprintf("tpcm", "\n"); -+} -+ -+static grub_efi_status_t -+grub_efi_hash (unsigned char *buf, grub_size_t size, unsigned char *content) -+{ -+ grub_efi_status_t status = GRUB_EFI_SUCCESS; -+ grub_efi_hash2_protocol_t *hash2; -+ grub_efi_handle_t hash_handle; -+ unsigned char output[DEFAULT_HASH_SIZE] = {0}; -+ grub_dprintf("tpcm", "grub_efi_hash binding service.\n"); -+ hash_handle = grub_efi_service_binding (&hash2_service_binding_guid); -+ if (!hash_handle) -+ { -+ grub_dprintf ("tpcm", "hash2 service binding failed.\n"); -+ status = GRUB_EFI_NOT_FOUND; -+ goto fail; -+ } -+ grub_dprintf("tpcm", "grub_efi_hash binding service success.\n"); -+ hash2 = grub_efi_open_protocol (hash_handle, &hash2_guid, GRUB_EFI_OPEN_PROTOCOL_GET_PROTOCOL); -+ if (!hash2) -+ { -+ grub_dprintf ("tpcm", "hash2 protocol open failed.\n"); -+ status = GRUB_EFI_PROTOCOL_ERROR; -+ goto fail; -+ } -+ grub_dprintf("tpcm", "grub_efi_hash get protocol success.\n"); -+ status = hash2->hash_init(hash2, &sm3_guid); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf("tpcm", "hash_init failed.\n"); -+ goto fail; -+ } -+ status = hash2->hash_update(hash2, buf, size); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf("tpcm", "hash_update failed.\n"); -+ goto fail; -+ } -+ status = hash2->hash_final(hash2, output); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf("tpcm", "hash_final failed.\n"); -+ goto fail; -+ } -+ util_dump_hex ("tpcm BIOS hash output: ", output, DEFAULT_HASH_SIZE); -+ grub_memcpy(content, output, DEFAULT_HASH_SIZE); -+ -+fail: -+ return status; -+} -+ -+static grub_err_t -+tpcm_ipmi_init (grub_file_t io, -+ enum grub_file_type type __attribute__ ((unused)), -+ void **context, enum grub_verify_flags *flags) -+{ -+ *context = io->name; -+ grub_tcpm_file_type = type & GRUB_FILE_TYPE_MASK; -+ *flags |= GRUB_VERIFY_FLAGS_SINGLE_CHUNK; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_efi_uint8_t -+get_firmware_hash_content(unsigned char *buf, grub_size_t size, unsigned char *content) -+{ -+ grub_efi_status_t status; -+ -+ grub_dprintf ("tpcm", "grub_efi_hash:\n"); -+ status = grub_efi_hash (buf, size, content); -+ -+ return status; -+} -+ -+static grub_err_t -+grub_tpcm_set_firmware_detailtype (grub_efi_uint8_t *type) -+{ -+ switch (grub_tcpm_file_type) -+ { -+ case GRUB_FILE_TYPE_LINUX_KERNEL: -+ *type = IPMI_FW_DETAIL_KERNEL; -+ break; -+ case GRUB_FILE_TYPE_LINUX_INITRD: -+ *type = IPMI_FW_DETAIL_INITRD; -+ break; -+ case GRUB_FILE_TYPE_CONFIG: -+ *type = IPMI_FW_DETAIL_GRUB_CFG; -+ break; -+ default: -+ grub_dprintf ("tpcm", "%d is not a file type that TPCM cares about.\n", grub_tcpm_file_type); -+ grub_tcpm_file_type = GRUB_FILE_TYPE_NONE; -+ break; -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static void -+grub_tpcm_fillup_content (OEM_BMC_MEASURE_REQUSET *request_data, unsigned char *output) -+{ -+ grub_efi_uint32_t filename_len = 0; -+ switch (grub_tcpm_file_type) -+ { -+ case GRUB_FILE_TYPE_LINUX_KERNEL: -+ filename_len = grub_strlen("kernel"); -+ grub_memcpy ((grub_efi_uint8_t *)(request_data->FirmwareHashContent.uaObj), -+ "kernel", filename_len); -+ break; -+ case GRUB_FILE_TYPE_LINUX_INITRD: -+ filename_len = grub_strlen("initrd"); -+ grub_memcpy ((grub_efi_uint8_t *)(request_data->FirmwareHashContent.uaObj), -+ "initrd", filename_len); -+ break; -+ case GRUB_FILE_TYPE_CONFIG: -+ filename_len = grub_strlen("grub.cfg"); -+ grub_memcpy ((grub_efi_uint8_t *)(request_data->FirmwareHashContent.uaObj), -+ "grub.cfg", filename_len); -+ break; -+ default: -+ grub_dprintf ("tpcm", "%d is not a file type that TPCM cares about.\n", grub_tcpm_file_type); -+ break; -+ } -+ -+ request_data->FirmwareHashContent.uiCmdTag = TRANS (TPCM_TAG_REQ_COMMAND); -+ request_data->FirmwareHashContent.uiCmdLength = TRANS (sizeof (extern_simple_bmeasure_req_st)); -+ request_data->FirmwareHashContent.uiCmdCode = TRANS (TPCM_ORD_ExternSimpleBootMeasure); -+ request_data->FirmwareHashContent.uiPcr = TRANS (0); -+ -+ grub_uint32_t stage_base = bm_stage_base++; -+ request_data->FirmwareHashContent.uiStage = TRANS (stage_base); -+ -+ grub_memcpy ((grub_efi_uint8_t *)(request_data->FirmwareHashContent.uaDigest), -+ output, DEFAULT_HASH_SIZE); -+ request_data->FirmwareHashContent.uiObjLen = TRANS (filename_len); -+ -+ return; -+} -+ -+static grub_efi_status_t -+grub_tpcm_request_result (void) -+{ -+ grub_efi_status_t status = GRUB_EFI_SUCCESS; -+ grub_ipmi_cmd_header request = {IPMI_BMC_LUN, -+ IPMI_NETFN_OEM, -+ IPMI_CMD_GET_MEASURE_PARM}; -+ grub_efi_uint8_t response_length; -+ OEM_BMC_GET_RESULT_REQUSET get_result_request_data; -+ OEM_BMC_GET_RESULT_RESPONSE get_result_response_data; -+ -+ grub_efi_int16_t timeout_ms = GRUB_IPMI_TIMEOUT_MS; -+ -+ grub_memset (&get_result_request_data, 0, sizeof(get_result_request_data)); -+ grub_memset (&get_result_response_data, 0, sizeof(get_result_response_data)); -+ -+ get_result_request_data.OemSignature[0] = 0xDB; -+ get_result_request_data.OemSignature[1] = 0x07; -+ get_result_request_data.OemSignature[2] = 0x00; -+ get_result_request_data.SubCmd = IPMI_SUB_CMD_CONTROL_REQ; -+ get_result_request_data.FirmwareType = IPMI_FW_OS; -+ -+ // TODO: we should not load files expect: grub.cfg vmlinuz and initrd -+ grub_tpcm_set_firmware_detailtype (&(get_result_request_data.FirmwareDetailType)); -+ -+ while (timeout_ms > 0) -+ { -+ response_length = sizeof (OEM_BMC_GET_RESULT_RESPONSE); -+ grub_millisleep (200); -+ timeout_ms -= 200; -+ -+ grub_dprintf ("tpcm", "get result request: request_size[%lu], response_length[%d]\n", -+ sizeof(get_result_request_data), response_length); -+ -+ status = tpcm_ipmi->excute_ipmi_cmd (tpcm_ipmi, request, &get_result_request_data, -+ sizeof(get_result_request_data), &get_result_response_data, -+ &response_length, NULL); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_dprintf ("tpcm", "excute_ipmi_cmd failed, request sub_cmd:%d, ret:%lu\n", -+ get_result_request_data.SubCmd, status); -+ continue; -+ } -+ -+ if (response_length == sizeof (OEM_BMC_GET_RESULT_RESPONSE) && \ -+ get_result_response_data.ControlResult != IPMI_MEASURE_UNKNOW) -+ { -+ grub_dprintf ("tpcm", "request ControlResult success, ControlResult:%d\n", -+ get_result_response_data.ControlResult); -+ break; -+ } -+ } -+ -+ if (get_result_response_data.ControlResult == IPMI_MEASURE_SUCCESS) -+ { -+ return GRUB_EFI_SUCCESS; -+ } -+ else if (timeout_ms <= 0) -+ { -+ grub_dprintf ("tpcm", "request TPCM constrol result timout"); -+ return GRUB_EFI_TIMEOUT; -+ } -+ -+ return GRUB_EFI_UNSUPPORTED; -+} -+ -+static grub_err_t -+grub_tpcm_log_event (unsigned char *buf, grub_size_t size, const char *description) -+{ -+ grub_err_t err = GRUB_ERR_NONE; -+ grub_efi_status_t status = GRUB_EFI_SUCCESS; -+ grub_ipmi_cmd_header request = {IPMI_BMC_LUN, -+ IPMI_NETFN_OEM, -+ IPMI_CMD_GET_MEASURE_PARM}; -+ OEM_BMC_MEASURE_REQUSET *request_data = NULL; -+ OEM_BMC_MEASURE_RESPONSE response_data; -+ -+ unsigned char output[DEFAULT_HASH_SIZE] = {0}; -+ grub_efi_uint8_t response_length = sizeof (OEM_BMC_MEASURE_RESPONSE); -+ -+ grub_memset (&response_data, 0, sizeof (response_data)); -+ -+ request_data = grub_calloc (1, sizeof (OEM_BMC_MEASURE_REQUSET)); -+ if (!request_data) -+ { -+ grub_dprintf ("tpcm", "malloc request_data failed.\n"); -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of memory"); -+ return grub_errno; -+ } -+ -+ request_data->OemSignature[0] = 0xDB; -+ request_data->OemSignature[1] = 0x07; -+ request_data->OemSignature[2] = 0x00; -+ request_data->SubCmd = IPMI_SUB_CMD_MEASURE_REQ; -+ request_data->FirmwareType = IPMI_FW_OS; -+ request_data->FirmwareHashAlgoType = IPMI_FW_HASH_SM3; -+ -+ grub_tpcm_set_firmware_detailtype (&(request_data->FirmwareDetailType)); -+ -+ status = get_firmware_hash_content (buf, size, output); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (permissive) -+ grub_dprintf ("tpcm", "tpcm control switch turned off, ignore get firmware hash content failure.\n"); -+ else -+ { -+ grub_printf ("get firmware hash content failed\n"); -+ err = GRUB_ERR_BUG; -+ } -+ goto fail; -+ } -+ -+ request_data->FirmwareHashLen = sizeof(extern_simple_bmeasure_req_st); -+ grub_tpcm_fillup_content (request_data, output); -+ -+ status = tpcm_ipmi->excute_ipmi_cmd (tpcm_ipmi, request, request_data, -+ sizeof (OEM_BMC_MEASURE_REQUSET), &response_data, -+ &response_length, NULL); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (permissive) -+ grub_dprintf ("tpcm", "tpcm control switch turned off, ignore excute_ipmi_cmd failure.\n"); -+ else -+ { -+ err = grub_error (GRUB_ERR_BUG, -+ "excute_ipmi_cmd failed, request sub_cmd:0x%x, ret:%lu\n", -+ request_data->SubCmd, status); -+ } -+ goto fail; -+ } -+ grub_dprintf ("tpcm", "send tpcm measure request success\n"); -+ -+ status = grub_tpcm_request_result (); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ if (permissive) -+ grub_dprintf ("tpcm", "tpcm control switch turned off, ignore measurement failure.\n"); -+ else -+ { -+ err = grub_error (GRUB_ERR_BAD_SIGNATURE, "bad tpcm signature"); -+ goto fail; -+ } -+ } -+ else -+ grub_dprintf ("tpcm", "tpcm hash verify success, file:%s\n", description); -+ -+ fail: -+ if (request_data) -+ { -+ grub_free (request_data); -+ } -+ return err; -+} -+ -+static grub_efi_uint8_t -+tpcm_ipmi_get_switch (void) -+{ -+ grub_efi_status_t status = GRUB_EFI_SUCCESS; -+ grub_ipmi_cmd_header request = {IPMI_BMC_LUN, -+ IPMI_NETFN_OEM, -+ IPMI_CMD_GET_MEASURE_PARM}; -+ OEM_BMC_GET_SWITCH_REQUSET request_data; -+ OEM_BMC_GET_SWITCH_RESPONSE response_data; -+ grub_efi_uint8_t response_length; -+ -+ grub_memset (&request_data, 0, sizeof (request_data)); -+ grub_memset (&response_data, 0, sizeof (response_data)); -+ -+ request_data.OemSignature[0] = 0xDB; -+ request_data.OemSignature[1] = 0x07; -+ request_data.OemSignature[2] = 0x00; -+ request_data.SubCmd = IPMI_SUB_CMD_SWITCH_REQ; -+ request_data.FirmwareType = IPMI_FW_OS; -+ request_data.FirmwareDetailType = IPMI_FW_DETAIL_GRUB_CFG; -+ -+ response_length = sizeof (OEM_BMC_GET_SWITCH_RESPONSE); -+ -+ // TODO: 确认bios接口excute_ipmi_cmd, 请求开关控制结果这块代码是否需要轮询 -+ status = tpcm_ipmi->excute_ipmi_cmd (tpcm_ipmi, request, &request_data, -+ sizeof(request_data), &response_data, -+ &response_length, NULL); -+ if (status != GRUB_EFI_SUCCESS) -+ { -+ grub_printf ("excute_ipmi_cmd failed, request sub_cmd:%d, ret:%lu\n", -+ request_data.SubCmd, status); -+ /* if we excute_ipmi_cmd, it could be the fllowing results: -+ * 1. uefi have this interface, but did not implement it. -+ * 2. uefi have implemented, but bmc did not support TPCM -+ * All of these situation should booting normally. -+ */ -+ goto out; -+ } -+ -+ if (response_data.ControlResult == IPMI_TPCM_OPEN || response_data.ControlResult == IPMI_TPCM_PERMISSIVE) -+ { -+ permissive = (response_data.ControlResult == IPMI_TPCM_PERMISSIVE) ? 1 : 0; -+ grub_dprintf ("tpcm", "tpcm: Enabled, ControlResult: %d\n", response_data.ControlResult); -+ return 1; -+ } -+ -+ out: -+ grub_dprintf ("tpcm", "tpcm: Disabled or Unknown, ControlResult: %d\n", response_data.ControlResult); -+ return 0; -+} -+ -+static grub_err_t -+tpcm_ipmi_measure (unsigned char *buf, grub_size_t size, const char *description) -+{ -+ if (tpcm_ipmi_get_switch()) -+ { -+ grub_dprintf("tpcm", "hash file: %s\n", description); -+ return grub_tpcm_log_event(buf, size, description); -+ } -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+tpcm_ipmi_write (void *context __attribute__ ((unused)), void *buf, grub_size_t size) -+{ -+ grub_err_t err; -+ err = tpcm_ipmi_measure (buf, size, context); -+ grub_tcpm_file_type = GRUB_FILE_TYPE_NONE; -+ return err; -+} -+ -+struct grub_file_verifier tpcm = -+ { -+ .name = "tpcm", -+ .init = tpcm_ipmi_init, -+ .write = tpcm_ipmi_write -+ }; -+ -+ -+GRUB_MOD_INIT(tpcm) -+{ -+ tpcm_ipmi = grub_efi_locate_protocol (&gIpmiInterfaceProtocolGuid, 0); -+ if (!tpcm_ipmi) -+ { -+ grub_dprintf ("tpcm", "locate IpmiInterfaceProtocol failed, TPCM unsupported in the machine.\n"); -+ return; -+ } -+ grub_verifier_register (&tpcm); -+} -+ -+GRUB_MOD_FINI(tpcm) -+{ -+ grub_verifier_unregister (&tpcm); -+} -+ -diff --git a/include/grub/efi/tpcm.h b/include/grub/efi/tpcm.h -new file mode 100644 -index 0000000..d4cf93b ---- /dev/null -+++ b/include/grub/efi/tpcm.h -@@ -0,0 +1,236 @@ -+#ifndef GRUB_EFI_TPCM_HEADER -+#define GRUB_EFI_TPCM_HEADER 1 -+ -+#define GRUB_EFI_HASH2_SERVICE_BINDING_PROTOCOL_GUID \ -+ { \ -+ 0xda836f8d, 0x217f, 0x4ca0, { 0x99, 0xc2, 0x1c, 0xa4, 0xe1, 0x60, 0x77, 0xea } \ -+ } -+ -+#define GRUB_EFI_HASH2_PROTOCOL_GUID \ -+ { \ -+ 0x55b1d734, 0xc5e1, 0x49db, { 0x96, 0x47, 0xb1, 0x6a, 0xfb, 0xe, 0x30, 0x5b } \ -+ } -+ -+#define EFI_TPCM_GUID \ -+ { \ -+ 0xa37e200e, 0xda90, 0x473b, { 0x8b, 0xb5, 0x1d, 0x7b, 0x11, 0xba, 0x32, 0x33 } \ -+ } -+ -+#define GRUB_HASH_ALGORITHM_SM3_GUID \ -+ { \ -+ 0x9DCD754B, 0x3479, 0x27AD, { 0x56, 0x4C, 0x68, 0x7C, 0x68, 0xEC, 0xF9, 0xB9 } \ -+ } -+ -+ -+#define OEM_SIG_SIZE 3 -+#define FIRMWARE_VERSION_SIZE 32 -+#define FIRMWARE_HASH_CONTENT_SIZE 32 -+#define FIRMWARE_NAME_SIZE 32 -+#define GRUB_IPMI_TIMEOUT_MS 2000 -+ -+// LUN -+#define IPMI_BMC_LUN 0x00 -+// Net Function Definition -+#define IPMI_NETFN_OEM 0x30 -+ -+#define IPMI_CMD_GET_MEASURE_PARM 0x92 //change a name -+ -+#define IPMI_SUB_CMD_MEASURE_REQ 0x57 //change a name -+#define IPMI_SUB_CMD_CONTROL_REQ 0x58 -+#define IPMI_SUB_CMD_SWITCH_REQ 0x59 -+ -+//bmeasure -+#define DEFAULT_HASH_SIZE 32 -+#define MEASURE_DATA_MEM_SIZE 0x100000 -+ -+#define TPCM_TAG_REQ_COMMAND 0x000000C1 -+#define TPCM_ORD_ExternSimpleBootMeasure 0x00001053 -+ -+typedef struct { -+ grub_efi_uint32_t uiCmdTag; -+ grub_efi_uint32_t uiCmdLength; -+ grub_efi_uint32_t uiCmdCode; -+ grub_efi_uint32_t uiPcr; -+ grub_efi_uint32_t uiStage; -+ grub_efi_uint8_t uaDigest[DEFAULT_HASH_SIZE]; -+ grub_efi_uint32_t uiObjLen; -+ grub_efi_uint8_t uaObj[FIRMWARE_NAME_SIZE]; -+}extern_simple_bmeasure_req_st; -+ -+typedef struct { -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+ grub_efi_uint8_t SubCmd; -+ grub_efi_uint8_t FirmwareType; -+ grub_efi_uint8_t FirmwareDetailType; -+ grub_efi_uint8_t FirmwareHashAlgoType; -+ grub_efi_uint8_t FirmwareHashLen; -+ extern_simple_bmeasure_req_st FirmwareHashContent; -+ // reserved for kernel and initrd's version -+ grub_efi_uint8_t FirmwareVerionLen; -+ grub_efi_uint8_t FirmwareVerion[0]; -+} OEM_BMC_MEASURE_REQUSET; -+ -+typedef struct { -+ grub_efi_uint8_t CompletionCode; -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+} OEM_BMC_MEASURE_RESPONSE; -+ -+typedef struct { -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+ grub_efi_uint8_t SubCmd; -+ grub_efi_uint8_t FirmwareType; -+ grub_efi_uint8_t FirmwareDetailType; -+} OEM_BMC_GET_RESULT_REQUSET; -+ -+typedef struct { -+ /* In the specification of BMC <--> BIOS(GRUB2), we need CompletionCode -+ * But, BIOS has pre-processed CompletionCode in function: excute_ipmi_cmd -+ * So, we delete the word: -+ * grub_efi_uint8_t CompletionCode; -+ */ -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+ grub_efi_uint8_t ControlResult; -+} OEM_BMC_GET_RESULT_RESPONSE; -+ -+typedef struct { -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+ grub_efi_uint8_t SubCmd; -+ grub_efi_uint8_t FirmwareType; -+ grub_efi_uint8_t FirmwareDetailType; -+} OEM_BMC_GET_SWITCH_REQUSET; -+ -+typedef struct { -+ /* In the specification of BMC <--> BIOS(GRUB2), we need CompletionCode -+ * But, BIOS has pre-processed CompletionCode in function: excute_ipmi_cmd -+ * So, we delete the word: -+ * grub_efi_uint8_t CompletionCode; -+ */ -+ grub_efi_uint8_t OemSignature[OEM_SIG_SIZE]; -+ grub_efi_uint8_t ControlResult; -+} OEM_BMC_GET_SWITCH_RESPONSE; -+ -+typedef enum { -+ IPMI_SYSTEM_INTERFACE_UNKNOWN, // IPMI_SYSTEM_INTERFACE_TYPE->UNKNOWN -+ IPMI_SYSTEM_INTERFACE_KCS, -+ IPMI_SYSTEM_INTERFACE_SMIC, -+ IPMI_SYSTEM_INTERFACE_BT, // IPMI_SYSTEM_INTERFACE_TYPE->BT -+ IPMI_SYSTEM_INTERFACE_SSIF, -+ IPMI_SYSTEM_INTERFACE_MAX_TYPE // IPMI_SYSTEM_INTERFACE_TYPE->MAX_TYPE -+} grub_ipmi_system_interface_type; -+ -+ -+typedef struct { -+ grub_efi_uint8_t lun : 2; -+ grub_efi_uint8_t net_fn : 6; -+ grub_efi_uint8_t cmd; -+} grub_ipmi_cmd_header; -+ -+typedef enum { -+ IPMI_MEMORY, -+ IPMI_IO, // IPMI_IO -+ IPMI_MAX_INTERFACE_ADDRESS_TYPE -+} grub_ipmi_interface_address_type; -+ -+typedef enum { -+ IPMI_FW_SHIM, -+ IPMI_FW_SHIM_GRUB, -+ IPMI_FW_OS -+} grub_ipmi_firmware_type; -+ -+typedef enum { -+ IPMI_FW_DETAIL_GRUB_CFG, -+ IPMI_FW_DETAIL_KERNEL, -+ IPMI_FW_DETAIL_INITRD -+} grub_ipmi_firmware_detail_type; -+ -+typedef enum { -+ IPMI_FW_HASH_SM3, -+ IPMI_FW_HASH_RESERVED1, -+ IPMI_FW_HASH_RESERVED2 -+} grub_ipmi_firmware_hash_algo_type; -+ -+typedef enum { -+ IPMI_MEASURE_UNKNOW, -+ IPMI_MEASURE_SUCCESS, -+ IPMI_MEASURE_FAIL -+} grub_ipmi_measure_result_type; -+ -+typedef enum { -+ IPMI_TPCM_UNKNOW, -+ IPMI_TPCM_OPEN, -+ IPMI_TPCM_CLOSE, -+ IPMI_TPCM_PERMISSIVE -+} grub_ipmi_tpcm_result_type; -+ -+ -+typedef grub_efi_uint8_t EFI_MD5_HASH2[16]; -+typedef grub_efi_uint8_t EFI_SHA1_HASH2[20]; -+typedef grub_efi_uint8_t EFI_SHA224_HASH2[28]; -+typedef grub_efi_uint8_t EFI_SHA256_HASH2[32]; -+typedef grub_efi_uint8_t EFI_SHA384_HASH2[48]; -+typedef grub_efi_uint8_t EFI_SHA512_HASH2[64]; -+typedef grub_efi_uint8_t EFI_SM3_HASH2[32]; -+ -+typedef union { -+ EFI_MD5_HASH2 Md5Hash; -+ EFI_SHA1_HASH2 Sha1Hash; -+ EFI_SHA224_HASH2 Sha224Hash; -+ EFI_SHA256_HASH2 Sha256Hash; -+ EFI_SHA384_HASH2 Sha384Hash; -+ EFI_SHA512_HASH2 Sha512Hash; -+ EFI_SM3_HASH2 Sm3Hash; -+} grub_efi_hash2_output; -+ -+struct grub_efi_hash2_protocol { -+ grub_efi_status_t -+ (*get_hash_size) (struct grub_efi_hash2_protocol *this, -+ grub_efi_guid_t *hash_algorithm, -+ grub_efi_uintn_t hash_size); -+ -+ grub_efi_status_t -+ (*hash) (struct grub_efi_hash2_protocol *this, -+ grub_efi_guid_t *hash_algorithm, -+ grub_efi_uint8_t *message, -+ grub_efi_uintn_t message_size, -+ grub_efi_hash2_output *hash); -+ -+ grub_efi_status_t -+ (*hash_init) (struct grub_efi_hash2_protocol *this, -+ grub_efi_guid_t *hash_algorithm); -+ -+ grub_efi_status_t -+ (*hash_update) (struct grub_efi_hash2_protocol *this, -+ grub_efi_uint8_t *message, -+ grub_efi_uintn_t message_size); -+ -+ grub_efi_status_t -+ (*hash_final) (struct grub_efi_hash2_protocol *this, -+ grub_efi_hash2_output *hash); -+}; -+typedef struct grub_efi_hash2_protocol grub_efi_hash2_protocol_t; -+ -+struct grub_efi_ipmi_interface_protocol { -+ grub_efi_status_t -+ (*excute_ipmi_cmd) (struct grub_efi_ipmi_interface_protocol *this, -+ grub_ipmi_cmd_header request, -+ void *send_data, -+ grub_efi_uint8_t send_length, -+ void *recv_data, -+ grub_efi_uint8_t *recv_length, -+ grub_efi_uint16_t *status_codes); -+ -+ grub_ipmi_system_interface_type -+ (*get_ipmi_interface_type) (struct grub_efi_ipmi_interface_protocol *this); -+ -+ grub_efi_uint16_t -+ (*get_ipmi_base_address) (struct grub_efi_ipmi_interface_protocol *this); -+ -+ grub_ipmi_interface_address_type -+ (*get_ipmi_base_address_type) (struct grub_efi_ipmi_interface_protocol *this); -+ -+ grub_efi_uint8_t -+ (*get_ipmi_version) (struct grub_efi_ipmi_interface_protocol *this); -+}; -+typedef struct grub_efi_ipmi_interface_protocol grub_efi_ipmi_interface_protocol_t; -+ -+#endif --- -2.27.0 - diff --git a/backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch b/backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch deleted file mode 100644 index fc3b46f6d83b37708cd74629a7b486063bb5f6c9..0000000000000000000000000000000000000000 --- a/backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 0cb7a4491684648a819022a4e71820bbaf114734 Mon Sep 17 00:00:00 2001 -From: Heinrich Schuchardt -Date: Fri, 13 Aug 2021 16:15:33 +0200 -Subject: libgcrypt: Avoid -Wsign-compare in rijndael do_setkey() - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0cb7a4491684648a819022a4e71820bbaf114734 - -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Avoid a warning - - lib/libgcrypt-grub/cipher/rijndael.c:352:21: warning: - comparison of integer expressions of different signedness: - ‘int’ and ‘unsigned int’ [-Wsign-compare] - 352 | for (i = 0; i < keylen; i++) - | - -Signed-off-by: Heinrich Schuchardt -Reviewed-by: Daniel Kiper ---- - grub-core/lib/libgcrypt/cipher/rijndael.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/grub-core/lib/libgcrypt/cipher/rijndael.c b/grub-core/lib/libgcrypt/cipher/rijndael.c -index 559550b50..38e9a7c08 100644 ---- a/grub-core/lib/libgcrypt/cipher/rijndael.c -+++ b/grub-core/lib/libgcrypt/cipher/rijndael.c -@@ -181,7 +181,8 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen) - static int initialized = 0; - static const char *selftest_failed=0; - int rounds; -- int i,j, r, t, rconpointer = 0; -+ unsigned int i; -+ int j, r, t, rconpointer = 0; - int KC; - union - { --- -cgit v1.2.1 - diff --git a/backport-CVE-2023-4692-fs-ntfs-Fix-an-OOB-write-when-parsing-the.patch b/backport-CVE-2023-4692-fs-ntfs-Fix-an-OOB-write-when-parsing-the.patch deleted file mode 100644 index b69abec5f5b6ead32249cc02076ad6fa347321ab..0000000000000000000000000000000000000000 --- a/backport-CVE-2023-4692-fs-ntfs-Fix-an-OOB-write-when-parsing-the.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 998f950383270b8494efd17738cf4fb358705c6c Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:31:57 +0300 -Subject: [PATCH 1/6] fs/ntfs: Fix an OOB write when parsing the - $ATTRIBUTE_LIST attribute for the $MFT file - -When parsing an extremely fragmented $MFT file, i.e., the file described -using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer -containing bytes read from the underlying drive to store sector numbers, -which are consumed later to read data from these sectors into another buffer. - -These sectors numbers, two 32-bit integers, are always stored at predefined -offsets, 0x10 and 0x14, relative to first byte of the selected entry within -the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem. - -However, when parsing a specially-crafted file system image, this may cause -the NTFS code to write these integers beyond the buffer boundary, likely -causing the GRUB memory allocator to misbehave or fail. These integers contain -values which are controlled by on-disk structures of the NTFS file system. - -Such modification and resulting misbehavior may touch a memory range not -assigned to the GRUB and owned by firmware or another EFI application/driver. - -This fix introduces checks to ensure that these sector numbers are never -written beyond the boundary. - -Fixes: CVE-2023-4692 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea -Conflict:NA - -Reported-by: Maxim Suhanov -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index 2f34f76..c8d3683 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - } - if (at->attr_end) - { -- grub_uint8_t *pa; -+ grub_uint8_t *pa, *pa_end; - - at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); - if (at->emft_buf == NULL) -@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - } - at->attr_nxt = at->edat_buf; - at->attr_end = at->edat_buf + u32at (pa, 0x30); -+ pa_end = at->edat_buf + n; - } - else - { - at->attr_nxt = at->attr_end + u16at (pa, 0x14); - at->attr_end = at->attr_end + u32at (pa, 4); -+ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); - } - at->flags |= GRUB_NTFS_AF_ALST; - while (at->attr_nxt < at->attr_end) -@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - at->flags |= GRUB_NTFS_AF_GPOS; - at->attr_cur = at->attr_nxt; - pa = at->attr_cur; -+ -+ if ((pa >= pa_end) || (pa_end - pa < 0x18)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); -+ return NULL; -+ } -+ - grub_set_unaligned32 ((char *) pa + 0x10, - grub_cpu_to_le32 (at->mft->data->mft_start)); - grub_set_unaligned32 ((char *) pa + 0x14, -@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - { - if (*pa != attr) - break; -+ -+ if ((pa >= pa_end) || (pa_end - pa < 0x18)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); -+ return NULL; -+ } -+ - if (read_attr - (at, pa + 0x10, - u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR), --- -2.19.1 - diff --git a/backport-CVE-2023-4693-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the.patch b/backport-CVE-2023-4693-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the.patch deleted file mode 100644 index add2b3c942c0f8d251c3897faa558d40e9b2b3e0..0000000000000000000000000000000000000000 --- a/backport-CVE-2023-4693-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 0636bff015fe6f2df6975cdfac6e264e2649fc26 Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:32:33 +0300 -Subject: [PATCH 2/6] fs/ntfs: Fix an OOB read when reading data from the - resident $DATA attribute - -When reading a file containing resident data, i.e., the file data is stored in -the $DATA attribute within the NTFS file record, not in external clusters, -there are no checks that this resident data actually fits the corresponding -file record segment. - -When parsing a specially-crafted file system image, the current NTFS code will -read the file data from an arbitrary, attacker-chosen memory offset and of -arbitrary, attacker-chosen length. - -This allows an attacker to display arbitrary chunks of memory, which could -contain sensitive information like password hashes or even plain-text, -obfuscated passwords from BS EFI variables. - -This fix implements a check to ensure that resident data is read from the -corresponding file record segment only. - -Fixes: CVE-2023-4693 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94 -Conflict:NA - -Reported-by: Maxim Suhanov -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 13 ++++++++++++- - 1 file changed, 12 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index c8d3683..4d1fe42 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest, - { - if (ofs + len > u32at (pa, 0x10)) - return grub_error (GRUB_ERR_BAD_FS, "read out of range"); -- grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len); -+ -+ if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large"); -+ -+ if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range"); -+ -+ if (u16at (pa, 0x14) + u32at (pa, 0x10) > -+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa) -+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range"); -+ -+ grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len); - return 0; - } - --- -2.19.1 - diff --git a/backport-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch b/backport-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch deleted file mode 100644 index 3a78f4d5ac0f87dd2e98018d5454175ca1aedc28..0000000000000000000000000000000000000000 --- a/backport-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 9 Feb 2022 16:08:20 -0500 -Subject: [PATCH] EFI: allocate kernel in EFI_RUNTIME_SERVICES_CODE instead of - EFI_LOADER_DATA. - -On some of the firmwares with more security mitigations, EFI_LOADER_DATA -doesn't get you executable memory, and we take a fault and reboot when -we enter kernel. - -This patch correctly allocates the kernel code as EFI_RUNTIME_SERVICES_CODE -rather than EFI_LOADER_DATA. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Peter Jones -[rharwood: use kernel_size] -Signed-off-by: Robbie Harwood ---- - grub-core/loader/i386/efi/linux.c | 19 +++++++++++++------ - 1 file changed, 13 insertions(+), 6 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 9e5c11ac69..92b2fb5091 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -86,7 +86,9 @@ kernel_free(void *addr, grub_efi_uintn_t size) - } - - static void * --kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) -+kernel_alloc(grub_efi_uintn_t size, -+ grub_efi_memory_type_t memtype, -+ const char * const errmsg) - { - void *addr = 0; - unsigned int i; -@@ -112,7 +114,7 @@ kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) - prev_max = max; - addr = grub_efi_allocate_pages_real (max, pages, - max_addresses[i].alloc_type, -- GRUB_EFI_LOADER_DATA); -+ memtype); - if (addr) - grub_dprintf ("linux", "Allocated at %p\n", addr); - } -@@ -242,7 +244,8 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - } - } - -- initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -+ initrd_mem = kernel_alloc(size, GRUB_EFI_RUNTIME_SERVICES_DATA, -+ N_("can't allocate initrd")); - if (initrd_mem == NULL) - goto fail; - grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); -@@ -393,7 +396,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - #endif - -- params = kernel_alloc (sizeof(*params), "cannot allocate kernel parameters"); -+ params = kernel_alloc (sizeof(*params), GRUB_EFI_RUNTIME_SERVICES_DATA, -+ "cannot allocate kernel parameters"); - if (!params) - goto fail; - grub_dprintf ("linux", "params = %p\n", params); -@@ -415,7 +419,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "new lh is at %p\n", lh); - - grub_dprintf ("linux", "setting up cmdline\n"); -- cmdline = kernel_alloc (lh->cmdline_size + 1, N_("can't allocate cmdline")); -+ cmdline = kernel_alloc (lh->cmdline_size + 1, -+ GRUB_EFI_RUNTIME_SERVICES_DATA, -+ N_("can't allocate cmdline")); - if (!cmdline) - goto fail; - grub_dprintf ("linux", "cmdline = %p\n", cmdline); -@@ -461,7 +467,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - kernel_size = lh->init_size; -- kernel_mem = kernel_alloc (kernel_size, N_("can't allocate kernel")); -+ kernel_mem = kernel_alloc (kernel_size, GRUB_EFI_RUNTIME_SERVICES_CODE, -+ N_("can't allocate kernel")); - restore_addresses(); - if (!kernel_mem) - goto fail; diff --git a/backport-Fix-partmap_test-for-arm-efi.patch b/backport-Fix-partmap_test-for-arm-efi.patch deleted file mode 100644 index bd8d77a931b987003b0d83dcc50acaa249517a1d..0000000000000000000000000000000000000000 --- a/backport-Fix-partmap_test-for-arm-efi.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 57a393ca59b3358aec61af10edbc79d8c366e5e4 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Tue, 12 Oct 2021 19:39:55 -0500 -Subject: tests: Fix partmap_test for arm*-efi, disk numbering has changed - -Perhaps using a newer UEFI firmware is the reason for the created test disk -showing up as hd2 instead of hd3. - -Conflict:NA -Reference:http://git.savannah.gnu.org/cgit/grub.git/patch/tests/partmap_test.in?id=57a393ca59b3358aec61af10edbc79d8c366e5e4 - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper ---- - tests/partmap_test.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -(limited to 'tests/partmap_test.in') - -diff --git a/tests/partmap_test.in b/tests/partmap_test.in -index 6ef518b..7353dc7 100644 ---- a/tests/partmap_test.in -+++ b/tests/partmap_test.in -@@ -89,7 +89,7 @@ case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in - disk=arc/scsi0/disk0/rdisk0 - ;; - arm*-efi) -- disk=hd3 -+ disk=hd2 - ;; - *) - disk=hd0 --- -cgit v1.1 - diff --git a/backport-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch b/backport-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch deleted file mode 100644 index 8ff06bc1a4982fa45bfa57aaa065acb668ccac10..0000000000000000000000000000000000000000 --- a/backport-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 403d6540cd608b2706cfa0cb4713f7e4b490ff45 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Thu, 23 Feb 2023 13:15:08 -0800 -Subject: [PATCH] RISC-V: Handle R_RISCV_CALL_PLT reloc - -GNU assembler starting 2.40 release always generates R_RISCV_CALL_PLT -reloc for call in assembler [1], similarly LLVM does not make -distinction between R_RISCV_CALL_PLT and R_RISCV_CALL [2]. - -Fixes "grub-mkimage: error: relocation 0x13 is not implemented yet.". - -[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=70f35d72ef04cd23771875c1661c9975044a749c -[2] https://reviews.llvm.org/D132530 - -Signed-off-by: Khem Raj -Reviewed-by: Daniel Kiper ---- - grub-core/kern/riscv/dl.c | 1 + - util/grub-mkimagexx.c | 2 ++ - 2 files changed, 3 insertions(+) - -diff --git a/grub-core/kern/riscv/dl.c b/grub-core/kern/riscv/dl.c -index f26b12aaa..896653bb4 100644 ---- a/grub-core/kern/riscv/dl.c -+++ b/grub-core/kern/riscv/dl.c -@@ -188,6 +188,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr, - break; - - case R_RISCV_CALL: -+ case R_RISCV_CALL_PLT: - { - grub_uint32_t *abs_place = place; - grub_ssize_t off = sym_addr - (grub_addr_t) place; -diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c -index a1927e786..c5fb336e9 100644 ---- a/util/grub-mkimagexx.c -+++ b/util/grub-mkimagexx.c -@@ -1294,6 +1294,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd, - } - break; - case R_RISCV_CALL: -+ case R_RISCV_CALL_PLT: - { - grub_uint32_t hi20, lo12; - -@@ -1726,6 +1727,7 @@ translate_relocation_pe (struct translate_context *ctx, - case R_RISCV_BRANCH: - case R_RISCV_JAL: - case R_RISCV_CALL: -+ case R_RISCV_CALL_PLT: - case R_RISCV_PCREL_HI20: - case R_RISCV_PCREL_LO12_I: - case R_RISCV_PCREL_LO12_S: --- -2.39.1 - diff --git a/backport-Read-etc-default-grub.d-.cfg-after-etc-default-grub.patch b/backport-Read-etc-default-grub.d-.cfg-after-etc-default-grub.patch deleted file mode 100644 index 10f7de4e36f5c147f952850cd4c59f1461a2b638..0000000000000000000000000000000000000000 --- a/backport-Read-etc-default-grub.d-.cfg-after-etc-default-grub.patch +++ /dev/null @@ -1,213 +0,0 @@ -From c9198e80f1aa2e9ae9e2bdc8b6f9e9ef601f0971 Mon Sep 17 00:00:00 2001 -From: Colin Watson -Date: Mon, 13 Jan 2014 12:13:10 +0000 -Subject: [PATCH] Read /etc/default/grub.d/*.cfg after /etc/default/grub - -Bug-Ubuntu: https://bugs.launchpad.net/bugs/901600 -Forwarded: no -Last-Update: 2021-09-24 - -Reference:https://sources.debian.org/src/grub2/2.06-8.1/debian/patches/default-grub-d.patch/ -Conflict:NA ---- - grub-core/osdep/unix/config.c | 128 ++++++++++++++++++++++++++++------ - util/grub-mkconfig.in | 5 ++ - 2 files changed, 112 insertions(+), 21 deletions(-) - -diff --git a/grub-core/osdep/unix/config.c b/grub-core/osdep/unix/config.c -index 46a8815..5a8c584 100644 ---- a/grub-core/osdep/unix/config.c -+++ b/grub-core/osdep/unix/config.c -@@ -24,6 +24,9 @@ - #include - #include - #include -+#include -+#include -+#include - #include - #include - #include -@@ -61,13 +64,27 @@ grub_util_get_localedir (void) - return LOCALEDIR; - } - -+struct cfglist -+{ -+ struct cfglist *next; -+ struct cfglist *prev; -+ char *path; -+}; -+ - void - grub_util_load_config (struct grub_util_config *cfg) - { - pid_t pid; - const char *argv[4]; -- char *script, *ptr; -+ char *script = NULL, *ptr; - const char *cfgfile, *iptr; -+ char *cfgdir; -+ grub_util_fd_dir_t d; -+ struct cfglist *cfgpaths = NULL, *cfgpath, *next_cfgpath; -+ int num_cfgpaths = 0; -+ size_t len_cfgpaths = 0; -+ char **sorted_cfgpaths = NULL; -+ int i; - FILE *f = NULL; - int fd; - const char *v; -@@ -96,29 +113,88 @@ grub_util_load_config (struct grub_util_config *cfg) - } - - cfgfile = grub_util_get_config_filename (); -- if (!grub_util_is_regular (cfgfile)) -- return; -+ if (grub_util_is_regular (cfgfile)) -+ { -+ size_t sz; -+ -+ ++num_cfgpaths; -+ sz = strlen (cfgfile); -+ if (grub_mul (sz, 4, &sz) || -+ grub_add (sz, sizeof (". ''; ") - 1, &sz) || -+ grub_add (len_cfgpaths, sz, &len_cfgpaths)) -+ grub_util_error ("%s", _("overflow is detected")); -+ } -+ -+ cfgdir = xasprintf ("%s.d", cfgfile); -+ d = grub_util_fd_opendir (cfgdir); -+ if (d) -+ { -+ grub_util_fd_dirent_t de; -+ -+ while ((de = grub_util_fd_readdir (d))) -+ { -+ const char *ext = strrchr (de->d_name, '.'); -+ size_t sz; -+ -+ if (!ext || strcmp (ext, ".cfg") != 0) -+ continue; -+ -+ cfgpath = xmalloc (sizeof (*cfgpath)); -+ cfgpath->path = grub_util_path_concat (2, cfgdir, de->d_name); -+ grub_list_push (GRUB_AS_LIST_P (&cfgpaths), GRUB_AS_LIST (cfgpath)); -+ ++num_cfgpaths; -+ sz = strlen (cfgpath->path); -+ if (grub_mul (sz, 4, &sz) || -+ grub_add (sz, sizeof (". ''; ") - 1, &sz) || -+ grub_add (len_cfgpaths, sz, &len_cfgpaths)) -+ grub_util_error ("%s", _("overflow is detected")); -+ } -+ grub_util_fd_closedir (d); -+ } -+ -+ if (num_cfgpaths == 0) -+ goto out; -+ -+ sorted_cfgpaths = xcalloc (num_cfgpaths, sizeof (*sorted_cfgpaths)); -+ i = 0; -+ if (grub_util_is_regular (cfgfile)) -+ sorted_cfgpaths[i++] = xstrdup (cfgfile); -+ FOR_LIST_ELEMENTS_SAFE (cfgpath, next_cfgpath, cfgpaths) -+ { -+ sorted_cfgpaths[i++] = cfgpath->path; -+ free (cfgpath); -+ } -+ assert (i == num_cfgpaths); -+ qsort (sorted_cfgpaths + 1, num_cfgpaths - 1, sizeof (*sorted_cfgpaths), -+ (int (*) (const void *, const void *)) strcmp); - - argv[0] = "sh"; - argv[1] = "-c"; - -- script = xcalloc (4, strlen (cfgfile) + 300); -+ if (grub_add (len_cfgpaths, 300, &len_cfgpaths)) -+ grub_util_error ("%s", _("overflow is detected")); -+ script = xmalloc (len_cfgpaths); - - ptr = script; -- memcpy (ptr, ". '", 3); -- ptr += 3; -- for (iptr = cfgfile; *iptr; iptr++) -+ for (i = 0; i < num_cfgpaths; i++) - { -- if (*iptr == '\\') -+ memcpy (ptr, ". '", 3); -+ ptr += 3; -+ for (iptr = sorted_cfgpaths[i]; *iptr; iptr++) - { -- memcpy (ptr, "'\\''", 4); -- ptr += 4; -- continue; -+ if (*iptr == '\\') -+ { -+ memcpy (ptr, "'\\''", 4); -+ ptr += 4; -+ continue; -+ } -+ *ptr++ = *iptr; - } -- *ptr++ = *iptr; -+ memcpy (ptr, "'; ", 3); -+ ptr += 3; - } - -- strcpy (ptr, "'; printf \"GRUB_ENABLE_CRYPTODISK=%s\\nGRUB_DISTRIBUTOR=%s\\nSUSE_BTRFS_SNAPSHOT_BOOTING=%s\\n\" " -+ strcpy (ptr, "printf \"GRUB_ENABLE_CRYPTODISK=%s\\nGRUB_DISTRIBUTOR=%s\\nSUSE_BTRFS_SNAPSHOT_BOOTING=%s\\n\" " - "\"$GRUB_ENABLE_CRYPTODISK\" \"$GRUB_DISTRIBUTOR\" \"$SUSE_BTRFS_SNAPSHOT_BOOTING\""); - - argv[2] = script; -@@ -138,15 +214,25 @@ grub_util_load_config (struct grub_util_config *cfg) - waitpid (pid, NULL, 0); - } - if (f) -- return; -+ goto out; - -- f = grub_util_fopen (cfgfile, "r"); -- if (f) -+ for (i = 0; i < num_cfgpaths; i++) - { -- grub_util_parse_config (f, cfg, 0); -- fclose (f); -+ f = grub_util_fopen (sorted_cfgpaths[i], "r"); -+ if (f) -+ { -+ grub_util_parse_config (f, cfg, 0); -+ fclose (f); -+ } -+ else -+ grub_util_warn (_("cannot open configuration file `%s': %s"), -+ cfgfile, strerror (errno)); - } -- else -- grub_util_warn (_("cannot open configuration file `%s': %s"), -- cfgfile, strerror (errno)); -+ -+out: -+ free (script); -+ for (i = 0; i < num_cfgpaths; i++) -+ free (sorted_cfgpaths[i]); -+ free (sorted_cfgpaths); -+ free (cfgdir); - } -diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in -index 520a672..e3f2ae8 100644 ---- a/util/grub-mkconfig.in -+++ b/util/grub-mkconfig.in -@@ -164,6 +164,11 @@ fi - if test -f ${sysconfdir}/default/grub ; then - . ${sysconfdir}/default/grub - fi -+for x in ${sysconfdir}/default/grub.d/*.cfg ; do -+ if [ -e "${x}" ]; then -+ . "${x}" -+ fi -+done - - eval "$("${grub_get_kernel_settings}")" || true - --- -2.19.1 - diff --git a/backport-Revert-iee1275-datetime-Fix-off-by-1-error.patch b/backport-Revert-iee1275-datetime-Fix-off-by-1-error.patch deleted file mode 100644 index eaedca2914d320b0f7ed07ccb6e6fce6855e9017..0000000000000000000000000000000000000000 --- a/backport-Revert-iee1275-datetime-Fix-off-by-1-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From be257de00c8edbbe8e26d83769c6d36ea1f2a734 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Mon, 24 Jan 2022 20:10:51 -0600 -Subject: Revert "iee1275/datetime: Fix off-by-1 error." - -This is causing the test grub_cmd_date() to fail because the returned -date is one day more than it should be. - -This reverts commit 607d66116 (iee1275/datetime: Fix off-by-1 error.). - -Signed-off-by: Glenn Washburn -Tested-by: Daniel Axtens -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=be257de00c8edbbe8e26d83769c6d36ea1f2a734 - ---- - grub-core/lib/ieee1275/datetime.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/lib/ieee1275/datetime.c b/grub-core/lib/ieee1275/datetime.c -index b81fba2..74578f1 100644 ---- a/grub-core/lib/ieee1275/datetime.c -+++ b/grub-core/lib/ieee1275/datetime.c -@@ -95,7 +95,7 @@ grub_get_datetime (struct grub_datetime *datetime) - - datetime->year = args.year; - datetime->month = args.month; -- datetime->day = args.day + 1; -+ datetime->day = args.day; - datetime->hour = args.hour; - datetime->minute = args.minute; - datetime->second = args.second; -@@ -140,7 +140,7 @@ grub_set_datetime (struct grub_datetime *datetime) - - args.year = datetime->year; - args.month = datetime->month; -- args.day = datetime->day - 1; -+ args.day = datetime->day; - args.hour = datetime->hour; - args.minute = datetime->minute; - args.second = datetime->second; --- -cgit v1.1 - diff --git a/backport-commands-acpi-Use-xsdt_addr-if-present.patch b/backport-commands-acpi-Use-xsdt_addr-if-present.patch deleted file mode 100644 index c851e38c7d199c2f89bea82e90eb42518f624001..0000000000000000000000000000000000000000 --- a/backport-commands-acpi-Use-xsdt_addr-if-present.patch +++ /dev/null @@ -1,38 +0,0 @@ -From b2b477e6b23a207321e2f9d7fde1a1624ef318dc Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Tue, 13 Jun 2023 11:17:36 +0800 -Subject: [PATCH] commands/acpi: Use xsdt_addr if present - -According to the ACPI specification, in ACPI 2.0 or later, an -ACPI-compatible OS must use the XSDT if present. So, we should -use xsdt_addr instead of rsdt_addr if xsdt_addr is valid. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b2b477e6b23a207321e2f9d7fde1a1624ef318dc -Conflict:NA - -Signed-off-by: Qiumiao Zhang -Reviewed-by: Daniel Kiper ---- - grub-core/commands/acpi.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/grub-core/commands/acpi.c b/grub-core/commands/acpi.c -index deec4bb43..1c034463c 100644 ---- a/grub-core/commands/acpi.c -+++ b/grub-core/commands/acpi.c -@@ -514,7 +514,11 @@ grub_cmd_acpi (struct grub_extcmd_context *ctxt, int argc, char **args) - /* Set revision variables to replicate the same version as host. */ - rev1 = ! rsdp->revision; - rev2 = rsdp->revision; -- rsdt = (struct grub_acpi_table_header *) (grub_addr_t) rsdp->rsdt_addr; -+ if (rev2 && ((struct grub_acpi_table_header *) (grub_addr_t) ((struct grub_acpi_rsdp_v20 *) rsdp)->xsdt_addr) != NULL) -+ rsdt = (struct grub_acpi_table_header *) (grub_addr_t) ((struct grub_acpi_rsdp_v20 *) rsdp)->xsdt_addr; -+ else -+ rsdt = (struct grub_acpi_table_header *) (grub_addr_t) rsdp->rsdt_addr; -+ - /* Load host tables. */ - for (entry_ptr = (grub_uint32_t *) (rsdt + 1); - entry_ptr < (grub_uint32_t *) (((grub_uint8_t *) rsdt) --- -2.27.0 - diff --git a/backport-commands-boot-Add-API-to-pass-context-to-loader.patch b/backport-commands-boot-Add-API-to-pass-context-to-loader.patch deleted file mode 100644 index e1e96a759bdd63c070c1e1e4336b0154578f49a8..0000000000000000000000000000000000000000 --- a/backport-commands-boot-Add-API-to-pass-context-to-loader.patch +++ /dev/null @@ -1,161 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Fri, 29 Apr 2022 21:16:02 +0100 -Subject: [PATCH] commands/boot: Add API to pass context to loader - -Loaders rely on global variables for saving context which is consumed -in the boot hook and freed in the unload hook. In the case where a loader -command is executed twice, calling grub_loader_set a second time executes -the unload hook, but in some cases this runs when the loader's global -context has already been updated, resulting in the updated context being -freed and potential use-after-free bugs when the boot hook is subsequently -called. - -This adds a new API (grub_loader_set_ex) which allows a loader to specify -context that is passed to its boot and unload hooks. This is an alternative -to requiring that loaders call grub_loader_unset before mutating their -global context. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit 4322a64dde7e8fedb58e50b79408667129d45dd3) ---- - grub-core/commands/boot.c | 66 +++++++++++++++++++++++++++++++++++++++++------ - include/grub/loader.h | 5 ++++ - 2 files changed, 63 insertions(+), 8 deletions(-) - -diff --git a/grub-core/commands/boot.c b/grub-core/commands/boot.c -index bbca81e947..53691a62d9 100644 ---- a/grub-core/commands/boot.c -+++ b/grub-core/commands/boot.c -@@ -27,10 +27,20 @@ - - GRUB_MOD_LICENSE ("GPLv3+"); - --static grub_err_t (*grub_loader_boot_func) (void); --static grub_err_t (*grub_loader_unload_func) (void); -+static grub_err_t (*grub_loader_boot_func) (void *); -+static grub_err_t (*grub_loader_unload_func) (void *); -+static void *grub_loader_context; - static int grub_loader_flags; - -+struct grub_simple_loader_hooks -+{ -+ grub_err_t (*boot) (void); -+ grub_err_t (*unload) (void); -+}; -+ -+/* Don't heap allocate this to avoid making grub_loader_set fallible. */ -+static struct grub_simple_loader_hooks simple_loader_hooks; -+ - struct grub_preboot - { - grub_err_t (*preboot_func) (int); -@@ -44,6 +54,29 @@ static int grub_loader_loaded; - static struct grub_preboot *preboots_head = 0, - *preboots_tail = 0; - -+static grub_err_t -+grub_simple_boot_hook (void *context) -+{ -+ struct grub_simple_loader_hooks *hooks; -+ -+ hooks = (struct grub_simple_loader_hooks *) context; -+ return hooks->boot (); -+} -+ -+static grub_err_t -+grub_simple_unload_hook (void *context) -+{ -+ struct grub_simple_loader_hooks *hooks; -+ grub_err_t ret; -+ -+ hooks = (struct grub_simple_loader_hooks *) context; -+ -+ ret = hooks->unload (); -+ grub_memset (hooks, 0, sizeof (*hooks)); -+ -+ return ret; -+} -+ - int - grub_loader_is_loaded (void) - { -@@ -110,28 +143,45 @@ grub_loader_unregister_preboot_hook (struct grub_preboot *hnd) - } - - void --grub_loader_set (grub_err_t (*boot) (void), -- grub_err_t (*unload) (void), -- int flags) -+grub_loader_set_ex (grub_err_t (*boot) (void *), -+ grub_err_t (*unload) (void *), -+ void *context, -+ int flags) - { - if (grub_loader_loaded && grub_loader_unload_func) -- grub_loader_unload_func (); -+ grub_loader_unload_func (grub_loader_context); - - grub_loader_boot_func = boot; - grub_loader_unload_func = unload; -+ grub_loader_context = context; - grub_loader_flags = flags; - - grub_loader_loaded = 1; - } - -+void -+grub_loader_set (grub_err_t (*boot) (void), -+ grub_err_t (*unload) (void), -+ int flags) -+{ -+ grub_loader_set_ex (grub_simple_boot_hook, -+ grub_simple_unload_hook, -+ &simple_loader_hooks, -+ flags); -+ -+ simple_loader_hooks.boot = boot; -+ simple_loader_hooks.unload = unload; -+} -+ - void - grub_loader_unset(void) - { - if (grub_loader_loaded && grub_loader_unload_func) -- grub_loader_unload_func (); -+ grub_loader_unload_func (grub_loader_context); - - grub_loader_boot_func = 0; - grub_loader_unload_func = 0; -+ grub_loader_context = 0; - - grub_loader_loaded = 0; - } -@@ -158,7 +208,7 @@ grub_loader_boot (void) - return err; - } - } -- err = (grub_loader_boot_func) (); -+ err = (grub_loader_boot_func) (grub_loader_context); - - for (cur = preboots_tail; cur; cur = cur->prev) - if (! err) -diff --git a/include/grub/loader.h b/include/grub/loader.h -index b208642821..1846fa6c5f 100644 ---- a/include/grub/loader.h -+++ b/include/grub/loader.h -@@ -40,6 +40,11 @@ void EXPORT_FUNC (grub_loader_set) (grub_err_t (*boot) (void), - grub_err_t (*unload) (void), - int flags); - -+void EXPORT_FUNC (grub_loader_set_ex) (grub_err_t (*boot) (void *), -+ grub_err_t (*unload) (void *), -+ void *context, -+ int flags); -+ - /* Unset current loader, if any. */ - void EXPORT_FUNC (grub_loader_unset) (void); - diff --git a/backport-commands-efi-efifwsetup-Add-missing-grub_free-s.patch b/backport-commands-efi-efifwsetup-Add-missing-grub_free-s.patch deleted file mode 100644 index fac15875e70e072cdb39fe8412050803a65b2f6d..0000000000000000000000000000000000000000 --- a/backport-commands-efi-efifwsetup-Add-missing-grub_free-s.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 01d1953fc50764206daad12d9b5dd68721353315 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Thu, 18 Aug 2022 13:50:09 -0400 -Subject: commands/efi/efifwsetup: Add missing grub_free()s - -Each call of grub_efi_get_variable() needs a grub_free(). - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=01d1953fc50764206daad12d9b5dd68721353315 -Conflict:NA - -Signed-off-by: Robbie Harwood -Reviewed-by: Daniel Kiper ---- - grub-core/commands/efi/efifwsetup.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/grub-core/commands/efi/efifwsetup.c b/grub-core/commands/efi/efifwsetup.c -index 328c45e..50cecb4 100644 ---- a/grub-core/commands/efi/efifwsetup.c -+++ b/grub-core/commands/efi/efifwsetup.c -@@ -33,17 +33,20 @@ efifwsetup_is_supported (void) - grub_efi_uint64_t *os_indications_supported = NULL; - grub_size_t oi_size = 0; - grub_efi_guid_t global = GRUB_EFI_GLOBAL_VARIABLE_GUID; -+ grub_efi_boolean_t ret = 0; - - grub_efi_get_variable ("OsIndicationsSupported", &global, &oi_size, - (void **) &os_indications_supported); - - if (!os_indications_supported) -- return 0; -+ goto done; - - if (*os_indications_supported & GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI) -- return 1; -+ ret = 1; - -- return 0; -+ done: -+ grub_free (os_indications_supported); -+ return ret; - } - - static grub_err_t -@@ -67,6 +70,8 @@ grub_cmd_fwsetup (grub_command_t cmd __attribute__ ((unused)), - if (old_os_indications != NULL && oi_size == sizeof (os_indications)) - os_indications |= *old_os_indications; - -+ grub_free (old_os_indications); -+ - status = grub_efi_set_variable ("OsIndications", &global, &os_indications, - sizeof (os_indications)); - if (status != GRUB_ERR_NONE) --- -2.19.1 - diff --git a/backport-commands-search-Fix-bug-stopping-iteration-when-no-floppy-is-used.patch b/backport-commands-search-Fix-bug-stopping-iteration-when-no-floppy-is-used.patch deleted file mode 100644 index 21026fa552d8f5ae9b454d0604a468b81903411a..0000000000000000000000000000000000000000 --- a/backport-commands-search-Fix-bug-stopping-iteration-when-no-floppy-is-used.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 68ba54c2298604146be83cae144dafd1cfd1fe2d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Tue, 8 Feb 2022 08:39:10 +0100 -Subject: commands/search: Fix bug stopping iteration when --no-floppy is used -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When using --no-floppy and a floppy was encountered, iterate_device() -was returning 1, causing the iteration to stop instead of continuing. - -Signed-off-by: Renaud Métrich -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=68ba54c2298604146be83cae144dafd1cfd1fe2d - ---- - grub-core/commands/search.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c -index ed090b3..51656e3 100644 ---- a/grub-core/commands/search.c -+++ b/grub-core/commands/search.c -@@ -64,7 +64,7 @@ iterate_device (const char *name, void *data) - /* Skip floppy drives when requested. */ - if (ctx->no_floppy && - name[0] == 'f' && name[1] == 'd' && name[2] >= '0' && name[2] <= '9') -- return 1; -+ return 0; - - #ifdef DO_SEARCH_FS_UUID - #define compare_fn grub_strcasecmp --- -cgit v1.1 - diff --git a/backport-correct-closing-of-SNP-protocol.patch b/backport-correct-closing-of-SNP-protocol.patch deleted file mode 100644 index 485c7456d6c4eb566149bfb599b5aa7c2568de7b..0000000000000000000000000000000000000000 --- a/backport-correct-closing-of-SNP-protocol.patch +++ /dev/null @@ -1,112 +0,0 @@ -From efd9406e12df2b66e6704bad0ce3225aa3051c0e Mon Sep 17 00:00:00 2001 -From: Heinrich Schuchardt -Date: Mon, 29 Nov 2021 16:00:28 +0100 -Subject: efinet: Correct closing of SNP protocol - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/patch/?id=efd9406e12df2b66e6704bad0ce3225aa3051c0e - -In the context of the implementation of the EFI_LOAD_FILE2_PROTOCOL for -the initial ramdisk it was observed that opening the SNP protocol failed. -https://lists.gnu.org/archive/html/grub-devel/2021-10/msg00020.html -This is due to an incorrect call to CloseProtocol(). - -The first parameter of CloseProtocol() is the handle, not the interface. - -We call OpenProtocol() with ControllerHandle == NULL. Hence we must also -call CloseProtcol() with ControllerHandel == NULL. - -Each call of OpenProtocol() for the same network card handle is expected to -return the same interface pointer. If we want to close the protocol which -we opened non-exclusively when searching for a card, we have to do this -before opening the protocol exclusively. - -As there is no guarantee that we successfully open the protocol add checks -in the transmit and receive functions. - -Reported-by: Andreas Schwab -Signed-off-by: Heinrich Schuchardt -Reviewed-by: Daniel Kiper ---- - grub-core/net/drivers/efi/efinet.c | 31 ++++++++++++++++++++++--------- - 1 file changed, 22 insertions(+), 9 deletions(-) - -diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c -index 5388f95..2c81fd0 100644 ---- a/grub-core/net/drivers/efi/efinet.c -+++ b/grub-core/net/drivers/efi/efinet.c -@@ -39,6 +39,9 @@ send_card_buffer (struct grub_net_card *dev, - grub_uint64_t limit_time = grub_get_time_ms () + 4000; - void *txbuf; - -+ if (net == NULL) -+ return grub_error (GRUB_ERR_IO, -+ N_("network protocol not available, can't send packet")); - if (dev->txbusy) - while (1) - { -@@ -101,6 +104,9 @@ get_card_packet (struct grub_net_card *dev) - struct grub_net_buff *nb; - int i; - -+ if (net == NULL) -+ return NULL; -+ - for (i = 0; i < 2; i++) - { - if (!dev->rcvbuf) -@@ -148,12 +154,20 @@ open_card (struct grub_net_card *dev) - { - grub_efi_simple_network_t *net; - -- /* Try to reopen SNP exlusively to close any active MNP protocol instance -- that may compete for packet polling -+ if (dev->efi_net != NULL) -+ { -+ efi_call_4 (grub_efi_system_table->boot_services->close_protocol, -+ dev->efi_handle, &net_io_guid, -+ grub_efi_image_handle, NULL); -+ dev->efi_net = NULL; -+ } -+ /* -+ * Try to reopen SNP exlusively to close any active MNP protocol instance -+ * that may compete for packet polling. - */ - net = grub_efi_open_protocol (dev->efi_handle, &net_io_guid, - GRUB_EFI_OPEN_PROTOCOL_BY_EXCLUSIVE); -- if (net) -+ if (net != NULL) - { - if (net->mode->state == GRUB_EFI_NETWORK_STOPPED - && efi_call_1 (net->start, net) != GRUB_EFI_SUCCESS) -@@ -192,13 +206,12 @@ open_card (struct grub_net_card *dev) - efi_call_6 (net->receive_filters, net, filters, 0, 0, 0, NULL); - } - -- efi_call_4 (grub_efi_system_table->boot_services->close_protocol, -- dev->efi_net, &net_io_guid, -- grub_efi_image_handle, dev->efi_handle); - dev->efi_net = net; -+ } else { -+ return grub_error (GRUB_ERR_NET_NO_CARD, "%s: can't open protocol", -+ dev->name); - } - -- /* If it failed we just try to run as best as we can */ - return GRUB_ERR_NONE; - } - -@@ -208,8 +221,8 @@ close_card (struct grub_net_card *dev) - efi_call_1 (dev->efi_net->shutdown, dev->efi_net); - efi_call_1 (dev->efi_net->stop, dev->efi_net); - efi_call_4 (grub_efi_system_table->boot_services->close_protocol, -- dev->efi_net, &net_io_guid, -- grub_efi_image_handle, dev->efi_handle); -+ dev->efi_handle, &net_io_guid, -+ grub_efi_image_handle, 0); - } - - static struct grub_net_card_driver efidriver = --- -cgit v1.1 - diff --git a/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch b/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch deleted file mode 100644 index fc392f25bd5c3857d69e3fd71d708226a22a5d84..0000000000000000000000000000000000000000 --- a/backport-disk-diskfilter-Check-calloc-result-for-NULL.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 12e20a6a695f4967b30a95bb52e4e2e0a10c9094 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Sun, 21 Aug 2022 22:22:35 +1000 -Subject: [PATCH] disk/diskfilter: Check calloc() result for NULL - -With wildly corrupt inputs, we can end up trying to calloc a very -large amount of memory, which will fail and give us a NULL pointer. -We need to check that to avoid a crash. (And, even if we blocked -such inputs, it is good practice to check the results of allocations -anyway.) - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=12e20a6a695f4967b30a95bb52e4e2e0a10c9094 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/disk/diskfilter.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c -index 2edcff6e8..4ac50320e 100644 ---- a/grub-core/disk/diskfilter.c -+++ b/grub-core/disk/diskfilter.c -@@ -1163,6 +1163,9 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb, - array->lvs->segments->raid_member_size = disk_size; - array->lvs->segments->nodes - = grub_calloc (nmemb, sizeof (array->lvs->segments->nodes[0])); -+ if (array->lvs->segments->nodes == NULL) -+ goto fail; -+ - array->lvs->segments->stripe_size = stripe_size; - for (i = 0; i < nmemb; i++) - { --- -2.28.0.windows.1 - diff --git a/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch b/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch deleted file mode 100644 index 4326f329002e04456a35162a46d9eda53161cc32..0000000000000000000000000000000000000000 --- a/backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 2a5e3c1f2aed88c2289fb595da8308e898b87915 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 19 Oct 2022 20:23:22 +1100 -Subject: [PATCH] disk/diskfilter: Don't make a RAID array with more than 1024 - disks - -This is "belt and braces" with commit 12e20a6a695f (disk/diskfilter: -Check calloc() result for NULL): we end up trying to use too much memory -in situations like corrupted Linux software RAID setups purporting to -use a huge number of disks. Simply refuse to permit such configurations. - -1024 is a bit arbitrary, yes, and I feel a bit like I'm tempting fate -here, but I think 1024 disks in an array (that GRUB has to read to boot!) -should be enough for anyone. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=2a5e3c1f2aed88c2289fb595da8308e898b87915 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/disk/diskfilter.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c -index 4ac50320e..1c568927b 100644 ---- a/grub-core/disk/diskfilter.c -+++ b/grub-core/disk/diskfilter.c -@@ -1046,6 +1046,13 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb, - struct grub_diskfilter_pv *pv; - grub_err_t err; - -+ /* We choose not to support more than 1024 disks. */ -+ if (nmemb < 1 || nmemb > 1024) -+ { -+ grub_free (uuid); -+ return NULL; -+ } -+ - switch (level) - { - case 1: --- -2.28.0.windows.1 - diff --git a/backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch b/backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch deleted file mode 100644 index 000ae6d588d9260a6827f34f02da0df0231bb5e1..0000000000000000000000000000000000000000 --- a/backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 8dc558b124056da61a30fcad15723cc652d94e0d Mon Sep 17 00:00:00 2001 -From: Stefan Agner -Date: Tue, 31 May 2022 17:53:43 +0200 -Subject: [PATCH] disk/efi/efidisk: Pass buffers with higher alignment - -Some devices report IoAlign values but seem to require buffers with -higher alignment. - -The UEFI specification is saying: "IoAlign values of 0 and 1 mean that -the buffer can be placed anywhere in memory. Otherwise, IoAlign must -be a power of 2, and the requirement is that the start address of -a buffer must be evenly divisible by IoAlign with no remainder." - -Some devices report IoAlign of 2, however seem to require 4 bytes -aligned buffers. It seems that this got misinterpreted by some vendors -assuming IoAlign is 2^IoAlign. There is also such a hint in an example -in earlier versions of the Driver Writer's Guide: - - ScsiPassThruMode.IoAlign = 2; //Data must be aligned on 4-byte boundary - -Some devices report no alignment requirements at all but seem to read -corrupted data or report read errors when passing unaligned buffers. - -Work around by using an alignment of at least BlockSize (typically 512 -bytes) in any case. If IoAlign (interpreted as per UEFI specification) -requests a higher alignment than BlockSize, follow IoAlign still. - -Note: The problem has only noticed with compressed squashfs. It seems -that ext4 (and presumably other file system drivers) pass buffers with -a higher alignment already. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=858a0745c89262d1f35b9d3d3a208573732d7e36 -Conflict:NA - -Signed-off-by: Stefan Agner -Acked-by: Heinrich Schuchardt -Reviewed-by: Daniel Kiper - ---- - grub-core/disk/efi/efidisk.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/grub-core/disk/efi/efidisk.c b/grub-core/disk/efi/efidisk.c -index fe8ba6e..cfc0176 100644 ---- a/grub-core/disk/efi/efidisk.c -+++ b/grub-core/disk/efi/efidisk.c -@@ -553,8 +553,19 @@ grub_efidisk_readwrite (struct grub_disk *disk, grub_disk_addr_t sector, - d = disk->data; - bio = d->block_io; - -- /* Set alignment to 1 if 0 specified */ -- io_align = bio->media->io_align ? bio->media->io_align : 1; -+ /* -+ * If IoAlign is > 1, it should represent the required alignment. However, -+ * some UEFI implementations seem to report IoAlign=2 but require 2^IoAlign. -+ * Some implementation seem to require alignment despite not reporting any -+ * specific requirements. -+ * -+ * Make sure to use buffers which are at least aligned to block size. -+ */ -+ if (bio->media->io_align < bio->media->block_size) -+ io_align = bio->media->block_size; -+ else -+ io_align = bio->media->io_align; -+ - num_bytes = size << disk->log_sector_size; - - if ((grub_addr_t) buf & (io_align - 1)) --- -2.27.0 - diff --git a/backport-disk-ldm-Fix-resource-leak.patch b/backport-disk-ldm-Fix-resource-leak.patch deleted file mode 100644 index 1739577642349d5de2d4d30955d1decdaa404aa9..0000000000000000000000000000000000000000 --- a/backport-disk-ldm-Fix-resource-leak.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 971dd6599d838ed21f38f7261c7bdda59f9bbdae Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Wed, 10 Nov 2021 15:49:29 -0500 -Subject: disk/ldm: Fix resource leak - -Commit 23e39f50ca7a (disk/ldm: Make sure comp data is freed before exiting from -make_vg()) fixed several spots in make_vg() where comp data was leaking memory -when an error was being handled but missed one. To avoid leaking memory, comp -should be freed when an error is being handled after comp has been successfully -allocated memory in the for loop. - -Fixes: 23e39f50ca7a (disk/ldm: Make sure comp data is freed before exiting from make_vg()) -Fixes: CID 73804 - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=971dd6599d838ed21f38f7261c7bdda59f9bbdae - -Signed-off-by: Alec Brown -Reviewed-by: Daniel Kiper ---- - grub-core/disk/ldm.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/grub-core/disk/ldm.c b/grub-core/disk/ldm.c -index 4577a51..337abf7 100644 ---- a/grub-core/disk/ldm.c -+++ b/grub-core/disk/ldm.c -@@ -487,6 +487,7 @@ make_vg (grub_disk_t disk, - ptr = vblk[i].dynamic; - if (ptr + *ptr + 1 >= vblk[i].dynamic + sizeof (vblk[i].dynamic)) - { -+ grub_free (comp); - goto fail2; - } - comp->internal_id = grub_malloc ((grub_size_t) ptr[0] + 2); --- -cgit v1.1 - diff --git a/backport-double-grub-x86_64-efi-mm-pool.patch b/backport-double-grub-x86_64-efi-mm-pool.patch deleted file mode 100644 index 92e2f3d67d8585441d8e473f0bdf87377b8fa0d9..0000000000000000000000000000000000000000 --- a/backport-double-grub-x86_64-efi-mm-pool.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 6d56530bd04534f038f775624e1c4942a8bf95de Mon Sep 17 00:00:00 2001 -From: fengtao -Date: Mon, 14 Feb 2022 16:17:15 +0800 -Subject: [PATCH] double grub x86_64-efi mm pool - -grub2 will construct mm pool by uefi memory function -for grub memory manger, grub_malloc, grub_free, etc. - -but we have limit memory address under x86_64 platform in -commit:456eb8632e7(Try to pick better locations for kernel and initrd) -so, x86_64 can only address available ram under 4GB. - -there comes a problem, when available memory under 4GB is not enough, -and initrd is large, like 200MB~300MB. we got out of memory when -verifiers use grub_malloc. - -Finally, we descide to double grub mm pool when we init it. And what -the point is, we cannot init all of the available memory under 4GB. -you can read commit:5ff84fb244b -(x86-efi: Allow initrd+params+cmdline allocations above 4GB.) - ---- - grub-core/kern/efi/mm.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index f64f79e..50116a6 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -658,7 +658,11 @@ grub_efi_mm_init (void) - /* By default, request a quarter of the available memory. */ - total_pages = get_total_pages (filtered_memory_map, desc_size, - filtered_memory_map_end); -+#if defined(__x86_64__) -+ required_pages = (total_pages >> 1); -+#else - required_pages = (total_pages >> 2); -+#endif - if (required_pages < BYTES_TO_PAGES (MIN_HEAP_SIZE)) - required_pages = BYTES_TO_PAGES (MIN_HEAP_SIZE); - else if (required_pages > BYTES_TO_PAGES (MAX_HEAP_SIZE)) --- -2.27.0 - diff --git a/backport-enable-http-and-https-boot.patch b/backport-enable-http-and-https-boot.patch deleted file mode 100644 index 6b4c91235d42016912dd5774820870b1b2e986a9..0000000000000000000000000000000000000000 --- a/backport-enable-http-and-https-boot.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 354c1679b70fd7f1773ab9bb3fffc7261be42e6b Mon Sep 17 00:00:00 2001 -From: Michael Chang -Date: Wed, 22 Feb 2017 14:27:50 +0800 -Subject: [PATCH] enable http and https boot - -The patch adapts to the open source code for log printing. - -V1: - * Add preliminary support of UEFI networking protocols - * Support UEFI HTTPS Boot - -V2: - * Workaround http data access in firmware - * Fix DNS device path parsing for efinet device - * Relaxed UEFI Protocol requirement - * Support Intel OPA (Omni-Path Architecture) PXE Boot - -V3: - * Fix bufio in calculating address of next_buf - * Check HTTP respond code - * Use HEAD request method to test before GET - * Finish HTTP transaction in one go - * Fix bsc#1076132 - -Reference:https://src.fedoraproject.org/rpms/grub2/blob/f35/f/0095-Support-UEFI-networking-protocols.patch -Conflict:NA - -Signed-off-by: Michael Chang -[pjones: make efi_netfs not duplicate symbols from efinet] -Signed-off-by: Peter Jones ---- - grub-core/net/efi/http.c | 2 ++ - grub-core/net/efi/net.c | 5 +++++ - include/grub/efi/http.h | 4 ++-- - 3 files changed, 9 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/efi/http.c b/grub-core/net/efi/http.c -index fc8cb25..5dfe165 100644 ---- a/grub-core/net/efi/http.c -+++ b/grub-core/net/efi/http.c -@@ -187,6 +187,8 @@ efihttp_request (grub_efi_http_t *http, char *server, char *name, int use_https, - url = grub_xasprintf ("%s://%s%s", protocol, server, name); - } - -+ grub_dprintf ("httpboot", "url: %s\n", url); -+ - if (!url) - { - return grub_errno; -diff --git a/grub-core/net/efi/net.c b/grub-core/net/efi/net.c -index a3f0535..6e3b37f 100644 ---- a/grub-core/net/efi/net.c -+++ b/grub-core/net/efi/net.c -@@ -795,7 +795,10 @@ match_route (const char *server) - err = grub_efi_net_parse_address (server, &ip4, &ip6, &is_ip6, 0); - - if (err) -+ { -+ grub_dprintf ("httpboot", "server parse failed, please check!\n"); - return NULL; -+ } - - if (is_ip6) - { -@@ -1227,6 +1230,8 @@ grub_net_open_real (const char *name __attribute__ ((unused))) - return NULL; - } - -+ grub_dprintf ("httpboot", "server: %s\n", server); -+ - /*FIXME: Use DNS translate name to address */ - net_interface = match_route (server); - -diff --git a/include/grub/efi/http.h b/include/grub/efi/http.h -index c5e9a89..ad164ba 100644 ---- a/include/grub/efi/http.h -+++ b/include/grub/efi/http.h -@@ -171,9 +171,9 @@ typedef struct { - grub_efi_http_request_data_t *request; - grub_efi_http_response_data_t *response; - } data; -- grub_efi_uint32_t header_count; -+ grub_efi_uintn_t header_count; - grub_efi_http_header_t *headers; -- grub_efi_uint32_t body_length; -+ grub_efi_uintn_t body_length; - void *body; - } grub_efi_http_message_t; - --- -2.23.0 - diff --git a/backport-fbutil-Fix-integer-overflow.patch b/backport-fbutil-Fix-integer-overflow.patch deleted file mode 100644 index 41b4ebb0ff0b8b71cefa3dc1028c96e96c40e1be..0000000000000000000000000000000000000000 --- a/backport-fbutil-Fix-integer-overflow.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 1eac01c147b4d85d2ec4a7e5671fa4345f2e8549 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Tue, 6 Sep 2022 03:03:21 +0800 -Subject: [PATCH 09/13] fbutil: Fix integer overflow - -Expressions like u64 = u32 * u32 are unsafe because their products are -truncated to u32 even if left hand side is u64. This patch fixes all -problems like that one in fbutil. - -To get right result not only left hand side have to be u64 but it's also -necessary to cast at least one of the operands of all leaf operators of -right hand side to u64, e.g. u64 = u32 * u32 + u32 * u32 should be -u64 = (u64)u32 * u32 + (u64)u32 * u32. - -For 1-bit bitmaps grub_uint64_t have to be used. It's safe because any -combination of values in (grub_uint64_t)u32 * u32 + u32 expression will -not overflow grub_uint64_t. - -Other expressions like ptr + u32 * u32 + u32 * u32 are also vulnerable. -They should be ptr + (grub_addr_t)u32 * u32 + (grub_addr_t)u32 * u32. - -This patch also adds a comment to grub_video_fb_get_video_ptr() which -says it's arguments must be valid and no sanity check is performed -(like its siblings in grub-core/video/fb/fbutil.c). - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/video/fb/fbutil.c | 4 ++-- - include/grub/fbutil.h | 13 +++++++++---- - 2 files changed, 11 insertions(+), 6 deletions(-) - -diff --git a/grub-core/video/fb/fbutil.c b/grub-core/video/fb/fbutil.c -index b98bb51fe..25ef39f47 100644 ---- a/grub-core/video/fb/fbutil.c -+++ b/grub-core/video/fb/fbutil.c -@@ -67,7 +67,7 @@ get_pixel (struct grub_video_fbblit_info *source, - case 1: - if (source->mode_info->blit_format == GRUB_VIDEO_BLIT_FORMAT_1BIT_PACKED) - { -- int bit_index = y * source->mode_info->width + x; -+ grub_uint64_t bit_index = (grub_uint64_t) y * source->mode_info->width + x; - grub_uint8_t *ptr = source->data + bit_index / 8; - int bit_pos = 7 - bit_index % 8; - color = (*ptr >> bit_pos) & 0x01; -@@ -138,7 +138,7 @@ set_pixel (struct grub_video_fbblit_info *source, - case 1: - if (source->mode_info->blit_format == GRUB_VIDEO_BLIT_FORMAT_1BIT_PACKED) - { -- int bit_index = y * source->mode_info->width + x; -+ grub_uint64_t bit_index = (grub_uint64_t) y * source->mode_info->width + x; - grub_uint8_t *ptr = source->data + bit_index / 8; - int bit_pos = 7 - bit_index % 8; - *ptr = (*ptr & ~(1 << bit_pos)) | ((color & 0x01) << bit_pos); -diff --git a/include/grub/fbutil.h b/include/grub/fbutil.h -index 4205eb917..78a1ab3b4 100644 ---- a/include/grub/fbutil.h -+++ b/include/grub/fbutil.h -@@ -31,14 +31,19 @@ struct grub_video_fbblit_info - grub_uint8_t *data; - }; - --/* Don't use for 1-bit bitmaps, addressing needs to be done at the bit level -- and it doesn't make sense, in general, to ask for a pointer -- to a particular pixel's data. */ -+/* -+ * Don't use for 1-bit bitmaps, addressing needs to be done at the bit level -+ * and it doesn't make sense, in general, to ask for a pointer -+ * to a particular pixel's data. -+ * -+ * This function assumes that bounds checking has been done in previous phase -+ * and they are opted out in here. -+ */ - static inline void * - grub_video_fb_get_video_ptr (struct grub_video_fbblit_info *source, - unsigned int x, unsigned int y) - { -- return source->data + y * source->mode_info->pitch + x * source->mode_info->bytes_per_pixel; -+ return source->data + (grub_addr_t) y * source->mode_info->pitch + (grub_addr_t) x * source->mode_info->bytes_per_pixel; - } - - /* Advance pointer by VAL bytes. If there is no unaligned access available, --- -2.27.0 - diff --git a/backport-fix-misspelled-variable-BUILD_LDFAGS.patch b/backport-fix-misspelled-variable-BUILD_LDFAGS.patch deleted file mode 100644 index 7a8188c544ef5d727b310e8de82326c7629253f3..0000000000000000000000000000000000000000 --- a/backport-fix-misspelled-variable-BUILD_LDFAGS.patch +++ /dev/null @@ -1,30 +0,0 @@ -From d17eddab81eab790689b00172a9ee8351548de82 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Tue, 7 Dec 2021 23:36:31 -0600 -Subject: configure: Fix misspelled variable BUILD_LDFAGS -> BUILD_LDFLAGS - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d17eddab81eab790689b00172a9ee8351548de82 - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 8d1c81a..4f649ed 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1649,7 +1649,7 @@ CC="$BUILD_CC" - CPP="$BUILD_CPP" - CFLAGS="$BUILD_CFLAGS" - CPPFLAGS="$BUILD_CPPFLAGS" --LDFLAGS="$BUILD_LDFAGS" -+LDFLAGS="$BUILD_LDFLAGS" - - unset ac_cv_c_bigendian - unset ac_cv_header_ft2build_h --- -cgit v1.1 - diff --git a/backport-fix-null-pointer-dereference-when-paring-ICMP6_ROUTE.patch b/backport-fix-null-pointer-dereference-when-paring-ICMP6_ROUTE.patch deleted file mode 100644 index a83031c1d8411b718685806238114ebddc34f9c3..0000000000000000000000000000000000000000 --- a/backport-fix-null-pointer-dereference-when-paring-ICMP6_ROUTE.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 9d7f329418139b0604071aee333d621c960915ca Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Thu, 5 May 2022 10:35:14 +0800 -Subject: [PATCH] fix null pointer dereference when paring - ICMP6_ROUTER_ADVERTISE messages - ---- - grub-core/net/icmp6.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/net/icmp6.c b/grub-core/net/icmp6.c -index 56a3ec5..fb88961 100644 ---- a/grub-core/net/icmp6.c -+++ b/grub-core/net/icmp6.c -@@ -480,7 +480,7 @@ grub_net_recv_icmp6_packet (struct grub_net_buff *nb, - - /* May not have gotten slaac info, find a global address on this - card. */ -- if (route_inf == NULL) -+ if (route_inf == NULL && orig_inf != NULL) - { - FOR_NET_NETWORK_LEVEL_INTERFACES (inf) - { --- -2.23.0 - diff --git a/backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch b/backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch deleted file mode 100644 index 340e6996fb936416af247216221534cd8e718629..0000000000000000000000000000000000000000 --- a/backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 22b77b87e10a3a6c9bb9885415bc9a9c678378e6 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 28 Oct 2022 17:29:16 +0800 -Subject: [PATCH 12/13] font: Assign null_font to glyphs in ascii_font_glyph[] - -The calculations in blit_comb() need information from glyph's font, e.g. -grub_font_get_xheight(main_glyph->font). However, main_glyph->font is -NULL if main_glyph comes from ascii_font_glyph[]. Therefore -grub_font_get_*() crashes because of NULL pointer. - -There is already a solution, the null_font. So, assign it to those glyphs -in ascii_font_glyph[]. - -Reported-by: Daniel Axtens -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index cf15dc2f9..3821937e6 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -137,7 +137,7 @@ ascii_glyph_lookup (grub_uint32_t code) - ascii_font_glyph[current]->offset_x = 0; - ascii_font_glyph[current]->offset_y = -2; - ascii_font_glyph[current]->device_width = 8; -- ascii_font_glyph[current]->font = NULL; -+ ascii_font_glyph[current]->font = &null_font; - - grub_memcpy (ascii_font_glyph[current]->bitmap, - &ascii_bitmaps[current * ASCII_BITMAP_SIZE], --- -2.27.0 - diff --git a/backport-font-Assign-null_font-to-unknown_glyph.patch b/backport-font-Assign-null_font-to-unknown_glyph.patch deleted file mode 100644 index 610ed22fa1f5b992310d5c209be79582cd388081..0000000000000000000000000000000000000000 --- a/backport-font-Assign-null_font-to-unknown_glyph.patch +++ /dev/null @@ -1,33 +0,0 @@ -From f6806966478c601a96e1f3e0e5e85cf5036555c0 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 5 Dec 2022 19:29:37 +0800 -Subject: font: Assign null_font to unknown_glyph - -Like glyphs in ascii_font_glyph[], assign null_font to -unknown_glyph->font in order to prevent grub_font_get_*() from -dereferencing NULL pointer. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=f6806966478c601a96e1f3e0e5e85cf5036555c0 -Conflict:NA - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 19a47f8..674043d 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -177,6 +177,7 @@ grub_font_loader_init (void) - unknown_glyph->offset_x = 0; - unknown_glyph->offset_y = -3; - unknown_glyph->device_width = 8; -+ unknown_glyph->font = &null_font; - grub_memcpy (unknown_glyph->bitmap, - unknown_glyph_bitmap, sizeof (unknown_glyph_bitmap)); - --- -cgit v1.1 - diff --git a/backport-font-Check-return-value-of-grub_malloc-in-ascii_glyph_lookup.patch b/backport-font-Check-return-value-of-grub_malloc-in-ascii_glyph_lookup.patch deleted file mode 100644 index e733daa5d0c2f61e8e7f0065f1340956b6a99a83..0000000000000000000000000000000000000000 --- a/backport-font-Check-return-value-of-grub_malloc-in-ascii_glyph_lookup.patch +++ /dev/null @@ -1,40 +0,0 @@ -From d7ed2ebcd69df123fde8ae1ba9163e2b93c47bbf Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 5 Dec 2022 19:29:36 +0800 -Subject: font: Check return value of grub_malloc() in ascii_glyph_lookup() - -There is a problem in ascii_glyph_lookup(). It doesn't check the return -value of grub_malloc(). If memory can't be allocated, then NULL pointer -will be written to. - -This patch fixes the problem by fallbacking to unknown_glyph when -grub_malloc() returns NULL. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=d7ed2ebcd69df123fde8ae1ba9163e2b93c47bbf -Conflict:NA - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 3821937..19a47f8 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -131,6 +131,11 @@ ascii_glyph_lookup (grub_uint32_t code) - { - ascii_font_glyph[current] = - grub_malloc (sizeof (struct grub_font_glyph) + ASCII_BITMAP_SIZE); -+ if (ascii_font_glyph[current] == NULL) -+ { -+ ascii_font_glyph[current] = unknown_glyph; -+ continue; -+ } - - ascii_font_glyph[current]->width = 8; - ascii_font_glyph[current]->height = 16; --- -cgit v1.1 - diff --git a/backport-font-Fix-an-integer-underflow-in-blit_comb.patch b/backport-font-Fix-an-integer-underflow-in-blit_comb.patch deleted file mode 100644 index e28460a7a6319d9408c6a22414f2f65c6952b653..0000000000000000000000000000000000000000 --- a/backport-font-Fix-an-integer-underflow-in-blit_comb.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 992c06191babc1e109caf40d6a07ec6fdef427af Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 24 Oct 2022 08:05:35 +0800 -Subject: [PATCH 10/13] font: Fix an integer underflow in blit_comb() - -The expression (ctx.bounds.height - combining_glyphs[i]->height) / 2 may -evaluate to a very big invalid value even if both ctx.bounds.height and -combining_glyphs[i]->height are small integers. For example, if -ctx.bounds.height is 10 and combining_glyphs[i]->height is 12, this -expression evaluates to 2147483647 (expected -1). This is because -coordinates are allowed to be negative but ctx.bounds.height is an -unsigned int. So, the subtraction operates on unsigned ints and -underflows to a very big value. The division makes things even worse. -The quotient is still an invalid value even if converted back to int. - -This patch fixes the problem by casting ctx.bounds.height to int. As -a result the subtraction will operate on int and grub_uint16_t which -will be promoted to an int. So, the underflow will no longer happen. Other -uses of ctx.bounds.height (and ctx.bounds.width) are also casted to int, -to ensure coordinates are always calculated on signed integers. - -Fixes: CVE-2022-3775 - -Reported-by: Daniel Axtens -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index abd412a5e..3d3d803e8 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -1203,12 +1203,12 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, - ctx.bounds.height = main_glyph->height; - - above_rightx = main_glyph->offset_x + main_glyph->width; -- above_righty = ctx.bounds.y + ctx.bounds.height; -+ above_righty = ctx.bounds.y + (int) ctx.bounds.height; - - above_leftx = main_glyph->offset_x; -- above_lefty = ctx.bounds.y + ctx.bounds.height; -+ above_lefty = ctx.bounds.y + (int) ctx.bounds.height; - -- below_rightx = ctx.bounds.x + ctx.bounds.width; -+ below_rightx = ctx.bounds.x + (int) ctx.bounds.width; - below_righty = ctx.bounds.y; - - comb = grub_unicode_get_comb (glyph_id); -@@ -1221,7 +1221,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, - - if (!combining_glyphs[i]) - continue; -- targetx = (ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x; -+ targetx = ((int) ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x; - /* CGJ is to avoid diacritics reordering. */ - if (comb[i].code - == GRUB_UNICODE_COMBINING_GRAPHEME_JOINER) -@@ -1231,8 +1231,8 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, - case GRUB_UNICODE_COMB_OVERLAY: - do_blit (combining_glyphs[i], - targetx, -- (ctx.bounds.height - combining_glyphs[i]->height) / 2 -- - (ctx.bounds.height + ctx.bounds.y), &ctx); -+ ((int) ctx.bounds.height - combining_glyphs[i]->height) / 2 -+ - ((int) ctx.bounds.height + ctx.bounds.y), &ctx); - if (min_devwidth < combining_glyphs[i]->width) - min_devwidth = combining_glyphs[i]->width; - break; -@@ -1305,7 +1305,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, - /* Fallthrough. */ - case GRUB_UNICODE_STACK_ATTACHED_ABOVE: - do_blit (combining_glyphs[i], targetx, -- -(ctx.bounds.height + ctx.bounds.y + space -+ -((int) ctx.bounds.height + ctx.bounds.y + space - + combining_glyphs[i]->height), &ctx); - if (min_devwidth < combining_glyphs[i]->width) - min_devwidth = combining_glyphs[i]->width; -@@ -1313,7 +1313,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id, - - case GRUB_UNICODE_COMB_HEBREW_DAGESH: - do_blit (combining_glyphs[i], targetx, -- -(ctx.bounds.height / 2 + ctx.bounds.y -+ -((int) ctx.bounds.height / 2 + ctx.bounds.y - + combining_glyphs[i]->height / 2), &ctx); - if (min_devwidth < combining_glyphs[i]->width) - min_devwidth = combining_glyphs[i]->width; --- -2.27.0 - diff --git a/backport-font-Fix-integer-overflow-in-BMP-index.patch b/backport-font-Fix-integer-overflow-in-BMP-index.patch deleted file mode 100644 index e401afca718f5cd127d555688c3511b5c921f438..0000000000000000000000000000000000000000 --- a/backport-font-Fix-integer-overflow-in-BMP-index.patch +++ /dev/null @@ -1,65 +0,0 @@ -From b9396daf1c2e3cdc0a1e69b056852e0769fb24de Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 15 Aug 2022 02:04:58 +0800 -Subject: [PATCH 06/13] font: Fix integer overflow in BMP index - -The BMP index (font->bmp_idx) is designed as a reverse lookup table of -char entries (font->char_index), in order to speed up lookups for BMP -chars (i.e. code < 0x10000). The values in BMP index are the subscripts -of the corresponding char entries, stored in grub_uint16_t, while 0xffff -means not found. - -This patch fixes the problem of large subscript truncated to grub_uint16_t, -leading BMP index to return wrong char entry or report false miss. The -code now checks for bounds and uses BMP index as a hint, and fallbacks -to binary-search if necessary. - -On the occasion add a comment about BMP index is initialized to 0xffff. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 9e3e0a94e..e4cb0d867 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -300,6 +300,8 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct - font->bmp_idx = grub_malloc (0x10000 * sizeof (grub_uint16_t)); - if (!font->bmp_idx) - return 1; -+ -+ /* Init the BMP index array to 0xffff. */ - grub_memset (font->bmp_idx, 0xff, 0x10000 * sizeof (grub_uint16_t)); - - -@@ -328,7 +330,7 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct - return 1; - } - -- if (entry->code < 0x10000) -+ if (entry->code < 0x10000 && i < 0xffff) - font->bmp_idx[entry->code] = i; - - last_code = entry->code; -@@ -696,9 +698,12 @@ find_glyph (const grub_font_t font, grub_uint32_t code) - /* Use BMP index if possible. */ - if (code < 0x10000 && font->bmp_idx) - { -- if (font->bmp_idx[code] == 0xffff) -- return 0; -- return &table[font->bmp_idx[code]]; -+ if (font->bmp_idx[code] < 0xffff) -+ return &table[font->bmp_idx[code]]; -+ /* -+ * When we are here then lookup in BMP index result in miss, -+ * fallthough to binary-search. -+ */ - } - - /* Do a binary search in `char_index', which is ordered by code point. */ --- -2.27.0 - diff --git a/backport-font-Fix-integer-overflow-in-ensure_comb_space.patch b/backport-font-Fix-integer-overflow-in-ensure_comb_space.patch deleted file mode 100644 index 406f4df0219563a8d7891075a88668f7bd79bee6..0000000000000000000000000000000000000000 --- a/backport-font-Fix-integer-overflow-in-ensure_comb_space.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 23843fe8947e4da955a05ad3d1858725bfcb56c8 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 5 Aug 2022 02:27:05 +0800 -Subject: [PATCH 05/13] font: Fix integer overflow in ensure_comb_space() - -In fact it can't overflow at all because glyph_id->ncomb is only 8-bit -wide. But let's keep safe if somebody changes the width of glyph_id->ncomb -in the future. This patch also fixes the inconsistency between -render_max_comb_glyphs and render_combining_glyphs when grub_malloc() -returns NULL. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 14 +++++++++----- - 1 file changed, 9 insertions(+), 5 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index a8576ffec..9e3e0a94e 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -1468,14 +1468,18 @@ ensure_comb_space (const struct grub_unicode_glyph *glyph_id) - if (glyph_id->ncomb <= render_max_comb_glyphs) - return; - -- render_max_comb_glyphs = 2 * glyph_id->ncomb; -- if (render_max_comb_glyphs < 8) -+ if (grub_mul (glyph_id->ncomb, 2, &render_max_comb_glyphs)) -+ render_max_comb_glyphs = 0; -+ if (render_max_comb_glyphs > 0 && render_max_comb_glyphs < 8) - render_max_comb_glyphs = 8; - grub_free (render_combining_glyphs); -- render_combining_glyphs = grub_malloc (render_max_comb_glyphs -- * sizeof (render_combining_glyphs[0])); -+ render_combining_glyphs = (render_max_comb_glyphs > 0) ? -+ grub_calloc (render_max_comb_glyphs, sizeof (render_combining_glyphs[0])) : NULL; - if (!render_combining_glyphs) -- grub_errno = 0; -+ { -+ render_max_comb_glyphs = 0; -+ grub_errno = GRUB_ERR_NONE; -+ } - } - - int --- -2.27.0 - diff --git a/backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch b/backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch deleted file mode 100644 index fb8de3ef8eb6c12bb44095366120429716232d3f..0000000000000000000000000000000000000000 --- a/backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 1d2015598cc7a9fca4b39186273e3519a88e80c7 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Sun, 14 Aug 2022 18:09:38 +0800 -Subject: [PATCH 07/13] font: Fix integer underflow in binary search of char - index - -If search target is less than all entries in font->index then "hi" -variable is set to -1, which translates to SIZE_MAX and leads to errors. - -This patch fixes the problem by replacing the entire binary search code -with the libstdc++'s std::lower_bound() implementation. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 40 ++++++++++++++++++++++------------------ - 1 file changed, 22 insertions(+), 18 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index e4cb0d867..abd412a5e 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -688,12 +688,12 @@ read_be_int16 (grub_file_t file, grub_int16_t * value) - static inline struct char_index_entry * - find_glyph (const grub_font_t font, grub_uint32_t code) - { -- struct char_index_entry *table; -- grub_size_t lo; -- grub_size_t hi; -- grub_size_t mid; -+ struct char_index_entry *table, *first, *end; -+ grub_size_t len; - - table = font->char_index; -+ if (table == NULL) -+ return NULL; - - /* Use BMP index if possible. */ - if (code < 0x10000 && font->bmp_idx) -@@ -706,25 +706,29 @@ find_glyph (const grub_font_t font, grub_uint32_t code) - */ - } - -- /* Do a binary search in `char_index', which is ordered by code point. */ -- lo = 0; -- hi = font->num_chars - 1; -- -- if (!table) -- return 0; -+ /* -+ * Do a binary search in char_index which is ordered by code point. -+ * The code below is the same as libstdc++'s std::lower_bound(). -+ */ -+ first = table; -+ len = font->num_chars; -+ end = first + len; - -- while (lo <= hi) -+ while (len > 0) - { -- mid = lo + (hi - lo) / 2; -- if (code < table[mid].code) -- hi = mid - 1; -- else if (code > table[mid].code) -- lo = mid + 1; -+ grub_size_t half = len >> 1; -+ struct char_index_entry *middle = first + half; -+ -+ if (middle->code < code) -+ { -+ first = middle + 1; -+ len = len - half - 1; -+ } - else -- return &table[mid]; -+ len = half; - } - -- return 0; -+ return (first < end && first->code == code) ? first : NULL; - } - - /* Get a glyph for the Unicode character CODE in FONT. The glyph is loaded --- -2.27.0 - diff --git a/backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch b/backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch deleted file mode 100644 index ed813511ca8d1a1fc7120e7ab6a40ba2b7aa3247..0000000000000000000000000000000000000000 --- a/backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 768e1ef2fc159f6e14e7246e4be09363708ac39e Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 5 Aug 2022 01:58:27 +0800 -Subject: [PATCH 03/13] font: Fix several integer overflows in - grub_font_construct_glyph() - -This patch fixes several integer overflows in grub_font_construct_glyph(). -Glyphs of invalid size, zero or leading to an overflow, are rejected. -The inconsistency between "glyph" and "max_glyph_size" when grub_malloc() -returns NULL is fixed too. - -Fixes: CVE-2022-2601 - -Reported-by: Zhang Boyang -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 29 +++++++++++++++++------------ - 1 file changed, 17 insertions(+), 12 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index e781521a7..e6548892f 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -1517,6 +1517,7 @@ grub_font_construct_glyph (grub_font_t hinted_font, - struct grub_video_signed_rect bounds; - static struct grub_font_glyph *glyph = 0; - static grub_size_t max_glyph_size = 0; -+ grub_size_t cur_glyph_size; - - ensure_comb_space (glyph_id); - -@@ -1533,29 +1534,33 @@ grub_font_construct_glyph (grub_font_t hinted_font, - if (!glyph_id->ncomb && !glyph_id->attributes) - return main_glyph; - -- if (max_glyph_size < sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT) -+ if (grub_video_bitmap_calc_1bpp_bufsz (bounds.width, bounds.height, &cur_glyph_size) || -+ grub_add (sizeof (*glyph), cur_glyph_size, &cur_glyph_size)) -+ return main_glyph; -+ -+ if (max_glyph_size < cur_glyph_size) - { - grub_free (glyph); -- max_glyph_size = (sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT) * 2; -- if (max_glyph_size < 8) -- max_glyph_size = 8; -- glyph = grub_malloc (max_glyph_size); -+ if (grub_mul (cur_glyph_size, 2, &max_glyph_size)) -+ max_glyph_size = 0; -+ glyph = max_glyph_size > 0 ? grub_malloc (max_glyph_size) : NULL; - } - if (!glyph) - { -+ max_glyph_size = 0; - grub_errno = GRUB_ERR_NONE; - return main_glyph; - } - -- grub_memset (glyph, 0, sizeof (*glyph) -- + (bounds.width * bounds.height -- + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT); -+ grub_memset (glyph, 0, cur_glyph_size); - - glyph->font = main_glyph->font; -- glyph->width = bounds.width; -- glyph->height = bounds.height; -- glyph->offset_x = bounds.x; -- glyph->offset_y = bounds.y; -+ if (bounds.width == 0 || bounds.height == 0 || -+ grub_cast (bounds.width, &glyph->width) || -+ grub_cast (bounds.height, &glyph->height) || -+ grub_cast (bounds.x, &glyph->offset_x) || -+ grub_cast (bounds.y, &glyph->offset_y)) -+ return main_glyph; - - if (glyph_id->attributes & GRUB_UNICODE_GLYPH_ATTRIBUTE_MIRROR) - grub_font_blit_glyph_mirror (glyph, main_glyph, --- -2.27.0 - diff --git a/backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch b/backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch deleted file mode 100644 index 5efb3962f1ed38888fea94037532aa0b7570d9e9..0000000000000000000000000000000000000000 --- a/backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch +++ /dev/null @@ -1,113 +0,0 @@ -From 9c76ec09ae08155df27cd237eaea150b4f02f532 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 5 Aug 2022 00:51:20 +0800 -Subject: [PATCH 02/13] font: Fix size overflow in - grub_font_get_glyph_internal() - -The length of memory allocation and file read may overflow. This patch -fixes the problem by using safemath macros. - -There is a lot of code repetition like "(x * y + 7) / 8". It is unsafe -if overflow happens. This patch introduces grub_video_bitmap_calc_1bpp_bufsz(). -It is safe replacement for such code. It has safemath-like prototype. - -This patch also introduces grub_cast(value, pointer), it casts value to -typeof(*pointer) then store the value to *pointer. It returns true when -overflow occurs or false if there is no overflow. The semantics of arguments -and return value are designed to be consistent with other safemath macros. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 17 +++++++++++++---- - include/grub/bitmap.h | 18 ++++++++++++++++++ - include/grub/safemath.h | 2 ++ - 3 files changed, 33 insertions(+), 4 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 756ca0abf..e781521a7 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -739,7 +739,8 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) - grub_int16_t xoff; - grub_int16_t yoff; - grub_int16_t dwidth; -- int len; -+ grub_ssize_t len; -+ grub_size_t sz; - - if (index_entry->glyph) - /* Return cached glyph. */ -@@ -768,9 +769,17 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) - return 0; - } - -- len = (width * height + 7) / 8; -- glyph = grub_malloc (sizeof (struct grub_font_glyph) + len); -- if (!glyph) -+ /* Calculate real struct size of current glyph. */ -+ if (grub_video_bitmap_calc_1bpp_bufsz (width, height, &len) || -+ grub_add (sizeof (struct grub_font_glyph), len, &sz)) -+ { -+ remove_font (font); -+ return 0; -+ } -+ -+ /* Allocate and initialize the glyph struct. */ -+ glyph = grub_malloc (sz); -+ if (glyph == NULL) - { - remove_font (font); - return 0; -diff --git a/include/grub/bitmap.h b/include/grub/bitmap.h -index 149d37bfe..431048936 100644 ---- a/include/grub/bitmap.h -+++ b/include/grub/bitmap.h -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - #define IMAGE_HW_MAX_PX 16384 - -@@ -81,6 +82,23 @@ grub_video_bitmap_get_height (struct grub_video_bitmap *bitmap) - return bitmap->mode_info.height; - } - -+/* -+ * Calculate and store the size of data buffer of 1bit bitmap in result. -+ * Equivalent to "*result = (width * height + 7) / 8" if no overflow occurs. -+ * Return true when overflow occurs or false if there is no overflow. -+ * This function is intentionally implemented as a macro instead of -+ * an inline function. Although a bit awkward, it preserves data types for -+ * safemath macros and reduces macro side effects as much as possible. -+ * -+ * XXX: Will report false overflow if width * height > UINT64_MAX. -+ */ -+#define grub_video_bitmap_calc_1bpp_bufsz(width, height, result) \ -+({ \ -+ grub_uint64_t _bitmap_pixels; \ -+ grub_mul ((width), (height), &_bitmap_pixels) ? 1 : \ -+ grub_cast (_bitmap_pixels / GRUB_CHAR_BIT + !!(_bitmap_pixels % GRUB_CHAR_BIT), (result)); \ -+}) -+ - void EXPORT_FUNC (grub_video_bitmap_get_mode_info) (struct grub_video_bitmap *bitmap, - struct grub_video_mode_info *mode_info); - -diff --git a/include/grub/safemath.h b/include/grub/safemath.h -index 51290d355..fbd9b5925 100644 ---- a/include/grub/safemath.h -+++ b/include/grub/safemath.h -@@ -30,6 +30,8 @@ - #define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res) - #define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res) - -+#define grub_cast(a, res) grub_add ((a), 0, (res)) -+ - #else - #error gcc 5.1 or newer or clang 3.8 or newer is required - #endif --- -2.27.0 - diff --git a/backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch b/backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch deleted file mode 100644 index 9ab61596c64acbfae2b3290904f17230fc0467a4..0000000000000000000000000000000000000000 --- a/backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 9d81f71c6b8f55cf20cd56f5fe29c759df9b48cc Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 24 Oct 2022 07:15:41 +0800 -Subject: [PATCH 11/13] font: Harden grub_font_blit_glyph() and - grub_font_blit_glyph_mirror() - -As a mitigation and hardening measure add sanity checks to -grub_font_blit_glyph() and grub_font_blit_glyph_mirror(). This patch -makes these two functions do nothing if target blitting area isn't fully -contained in target bitmap. Therefore, if complex calculations in caller -overflows and malicious coordinates are given, we are still safe because -any coordinates which result in out-of-bound-write are rejected. However, -this patch only checks for invalid coordinates, and doesn't provide any -protection against invalid source glyph or destination glyph, e.g. -mismatch between glyph size and buffer size. - -This hardening measure is designed to mitigate possible overflows in -blit_comb(). If overflow occurs, it may return invalid bounding box -during dry run and call grub_font_blit_glyph() with malicious -coordinates during actual blitting. However, we are still safe because -the scratch glyph itself is valid, although its size makes no sense, and -any invalid coordinates are rejected. - -It would be better to call grub_fatal() if illegal parameter is detected. -However, doing this may end up in a dangerous recursion because grub_fatal() -would print messages to the screen and we are in the progress of drawing -characters on the screen. - -Reported-by: Daniel Axtens -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 3d3d803e8..cf15dc2f9 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -1069,8 +1069,15 @@ static void - grub_font_blit_glyph (struct grub_font_glyph *target, - struct grub_font_glyph *src, unsigned dx, unsigned dy) - { -+ grub_uint16_t max_x, max_y; - unsigned src_bit, tgt_bit, src_byte, tgt_byte; - unsigned i, j; -+ -+ /* Harden against out-of-bound writes. */ -+ if ((grub_add (dx, src->width, &max_x) || max_x > target->width) || -+ (grub_add (dy, src->height, &max_y) || max_y > target->height)) -+ return; -+ - for (i = 0; i < src->height; i++) - { - src_bit = (src->width * i) % 8; -@@ -1102,9 +1109,16 @@ grub_font_blit_glyph_mirror (struct grub_font_glyph *target, - struct grub_font_glyph *src, - unsigned dx, unsigned dy) - { -+ grub_uint16_t max_x, max_y; - unsigned tgt_bit, src_byte, tgt_byte; - signed src_bit; - unsigned i, j; -+ -+ /* Harden against out-of-bound writes. */ -+ if ((grub_add (dx, src->width, &max_x) || max_x > target->width) || -+ (grub_add (dy, src->height, &max_y) || max_y > target->height)) -+ return; -+ - for (i = 0; i < src->height; i++) - { - src_bit = (src->width * i + src->width - 1) % 8; --- -2.27.0 - diff --git a/backport-font-Reject-fonts-with-negative-max_char_width-or-max_char_height.patch b/backport-font-Reject-fonts-with-negative-max_char_width-or-max_char_height.patch deleted file mode 100644 index b3bd71fb4be37c288c3bfd088f4931011f66fae1..0000000000000000000000000000000000000000 --- a/backport-font-Reject-fonts-with-negative-max_char_width-or-max_char_height.patch +++ /dev/null @@ -1,36 +0,0 @@ -From faca60df7686a9a3ad9693e8a7b2c6a3a823d133 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Mon, 5 Dec 2022 19:29:38 +0800 -Subject: font: Reject fonts with negative max_char_width or max_char_height - -If max_char_width or max_char_height are negative wrong values can be propagated -by grub_font_get_max_char_width() or grub_font_get_max_char_height(). Prevent -this from happening. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=faca60df7686a9a3ad9693e8a7b2c6a3a823d133 -Conflict:NA - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 674043d..24adcb3 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -644,8 +644,8 @@ grub_font_load (const char *filename) - font->max_char_width, font->max_char_height, font->num_chars); - #endif - -- if (font->max_char_width == 0 -- || font->max_char_height == 0 -+ if (font->max_char_width <= 0 -+ || font->max_char_height <= 0 - || font->num_chars == 0 - || font->char_index == 0 || font->ascent == 0 || font->descent == 0) - { --- -cgit v1.1 - diff --git a/backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch b/backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch deleted file mode 100644 index ed6b0eb3db83c381a44833c612e3bd67f260f750..0000000000000000000000000000000000000000 --- a/backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch +++ /dev/null @@ -1,33 +0,0 @@ -From f6b6236077f059e64ee315f2d7acb8fa4eda87c5 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Wed, 3 Aug 2022 19:45:33 +0800 -Subject: [PATCH 01/13] font: Reject glyphs exceeds font->max_glyph_width or - font->max_glyph_height - -Check glyph's width and height against limits specified in font's -metadata. Reject the glyph (and font) if such limits are exceeded. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index 42189c325..756ca0abf 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -760,7 +760,9 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code) - || read_be_uint16 (font->file, &height) != 0 - || read_be_int16 (font->file, &xoff) != 0 - || read_be_int16 (font->file, &yoff) != 0 -- || read_be_int16 (font->file, &dwidth) != 0) -+ || read_be_int16 (font->file, &dwidth) != 0 -+ || width > font->max_char_width -+ || height > font->max_char_height) - { - remove_font (font); - return 0; --- -2.27.0 - diff --git a/backport-font-Remove-grub_font_dup_glyph.patch b/backport-font-Remove-grub_font_dup_glyph.patch deleted file mode 100644 index 60d735ce9b1befc018bead6e4ffb0d6e5e2b9775..0000000000000000000000000000000000000000 --- a/backport-font-Remove-grub_font_dup_glyph.patch +++ /dev/null @@ -1,42 +0,0 @@ -From c51292274ded3259eb04c2f1c8d253ffbdb5216a Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 5 Aug 2022 02:13:29 +0800 -Subject: [PATCH 04/13] font: Remove grub_font_dup_glyph() - -Remove grub_font_dup_glyph() since nobody is using it since 2013, and -I'm too lazy to fix the integer overflow problem in it. - -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/font/font.c | 14 -------------- - 1 file changed, 14 deletions(-) - -diff --git a/grub-core/font/font.c b/grub-core/font/font.c -index e6548892f..a8576ffec 100644 ---- a/grub-core/font/font.c -+++ b/grub-core/font/font.c -@@ -1055,20 +1055,6 @@ grub_font_get_glyph_with_fallback (grub_font_t font, grub_uint32_t code) - return best_glyph; - } - --#if 0 --static struct grub_font_glyph * --grub_font_dup_glyph (struct grub_font_glyph *glyph) --{ -- static struct grub_font_glyph *ret; -- ret = grub_malloc (sizeof (*ret) + (glyph->width * glyph->height + 7) / 8); -- if (!ret) -- return NULL; -- grub_memcpy (ret, glyph, sizeof (*ret) -- + (glyph->width * glyph->height + 7) / 8); -- return ret; --} --#endif -- - /* FIXME: suboptimal. */ - static void - grub_font_blit_glyph (struct grub_font_glyph *target, --- -2.27.0 - diff --git a/backport-fs-affs-Fix-resource-leaks.patch b/backport-fs-affs-Fix-resource-leaks.patch deleted file mode 100644 index 85a6afba548b30a3ae7630439715ef350f239cb6..0000000000000000000000000000000000000000 --- a/backport-fs-affs-Fix-resource-leaks.patch +++ /dev/null @@ -1,65 +0,0 @@ -From ebf32bc4e9561800b9fda59560277cbee6302643 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Wed, 2 Feb 2022 19:08:21 -0500 -Subject: fs/affs: Fix resource leaks - -In commit 178ac5107389 (affs: Fix memory leaks), fixes were made to -grub_affs_iterate_dir() to prevent memory leaks from occurring after it -returns without freeing node. However, there were still some instances -where node was causing a memory leak when the function returns after -calling grub_affs_create_node(). In this function, new memory is -allocated to node but doesn't get freed until the hook() function is -called near the end. Before hook() is called, node should be freed in -grub_affs_create_node() before returning out of it. - -Fixes: 178ac5107389 (affs: Fix memory leaks) -Fixes: CID 73759 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=ebf32bc4e9561800b9fda59560277cbee6302643 - ---- - grub-core/fs/affs.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c -index cafcd0f..7b9e620 100644 ---- a/grub-core/fs/affs.c -+++ b/grub-core/fs/affs.c -@@ -370,17 +370,26 @@ grub_affs_create_node (grub_fshelp_node_t dir, - GRUB_DISK_SECTOR_SIZE - GRUB_AFFS_FILE_LOCATION, - sizeof ((*node)->di), (char *) &(*node)->di); - if (err) -- return 1; -+ { -+ grub_free (*node); -+ return 1; -+ } - continue; - } - default: -- return 0; -+ { -+ grub_free (*node); -+ return 0; -+ } - } - break; - } - - if (nest == 8) -- return 0; -+ { -+ grub_free (*node); -+ return 0; -+ } - - type |= GRUB_FSHELP_CASE_INSENSITIVE; - --- -cgit v1.1 - diff --git a/backport-fs-fat-Dont-error-when-mtime-is-0.patch b/backport-fs-fat-Dont-error-when-mtime-is-0.patch deleted file mode 100644 index 7d4e0f27a8b50811a7147e92db520855e0f9eec8..0000000000000000000000000000000000000000 --- a/backport-fs-fat-Dont-error-when-mtime-is-0.patch +++ /dev/null @@ -1,69 +0,0 @@ -From e43f3d93b28cce852c110c7a8e40d8311bcd8bb1 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Fri, 15 Jul 2022 16:13:02 -0400 -Subject: fs/fat: Don't error when mtime is 0 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In the wild, we occasionally see valid ESPs where some file modification -times are 0. For instance: - - ├── [Dec 31 1979] EFI - │ ├── [Dec 31 1979] BOOT - │ │ ├── [Dec 31 1979] BOOTX64.EFI - │ │ └── [Dec 31 1979] fbx64.efi - │ └── [Jun 27 02:41] fedora - │ ├── [Dec 31 1979] BOOTX64.CSV - │ ├── [Dec 31 1979] fonts - │ ├── [Mar 14 03:35] fw - │ │ ├── [Mar 14 03:35] fwupd-359c1169-abd6-4a0d-8bce-e4d4713335c1.cap - │ │ ├── [Mar 14 03:34] fwupd-9d255c4b-2d88-4861-860d-7ee52ade9463.cap - │ │ └── [Mar 14 03:34] fwupd-b36438d8-9128-49d2-b280-487be02d948b.cap - │ ├── [Dec 31 1979] fwupdx64.efi - │ ├── [May 10 10:47] grub.cfg - │ ├── [Jun 3 12:38] grub.cfg.new.new - │ ├── [May 10 10:41] grub.cfg.old - │ ├── [Jun 27 02:41] grubenv - │ ├── [Dec 31 1979] grubx64.efi - │ ├── [Dec 31 1979] mmx64.efi - │ ├── [Dec 31 1979] shim.efi - │ ├── [Dec 31 1979] shimx64.efi - │ └── [Dec 31 1979] shimx64-fedora.efi - └── [Dec 31 1979] FSCK0000.REC - - 5 directories, 17 files - -This causes grub-probe failure, which in turn causes grub-mkconfig -failure. They are valid filesystems that appear intact, and the Linux -FAT stack is able to mount and manipulate them without complaint. - -The check for mtime of 0 has been present since -20def1a3c3952982395cd7c3ea7e78638527962b (fat: support file -modification times). - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=e43f3d93b28cce852c110c7a8e40d8311bcd8bb1 -Conflict:NA - -Signed-off-by: Robbie Harwood -Reviewed-by: Daniel Kiper ---- - grub-core/fs/fat.c | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/grub-core/fs/fat.c b/grub-core/fs/fat.c -index 0951b2e..c5efed7 100644 ---- a/grub-core/fs/fat.c -+++ b/grub-core/fs/fat.c -@@ -1027,9 +1027,6 @@ grub_fat_dir (grub_device_t device, const char *path, grub_fs_dir_hook_t hook, - grub_le_to_cpu16 (ctxt.dir.w_date), - &info.mtime); - #endif -- if (info.mtimeset == 0) -- grub_error (GRUB_ERR_OUT_OF_RANGE, -- "invalid modification timestamp for %s", path); - - if (hook (ctxt.filename, &info, hook_data)) - break; --- -cgit v1.1 diff --git a/backport-fs-iso9660-Add-check-to-prevent-infinite-loop.patch b/backport-fs-iso9660-Add-check-to-prevent-infinite-loop.patch deleted file mode 100644 index e7715501b42654f70d92ccd9e0eb1a9493636470..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Add-check-to-prevent-infinite-loop.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 4e0bab34ece7b757a1b96be59ba54a009a5cc354 Mon Sep 17 00:00:00 2001 -From: Lidong Chen -Date: Fri, 20 Jan 2023 19:39:38 +0000 -Subject: fs/iso9660: Add check to prevent infinite loop - -There is no check for the end of block when reading -directory extents. It resulted in read_node() always -read from the same offset in the while loop, thus -caused infinite loop. The fix added a check for the -end of the block and ensure the read is within directory -boundary. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/patch/?id=4e0bab34ece7b757a1b96be59ba54a009a5cc354 -Conflict:NA - -Signed-off-by: Lidong Chen -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index df9f778..24d84a5 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -801,6 +801,16 @@ grub_iso9660_iterate_dir (grub_fshelp_node_t dir, - while (dirent.flags & FLAG_MORE_EXTENTS) - { - offset += dirent.len; -+ -+ /* offset should within the dir's len. */ -+ if (offset > len) -+ { -+ if (ctx.filename_alloc) -+ grub_free (ctx.filename); -+ grub_free (node); -+ return 0; -+ } -+ - if (read_node (dir, offset, sizeof (dirent), (char *) &dirent)) - { - if (ctx.filename_alloc) -@@ -808,6 +818,18 @@ grub_iso9660_iterate_dir (grub_fshelp_node_t dir, - grub_free (node); - return 0; - } -+ -+ /* -+ * It is either the end of block or zero-padded sector, -+ * skip to the next block. -+ */ -+ if (!dirent.len) -+ { -+ offset = (offset / GRUB_ISO9660_BLKSZ + 1) * GRUB_ISO9660_BLKSZ; -+ dirent.flags |= FLAG_MORE_EXTENTS; -+ continue; -+ } -+ - if (node->have_dirents >= node->alloc_dirents) - { - struct grub_fshelp_node *new_node; --- -cgit v1.1 - diff --git a/backport-fs-iso9660-Avoid-reading-past-the-entry-boundary.patch b/backport-fs-iso9660-Avoid-reading-past-the-entry-boundary.patch deleted file mode 100644 index 682d7acf09ea0f318c5949e6fccf631ed52da6df..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Avoid-reading-past-the-entry-boundary.patch +++ /dev/null @@ -1,54 +0,0 @@ -From c44b1428c4c7d2bb01359fd885720af87e10b1b2 Mon Sep 17 00:00:00 2001 -From: Lidong Chen -Date: Fri, 20 Jan 2023 19:39:40 +0000 -Subject: fs/iso9660: Avoid reading past the entry boundary - -Added a check for the SP entry data boundary before reading it. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=c44b1428c4c7d2bb01359fd885720af87e10b1b2 -Conflict:NA - -Signed-off-by: Lidong Chen -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 16 ++++++++++++++-- - 1 file changed, 14 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index 230048a..ecf6bbe 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -415,6 +415,9 @@ set_rockridge (struct grub_iso9660_data *data) - if (!sua_size) - return GRUB_ERR_NONE; - -+ if (sua_size < GRUB_ISO9660_SUSP_HEADER_SZ) -+ return grub_error (GRUB_ERR_BAD_FS, "invalid rock ridge entry size"); -+ - sua = grub_malloc (sua_size); - if (! sua) - return grub_errno; -@@ -441,8 +444,17 @@ set_rockridge (struct grub_iso9660_data *data) - rootnode.have_symlink = 0; - rootnode.dirents[0] = data->voldesc.rootdir; - -- /* The 2nd data byte stored how many bytes are skipped every time -- to get to the SUA (System Usage Area). */ -+ /* The size of SP (version 1) is fixed to 7. */ -+ if (sua_size < 7 || entry->len < 7) -+ { -+ grub_free (sua); -+ return grub_error (GRUB_ERR_BAD_FS, "corrupted rock ridge entry"); -+ } -+ -+ /* -+ * The 2nd data byte stored how many bytes are skipped every time -+ * to get to the SUA (System Usage Area). -+ */ - data->susp_skip = entry->data[2]; - entry = (struct grub_iso9660_susp_entry *) ((char *) entry + entry->len); - --- -cgit v1.1 - diff --git a/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch b/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch deleted file mode 100644 index 81bb3fa071092510cd8ce77216f65225ba7a3d7a..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 7338cbe91a24ee9639597a0d8bebc32b8b46c26c Mon Sep 17 00:00:00 2001 -From: "t.feng" -Date: Tue, 29 Nov 2022 17:14:13 +0800 -Subject: [PATCH] fs/iso9660: Fix memory leaks in grub_iso9660_susp_iterate() - -Fixes: 99373ce47 (* grub-core/fs/iso9660.c: Remove nested functions) - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=7338cbe91a24ee9639597a0d8bebc32b8b46c26c -Conflict:NA - -Signed-off-by: t.feng -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index 91817ec1f..df9f7783b 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -279,7 +279,10 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - /* Load a part of the System Usage Area. */ - err = read_node (node, off, sua_size, sua); - if (err) -- return err; -+ { -+ grub_free (sua); -+ return err; -+ } - - for (entry = (struct grub_iso9660_susp_entry *) sua; (char *) entry < (char *) sua + sua_size - 1 && entry->len > 0; - entry = (struct grub_iso9660_susp_entry *) -@@ -309,7 +312,10 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - err = grub_disk_read (node->data->disk, ce_block, off, - sua_size, sua); - if (err) -- return err; -+ { -+ grub_free (sua); -+ return err; -+ } - - entry = (struct grub_iso9660_susp_entry *) sua; - } --- -2.28.0.windows.1 - diff --git a/backport-fs-iso9660-Incorrect-check-for-entry-boundary.patch b/backport-fs-iso9660-Incorrect-check-for-entry-boundary.patch deleted file mode 100644 index ec0d5da42258839d1f8d31fb9238ea5aff8048cc..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Incorrect-check-for-entry-boundary.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 77f657dc9e67a1fd6b1941609a4ed798e99bcae2 Mon Sep 17 00:00:00 2001 -From: Lidong Chen -Date: Fri, 20 Jan 2023 19:39:41 +0000 -Subject: fs/iso9660: Incorrect check for entry boundary - -An SL entry consists of the entry info and the component area. -The entry info should take up 5 bytes instead of sizeof(*entry). -The area after the first 5 bytes is the component area. It is -incorrect to use the sizeof(*entry) to check the entry boundary. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=77f657dc9e67a1fd6b1941609a4ed798e99bcae2 -Conflict:NA - -Signed-off-by: Lidong Chen -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 17 +++++++++++++++-- - 1 file changed, 15 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index ecf6bbe..64ea3d4 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -669,10 +669,23 @@ susp_iterate_dir (struct grub_iso9660_susp_entry *entry, - else if (grub_strncmp ("SL", (char *) entry->sig, 2) == 0) - { - unsigned int pos = 1; -+ unsigned int csize; - -- /* The symlink is not stored as a POSIX symlink, translate it. */ -- while (pos + sizeof (*entry) < entry->len) -+ /* The symlink is not stored as a POSIX symlink, translate it. */ -+ while ((pos + GRUB_ISO9660_SUSP_HEADER_SZ + 1) < entry->len) - { -+ /* -+ * entry->len is GRUB_ISO9660_SUSP_HEADER_SZ + 1 (the FLAGS) + -+ * length of the "Component Area". The length of a component -+ * record is 2 (pos and pos + 1) plus the "Component Content", -+ * of which starts at pos + 2. entry->data[pos] is the -+ * "Component Flags"; entry->data[pos + 1] is the length -+ * of the component. -+ */ -+ csize = entry->data[pos + 1] + 2; -+ if (GRUB_ISO9660_SUSP_HEADER_SZ + 1 + csize > entry->len) -+ break; -+ - /* The current position is the `Component Flag'. */ - switch (entry->data[pos] & 30) - { --- -cgit v1.1 - diff --git a/backport-fs-iso9660-Prevent-read-past-the-end-of-system-use-area.patch b/backport-fs-iso9660-Prevent-read-past-the-end-of-system-use-area.patch deleted file mode 100644 index 8cd79b061dfec53be3fb9b63b3ba011127203363..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Prevent-read-past-the-end-of-system-use-area.patch +++ /dev/null @@ -1,95 +0,0 @@ -From 8f41d35fcecb65746b60aaa99936cbbdf5fb27ba Mon Sep 17 00:00:00 2001 -From: Lidong Chen -Date: Wed, 1 Feb 2023 17:08:44 +0100 -Subject: fs/iso9660: Prevent read past the end of system use area - -In the code, the for loop advanced the entry pointer to the next entry before -checking if the next entry is within the system use area boundary. Another -issue in the code was that there is no check for the size of system use area. -For a corrupted system, the size of system use area can be less than the size -of minimum SUSP entry size (4 bytes). These can cause buffer overrun. The fixes -added the checks to ensure the read is valid and within the boundary. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=8f41d35fcecb65746b60aaa99936cbbdf5fb27ba -Conflict:NA - -Signed-off-by: Lidong Chen -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 30 +++++++++++++++++++++++++++--- - 1 file changed, 27 insertions(+), 3 deletions(-) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index 24d84a5..230048a 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -49,6 +49,8 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define GRUB_ISO9660_VOLDESC_PART 3 - #define GRUB_ISO9660_VOLDESC_END 255 - -+#define GRUB_ISO9660_SUSP_HEADER_SZ 4 -+ - /* The head of a volume descriptor. */ - struct grub_iso9660_voldesc - { -@@ -272,6 +274,9 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - if (sua_size <= 0) - return GRUB_ERR_NONE; - -+ if (sua_size < GRUB_ISO9660_SUSP_HEADER_SZ) -+ return grub_error (GRUB_ERR_BAD_FS, "invalid susp entry size"); -+ - sua = grub_malloc (sua_size); - if (!sua) - return grub_errno; -@@ -284,10 +289,14 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - return err; - } - -- for (entry = (struct grub_iso9660_susp_entry *) sua; (char *) entry < (char *) sua + sua_size - 1 && entry->len > 0; -- entry = (struct grub_iso9660_susp_entry *) -- ((char *) entry + entry->len)) -+ entry = (struct grub_iso9660_susp_entry *) sua; -+ -+ while (entry->len > 0) - { -+ /* Ensure the entry is within System Use Area. */ -+ if ((char *) entry + entry->len > (sua + sua_size)) -+ break; -+ - /* The last entry. */ - if (grub_strncmp ((char *) entry->sig, "ST", 2) == 0) - break; -@@ -303,6 +312,16 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - off = grub_le_to_cpu32 (ce->off); - ce_block = grub_le_to_cpu32 (ce->blk) << GRUB_ISO9660_LOG2_BLKSZ; - -+ if (sua_size <= 0) -+ break; -+ -+ if (sua_size < GRUB_ISO9660_SUSP_HEADER_SZ) -+ { -+ grub_free (sua); -+ return grub_error (GRUB_ERR_BAD_FS, -+ "invalid continuation area in CE entry"); -+ } -+ - grub_free (sua); - sua = grub_malloc (sua_size); - if (!sua) -@@ -325,6 +344,11 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - grub_free (sua); - return 0; - } -+ -+ entry = (struct grub_iso9660_susp_entry *) ((char *) entry + entry->len); -+ -+ if (((sua + sua_size) - (char *) entry) < GRUB_ISO9660_SUSP_HEADER_SZ) -+ break; - } - - grub_free (sua); --- -cgit v1.1 - diff --git a/backport-fs-iso9660-Prevent-skipping-CE-or-ST-at-start-of-continuation-area.patch b/backport-fs-iso9660-Prevent-skipping-CE-or-ST-at-start-of-continuation-area.patch deleted file mode 100644 index 25f31c3ee5e5e63ef9065dcb2a0692d377980dc0..0000000000000000000000000000000000000000 --- a/backport-fs-iso9660-Prevent-skipping-CE-or-ST-at-start-of-continuation-area.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 2a96eab759aff74c2a214da66eefeb1e770c0820 Mon Sep 17 00:00:00 2001 -From: Thomas Schmitt -Date: Wed, 1 Feb 2023 17:28:49 +0100 -Subject: fs/iso9660: Prevent skipping CE or ST at start of continuation area - -If processing of a SUSP CE entry leads to a continuation area which -begins by entry CE or ST, then these entries were skipped without -interpretation. In case of CE this would lead to premature end of -processing the SUSP entries of the file. In case of ST this could -cause following non-SUSP bytes to be interpreted as SUSP entries. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=2a96eab759aff74c2a214da66eefeb1e770c0820 -Conflict:NA - -Signed-off-by: Thomas Schmitt -Tested-by: Lidong Chen -Reviewed-by: Thomas Schmitt -Reviewed-by: Daniel Kiper ---- - grub-core/fs/iso9660.c | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c -index 64ea3d4..acccf5f 100644 ---- a/grub-core/fs/iso9660.c -+++ b/grub-core/fs/iso9660.c -@@ -50,6 +50,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define GRUB_ISO9660_VOLDESC_END 255 - - #define GRUB_ISO9660_SUSP_HEADER_SZ 4 -+#define GRUB_ISO9660_MAX_CE_HOPS 100000 - - /* The head of a volume descriptor. */ - struct grub_iso9660_voldesc -@@ -270,6 +271,7 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - char *sua; - struct grub_iso9660_susp_entry *entry; - grub_err_t err; -+ int ce_counter = 0; - - if (sua_size <= 0) - return GRUB_ERR_NONE; -@@ -307,6 +309,13 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - struct grub_iso9660_susp_ce *ce; - grub_disk_addr_t ce_block; - -+ if (++ce_counter > GRUB_ISO9660_MAX_CE_HOPS) -+ { -+ grub_free (sua); -+ return grub_error (GRUB_ERR_BAD_FS, -+ "suspecting endless CE loop"); -+ } -+ - ce = (struct grub_iso9660_susp_ce *) entry; - sua_size = grub_le_to_cpu32 (ce->len); - off = grub_le_to_cpu32 (ce->off); -@@ -337,6 +346,13 @@ grub_iso9660_susp_iterate (grub_fshelp_node_t node, grub_off_t off, - } - - entry = (struct grub_iso9660_susp_entry *) sua; -+ /* -+ * The hook function will not process CE or ST. -+ * Advancing to the next entry would skip them. -+ */ -+ if (grub_strncmp ((char *) entry->sig, "CE", 2) == 0 -+ || grub_strncmp ((char *) entry->sig, "ST", 2) == 0) -+ continue; - } - - if (hook (entry, hook_arg)) --- -cgit v1.1 - diff --git a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch b/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch deleted file mode 100644 index 55b1ef4604bdb39825bd1ba3750091c1e623a848..0000000000000000000000000000000000000000 --- a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 4e1d08ad2465dcc2c79d3be9c92ec166d8420a98 Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:38:19 +0300 -Subject: [PATCH 5/6] fs/ntfs: Fix an OOB read when parsing a volume label - -This fix introduces checks to ensure that an NTFS volume label is always -read from the corresponding file record segment. - -The current NTFS code allows the volume label string to be read from an -arbitrary, attacker-chosen memory location. However, the bytes read are -always treated as UTF-16LE. So, the final string displayed is mostly -unreadable and it can't be easily converted back to raw bytes. - -The lack of this check is a minor issue, likely not causing a significant -data leak. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=1fe82c41e070385e273d7bb1cfb482627a3c28e8 -Conflict:NA - -Reported-by: Maxim Suhanov -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index 2404566..e26dd59 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -1209,13 +1209,29 @@ grub_ntfs_label (grub_device_t device, char **label) - - init_attr (&mft->attr, mft); - pa = find_attr (&mft->attr, GRUB_NTFS_AT_VOLUME_NAME); -+ -+ if (pa >= mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label"); -+ goto fail; -+ } -+ -+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa < 0x16) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label"); -+ goto fail; -+ } -+ - if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10))) - { - int len; - - len = u32at (pa, 0x10) / 2; - pa += u16at (pa, 0x14); -- *label = get_utf8 (pa, len); -+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len) -+ *label = get_utf8 (pa, len); -+ else -+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label"); - } - - fail: --- -2.19.1 - diff --git a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch b/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch deleted file mode 100644 index 6d6fd87068c96789849a64240f886231ec26e054..0000000000000000000000000000000000000000 --- a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 6dc553d0c6ef77518789eb774f76d07f7a2e38c2 Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:33:44 +0300 -Subject: [PATCH 4/6] fs/ntfs: Fix an OOB read when parsing bitmaps for index - attributes - -This fix introduces checks to ensure that bitmaps for directory indices -are never read beyond their actual sizes. - -The lack of this check is a minor issue, likely not exploitable in any way. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=7a5a116739fa6d8a625da7d6b9272c9a2462f967 -Conflict:NA - -Reported-by: Maxim Suhanov -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 19 +++++++++++++++++++ - 1 file changed, 19 insertions(+) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index c015044..2404566 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -839,6 +839,25 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - - if (is_resident) - { -+ if (bitmap_len > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap too large"); -+ goto done; -+ } -+ -+ if (cur_pos >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range"); -+ goto done; -+ } -+ -+ if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) > -+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range"); -+ goto done; -+ } -+ - grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14), - bitmap_len); - } --- -2.19.1 - diff --git a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch b/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch deleted file mode 100644 index 9430315cef6584def169db7c07ff199e83e43618..0000000000000000000000000000000000000000 --- a/backport-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch +++ /dev/null @@ -1,76 +0,0 @@ -From d5b4e4198fa932e13f3abfec8d4cda1c7709499d Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:33:17 +0300 -Subject: [PATCH 3/6] fs/ntfs: Fix an OOB read when parsing directory entries - from resident and non-resident index attributes - -This fix introduces checks to ensure that index entries are never read -beyond the corresponding directory index. - -The lack of this check is a minor issue, likely not exploitable in any way. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=7e5f031a6a6a3decc2360a7b0c71abbe598e7354 -Conflict:NA - -Reported-by: Maxim Suhanov -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 13 +++++++++++-- - 1 file changed, 11 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index 4d1fe42..c015044 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -599,7 +599,7 @@ get_utf8 (grub_uint8_t *in, grub_size_t len) - } - - static int --list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, -+list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, grub_uint8_t *end_pos, - grub_fshelp_iterate_dir_hook_t hook, void *hook_data) - { - grub_uint8_t *np; -@@ -610,6 +610,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, - grub_uint8_t namespace; - char *ustr; - -+ if ((pos >= end_pos) || (end_pos - pos < 0x52)) -+ break; -+ - if (pos[0xC] & 2) /* end signature */ - break; - -@@ -617,6 +620,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, - ns = *(np++); - namespace = *(np++); - -+ if (2 * ns > end_pos - pos - 0x52) -+ break; -+ - /* - * Ignore files in DOS namespace, as they will reappear as Win32 - * names. -@@ -802,7 +808,9 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - } - - cur_pos += 0x10; /* Skip index root */ -- ret = list_file (mft, cur_pos + u16at (cur_pos, 0), hook, hook_data); -+ ret = list_file (mft, cur_pos + u16at (cur_pos, 0), -+ at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR), -+ hook, hook_data); - if (ret) - goto done; - -@@ -889,6 +897,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - (const grub_uint8_t *) "INDX"))) - goto done; - ret = list_file (mft, &indx[0x18 + u16at (indx, 0x18)], -+ indx + (mft->data->idx_size << GRUB_NTFS_BLK_SHR), - hook, hook_data); - if (ret) - goto done; --- -2.19.1 - diff --git a/backport-fs-ntfs-Make-code-more-readable.patch b/backport-fs-ntfs-Make-code-more-readable.patch deleted file mode 100644 index c5a445fdac30bb71fc1faaef12060078efc3e5e2..0000000000000000000000000000000000000000 --- a/backport-fs-ntfs-Make-code-more-readable.patch +++ /dev/null @@ -1,162 +0,0 @@ -From 85c172921afc3fb9a3533a60df48cfff640a237d Mon Sep 17 00:00:00 2001 -From: Maxim Suhanov -Date: Mon, 28 Aug 2023 16:40:07 +0300 -Subject: [PATCH 6/6] fs/ntfs: Make code more readable - -Move some calls used to access NTFS attribute header fields into -functions with human-readable names. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e58b870ff926415e23fc386af41ff81b2f588763 -Conflict:NA - -Suggested-by: Daniel Kiper -Signed-off-by: Maxim Suhanov -Reviewed-by: Daniel Kiper ---- - grub-core/fs/ntfs.c | 48 +++++++++++++++++++++++++++++++-------------- - 1 file changed, 33 insertions(+), 15 deletions(-) - -diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c -index e26dd59..deb058a 100644 ---- a/grub-core/fs/ntfs.c -+++ b/grub-core/fs/ntfs.c -@@ -52,6 +52,24 @@ u64at (void *ptr, grub_size_t ofs) - return grub_le_to_cpu64 (grub_get_unaligned64 ((char *) ptr + ofs)); - } - -+static grub_uint16_t -+first_attr_off (void *mft_buf_ptr) -+{ -+ return u16at (mft_buf_ptr, 0x14); -+} -+ -+static grub_uint16_t -+res_attr_data_off (void *res_attr_ptr) -+{ -+ return u16at (res_attr_ptr, 0x14); -+} -+ -+static grub_uint32_t -+res_attr_data_len (void *res_attr_ptr) -+{ -+ return u32at (res_attr_ptr, 0x10); -+} -+ - grub_ntfscomp_func_t grub_ntfscomp_func; - - static grub_err_t -@@ -106,7 +124,7 @@ init_attr (struct grub_ntfs_attr *at, struct grub_ntfs_file *mft) - { - at->mft = mft; - at->flags = (mft == &mft->data->mmft) ? GRUB_NTFS_AF_MMFT : 0; -- at->attr_nxt = mft->buf + u16at (mft->buf, 0x14); -+ at->attr_nxt = mft->buf + first_attr_off (mft->buf); - at->attr_end = at->emft_buf = at->edat_buf = at->sbuf = NULL; - } - -@@ -154,7 +172,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - return NULL; - } - -- new_pos = &at->emft_buf[u16at (at->emft_buf, 0x14)]; -+ new_pos = &at->emft_buf[first_attr_off (at->emft_buf)]; - while (*new_pos != 0xFF) - { - if ((*new_pos == *at->attr_cur) -@@ -213,7 +231,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) - } - else - { -- at->attr_nxt = at->attr_end + u16at (pa, 0x14); -+ at->attr_nxt = at->attr_end + res_attr_data_off (pa); - at->attr_end = at->attr_end + u32at (pa, 4); - pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); - } -@@ -399,20 +417,20 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest, - - if (pa[8] == 0) - { -- if (ofs + len > u32at (pa, 0x10)) -+ if (ofs + len > res_attr_data_len (pa)) - return grub_error (GRUB_ERR_BAD_FS, "read out of range"); - -- if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) -+ if (res_attr_data_len (pa) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) - return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large"); - - if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR)) - return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range"); - -- if (u16at (pa, 0x14) + u32at (pa, 0x10) > -+ if (res_attr_data_off (pa) + res_attr_data_len (pa) > - (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa) - return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range"); - -- grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len); -+ grub_memcpy (dest, pa + res_attr_data_off (pa) + ofs, len); - return 0; - } - -@@ -556,7 +574,7 @@ init_file (struct grub_ntfs_file *mft, grub_uint64_t mftno) - (unsigned long long) mftno); - - if (!pa[8]) -- mft->size = u32at (pa, 0x10); -+ mft->size = res_attr_data_len (pa); - else - mft->size = u64at (pa, 0x30); - -@@ -801,7 +819,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - (u32at (cur_pos, 0x18) != 0x490024) || - (u32at (cur_pos, 0x1C) != 0x300033)) - continue; -- cur_pos += u16at (cur_pos, 0x14); -+ cur_pos += res_attr_data_off (cur_pos); - if (*cur_pos != 0x30) /* Not filename index */ - continue; - break; -@@ -830,7 +848,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - { - int is_resident = (cur_pos[8] == 0); - -- bitmap_len = ((is_resident) ? u32at (cur_pos, 0x10) : -+ bitmap_len = ((is_resident) ? res_attr_data_len (cur_pos) : - u32at (cur_pos, 0x28)); - - bmp = grub_malloc (bitmap_len); -@@ -851,14 +869,14 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir, - goto done; - } - -- if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) > -+ if (res_attr_data_off (cur_pos) + res_attr_data_len (cur_pos) > - (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos) - { - grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range"); - goto done; - } - -- grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14), -+ grub_memcpy (bmp, cur_pos + res_attr_data_off (cur_pos), - bitmap_len); - } - else -@@ -1222,12 +1240,12 @@ grub_ntfs_label (grub_device_t device, char **label) - goto fail; - } - -- if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10))) -+ if ((pa) && (pa[8] == 0) && (res_attr_data_len (pa))) - { - int len; - -- len = u32at (pa, 0x10) / 2; -- pa += u16at (pa, 0x14); -+ len = res_attr_data_len (pa) / 2; -+ pa += res_attr_data_off (pa); - if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len) - *label = get_utf8 (pa, len); - else --- -2.19.1 - diff --git a/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch b/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch deleted file mode 100644 index 532b850887ae3273aaac5bbe7a86999494a293d4..0000000000000000000000000000000000000000 --- a/backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 98ae234000abdabf9db125c87a2db8b81157af72 Mon Sep 17 00:00:00 2001 -From: "t.feng" -Date: Tue, 29 Nov 2022 17:14:14 +0800 -Subject: [PATCH] fs/squash4: Fix memory leaks in grub_squash_iterate_dir() - -Fixes: 20dd511c8 (Handle "." and ".." on squashfs) - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=98ae234000abdabf9db125c87a2db8b81157af72 -Conflict:NA - -Signed-off-by: t.feng -Reviewed-by: Daniel Kiper ---- - grub-core/fs/squash4.c | 20 ++++++++++++++++---- - 1 file changed, 16 insertions(+), 4 deletions(-) - -diff --git a/grub-core/fs/squash4.c b/grub-core/fs/squash4.c -index 02b1f9b6d..a30e6ebe1 100644 ---- a/grub-core/fs/squash4.c -+++ b/grub-core/fs/squash4.c -@@ -550,7 +550,10 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, - + node->stack[node->stsize - 1].ino_chunk, - node->stack[node->stsize - 1].ino_offset); - if (err) -- return 0; -+ { -+ grub_free (node); -+ return 0; -+ } - - if (hook ("..", GRUB_FSHELP_DIR, node, hook_data)) - return 1; -@@ -600,7 +603,10 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, - grub_le_to_cpu64 (dir->data->sb.diroffset) - + chunk, off); - if (err) -- return 0; -+ { -+ grub_free (buf); -+ return 0; -+ } - - off += grub_le_to_cpu16 (di.namelen) + 1; - buf[grub_le_to_cpu16 (di.namelen) + 1] = 0; -@@ -612,11 +618,17 @@ grub_squash_iterate_dir (grub_fshelp_node_t dir, - if (grub_add (dir->stsize, 1, &sz) || - grub_mul (sz, sizeof (dir->stack[0]), &sz) || - grub_add (sz, sizeof (*node), &sz)) -- return 0; -+ { -+ grub_free (buf); -+ return 0; -+ } - - node = grub_malloc (sz); - if (! node) -- return 0; -+ { -+ grub_free (buf); -+ return 0; -+ } - - grub_memcpy (node, dir, sz - sizeof(dir->stack[0])); - --- -2.28.0.windows.1 - diff --git a/backport-fs-udf-Fix-out-of-bounds-access.patch b/backport-fs-udf-Fix-out-of-bounds-access.patch deleted file mode 100644 index c0cc8a87ff8e95a7dc60d47b18ec95ac7c1411a7..0000000000000000000000000000000000000000 --- a/backport-fs-udf-Fix-out-of-bounds-access.patch +++ /dev/null @@ -1,119 +0,0 @@ -From a24ea9241cb42e8ba670ac8d8ce54275df73a271 Mon Sep 17 00:00:00 2001 -From: Lidong Chen -Date: Wed, 7 Jun 2023 01:31:06 +0000 -Subject: fs/udf: Fix out of bounds access - -Implemented a boundary check before advancing the allocation -descriptors pointer. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=a24ea9241cb42e8ba670ac8d8ce54275df73a271 -Conflict:NA - -Signed-off-by: Lidong Chen -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper ---- - grub-core/fs/udf.c | 38 ++++++++++++++++++++++++++++++++++++++ - 1 file changed, 38 insertions(+) - -diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c -index 7679ea3..b836e61 100644 ---- a/grub-core/fs/udf.c -+++ b/grub-core/fs/udf.c -@@ -114,6 +114,10 @@ GRUB_MOD_LICENSE ("GPLv3+"); - #define GRUB_UDF_PARTMAP_TYPE_1 1 - #define GRUB_UDF_PARTMAP_TYPE_2 2 - -+#define GRUB_UDF_INVALID_STRUCT_PTR(_ptr, _struct) \ -+ ((char *) (_ptr) >= end_ptr || \ -+ ((grub_ssize_t) (end_ptr - (char *) (_ptr)) < (grub_ssize_t) sizeof (_struct))) -+ - struct grub_udf_lb_addr - { - grub_uint32_t block_num; -@@ -458,6 +462,7 @@ grub_udf_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) - char *ptr; - grub_ssize_t len; - grub_disk_addr_t filebytes; -+ char *end_ptr; - - switch (U16 (node->block.fe.tag.tag_ident)) - { -@@ -476,9 +481,17 @@ grub_udf_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) - return 0; - } - -+ end_ptr = (char *) node + get_fshelp_size (node->data); -+ - if ((U16 (node->block.fe.icbtag.flags) & GRUB_UDF_ICBTAG_FLAG_AD_MASK) - == GRUB_UDF_ICBTAG_FLAG_AD_SHORT) - { -+ if (GRUB_UDF_INVALID_STRUCT_PTR (ptr, struct grub_udf_short_ad)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "corrupted UDF file system"); -+ return 0; -+ } -+ - struct grub_udf_short_ad *ad = (struct grub_udf_short_ad *) ptr; - - filebytes = fileblock * U32 (node->data->lvd.bsize); -@@ -542,10 +555,22 @@ grub_udf_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) - filebytes -= adlen; - ad++; - len -= sizeof (struct grub_udf_short_ad); -+ -+ if (GRUB_UDF_INVALID_STRUCT_PTR (ad, struct grub_udf_short_ad)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "corrupted UDF file system"); -+ return 0; -+ } - } - } - else - { -+ if (GRUB_UDF_INVALID_STRUCT_PTR (ptr, struct grub_udf_long_ad)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "corrupted UDF file system"); -+ return 0; -+ } -+ - struct grub_udf_long_ad *ad = (struct grub_udf_long_ad *) ptr; - - filebytes = fileblock * U32 (node->data->lvd.bsize); -@@ -611,6 +636,12 @@ grub_udf_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) - filebytes -= adlen; - ad++; - len -= sizeof (struct grub_udf_long_ad); -+ -+ if (GRUB_UDF_INVALID_STRUCT_PTR (ad, struct grub_udf_long_ad)) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "corrupted UDF file system"); -+ return 0; -+ } - } - } - -@@ -630,6 +661,7 @@ grub_udf_read_file (grub_fshelp_node_t node, - case GRUB_UDF_ICBTAG_FLAG_AD_IN_ICB: - { - char *ptr; -+ char *end_ptr = (char *) node + get_fshelp_size (node->data); - - ptr = ((U16 (node->block.fe.tag.tag_ident) == GRUB_UDF_TAG_IDENT_FE) ? - ((char *) &node->block.fe.ext_attr[0] -@@ -637,6 +669,12 @@ grub_udf_read_file (grub_fshelp_node_t node, - ((char *) &node->block.efe.ext_attr[0] - + U32 (node->block.efe.ext_attr_length))); - -+ if ((ptr + pos + len) > end_ptr) -+ { -+ grub_error (GRUB_ERR_BAD_FS, "corrupted UDF file system"); -+ return 0; -+ } -+ - grub_memcpy (buf, ptr + pos, len); - - return len; --- -cgit v1.1 - diff --git a/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch b/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch deleted file mode 100644 index d5c229dc71abb1438d6d47abe0a16c2d025535b0..0000000000000000000000000000000000000000 --- a/backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 2e32d2357443d596d8d9067116152ec49be02a4a Mon Sep 17 00:00:00 2001 -From: "t.feng" -Date: Tue, 29 Nov 2022 17:14:15 +0800 -Subject: [PATCH] fs/xfs: Fix memory leaks in XFS module - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=2e32d2357443d596d8d9067116152ec49be02a4a -Conflict:NA - -Signed-off-by: t.feng -Reviewed-by: Daniel Kiper ---- - grub-core/fs/xfs.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c -index d6de7f1a2..b67407690 100644 ---- a/grub-core/fs/xfs.c -+++ b/grub-core/fs/xfs.c -@@ -585,7 +585,10 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) - if (grub_disk_read (node->data->disk, - GRUB_XFS_FSB_TO_BLOCK (node->data, get_fsb (keys, i - 1 + recoffset)) << (node->data->sblock.log2_bsize - GRUB_DISK_SECTOR_BITS), - 0, node->data->bsize, leaf)) -- return 0; -+ { -+ grub_free (leaf); -+ return 0; -+ } - - if ((!node->data->hascrc && - grub_strncmp ((char *) leaf->magic, "BMAP", 4)) || -@@ -751,6 +754,7 @@ static int iterate_dir_call_hook (grub_uint64_t ino, const char *filename, - if (err) - { - grub_print_error (); -+ grub_free (fdiro); - return 0; - } - -@@ -861,7 +865,10 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir, - blk << dirblk_log2, - dirblk_size, dirblock, 0); - if (numread != dirblk_size) -- return 0; -+ { -+ grub_free (dirblock); -+ return 0; -+ } - - entries = (grub_be_to_cpu32 (tail->leaf_count) - - grub_be_to_cpu32 (tail->leaf_stale)); --- -2.28.0.windows.1 - diff --git a/backport-gentpl_py-Remove-interp-section-from-img-files.patch b/backport-gentpl_py-Remove-interp-section-from-img-files.patch deleted file mode 100644 index b60492e985c94f76c42bcdf382fb9e5d6cc84395..0000000000000000000000000000000000000000 --- a/backport-gentpl_py-Remove-interp-section-from-img-files.patch +++ /dev/null @@ -1,35 +0,0 @@ -From b58aa4e2095943303126fff706d73f18f7caab35 Mon Sep 17 00:00:00 2001 -From: Nicholas Vinson -Date: Fri, 13 Jan 2023 02:56:35 -0500 -Subject: gentpl.py: Remove .interp section from .img files - -When building .img files, a .interp section from the .image files will -sometimes be copied into the .img file. This additional section pushes -the .img file beyond the 512-byte limit and causes grub-install to fail -to run for i386-pc platforms. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=b58aa4e2095943303126fff706d73f18f7caab35 -Conflict:NA - -Signed-off-by: Nicholas Vinson -Reviewed-by: Daniel Kiper ---- - gentpl.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gentpl.py b/gentpl.py -index 9f51e4f..88abe5b 100644 ---- a/gentpl.py -+++ b/gentpl.py -@@ -766,7 +766,7 @@ def image(defn, platform): - if test x$(TARGET_APPLE_LINKER) = x1; then \ - $(MACHO2IMG) $< $@; \ - else \ -- $(TARGET_OBJCOPY) $(""" + cname(defn) + """_OBJCOPYFLAGS) --strip-unneeded -R .note -R .comment -R .note.gnu.build-id -R .MIPS.abiflags -R .reginfo -R .rel.dyn -R .note.gnu.gold-version -R .note.gnu.property -R .ARM.exidx $< $@; \ -+ $(TARGET_OBJCOPY) $(""" + cname(defn) + """_OBJCOPYFLAGS) --strip-unneeded -R .note -R .comment -R .note.gnu.build-id -R .MIPS.abiflags -R .reginfo -R .rel.dyn -R .note.gnu.gold-version -R .note.gnu.property -R .ARM.exidx -R .interp $< $@; \ - fi - """) - --- -cgit v1.1 - diff --git a/backport-grub-core-loader-arm64-linux.c-do-not-validate-kerne.patch b/backport-grub-core-loader-arm64-linux.c-do-not-validate-kerne.patch deleted file mode 100644 index de4f1908e6acfc97f8a9b251f37a161c1c3445d9..0000000000000000000000000000000000000000 --- a/backport-grub-core-loader-arm64-linux.c-do-not-validate-kerne.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Fri, 4 Mar 2022 11:29:31 +0100 -Subject: [PATCH] grub-core/loader/arm64/linux.c: do not validate kernel twice - -Call to grub_file_open(, GRUB_FILE_TYPE_LINUX_KERNEL) already passes -the kernel file through shim-lock verifier when secureboot is on. Thus -there is no need to validate the kernel image again. And when doing so -again, duplicate PCR measurement is performed, breaking measurements -compatibility with 2.04+linuxefi. - -This patch must not be ported to older editions of grub code bases -that do not have verifiers framework, or it is not builtin, or -shim-lock-verifier is an optional module. - -Signed-off-by: Dimitri John Ledkov ---- - grub-core/loader/arm64/linux.c | 13 ------------- - 1 file changed, 13 deletions(-) - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index f18d90bd749..d2af47c2c0a 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -34,7 +34,6 @@ - #include - #include - #include --#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -341,7 +340,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_off_t filelen; - grub_uint32_t align; - void *kernel = NULL; -- int rc; - - grub_dl_ref (my_mod); - -@@ -370,17 +368,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -- { -- rc = grub_linuxefi_secure_validate (kernel, filelen); -- if (rc <= 0) -- { -- grub_error (GRUB_ERR_INVALID_COMMAND, -- N_("%s has invalid signature"), argv[0]); -- goto fail; -- } -- } -- - if (grub_arch_efi_linux_check_image (kernel) != GRUB_ERR_NONE) - goto fail; - if (parse_pe_header (kernel, &kernel_size, &handover_offset, &align) != GRUB_ERR_NONE) diff --git a/backport-grub-core-loader-efi-chainloader.c-do-not-validate-c.patch b/backport-grub-core-loader-efi-chainloader.c-do-not-validate-c.patch deleted file mode 100644 index 498a6d75e4e2de8a72833ba12c1b96404cefc022..0000000000000000000000000000000000000000 --- a/backport-grub-core-loader-efi-chainloader.c-do-not-validate-c.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Fri, 4 Mar 2022 09:31:43 +0100 -Subject: [PATCH] grub-core/loader/efi/chainloader.c: do not validate - chainloader twice - -On secureboot systems, with shimlock verifier, call to -grub_file_open(, GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE) will already -pass the chainloader target through shim-lock protocol verify -call. And create a TPM measurement. If verification fails, -grub_cmd_chainloader will fail at file open time. - -This makes previous code paths for negative, and zero return codes -from grub_linuxefi_secure_validate unreachable under secureboot. But -also breaking measurements compatibility with 2.04+linuxefi codebases, -as the chainloader file is passed through shim_lock->verify() twice -(via verifier & direct call to grub_linuxefi_secure_validate) -extending the PCRs twice. - -This reduces grub_loader options to perform -grub_secureboot_chainloader when secureboot is on, and otherwise -attempt grub_chainloader_boot. - -It means that booting with secureboot off, yet still with shim (which -always verifies things successfully), will stop choosing -grub_secureboot_chainloader, and opting for a more regular -loadimage/startimage codepath. If we want to use the -grub_secureboot_chainloader codepath in such scenarios we should adapt -the code to simply check for shim_lock protocol presence / -shim_lock->context() success?! But I am not sure if that is necessary. - -This patch must not be ported to older editions of grub code bases -that do not have verifiers framework, or it is not builtin, or -shim-lock-verifier is an optional module. - -Signed-off-by: Dimitri John Ledkov ---- - grub-core/loader/efi/chainloader.c | 8 ++------ - 1 file changed, 2 insertions(+), 6 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 3af6b122926..644cd2e56fe 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -906,7 +906,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_device_path_t *dp = 0; - char *filename; - void *boot_image = 0; -- int rc; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -1082,9 +1081,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - orig_dev = 0; - } - -- rc = grub_linuxefi_secure_validate((void *)(unsigned long)address, fsize); -- grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc); -- if (rc > 0) -+ if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { - grub_file_close (file); - grub_device_close (dev); -@@ -1092,7 +1089,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_secureboot_chainloader_unload, 0); - return 0; - } -- else if (rc == 0) -+ else - { - grub_load_and_start_image(boot_image); - grub_file_close (file); -@@ -1101,7 +1098,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - - return 0; - } -- // -1 fall-through to fail - - fail: - if (orig_dev) diff --git a/backport-grub-core-loader-efi-linux.c-drop-now-unused-grub_li.patch b/backport-grub-core-loader-efi-linux.c-drop-now-unused-grub_li.patch deleted file mode 100644 index d23f46573dcf6110dd015bed19ef99179050e7d9..0000000000000000000000000000000000000000 --- a/backport-grub-core-loader-efi-linux.c-drop-now-unused-grub_li.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Fri, 4 Mar 2022 11:36:09 +0100 -Subject: [PATCH] grub-core/loader/efi/linux.c: drop now unused - grub_linuxefi_secure_validate - -Drop the now unused grub_linuxefi_secure_validate() as all prior users -of this API now rely on the shim-lock-verifier codepath instead. - -This patch must not be ported to older editions of grub code bases -that do not have verifiers framework, or it is not builtin, or -shim-lock-verifier is an optional module. - -Signed-off-by: Dimitri John Ledkov ---- - grub-core/loader/efi/linux.c | 40 ---------------------------------------- - include/grub/efi/linux.h | 2 -- - 2 files changed, 42 deletions(-) - -diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c -index 9260731c107..9265cf4200a 100644 ---- a/grub-core/loader/efi/linux.c -+++ b/grub-core/loader/efi/linux.c -@@ -24,46 +24,6 @@ - #include - #include - --#define SHIM_LOCK_GUID \ -- { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} } -- --struct grub_efi_shim_lock --{ -- grub_efi_status_t (*verify) (void *buffer, grub_uint32_t size); --}; --typedef struct grub_efi_shim_lock grub_efi_shim_lock_t; -- --// Returns 1 on success, -1 on error, 0 when not available --int --grub_linuxefi_secure_validate (void *data, grub_uint32_t size) --{ -- grub_efi_guid_t guid = SHIM_LOCK_GUID; -- grub_efi_shim_lock_t *shim_lock; -- grub_efi_status_t status; -- -- shim_lock = grub_efi_locate_protocol(&guid, NULL); -- grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock); -- if (!shim_lock) -- { -- grub_dprintf ("secureboot", "shim not available\n"); -- return 0; -- } -- -- grub_dprintf ("secureboot", "Asking shim to verify kernel signature\n"); -- status = shim_lock->verify (data, size); -- grub_dprintf ("secureboot", "shim_lock->verify(): %ld\n", (long int)status); -- if (status == GRUB_EFI_SUCCESS) -- { -- grub_dprintf ("secureboot", "Kernel signature verification passed\n"); -- return 1; -- } -- -- grub_dprintf ("secureboot", "Kernel signature verification failed (0x%lx)\n", -- (unsigned long) status); -- -- return -1; --} -- - #pragma GCC diagnostic push - #pragma GCC diagnostic ignored "-Wcast-align" - -diff --git a/include/grub/efi/linux.h b/include/grub/efi/linux.h -index 0033d9305a9..887b02fd9f3 100644 ---- a/include/grub/efi/linux.h -+++ b/include/grub/efi/linux.h -@@ -22,8 +22,6 @@ - #include - #include - --int --EXPORT_FUNC(grub_linuxefi_secure_validate) (void *data, grub_uint32_t size); - grub_err_t - EXPORT_FUNC(grub_efi_linux_boot) (void *kernel_address, grub_off_t offset, - void *kernel_param); diff --git a/backport-grub-core-loader-i386-efi-linux.c-do-not-validate-ke.patch b/backport-grub-core-loader-i386-efi-linux.c-do-not-validate-ke.patch deleted file mode 100644 index a0be66471932a21d499d6930ef1d8c0a25736278..0000000000000000000000000000000000000000 --- a/backport-grub-core-loader-i386-efi-linux.c-do-not-validate-ke.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Dimitri John Ledkov -Date: Thu, 3 Mar 2022 13:10:56 +0100 -Subject: [PATCH] grub-core/loader/i386/efi/linux.c: do not validate kernels - twice - -On codebases that have shim-lock-verifier built into the grub core -(like 2.06 upstream), shim-lock-verifier is in enforcing mode when -booted with secureboot. It means that grub_cmd_linux() command -attempts to perform shim validate upon opening linux kernel image, -including kernel measurement. And the verifier correctly returns file -open error when shim validate protocol is not present or shim fails to -validate the kernel. - -This makes the call to grub_linuxefi_secure_validate() redundant, but -also harmful. As validating the kernel image twice, extends the PCRs -with the same measurement twice. Which breaks existing sealing -policies when upgrading from grub2.04+rhboot+sb+linuxefi to -grub2.06+rhboot+sb+linuxefi builds. It is also incorrect to measure -the kernel twice. - -This patch must not be ported to older editions of grub code bases -that do not have verifiers framework, or it is not builtin, or -shim-lock-verifier is an optional module. - -This patch is tested to ensure that unsigned kernels are not possible -to boot in secureboot mode when shim rejects kernel, or shim protocol -is missing, and that the measurements become stable once again. The -above also ensures that CVE-2020-15705 is not reintroduced. - -Signed-off-by: Dimitri John Ledkov ---- - grub-core/loader/i386/efi/linux.c | 13 ------------- - 1 file changed, 13 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 3cf0f9b330b..941df6400b9 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -30,7 +30,6 @@ - #include - #include - #include --#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -278,7 +277,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_ssize_t start, filelen; - void *kernel = NULL; - int setup_header_end_offset; -- int rc; - - grub_dl_ref (my_mod); - -@@ -308,17 +306,6 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) -- { -- rc = grub_linuxefi_secure_validate (kernel, filelen); -- if (rc <= 0) -- { -- grub_error (GRUB_ERR_INVALID_COMMAND, -- N_("%s has invalid signature"), argv[0]); -- goto fail; -- } -- } -- - lh = (struct linux_i386_kernel_header *)kernel; - grub_dprintf ("linux", "original lh is at %p\n", kernel); - diff --git a/backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch b/backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch deleted file mode 100644 index 4060a18b9c46bc5e38d77ee5a5551c7ab17e10f3..0000000000000000000000000000000000000000 --- a/backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 29d44a236a5e939b8ff24e6c31141d5b1e48f693 Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Tue, 26 Oct 2021 15:02:40 +0000 -Subject: io/gzio: Fix possible use of uninitialized variable in huft_build() - -In huft_build() it is possible to reach the for loop where "r" is being -assigned to "q[j]" without "r.v" ever being initialized. - -Fixes: CID 314024 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=29d44a236a5e939b8ff24e6c31141d5b1e48f693 - ---- - grub-core/io/gzio.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/io/gzio.c b/grub-core/io/gzio.c -index aea86a0..10156e5 100644 ---- a/grub-core/io/gzio.c -+++ b/grub-core/io/gzio.c -@@ -447,7 +447,7 @@ huft_build (unsigned *b, /* code lengths in bits (all assumed <= BMAX) */ - int l; /* bits per table (returned in m) */ - register unsigned *p; /* pointer into c[], b[], or v[] */ - register struct huft *q; /* points to current table */ -- struct huft r; /* table entry for structure assignment */ -+ struct huft r = {0}; /* table entry for structure assignment */ - struct huft *u[BMAX]; /* table stack */ - unsigned v[N_MAX]; /* values in order of bit length */ - register int w; /* bits before this table == (l * h) */ --- -cgit v1.1 diff --git a/backport-kern-Check-for-NULL-when-closing-devices-and-disks.patch b/backport-kern-Check-for-NULL-when-closing-devices-and-disks.patch deleted file mode 100644 index 7e06a1fab0165270225301eede8d083c65247a35..0000000000000000000000000000000000000000 --- a/backport-kern-Check-for-NULL-when-closing-devices-and-disks.patch +++ /dev/null @@ -1,50 +0,0 @@ -From d09387287b7bbd7770bc9d172cc0e06181183e02 Mon Sep 17 00:00:00 2001 -From: Oliver Steffen -Date: Fri, 26 May 2023 13:35:50 +0200 -Subject: kern: Check for NULL when closing devices and disks - -Add checks for NULL pointers to grub_device_close() and -grub_disk_close() to make these functions more robust. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=d09387287b7bbd7770bc9d172cc0e06181183e02 -Conflict:NA - -Signed-off-by: Oliver Steffen -Reviewed-by: Daniel Kiper ---- - grub-core/kern/device.c | 3 +++ - grub-core/kern/disk.c | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/grub-core/kern/device.c b/grub-core/kern/device.c -index f58b58c..2a6d81f 100644 ---- a/grub-core/kern/device.c -+++ b/grub-core/kern/device.c -@@ -72,6 +72,9 @@ grub_device_open (const char *name) - grub_err_t - grub_device_close (grub_device_t device) - { -+ if (device == NULL) -+ return GRUB_ERR_NONE; -+ - if (device->disk) - grub_disk_close (device->disk); - -diff --git a/grub-core/kern/disk.c b/grub-core/kern/disk.c -index 05a28ab..3ca8528 100644 ---- a/grub-core/kern/disk.c -+++ b/grub-core/kern/disk.c -@@ -294,6 +294,10 @@ void - grub_disk_close (grub_disk_t disk) - { - grub_partition_t part; -+ -+ if (disk == NULL) -+ return; -+ - grub_dprintf ("disk", "Closing `%s'...\n", disk->name); - - if (disk->dev && disk->dev->disk_close) --- -2.19.1 - diff --git a/backport-kern-acpi-Use-xsdt_addr-if-present.patch b/backport-kern-acpi-Use-xsdt_addr-if-present.patch deleted file mode 100644 index fb236e6a785eddd1ec98cdf1d02ff204c78e7df1..0000000000000000000000000000000000000000 --- a/backport-kern-acpi-Use-xsdt_addr-if-present.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 4fb58cf0afe83d921e1072d58a4f899696d8fe7e Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Tue, 13 Jun 2023 11:20:51 +0800 -Subject: [PATCH] kern/acpi: Use xsdt_addr if present - -According to the ACPI specification, in ACPI 2.0 or later, an -ACPI-compatible OS must use the XSDT if present. So, we should -use xsdt_addr instead of rsdt_addr if xsdt_addr is valid. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=4fb58cf0afe83d921e1072d58a4f899696d8fe7e -Conflict:NA - -Signed-off-by: Qiumiao Zhang -Reviewed-by: Daniel Kiper ---- - grub-core/kern/acpi.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/grub-core/kern/acpi.c b/grub-core/kern/acpi.c -index 5746ac0..524c402 100644 ---- a/grub-core/kern/acpi.c -+++ b/grub-core/kern/acpi.c -@@ -99,12 +99,6 @@ grub_acpi_find_fadt (void) - if (fadt) - return fadt; - rsdpv2 = grub_machine_acpi_get_rsdpv2 (); -- if (rsdpv2) -- fadt = grub_acpi_rsdt_find_table ((struct grub_acpi_table_header *) -- (grub_addr_t) rsdpv2->rsdpv1.rsdt_addr, -- GRUB_ACPI_FADT_SIGNATURE); -- if (fadt) -- return fadt; - if (rsdpv2 - #if GRUB_CPU_SIZEOF_VOID_P != 8 - && !(rsdpv2->xsdt_addr >> 32) -@@ -115,5 +109,11 @@ grub_acpi_find_fadt (void) - GRUB_ACPI_FADT_SIGNATURE); - if (fadt) - return fadt; -+ if (rsdpv2) -+ fadt = grub_acpi_rsdt_find_table ((struct grub_acpi_table_header *) -+ (grub_addr_t) rsdpv2->rsdpv1.rsdt_addr, -+ GRUB_ACPI_FADT_SIGNATURE); -+ if (fadt) -+ return fadt; - return 0; - } --- -2.27.0 - diff --git a/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch b/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch deleted file mode 100644 index bca97f331a4102dfc54da3582ede68f4f994ab6a..0000000000000000000000000000000000000000 --- a/backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 82ff9faa5bff5b3669bc4144bfc9b2279d344483 Mon Sep 17 00:00:00 2001 -From: Jagannathan Raman -Date: Mon, 17 Oct 2022 14:04:39 +0000 -Subject: [PATCH] kern/buffer: Handle NULL input pointer in grub_buffer_free() - -The grub_buffer_free() should handle NULL input pointer, similar to -grub_free(). If the pointer is not referencing any memory location, -grub_buffer_free() need not perform any function. - -Fixes: CID 396931 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=82ff9faa5bff5b3669bc4144bfc9b2279d344483 -Conflict:NA - -Signed-off-by: Jagannathan Raman -Reviewed-by: Ross Philipson -Reviewed-by: Daniel Kiper ---- - grub-core/kern/buffer.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/grub-core/kern/buffer.c b/grub-core/kern/buffer.c -index 9f5f8b867..a2587729c 100644 ---- a/grub-core/kern/buffer.c -+++ b/grub-core/kern/buffer.c -@@ -49,8 +49,11 @@ grub_buffer_new (grub_size_t sz) - void - grub_buffer_free (grub_buffer_t buf) - { -- grub_free (buf->data); -- grub_free (buf); -+ if (buf != NULL) -+ { -+ grub_free (buf->data); -+ grub_free (buf); -+ } - } - - grub_err_t --- -2.28.0.windows.1 - diff --git a/backport-kern-efi-mm-Fix-use-after-free-in-finish-boot-services.patch b/backport-kern-efi-mm-Fix-use-after-free-in-finish-boot-services.patch deleted file mode 100644 index 532a0a689f7755165b9e99f70955928868da3973..0000000000000000000000000000000000000000 --- a/backport-kern-efi-mm-Fix-use-after-free-in-finish-boot-services.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 6f05a277961dc801ba6de4f0f3bc22184ae80b0f Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Mon, 22 May 2023 16:52:49 -0400 -Subject: kern/efi/mm: Fix use-after-free in finish boot services - -In grub-core/kern/efi/mm.c, grub_efi_finish_boot_services() has an instance -where the memory for the variable finish_mmap_buf is freed, but on the next -iteration of a while loop, grub_efi_get_memory_map() uses finish_mmap_buf. To -prevent this, we can set finish_mmap_buf to NULL after the free. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=6f05a277961dc801ba6de4f0f3bc22184ae80b0f -Conflict:NA - -Signed-off-by: Alec Brown -Reviewed-by: Daniel Kiper ---- - grub-core/kern/efi/mm.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c -index 2be0e69..6a6fba8 100644 ---- a/grub-core/kern/efi/mm.c -+++ b/grub-core/kern/efi/mm.c -@@ -263,6 +263,7 @@ grub_efi_finish_boot_services (grub_efi_uintn_t *outbuf_size, void *outbuf, - &finish_desc_size, &finish_desc_version) <= 0) - { - grub_free (finish_mmap_buf); -+ finish_mmap_buf = NULL; - return grub_error (GRUB_ERR_IO, "couldn't retrieve memory map"); - } - -@@ -274,10 +275,12 @@ grub_efi_finish_boot_services (grub_efi_uintn_t *outbuf_size, void *outbuf, - if (status != GRUB_EFI_INVALID_PARAMETER) - { - grub_free (finish_mmap_buf); -+ finish_mmap_buf = NULL; - return grub_error (GRUB_ERR_IO, "couldn't terminate EFI services"); - } - - grub_free (finish_mmap_buf); -+ finish_mmap_buf = NULL; - grub_printf ("Trying to terminate EFI services again\n"); - } - grub_efi_is_finished = 1; --- -cgit v1.1 - diff --git a/backport-kern-efi-sb-Enforce-verification-of-font-files.patch b/backport-kern-efi-sb-Enforce-verification-of-font-files.patch deleted file mode 100644 index 04b29f2d5f00d7df4053b7635bd9a661d990d244..0000000000000000000000000000000000000000 --- a/backport-kern-efi-sb-Enforce-verification-of-font-files.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 93a786a00163e50c29f0394df198518617e1c9a5 Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Sun, 14 Aug 2022 15:51:54 +0800 -Subject: [PATCH 08/13] kern/efi/sb: Enforce verification of font files - -As a mitigation and hardening measure enforce verification of font -files. Then only trusted font files can be load. This will reduce the -attack surface at cost of losing the ability of end-users to customize -fonts if e.g. UEFI Secure Boot is enabled. Vendors can always customize -fonts because they have ability to pack fonts into their GRUB bundles. - -This goal is achieved by: - - * Removing GRUB_FILE_TYPE_FONT from shim lock verifier's - skip-verification list. - - * Adding GRUB_FILE_TYPE_FONT to lockdown verifier's defer-auth list, - so font files must be verified by a verifier before they can be loaded. - -Suggested-by: Daniel Kiper -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/kern/efi/sb.c | 1 - - grub-core/kern/lockdown.c | 1 + - 2 files changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c -index 89c4bb3fd..db42c2539 100644 ---- a/grub-core/kern/efi/sb.c -+++ b/grub-core/kern/efi/sb.c -@@ -145,7 +145,6 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), - case GRUB_FILE_TYPE_PRINT_BLOCKLIST: - case GRUB_FILE_TYPE_TESTLOAD: - case GRUB_FILE_TYPE_GET_SIZE: -- case GRUB_FILE_TYPE_FONT: - case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY: - case GRUB_FILE_TYPE_CAT: - case GRUB_FILE_TYPE_HEXCAT: -diff --git a/grub-core/kern/lockdown.c b/grub-core/kern/lockdown.c -index 0bc70fd42..af6d493cd 100644 ---- a/grub-core/kern/lockdown.c -+++ b/grub-core/kern/lockdown.c -@@ -51,6 +51,7 @@ lockdown_verifier_init (grub_file_t io __attribute__ ((unused)), - case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE: - case GRUB_FILE_TYPE_ACPI_TABLE: - case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE: -+ case GRUB_FILE_TYPE_FONT: - *flags = GRUB_VERIFY_FLAGS_DEFER_AUTH; - - /* Fall through. */ --- -2.27.0 - diff --git a/backport-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch b/backport-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch deleted file mode 100644 index bc0d527df4afa964f0c39740789d9a20d5df49c3..0000000000000000000000000000000000000000 --- a/backport-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 6fe755c5c07bb386fda58306bfd19e4a1c974c53 Mon Sep 17 00:00:00 2001 -From: Julian Andres Klode -Date: Thu, 2 Dec 2021 15:03:53 +0100 -Subject: kern/efi/sb: Reject non-kernel files in the shim_lock verifier - -We must not allow other verifiers to pass things like the GRUB modules. -Instead of maintaining a blocklist, maintain an allowlist of things -that we do not care about. - -This allowlist really should be made reusable, and shared by the -lockdown verifier, but this is the minimal patch addressing -security concerns where the TPM verifier was able to mark modules -as verified (or the OpenPGP verifier for that matter), when it -should not do so on shim-powered secure boot systems. - -Fixes: CVE-2022-28735 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6fe755c5c07bb386fda58306bfd19e4a1c974c53 -Conflict:NA - -Signed-off-by: Julian Andres Klode -Reviewed-by: Daniel Kiper ---- - grub-core/kern/efi/sb.c | 39 ++++++++++++++++++++++++++++++++++++--- - include/grub/verify.h | 1 + - 2 files changed, 37 insertions(+), 3 deletions(-) - -diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c -index c52ec62..89c4bb3 100644 ---- a/grub-core/kern/efi/sb.c -+++ b/grub-core/kern/efi/sb.c -@@ -119,10 +119,11 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), - void **context __attribute__ ((unused)), - enum grub_verify_flags *flags) - { -- *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; -+ *flags = GRUB_VERIFY_FLAGS_NONE; - - switch (type & GRUB_FILE_TYPE_MASK) - { -+ /* Files we check. */ - case GRUB_FILE_TYPE_LINUX_KERNEL: - case GRUB_FILE_TYPE_MULTIBOOT_KERNEL: - case GRUB_FILE_TYPE_BSD_KERNEL: -@@ -130,11 +131,43 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), - case GRUB_FILE_TYPE_PLAN9_KERNEL: - case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE: - *flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK; -+ return GRUB_ERR_NONE; - -- /* Fall through. */ -+ /* Files that do not affect secureboot state. */ -+ case GRUB_FILE_TYPE_NONE: -+ case GRUB_FILE_TYPE_LOOPBACK: -+ case GRUB_FILE_TYPE_LINUX_INITRD: -+ case GRUB_FILE_TYPE_OPENBSD_RAMDISK: -+ case GRUB_FILE_TYPE_XNU_RAMDISK: -+ case GRUB_FILE_TYPE_SIGNATURE: -+ case GRUB_FILE_TYPE_PUBLIC_KEY: -+ case GRUB_FILE_TYPE_PUBLIC_KEY_TRUST: -+ case GRUB_FILE_TYPE_PRINT_BLOCKLIST: -+ case GRUB_FILE_TYPE_TESTLOAD: -+ case GRUB_FILE_TYPE_GET_SIZE: -+ case GRUB_FILE_TYPE_FONT: -+ case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY: -+ case GRUB_FILE_TYPE_CAT: -+ case GRUB_FILE_TYPE_HEXCAT: -+ case GRUB_FILE_TYPE_CMP: -+ case GRUB_FILE_TYPE_HASHLIST: -+ case GRUB_FILE_TYPE_TO_HASH: -+ case GRUB_FILE_TYPE_KEYBOARD_LAYOUT: -+ case GRUB_FILE_TYPE_PIXMAP: -+ case GRUB_FILE_TYPE_GRUB_MODULE_LIST: -+ case GRUB_FILE_TYPE_CONFIG: -+ case GRUB_FILE_TYPE_THEME: -+ case GRUB_FILE_TYPE_GETTEXT_CATALOG: -+ case GRUB_FILE_TYPE_FS_SEARCH: -+ case GRUB_FILE_TYPE_LOADENV: -+ case GRUB_FILE_TYPE_SAVEENV: -+ case GRUB_FILE_TYPE_VERIFY_SIGNATURE: -+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; -+ return GRUB_ERR_NONE; - -+ /* Other files. */ - default: -- return GRUB_ERR_NONE; -+ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("prohibited by secure boot policy")); - } - } - -diff --git a/include/grub/verify.h b/include/grub/verify.h -index cd129c3..672ae16 100644 ---- a/include/grub/verify.h -+++ b/include/grub/verify.h -@@ -24,6 +24,7 @@ - - enum grub_verify_flags - { -+ GRUB_VERIFY_FLAGS_NONE = 0, - GRUB_VERIFY_FLAGS_SKIP_VERIFICATION = 1, - GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2, - /* Defer verification to another authority. */ --- -cgit v1.1 - diff --git a/backport-kern-file-Do-not-leak-device_name-on-error-in.patch b/backport-kern-file-Do-not-leak-device_name-on-error-in.patch deleted file mode 100644 index 3c82587f6fb3c697a254dd9850bbe42d1e6dcfd2..0000000000000000000000000000000000000000 --- a/backport-kern-file-Do-not-leak-device_name-on-error-in.patch +++ /dev/null @@ -1,43 +0,0 @@ -From f1ce0e15e70ea1aafcfa26ad93e7585f65783c6f Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Fri, 25 Jun 2021 02:19:05 +1000 -Subject: kern/file: Do not leak device_name on error in grub_file_open() - -If we have an error in grub_file_open() before we free device_name, we -will leak it. - -Free device_name in the error path and null out the pointer in the good -path once we free it there. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f1ce0e15e70ea1aafcfa26ad93e7585f65783c6f -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/kern/file.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c -index df24c1f..8d48fd5 100644 ---- a/grub-core/kern/file.c -+++ b/grub-core/kern/file.c -@@ -79,6 +79,7 @@ grub_file_open (const char *name, enum grub_file_type type) - - device = grub_device_open (device_name); - grub_free (device_name); -+ device_name = NULL; - if (! device) - goto fail; - -@@ -131,6 +132,7 @@ grub_file_open (const char *name, enum grub_file_type type) - return file; - - fail: -+ grub_free (device_name); - if (device) - grub_device_close (device); - --- -cgit v1.1 - diff --git a/backport-kern-file-Fix-error-handling-in-grub_file_open.patch b/backport-kern-file-Fix-error-handling-in-grub_file_open.patch deleted file mode 100644 index fba00f913fe0b54db0c4637c4a58a9368471212c..0000000000000000000000000000000000000000 --- a/backport-kern-file-Fix-error-handling-in-grub_file_open.patch +++ /dev/null @@ -1,41 +0,0 @@ -From e375394fb9233fb1da13f7fb38e38d8aa83d1443 Mon Sep 17 00:00:00 2001 -From: Steve McIntyre -Date: Tue, 6 Dec 2022 01:45:11 +0000 -Subject: kern/file: Fix error handling in grub_file_open() - -grub_file_open() calls grub_file_get_device_name(), but doesn't check -the return. Instead, it checks if grub_errno is set. - -However, nothing initialises grub_errno here when grub_file_open() -starts. This means that trying to open one file that doesn't exist and -then trying to open another file that does will (incorrectly) also -fail to open that second file. - -Let's fix that. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=e375394fb9233fb1da13f7fb38e38d8aa83d1443 -Conflict:NA - -Signed-off-by: Steve McIntyre -Reviewed-by: Daniel Kiper ---- - grub-core/kern/file.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c -index ed69fc0..70b3c62 100644 ---- a/grub-core/kern/file.c -+++ b/grub-core/kern/file.c -@@ -66,6 +66,9 @@ grub_file_open (const char *name, enum grub_file_type type) - const char *file_name; - grub_file_filter_id_t filter; - -+ /* Reset grub_errno before we start. */ -+ grub_errno = GRUB_ERR_NONE; -+ - grub_dprintf ("file", "Opening `%s' ...\n", name); - - device_name = grub_file_get_device_name (name); --- -2.19.1 - diff --git a/backport-kern-fs-Fix-possible-integer-overflow-in-i386-pc-mode-with-large.patch b/backport-kern-fs-Fix-possible-integer-overflow-in-i386-pc-mode-with-large.patch deleted file mode 100644 index 4f2e79367e591e403eb56cfe81cfbc1c3d581975..0000000000000000000000000000000000000000 --- a/backport-kern-fs-Fix-possible-integer-overflow-in-i386-pc-mode-with-large.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 1a241e050652472efa62b2b36ad2fa7f82427b83 Mon Sep 17 00:00:00 2001 -From: Maxim Fomin -Date: Wed, 28 Dec 2022 17:40:06 +0000 -Subject: kern/fs: Fix possible integer overflow in i386-pc mode with large - partitions - -The i386-pc mode supports MBR partition scheme where maximum partition -size is 2 TiB. In case of large partitions left shift expression with -unsigned long int "length" object may cause integer overflow making -calculated partition size less than true value. This issue is fixed by -increasing the size of "length" integer type. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=1a241e050652472efa62b2b36ad2fa7f82427b83 -Conflict:NA - -Signed-off-by: Maxim Fomin -Reviewed-by: Daniel Kiper ---- - grub-core/kern/fs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c -index b950829..7ad0aaf 100644 ---- a/grub-core/kern/fs.c -+++ b/grub-core/kern/fs.c -@@ -130,7 +130,7 @@ grub_fs_probe (grub_device_t device) - struct grub_fs_block - { - grub_disk_addr_t offset; -- unsigned long length; -+ grub_disk_addr_t length; - }; - - static grub_err_t --- -cgit v1.1 - diff --git a/backport-kern-fs-The-grub_fs_probe-should-dprint-errors.patch b/backport-kern-fs-The-grub_fs_probe-should-dprint-errors.patch deleted file mode 100644 index 99c8f775ff455f3c47653c5f10d2ad2584dc0a04..0000000000000000000000000000000000000000 --- a/backport-kern-fs-The-grub_fs_probe-should-dprint-errors.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 92005be6d82b275e32bd74d1aabc45461e70db0d Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Fri, 15 Jul 2022 16:13:01 -0400 -Subject: kern/fs: The grub_fs_probe() should dprint errors from filesystems - -When filesystem detection fails, all that's currently debug-logged is -a series of messages like: - - grub-core/kern/fs.c:56:fs: Detecting ntfs... - grub-core/kern/fs.c:76:fs: ntfs detection failed. - -repeated for each filesystem. Any messages provided to grub_error() by -the filesystem are lost, and one has to break out gdb to figure out what -went wrong. - -With this change, one instead sees: - - grub-core/kern/fs.c:56:fs: Detecting fat... - grub-core/osdep/hostdisk.c:357:hostdisk: reusing open device - `/path/to/device' - grub-core/kern/fs.c:77:fs: error: invalid modification timestamp for /. - grub-core/kern/fs.c:79:fs: fat detection failed. - -in the debug prints. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=92005be6d82b275e32bd74d1aabc45461e70db0d -Conflict:NA - -Signed-off-by: Robbie Harwood -Reviewed-by: Daniel Kiper ---- - grub-core/kern/fs.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c -index e0d7e16..b950829 100644 ---- a/grub-core/kern/fs.c -+++ b/grub-core/kern/fs.c -@@ -75,6 +75,8 @@ grub_fs_probe (grub_device_t device) - return p; - - grub_error_push (); -+ /* The grub_error_push() does not touch grub_errmsg. */ -+ grub_dprintf ("fs", _("error: %s.\n"), grub_errmsg); - grub_dprintf ("fs", "%s detection failed.\n", p->name); - grub_error_pop (); - --- -cgit v1.1 diff --git a/backport-kern-rescue_parser-Ensure-that-parser-allocated-memory-is-not-leaked.patch b/backport-kern-rescue_parser-Ensure-that-parser-allocated-memory-is-not-leaked.patch deleted file mode 100644 index d3ef8cfe53fa4ee80073b5e7576ebdae236f9656..0000000000000000000000000000000000000000 --- a/backport-kern-rescue_parser-Ensure-that-parser-allocated-memory-is-not-leaked.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 62f0489aff002a44a72d390b42fc571e91378838 Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Wed, 16 Mar 2022 17:25:05 +0000 -Subject: kern/rescue_parser: Ensure that parser allocated memory is not leaked - -While it would appear unlikely that the memory allocated in *argv in -grub_parser_split_cmdline() would be leaked, we should try ensure that -it doesn't leak by calling grub_free() before we return from -grub_rescue_parse_line(). - -To avoid a possible double-free, grub_parser_split_cmdline() is being -changed to assign *argv = NULL when we've called grub_free() in the fail -section. - -Fixes: CID 96680 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=62f0489aff002a44a72d390b42fc571e91378838 - ---- - grub-core/kern/parser.c | 2 ++ - grub-core/kern/rescue_parser.c | 10 ++++++++-- - 2 files changed, 10 insertions(+), 2 deletions(-) - -diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c -index 6ab7aa4..9b7b31a 100644 ---- a/grub-core/kern/parser.c -+++ b/grub-core/kern/parser.c -@@ -298,6 +298,8 @@ grub_parser_split_cmdline (const char *cmdline, - - fail: - grub_free (*argv); -+ *argv = NULL; -+ *argc = 0; - goto out; - } - -diff --git a/grub-core/kern/rescue_parser.c b/grub-core/kern/rescue_parser.c -index 6338366..799641a 100644 ---- a/grub-core/kern/rescue_parser.c -+++ b/grub-core/kern/rescue_parser.c -@@ -36,10 +36,16 @@ grub_rescue_parse_line (char *line, - - if (grub_parser_split_cmdline (line, getline, getline_data, &n, &args) - || n < 0) -- return grub_errno; -+ { -+ grub_free(args); -+ return grub_errno; -+ } - - if (n == 0) -- return GRUB_ERR_NONE; -+ { -+ grub_free(args); -+ return GRUB_ERR_NONE; -+ } - - /* In case of an assignment set the environment accordingly - instead of calling a function. */ --- -cgit v1.1 - diff --git a/backport-lib-relocator-Fix-OOB-write-when-initializing-lo-freebytes.patch b/backport-lib-relocator-Fix-OOB-write-when-initializing-lo-freebytes.patch deleted file mode 100644 index 9c78d1d74f1e3f90cea849e4aa689b3fcaebe18a..0000000000000000000000000000000000000000 --- a/backport-lib-relocator-Fix-OOB-write-when-initializing-lo-freebytes.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 9dbfbcd660470c3b951d15af0f6ce5a423185ad2 Mon Sep 17 00:00:00 2001 -From: Daniel Kiper -Date: Fri, 23 Jun 2023 00:02:24 +0200 -Subject: lib/relocator: Fix OOB write when initializing lo->freebytes[] - -Fixes: CID 96636 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=9dbfbcd660470c3b951d15af0f6ce5a423185ad2 -Conflict:NA - -Signed-off-by: Daniel Kiper -Reviewed-by: Vladimir Serbinenko ---- - grub-core/lib/relocator.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c -index 568fc0b..e0478ae 100644 ---- a/grub-core/lib/relocator.c -+++ b/grub-core/lib/relocator.c -@@ -881,9 +881,11 @@ malloc_in_range (struct grub_relocator *rel, - offend = GRUB_RELOCATOR_FIRMWARE_REQUESTS_QUANT; - lo->freebytes[offstart / 8] - &= ((1 << (8 - (start % 8))) - 1); -- grub_memset (lo->freebytes + (offstart + 7) / 8, 0, -- offend / 8 - (offstart + 7) / 8); -- lo->freebytes[offend / 8] &= ~((1 << (offend % 8)) - 1); -+ if (offend / 8 > (offstart + 7) / 8) -+ grub_memset (lo->freebytes + (offstart + 7) / 8, 0, -+ offend / 8 - (offstart + 7) / 8); -+ if (offend < GRUB_RELOCATOR_FIRMWARE_REQUESTS_QUANT) -+ lo->freebytes[offend / 8] &= ~((1 << (offend % 8)) - 1); - } - break; - #endif --- -cgit v1.1 - diff --git a/backport-lib-relocator-Initialize-local-relocator-subchunk-struct-to.patch b/backport-lib-relocator-Initialize-local-relocator-subchunk-struct-to.patch deleted file mode 100644 index 5b63cabb9b5d88186d7b8b31828cc9ec1ef05034..0000000000000000000000000000000000000000 --- a/backport-lib-relocator-Initialize-local-relocator-subchunk-struct-to.patch +++ /dev/null @@ -1,40 +0,0 @@ -From f7f453e0bf1043d89587638ffd24b8c34631b8eb Mon Sep 17 00:00:00 2001 -From: Ross Philipson -Date: Thu, 14 Jul 2022 09:41:28 -0400 -Subject: lib/relocator: Initialize local relocator subchunk struct to all - zeros - -The way the code is written the tofree variable would never be passed to -the free_subchunk() function uninitialized. Coverity cannot determine -this and flags the situation as "Using uninitialized value...". The fix -is just to initialize the local struct. - -Fixes: CID 314016 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=f7f453e0bf1043d89587638ffd24b8c34631b8eb -Conflict:NA - -Signed-off-by: Ross Philipson -Reviewed-by: Darren Kenny -Tested-by: Alec Brown -Reviewed-by: Daniel Kiper ---- - grub-core/lib/relocator.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c -index 68ef128..bfcc70d 100644 ---- a/grub-core/lib/relocator.c -+++ b/grub-core/lib/relocator.c -@@ -989,7 +989,7 @@ malloc_in_range (struct grub_relocator *rel, - if (j != 0 && events[j - 1].pos != events[j].pos) - { - grub_addr_t alloc_start, alloc_end; -- struct grub_relocator_subchunk tofree; -+ struct grub_relocator_subchunk tofree = {0}; - struct grub_relocator_subchunk *curschu = &tofree; - if (!oom) - curschu = &res->subchunks[cural]; --- -cgit v1.1 - diff --git a/backport-loader-arm64-linux-Remove-magic-number-header-field-.patch b/backport-loader-arm64-linux-Remove-magic-number-header-field-.patch deleted file mode 100644 index 4eb7c84def831e121abb13ad48da252c3e453a78..0000000000000000000000000000000000000000 --- a/backport-loader-arm64-linux-Remove-magic-number-header-field-.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 69edb31205602c29293a8c6e67363bba2a4a1e66 Mon Sep 17 00:00:00 2001 -From: Ard Biesheuvel -Date: Thu, 11 Aug 2022 16:51:57 +0200 -Subject: loader/arm64/linux: Remove magic number header field check - -The "ARM\x64" magic number in the file header identifies an image as one -that implements the bare metal boot protocol, allowing the loader to -simply move the file to a suitably aligned address in memory, with -sufficient headroom for the trailing .bss segment (the required memory -size is described in the header as well). - -Note of this matters for GRUB, as it only supports EFI boot. EFI does -not care about this magic number, and nor should GRUB: this prevents us -from booting other PE linux images, such as the generic EFI zboot -decompressor, which is a pure PE/COFF image, and does not implement the -bare metal boot protocol. - -So drop the magic number check. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=69edb31205602c29293a8c6e67363bba2a4a1e66 -Conflict:NA - -Signed-off-by: Ard Biesheuvel -Reviewed-by: Daniel Kiper ---- - grub-core/loader/arm64/linux.c | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c -index d2af47c..c6db843 100644 ---- a/grub-core/loader/arm64/linux.c -+++ b/grub-core/loader/arm64/linux.c -@@ -55,9 +55,6 @@ static grub_addr_t initrd_end; - grub_err_t - grub_arch_efi_linux_check_image (struct linux_arch_kernel_header * lh) - { -- if (lh->magic != GRUB_LINUX_ARMXX_MAGIC_SIGNATURE) -- return grub_error(GRUB_ERR_BAD_OS, "invalid magic number"); -- - if ((lh->code0 & 0xffff) != GRUB_PE32_MAGIC) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - N_("plain image kernel not supported - rebuild with CONFIG_(U)EFI_STUB enabled")); --- -2.19.1 - diff --git a/backport-loader-efi-chainloader-Simplify-the-loader-state.patch b/backport-loader-efi-chainloader-Simplify-the-loader-state.patch deleted file mode 100644 index f8f5ce72cc0822ef4e9438a814bb4a41cdb76488..0000000000000000000000000000000000000000 --- a/backport-loader-efi-chainloader-Simplify-the-loader-state.patch +++ /dev/null @@ -1,336 +0,0 @@ -From 1469983ebb9674753ad333d37087fb8cb20e1dce Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Fri, 29 Apr 2022 21:13:08 +0100 -Subject: loader/efi/chainloader: Simplify the loader state - -When not using the shim lock protocol, the chainloader command retains -the source buffer and device path passed to LoadImage, requiring the -unload hook passed to grub_loader_set to free them. It isn't required -to retain this state though - they aren't required by StartImage or -anything else in the boot hook, so clean them up before -grub_cmd_chainloader finishes. - -This also wraps the loader state when using the shim lock protocol -inside a struct. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit fa39862933b3be1553a580a3a5c28073257d8046) -[rharwood: fix unitialized handle and double-frees of file/dev] -Signed-off-by: Robbie Harwood ---- - grub-core/loader/efi/chainloader.c | 160 +++++++++++++++++++++++-------------- - 1 file changed, 102 insertions(+), 58 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index d3bf02ed8a..3342492ff1 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -48,38 +48,21 @@ GRUB_MOD_LICENSE ("GPLv3+"); - - static grub_dl_t my_mod; - --static grub_efi_physical_address_t address; --static grub_efi_uintn_t pages; --static grub_ssize_t fsize; --static grub_efi_device_path_t *file_path; - static grub_efi_handle_t image_handle; --static grub_efi_char16_t *cmdline; --static grub_ssize_t cmdline_len; --static grub_efi_handle_t dev_handle; - --static grub_efi_status_t (*entry_point) (grub_efi_handle_t image_handle, grub_efi_system_table_t *system_table); -+struct grub_secureboot_chainloader_context { -+ grub_efi_physical_address_t address; -+ grub_efi_uintn_t pages; -+ grub_ssize_t fsize; -+ grub_efi_device_path_t *file_path; -+ grub_efi_char16_t *cmdline; -+ grub_ssize_t cmdline_len; -+ grub_efi_handle_t dev_handle; -+}; -+static struct grub_secureboot_chainloader_context *sb_context; - - static grub_err_t --grub_chainloader_unload (void) --{ -- grub_efi_boot_services_t *b; -- -- b = grub_efi_system_table->boot_services; -- efi_call_1 (b->unload_image, image_handle); -- grub_efi_free_pages (address, pages); -- -- grub_free (file_path); -- grub_free (cmdline); -- cmdline = 0; -- file_path = 0; -- dev_handle = 0; -- -- grub_dl_unref (my_mod); -- return GRUB_ERR_NONE; --} -- --static grub_err_t --grub_chainloader_boot (void) -+grub_start_image (grub_efi_handle_t handle) - { - grub_efi_boot_services_t *b; - grub_efi_status_t status; -@@ -87,7 +70,7 @@ grub_chainloader_boot (void) - grub_efi_char16_t *exit_data = NULL; - - b = grub_efi_system_table->boot_services; -- status = efi_call_3 (b->start_image, image_handle, &exit_data_size, &exit_data); -+ status = efi_call_3 (b->start_image, handle, &exit_data_size, &exit_data); - if (status != GRUB_EFI_SUCCESS) - { - if (exit_data) -@@ -111,11 +94,37 @@ grub_chainloader_boot (void) - if (exit_data) - grub_efi_free_pool (exit_data); - -- grub_loader_unset (); -- - return grub_errno; - } - -+static grub_err_t -+grub_chainloader_unload (void) -+{ -+ grub_efi_loaded_image_t *loaded_image; -+ grub_efi_boot_services_t *b; -+ -+ loaded_image = grub_efi_get_loaded_image (image_handle); -+ if (loaded_image != NULL) -+ grub_free (loaded_image->load_options); -+ -+ b = grub_efi_system_table->boot_services; -+ efi_call_1 (b->unload_image, image_handle); -+ -+ grub_dl_unref (my_mod); -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_chainloader_boot (void) -+{ -+ grub_err_t err; -+ -+ err = grub_start_image (image_handle); -+ -+ grub_loader_unset (); -+ return err; -+} -+ - static grub_err_t - copy_file_path (grub_efi_file_path_device_path_t *fp, - const char *str, grub_efi_uint16_t len) -@@ -150,7 +159,7 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) - char *dir_start; - char *dir_end; - grub_size_t size; -- grub_efi_device_path_t *d; -+ grub_efi_device_path_t *d, *file_path; - - dir_start = grub_strchr (filename, ')'); - if (! dir_start) -@@ -526,10 +535,12 @@ grub_efi_get_media_file_path (grub_efi_device_path_t *dp) - } - - static grub_efi_boolean_t --handle_image (void *data, grub_efi_uint32_t datasize) -+handle_image (struct grub_secureboot_chainloader_context *load_context) - { - grub_efi_loaded_image_t *li, li_bak; - grub_efi_status_t efi_status; -+ void *data = (void *)(unsigned long)load_context->address; -+ grub_efi_uint32_t datasize = load_context->fsize; - void *buffer = NULL; - char *buffer_aligned = NULL; - grub_efi_uint32_t i; -@@ -540,6 +551,7 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_uint32_t buffer_size; - int found_entry_point = 0; - int rc; -+ grub_efi_status_t (*entry_point) (grub_efi_handle_t image_handle, grub_efi_system_table_t *system_table); - - rc = read_header (data, datasize, &context); - if (rc < 0) -@@ -797,10 +809,10 @@ handle_image (void *data, grub_efi_uint32_t datasize) - grub_memcpy (&li_bak, li, sizeof (grub_efi_loaded_image_t)); - li->image_base = buffer_aligned; - li->image_size = context.image_size; -- li->load_options = cmdline; -- li->load_options_size = cmdline_len; -- li->file_path = grub_efi_get_media_file_path (file_path); -- li->device_handle = dev_handle; -+ li->load_options = load_context->cmdline; -+ li->load_options_size = load_context->cmdline_len; -+ li->file_path = grub_efi_get_media_file_path (load_context->file_path); -+ li->device_handle = load_context->dev_handle; - if (!li->file_path) - { - grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching file path found"); -@@ -829,19 +841,22 @@ error_exit: - static grub_err_t - grub_secureboot_chainloader_unload (void) - { -- grub_efi_free_pages (address, pages); -- grub_free (file_path); -- grub_free (cmdline); -- cmdline = 0; -- file_path = 0; -- dev_handle = 0; -+ grub_efi_free_pages (sb_context->address, sb_context->pages); -+ grub_free (sb_context->file_path); -+ grub_free (sb_context->cmdline); -+ grub_free (sb_context); -+ -+ sb_context = 0; - - grub_dl_unref (my_mod); - return GRUB_ERR_NONE; - } - - static grub_err_t --grub_load_image(void *boot_image) -+grub_load_image(grub_efi_device_path_t *file_path, void *boot_image, -+ grub_efi_uintn_t image_size, grub_efi_handle_t dev_handle, -+ grub_efi_char16_t *cmdline, grub_ssize_t cmdline_len, -+ grub_efi_handle_t *image_handle_out) - { - grub_efi_boot_services_t *b; - grub_efi_status_t status; -@@ -850,7 +865,7 @@ grub_load_image(void *boot_image) - b = grub_efi_system_table->boot_services; - - status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path, -- boot_image, fsize, &image_handle); -+ boot_image, image_size, image_handle_out); - if (status != GRUB_EFI_SUCCESS) - { - if (status == GRUB_EFI_OUT_OF_RESOURCES) -@@ -863,7 +878,7 @@ grub_load_image(void *boot_image) - /* LoadImage does not set a device handler when the image is - loaded from memory, so it is necessary to set it explicitly here. - This is a mess. */ -- loaded_image = grub_efi_get_loaded_image (image_handle); -+ loaded_image = grub_efi_get_loaded_image (*image_handle_out); - if (! loaded_image) - { - grub_error (GRUB_ERR_BAD_OS, "no loaded image available"); -@@ -885,20 +900,25 @@ grub_secureboot_chainloader_boot (void) - { - grub_efi_boot_services_t *b; - int rc; -+ grub_efi_handle_t handle = 0; - -- rc = handle_image ((void *)(unsigned long)address, fsize); -+ rc = handle_image (sb_context); - if (rc == 0) - { - /* We weren't able to attempt to execute the image, so fall back - * to LoadImage / StartImage. - */ -- rc = grub_load_image((void *)(unsigned long)address); -+ rc = grub_load_image(sb_context->file_path, -+ (void *)(unsigned long)sb_context->address, -+ sb_context->fsize, sb_context->dev_handle, -+ sb_context->cmdline, sb_context->cmdline_len, -+ &handle); - if (rc == 0) -- grub_chainloader_boot (); -+ grub_start_image (handle); - } - - b = grub_efi_system_table->boot_services; -- efi_call_1 (b->unload_image, image_handle); -+ efi_call_1 (b->unload_image, handle); - - grub_loader_unset (); - return grub_errno; -@@ -913,9 +933,15 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_boot_services_t *b; - grub_device_t dev = 0; - grub_device_t orig_dev = 0; -- grub_efi_device_path_t *dp = 0; -+ grub_efi_device_path_t *dp = 0, *file_path = 0; - char *filename; - void *boot_image = 0; -+ grub_efi_physical_address_t address = 0; -+ grub_ssize_t fsize; -+ grub_efi_uintn_t pages = 0; -+ grub_efi_char16_t *cmdline = 0; -+ grub_ssize_t cmdline_len = 0; -+ grub_efi_handle_t dev_handle = 0; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -923,12 +949,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - - grub_dl_ref (my_mod); - -- /* Initialize some global variables. */ -- address = 0; -- image_handle = 0; -- file_path = 0; -- dev_handle = 0; -- - b = grub_efi_system_table->boot_services; - - if (argc > 1) -@@ -1093,17 +1113,35 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - - if (grub_efi_get_secureboot () == GRUB_EFI_SECUREBOOT_MODE_ENABLED) - { -+ sb_context = grub_malloc (sizeof (*sb_context)); -+ if (sb_context == NULL) -+ goto fail; -+ sb_context->address = address; -+ sb_context->fsize = fsize; -+ sb_context->pages = pages; -+ sb_context->file_path = file_path; -+ sb_context->cmdline = cmdline; -+ sb_context->cmdline_len = cmdline_len; -+ sb_context->dev_handle = dev_handle; -+ - grub_file_close (file); - grub_device_close (dev); -+ - grub_loader_set (grub_secureboot_chainloader_boot, - grub_secureboot_chainloader_unload, 0); - return 0; - } - else - { -- grub_load_image(boot_image); -+ grub_load_image(file_path, boot_image, fsize, dev_handle, cmdline, -+ cmdline_len, &image_handle); - grub_file_close (file); - grub_device_close (dev); -+ -+ /* We're finished with the source image buffer and file path now */ -+ efi_call_2 (b->free_pages, address, pages); -+ grub_free (file_path); -+ - grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); - - return 0; -@@ -1130,6 +1168,12 @@ fail: - if (cmdline) - grub_free (cmdline); - -+ if (image_handle != 0) -+ { -+ efi_call_1 (b->unload_image, image_handle); -+ image_handle = 0; -+ } -+ - grub_dl_unref (my_mod); - - return grub_errno; --- -2.19.1 - diff --git a/backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch b/backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch deleted file mode 100644 index 46c016d336f26d510e8effb599c3a8fbd29b9c2a..0000000000000000000000000000000000000000 --- a/backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch +++ /dev/null @@ -1,155 +0,0 @@ -From 04c86e0bb7b58fc2f913f798cdb18934933e532d Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Fri, 29 Apr 2022 21:30:56 +0100 -Subject: [PATCH] loader/efi/chainloader: Use grub_loader_set_ex - -This ports the EFI chainloader to use grub_loader_set_ex() in order to fix -a use-after-free bug that occurs when grub_cmd_chainloader() is executed -more than once before a boot attempt is performed. - -Fixes: CVE-2022-28736 - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit 4b7f0402b7cb0f67a93be736f2b75b818d7f44c9) -[rharwood: context sludge from other change] -Signed-off-by: Robbie Harwood ---- - grub-core/loader/efi/chainloader.c | 38 ++++++++++++++++++++++---------------- - 1 file changed, 22 insertions(+), 16 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 3342492ff1..fb874f1855 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -48,8 +48,6 @@ GRUB_MOD_LICENSE ("GPLv3+"); - - static grub_dl_t my_mod; - --static grub_efi_handle_t image_handle; -- - struct grub_secureboot_chainloader_context { - grub_efi_physical_address_t address; - grub_efi_uintn_t pages; -@@ -59,7 +57,6 @@ struct grub_secureboot_chainloader_context { - grub_ssize_t cmdline_len; - grub_efi_handle_t dev_handle; - }; --static struct grub_secureboot_chainloader_context *sb_context; - - static grub_err_t - grub_start_image (grub_efi_handle_t handle) -@@ -98,11 +95,14 @@ grub_start_image (grub_efi_handle_t handle) - } - - static grub_err_t --grub_chainloader_unload (void) -+grub_chainloader_unload (void *context) - { -+ grub_efi_handle_t image_handle; - grub_efi_loaded_image_t *loaded_image; - grub_efi_boot_services_t *b; - -+ image_handle = (grub_efi_handle_t) context; -+ - loaded_image = grub_efi_get_loaded_image (image_handle); - if (loaded_image != NULL) - grub_free (loaded_image->load_options); -@@ -115,10 +115,12 @@ grub_chainloader_unload (void) - } - - static grub_err_t --grub_chainloader_boot (void) -+grub_chainloader_boot (void *context) - { -+ grub_efi_handle_t image_handle; - grub_err_t err; - -+ image_handle = (grub_efi_handle_t) context; - err = grub_start_image (image_handle); - - grub_loader_unset (); -@@ -839,15 +841,17 @@ error_exit: - } - - static grub_err_t --grub_secureboot_chainloader_unload (void) -+grub_secureboot_chainloader_unload (void *context) - { -+ struct grub_secureboot_chainloader_context *sb_context; -+ -+ sb_context = (struct grub_secureboot_chainloader_context *) context; -+ - grub_efi_free_pages (sb_context->address, sb_context->pages); - grub_free (sb_context->file_path); - grub_free (sb_context->cmdline); - grub_free (sb_context); - -- sb_context = 0; -- - grub_dl_unref (my_mod); - return GRUB_ERR_NONE; - } -@@ -896,12 +900,15 @@ grub_load_image(grub_efi_device_path_t *file_path, void *boot_image, - } - - static grub_err_t --grub_secureboot_chainloader_boot (void) -+grub_secureboot_chainloader_boot (void *context) - { -+ struct grub_secureboot_chainloader_context *sb_context; - grub_efi_boot_services_t *b; - int rc; - grub_efi_handle_t handle = 0; - -+ sb_context = (struct grub_secureboot_chainloader_context *) context; -+ - rc = handle_image (sb_context); - if (rc == 0) - { -@@ -942,6 +949,8 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_efi_char16_t *cmdline = 0; - grub_ssize_t cmdline_len = 0; - grub_efi_handle_t dev_handle = 0; -+ grub_efi_handle_t image_handle = 0; -+ struct grub_secureboot_chainloader_context *sb_context = 0; - - if (argc == 0) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -@@ -1127,8 +1136,8 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - grub_file_close (file); - grub_device_close (dev); - -- grub_loader_set (grub_secureboot_chainloader_boot, -- grub_secureboot_chainloader_unload, 0); -+ grub_loader_set_ex (grub_secureboot_chainloader_boot, -+ grub_secureboot_chainloader_unload, sb_context, 0); - return 0; - } - else -@@ -1142,7 +1151,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - efi_call_2 (b->free_pages, address, pages); - grub_free (file_path); - -- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); -+ grub_loader_set_ex (grub_chainloader_boot, grub_chainloader_unload, image_handle, 0); - - return 0; - } -@@ -1169,10 +1178,7 @@ fail: - grub_free (cmdline); - - if (image_handle != 0) -- { -- efi_call_1 (b->unload_image, image_handle); -- image_handle = 0; -- } -+ efi_call_1 (b->unload_image, image_handle); - - grub_dl_unref (my_mod); - --- -2.19.1 - diff --git a/backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch b/backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch deleted file mode 100644 index 939335cff82bd95f6bb941da0b2a907f3939a30f..0000000000000000000000000000000000000000 --- a/backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Thu, 28 Apr 2022 21:53:36 +0100 -Subject: [PATCH] loader/efi/chainloader: grub_load_and_start_image doesn't - load and start - -grub_load_and_start_image only loads an image - it still requires the -caller to start it. This renames it to grub_load_image. - -It's called from 2 places: -- grub_cmd_chainloader when not using the shim protocol. -- grub_secureboot_chainloader_boot if handle_image returns an error. -In this case, the image is loaded and then nothing else happens which -seems strange. I assume the intention is that it falls back to LoadImage -and StartImage if handle_image fails, so I've made it do that. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit b4d70820a65c00561045856b7b8355461a9545f6) ---- - grub-core/loader/efi/chainloader.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 644cd2e56f..d3bf02ed8a 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -841,7 +841,7 @@ grub_secureboot_chainloader_unload (void) - } - - static grub_err_t --grub_load_and_start_image(void *boot_image) -+grub_load_image(void *boot_image) - { - grub_efi_boot_services_t *b; - grub_efi_status_t status; -@@ -883,13 +883,23 @@ grub_load_and_start_image(void *boot_image) - static grub_err_t - grub_secureboot_chainloader_boot (void) - { -+ grub_efi_boot_services_t *b; - int rc; -+ - rc = handle_image ((void *)(unsigned long)address, fsize); - if (rc == 0) - { -- grub_load_and_start_image((void *)(unsigned long)address); -+ /* We weren't able to attempt to execute the image, so fall back -+ * to LoadImage / StartImage. -+ */ -+ rc = grub_load_image((void *)(unsigned long)address); -+ if (rc == 0) -+ grub_chainloader_boot (); - } - -+ b = grub_efi_system_table->boot_services; -+ efi_call_1 (b->unload_image, image_handle); -+ - grub_loader_unset (); - return grub_errno; - } -@@ -1091,7 +1101,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), - } - else - { -- grub_load_and_start_image(boot_image); -+ grub_load_image(boot_image); - grub_file_close (file); - grub_device_close (dev); - grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); diff --git a/backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch b/backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch deleted file mode 100644 index af58eab2dccb1cc6558ffe83b6d848dac4a5f3fd..0000000000000000000000000000000000000000 --- a/backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Mon, 2 May 2022 14:39:31 +0200 -Subject: [PATCH] loader/i386/efi/linux: Avoid a use-after-free in the linuxefi - loader - -In some error paths in grub_cmd_linux, the pointer to lh may be -dereferenced after the buffer it points to has been freed. There aren't -any security implications from this because nothing else uses the -allocator after the buffer is freed and before the pointer is -dereferenced, but fix it anyway. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit 8224f5a71af94bec8697de17e7e579792db9f9e2) ---- - grub-core/loader/i386/efi/linux.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 941df6400b..27bc2aa161 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -465,9 +465,6 @@ fail: - if (file) - grub_file_close (file); - -- if (kernel) -- grub_free (kernel); -- - if (grub_errno != GRUB_ERR_NONE) - { - grub_dl_unref (my_mod); -@@ -483,6 +480,8 @@ fail: - kernel_free (params, sizeof(*params)); - } - -+ grub_free (kernel); -+ - return grub_errno; - } - diff --git a/backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch b/backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch deleted file mode 100644 index ae6eeb7b246639d83d25b0c57b286aa8daa6cf46..0000000000000000000000000000000000000000 --- a/backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Tue, 3 May 2022 09:47:35 +0200 -Subject: [PATCH] loader/i386/efi/linux: Fix a memory leak in the initrd - command - -Subsequent invocations of the initrd command result in the previous -initrd being leaked, so fix that. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit d98af31ce1e31bb22163960d53f5eb28c66582a0) ---- - grub-core/loader/i386/efi/linux.c | 21 ++++++++++++--------- - 1 file changed, 12 insertions(+), 9 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index e3c2d6fe0b..9e5c11ac69 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -209,6 +209,7 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - grub_uint8_t *ptr; - struct grub_linuxefi_context *context = (struct grub_linuxefi_context *) cmd->data; - struct linux_kernel_params *params; -+ void *initrd_mem = 0; - - if (argc == 0) - { -@@ -241,19 +242,19 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - } - } - -- context->initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -- if (context->initrd_mem == NULL) -+ initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -+ if (initrd_mem == NULL) - goto fail; -- grub_dprintf ("linux", "initrd_mem = %p\n", context->initrd_mem); -+ grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); - - params->ramdisk_size = LOW_U32(size); -- params->ramdisk_image = LOW_U32(context->initrd_mem); -+ params->ramdisk_image = LOW_U32(initrd_mem); - #if defined(__x86_64__) - params->ext_ramdisk_size = HIGH_U32(size); -- params->ext_ramdisk_image = HIGH_U32(context->initrd_mem); -+ params->ext_ramdisk_image = HIGH_U32(initrd_mem); - #endif - -- ptr = context->initrd_mem; -+ ptr = initrd_mem; - - for (i = 0; i < nfiles; i++) - { -@@ -270,6 +271,9 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - ptr += ALIGN_UP_OVERHEAD (cursize, 4); - } - -+ kernel_free(context->initrd_mem, params->ramdisk_size); -+ -+ context->initrd_mem = initrd_mem; - params->ramdisk_size = size; - - fail: -@@ -277,9 +281,8 @@ grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - grub_file_close (files[i]); - grub_free (files); - -- if (context->initrd_mem && grub_errno) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)context->initrd_mem, -- BYTES_TO_PAGES(size)); -+ if (initrd_mem && grub_errno) -+ kernel_free (initrd_mem, size); - - return grub_errno; - } - diff --git a/backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch b/backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch deleted file mode 100644 index 171f900f525f4412e21438bfe0012a57ff05d93a..0000000000000000000000000000000000000000 --- a/backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch +++ /dev/null @@ -1,299 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Mon, 2 May 2022 17:04:23 +0200 -Subject: [PATCH] loader/i386/efi/linux: Use grub_loader_set_ex - -This ports the linuxefi loader to use grub_loader_set_ex in order to fix -a use-after-fre bug that occurs when grub_cmd_linux is executed more than -once before a boot attempt is performed. - -This is more complicated than for the chainloader command, as the initrd -command needs access to the loader state. To solve this, the linuxefi -module registers a dummy initrd command at startup that returns an error. -The linuxefi command then registers a proper initrd command with a higher -priority that is passed the loader state. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Chris Coulson -(cherry picked from commit 7cf736436b4c934df5ddfa6f44b46a7e07d99fdc) -[rharwood/pjones: set kernel_size in context] -Signed-off-by: Robbie Harwood ---- - grub-core/loader/i386/efi/linux.c | 146 +++++++++++++++++++++++--------------- - 1 file changed, 87 insertions(+), 59 deletions(-) - -diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c -index 27bc2aa161..e3c2d6fe0b 100644 ---- a/grub-core/loader/i386/efi/linux.c -+++ b/grub-core/loader/i386/efi/linux.c -@@ -34,13 +34,19 @@ - GRUB_MOD_LICENSE ("GPLv3+"); - - static grub_dl_t my_mod; --static int loaded; --static void *kernel_mem; --static grub_uint64_t kernel_size; --static void *initrd_mem; --static grub_uint32_t handover_offset; --struct linux_kernel_params *params; --static char *linux_cmdline; -+ -+static grub_command_t cmd_linux, cmd_initrd; -+static grub_command_t cmd_linuxefi, cmd_initrdefi; -+ -+struct grub_linuxefi_context { -+ void *kernel_mem; -+ grub_uint64_t kernel_size; -+ grub_uint32_t handover_offset; -+ struct linux_kernel_params *params; -+ char *cmdline; -+ -+ void *initrd_mem; -+}; - - #define MIN(a, b) \ - ({ typeof (a) _a = (a); \ -@@ -123,25 +129,32 @@ kernel_alloc(grub_efi_uintn_t size, const char * const errmsg) - } - - static grub_err_t --grub_linuxefi_boot (void) -+grub_linuxefi_boot (void *data) - { -+ struct grub_linuxefi_context *context = (struct grub_linuxefi_context *) data; -+ - asm volatile ("cli"); - -- return grub_efi_linux_boot ((char *)kernel_mem, -- handover_offset, -- params); -+ return grub_efi_linux_boot ((char *)context->kernel_mem, -+ context->handover_offset, -+ context->params); - } - - static grub_err_t --grub_linuxefi_unload (void) -+grub_linuxefi_unload (void *data) - { -+ struct grub_linuxefi_context *context = (struct grub_linuxefi_context *) data; -+ struct linux_kernel_params *params = context->params; -+ - grub_dl_unref (my_mod); -- loaded = 0; - -- kernel_free(initrd_mem, params->ramdisk_size); -- kernel_free(linux_cmdline, params->cmdline_size + 1); -- kernel_free(kernel_mem, kernel_size); -- kernel_free(params, sizeof(*params)); -+ kernel_free (context->initrd_mem, params->ramdisk_size); -+ kernel_free (context->cmdline, params->cmdline_size + 1); -+ kernel_free (context->kernel_mem, context->kernel_size); -+ kernel_free (params, sizeof(*params)); -+ cmd_initrd->data = 0; -+ cmd_initrdefi->data = 0; -+ grub_free (context); - - return GRUB_ERR_NONE; - } -@@ -188,13 +201,14 @@ read(grub_file_t file, grub_uint8_t *bufp, grub_size_t len) - #define HIGH_U32(val) ((grub_uint32_t)(((grub_addr_t)(val) >> 32) & 0xffffffffull)) - - static grub_err_t --grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), -- int argc, char *argv[]) -+grub_cmd_initrd (grub_command_t cmd, int argc, char *argv[]) - { - grub_file_t *files = 0; - int i, nfiles = 0; - grub_size_t size = 0; - grub_uint8_t *ptr; -+ struct grub_linuxefi_context *context = (struct grub_linuxefi_context *) cmd->data; -+ struct linux_kernel_params *params; - - if (argc == 0) - { -@@ -202,12 +216,14 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - goto fail; - } - -- if (!loaded) -+ if (!context) - { - grub_error (GRUB_ERR_BAD_ARGUMENT, N_("you need to load the kernel first")); - goto fail; - } - -+ params = context->params; -+ - files = grub_calloc (argc, sizeof (files[0])); - if (!files) - goto fail; -@@ -225,19 +241,19 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - } - } - -- initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -- if (initrd_mem == NULL) -+ context->initrd_mem = kernel_alloc(size, N_("can't allocate initrd")); -+ if (context->initrd_mem == NULL) - goto fail; -- grub_dprintf ("linux", "initrd_mem = %p\n", initrd_mem); -+ grub_dprintf ("linux", "initrd_mem = %p\n", context->initrd_mem); - - params->ramdisk_size = LOW_U32(size); -- params->ramdisk_image = LOW_U32(initrd_mem); -+ params->ramdisk_image = LOW_U32(context->initrd_mem); - #if defined(__x86_64__) - params->ext_ramdisk_size = HIGH_U32(size); -- params->ext_ramdisk_image = HIGH_U32(initrd_mem); -+ params->ext_ramdisk_image = HIGH_U32(context->initrd_mem); - #endif - -- ptr = initrd_mem; -+ ptr = context->initrd_mem; - - for (i = 0; i < nfiles; i++) - { -@@ -261,8 +277,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), - grub_file_close (files[i]); - grub_free (files); - -- if (initrd_mem && grub_errno) -- grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)initrd_mem, -+ if (context->initrd_mem && grub_errno) -+ grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t)context->initrd_mem, - BYTES_TO_PAGES(size)); - - return grub_errno; -@@ -277,6 +293,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_ssize_t start, filelen; - void *kernel = NULL; - int setup_header_end_offset; -+ void *kernel_mem = 0; -+ grub_uint64_t kernel_size = 0; -+ grub_uint32_t handover_offset; -+ struct linux_kernel_params *params = 0; -+ char *cmdline = 0; -+ struct grub_linuxefi_context *context = 0; - - grub_dl_ref (my_mod); - -@@ -390,27 +412,27 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - grub_dprintf ("linux", "new lh is at %p\n", lh); - - grub_dprintf ("linux", "setting up cmdline\n"); -- linux_cmdline = kernel_alloc (lh->cmdline_size + 1, N_("can't allocate cmdline")); -- if (!linux_cmdline) -+ cmdline = kernel_alloc (lh->cmdline_size + 1, N_("can't allocate cmdline")); -+ if (!cmdline) - goto fail; -- grub_dprintf ("linux", "linux_cmdline = %p\n", linux_cmdline); -+ grub_dprintf ("linux", "cmdline = %p\n", cmdline); - -- grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); -+ grub_memcpy (cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE)); - grub_create_loader_cmdline (argc, argv, -- linux_cmdline + sizeof (LINUX_IMAGE) - 1, -+ cmdline + sizeof (LINUX_IMAGE) - 1, - lh->cmdline_size - (sizeof (LINUX_IMAGE) - 1), - GRUB_VERIFY_KERNEL_CMDLINE); - -- grub_dprintf ("linux", "cmdline:%s\n", linux_cmdline); -+ grub_dprintf ("linux", "cmdline:%s\n", cmdline); - grub_dprintf ("linux", "setting lh->cmd_line_ptr to 0x%08x\n", -- LOW_U32(linux_cmdline)); -- lh->cmd_line_ptr = LOW_U32(linux_cmdline); -+ LOW_U32(cmdline)); -+ lh->cmd_line_ptr = LOW_U32(cmdline); - #if defined(__x86_64__) -- if ((grub_efi_uintn_t)linux_cmdline > 0xffffffffull) -+ if ((grub_efi_uintn_t)cmdline > 0xffffffffull) - { - grub_dprintf ("linux", "setting params->ext_cmd_line_ptr to 0x%08x\n", -- HIGH_U32(linux_cmdline)); -- params->ext_cmd_line_ptr = HIGH_U32(linux_cmdline); -+ HIGH_U32(cmdline)); -+ params->ext_cmd_line_ptr = HIGH_U32(cmdline); - } - #endif - -@@ -435,16 +457,13 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - } - max_addresses[1].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; - max_addresses[2].addr = GRUB_EFI_MAX_ALLOCATION_ADDRESS; -- kernel_mem = kernel_alloc (lh->init_size, N_("can't allocate kernel")); -+ kernel_size = lh->init_size; -+ kernel_mem = kernel_alloc (kernel_size, N_("can't allocate kernel")); - restore_addresses(); - if (!kernel_mem) - goto fail; - grub_dprintf("linux", "kernel_mem = %p\n", kernel_mem); - -- grub_loader_set (grub_linuxefi_boot, grub_linuxefi_unload, 0); -- -- loaded = 1; -- - grub_dprintf ("linux", "setting lh->code32_start to 0x%08x\n", - LOW_U32(kernel_mem)); - lh->code32_start = LOW_U32(kernel_mem); -@@ -461,33 +480,42 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), - "setting lh->ext_loader_{type,ver} = {0x%02x,0x%02x}\n", - params->ext_loader_type, params->ext_loader_ver); - -+ context = grub_zalloc (sizeof (*context)); -+ if (!context) -+ goto fail; -+ context->kernel_mem = kernel_mem; -+ context->kernel_size = kernel_size; -+ context->handover_offset = handover_offset; -+ context->params = params; -+ context->cmdline = cmdline; -+ -+ grub_loader_set_ex (grub_linuxefi_boot, grub_linuxefi_unload, context, 0); -+ -+ cmd_initrd->data = context; -+ cmd_initrdefi->data = context; -+ -+ grub_file_close (file); -+ grub_free (kernel); -+ return 0; -+ - fail: - if (file) - grub_file_close (file); - -- if (grub_errno != GRUB_ERR_NONE) -- { -- grub_dl_unref (my_mod); -- loaded = 0; -- } -+ grub_dl_unref (my_mod); - -- if (!loaded) -- { -- if (lh) -- kernel_free (linux_cmdline, lh->cmdline_size + 1); -+ if (lh) -+ kernel_free (cmdline, lh->cmdline_size + 1); - -- kernel_free (kernel_mem, kernel_size); -- kernel_free (params, sizeof(*params)); -- } -+ kernel_free (kernel_mem, kernel_size); -+ kernel_free (params, sizeof(*params)); - -+ grub_free (context); - grub_free (kernel); - - return grub_errno; - } - --static grub_command_t cmd_linux, cmd_initrd; --static grub_command_t cmd_linuxefi, cmd_initrdefi; -- - GRUB_MOD_INIT(linux) - { - cmd_linux = diff --git a/backport-loader-i386-pc-linux-Fix-uninitialized-scalar-variable.patch b/backport-loader-i386-pc-linux-Fix-uninitialized-scalar-variable.patch deleted file mode 100644 index 1c0a737bce95aabdb93bc5ea765c0ef43d0e8514..0000000000000000000000000000000000000000 --- a/backport-loader-i386-pc-linux-Fix-uninitialized-scalar-variable.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 261e4511ce335cc3784cbbe6c99fd35a81efa059 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Mon, 21 Mar 2022 02:28:57 -0400 -Subject: loader/i386/pc/linux: Fix uninitialized scalar variable - -In the function grub_linux16_boot(), struct grub_relocator16_state state is -called but isn't being initialized. This results in the members grub_uint32_t -ebx, grub_uint32_t edx, grub_uint32_t esi, and grub_uint32_t ebp being filled -with junk data from the stack since none of them are being set to any values. -We can prevent this by setting state to {0}. - -Fixes: CID 375028 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=261e4511ce335cc3784cbbe6c99fd35a81efa059 - ---- - grub-core/loader/i386/pc/linux.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c -index b670b65..7b89d43 100644 ---- a/grub-core/loader/i386/pc/linux.c -+++ b/grub-core/loader/i386/pc/linux.c -@@ -55,7 +55,7 @@ static grub_err_t - grub_linux16_boot (void) - { - grub_uint16_t segment; -- struct grub_relocator16_state state; -+ struct grub_relocator16_state state = {0}; - - segment = grub_linux_real_target >> 4; - state.gs = state.fs = state.es = state.ds = state.ss = segment; --- -cgit v1.1 - diff --git a/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch b/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch deleted file mode 100644 index 66122721bc9bfe707920f0770a65fec2bd35fc9e..0000000000000000000000000000000000000000 --- a/backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch +++ /dev/null @@ -1,157 +0,0 @@ -From 544fd63f0f7a6b1e270ec88c4ece2c3e76b206f5 Mon Sep 17 00:00:00 2001 -From: Gary Lin -Date: Fri, 25 Nov 2022 15:37:35 +0800 -Subject: [PATCH] loader/linux: Ensure the newc pathname is NULL-terminated - -Per "man 5 cpio", the namesize in the cpio header includes the trailing -NUL byte of the pathname and the pathname is followed by NUL bytes, but -the current implementation ignores the trailing NUL byte when making -the newc header. Although make_header() tries to pad the pathname string, -the padding won't happen when strlen(name) + sizeof(struct newc_head) -is a multiple of 4, and the non-NULL-terminated pathname may lead to -unexpected results. - -Assume that a file is created with 'echo -n aaaa > /boot/test12' and -loaded by grub2: - - linux /boot/vmlinuz - initrd newc:test12:/boot/test12 /boot/initrd - -The initrd command eventually invoked grub_initrd_load() and sent -'t''e''s''t''1''2' to make_header() to generate the header: - -00000070 30 37 30 37 30 31 33 30 31 43 41 30 44 45 30 30 |070701301CA0DE00| -00000080 30 30 38 31 41 34 30 30 30 30 30 33 45 38 30 30 |0081A4000003E800| -00000090 30 30 30 30 36 34 30 30 30 30 30 30 30 31 36 33 |0000640000000163| -000000a0 37 36 45 34 35 32 30 30 30 30 30 30 30 34 30 30 |76E4520000000400| -000000b0 30 30 30 30 30 38 30 30 30 30 30 30 31 33 30 30 |0000080000001300| -000000c0 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 |0000000000000000| -000000d0 30 30 30 30 30 36 30 30 30 30 30 30 30 30 74 65 |00000600000000te| - ^namesize -000000e0 73 74 31 32 61 61 61 61 30 37 30 37 30 31 30 30 |st12aaaa07070100| - ^^ end of the pathname - -Since strlen("test12") + sizeof(struct newc_head) is 116 = 29 * 4, -make_header() didn't pad the pathname, and the file content followed -"test12" immediately. This violates the cpio format and may trigger such -error during linux boot: - - Initramfs unpacking failed: ZSTD-compressed data is trunc - -To avoid the potential problems, this commit counts the trailing NUL byte -in when calling make_header() and adjusts the initrd size accordingly. - -Now the header becomes - -00000070 30 37 30 37 30 31 33 30 31 43 41 30 44 45 30 30 |070701301CA0DE00| -00000080 30 30 38 31 41 34 30 30 30 30 30 33 45 38 30 30 |0081A4000003E800| -00000090 30 30 30 30 36 34 30 30 30 30 30 30 30 31 36 33 |0000640000000163| -000000a0 37 36 45 34 35 32 30 30 30 30 30 30 30 34 30 30 |76E4520000000400| -000000b0 30 30 30 30 30 38 30 30 30 30 30 30 31 33 30 30 |0000080000001300| -000000c0 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 |0000000000000000| -000000d0 30 30 30 30 30 37 30 30 30 30 30 30 30 30 74 65 |00000700000000te| - ^namesize -000000e0 73 74 31 32 00 00 00 00 61 61 61 61 30 37 30 37 |st12....aaaa0707| - ^^ end of the pathname - -Besides the trailing NUL byte, make_header() pads 3 more NUL bytes, and -the user can safely read the pathname without a further check. - -To conform to the cpio format, the headers for "TRAILER!!!" are also -adjusted to include the trailing NUL byte, not ignore it. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=544fd63f0f7a6b1e270ec88c4ece2c3e76b206f5 -Conflict:NA - -Signed-off-by: Gary Lin -Reviewed-by: Daniel Kiper ---- - grub-core/loader/linux.c | 27 +++++++++++++++++++-------- - 1 file changed, 19 insertions(+), 8 deletions(-) - -diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c -index 830360172..3948302d2 100644 ---- a/grub-core/loader/linux.c -+++ b/grub-core/loader/linux.c -@@ -127,12 +127,23 @@ insert_dir (const char *name, struct dir **root, - n->name = grub_strndup (cb, ce - cb); - if (ptr) - { -+ /* -+ * Create the substring with the trailing NUL byte -+ * to be included in the cpio header. -+ */ -+ char *tmp_name = grub_strndup (name, ce - name); -+ if (!tmp_name) { -+ grub_free (n->name); -+ grub_free (n); -+ return grub_errno; -+ } - grub_dprintf ("linux", "Creating directory %s, %s\n", name, ce); -- ptr = make_header (ptr, name, ce - name, -+ ptr = make_header (ptr, tmp_name, ce - name + 1, - 040777, 0); -+ grub_free (tmp_name); - } - if (grub_add (*size, -- ALIGN_UP ((ce - (char *) name) -+ ALIGN_UP ((ce - (char *) name + 1) - + sizeof (struct newc_head), 4), - size)) - { -@@ -191,7 +202,7 @@ grub_initrd_init (int argc, char *argv[], - grub_initrd_close (initrd_ctx); - return grub_errno; - } -- name_len = grub_strlen (initrd_ctx->components[i].newc_name); -+ name_len = grub_strlen (initrd_ctx->components[i].newc_name) + 1; - if (grub_add (initrd_ctx->size, - ALIGN_UP (sizeof (struct newc_head) + name_len, 4), - &initrd_ctx->size) || -@@ -205,7 +216,7 @@ grub_initrd_init (int argc, char *argv[], - { - if (grub_add (initrd_ctx->size, - ALIGN_UP (sizeof (struct newc_head) -- + sizeof ("TRAILER!!!") - 1, 4), -+ + sizeof ("TRAILER!!!"), 4), - &initrd_ctx->size)) - goto overflow; - free_dir (root); -@@ -233,7 +244,7 @@ grub_initrd_init (int argc, char *argv[], - initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4); - if (grub_add (initrd_ctx->size, - ALIGN_UP (sizeof (struct newc_head) -- + sizeof ("TRAILER!!!") - 1, 4), -+ + sizeof ("TRAILER!!!"), 4), - &initrd_ctx->size)) - goto overflow; - free_dir (root); -@@ -297,14 +308,14 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, - } - ptr += dir_size; - ptr = make_header (ptr, initrd_ctx->components[i].newc_name, -- grub_strlen (initrd_ctx->components[i].newc_name), -+ grub_strlen (initrd_ctx->components[i].newc_name) + 1, - 0100777, - initrd_ctx->components[i].size); - newc = 1; - } - else if (newc) - { -- ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!") - 1, -+ ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!"), - 0, 0); - free_dir (root); - root = 0; -@@ -327,7 +338,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx, - { - grub_memset (ptr, 0, ALIGN_UP_OVERHEAD (cursize, 4)); - ptr += ALIGN_UP_OVERHEAD (cursize, 4); -- ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!") - 1, 0, 0); -+ ptr = make_header (ptr, "TRAILER!!!", sizeof ("TRAILER!!!"), 0, 0); - } - free_dir (root); - root = 0; --- -2.28.0.windows.1 - diff --git a/backport-loader-multiboot_elfxx-Fix-memory-leak.patch b/backport-loader-multiboot_elfxx-Fix-memory-leak.patch deleted file mode 100644 index 4a7fb046bb7852fd1f26a1b6db12f93f7c339e6f..0000000000000000000000000000000000000000 --- a/backport-loader-multiboot_elfxx-Fix-memory-leak.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 113142939172bda9759d4d2e5a053911821d2faf Mon Sep 17 00:00:00 2001 -From: "t.feng" -Date: Thu, 10 Nov 2022 15:01:15 +0800 -Subject: loader/multiboot_elfxx: Fix memory leak - -The commit eb33e61b3 (multiboot: fix memory leak) did not fix all -issues. Fix all of them right now. - -Fixes: eb33e61b3 (multiboot: fix memory leak) - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=113142939172bda9759d4d2e5a053911821d2faf -Conflict:NA - -Signed-off-by: t.feng -Reviewed-by: Daniel Kiper ---- - grub-core/loader/multiboot_elfxx.c | 23 ++++++++++++++--------- - 1 file changed, 14 insertions(+), 9 deletions(-) - -diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c -index 87f6e31..57330a0 100644 ---- a/grub-core/loader/multiboot_elfxx.c -+++ b/grub-core/loader/multiboot_elfxx.c -@@ -220,10 +220,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) - return grub_errno; - - if (grub_file_seek (mld->file, ehdr->e_shoff) == (grub_off_t) -1) -- { -- grub_free (shdr); -- return grub_errno; -- } -+ goto fail; - - if (grub_file_read (mld->file, shdr, (grub_uint32_t) ehdr->e_shnum * ehdr->e_shentsize) - != (grub_ssize_t) ehdr->e_shnum * ehdr->e_shentsize) -@@ -231,7 +228,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) - if (!grub_errno) - grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), - mld->filename); -- return grub_errno; -+ goto fail; - } - - for (shdrptr = shdr, i = 0; i < ehdr->e_shnum; -@@ -242,7 +239,10 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) - grub_addr_t target; - - if (mld->mbi_ver >= 2 && (sh->sh_type == SHT_REL || sh->sh_type == SHT_RELA)) -- return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, "ELF files with relocs are not supported yet"); -+ { -+ grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, "ELF files with relocs are not supported yet"); -+ goto fail; -+ } - - /* This section is a loaded section, - so we don't care. */ -@@ -261,13 +261,14 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) - if (err) - { - grub_dprintf ("multiboot_loader", "Error loading shdr %d\n", i); -- return err; -+ grub_errno = err; -+ goto fail; - } - src = get_virtual_current_address (ch); - target = get_physical_target_address (ch); - - if (grub_file_seek (mld->file, sh->sh_offset) == (grub_off_t) -1) -- return grub_errno; -+ goto fail; - - if (grub_file_read (mld->file, src, sh->sh_size) - != (grub_ssize_t) sh->sh_size) -@@ -275,12 +276,16 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) - if (!grub_errno) - grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"), - mld->filename); -- return grub_errno; -+ goto fail; - } - sh->sh_addr = target; - } - GRUB_MULTIBOOT (add_elfsyms) (ehdr->e_shnum, ehdr->e_shentsize, - ehdr->e_shstrndx, shdr); -+ return GRUB_ERR_NONE; -+ -+fail: -+ grub_free (shdr); - } - - #undef phdr --- -2.19.1 - diff --git a/backport-misc-Add-cast-in-grub_strncasecmp-to-drop-sign-when-.patch b/backport-misc-Add-cast-in-grub_strncasecmp-to-drop-sign-when-.patch deleted file mode 100644 index 63f1ec12fe6a5a2d291d8b6750daf6dba2ae43f4..0000000000000000000000000000000000000000 --- a/backport-misc-Add-cast-in-grub_strncasecmp-to-drop-sign-when-.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 13fb5af10c835c32862e6c861fc655101e2917c7 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Thu, 11 Aug 2022 12:48:42 -0500 -Subject: misc: Add cast in grub_strncasecmp() to drop sign when calling - grub_tolower() - -Note this cast was fixed in grub_strcasecmp() in commit ce41ab7aab -(* grub-core/kern/misc.c (grub_strcmp): Use unsigned comparison as per -common usage and preffered in several parts of code.), but this commit -omitted fixing it in grub_strncasecmp(). - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=13fb5af10c835c32862e6c861fc655101e2917c7 -Conflict:NA - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper ---- - include/grub/misc.h | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/include/grub/misc.h b/include/grub/misc.h -index cf84aec..6c89a9e 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -240,7 +240,8 @@ grub_strncasecmp (const char *s1, const char *s2, grub_size_t n) - - while (*s1 && *s2 && --n) - { -- if (grub_tolower (*s1) != grub_tolower (*s2)) -+ if (grub_tolower ((grub_uint8_t) *s1) -+ != grub_tolower ((grub_uint8_t) *s2)) - break; - - s1++; --- -2.19.1 - diff --git a/backport-misc-Make-grub_min-and-grub_max-more-resilient.patch b/backport-misc-Make-grub_min-and-grub_max-more-resilient.patch deleted file mode 100644 index fd8af70cf98217800117312abb66f9930e8792ea..0000000000000000000000000000000000000000 --- a/backport-misc-Make-grub_min-and-grub_max-more-resilient.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 21 Mar 2022 16:06:10 -0400 -Subject: [PATCH] misc: Make grub_min() and grub_max() more resilient. - -grub_min(a,b) and grub_max(a,b) use a relatively naive implementation -which leads to several problems: -- they evaluate their parameters more than once -- the naive way to address this, to declare temporary variables in a - statement-expression, isn't resilient against nested uses, because - MIN(a,MIN(b,c)) results in the temporary variables being declared in - two nested scopes, which may result in a build warning depending on - your build options. - -This patch changes our implementation to use a statement-expression -inside a helper macro, and creates the symbols for the temporary -variables with __COUNTER__ (A GNU C cpp extension) and token pasting to -create uniquely named internal variables. - -Reference:https://src.fedoraproject.org/rpms/grub2/c/f0ad2aaa267a5d99b47f5c5770a55de0a702fdf0?branch=rawhide -Conflict:NA - -Signed-off-by: Peter Jones ---- - grub-core/loader/multiboot_elfxx.c | 4 +--- - include/grub/misc.h | 25 +++++++++++++++++++++++-- - 2 files changed, 24 insertions(+), 5 deletions(-) - -diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c -index f2318e0d16..87f6e31aa6 100644 ---- a/grub-core/loader/multiboot_elfxx.c -+++ b/grub-core/loader/multiboot_elfxx.c -@@ -35,9 +35,7 @@ - #endif - - #include -- --#define CONCAT(a,b) CONCAT_(a, b) --#define CONCAT_(a,b) a ## b -+#include - - #pragma GCC diagnostic ignored "-Wcast-align" - -diff --git a/include/grub/misc.h b/include/grub/misc.h -index 6c4aa85ac5..cf84aec1db 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -35,6 +35,14 @@ - #define ARRAY_SIZE(array) (sizeof (array) / sizeof (array[0])) - #define COMPILE_TIME_ASSERT(cond) switch (0) { case 1: case !(cond): ; } - -+#ifndef CONCAT_ -+#define CONCAT_(a, b) a ## b -+#endif -+ -+#ifndef CONCAT -+#define CONCAT(a, b) CONCAT_(a, b) -+#endif -+ - #define grub_dprintf(condition, ...) grub_real_dprintf(GRUB_FILE, __LINE__, condition, __VA_ARGS__) - - void *EXPORT_FUNC(grub_memmove) (void *dest, const void *src, grub_size_t n); -@@ -498,8 +506,21 @@ void EXPORT_FUNC(grub_real_boot_time) (const char *file, - #define grub_boot_time(...) - #endif - --#define grub_max(a, b) (((a) > (b)) ? (a) : (b)) --#define grub_min(a, b) (((a) < (b)) ? (a) : (b)) -+#define _grub_min(a, b, _a, _b) \ -+ ({ typeof (a) _a = (a); \ -+ typeof (b) _b = (b); \ -+ _a < _b ? _a : _b; }) -+#define grub_min(a, b) _grub_min(a, b, \ -+ CONCAT(_a_,__COUNTER__), \ -+ CONCAT(_b_,__COUNTER__)) -+ -+#define _grub_max(a, b, _a, _b) \ -+ ({ typeof (a) _a = (a); \ -+ typeof (b) _b = (b); \ -+ _a > _b ? _a : _b; }) -+#define grub_max(a, b) _grub_max(a, b, \ -+ CONCAT(_a_,__COUNTER__), \ -+ CONCAT(_b_,__COUNTER__)) - - #define grub_log2ull(n) (GRUB_TYPE_BITS (grub_uint64_t) - __builtin_clzll (n) - 1) - diff --git a/backport-mm-Temporarily-disable-grub_mm_debug-while-calling-grub_vprintf-in-grub_printf.patch b/backport-mm-Temporarily-disable-grub_mm_debug-while-calling-grub_vprintf-in-grub_printf.patch deleted file mode 100644 index 12f20266e273ff9abf1f592cf869f576fa61bd64..0000000000000000000000000000000000000000 --- a/backport-mm-Temporarily-disable-grub_mm_debug-while-calling-grub_vprintf-in-grub_printf.patch +++ /dev/null @@ -1,59 +0,0 @@ -From a4430355a3237fc756480349e9167667b0e89476 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Tue, 15 Feb 2022 12:36:43 -0600 -Subject: mm: Temporarily disable grub_mm_debug while calling grub_vprintf() in - grub_printf() - -To prevent infinite recursion when grub_mm_debug is on, disable it when -calling grub_vprintf(). One such call loop is: - grub_vprintf() -> parse_printf_args() -> parse_printf_arg_fmt() -> - grub_debug_calloc() -> grub_printf() -> grub_vprintf(). - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=a4430355a3237fc756480349e9167667b0e89476 - ---- - grub-core/kern/misc.c | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index de40f56..18bde5d 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -113,10 +113,30 @@ grub_printf (const char *fmt, ...) - va_list ap; - int ret; - -+#if defined(MM_DEBUG) && !defined(GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) -+ /* -+ * To prevent infinite recursion when grub_mm_debug is on, disable it -+ * when calling grub_vprintf(). One such call loop is: -+ * grub_vprintf() -> parse_printf_args() -> parse_printf_arg_fmt() -> -+ * grub_debug_calloc() -> grub_printf() -> grub_vprintf(). -+ */ -+ int grub_mm_debug_save = 0; -+ -+ if (grub_mm_debug) -+ { -+ grub_mm_debug_save = grub_mm_debug; -+ grub_mm_debug = 0; -+ } -+#endif -+ - va_start (ap, fmt); - ret = grub_vprintf (fmt, ap); - va_end (ap); - -+#if defined(MM_DEBUG) && !defined(GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) -+ grub_mm_debug = grub_mm_debug_save; -+#endif -+ - return ret; - } - --- -cgit v1.1 - diff --git a/backport-net-Check-against-nb-tail-in-grub_netbuff_pull.patch b/backport-net-Check-against-nb-tail-in-grub_netbuff_pull.patch deleted file mode 100644 index 11796f0f1950635c2ced042d2b88368aae818ccb..0000000000000000000000000000000000000000 --- a/backport-net-Check-against-nb-tail-in-grub_netbuff_pull.patch +++ /dev/null @@ -1,64 +0,0 @@ -From e976dc27f88968bc768224fd8102a508a3a39383 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Sat, 5 Mar 2022 00:39:04 +1100 -Subject: net: Check against nb->tail in grub_netbuff_pull() - -GRUB netbuff structure members track 2 different things: the extent of memory -allocated for the packet, and the extent of memory currently being worked on. - -This works out in the structure as follows: - - nb->head: beginning of the allocation - nb->data: beginning of the working data - nb->tail: end of the working data - nb->end: end of the allocation - -The head and end pointers are set in grub_netbuff_alloc() and do not change. -The data and tail pointers are initialised to point at start of the -allocation (that is, head == data == tail initially), and are then -manipulated by grub_netbuff_*() functions. Key functions are as follows: - - - grub_netbuff_put(): "put" more data into the packet - advance nb->tail - - grub_netbuff_unput(): trim the tail of the packet - retract nb->tail - - grub_netbuff_pull(): "consume" some packet data - advance nb->data - - grub_netbuff_reserve(): reserve space for future headers - advance nb->data and nb->tail - - grub_netbuff_push(): "un-consume" data to allow headers to be written - retract nb->data - -Each of those functions does some form of error checking. For example, -grub_netbuff_put() does not allow nb->tail to exceed nb->end, and -grub_netbuff_push() does not allow nb->data to be before nb->head. - -However, grub_netbuff_pull()'s error checking is a bit weird. It advances nb->data -and checks that it does not exceed nb->end. That allows you to get into the -situation where nb->data > nb->tail, which should not be. - -Make grub_netbuff_pull() check against both nb->tail and nb->end. In theory just -checking against ->tail should be sufficient but the extra check should be -cheap and seems like good defensive practice. - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=e976dc27f88968bc768224fd8102a508a3a39383 - ---- - grub-core/net/netbuff.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/net/netbuff.c b/grub-core/net/netbuff.c -index dbeeefe..72e5296 100644 ---- a/grub-core/net/netbuff.c -+++ b/grub-core/net/netbuff.c -@@ -54,7 +54,7 @@ grub_err_t - grub_netbuff_pull (struct grub_net_buff *nb, grub_size_t len) - { - nb->data += len; -- if (nb->data > nb->end) -+ if (nb->data > nb->end || nb->data > nb->tail) - return grub_error (GRUB_ERR_BUG, - "pull out of the packet range."); - return GRUB_ERR_NONE; --- -cgit v1.1 - diff --git a/backport-net-arp-Fix-uninitialized-scalar-variable.patch b/backport-net-arp-Fix-uninitialized-scalar-variable.patch deleted file mode 100644 index 627756da9236b4c420d580e1795193ecae1df685..0000000000000000000000000000000000000000 --- a/backport-net-arp-Fix-uninitialized-scalar-variable.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 6bb551db112a6d7509d5633be103fe3ee1e09f37 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Mon, 21 Mar 2022 02:28:58 -0400 -Subject: net/arp: Fix uninitialized scalar variable - -In the function grub_net_arp_receive(), grub_net_network_level_address_t -sender_addr and target_addr are being called but aren't being initialized. -In both of these structs, each member is being set to a value except for -grub_dns_option_t option. This results in this member being filled with junk -data from the stack. To prevent this, we can set the option member in both -structs to 0. - -Fixes: CID 375030 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:Context adaptation -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=6bb551db112a6d7509d5633be103fe3ee1e09f37 - ---- - grub-core/net/arp.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/net/arp.c b/grub-core/net/arp.c -index 54306e3..1d36743 100644 ---- a/grub-core/net/arp.c -+++ b/grub-core/net/arp.c -@@ -128,6 +128,8 @@ grub_net_arp_receive (struct grub_net_buff *nb, struct grub_net_card *card, - grub_uint8_t pln; - grub_uint8_t arp_packet_len; - grub_uint8_t *tmp_ptr; -+ sender_addr.option = 0; -+ target_addr.option = 0; - - hw_type = card->default_address.type; - hln = card->default_address.len; - --- -cgit v1.1 - diff --git a/backport-net-bootp-Fix-unchecked-return-value.patch b/backport-net-bootp-Fix-unchecked-return-value.patch deleted file mode 100644 index 96c111d29ddaf553e3c0f872abaf03c1f6ac9e23..0000000000000000000000000000000000000000 --- a/backport-net-bootp-Fix-unchecked-return-value.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 4f7d77d7e0740c1b0d69c7a658b5c4986eda0093 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Fri, 3 Feb 2023 17:18:14 -0500 -Subject: net/bootp: Fix unchecked return value - -In the function send_dhcp_packet(), added an error check for the return -value of grub_netbuff_push(). - -Fixes: CID 404614 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=4f7d77d7e0740c1b0d69c7a658b5c4986eda0093 -Conflict:NA - -Signed-off-by: Alec Brown -Reviewed-by: Daniel Kiper ---- - grub-core/net/bootp.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 2e3c86e..6b07a4a 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -727,7 +727,9 @@ send_dhcp_packet (struct grub_net_network_level_interface *iface) - - grub_memcpy (&pack->mac_addr, &iface->hwaddress.mac, pack->hw_len); - -- grub_netbuff_push (nb, sizeof (*udph)); -+ err = grub_netbuff_push (nb, sizeof (*udph)); -+ if (err) -+ goto out; - - udph = (struct udphdr *) nb->data; - udph->src = grub_cpu_to_be16_compile_time (68); --- -2.19.1 - diff --git a/backport-net-bootp-Fix-uninitialized-scalar-variable.patch b/backport-net-bootp-Fix-uninitialized-scalar-variable.patch deleted file mode 100644 index ccee943502df4991676ce496e6dde12b8583b8bf..0000000000000000000000000000000000000000 --- a/backport-net-bootp-Fix-uninitialized-scalar-variable.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 23c3cbe1dba4fd0c6dc8156bd628d3162e63408d Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Mon, 21 Mar 2022 02:29:02 -0400 -Subject: net/bootp: Fix uninitialized scalar variable - -In the function grub_net_configure_by_dhcp_ack(), -grub_net_network_level_address_t addr is called but isn't being initialized. -This results in the member grub_dns_option_t option being filled with junk data -from the stack. To prevent this, we can set the option member in addr to 0. - -Fixes: CID 375036 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=23c3cbe1dba4fd0c6dc8156bd628d3162e63408d - ---- - grub-core/net/bootp.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c -index 8dc1479..7d31dba 100644 ---- a/grub-core/net/bootp.c -+++ b/grub-core/net/bootp.c -@@ -244,6 +244,7 @@ grub_net_configure_by_dhcp_ack (const char *name, - - addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV4; - addr.ipv4 = bp->your_ip; -+ addr.option = 0; - - if (device) - *device = 0; --- -cgit v1.1 - diff --git a/backport-net-dns-Dont-read-past-the-end-of-the-string.patch b/backport-net-dns-Dont-read-past-the-end-of-the-string.patch deleted file mode 100644 index 751cc5d506f104a84d980bfa6eaaa1cc4550d7b7..0000000000000000000000000000000000000000 --- a/backport-net-dns-Dont-read-past-the-end-of-the-string.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 96abf4fb9d829f4a405d5df39bc74bbccbd0e322 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 20 Dec 2021 21:55:43 +1100 -Subject: net/dns: Don't read past the end of the string we're checking against - -I don't really understand what's going on here but fuzzing found -a bug where we read past the end of check_with. That's a C string, -so use grub_strlen() to make sure we don't overread it. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=96abf4fb9d829f4a405d5df39bc74bbccbd0e322 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/dns.c | 19 ++++++++++++++++--- - 1 file changed, 16 insertions(+), 3 deletions(-) - -diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c -index 135faac..17961a9 100644 ---- a/grub-core/net/dns.c -+++ b/grub-core/net/dns.c -@@ -146,11 +146,18 @@ check_name_real (const grub_uint8_t *name_at, const grub_uint8_t *head, - int *length, char *set) - { - const char *readable_ptr = check_with; -+ int readable_len; - const grub_uint8_t *ptr; - char *optr = set; - int bytes_processed = 0; - if (length) - *length = 0; -+ -+ if (readable_ptr != NULL) -+ readable_len = grub_strlen (readable_ptr); -+ else -+ readable_len = 0; -+ - for (ptr = name_at; ptr < tail && bytes_processed < tail - head + 2; ) - { - /* End marker. */ -@@ -172,13 +179,16 @@ check_name_real (const grub_uint8_t *name_at, const grub_uint8_t *head, - ptr = head + (((ptr[0] & 0x3f) << 8) | ptr[1]); - continue; - } -- if (readable_ptr && grub_memcmp (ptr + 1, readable_ptr, *ptr) != 0) -+ if (readable_ptr != NULL && (*ptr > readable_len || grub_memcmp (ptr + 1, readable_ptr, *ptr) != 0)) - return 0; - if (grub_memchr (ptr + 1, 0, *ptr) - || grub_memchr (ptr + 1, '.', *ptr)) - return 0; - if (readable_ptr) -- readable_ptr += *ptr; -+ { -+ readable_ptr += *ptr; -+ readable_len -= *ptr; -+ } - if (readable_ptr && *readable_ptr != '.' && *readable_ptr != 0) - return 0; - bytes_processed += *ptr + 1; -@@ -192,7 +202,10 @@ check_name_real (const grub_uint8_t *name_at, const grub_uint8_t *head, - if (optr) - *optr++ = '.'; - if (readable_ptr && *readable_ptr) -- readable_ptr++; -+ { -+ readable_ptr++; -+ readable_len--; -+ } - ptr += *ptr + 1; - } - return 0; --- -2.19.1 - diff --git a/backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch b/backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch deleted file mode 100644 index 5e9f6db8828d20ad6af4ad261319ba073a6043b4..0000000000000000000000000000000000000000 --- a/backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch +++ /dev/null @@ -1,61 +0,0 @@ -From c1b7eef9fa4aaefbf7d0507505c3bb2914e1ad6b Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Thu, 16 Sep 2021 01:29:54 +1000 -Subject: net/dns: Fix double-free addresses on corrupt DNS response - -grub_net_dns_lookup() takes as inputs a pointer to an array of addresses -("addresses") for the given name, and pointer to a number of addresses -("naddresses"). grub_net_dns_lookup() is responsible for allocating -"addresses", and the caller is responsible for freeing it if -"naddresses" > 0. - -The DNS recv_hook will sometimes set and free the addresses array, -for example if the packet is too short: - - if (ptr + 10 >= nb->tail) - { - if (!*data->naddresses) - grub_free (*data->addresses); - grub_netbuff_free (nb); - return GRUB_ERR_NONE; - } - -Later on the nslookup command code unconditionally frees the "addresses" -array. Normally this is fine: the array is either populated with valid -data or is NULL. But in these sorts of error cases it is neither NULL -nor valid and we get a double-free. - -Only free "addresses" if "naddresses" > 0. - -It looks like the other use of grub_net_dns_lookup() is not affected. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=c1b7eef9fa4aaefbf7d0507505c3bb2914e1ad6b -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/dns.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c -index 27c5f41..841ede5 100644 ---- a/grub-core/net/dns.c -+++ b/grub-core/net/dns.c -@@ -667,9 +667,11 @@ grub_cmd_nslookup (struct grub_command *cmd __attribute__ ((unused)), - grub_net_addr_to_str (&addresses[i], buf); - grub_printf ("%s\n", buf); - } -- grub_free (addresses); - if (naddresses) -- return GRUB_ERR_NONE; -+ { -+ grub_free (addresses); -+ return GRUB_ERR_NONE; -+ } - return grub_error (GRUB_ERR_NET_NO_DOMAIN, N_("no DNS record found")); - } - --- -cgit v1.1 - diff --git a/backport-net-dns-Fix-lookup-error-when-no-IPv6-is-returned.patch b/backport-net-dns-Fix-lookup-error-when-no-IPv6-is-returned.patch deleted file mode 100644 index c64ec85febbe4e19e5254abc57d1d30e03e416b7..0000000000000000000000000000000000000000 --- a/backport-net-dns-Fix-lookup-error-when-no-IPv6-is-returned.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 1be86fae1587cb8c53c2327971c8fc94fcb3234e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Wed, 3 May 2023 12:21:31 +0200 -Subject: net/dns: Fix lookup error when no IPv6 is returned -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When trying to resolve DNS names into IP addresses, the DNS code fails -from time to time with the following error: --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- -error: ../../grub-core/net/dns.c:688:no DNS record found. --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- - -This happens when both IPv4 and IPv6 queries are performed against the -DNS server (e.g. 8.8.8.8) but there is no IP returned for IPv6 query, as -shown below: --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- -grub> net_del_dns 192.168.122.1 -grub> net_add_dns 8.8.8.8 -grub> net_nslookup ipv4.test-ipv6.com -error: ../../grub-core/net/dns.c:688:no DNS record found. -grub> net_nslookup ipv4.test-ipv6.com -216.218.228.115 --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- - -The root cause is the code exiting prematurely when the data->addresses -buffer has been allocated in recv_hook(), even if there was no address -returned last time recv_hook() executed. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=1be86fae1587cb8c53c2327971c8fc94fcb3234e -Conflict:NA - -Signed-off-by: Renaud Métrich -Reviewed-by: Daniel Kiper ---- - grub-core/net/dns.c | 22 ++++++---------------- - 1 file changed, 6 insertions(+), 16 deletions(-) - -diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c -index 9760980..fcc09aa 100644 ---- a/grub-core/net/dns.c -+++ b/grub-core/net/dns.c -@@ -261,7 +261,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - /* Code apparently assumed that only one packet is received as response. - We may get multiple responses due to network condition, so check here - and quit early. */ -- if (*data->addresses) -+ if (*data->naddresses) - goto out; - - head = (struct dns_header *) nb->data; -@@ -305,11 +305,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - grub_uint32_t ttl = 0; - grub_uint16_t length; - if (ptr >= nb->tail) -- { -- if (!*data->naddresses) -- grub_free (*data->addresses); -- goto out; -- } -+ goto out; - ignored = !check_name (ptr, nb->data, nb->tail, data->name); - while (ptr < nb->tail && !((*ptr & 0xc0) || *ptr == 0)) - ptr += *ptr + 1; -@@ -317,11 +313,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - ptr++; - ptr++; - if (ptr + 10 >= nb->tail) -- { -- if (!*data->naddresses) -- grub_free (*data->addresses); -- goto out; -- } -+ goto out; - if (*ptr++ != 0) - ignored = 1; - class = *ptr++; -@@ -337,11 +329,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - length = *ptr++ << 8; - length |= *ptr++; - if (ptr + length > nb->tail) -- { -- if (!*data->naddresses) -- grub_free (*data->addresses); -- goto out; -- } -+ goto out; - if (!ignored) - { - if (ttl_all > ttl) -@@ -428,6 +416,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - out: - grub_netbuff_free (nb); - grub_free (redirect_save); -+ if (!*data->naddresses) -+ grub_free (*data->addresses); - return GRUB_ERR_NONE; - } - --- -cgit v1.1 diff --git a/backport-net-dns-Fix-removal-of-DNS-server.patch b/backport-net-dns-Fix-removal-of-DNS-server.patch deleted file mode 100644 index 182a3ccafd2ee60677d17f964e74d1ba98707369..0000000000000000000000000000000000000000 --- a/backport-net-dns-Fix-removal-of-DNS-server.patch +++ /dev/null @@ -1,49 +0,0 @@ -From f301a9356b6338e983eae38debe69bbd3a417b1a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Fri, 28 Apr 2023 13:05:37 +0200 -Subject: net/dns: Fix removal of DNS server -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When deleting the DNS server, we get the following error message: --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- -grub> net_del_dns 192.168.122.1 -error: ../../grub-core/net/dns.c:646:no DNS reply received. --------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- - -This happens because the implementation is broken, it does a "add" -internally instead of a "delete". - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=f301a9356b6338e983eae38debe69bbd3a417b1a -Conflict:NA - -Signed-off-by: Renaud Métrich -Reviewed-by: Daniel Kiper ---- - grub-core/net/dns.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c -index afa3894..e51682d 100644 ---- a/grub-core/net/dns.c -+++ b/grub-core/net/dns.c -@@ -765,11 +765,14 @@ grub_cmd_del_dns (struct grub_command *cmd __attribute__ ((unused)), - - if (argc != 1) - return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected")); -- err = grub_net_resolve_address (args[1], &server); -+ -+ err = grub_net_resolve_address (args[0], &server); - if (err) - return err; - -- return grub_net_add_dns_server (&server); -+ grub_net_remove_dns_server (&server); -+ -+ return GRUB_ERR_NONE; - } - - static grub_command_t cmd, cmd_add, cmd_del, cmd_list; --- -cgit v1.1 diff --git a/backport-net-dns-Simplify-error-handling-of-recv_hook-function.patch b/backport-net-dns-Simplify-error-handling-of-recv_hook-function.patch deleted file mode 100644 index ad693a13e94d114a3a4314a95efff2714445b085..0000000000000000000000000000000000000000 --- a/backport-net-dns-Simplify-error-handling-of-recv_hook-function.patch +++ /dev/null @@ -1,141 +0,0 @@ -From 6c0edcdc27568bb7ae9e5bd89ebc7b8c137f6bc0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Wed, 3 May 2023 12:21:29 +0200 -Subject: net/dns: Simplify error handling of recv_hook() function -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/grub-core/net/dns.c?id=6c0edcdc27568bb7ae9e5bd89ebc7b8c137f6bc0 -Conflict:NA - -Signed-off-by: Renaud Métrich -Reviewed-by: Daniel Kiper ---- - grub-core/net/dns.c | 50 +++++++++++++++------------------------------ - 1 file changed, 16 insertions(+), 34 deletions(-) - -diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c -index e9edf5d..0aba533 100644 ---- a/grub-core/net/dns.c -+++ b/grub-core/net/dns.c -@@ -262,42 +262,26 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - We may get multiple responses due to network condition, so check here - and quit early. */ - if (*data->addresses) -- { -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -- } -+ goto out; - - head = (struct dns_header *) nb->data; - ptr = (grub_uint8_t *) (head + 1); - if (ptr >= nb->tail) -- { -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -- } -- -+ goto out; -+ - if (head->id != data->id) -- { -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -- } -+ goto out; - if (!(head->flags & FLAGS_RESPONSE) || (head->flags & FLAGS_OPCODE)) -- { -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -- } -+ goto out; - if (head->ra_z_r_code & ERRCODE_MASK) - { - data->dns_err = 1; -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -+ goto out; - } - for (i = 0; i < grub_be_to_cpu16 (head->qdcount); i++) - { - if (ptr >= nb->tail) -- { -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -- } -+ goto out; - while (ptr < nb->tail && !((*ptr & 0xc0) || *ptr == 0)) - ptr += *ptr + 1; - if (ptr < nb->tail && (*ptr & 0xc0)) -@@ -310,8 +294,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - if (!*data->addresses) - { - grub_errno = GRUB_ERR_NONE; -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -+ goto out; - } - reparse_ptr = ptr; - reparse: -@@ -325,7 +308,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - { - if (!*data->naddresses) - grub_free (*data->addresses); -- return GRUB_ERR_NONE; -+ goto out; - } - ignored = !check_name (ptr, nb->data, nb->tail, data->name); - while (ptr < nb->tail && !((*ptr & 0xc0) || *ptr == 0)) -@@ -337,8 +320,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - { - if (!*data->naddresses) - grub_free (*data->addresses); -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -+ goto out; - } - if (*ptr++ != 0) - ignored = 1; -@@ -358,8 +340,7 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - { - if (!*data->naddresses) - grub_free (*data->addresses); -- grub_netbuff_free (nb); -- return GRUB_ERR_NONE; -+ goto out; - } - if (!ignored) - { -@@ -400,15 +381,14 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - if (!data->name) - { - data->dns_err = 1; -- grub_errno = 0; -- return GRUB_ERR_NONE; -+ grub_errno = GRUB_ERR_NONE; -+ goto out; - } - grub_dprintf ("dns", "CNAME %s\n", data->name); - if (grub_strcmp (redirect_save, data->name) == 0) - { - data->dns_err = 1; -- grub_free (redirect_save); -- return GRUB_ERR_NONE; -+ goto out; - } - goto reparse; - } -@@ -440,6 +420,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), - *data->naddresses - * sizeof (dns_cache[h].addresses[0])); - } -+ -+ out: - grub_netbuff_free (nb); - grub_free (redirect_save); - return GRUB_ERR_NONE; --- -2.19.1 - diff --git a/backport-net-http-Do-not-tear-down-socket-if-its-already.patch b/backport-net-http-Do-not-tear-down-socket-if-its-already.patch deleted file mode 100644 index bae7cc5ba715b0efab1a696e4ad0b64a973bef16..0000000000000000000000000000000000000000 --- a/backport-net-http-Do-not-tear-down-socket-if-its-already.patch +++ /dev/null @@ -1,46 +0,0 @@ -From dad94fffe14be476df5f34a8e5a90ea62a41fe12 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 1 Mar 2022 23:14:15 +1100 -Subject: net/http: Do not tear down socket if it's already been torn down - -It's possible for data->sock to get torn down in tcp error handling. -If we unconditionally tear it down again we will end up doing writes -to an offset of the NULL pointer when we go to tear it down again. - -Detect if it has been torn down and don't do it again. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=dad94fffe14be476df5f34a8e5a90ea62a41fe12 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/http.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index 8d6c62c..f8d7bf0 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -445,7 +445,7 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - return err; - } - -- for (i = 0; !data->headers_recv && i < 100; i++) -+ for (i = 0; data->sock && !data->headers_recv && i < 100; i++) - { - grub_net_tcp_retransmit (); - grub_net_poll_cards (300, &data->headers_recv); -@@ -453,7 +453,8 @@ http_establish (struct grub_file *file, grub_off_t offset, int initial) - - if (!data->headers_recv) - { -- grub_net_tcp_close (data->sock, GRUB_NET_TCP_ABORT); -+ if (data->sock) -+ grub_net_tcp_close (data->sock, GRUB_NET_TCP_ABORT); - if (data->err) - { - char *str = data->errmsg; --- -cgit v1.1 - diff --git a/backport-net-http-Error-out-on-headers-with-LF-without-CR.patch b/backport-net-http-Error-out-on-headers-with-LF-without-CR.patch deleted file mode 100644 index 15fee8ae5569c7dfbf94e10123f865cf3ee5b363..0000000000000000000000000000000000000000 --- a/backport-net-http-Error-out-on-headers-with-LF-without-CR.patch +++ /dev/null @@ -1,53 +0,0 @@ -From b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 8 Mar 2022 19:04:40 +1100 -Subject: net/http: Error out on headers with LF without CR - -In a similar vein to the previous patch, parse_line() would write -a NUL byte past the end of the buffer if there was an HTTP header -with a LF rather than a CRLF. - -RFC-2616 says: - - Many HTTP/1.1 header field values consist of words separated by LWS - or special characters. These special characters MUST be in a quoted - string to be used within a parameter value (as defined in section 3.6). - -We don't support quoted sections or continuation lines, etc. - -If we see an LF that's not part of a CRLF, bail out. - -Fixes: CVE-2022-28734 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/http.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index 33a0a28..9291a13 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -68,7 +68,15 @@ parse_line (grub_file_t file, http_data_t data, char *ptr, grub_size_t len) - char *end = ptr + len; - while (end > ptr && *(end - 1) == '\r') - end--; -+ -+ /* LF without CR. */ -+ if (end == ptr + len) -+ { -+ data->errmsg = grub_strdup (_("invalid HTTP header - LF without CR")); -+ return GRUB_ERR_NONE; -+ } - *end = 0; -+ - /* Trailing CRLF. */ - if (data->in_chunk_len == 1) - { --- -cgit v1.1 - diff --git a/backport-net-http-Fix-OOB-write-for-split-http-headers.patch b/backport-net-http-Fix-OOB-write-for-split-http-headers.patch deleted file mode 100644 index d9c7ff8561766d009fe45ce91bf737a087ebff62..0000000000000000000000000000000000000000 --- a/backport-net-http-Fix-OOB-write-for-split-http-headers.patch +++ /dev/null @@ -1,51 +0,0 @@ -From ec6bfd3237394c1c7dbf2fd73417173318d22f4b Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 8 Mar 2022 18:17:03 +1100 -Subject: net/http: Fix OOB write for split http headers - -GRUB has special code for handling an http header that is split -across two packets. - -The code tracks the end of line by looking for a "\n" byte. The -code for split headers has always advanced the pointer just past the -end of the line, whereas the code that handles unsplit headers does -not advance the pointer. This extra advance causes the length to be -one greater, which breaks an assumption in parse_line(), leading to -it writing a NUL byte one byte past the end of the buffer where we -reconstruct the line from the two packets. - -It's conceivable that an attacker controlled set of packets could -cause this to zero out the first byte of the "next" pointer of the -grub_mm_region structure following the current_line buffer. - -Do not advance the pointer in the split header case. - -Fixes: CVE-2022-28734 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ec6bfd3237394c1c7dbf2fd73417173318d22f4b -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/http.c | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/grub-core/net/http.c b/grub-core/net/http.c -index f8d7bf0..33a0a28 100644 ---- a/grub-core/net/http.c -+++ b/grub-core/net/http.c -@@ -190,9 +190,7 @@ http_receive (grub_net_tcp_socket_t sock __attribute__ ((unused)), - int have_line = 1; - char *t; - ptr = grub_memchr (nb->data, '\n', nb->tail - nb->data); -- if (ptr) -- ptr++; -- else -+ if (ptr == NULL) - { - have_line = 0; - ptr = (char *) nb->tail; --- -cgit v1.1 - diff --git a/backport-net-ip-Do-IP-fragment-maths-safely.patch b/backport-net-ip-Do-IP-fragment-maths-safely.patch deleted file mode 100644 index a9367c58730ede3ad2a6169e960be7f64db8ef5c..0000000000000000000000000000000000000000 --- a/backport-net-ip-Do-IP-fragment-maths-safely.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 3e4817538de828319ba6d59ced2fbb9b5ca13287 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 20 Dec 2021 19:41:21 +1100 -Subject: net/ip: Do IP fragment maths safely - -We can receive packets with invalid IP fragmentation information. This -can lead to rsm->total_len underflowing and becoming very large. - -Then, in grub_netbuff_alloc(), we add to this very large number, which can -cause it to overflow and wrap back around to a small positive number. -The allocation then succeeds, but the resulting buffer is too small and -subsequent operations can write past the end of the buffer. - -Catch the underflow here. - -Fixes: CVE-2022-28733 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3e4817538de828319ba6d59ced2fbb9b5ca13287 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/ip.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/grub-core/net/ip.c b/grub-core/net/ip.c -index e3d62e9..3c3d0be 100644 ---- a/grub-core/net/ip.c -+++ b/grub-core/net/ip.c -@@ -25,6 +25,7 @@ - #include - #include - #include -+#include - #include - - struct iphdr { -@@ -512,7 +513,14 @@ grub_net_recv_ip4_packets (struct grub_net_buff *nb, - { - rsm->total_len = (8 * (grub_be_to_cpu16 (iph->frags) & OFFSET_MASK) - + (nb->tail - nb->data)); -- rsm->total_len -= ((iph->verhdrlen & 0xf) * sizeof (grub_uint32_t)); -+ -+ if (grub_sub (rsm->total_len, (iph->verhdrlen & 0xf) * sizeof (grub_uint32_t), -+ &rsm->total_len)) -+ { -+ grub_dprintf ("net", "IP reassembly size underflow\n"); -+ return GRUB_ERR_NONE; -+ } -+ - rsm->asm_netbuff = grub_netbuff_alloc (rsm->total_len); - if (!rsm->asm_netbuff) - { --- -cgit v1.1 - diff --git a/backport-net-net-Fix-uninitialized-scalar-variable.patch b/backport-net-net-Fix-uninitialized-scalar-variable.patch deleted file mode 100644 index e1f2acf33a8881b01ee5aa822b15d65f9695d7b9..0000000000000000000000000000000000000000 --- a/backport-net-net-Fix-uninitialized-scalar-variable.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 8e9e0d4643020b340839b7f428f7b9ca6a2129d8 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Mon, 21 Mar 2022 02:29:00 -0400 -Subject: net/net: Fix uninitialized scalar variable - -In the function grub_net_ipv6_get_link_local(), grub_net_network_level_address_t -addr is called but isn't being initialized. This results in the member -grub_dns_option_t option being filled with junk data from the stack. We can -prevent this by setting the option member in addr to 0. - -Fixes: CID 375033 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=8e9e0d4643020b340839b7f428f7b9ca6a2129d8 - ---- - grub-core/net/net.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 11b3987..681f914 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -292,6 +292,7 @@ grub_net_ipv6_get_link_local (struct grub_net_card *card, - addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV6; - addr.ipv6[0] = grub_cpu_to_be64_compile_time (0xfe80ULL << 48); - addr.ipv6[1] = grub_net_ipv6_get_id (hwaddr); -+ addr.option = 0; - - FOR_NET_NETWORK_LEVEL_INTERFACES (inf) - { --- -cgit v1.1 - diff --git a/backport-net-netbuff-Block-overly-large-netbuff-allocs.patch b/backport-net-netbuff-Block-overly-large-netbuff-allocs.patch deleted file mode 100644 index 54a644f9f9ee5f886c2562ed5f0f02f28751168a..0000000000000000000000000000000000000000 --- a/backport-net-netbuff-Block-overly-large-netbuff-allocs.patch +++ /dev/null @@ -1,58 +0,0 @@ -From f407e34f3871a4c402bbd516e7c28ea193cef1b7 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 8 Mar 2022 23:47:46 +1100 -Subject: net/netbuff: Block overly large netbuff allocs - -A netbuff shouldn't be too huge. It's bounded by MTU and TCP segment -reassembly. If we are asked to create one that is unreasonably big, refuse. - -This is a hardening measure: if we hit this code, there's a bug somewhere -else that we should catch and fix. - -This commit: - - stops the bug propagating any further. - - provides a spot to instrument in e.g. fuzzing to try to catch these bugs. - -I have put instrumentation (e.g. __builtin_trap() to force a crash) here and -have not been able to find any more crashes. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f407e34f3871a4c402bbd516e7c28ea193cef1b7 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/netbuff.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/grub-core/net/netbuff.c b/grub-core/net/netbuff.c -index 72e5296..8da327b 100644 ---- a/grub-core/net/netbuff.c -+++ b/grub-core/net/netbuff.c -@@ -79,10 +79,23 @@ grub_netbuff_alloc (grub_size_t len) - - COMPILE_TIME_ASSERT (NETBUFF_ALIGN % sizeof (grub_properly_aligned_t) == 0); - -+ /* -+ * The largest size of a TCP packet is 64 KiB, and everything else -+ * should be a lot smaller - most MTUs are 1500 or less. Cap data -+ * size at 64 KiB + a buffer. -+ */ -+ if (len > 0xffffUL + 0x1000UL) -+ { -+ grub_error (GRUB_ERR_BUG, -+ "attempted to allocate a packet that is too big"); -+ return NULL; -+ } -+ - if (len < NETBUFFMINLEN) - len = NETBUFFMINLEN; - - len = ALIGN_UP (len, NETBUFF_ALIGN); -+ - #ifdef GRUB_MACHINE_EMU - data = grub_malloc (len + sizeof (*nb)); - #else --- -cgit v1.1 - diff --git a/backport-net-tftp-Avoid-a-trivial-UAF.patch b/backport-net-tftp-Avoid-a-trivial-UAF.patch deleted file mode 100644 index 9a303e9096b167df0cfde8bb689cac9a6a7d0567..0000000000000000000000000000000000000000 --- a/backport-net-tftp-Avoid-a-trivial-UAF.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 8f287c3e13da2bf82049e2e464eca7ca4fef0a85 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 18 Jan 2022 14:29:20 +1100 -Subject: net/tftp: Avoid a trivial UAF - -Under tftp errors, we print a tftp error message from the tftp header. -However, the tftph pointer is a pointer inside nb, the netbuff. Previously, -we were freeing the nb and then dereferencing it. Don't do that, use it -and then free it later. - -This isn't really _bad_ per se, especially as we're single-threaded, but -it trips up fuzzers. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=8f287c3e13da2bf82049e2e464eca7ca4fef0a85 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/tftp.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c -index ee305e1..7dbd305 100644 ---- a/grub-core/net/tftp.c -+++ b/grub-core/net/tftp.c -@@ -251,9 +251,9 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)), - return GRUB_ERR_NONE; - case TFTP_ERROR: - data->have_oack = 1; -- grub_netbuff_free (nb); - grub_error (GRUB_ERR_IO, "%s", tftph->u.err.errmsg); - grub_error_save (&data->save_err); -+ grub_netbuff_free (nb); - return GRUB_ERR_NONE; - default: - grub_netbuff_free (nb); --- -cgit v1.1 - diff --git a/backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch b/backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch deleted file mode 100644 index ea144ae96c0a8463a8f624906847a8d30ba7768e..0000000000000000000000000000000000000000 --- a/backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch +++ /dev/null @@ -1,117 +0,0 @@ -From ee9652031491326736714a988fbbaeab8ef9255c Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 20 Sep 2021 01:12:24 +1000 -Subject: net/tftp: Prevent a UAF and double-free from a failed seek - -A malicious tftp server can cause UAFs and a double free. - -An attempt to read from a network file is handled by grub_net_fs_read(). If -the read is at an offset other than the current offset, grub_net_seek_real() -is invoked. - -In grub_net_seek_real(), if a backwards seek cannot be satisfied from the -currently received packets, and the underlying transport does not provide -a seek method, then grub_net_seek_real() will close and reopen the network -protocol layer. - -For tftp, the ->close() call goes to tftp_close() and frees the tftp_data_t -file->data. The file->data pointer is not nulled out after the free. - -If the ->open() call fails, the file->data will not be reallocated and will -continue point to a freed memory block. This could happen from a server -refusing to send the requisite ack to the new tftp request, for example. - -The seek and the read will then fail, but the grub_file continues to exist: -the failed seek does not necessarily cause the entire file to be thrown -away (e.g. where the file is checked to see if it is gzipped/lzio/xz/etc., -a read failure is interpreted as a decompressor passing on the file, not as -an invalidation of the entire grub_file_t structure). - -This means subsequent attempts to read or seek the file will use the old -file->data after free. Eventually, the file will be close()d again and -file->data will be freed again. - -Mark a net_fs file that doesn't reopen as broken. Do not permit read() or -close() on a broken file (seek is not exposed directly to the file API - -it is only called as part of read, so this blocks seeks as well). - -As an additional defence, null out the ->data pointer if tftp_open() fails. -That would have lead to a simple null pointer dereference rather than -a mess of UAFs. - -This may affect other protocols, I haven't checked. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ee9652031491326736714a988fbbaeab8ef9255c -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/net/net.c | 11 +++++++++-- - grub-core/net/tftp.c | 1 + - include/grub/net.h | 1 + - 3 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/grub-core/net/net.c b/grub-core/net/net.c -index 2b67715..9f09f8e 100644 ---- a/grub-core/net/net.c -+++ b/grub-core/net/net.c -@@ -1521,7 +1521,8 @@ grub_net_fs_close (grub_file_t file) - grub_netbuff_free (file->device->net->packs.first->nb); - grub_net_remove_packet (file->device->net->packs.first); - } -- file->device->net->protocol->close (file); -+ if (!file->device->net->broken) -+ file->device->net->protocol->close (file); - grub_free (file->device->net->name); - return GRUB_ERR_NONE; - } -@@ -1744,7 +1745,10 @@ grub_net_seek_real (struct grub_file *file, grub_off_t offset) - file->device->net->stall = 0; - err = file->device->net->protocol->open (file, file->device->net->name); - if (err) -- return err; -+ { -+ file->device->net->broken = 1; -+ return err; -+ } - grub_net_fs_read_real (file, NULL, offset); - return grub_errno; - } -@@ -1753,6 +1757,9 @@ grub_net_seek_real (struct grub_file *file, grub_off_t offset) - static grub_ssize_t - grub_net_fs_read (grub_file_t file, char *buf, grub_size_t len) - { -+ if (file->device->net->broken) -+ return -1; -+ - if (file->offset != file->device->net->offset) - { - grub_err_t err; -diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c -index ebbafe7..ee305e1 100644 ---- a/grub-core/net/tftp.c -+++ b/grub-core/net/tftp.c -@@ -400,6 +400,7 @@ tftp_open (struct grub_file *file, const char *filename) - { - grub_net_udp_close (data->sock); - grub_free (data); -+ file->data = NULL; - return grub_errno; - } - -diff --git a/include/grub/net.h b/include/grub/net.h -index db21e79..a64a04c 100644 ---- a/include/grub/net.h -+++ b/include/grub/net.h -@@ -276,6 +276,7 @@ typedef struct grub_net - grub_fs_t fs; - int eof; - int stall; -+ int broken; - } *grub_net_t; - - extern grub_net_t (*EXPORT_VAR (grub_net_open)) (const char *name); --- -cgit v1.1 - diff --git a/backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch b/backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch deleted file mode 100644 index 7a4bf3cd2ef726bde3c2dac73a9330547c07f7c0..0000000000000000000000000000000000000000 --- a/backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 1514678888595ef41a968a0c69b7ff769edd1e9c Mon Sep 17 00:00:00 2001 -From: Zhang Boyang -Date: Fri, 28 Oct 2022 21:31:39 +0800 -Subject: [PATCH 13/13] normal/charset: Fix an integer overflow in - grub_unicode_aglomerate_comb() - -The out->ncomb is a bit-field of 8 bits. So, the max possible value is 255. -However, code in grub_unicode_aglomerate_comb() doesn't check for an -overflow when incrementing out->ncomb. If out->ncomb is already 255, -after incrementing it will get 0 instead of 256, and cause illegal -memory access in subsequent processing. - -This patch introduces GRUB_UNICODE_NCOMB_MAX to represent the max -acceptable value of ncomb. The code now checks for this limit and -ignores additional combining characters when limit is reached. - -Reported-by: Daniel Axtens -Signed-off-by: Zhang Boyang -Reviewed-by: Daniel Kiper ---- - grub-core/normal/charset.c | 3 +++ - include/grub/unicode.h | 2 ++ - 2 files changed, 5 insertions(+) - -diff --git a/grub-core/normal/charset.c b/grub-core/normal/charset.c -index 000e687bd..4f6647116 100644 ---- a/grub-core/normal/charset.c -+++ b/grub-core/normal/charset.c -@@ -472,6 +472,9 @@ grub_unicode_aglomerate_comb (const grub_uint32_t *in, grub_size_t inlen, - if (!haveout) - continue; - -+ if (out->ncomb == GRUB_UNICODE_NCOMB_MAX) -+ continue; -+ - if (comb_type == GRUB_UNICODE_COMB_MC - || comb_type == GRUB_UNICODE_COMB_ME - || comb_type == GRUB_UNICODE_COMB_MN) -diff --git a/include/grub/unicode.h b/include/grub/unicode.h -index 71a4d1a54..9360b0b97 100644 ---- a/include/grub/unicode.h -+++ b/include/grub/unicode.h -@@ -147,7 +147,9 @@ struct grub_unicode_glyph - grub_uint8_t bidi_level:6; /* minimum: 6 */ - enum grub_bidi_type bidi_type:5; /* minimum: :5 */ - -+#define GRUB_UNICODE_NCOMB_MAX ((1 << 8) - 1) - unsigned ncomb:8; -+ - /* Hint by unicode subsystem how wide this character usually is. - Real width is determined by font. Set only in UTF-8 stream. */ - int estimated_width:8; --- -2.27.0 - diff --git a/backport-normal-charset-Fix-array-out-of-bounds-formatting.patch b/backport-normal-charset-Fix-array-out-of-bounds-formatting.patch deleted file mode 100644 index 1f010c44231c1d0574a0a36abbf90859db42aff3..0000000000000000000000000000000000000000 --- a/backport-normal-charset-Fix-array-out-of-bounds-formatting.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 830a9628b2c9e1b6388af624aaf4a80818ed6be0 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 13 Jul 2021 13:24:38 +1000 -Subject: normal/charset: Fix array out-of-bounds formatting unicode for - display - -In some cases attempting to display arbitrary binary strings leads -to ASAN splats reading the widthspec array out of bounds. - -Check the index. If it would be out of bounds, return a width of 1. -I don't know if that's strictly correct, but we're not really expecting -great display of arbitrary binary data, and it's certainly not worse than -an OOB read. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=830a9628b2c9e1b6388af624aaf4a80818ed6be0 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/normal/charset.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/grub-core/normal/charset.c b/grub-core/normal/charset.c -index 7778f1a..000e687 100644 ---- a/grub-core/normal/charset.c -+++ b/grub-core/normal/charset.c -@@ -395,6 +395,8 @@ grub_unicode_estimate_width (const struct grub_unicode_glyph *c) - { - if (grub_unicode_get_comb_type (c->base)) - return 0; -+ if (((unsigned long) (c->base >> 3)) >= ARRAY_SIZE (widthspec)) -+ return 1; - if (widthspec[c->base >> 3] & (1 << (c->base & 7))) - return 2; - else --- -cgit v1.1 - diff --git a/backport-normal-cmdline-Fix-two-related-integer-underflows.patch b/backport-normal-cmdline-Fix-two-related-integer-underflows.patch deleted file mode 100644 index f86b2b437108100b09e2455048cc2cb588ab58f8..0000000000000000000000000000000000000000 --- a/backport-normal-cmdline-Fix-two-related-integer-underflows.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 77afd25f8065bfbf5cc7848855006cd5260aeb9f Mon Sep 17 00:00:00 2001 -From: Ryan Cohen -Date: Sat, 26 Nov 2022 17:22:52 -0500 -Subject: [PATCH] normal/cmdline: Fix two related integer underflows - -An unchecked decrement operation in cl_print() would cause a few -integers to underflow. Where an output terminal's state is stored in -cl_term, the values cl_term->ystart and cl_term->pos.y both underflow. - -This can be replicated with the following steps: - -1. Get to the GRUB command line -2. Hold down the "d" key (or any key that enters a visible character) - until it fills the entire row -3. Press "HOME" and then press "CTRL-k". This will clear every - character entered in step 2 -4. Continuously press "CTRL-y" until the terminal scrolls the original - prompt ("grub> ") passed the terminal's top row. Now, no prompt - should be visible. This step causes cl_term->ystart to underflow -5. Press "HOME" and then "d" (or any visible character). This can have - different visual effects for different systems, but it will always - cause cl_term->pos.y to underflow - -On BIOS systems, these underflows cause the output terminal to -completely stop displaying anything. Characters can still be -entered and commands can be run, but nothing will display on the -terminal. From here, you can only get the display working by running -a command to switch the current output terminal to a different type: - -terminal_output - -On UEFI systems, these replication steps do not break the output -terminal. Until you press "ENTER", the cursor stops responding to input, -but you can press "ENTER" after step 5 and the command line will -work properly again. This patch is mostly important for BIOS systems -where the output terminal is rendered unusable after the underflows -occur. - -This patch adds two checks, one for each variable. It ensures that -cl_term->ystart does not decrement passed 0. It also ensures that -cl_term->pos.y does not get set passed the terminal's bottom row. - -When the previously listed replication steps are followed with this -patch, the terminal's cursor will be set to the top row and the command -line is still usable, even on BIOS systems. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=77afd25f8065bfbf5cc7848855006cd5260aeb9f -Conflict:NA - -Signed-off-by: Ryan Cohen -Reviewed-by: Daniel Kiper ---- - grub-core/normal/cmdline.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/grub-core/normal/cmdline.c b/grub-core/normal/cmdline.c -index 61f098244..9c6d9ade9 100644 ---- a/grub-core/normal/cmdline.c -+++ b/grub-core/normal/cmdline.c -@@ -219,6 +219,8 @@ cl_set_pos (struct cmdline_term *cl_term, grub_size_t lpos) - cl_term->pos.x = (cl_term->prompt_len + lpos) % cl_term->width; - cl_term->pos.y = cl_term->ystart - + (cl_term->prompt_len + lpos) / cl_term->width; -+ if (cl_term->pos.y >= cl_term->height) -+ cl_term->pos.y = cl_term->height - 1; - grub_term_gotoxy (cl_term->term, cl_term->pos); - } - -@@ -248,7 +250,10 @@ cl_print (struct cmdline_term *cl_term, grub_uint32_t c, - { - cl_term->pos.x = 0; - if (cl_term->pos.y >= (unsigned) (cl_term->height - 1)) -- cl_term->ystart--; -+ { -+ if (cl_term->ystart > 0) -+ cl_term->ystart--; -+ } - else - cl_term->pos.y++; - grub_putcode ('\n', cl_term->term); --- -2.28.0.windows.1 - diff --git a/backport-osdep-linux-Fix-md-array-device-enumeration.patch b/backport-osdep-linux-Fix-md-array-device-enumeration.patch deleted file mode 100644 index c833cb5826535fb3ca9edbb530ff621d21b50251..0000000000000000000000000000000000000000 --- a/backport-osdep-linux-Fix-md-array-device-enumeration.patch +++ /dev/null @@ -1,91 +0,0 @@ -From c39f27cd678d61e8e84c1386695a33575c9ded44 Mon Sep 17 00:00:00 2001 -From: Kees Cook -Date: Thu, 7 Oct 2021 16:33:16 -0700 -Subject: osdep/linux: Fix md array device enumeration - -GET_ARRAY_INFO's info.nr_disks does not map to GET_DISK_INFO's -disk.number, which is an internal kernel index. If an array has had drives -added, removed, etc., there may be gaps in GET_DISK_INFO's results. But -since the consumer of devicelist cannot tolerate gaps (it expects to walk -a NULL-terminated list of device name strings), the devicelist index (j) -must be tracked separately from the disk.number index (i). - -As part of this, since GRUB wants to only examine active (i.e. present -and non-failed) disks, the count of remaining disks (remaining) must be -tracked separately from the devicelist index (j). - -Additionally, drop a line with empty spaces only. - -Fixes: 49de079bbe1c (... (grub_util_raid_getmembers): Handle "removed" disks) -Fixes: 2b00217369ac (... Added support for RAID and LVM) -Fixes: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1912043 -Fixes: https://savannah.gnu.org/bugs/index.php?59887 - -Signed-off-by: Kees Cook -Reviewed-by: Petr Vorel -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=c39f27cd678d61e8e84c1386695a33575c9ded44 - ---- - grub-core/osdep/linux/getroot.c | 24 +++++++++++++++++------- - 1 file changed, 17 insertions(+), 7 deletions(-) - -diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c -index cd58858..df422c6 100644 ---- a/grub-core/osdep/linux/getroot.c -+++ b/grub-core/osdep/linux/getroot.c -@@ -130,10 +130,20 @@ struct mountinfo_entry - char fstype[ESCAPED_PATH_MAX + 1], device[ESCAPED_PATH_MAX + 1]; - }; - -+/* -+ * GET_DISK_INFO nr_disks (total count) does not map to disk.number, -+ * which is an internal kernel index. Instead, do what mdadm does -+ * and keep scanning until we find enough valid disks. The limit is -+ * copied from there, which notes that it is sufficiently high given -+ * that the on-disk metadata for v1.x can only support 1920. -+ */ -+#define MD_MAX_DISKS 4096 -+ - static char ** - grub_util_raid_getmembers (const char *name, int bootable) - { - int fd, ret, i, j; -+ int remaining; - char **devicelist; - mdu_version_t version; - mdu_array_info_t info; -@@ -165,22 +175,22 @@ grub_util_raid_getmembers (const char *name, int bootable) - - devicelist = xcalloc (info.nr_disks + 1, sizeof (char *)); - -- for (i = 0, j = 0; j < info.nr_disks; i++) -+ remaining = info.nr_disks; -+ for (i = 0, j = 0; i < MD_MAX_DISKS && remaining > 0; i++) - { - disk.number = i; - ret = ioctl (fd, GET_DISK_INFO, &disk); - if (ret != 0) - grub_util_error (_("ioctl GET_DISK_INFO error: %s"), strerror (errno)); -- -+ -+ /* Skip: MD_DISK_REMOVED slots don't contribute to "remaining" count. */ - if (disk.state & (1 << MD_DISK_REMOVED)) - continue; -+ remaining--; - -+ /* Only record disks that are actively participating in the array. */ - if (disk.state & (1 << MD_DISK_ACTIVE)) -- devicelist[j] = grub_find_device (NULL, -- makedev (disk.major, disk.minor)); -- else -- devicelist[j] = NULL; -- j++; -+ devicelist[j++] = grub_find_device (NULL, makedev (disk.major, disk.minor)); - } - - devicelist[j] = NULL; --- -cgit v1.1 diff --git a/backport-osdep-linux-hostdisk-Modify-sector-by-sysfs-as-disk-sector.patch b/backport-osdep-linux-hostdisk-Modify-sector-by-sysfs-as-disk-sector.patch deleted file mode 100644 index a6c696c0591710b75ef8560ea0bb76b055d85fd6..0000000000000000000000000000000000000000 --- a/backport-osdep-linux-hostdisk-Modify-sector-by-sysfs-as-disk-sector.patch +++ /dev/null @@ -1,75 +0,0 @@ -From f7564844f82b57078d601befadc438b5bc1fa01b Mon Sep 17 00:00:00 2001 -From: Mukesh Kumar Chaurasiya -Date: Thu, 9 Feb 2023 13:09:16 +0530 -Subject: osdep/linux/hostdisk: Modify sector by sysfs as disk sector - -The disk sector size provided by sysfs file system considers the sector -size of 512 irrespective of disk sector size, thus causing the read by -the GRUB to an incorrect offset from what was originally intended. - -Considering the 512 sector size of sysfs data the actual sector needs to -be modified corresponding to disk sector size. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=f7564844f82b57078d601befadc438b5bc1fa01b -Conflict:NA - -Signed-off-by: Mukesh Kumar Chaurasiya -Reviewed-by: Daniel Kiper ---- - grub-core/osdep/linux/hostdisk.c | 7 ++++--- - include/grub/disk.h | 7 +++++++ - 2 files changed, 11 insertions(+), 3 deletions(-) - -diff --git a/grub-core/osdep/linux/hostdisk.c b/grub-core/osdep/linux/hostdisk.c -index 07058f6..7e24ae6 100644 ---- a/grub-core/osdep/linux/hostdisk.c -+++ b/grub-core/osdep/linux/hostdisk.c -@@ -198,7 +198,8 @@ have_devfs (void) - #pragma GCC diagnostic ignored "-Wformat-nonliteral" - - static int --grub_hostdisk_linux_find_partition (char *dev, grub_disk_addr_t sector) -+grub_hostdisk_linux_find_partition (const grub_disk_t disk, char *dev, -+ grub_disk_addr_t sector) - { - size_t len = strlen (dev); - const char *format; -@@ -263,7 +264,7 @@ grub_hostdisk_linux_find_partition (char *dev, grub_disk_addr_t sector) - if (fstat (fd, &st) < 0 - || !grub_util_device_is_mapped_stat (&st) - || !grub_util_get_dm_node_linear_info (st.st_rdev, 0, 0, &start)) -- start = grub_util_find_partition_start_os (real_dev); -+ start = grub_disk_to_native_sector (disk, grub_util_find_partition_start_os (real_dev)); - /* We don't care about errors here. */ - grub_errno = GRUB_ERR_NONE; - -@@ -344,7 +345,7 @@ grub_util_fd_open_device (const grub_disk_t disk, grub_disk_addr_t sector, int f - && strncmp (dev, "/dev/", 5) == 0) - { - if (sector >= part_start) -- is_partition = grub_hostdisk_linux_find_partition (dev, part_start); -+ is_partition = grub_hostdisk_linux_find_partition (disk, dev, part_start); - else - *max = part_start - sector; - } -diff --git a/include/grub/disk.h b/include/grub/disk.h -index 25c141e..071b2f7 100644 ---- a/include/grub/disk.h -+++ b/include/grub/disk.h -@@ -208,6 +208,13 @@ grub_disk_from_native_sector (grub_disk_t disk, grub_disk_addr_t sector) - return sector << (disk->log_sector_size - GRUB_DISK_SECTOR_BITS); - } - -+/* Convert from GRUB native disk sized sector to disk sized sector. */ -+static inline grub_disk_addr_t -+grub_disk_to_native_sector (grub_disk_t disk, grub_disk_addr_t sector) -+{ -+ return sector >> (disk->log_sector_size - GRUB_DISK_SECTOR_BITS); -+} -+ - /* This is called from the memory manager. */ - void grub_disk_cache_invalidate_all (void); - --- -cgit v1.1 - diff --git a/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch b/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch deleted file mode 100644 index 93b53f9abd4fa8f051d047641c5164be83c75ece..0000000000000000000000000000000000000000 --- a/backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 108a3865f43330b581d35b9cf6ecb1e0a1da5d49 Mon Sep 17 00:00:00 2001 -From: Ryan Cohen -Date: Sat, 26 Nov 2022 17:22:51 -0500 -Subject: [PATCH] term/i386/pc/vga_text: Prevent out-of-bounds writes to VGA - text buffer - -Coordinates passed to screen_write_char() did not have any checks to -ensure they are not out-of-bounds. This adds an if statement to prevent -out-of-bounds writes to the VGA text buffer. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=108a3865f43330b581d35b9cf6ecb1e0a1da5d49 -Conflict:NA - -Signed-off-by: Ryan Cohen -Reviewed-by: Daniel Kiper ---- - grub-core/term/i386/pc/vga_text.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/grub-core/term/i386/pc/vga_text.c b/grub-core/term/i386/pc/vga_text.c -index 669d06fad..b88fa9d2e 100644 ---- a/grub-core/term/i386/pc/vga_text.c -+++ b/grub-core/term/i386/pc/vga_text.c -@@ -63,7 +63,8 @@ static grub_uint8_t cur_color = 0x7; - static void - screen_write_char (int x, int y, short c) - { -- VGA_TEXT_SCREEN[y * COLS + x] = grub_cpu_to_le16 (c); -+ if (x < COLS && y < ROWS && x >= 0 && y >= 0) -+ VGA_TEXT_SCREEN[y * COLS + x] = grub_cpu_to_le16 (c); - } - - static short --- -2.28.0.windows.1 - diff --git a/backport-tests-Disable-blkid-cache-usage.patch b/backport-tests-Disable-blkid-cache-usage.patch deleted file mode 100644 index 6765b3b6127ecfe33a7836b97fbd3f1af3b089b3..0000000000000000000000000000000000000000 --- a/backport-tests-Disable-blkid-cache-usage.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 8cdf18bb505a6920b59384e222005b0ec2b4211f Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Sat, 9 Apr 2022 02:44:46 +0000 -Subject: [PATCH] tests: Disable blkid cache usage - -Using the blkid cache can cause issues when running many file system tests -in parallel. We do not need it, as its only there to improve performance, -and using the cache does not provide significant performance improvements. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=e883cc6a282891783902daf2d564a5b5c7a6a5aa -Conflict:NA - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper - ---- - tests/util/grub-fs-tester.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tests/util/grub-fs-tester.in b/tests/util/grub-fs-tester.in -index bfc425e..e6a493c 100644 ---- a/tests/util/grub-fs-tester.in -+++ b/tests/util/grub-fs-tester.in -@@ -1,6 +1,7 @@ - #!@BUILD_SHEBANG@ - - set -e -+export BLKID_FILE=/dev/null - - fs="$1" - --- -2.27.0 - diff --git a/backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch b/backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch deleted file mode 100644 index 1019dda640a519b5318ee827cfed89b2b5ba1c82..0000000000000000000000000000000000000000 --- a/backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 53f08de12bfdd10207a8e6a062c9778f5ab6df87 Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Tue, 26 Oct 2021 15:02:37 +0000 -Subject: util/grub-fstest: Fix resource leaks in cmd_cmp() - -In the function cmd_cmp() within the while loop, srcnew and destnew are -being allocated but are never freed either before leaving scope or in -the recursive calls being made to cmd_cmp(). - -Fixes: CID 314032 -Fixes: CID 314045 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=53f08de12bfdd10207a8e6a062c9778f5ab6df87 - ---- - util/grub-fstest.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/util/grub-fstest.c b/util/grub-fstest.c -index 8386564..486f1dc 100644 ---- a/util/grub-fstest.c -+++ b/util/grub-fstest.c -@@ -300,9 +300,15 @@ cmd_cmp (char *src, char *dest) - strcpy (ptr, entry->d_name); - - if (grub_util_is_special_file (destnew)) -- continue; -+ { -+ free (srcnew); -+ free (destnew); -+ continue; -+ } - - cmd_cmp (srcnew, destnew); -+ free (srcnew); -+ free (destnew); - } - grub_util_fd_closedir (dir); - return; --- -cgit v1.1 diff --git a/backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch b/backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch deleted file mode 100644 index b73aa5d161fe374fa2cccf6b70c17c76fe3c8c08..0000000000000000000000000000000000000000 --- a/backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch +++ /dev/null @@ -1,38 +0,0 @@ -From e07fcea291ac8aa430db6e57d6e8e08894127fe2 Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Tue, 26 Oct 2021 15:02:35 +0000 -Subject: util/grub-install-common: Fix memory leak in copy_all() - -The copy_all() function skips a section of code using continue, but -fails to free the memory in srcf first, leaking it. - -Fixes: CID 314026 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=e07fcea291ac8aa430db6e57d6e8e08894127fe2 - ---- - util/grub-install-common.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index 4e212e6..fe77e39 100644 ---- a/util/grub-install-common.c -+++ b/util/grub-install-common.c -@@ -754,7 +754,10 @@ copy_all (const char *srcd, - srcf = grub_util_path_concat (2, srcd, de->d_name); - if (grub_util_is_special_file (srcf) - || grub_util_is_directory (srcf)) -- continue; -+ { -+ free (srcf); -+ continue; -+ } - dstf = grub_util_path_concat (2, dstd, de->d_name); - grub_install_compress_file (srcf, dstf, 1); - free (srcf); --- -cgit v1.1 diff --git a/backport-util-grub-install-common-Fix-the-key-of.patch b/backport-util-grub-install-common-Fix-the-key-of.patch deleted file mode 100644 index b250a97005baf5825f97dcdeb59e739b15f75ecc..0000000000000000000000000000000000000000 --- a/backport-util-grub-install-common-Fix-the-key-of.patch +++ /dev/null @@ -1,43 +0,0 @@ -From a6eba8f1276e58d94b4134b2488768349c8f37dc Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?=C3=81kos=20Nagy?= -Date: Fri, 5 May 2023 14:04:28 +0200 -Subject: util/grub-install-common: Fix the key of the --core-compress option -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Commit f23bc6510 (Transform -C option to grub-mkstandalone to ---core-compress available in all grub-install flavours.) declared -a new long option for specifying the compression method to use for -the core image. - -However, the option key has not been replaced in the parser function, -it still expects the old one formerly used by grub-mkstandalone. -Because of this the option is not recognized by any of the utils for -which it is listed as supported. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=a6eba8f1276e58d94b4134b2488768349c8f37dc -Conflict:NA - -Signed-off-by: Ákos Nagy -Reviewed-by: Daniel Kiper ---- - util/grub-install-common.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util/grub-install-common.c b/util/grub-install-common.c -index 57ac445..52a29d1 100644 ---- a/util/grub-install-common.c -+++ b/util/grub-install-common.c -@@ -472,7 +472,7 @@ grub_install_parse (int key, char *arg) - const char *end; - switch (key) - { -- case 'C': -+ case GRUB_INSTALL_OPTIONS_INSTALL_CORE_COMPRESS: - if (grub_strcmp (arg, "xz") == 0) - { - #ifdef HAVE_LIBLZMA --- -cgit v1.1 - diff --git a/backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch b/backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch deleted file mode 100644 index 8af7f939b9abdbde18459f738ba6bb355810b412..0000000000000000000000000000000000000000 --- a/backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch +++ /dev/null @@ -1,35 +0,0 @@ -From b1fae9c1ba1f3ba4c9b4d39ad6eaedf9d77af7ed Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Tue, 26 Oct 2021 15:02:38 +0000 -Subject: util/grub-mkfont: Fix memory leak in write_font_pf2() - -In the function write_font_pf2() memory is allocated for font_name to -construct a new name, but it is not released before returning from the -function, leaking the allocated memory. - -Fixes: CID 314015 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=b1fae9c1ba1f3ba4c9b4d39ad6eaedf9d77af7ed - ---- - util/grub-mkfont.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c -index 0fe45a6..fdfd70d 100644 ---- a/util/grub-mkfont.c -+++ b/util/grub-mkfont.c -@@ -928,6 +928,7 @@ write_font_pf2 (struct grub_font_info *font_info, char *output_file) - file, output_file); - } - -+ free (font_name); - fclose (file); - } - --- -cgit v1.1 diff --git a/backport-util-grub-mkfont-Fix-resource-leaks.patch b/backport-util-grub-mkfont-Fix-resource-leaks.patch deleted file mode 100644 index a5a2d62bd8d316be52ee2e2e8017bf9673e38fbc..0000000000000000000000000000000000000000 --- a/backport-util-grub-mkfont-Fix-resource-leaks.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 78baa77c01f88662d980be38250344f7379b6655 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Mon, 1 Aug 2022 16:31:02 +0800 -Subject: util/grub-mkfont: Fix resource leaks - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=78baa77c01f88662d980be38250344f7379b6655 -Conflict:NA - -Signed-off-by: Qiumiao Zhang -Reviewed-by: Daniel Kiper ---- - util/grub-mkfont.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c -index bb6982d..f63890c 100644 ---- a/util/grub-mkfont.c -+++ b/util/grub-mkfont.c -@@ -656,6 +656,7 @@ add_font (struct grub_font_info *font_info, FT_Face face, int nocut) - } - } - } -+ free (gsub); - } - - if (font_info->num_range) -@@ -1279,11 +1280,15 @@ main (int argc, char *argv[]) - if (font_verbosity > 1) - print_glyphs (&arguments.font_info); - -+ free (arguments.font_info.glyphs_sorted); -+ - { - size_t i; - for (i = 0; i < arguments.nfiles; i++) - free (arguments.files[i]); - } - -+ free (arguments.files); -+ - return 0; - } --- -2.19.1 - diff --git a/backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch b/backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch deleted file mode 100644 index 84094e8fdda9e066e191d8dea391aa52949dcad4..0000000000000000000000000000000000000000 --- a/backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch +++ /dev/null @@ -1,34 +0,0 @@ -From eff17a6b2d563fe9a0917e048776ed9ce2da4b80 Mon Sep 17 00:00:00 2001 -From: Darren Kenny -Date: Tue, 26 Oct 2021 15:02:36 +0000 -Subject: util/grub-mkrescue: Fix memory leak in write_part() - -In the function write_part(), the value of inname is not used beyond -the grub_util_fopen() call, so it should be freed to avoid leakage. - -Fixes: CID 314028 - -Signed-off-by: Darren Kenny -Reviewed-by: Daniel Kiper - -Conflict: NA -Reference: https://git.savannah.gnu.org/cgit/grub.git/commit?id=eff17a6b2d563fe9a0917e048776ed9ce2da4b80 - ---- - util/grub-mkrescue.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/util/grub-mkrescue.c b/util/grub-mkrescue.c -index fb4dcc6..59c48b1 100644 ---- a/util/grub-mkrescue.c -+++ b/util/grub-mkrescue.c -@@ -229,6 +229,7 @@ write_part (FILE *f, const char *srcdir) - char *inname = grub_util_path_concat (2, srcdir, "partmap.lst"); - char buf[260]; - in = grub_util_fopen (inname, "rb"); -+ free (inname); - if (!in) - return; - while (fgets (buf, 256, in)) --- -cgit v1.1 diff --git a/backport-util-grub-mount-Fix-memory-leak-in-fuse_getattr.patch b/backport-util-grub-mount-Fix-memory-leak-in-fuse_getattr.patch deleted file mode 100644 index d92e8201df9107d9dd733e0d1fe29cac70c66c06..0000000000000000000000000000000000000000 --- a/backport-util-grub-mount-Fix-memory-leak-in-fuse_getattr.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 3077b39baef99afe534b582b9024bba877786e40 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Tue, 25 Jul 2023 11:18:59 +0800 -Subject: util/grub-mount: Fix memory leak in fuse_getattr() - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=3077b39baef99afe534b582b9024bba877786e40 -Conflict:NA - -Signed-off-by: Qiumiao Zhang -Reviewed-by: Daniel Kiper ---- - util/grub-mount.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/util/grub-mount.c b/util/grub-mount.c -index 1c35b6a..c69889d 100644 ---- a/util/grub-mount.c -+++ b/util/grub-mount.c -@@ -198,6 +198,7 @@ fuse_getattr (const char *path, struct stat *st, - (fs->fs_dir) (dev, path2, fuse_getattr_find_file, &ctx); - - grub_free (path2); -+ free (pathname); - if (!ctx.file_exists) - { - grub_errno = GRUB_ERR_NONE; --- -cgit v1.1 - diff --git a/backport-util-resolve-Do-not-read-past-the-end-of-the-array-in-read_dep_list.patch b/backport-util-resolve-Do-not-read-past-the-end-of-the-array-in-read_dep_list.patch deleted file mode 100644 index 57c292b96994dd13b61ab2acb2c0e788d704c029..0000000000000000000000000000000000000000 --- a/backport-util-resolve-Do-not-read-past-the-end-of-the-array-in-read_dep_list.patch +++ /dev/null @@ -1,38 +0,0 @@ -From ddf47bdb042ab0ea52bc713b5f80cc48543f0469 Mon Sep 17 00:00:00 2001 -From: Glenn Washburn -Date: Wed, 12 Jan 2022 20:55:00 -0600 -Subject: util/resolve: Do not read past the end of the array in - read_dep_list() - -If the last non-NULL byte of "buf" is not a white-space character (such as -when a read line is longer than the size of "buf"), then "p" will eventually -point to the byte after the last byte in "buf". After which "p" will be -dereferenced in the while conditional leading to an out of bounds read. Make -sure that "p" is inside "buf" before dereferencing it. - -Signed-off-by: Glenn Washburn -Reviewed-by: Daniel Kiper - -Conflict:NA -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=ddf47bdb042ab0ea52bc713b5f80cc48543f0469 - ---- - util/resolve.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util/resolve.c b/util/resolve.c -index 3e887d2..5e9afa1 100644 ---- a/util/resolve.c -+++ b/util/resolve.c -@@ -102,7 +102,7 @@ read_dep_list (FILE *fp) - dep_list = dep; - - /* Add dependencies. */ -- while (*p) -+ while (p < (buf + sizeof (buf)) && *p) - { - struct mod_list *mod; - char *name; --- -cgit v1.1 - diff --git a/backport-video-readers-Add-artificial-limit-to-image-dimensio.patch b/backport-video-readers-Add-artificial-limit-to-image-dimensio.patch deleted file mode 100644 index 6fe4e5a685baedb47eee437b0f1d01b572e1f5db..0000000000000000000000000000000000000000 --- a/backport-video-readers-Add-artificial-limit-to-image-dimensio.patch +++ /dev/null @@ -1,109 +0,0 @@ -From a85714545fe57a86d14ee231a4cd312158101d43 Mon Sep 17 00:00:00 2001 -From: Alec Brown -Date: Wed, 26 Oct 2022 20:16:44 -0400 -Subject: [PATCH] video/readers: Add artificial limit to image dimensions - -In grub-core/video/readers/jpeg.c, the height and width of a JPEG image don't -have an upper limit for how big the JPEG image can be. In Coverity, this is -getting flagged as an untrusted loop bound. This issue can also seen in PNG and -TGA format images as well but Coverity isn't flagging it. To prevent this, the -constant IMAGE_HW_MAX_PX is being added to include/grub/bitmap.h, which has -a value of 16384, to act as an artificial limit and restrict the height and -width of images. This value was picked as it is double the current max -resolution size, which is 8K. - -Fixes: CID 292450 - -Signed-off-by: Alec Brown -Reviewed-by: Darren Kenny -Reviewed-by: Daniel Kiper ---- - docs/grub.texi | 3 ++- - grub-core/video/readers/jpeg.c | 6 +++++- - grub-core/video/readers/png.c | 6 +++++- - grub-core/video/readers/tga.c | 7 +++++++ - include/grub/bitmap.h | 2 ++ - 5 files changed, 21 insertions(+), 3 deletions(-) - -diff --git a/docs/grub.texi b/docs/grub.texi -index 0dbbdc374..2d6cd8358 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -1515,7 +1515,8 @@ resolution. @xref{gfxmode}. - Set a background image for use with the @samp{gfxterm} graphical terminal. - The value of this option must be a file readable by GRUB at boot time, and - it must end with @file{.png}, @file{.tga}, @file{.jpg}, or @file{.jpeg}. --The image will be scaled if necessary to fit the screen. -+The image will be scaled if necessary to fit the screen. Image height and -+width will be restricted by an artificial limit of 16384. - - @item GRUB_THEME - Set a theme for use with the @samp{gfxterm} graphical terminal. -diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c -index 09596fbf5..ae634fd41 100644 ---- a/grub-core/video/readers/jpeg.c -+++ b/grub-core/video/readers/jpeg.c -@@ -346,7 +346,11 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) - data->image_height = grub_jpeg_get_word (data); - data->image_width = grub_jpeg_get_word (data); - -- if ((!data->image_height) || (!data->image_width)) -+ grub_dprintf ("jpeg", "image height: %d\n", data->image_height); -+ grub_dprintf ("jpeg", "image width: %d\n", data->image_width); -+ -+ if ((!data->image_height) || (!data->image_width) || -+ (data->image_height > IMAGE_HW_MAX_PX) || (data->image_width > IMAGE_HW_MAX_PX)) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid image size"); - - cc = grub_jpeg_get_byte (data); -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index 7f2ba7849..3163e97bf 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -264,7 +264,11 @@ grub_png_decode_image_header (struct grub_png_data *data) - data->image_width = grub_png_get_dword (data); - data->image_height = grub_png_get_dword (data); - -- if ((!data->image_height) || (!data->image_width)) -+ grub_dprintf ("png", "image height: %d\n", data->image_height); -+ grub_dprintf ("png", "image width: %d\n", data->image_width); -+ -+ if ((!data->image_height) || (!data->image_width) || -+ (data->image_height > IMAGE_HW_MAX_PX) || (data->image_width > IMAGE_HW_MAX_PX)) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "png: invalid image size"); - - color_bits = grub_png_get_byte (data); -diff --git a/grub-core/video/readers/tga.c b/grub-core/video/readers/tga.c -index a9ec3a1b6..9c35bf29d 100644 ---- a/grub-core/video/readers/tga.c -+++ b/grub-core/video/readers/tga.c -@@ -340,6 +340,13 @@ grub_video_reader_tga (struct grub_video_bitmap **bitmap, - data.image_width = grub_le_to_cpu16 (data.hdr.image_width); - data.image_height = grub_le_to_cpu16 (data.hdr.image_height); - -+ grub_dprintf ("tga", "image height: %d\n", data.image_height); -+ grub_dprintf ("tga", "image width: %d\n", data.image_width); -+ -+ /* Check image height and width are within restrictions. */ -+ if ((data.image_height > IMAGE_HW_MAX_PX) || (data.image_width > IMAGE_HW_MAX_PX)) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "tga: invalid image size"); -+ - /* Check that bitmap encoding is supported. */ - switch (data.hdr.image_type) - { -diff --git a/include/grub/bitmap.h b/include/grub/bitmap.h -index 5728f8ca3..149d37bfe 100644 ---- a/include/grub/bitmap.h -+++ b/include/grub/bitmap.h -@@ -24,6 +24,8 @@ - #include - #include - -+#define IMAGE_HW_MAX_PX 16384 -+ - struct grub_video_bitmap - { - /* Bitmap format description. */ --- -2.27.0 - diff --git a/backport-video-readers-jpeg-Abort-sooner-if-a-read.patch b/backport-video-readers-jpeg-Abort-sooner-if-a-read.patch deleted file mode 100644 index 501d56f7bdc99be69711baab40cf78a65abb7b17..0000000000000000000000000000000000000000 --- a/backport-video-readers-jpeg-Abort-sooner-if-a-read.patch +++ /dev/null @@ -1,260 +0,0 @@ -From d5caac8ab79d068ad9a41030c772d03a4d4fbd7b Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 28 Jun 2021 14:16:14 +1000 -Subject: video/readers/jpeg: Abort sooner if a read operation fails - -Fuzzing revealed some inputs that were taking a long time, potentially -forever, because they did not bail quickly upon encountering an I/O error. - -Try to catch I/O errors sooner and bail out. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=d5caac8ab79d068ad9a41030c772d03a4d4fbd7b -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/jpeg.c | 86 ++++++++++++++++++++++++++++++++++-------- - 1 file changed, 70 insertions(+), 16 deletions(-) - -diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c -index c47ffd6..806c56c 100644 ---- a/grub-core/video/readers/jpeg.c -+++ b/grub-core/video/readers/jpeg.c -@@ -109,9 +109,17 @@ static grub_uint8_t - grub_jpeg_get_byte (struct grub_jpeg_data *data) - { - grub_uint8_t r; -+ grub_ssize_t bytes_read; - - r = 0; -- grub_file_read (data->file, &r, 1); -+ bytes_read = grub_file_read (data->file, &r, 1); -+ -+ if (bytes_read != 1) -+ { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: unexpected end of data"); -+ return 0; -+ } - - return r; - } -@@ -120,9 +128,17 @@ static grub_uint16_t - grub_jpeg_get_word (struct grub_jpeg_data *data) - { - grub_uint16_t r; -+ grub_ssize_t bytes_read; - - r = 0; -- grub_file_read (data->file, &r, sizeof (grub_uint16_t)); -+ bytes_read = grub_file_read (data->file, &r, sizeof (grub_uint16_t)); -+ -+ if (bytes_read != sizeof (grub_uint16_t)) -+ { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: unexpected end of data"); -+ return 0; -+ } - - return grub_be_to_cpu16 (r); - } -@@ -135,6 +151,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data) - if (data->bit_mask == 0) - { - data->bit_save = grub_jpeg_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: file read error"); -+ return 0; -+ } - if (data->bit_save == JPEG_ESC_CHAR) - { - if (grub_jpeg_get_byte (data) != 0) -@@ -143,6 +164,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data) - "jpeg: invalid 0xFF in data stream"); - return 0; - } -+ if (grub_errno != GRUB_ERR_NONE) -+ { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: file read error"); -+ return 0; -+ } - } - data->bit_mask = 0x80; - } -@@ -161,7 +187,7 @@ grub_jpeg_get_number (struct grub_jpeg_data *data, int num) - return 0; - - msb = value = grub_jpeg_get_bit (data); -- for (i = 1; i < num; i++) -+ for (i = 1; i < num && grub_errno == GRUB_ERR_NONE; i++) - value = (value << 1) + (grub_jpeg_get_bit (data) != 0); - if (!msb) - value += 1 - (1 << num); -@@ -208,6 +234,8 @@ grub_jpeg_decode_huff_table (struct grub_jpeg_data *data) - while (data->file->offset + sizeof (count) + 1 <= next_marker) - { - id = grub_jpeg_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - ac = (id >> 4) & 1; - id &= 0xF; - if (id > 1) -@@ -258,6 +286,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data) - - next_marker = data->file->offset; - next_marker += grub_jpeg_get_word (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - if (next_marker > data->file->size) - { -@@ -269,6 +299,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data) - <= next_marker) - { - id = grub_jpeg_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - if (id >= 0x10) /* Upper 4-bit is precision. */ - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "jpeg: only 8-bit precision is supported"); -@@ -300,6 +332,9 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) - next_marker = data->file->offset; - next_marker += grub_jpeg_get_word (data); - -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; -+ - if (grub_jpeg_get_byte (data) != 8) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "jpeg: only 8-bit precision is supported"); -@@ -325,6 +360,8 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index"); - - ss = grub_jpeg_get_byte (data); /* Sampling factor. */ -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - if (!id) - { - grub_uint8_t vs, hs; -@@ -504,7 +541,7 @@ grub_jpeg_idct_transform (jpeg_data_unit_t du) - } - } - --static void -+static grub_err_t - grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) - { - int h1, h2, qt; -@@ -519,6 +556,9 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) - data->dc_value[id] += - grub_jpeg_get_number (data, grub_jpeg_get_huff_code (data, h1)); - -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; -+ - du[0] = data->dc_value[id] * (int) data->quan_table[qt][0]; - pos = 1; - while (pos < ARRAY_SIZE (data->quan_table[qt])) -@@ -533,11 +573,13 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) - num >>= 4; - pos += num; - -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; -+ - if (pos >= ARRAY_SIZE (jpeg_zigzag_order)) - { -- grub_error (GRUB_ERR_BAD_FILE_TYPE, -- "jpeg: invalid position in zigzag order!?"); -- return; -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: invalid position in zigzag order!?"); - } - - du[jpeg_zigzag_order[pos]] = val * (int) data->quan_table[qt][pos]; -@@ -545,6 +587,7 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) - } - - grub_jpeg_idct_transform (du); -+ return GRUB_ERR_NONE; - } - - static void -@@ -603,7 +646,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) - data_offset += grub_jpeg_get_word (data); - - cc = grub_jpeg_get_byte (data); -- -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - if (cc != 3 && cc != 1) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "jpeg: component count must be 1 or 3"); -@@ -616,7 +660,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) - id = grub_jpeg_get_byte (data) - 1; - if ((id < 0) || (id >= 3)) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index"); -- -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - ht = grub_jpeg_get_byte (data); - data->comp_index[id][1] = (ht >> 4); - data->comp_index[id][2] = (ht & 0xF) + 2; -@@ -624,11 +669,14 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) - if ((data->comp_index[id][1] < 0) || (data->comp_index[id][1] > 3) || - (data->comp_index[id][2] < 0) || (data->comp_index[id][2] > 3)) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid hufftable index"); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - } - - grub_jpeg_get_byte (data); /* Skip 3 unused bytes. */ - grub_jpeg_get_word (data); -- -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - if (data->file->offset != data_offset) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos"); - -@@ -646,6 +694,7 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) - { - unsigned c1, vb, hb, nr1, nc1; - int rst = data->dri; -+ grub_err_t err = GRUB_ERR_NONE; - - vb = 8 << data->log_vs; - hb = 8 << data->log_hs; -@@ -666,17 +715,22 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) - - for (r2 = 0; r2 < (1U << data->log_vs); r2++) - for (c2 = 0; c2 < (1U << data->log_hs); c2++) -- grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]); -+ { -+ err = grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ } - - if (data->color_components >= 3) - { -- grub_jpeg_decode_du (data, 1, data->cbdu); -- grub_jpeg_decode_du (data, 2, data->crdu); -+ err = grub_jpeg_decode_du (data, 1, data->cbdu); -+ if (err != GRUB_ERR_NONE) -+ return err; -+ err = grub_jpeg_decode_du (data, 2, data->crdu); -+ if (err != GRUB_ERR_NONE) -+ return err; - } - -- if (grub_errno) -- return grub_errno; -- - nr2 = (data->r1 == nr1 - 1) ? (data->image_height - data->r1 * vb) : vb; - nc2 = (c1 == nc1 - 1) ? (data->image_width - c1 * hb) : hb; - --- -cgit v1.1 - diff --git a/backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch b/backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch deleted file mode 100644 index 6d260fed38b270bb93eb4bab24ed2ba65afbdb06..0000000000000000000000000000000000000000 --- a/backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Wed, 7 Jul 2021 15:38:19 +1000 -Subject: video/readers/jpeg: Block int underflow -> wild pointer write - -Certain 1 px wide images caused a wild pointer write in -grub_jpeg_ycrcb_to_rgb(). This was caused because in grub_jpeg_decode_data(), -we have the following loop: - -for (; data->r1 < nr1 && (!data->dri || rst); - data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) - -We did not check if vb * width >= hb * nc1. - -On a 64-bit platform, if that turns out to be negative, it will underflow, -be interpreted as unsigned 64-bit, then be added to the 64-bit pointer, so -we see data->bitmap_ptr jump, e.g.: - -0x6180_0000_0480 to -0x6181_0000_0498 - ^ - ~--- carry has occurred and this pointer is now far away from - any object. - -On a 32-bit platform, it will decrement the pointer, creating a pointer -that won't crash but will overwrite random data. - -Catch the underflow and error out. - -Fixes: CVE-2021-3697 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/jpeg.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c -index 579bbe8..09596fb 100644 ---- a/grub-core/video/readers/jpeg.c -+++ b/grub-core/video/readers/jpeg.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -699,6 +700,7 @@ static grub_err_t - grub_jpeg_decode_data (struct grub_jpeg_data *data) - { - unsigned c1, vb, hb, nr1, nc1; -+ unsigned stride_a, stride_b, stride; - int rst = data->dri; - grub_err_t err = GRUB_ERR_NONE; - -@@ -711,8 +713,14 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "jpeg: attempted to decode data before start of stream"); - -+ if (grub_mul(vb, data->image_width, &stride_a) || -+ grub_mul(hb, nc1, &stride_b) || -+ grub_sub(stride_a, stride_b, &stride)) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: cannot decode image with these dimensions"); -+ - for (; data->r1 < nr1 && (!data->dri || rst); -- data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) -+ data->r1++, data->bitmap_ptr += stride * 3) - for (c1 = 0; c1 < nc1 && (!data->dri || rst); - c1++, rst--, data->bitmap_ptr += hb * 3) - { --- -cgit v1.1 - diff --git a/backport-video-readers-jpeg-Do-not-reallocate-a-given.patch b/backport-video-readers-jpeg-Do-not-reallocate-a-given.patch deleted file mode 100644 index fc862b3acf734cc2267811149e919bc23beb97e1..0000000000000000000000000000000000000000 --- a/backport-video-readers-jpeg-Do-not-reallocate-a-given.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 768ef2199e0265cf455b154f1a80a612f02274c8 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 28 Jun 2021 14:16:58 +1000 -Subject: video/readers/jpeg: Do not reallocate a given huff table - -Fix a memory leak where an invalid file could cause us to reallocate -memory for a huffman table we had already allocated memory for. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=768ef2199e0265cf455b154f1a80a612f02274c8 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/jpeg.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c -index 806c56c..2284a6c 100644 ---- a/grub-core/video/readers/jpeg.c -+++ b/grub-core/video/readers/jpeg.c -@@ -251,6 +251,9 @@ grub_jpeg_decode_huff_table (struct grub_jpeg_data *data) - n += count[i]; - - id += ac * 2; -+ if (data->huff_value[id] != NULL) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: attempt to reallocate huffman table"); - data->huff_value[id] = grub_malloc (n); - if (grub_errno) - return grub_errno; --- -cgit v1.1 - diff --git a/backport-video-readers-jpeg-Refuse-to-handle-multiple.patch b/backport-video-readers-jpeg-Refuse-to-handle-multiple.patch deleted file mode 100644 index 3b3f381388631660d5df994773c43c27b333672c..0000000000000000000000000000000000000000 --- a/backport-video-readers-jpeg-Refuse-to-handle-multiple.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 166a4d61448f74745afe1dac2f2cfb85d04909bf Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Mon, 28 Jun 2021 14:25:17 +1000 -Subject: video/readers/jpeg: Refuse to handle multiple start of streams - -An invalid file could contain multiple start of stream blocks, which -would cause us to reallocate and leak our bitmap. Refuse to handle -multiple start of streams. - -Additionally, fix a grub_error() call formatting. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=166a4d61448f74745afe1dac2f2cfb85d04909bf -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/jpeg.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c -index 2284a6c..579bbe8 100644 ---- a/grub-core/video/readers/jpeg.c -+++ b/grub-core/video/readers/jpeg.c -@@ -683,6 +683,9 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) - if (data->file->offset != data_offset) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos"); - -+ if (*data->bitmap) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: too many start of scan blocks"); -+ - if (grub_video_bitmap_create (data->bitmap, data->image_width, - data->image_height, - GRUB_VIDEO_BLIT_FORMAT_RGB_888)) -@@ -705,8 +708,8 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) - nc1 = (data->image_width + hb - 1) >> (3 + data->log_hs); - - if (data->bitmap_ptr == NULL) -- return grub_error(GRUB_ERR_BAD_FILE_TYPE, -- "jpeg: attempted to decode data before start of stream"); -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "jpeg: attempted to decode data before start of stream"); - - for (; data->r1 < nr1 && (!data->dri || rst); - data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) --- -cgit v1.1 - diff --git a/backport-video-readers-png-Abort-sooner-if-a-read.patch b/backport-video-readers-png-Abort-sooner-if-a-read.patch deleted file mode 100644 index 049d2922f19bcc2ce0deb9e5c974a66fbae73985..0000000000000000000000000000000000000000 --- a/backport-video-readers-png-Abort-sooner-if-a-read.patch +++ /dev/null @@ -1,203 +0,0 @@ -From 5bff31cdb6b93d738f850834e6291df1d0b136fa Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 6 Jul 2021 14:02:55 +1000 -Subject: video/readers/png: Abort sooner if a read operation fails - -Fuzzing revealed some inputs that were taking a long time, potentially -forever, because they did not bail quickly upon encountering an I/O error. - -Try to catch I/O errors sooner and bail out. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=5bff31cdb6b93d738f850834e6291df1d0b136fa -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/png.c | 55 ++++++++++++++++++++++++++++++++++++------- - 1 file changed, 47 insertions(+), 8 deletions(-) - -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index 54dfedf..d715c46 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -142,6 +142,7 @@ static grub_uint8_t - grub_png_get_byte (struct grub_png_data *data) - { - grub_uint8_t r; -+ grub_ssize_t bytes_read = 0; - - if ((data->inside_idat) && (data->idat_remain == 0)) - { -@@ -175,7 +176,14 @@ grub_png_get_byte (struct grub_png_data *data) - } - - r = 0; -- grub_file_read (data->file, &r, 1); -+ bytes_read = grub_file_read (data->file, &r, 1); -+ -+ if (bytes_read != 1) -+ { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "png: unexpected end of data"); -+ return 0; -+ } - - if (data->inside_idat) - data->idat_remain--; -@@ -231,15 +239,16 @@ grub_png_decode_image_palette (struct grub_png_data *data, - if (len == 0) - return GRUB_ERR_NONE; - -- for (i = 0; 3 * i < len && i < 256; i++) -+ grub_errno = GRUB_ERR_NONE; -+ for (i = 0; 3 * i < len && i < 256 && grub_errno == GRUB_ERR_NONE; i++) - for (j = 0; j < 3; j++) - data->palette[i][j] = grub_png_get_byte (data); -- for (i *= 3; i < len; i++) -+ for (i *= 3; i < len && grub_errno == GRUB_ERR_NONE; i++) - grub_png_get_byte (data); - - grub_png_get_dword (data); - -- return GRUB_ERR_NONE; -+ return grub_errno; - } - - static grub_err_t -@@ -256,9 +265,13 @@ grub_png_decode_image_header (struct grub_png_data *data) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, "png: invalid image size"); - - color_bits = grub_png_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - data->is_16bit = (color_bits == 16); - - color_type = grub_png_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - /* According to PNG spec, no other types are valid. */ - if ((color_type & ~(PNG_COLOR_MASK_ALPHA | PNG_COLOR_MASK_COLOR)) -@@ -340,14 +353,20 @@ grub_png_decode_image_header (struct grub_png_data *data) - if (grub_png_get_byte (data) != PNG_COMPRESSION_BASE) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "png: compression method not supported"); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - if (grub_png_get_byte (data) != PNG_FILTER_TYPE_BASE) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "png: filter method not supported"); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - if (grub_png_get_byte (data) != PNG_INTERLACE_NONE) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "png: interlace method not supported"); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - /* Skip crc checksum. */ - grub_png_get_dword (data); -@@ -449,7 +468,7 @@ grub_png_get_huff_code (struct grub_png_data *data, struct huff_table *ht) - int code, i; - - code = 0; -- for (i = 0; i < ht->max_length; i++) -+ for (i = 0; i < ht->max_length && grub_errno == GRUB_ERR_NONE; i++) - { - code = (code << 1) + grub_png_get_bits (data, 1); - if (code < ht->maxval[i]) -@@ -504,8 +523,14 @@ grub_png_init_dynamic_block (struct grub_png_data *data) - grub_uint8_t lens[DEFLATE_HCLEN_MAX]; - - nl = DEFLATE_HLIT_BASE + grub_png_get_bits (data, 5); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - nd = DEFLATE_HDIST_BASE + grub_png_get_bits (data, 5); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - nb = DEFLATE_HCLEN_BASE + grub_png_get_bits (data, 4); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - if ((nl > DEFLATE_HLIT_MAX) || (nd > DEFLATE_HDIST_MAX) || - (nb > DEFLATE_HCLEN_MAX)) -@@ -533,7 +558,7 @@ grub_png_init_dynamic_block (struct grub_png_data *data) - data->dist_offset); - - prev = 0; -- for (i = 0; i < nl + nd; i++) -+ for (i = 0; i < nl + nd && grub_errno == GRUB_ERR_NONE; i++) - { - int n, code; - struct huff_table *ht; -@@ -721,17 +746,21 @@ grub_png_read_dynamic_block (struct grub_png_data *data) - len = cplens[n]; - if (cplext[n]) - len += grub_png_get_bits (data, cplext[n]); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - n = grub_png_get_huff_code (data, &data->dist_table); - dist = cpdist[n]; - if (cpdext[n]) - dist += grub_png_get_bits (data, cpdext[n]); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - pos = data->wp - dist; - if (pos < 0) - pos += WSIZE; - -- while (len > 0) -+ while (len > 0 && grub_errno == GRUB_ERR_NONE) - { - data->slide[data->wp] = data->slide[pos]; - grub_png_output_byte (data, data->slide[data->wp]); -@@ -759,7 +788,11 @@ grub_png_decode_image_data (struct grub_png_data *data) - int final; - - cmf = grub_png_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - flg = grub_png_get_byte (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - if ((cmf & 0xF) != Z_DEFLATED) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, -@@ -774,7 +807,11 @@ grub_png_decode_image_data (struct grub_png_data *data) - int block_type; - - final = grub_png_get_bits (data, 1); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - block_type = grub_png_get_bits (data, 2); -+ if (grub_errno != GRUB_ERR_NONE) -+ return grub_errno; - - switch (block_type) - { -@@ -790,7 +827,7 @@ grub_png_decode_image_data (struct grub_png_data *data) - grub_png_get_byte (data); - grub_png_get_byte (data); - -- for (i = 0; i < len; i++) -+ for (i = 0; i < len && grub_errno == GRUB_ERR_NONE; i++) - grub_png_output_byte (data, grub_png_get_byte (data)); - - break; -@@ -1045,6 +1082,8 @@ grub_png_decode_png (struct grub_png_data *data) - - len = grub_png_get_dword (data); - type = grub_png_get_dword (data); -+ if (grub_errno != GRUB_ERR_NONE) -+ break; - data->next_offset = data->file->offset + len + 4; - - switch (type) --- -cgit v1.1 - diff --git a/backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch b/backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch deleted file mode 100644 index 9f7eae64b80f564c1128c9c6b375b575f26c8dba..0000000000000000000000000000000000000000 --- a/backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 210245129c932dc9e1c2748d9d35524fb95b5042 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 6 Jul 2021 23:25:07 +1000 -Subject: video/readers/png: Avoid heap OOB R/W inserting huff table items - -In fuzzing we observed crashes where a code would attempt to be inserted -into a huffman table before the start, leading to a set of heap OOB reads -and writes as table entries with negative indices were shifted around and -the new code written in. - -Catch the case where we would underflow the array and bail. - -Fixes: CVE-2021-3696 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=210245129c932dc9e1c2748d9d35524fb95b5042 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/png.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index a3161e2..d7ed5aa 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -438,6 +438,13 @@ grub_png_insert_huff_item (struct huff_table *ht, int code, int len) - for (i = len; i < ht->max_length; i++) - n += ht->maxval[i]; - -+ if (n > ht->num_values) -+ { -+ grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "png: out of range inserting huffman table item"); -+ return; -+ } -+ - for (i = 0; i < n; i++) - ht->values[ht->num_values - i] = ht->values[ht->num_values - i - 1]; - --- -cgit v1.1 - diff --git a/backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch b/backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch deleted file mode 100644 index e42c0decb3f9a6184a42dc6142661f647cb209da..0000000000000000000000000000000000000000 --- a/backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch +++ /dev/null @@ -1,174 +0,0 @@ -From e623866d9286410156e8b9d2c82d6253a1b22d08 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 6 Jul 2021 18:51:35 +1000 -Subject: video/readers/png: Drop greyscale support to fix heap out-of-bounds - write - -A 16-bit greyscale PNG without alpha is processed in the following loop: - - for (i = 0; i < (data->image_width * data->image_height); - i++, d1 += 4, d2 += 2) - { - d1[R3] = d2[1]; - d1[G3] = d2[1]; - d1[B3] = d2[1]; - } - -The increment of d1 is wrong. d1 is incremented by 4 bytes per iteration, -but there are only 3 bytes allocated for storage. This means that image -data will overwrite somewhat-attacker-controlled parts of memory - 3 bytes -out of every 4 following the end of the image. - -This has existed since greyscale support was added in 2013 in commit -3ccf16dff98f (grub-core/video/readers/png.c: Support grayscale). - -Saving starfield.png as a 16-bit greyscale image without alpha in the gimp -and attempting to load it causes grub-emu to crash - I don't think this code -has ever worked. - -Delete all PNG greyscale support. - -Fixes: CVE-2021-3695 - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e623866d9286410156e8b9d2c82d6253a1b22d08 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/png.c | 87 +++-------------------------------- - 1 file changed, 7 insertions(+), 80 deletions(-) - -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index 8955b8e..ccc2e36 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -100,7 +100,7 @@ struct grub_png_data - - unsigned image_width, image_height; - int bpp, is_16bit; -- int raw_bytes, is_gray, is_alpha, is_palette; -+ int raw_bytes, is_alpha, is_palette; - int row_bytes, color_bits; - grub_uint8_t *image_data; - -@@ -296,13 +296,13 @@ grub_png_decode_image_header (struct grub_png_data *data) - data->bpp = 3; - else - { -- data->is_gray = 1; -- data->bpp = 1; -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "png: color type not supported"); - } - - if ((color_bits != 8) && (color_bits != 16) - && (color_bits != 4 -- || !(data->is_gray || data->is_palette))) -+ || !data->is_palette)) - return grub_error (GRUB_ERR_BAD_FILE_TYPE, - "png: bit depth must be 8 or 16"); - -@@ -331,7 +331,7 @@ grub_png_decode_image_header (struct grub_png_data *data) - } - - #ifndef GRUB_CPU_WORDS_BIGENDIAN -- if (data->is_16bit || data->is_gray || data->is_palette) -+ if (data->is_16bit || data->is_palette) - #endif - { - data->image_data = grub_calloc (data->image_height, data->row_bytes); -@@ -899,27 +899,8 @@ grub_png_convert_image (struct grub_png_data *data) - int shift; - int mask = (1 << data->color_bits) - 1; - unsigned j; -- if (data->is_gray) -- { -- /* Generic formula is -- (0xff * i) / ((1U << data->color_bits) - 1) -- but for allowed bit depth of 1, 2 and for it's -- equivalent to -- (0xff / ((1U << data->color_bits) - 1)) * i -- Precompute the multipliers to avoid division. -- */ -- -- const grub_uint8_t multipliers[5] = { 0xff, 0xff, 0x55, 0x24, 0x11 }; -- for (i = 0; i < (1U << data->color_bits); i++) -- { -- grub_uint8_t col = multipliers[data->color_bits] * i; -- palette[i][0] = col; -- palette[i][1] = col; -- palette[i][2] = col; -- } -- } -- else -- grub_memcpy (palette, data->palette, 3 << data->color_bits); -+ -+ grub_memcpy (palette, data->palette, 3 << data->color_bits); - d1c = d1; - d2c = d2; - for (j = 0; j < data->image_height; j++, d1c += data->image_width * 3, -@@ -957,60 +938,6 @@ grub_png_convert_image (struct grub_png_data *data) - return; - } - -- if (data->is_gray) -- { -- switch (data->bpp) -- { -- case 4: -- /* 16-bit gray with alpha. */ -- for (i = 0; i < (data->image_width * data->image_height); -- i++, d1 += 4, d2 += 4) -- { -- d1[R4] = d2[3]; -- d1[G4] = d2[3]; -- d1[B4] = d2[3]; -- d1[A4] = d2[1]; -- } -- break; -- case 2: -- if (data->is_16bit) -- /* 16-bit gray without alpha. */ -- { -- for (i = 0; i < (data->image_width * data->image_height); -- i++, d1 += 4, d2 += 2) -- { -- d1[R3] = d2[1]; -- d1[G3] = d2[1]; -- d1[B3] = d2[1]; -- } -- } -- else -- /* 8-bit gray with alpha. */ -- { -- for (i = 0; i < (data->image_width * data->image_height); -- i++, d1 += 4, d2 += 2) -- { -- d1[R4] = d2[1]; -- d1[G4] = d2[1]; -- d1[B4] = d2[1]; -- d1[A4] = d2[0]; -- } -- } -- break; -- /* 8-bit gray without alpha. */ -- case 1: -- for (i = 0; i < (data->image_width * data->image_height); -- i++, d1 += 3, d2++) -- { -- d1[R3] = d2[0]; -- d1[G3] = d2[0]; -- d1[B3] = d2[0]; -- } -- break; -- } -- return; -- } -- - { - /* Only copy the upper 8 bit. */ - #ifndef GRUB_CPU_WORDS_BIGENDIAN --- -2.19.1 - diff --git a/backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch b/backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch deleted file mode 100644 index 88d8bff0b3384a810a2047f4971c83c9efb261ea..0000000000000000000000000000000000000000 --- a/backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 347880a13c239b4c2811c94c9a7cf78b607332e3 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 6 Jul 2021 14:13:40 +1000 -Subject: video/readers/png: Refuse to handle multiple image headers - -This causes the bitmap to be leaked. Do not permit multiple image headers. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=347880a13c239b4c2811c94c9a7cf78b607332e3 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/png.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index d715c46..35ae553 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -258,6 +258,9 @@ grub_png_decode_image_header (struct grub_png_data *data) - int color_bits; - enum grub_video_blit_format blt; - -+ if (data->image_width || data->image_height) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "png: two image headers found"); -+ - data->image_width = grub_png_get_dword (data); - data->image_height = grub_png_get_dword (data); - --- -cgit v1.1 - diff --git a/backport-video-readers-png-Sanity-check-some-huffman-codes.patch b/backport-video-readers-png-Sanity-check-some-huffman-codes.patch deleted file mode 100644 index 3961eeaf7b14c7f944679db872c8baf03caca73f..0000000000000000000000000000000000000000 --- a/backport-video-readers-png-Sanity-check-some-huffman-codes.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 690bee69fae6b4bd911293d6b7e56774e29fdf64 Mon Sep 17 00:00:00 2001 -From: Daniel Axtens -Date: Tue, 6 Jul 2021 19:19:11 +1000 -Subject: video/readers/png: Sanity check some huffman codes - -ASAN picked up two OOB global reads: we weren't checking if some code -values fit within the cplens or cpdext arrays. Check and throw an error -if not. - -Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=690bee69fae6b4bd911293d6b7e56774e29fdf64 -Conflict:NA - -Signed-off-by: Daniel Axtens -Reviewed-by: Daniel Kiper ---- - grub-core/video/readers/png.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c -index d7ed5aa..7f2ba78 100644 ---- a/grub-core/video/readers/png.c -+++ b/grub-core/video/readers/png.c -@@ -753,6 +753,9 @@ grub_png_read_dynamic_block (struct grub_png_data *data) - int len, dist, pos; - - n -= 257; -+ if (((unsigned int) n) >= ARRAY_SIZE (cplens)) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "png: invalid huff code"); - len = cplens[n]; - if (cplext[n]) - len += grub_png_get_bits (data, cplext[n]); -@@ -760,6 +763,9 @@ grub_png_read_dynamic_block (struct grub_png_data *data) - return grub_errno; - - n = grub_png_get_huff_code (data, &data->dist_table); -+ if (((unsigned int) n) >= ARRAY_SIZE (cpdist)) -+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, -+ "png: invalid huff code"); - dist = cpdist[n]; - if (cpdext[n]) - dist += grub_png_get_bits (data, cpdext[n]); --- -cgit v1.1 - diff --git a/disable-some-unsupported-filesystems.patch b/disable-some-unsupported-filesystems.patch deleted file mode 100644 index 5cf489ac472500980e9fea51272514829c3a37c7..0000000000000000000000000000000000000000 --- a/disable-some-unsupported-filesystems.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 5d3654738c78291a2252eec2fdee9cd4b6c9c2f4 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Thu, 2 Feb 2023 14:37:52 +0800 -Subject: [PATCH] disable some unsupported filesystems - -Signed-off-by: Qiumiao Zhang ---- - Makefile.util.def | 17 ----------------- - 1 file changed, 17 deletions(-) - -diff --git a/Makefile.util.def b/Makefile.util.def -index b7a6311..de156f9 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -95,9 +95,6 @@ library = { - common = grub-core/video/colors.c; - common = grub-core/unidata.c; - common = grub-core/io/bufio.c; -- common = grub-core/fs/affs.c; -- common = grub-core/fs/afs.c; -- common = grub-core/fs/bfs.c; - common = grub-core/fs/btrfs.c; - common = grub-core/fs/cbfs.c; - common = grub-core/fs/cpio.c; -@@ -113,25 +110,11 @@ library = { - common = grub-core/fs/hfsplus.c; - common = grub-core/fs/hfspluscomp.c; - common = grub-core/fs/iso9660.c; -- common = grub-core/fs/jfs.c; -- common = grub-core/fs/minix.c; -- common = grub-core/fs/minix2.c; -- common = grub-core/fs/minix3.c; -- common = grub-core/fs/minix_be.c; -- common = grub-core/fs/minix2_be.c; -- common = grub-core/fs/minix3_be.c; -- common = grub-core/fs/nilfs2.c; - common = grub-core/fs/ntfs.c; - common = grub-core/fs/ntfscomp.c; -- common = grub-core/fs/reiserfs.c; -- common = grub-core/fs/romfs.c; -- common = grub-core/fs/sfs.c; - common = grub-core/fs/squash4.c; - common = grub-core/fs/tar.c; - common = grub-core/fs/udf.c; -- common = grub-core/fs/ufs2.c; -- common = grub-core/fs/ufs.c; -- common = grub-core/fs/ufs_be.c; - common = grub-core/fs/xfs.c; - common = grub-core/fs/zfs/zfscrypt.c; - common = grub-core/fs/zfs/zfs.c; --- -2.27.0 - diff --git a/fix-compressed-kernel-verification-failed.patch b/fix-compressed-kernel-verification-failed.patch deleted file mode 100644 index e02cf099418762da367890642e5de234871070b1..0000000000000000000000000000000000000000 --- a/fix-compressed-kernel-verification-failed.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 0a73812b9ba12f8af4909b952751d6d5f4fd2dd2 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Sat, 23 Jul 2022 19:54:34 +0800 -Subject: [PATCH] fix compressed kernel verification failed - -Signed-off-by: Yusong Gao ---- - include/grub/file.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/grub/file.h b/include/grub/file.h -index 96827a4..b956dbb 100644 ---- a/include/grub/file.h -+++ b/include/grub/file.h -@@ -180,10 +180,10 @@ extern grub_disk_read_hook_t EXPORT_VAR(grub_file_progress_hook); - /* Filters with lower ID are executed first. */ - typedef enum grub_file_filter_id - { -- GRUB_FILE_FILTER_VERIFY, - GRUB_FILE_FILTER_GZIO, - GRUB_FILE_FILTER_XZIO, - GRUB_FILE_FILTER_LZOPIO, -+ GRUB_FILE_FILTER_VERIFY, - GRUB_FILE_FILTER_MAX, - GRUB_FILE_FILTER_COMPRESSION_FIRST = GRUB_FILE_FILTER_GZIO, - GRUB_FILE_FILTER_COMPRESSION_LAST = GRUB_FILE_FILTER_LZOPIO, --- -2.27.0 - diff --git a/fix-setupmode-not-available-in-some-machine.patch b/fix-setupmode-not-available-in-some-machine.patch deleted file mode 100644 index bfa78299248625576bf91b324e42b0cc70179647..0000000000000000000000000000000000000000 --- a/fix-setupmode-not-available-in-some-machine.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 4fc72f509627da808b452eb1186282237c449b65 Mon Sep 17 00:00:00 2001 -From: fengtao -Date: Tue, 22 Mar 2022 22:22:22 +0800 -Subject: [PATCH] fix setupmode not available in some machine - -In some machine, there is no setupmode variable, so we should -give setupmode a default vaule: setup_mode = 0 - -if we cannot get setupmode variable, we use setup_mode instead. - ---- - grub-core/kern/efi/sb.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c -index c52ec62..f58fb13 100644 ---- a/grub-core/kern/efi/sb.c -+++ b/grub-core/kern/efi/sb.c -@@ -50,6 +50,7 @@ grub_efi_get_secureboot (void) - grub_uint8_t *moksbstate = NULL; - grub_uint8_t secureboot = GRUB_EFI_SECUREBOOT_MODE_UNKNOWN; - const char *secureboot_str = "UNKNOWN"; -+ grub_uint8_t setup_mode = 0; - - status = grub_efi_get_variable ("SecureBoot", &efi_variable_guid, - &size, (void **) &secboot); -@@ -67,9 +68,16 @@ grub_efi_get_secureboot (void) - &size, (void **) &setupmode); - - if (status != GRUB_EFI_SUCCESS) -- goto out; -+ { -+ grub_dprintf ("efi", "No SetupMode variable\n"); -+ } -+ else -+ { -+ grub_dprintf ("efi", "SetupMode: %d\n", *setupmode); -+ setup_mode = *setupmode; -+ } - -- if ((*secboot == 0) || (*setupmode == 1)) -+ if ((*secboot == 0) || (setup_mode == 1)) - { - secureboot = GRUB_EFI_SECUREBOOT_MODE_DISABLED; - goto out; --- -2.23.0 - diff --git a/grub-2.06.tar.xz b/grub-2.12.tar.xz similarity index 47% rename from grub-2.06.tar.xz rename to grub-2.12.tar.xz index a6a9c6dcb110f96560af778f89e7f64d67417679..9295544c27d42b29f1401817e4d045d7b4ba421f 100644 Binary files a/grub-2.06.tar.xz and b/grub-2.12.tar.xz differ diff --git a/grub.patches b/grub.patches index dc63a93f7f6be8a9c84e5cbde5705a1b57629859..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 100644 --- a/grub.patches +++ b/grub.patches @@ -1,345 +0,0 @@ -Patch0001: 0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch -Patch0002: 0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch -Patch0003: 0003-Revert-templates-Disable-the-os-prober-by-default.patch -Patch0004: 0004-Add-support-for-Linux-EFI-stub-loading.patch -Patch0005: 0005-Rework-linux-command.patch -Patch0006: 0006-Rework-linux16-command.patch -Patch0007: 0007-Add-secureboot-support-on-efi-chainloader.patch -Patch0008: 0008-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch -Patch0009: 0009-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch -Patch0010: 0010-re-write-.gitignore.patch -Patch0011: 0011-IBM-client-architecture-CAS-reboot-support.patch -Patch0012: 0012-for-ppc-reset-console-display-attr-when-clear-screen.patch -Patch0013: 0013-Disable-GRUB-video-support-for-IBM-power-machines.patch -Patch0014: 0014-Move-bash-completion-script-922997.patch -Patch0015: 0015-Allow-fallback-to-include-entries-by-title-not-just-.patch -Patch0016: 0016-Make-exit-take-a-return-code.patch -Patch0017: 0017-Make-efi-machines-load-an-env-block-from-a-variable.patch -Patch0018: 0018-Migrate-PPC-from-Yaboot-to-Grub2.patch -Patch0019: 0019-Add-fw_path-variable-revised.patch -Patch0020: 0020-Pass-x-hex-hex-straight-through-unmolested.patch -Patch0021: 0021-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch -Patch0022: 0022-Add-devicetree-loading.patch -Patch0023: 0023-Enable-pager-by-default.-985860.patch -Patch0024: 0024-Don-t-say-GNU-Linux-in-generated-menus.patch -Patch0025: 0025-Add-.eh_frame-to-list-of-relocations-stripped.patch -Patch0026: 0026-Don-t-require-a-password-to-boot-entries-generated-b.patch -Patch0027: 0027-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch -Patch0028: 0028-use-fw_path-prefix-when-fallback-searching-for-grub-.patch -Patch0029: 0029-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch -Patch0030: 0030-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch -Patch0031: 0031-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch -Patch0032: 0032-Try-prefix-if-fw_path-doesn-t-work.patch -Patch0033: 0033-Use-rpm-s-sort-for-grub2-mkconfig.patch -Patch0034: 0034-Make-grub2-mkconfig-construct-titles-that-look-like-.patch -Patch0035: 0035-Add-friendly-grub2-password-config-tool-985962.patch -Patch0036: 0036-tcp-add-window-scaling-support.patch -Patch0037: 0037-efinet-and-bootp-add-support-for-dhcpv6.patch -Patch0038: 0038-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch -Patch0039: 0039-bz1374141-fix-incorrect-mask-for-ppc64.patch -Patch0040: 0040-Make-grub_fatal-also-backtrace.patch -Patch0041: 0041-Fix-up-some-man-pages-rpmdiff-noticed.patch -Patch0042: 0042-Make-our-info-pages-say-grub2-where-appropriate.patch -Patch0043: 0043-macos-just-build-chainloader-entries-don-t-try-any-x.patch -Patch0044: 0044-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch -Patch0045: 0045-export-btrfs_subvol-and-btrfs_subvolid.patch -Patch0046: 0046-grub2-btrfs-03-follow_default.patch -Patch0047: 0047-grub2-btrfs-04-grub2-install.patch -Patch0048: 0048-grub2-btrfs-05-grub2-mkconfig.patch -Patch0049: 0049-grub2-btrfs-06-subvol-mount.patch -Patch0050: 0050-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch -Patch0051: 0051-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch -Patch0052: 0052-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch -Patch0053: 0053-Use-grub_efi_.-memory-helpers-where-reasonable.patch -Patch0054: 0054-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch -Patch0055: 0055-don-t-use-int-for-efi-status.patch -Patch0056: 0056-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch -Patch0057: 0057-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch -Patch0058: 0058-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch -Patch0059: 0059-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch -Patch0060: 0060-align-struct-efi_variable-better.patch -Patch0061: 0061-Add-BLS-support-to-grub-mkconfig.patch -Patch0062: 0062-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch -Patch0063: 0063-Add-linux-and-initrd-commands-for-grub-emu.patch -Patch0064: 0064-Add-grub2-switch-to-blscfg.patch -Patch0065: 0065-make-better-backtraces.patch -Patch0066: 0066-normal-don-t-draw-our-startup-message-if-debug-is-se.patch -Patch0067: 0067-Work-around-some-minor-include-path-weirdnesses.patch -Patch0068: 0068-Make-it-possible-to-enabled-build-id-sha1.patch -Patch0069: 0069-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch -Patch0070: 0070-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch -Patch0071: 0071-Fixup-for-newer-compiler.patch -Patch0072: 0072-Don-t-attempt-to-export-the-start-and-_start-symbols.patch -Patch0073: 0073-Fixup-for-newer-compiler.patch -Patch0074: 0074-Add-support-for-non-Ethernet-network-cards.patch -Patch0075: 0075-net-read-bracketed-ipv6-addrs-and-port-numbers.patch -Patch0076: 0076-bootp-New-net_bootp6-command.patch -Patch0077: 0077-efinet-UEFI-IPv6-PXE-support.patch -Patch0078: 0078-grub.texi-Add-net_bootp6-doument.patch -Patch0079: 0079-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch -Patch0080: 0080-efinet-Setting-network-from-UEFI-device-path.patch -Patch0081: 0081-efinet-Setting-DNS-server-from-UEFI-protocol.patch -Patch0082: 0082-Support-UEFI-networking-protocols.patch -Patch0083: 0083-AUDIT-0-http-boot-tracker-bug.patch -Patch0084: 0084-grub-editenv-Add-incr-command-to-increment-integer-v.patch -Patch0085: 0085-Add-auto-hide-menu-support.patch -Patch0086: 0086-Add-grub-set-bootflag-utility.patch -Patch0087: 0087-docs-Add-grub-boot-indeterminate.service-example.patch -Patch0088: 0088-gentpl-add-disable-support.patch -Patch0089: 0089-gentpl-add-pc-firmware-type.patch -Patch0090: 0090-efinet-also-use-the-firmware-acceleration-for-http.patch -Patch0091: 0091-efi-http-Make-root_url-reflect-the-protocol-hostname.patch -Patch0092: 0092-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch -Patch0093: 0093-module-verifier-make-it-possible-to-run-checkers-on-.patch -Patch0094: 0094-Rework-how-the-fdt-command-builds.patch -Patch0095: 0095-Disable-non-wordsize-allocations-on-arm.patch -Patch0096: 0096-Prepend-prefix-when-HTTP-path-is-relative.patch -Patch0097: 0097-Make-grub_error-more-verbose.patch -Patch0098: 0098-Make-reset-an-alias-for-the-reboot-command.patch -Patch0099: 0099-Add-a-version-command.patch -Patch0100: 0100-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch -Patch0101: 0101-arm-arm64-loader-Better-memory-allocation-and-error-.patch -Patch0102: 0102-Try-to-pick-better-locations-for-kernel-and-initrd.patch -Patch0103: 0103-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch -Patch0104: 0104-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch -Patch0105: 0105-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch -Patch0106: 0106-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch -Patch0107: 0107-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch -Patch0108: 0108-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch -Patch0109: 0109-Fix-getroot.c-s-trampolines.patch -Patch0110: 0110-Do-not-allow-stack-trampolines-anywhere.patch -Patch0111: 0111-Reimplement-boot_counter.patch -Patch0112: 0112-Fix-menu-entry-selection-based-on-ID-and-title.patch -Patch0113: 0113-Make-the-menu-entry-users-option-argument-to-be-opti.patch -Patch0114: 0114-Add-efi-export-env-and-efi-load-env-commands.patch -Patch0115: 0115-Make-it-possible-to-subtract-conditions-from-debug.patch -Patch0116: 0116-Export-all-variables-from-the-initial-context-when-c.patch -Patch0117: 0117-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch -Patch0118: 0118-Fix-systemctl-kexec-exit-status-check.patch -Patch0119: 0119-Print-grub-emu-linux-loader-messages-as-debug.patch -Patch0120: 0120-Don-t-assume-that-boot-commands-will-only-return-on-.patch -Patch0121: 0121-Do-better-in-bootstrap.conf.patch -Patch0122: 0122-Use-git-to-apply-gnulib-patches.patch -Patch0123: 0123-grub-set-bootflag-Update-comment-about-running-as-ro.patch -Patch0124: 0124-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch -Patch0125: 0125-grub.d-Fix-boot_indeterminate-getting-set-on-boot_su.patch -Patch0126: 0126-Add-start-symbol-for-RISC-V.patch -Patch0127: 0127-bootstrap.conf-Force-autogen.sh-to-use-python3.patch -Patch0128: 0128-efi-http-Export-fw-http-_path-variables-to-make-them.patch -Patch0129: 0129-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch -Patch0130: 0130-efi-net-Allow-to-specify-a-port-number-in-addresses.patch -Patch0131: 0131-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch -Patch0132: 0132-efi-net-Print-a-debug-message-if-parsing-the-address.patch -Patch0133: 0133-kern-term-Also-accept-F8-as-a-user-interrupt-key.patch -Patch0134: 0134-efi-Set-image-base-address-before-jumping-to-the-PE-.patch -Patch0135: 0135-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch -Patch0136: 0136-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch -Patch0137: 0137-http-Prepend-prefix-when-the-HTTP-path-is-relative-a.patch -Patch0138: 0138-Fix-a-missing-return-in-efi-export-env-and-efi-load-.patch -Patch0139: 0139-efi-dhcp-fix-some-allocation-error-checking.patch -Patch0140: 0140-efi-http-fix-some-allocation-error-checking.patch -Patch0141: 0141-efi-ip-46-_config.c-fix-some-potential-allocation-ov.patch -Patch0142: 0142-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch -Patch0143: 0143-linuxefi-fail-kernel-validation-without-shim-protoco.patch -Patch0144: 0144-Fix-const-char-pointers-in-grub-core-net-bootp.c.patch -Patch0145: 0145-Fix-const-char-pointers-in-grub-core-net-efi-ip4_con.patch -Patch0146: 0146-Fix-const-char-pointers-in-grub-core-net-efi-ip6_con.patch -Patch0147: 0147-Fix-const-char-pointers-in-grub-core-net-efi-net.c.patch -Patch0148: 0148-Fix-const-char-pointers-in-grub-core-net-efi-pxe.c.patch -Patch0149: 0149-Add-systemd-integration-scripts-to-make-systemctl-re.patch -Patch0150: 0150-systemd-integration.sh-Also-set-old-menu_show_once-g.patch -Patch0151: 0151-at_keyboard-use-set-1-when-keyboard-is-in-Translate-.patch -Patch0152: 0152-grub-install-disable-support-for-EFI-platforms.patch -Patch0153: 0153-New-with-debug-timestamps-configure-flag-to-prepend-.patch -Patch0154: 0154-Added-debug-statements-to-grub_disk_open-and-grub_di.patch -Patch0155: 0155-Introduce-function-grub_debug_is_enabled-void-return.patch -Patch0156: 0156-Don-t-clear-screen-when-debugging-is-enabled.patch -Patch0157: 0157-grub_file_-instrumentation-new-file-debug-tag.patch -Patch0158: 0158-ieee1275-Avoiding-many-unecessary-open-close.patch -Patch0159: 0159-ieee1275-powerpc-implements-fibre-channel-discovery-.patch -Patch0160: 0160-ieee1275-powerpc-enables-device-mapper-discovery.patch -Patch0161: 0161-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch -Patch0162: 0162-Add-suport-for-signing-grub-with-an-appended-signatu.patch -Patch0163: 0163-docs-grub-Document-signing-grub-under-UEFI.patch -Patch0164: 0164-docs-grub-Document-signing-grub-with-an-appended-sig.patch -Patch0165: 0165-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch -Patch0166: 0166-pgp-factor-out-rsa_pad.patch -Patch0167: 0167-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch -Patch0168: 0168-posix_wrap-tweaks-in-preparation-for-libtasn1.patch -Patch0169: 0169-libtasn1-import-libtasn1-4.16.0.patch -Patch0170: 0170-libtasn1-disable-code-not-needed-in-grub.patch -Patch0171: 0171-libtasn1-changes-for-grub-compatibility.patch -Patch0172: 0172-libtasn1-compile-into-asn1-module.patch -Patch0173: 0173-test_asn1-test-module-for-libtasn1.patch -Patch0174: 0174-grub-install-support-embedding-x509-certificates.patch -Patch0175: 0175-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch -Patch0176: 0176-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch -Patch0177: 0177-appended-signatures-support-verifying-appended-signa.patch -Patch0178: 0178-appended-signatures-verification-tests.patch -Patch0179: 0179-appended-signatures-documentation.patch -Patch0180: 0180-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch -Patch0181: 0181-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch -Patch0182: 0182-ieee1275-claim-more-memory.patch -Patch0183: 0183-ieee1275-request-memory-with-ibm-client-architecture.patch -Patch0184: 0184-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch -Patch0185: 0185-ieee1275-ofdisk-retry-on-open-failure.patch -Patch0186: 0186-Allow-chainloading-EFI-apps-from-loop-mounts.patch -Patch0187: 0187-efinet-Add-DHCP-proxy-support.patch -Patch0188: 0188-fs-ext2-Ignore-checksum-seed-incompat-feature.patch -Patch0189: 0189-Don-t-update-the-cmdline-when-generating-legacy-menu.patch -Patch0190: 0190-Suppress-gettext-error-message.patch -Patch0192: 0192-templates-Check-for-EFI-at-runtime-instead-of-config.patch -Patch0193: 0193-efi-Print-an-error-if-boot-to-firmware-setup-is-not-.patch -Patch0194: 0194-arm64-Fix-EFI-loader-kernel-image-allocation.patch -Patch0195: 0195-normal-main-Discover-the-device-to-read-the-config-f.patch -Patch0196: 0196-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch -Patch0197: 0197-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch -Patch0198: 0198-Print-module-name-on-license-check-failure.patch -Patch0199: 0199-powerpc-ieee1275-load-grub-at-4MB-not-2MB.patch -Patch0200: 0200-grub-mkconfig-restore-umask-for-grub.cfg.patch -Patch0201: 0201-fs-btrfs-Use-full-btrfs-bootloader-area.patch -Patch0202: grub2-set-password-prompts-to-enter-the-current-pass.patch -Patch0203: support-TPM2.0.patch -Patch0204: use-default-timestamp.patch -Patch0205: fix-setupmode-not-available-in-some-machine.patch -Patch0206: remove-08_fallback_counting.in-apply-grubby.patch -Patch0207: backport-grub-core-loader-i386-efi-linux.c-do-not-validate-ke.patch -Patch0208: backport-grub-core-loader-arm64-linux.c-do-not-validate-kerne.patch -Patch0209: backport-grub-core-loader-efi-chainloader.c-do-not-validate-c.patch -Patch0210: backport-grub-core-loader-efi-linux.c-drop-now-unused-grub_li.patch -Patch0211: backport-fix-null-pointer-dereference-when-paring-ICMP6_ROUTE.patch -Patch0212: backport-enable-http-and-https-boot.patch -Patch0213: backport-Avoid-Wsign-compare-in-rijndael-do_setkey.patch -Patch0214: backport-disk-ldm-Fix-resource-leak.patch -Patch0215: backport-io-gzio-Fix-possible-use-of-uninitialized-variable-in-huft_build.patch -Patch0216: backport-osdep-linux-Fix-md-array-device-enumeration.patch -Patch0217: backport-util-grub-fstest-Fix-resource-leaks-in-cmd_cmp.patch -Patch0218: backport-util-grub-install-common-Fix-memory-leak-in-copy_all.patch -Patch0219: backport-util-grub-mkfont-Fix-memory-leak-in-write_font_pf2.patch -Patch0220: backport-util-grub-mkrescue-Fix-memory-leak-in-write_part.patch -Patch0221: backport-double-grub-x86_64-efi-mm-pool.patch -Patch0222: backport-correct-closing-of-SNP-protocol.patch -Patch0223: backport-fix-misspelled-variable-BUILD_LDFAGS.patch -Patch0224: backport-Fix-partmap_test-for-arm-efi.patch -Patch0225: backport-util-resolve-Do-not-read-past-the-end-of-the-array-in-read_dep_list.patch -Patch0226: backport-fs-affs-Fix-resource-leaks.patch -Patch0227: backport-Revert-iee1275-datetime-Fix-off-by-1-error.patch -Patch0228: backport-commands-search-Fix-bug-stopping-iteration-when-no-floppy-is-used.patch -Patch0229: backport-mm-Temporarily-disable-grub_mm_debug-while-calling-grub_vprintf-in-grub_printf.patch -Patch0230: backport-net-Check-against-nb-tail-in-grub_netbuff_pull.patch -Patch0231: backport-kern-rescue_parser-Ensure-that-parser-allocated-memory-is-not-leaked.patch -Patch0232: backport-net-net-Fix-uninitialized-scalar-variable.patch -Patch0233: backport-net-arp-Fix-uninitialized-scalar-variable.patch -Patch0234: backport-loader-i386-pc-linux-Fix-uninitialized-scalar-variable.patch -Patch0235: backport-net-bootp-Fix-uninitialized-scalar-variable.patch -Patch0236: backport-loader-efi-chainloader-grub_load_and_start_image-doe.patch -Patch0237: backport-loader-efi-chainloader-Simplify-the-loader-state.patch -Patch0238: backport-commands-boot-Add-API-to-pass-context-to-loader.patch -Patch0239: backport-loader-efi-chainloader-Use-grub_loader_set_ex.patch -Patch0240: backport-loader-i386-efi-linux-Avoid-a-use-after-free-in-the-.patch -Patch0241: backport-loader-i386-efi-linux-Use-grub_loader_set_ex.patch -Patch0242: backport-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch -Patch0243: backport-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch -Patch0244: backport-kern-file-Do-not-leak-device_name-on-error-in.patch -Patch0245: backport-video-readers-png-Abort-sooner-if-a-read.patch -Patch0246: backport-video-readers-png-Refuse-to-handle-multiple-image-headers.patch -Patch0247: backport-video-readers-png-Drop-greyscale-support-to-fix-heap.patch -Patch0248: backport-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch -Patch0249: backport-video-readers-png-Sanity-check-some-huffman-codes.patch -Patch0250: backport-video-readers-jpeg-Abort-sooner-if-a-read.patch -Patch0251: backport-video-readers-jpeg-Do-not-reallocate-a-given.patch -Patch0252: backport-video-readers-jpeg-Refuse-to-handle-multiple.patch -Patch0253: backport-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch -Patch0254: backport-normal-charset-Fix-array-out-of-bounds-formatting.patch -Patch0255: backport-net-ip-Do-IP-fragment-maths-safely.patch -Patch0256: backport-net-netbuff-Block-overly-large-netbuff-allocs.patch -Patch0257: backport-net-dns-Fix-double-free-addresses-on-corrupt-DNS.patch -Patch0258: backport-net-dns-Dont-read-past-the-end-of-the-string.patch -Patch0259: backport-net-tftp-Prevent-a-UAF-and-double-free-from.patch -Patch0260: backport-net-tftp-Avoid-a-trivial-UAF.patch -Patch0261: backport-net-http-Do-not-tear-down-socket-if-its-already.patch -Patch0262: backport-net-http-Fix-OOB-write-for-split-http-headers.patch -Patch0263: backport-net-http-Error-out-on-headers-with-LF-without-CR.patch -Patch0264: backport-misc-Make-grub_min-and-grub_max-more-resilient.patch -Patch0265: backport-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_CODE-ins.patch -Patch0266: fix-compressed-kernel-verification-failed.patch -Patch0267: backport-tests-Disable-blkid-cache-usage.patch -Patch0268: backport-disk-efi-efidisk-Pass-buffers-with-higher-alignment.patch -Patch0269: backport-lib-relocator-Initialize-local-relocator-subchunk-struct-to.patch -Patch0270: backport-kern-fs-The-grub_fs_probe-should-dprint-errors.patch -Patch0271: backport-fs-fat-Dont-error-when-mtime-is-0.patch -Patch0272: backport-util-grub-mkfont-Fix-resource-leaks.patch -Patch0273: backport-loader-arm64-linux-Remove-magic-number-header-field-.patch -Patch0274: backport-misc-Add-cast-in-grub_strncasecmp-to-drop-sign-when-.patch -Patch0275: backport-commands-efi-efifwsetup-Add-missing-grub_free-s.patch -Patch0276: backport-video-readers-Add-artificial-limit-to-image-dimensio.patch -Patch0277: backport-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch -Patch0278: backport-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch -Patch0279: backport-font-Fix-several-integer-overflows-in-grub_font_cons.patch -Patch0280: backport-font-Remove-grub_font_dup_glyph.patch -Patch0281: backport-font-Fix-integer-overflow-in-ensure_comb_space.patch -Patch0282: backport-font-Fix-integer-overflow-in-BMP-index.patch -Patch0283: backport-font-Fix-integer-underflow-in-binary-search-of-char-.patch -Patch0284: backport-kern-efi-sb-Enforce-verification-of-font-files.patch -Patch0285: backport-fbutil-Fix-integer-overflow.patch -Patch0286: backport-font-Fix-an-integer-underflow-in-blit_comb.patch -Patch0287: backport-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch -Patch0288: backport-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch -Patch0289: backport-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch -Patch0290: 1000-port-Add-LoongArch-support.patch -Patch0291: disable-some-unsupported-filesystems.patch -Patch0292: 1001-loongarch-Modify-the-location-where-initrd-is-loaded.patch -Patch0293: backport-disk-diskfilter-Check-calloc-result-for-NULL.patch -Patch0294: backport-kern-buffer-Handle-NULL-input-pointer-in-grub_buffer.patch -Patch0295: backport-disk-diskfilter-Don-t-make-a-RAID-array-with-more-th.patch -Patch0296: backport-loader-multiboot_elfxx-Fix-memory-leak.patch -Patch0297: backport-normal-cmdline-Fix-two-related-integer-underflows.patch -Patch0298: backport-term-i386-pc-vga_text-Prevent-out-of-bounds-writes-t.patch -Patch0299: backport-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch -Patch0300: backport-kern-file-Fix-error-handling-in-grub_file_open.patch -Patch0301: backport-fs-xfs-Fix-memory-leaks-in-XFS-module.patch -Patch0302: backport-fs-squash4-Fix-memory-leaks-in-grub_squash_iterate_d.patch -Patch0303: backport-fs-iso9660-Fix-memory-leaks-in-grub_iso9660_susp_ite.patch -Patch0304: 1002-loongarch-Add-EFI-frame-buffer-support.patch -Patch0305: 1003-loongarch-Add-support-for-v4.0-interface.patch -Patch0306: 1004-loongarch-Add-support-for-new-EFI-screen-info-GUID.patch -Patch0307: 0202-rpm-sort-add-prereqs-for-declaration-of-strchrnul.patch -Patch0308: 1005-loongarch-Force-initrd-load-address-64KiB-alignment.patch -Patch0309: 1006-loongarch-Implement-cache-synchronization-operation.patch -Patch0310: backport-font-Check-return-value-of-grub_malloc-in-ascii_glyph_lookup.patch -Patch0311: backport-font-Assign-null_font-to-unknown_glyph.patch -Patch0312: backport-font-Reject-fonts-with-negative-max_char_width-or-max_char_height.patch -Patch0313: backport-kern-fs-Fix-possible-integer-overflow-in-i386-pc-mode-with-large.patch -Patch0314: backport-gentpl_py-Remove-interp-section-from-img-files.patch -Patch0315: backport-fs-iso9660-Add-check-to-prevent-infinite-loop.patch -Patch0316: backport-fs-iso9660-Prevent-read-past-the-end-of-system-use-area.patch -Patch0317: backport-fs-iso9660-Prevent-skipping-CE-or-ST-at-start-of-continuation-area.patch -Patch0318: backport-fs-iso9660-Incorrect-check-for-entry-boundary.patch -Patch0319: backport-fs-iso9660-Avoid-reading-past-the-entry-boundary.patch -Patch0320: backport-net-bootp-Fix-unchecked-return-value.patch -Patch0321: backport-osdep-linux-hostdisk-Modify-sector-by-sysfs-as-disk-sector.patch -Patch0322: backport-Read-etc-default-grub.d-.cfg-after-etc-default-grub.patch -Patch0323: Revert-EFI-allocate-kernel-in-EFI_RUNTIME_SERVICES_C.patch -Patch0324: backport-commands-acpi-Use-xsdt_addr-if-present.patch -Patch0325: backport-kern-acpi-Use-xsdt_addr-if-present.patch -Patch0326: remove-the-items-of-unsupported-filesystems-in-fs.ls.patch -Patch0327: 1007-loongarch-Fix-the-initrd-parameter-passing.patch -Patch0328: backport-net-dns-Fix-removal-of-DNS-server.patch -Patch0329: backport-net-dns-Simplify-error-handling-of-recv_hook-function.patch -Patch0330: backport-net-dns-Fix-lookup-error-when-no-IPv6-is-returned.patch -Patch0331: backport-util-grub-install-common-Fix-the-key-of.patch -Patch0332: backport-kern-efi-mm-Fix-use-after-free-in-finish-boot-services.patch -Patch0333: backport-kern-Check-for-NULL-when-closing-devices-and-disks.patch -Patch0334: backport-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch -Patch0335: backport-fs-udf-Fix-out-of-bounds-access.patch -Patch0336: backport-lib-relocator-Fix-OOB-write-when-initializing-lo-freebytes.patch -Patch0337: backport-util-grub-mount-Fix-memory-leak-in-fuse_getattr.patch -Patch0338: backport-CVE-2023-4692-fs-ntfs-Fix-an-OOB-write-when-parsing-the.patch -Patch0339: backport-CVE-2023-4693-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the.patch -Patch0340: backport-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch -Patch0341: backport-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch -Patch0342: backport-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch -Patch0343: backport-fs-ntfs-Make-code-more-readable.patch -Patch0344: add-TPCM-support-with-ipmi-channel.patch -Patch0345: skip-verification-when-not-loading-grub.cfg.patch -Patch0346: 1008-loongarch-Disable-relaxation-relocations.patch diff --git a/grub2-set-password-prompts-to-enter-the-current-pass.patch b/grub2-set-password-prompts-to-enter-the-current-pass.patch deleted file mode 100644 index 5a843ec5a95d012a78ea9bd5ae766617c879b8c7..0000000000000000000000000000000000000000 --- a/grub2-set-password-prompts-to-enter-the-current-pass.patch +++ /dev/null @@ -1,313 +0,0 @@ -From 23ade142e708ef9c225f0ccfd519e48132793888 Mon Sep 17 00:00:00 2001 -From: liuxin -Date: Thu, 2 Sep 2021 17:30:39 +0800 -Subject: [PATCH] grub2-set-password prompts to enter the current password and - add the password complexity check - ---- - util/grub-mkpasswd-pbkdf2.c | 105 ++++++++++++++++++++++++++++++--- - util/grub-set-password.in | 114 ++++++++++++++++++++++++++++++++++++ - 2 files changed, 212 insertions(+), 7 deletions(-) - -diff --git a/util/grub-mkpasswd-pbkdf2.c b/util/grub-mkpasswd-pbkdf2.c -index 5805f3c..c9f39a5 100644 ---- a/util/grub-mkpasswd-pbkdf2.c -+++ b/util/grub-mkpasswd-pbkdf2.c -@@ -42,10 +42,14 @@ - - #include "progname.h" - -+#define GRUB_PARAM_ERROR 1 -+#define GRUB_PARAM_SUCCESS 0 -+ - static struct argp_option options[] = { - {"iteration-count", 'c', N_("NUM"), 0, N_("Number of PBKDF2 iterations"), 0}, - {"buflen", 'l', N_("NUM"), 0, N_("Length of generated hash"), 0}, - {"salt", 's', N_("NUM"), 0, N_("Length of salt"), 0}, -+ {"salt arg", 'a', N_("VARCHAR"), 0, N_("preset salt var(hex code)"), 0}, - { 0, 0, 0, 0, 0, 0 } - }; - -@@ -54,8 +58,45 @@ struct arguments - unsigned int count; - unsigned int buflen; - unsigned int saltlen; -+ char * salt; - }; - -+static int illegal_char(char t) -+{ -+ int illegal = GRUB_PARAM_ERROR; -+ char legal[] = "0123456789ABCDEF"; -+ for (int i = 0; i < grub_strlen(legal); ++i) { -+ if (t == legal[i]) { -+ illegal = GRUB_PARAM_SUCCESS; -+ break; -+ } -+ } -+ return illegal; -+} -+ -+static int check_salt_verify(const char * arg) -+{ -+ grub_size_t len = grub_strlen(arg); -+ if (len <= 0 || len >= GRUB_SIZE_MAX) -+ { -+ fprintf(stderr, "salt length may be empty or too long!\n"); -+ return GRUB_PARAM_ERROR; -+ } -+ if (len % 2 != 0) -+ { -+ fprintf(stderr, "the salt value length is an even number!\n"); -+ return GRUB_PARAM_ERROR; -+ } -+ for (int i = 0; i < len; ++i) -+ { -+ if (illegal_char(arg[i])) -+ { -+ return GRUB_PARAM_ERROR; -+ } -+ } -+ return GRUB_PARAM_SUCCESS; -+} -+ - static error_t - argp_parser (int key, char *arg, struct argp_state *state) - { -@@ -76,6 +117,16 @@ argp_parser (int key, char *arg, struct argp_state *state) - case 's': - arguments->saltlen = strtoul (arg, NULL, 0); - break; -+ -+ case 'a': -+ if (check_salt_verify(arg)) -+ { -+ fprintf(stderr, "only hexadecimal numbers consisting of digits and uppercase letters are supported\n"); -+ return ARGP_ERR_UNKNOWN; -+ } -+ arguments->saltlen = grub_strlen(arg) / 2; -+ arguments->salt = arg; -+ break; - default: - return ARGP_ERR_UNKNOWN; - } -@@ -110,13 +161,44 @@ hexify (char *hex, grub_uint8_t *bin, grub_size_t n) - *hex = 0; - } - -+static void -+hextobyte(const char *hex, grub_uint8_t *bin, grub_size_t n) -+{ -+ while(n) -+ { -+ grub_uint8_t tmp = 0x00; -+ if (((*hex) <= '9') && ((*hex) >= '0')) -+ { -+ tmp += (grub_uint8_t)((*hex) - '0') << 4 & 0xf0; -+ } -+ else -+ { -+ tmp += (grub_uint8_t)((*hex) - 'A' + 10) << 4 & 0xf0; -+ } -+ hex++; -+ if (((*hex) <= '9') && ((*hex) >= '0')) -+ { -+ tmp += (grub_uint8_t)((*hex) - '0') & 0x0f; -+ } -+ else -+ { -+ tmp += (grub_uint8_t)((*hex) - 'A' + 10) & 0x0f; -+ } -+ *bin = tmp; -+ bin++; -+ hex++; -+ n -= 2; -+ } -+} -+ - int - main (int argc, char *argv[]) - { - struct arguments arguments = { - .count = 10000, - .buflen = 64, -- .saltlen = 64 -+ .saltlen = 64, -+ .salt = NULL - }; - char *result, *ptr; - gcry_err_code_t gcry_err; -@@ -133,6 +215,12 @@ main (int argc, char *argv[]) - exit(1); - } - -+ if (arguments.salt != NULL && grub_strlen(arguments.salt) != 2 * arguments.saltlen) -+ { -+ fprintf(stderr, "%s", _("If the -a parameter is set, don't set the -s parameter again\n")); -+ exit(1); -+ } -+ - buf = xmalloc (arguments.buflen); - salt = xmalloc (arguments.saltlen); - -@@ -161,13 +249,16 @@ main (int argc, char *argv[]) - } - memset (pass2, 0, sizeof (pass2)); - -- if (grub_get_random (salt, arguments.saltlen)) -+ if (arguments.salt != NULL) - { -- memset (pass1, 0, sizeof (pass1)); -- free (buf); -- free (salt); -- grub_util_error ("%s", _("couldn't retrieve random data for salt")); -- } -+ hextobyte(arguments.salt, salt, arguments.saltlen * 2); -+ } else if (grub_get_random (salt, arguments.saltlen)) -+ { -+ memset (pass1, 0, sizeof (pass1)); -+ free (buf); -+ free (salt); -+ grub_util_error ("%s", _("couldn't retrieve random data for salt")); -+ } - - gcry_err = grub_crypto_pbkdf2 (GRUB_MD_SHA512, - (grub_uint8_t *) pass1, strlen (pass1), -diff --git a/util/grub-set-password.in b/util/grub-set-password.in -index d8005e5..9369b40 100644 ---- a/util/grub-set-password.in -+++ b/util/grub-set-password.in -@@ -82,16 +82,130 @@ fixtty() { - } - - trap fixtty EXIT -+ -+getsaltpass() { -+ local P0 -+ local P1 -+ P0="$1" && shift -+ P1="$1" && shift -+ P2="$1" && shift -+ -+ ( echo ${P0} ; echo ${P1} ) | \ -+ LC_ALL=C ${grub_mkpasswd} -a ${P2} | \ -+ grep -v '[eE]nter password:' | \ -+ sed -e "s/PBKDF2 hash of your password is //" -+} -+ -+verifyusercfgoldpasswd() { -+ # get old password salt -+ expectsalt=`cat ${grubdir}/user.cfg | cut -d "." -f 5` -+ # get expect password -+ expectpass=`cat ${grubdir}/user.cfg` -+ prefix="GRUB2_PASSWORD=" -+ -+ stty -echo -+ echo -n "Enter Current password: " -+ read PASSWORD_CURRENT -+ echo -+ -+ needcheckpass="${prefix}$(getsaltpass "${PASSWORD_CURRENT}" "${PASSWORD_CURRENT}" "${expectsalt}")" -+ if [ "$expectpass" != "$needcheckpass" ]; then -+ echo "Authentication failed" -+ exit 1 -+ fi -+ -+ stty ${ttyopt} -+} -+ -+verifygrubcfgoldpasswd() { -+ # get old password line -+ expectpass=`cat ${grubdir}/grub.cfg | grep "password_pbkdf2 root grub.pbkdf2.sha512" | cut -d " " -f 3` -+ # if not get password, try a quotation mark match -+ if [ -z "$expectpass" ];then -+ expectpass=`cat ${grubdir}/grub.cfg | grep "password_pbkdf2 root \"grub.pbkdf2.sha512" | cut -d " " -f 3 | cut -d "\"" -f 2` -+ fi -+ if [ -z "$expectpass" ];then -+ expectpass=`cat ${grubdir}/grub.cfg | grep "password_pbkdf2 root 'grub.pbkdf2.sha512" | cut -d " " -f 3 | cut -d "'" -f 2` -+ fi -+ if [ -n "$expectpass" ];then -+ # get old password salt -+ expectsalt=`echo ${expectpass} | cut -d "." -f 5` -+ stty -echo -+ echo -n "Enter Current password: " -+ read PASSWORD_CURRENT -+ echo -+ -+ needcheckpass="$(getsaltpass "${PASSWORD_CURRENT}" "${PASSWORD_CURRENT}" "${expectsalt}")" -+ if [ "$expectpass" != "$needcheckpass" ]; then -+ echo "Authentication failed" -+ exit 1 -+ fi -+ fi -+ -+} -+ -+if [ -e ${grubdir}/user.cfg ];then -+ verifyusercfgoldpasswd -+else -+ verifygrubcfgoldpasswd -+fi -+ -+checkcomplexity() { -+ set +e -+ USERNAME=`cat ${grubdir}/grub.cfg | grep "set superusers=" | cut -d "\"" -f 2 |tail -1` -+ local P1="$1" && shift -+ if [ "$P1" = "$USERNAME" ];then -+ echo "The password contains the user name in some form" -+ exit 1 -+ fi -+ # password len >= 8 -+ strlen=`echo "$P1" | grep -E '^(.{8,}).*$'` -+ if [ -z "$strlen" ];then -+ echo "The password is shorter than 8 characters" -+ exit 1 -+ fi -+ # lowercase -+ strlow=`echo "$P1" | grep -E --color '^(.*[a-z]+).*$'` -+ # uppercase -+ strupp=`echo $P1 | grep -E --color '^(.*[A-Z]).*$'` -+ # special character -+ strts=`echo $P1 | grep -E --color '^(.*\W).*$'` -+ # num -+ strnum=`echo $P1 | grep -E --color '^(.*[0-9]).*$'` -+ complexity=0 -+ if [ -n "$strlow" ];then -+ complexity=`expr $complexity + 1` -+ fi -+ if [ -n "$strupp" ];then -+ complexity=`expr $complexity + 1` -+ fi -+ if [ -n "$strts" ];then -+ complexity=`expr $complexity + 1` -+ fi -+ if [ -n "$strnum" ];then -+ complexity=`expr $complexity + 1` -+ fi -+ if [ $complexity -lt 3 ];then -+ echo "The password contains less than 3 character classes" -+ exit 1 -+ fi -+ set -e -+} -+ - stty -echo - - # prompt & confirm new grub2 root user password - echo -n "Enter password: " - read PASSWORD - echo -+stty ${ttyopt} -+checkcomplexity $PASSWORD -+stty -echo - echo -n "Confirm password: " - read PASSWORD_CONFIRM - echo - stty ${ttyopt} -+checkcomplexity $PASSWORD_CONFIRM - - getpass() { - local P0 --- -2.19.1 - diff --git a/grub2.spec b/grub2.spec index 34cbdd0105c997485773b62c4f294678724cb775..b7abb93bc4e9cc5866d7852dbf7e6e1f043124e3 100644 --- a/grub2.spec +++ b/grub2.spec @@ -1,6 +1,6 @@ %undefine _hardened_build -%global tarversion 2.06 +%global tarversion 2.12 %if "0%{?product_family}" == "0" %define efi_vendor %{_vendor} %else @@ -13,8 +13,8 @@ Name: grub2 Epoch: 1 -Version: 2.06 -Release: 43 +Version: 2.12 +Release: 1 Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -448,6 +448,12 @@ fi %{_datadir}/man/man* %changelog +* Thu Feb 29 2024 sunhai10 - 1:2.12-1 +- Type:NA +- CVE:NA +- SUG:NA +- DESC:update to 2.12 version + * Mon Dec 25 2023 mengyingkun - 1:2.06-43 - Type:requirement - CVE:NA diff --git a/remove-08_fallback_counting.in-apply-grubby.patch b/remove-08_fallback_counting.in-apply-grubby.patch deleted file mode 100644 index 03df4a22b7f22687f4ea8ca4eae7c9e63bc84568..0000000000000000000000000000000000000000 --- a/remove-08_fallback_counting.in-apply-grubby.patch +++ /dev/null @@ -1,61 +0,0 @@ -From f09f144a2f04bd2775367a0df0a2e7900d96d6a1 Mon Sep 17 00:00:00 2001 -From: t.feng -Date: Tue, 1 Sep 2020 16:59:53 +0800 -Subject: [PATCH] remove 08_fallback_counting.in apply grubby - ---- - Makefile.util.def | 6 ------ - util/grub.d/08_fallback_counting.in | 24 ------------------------ - 2 files changed, 30 deletions(-) - delete mode 100644 util/grub.d/08_fallback_counting.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index f3a6996..3473947 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -458,12 +458,6 @@ script = { - }; - - script = { -- name = '08_fallback_counting'; -- common = util/grub.d/08_fallback_counting.in; -- installdir = grubconf; --}; -- --script = { - name = '12_menu_auto_hide'; - common = util/grub.d/12_menu_auto_hide.in; - installdir = grubconf; -diff --git a/util/grub.d/08_fallback_counting.in b/util/grub.d/08_fallback_counting.in -deleted file mode 100644 -index 2e2c3ff..0000000 ---- a/util/grub.d/08_fallback_counting.in -+++ /dev/null -@@ -1,24 +0,0 @@ --#! /bin/sh -e --# Fallback Countdown --# --# This snippet depends on 10_reset_boot_success and needs to be kept in sync. --# --# The boot_counter env var can be used to count down boot attempts after an --# OSTree upgrade and choose the rollback deployment when 0 is reached. --# Both boot_counter=X and boot_success=1 need to be set from userspace. --cat << EOF --insmod increment --# Check if boot_counter exists and boot_success=0 to activate this behaviour. --if [ -n "\${boot_counter}" -a "\${boot_success}" = "0" ]; then -- # if countdown has ended, choose to boot rollback deployment, -- # i.e. default=1 on OSTree-based systems. -- if [ "\${boot_counter}" = "0" -o "\${boot_counter}" = "-1" ]; then -- set default=1 -- set boot_counter=-1 -- # otherwise decrement boot_counter -- else -- decrement boot_counter -- fi -- save_env boot_counter --fi --EOF --- -1.8.3.1 - diff --git a/remove-the-items-of-unsupported-filesystems-in-fs.ls.patch b/remove-the-items-of-unsupported-filesystems-in-fs.ls.patch deleted file mode 100644 index a13277924d3fe9887c7ee60cae04a9ba292fa67b..0000000000000000000000000000000000000000 --- a/remove-the-items-of-unsupported-filesystems-in-fs.ls.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 3a1e6b4f14c891a0faa31992d944dd35ef123b7f Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Wed, 5 Jul 2023 16:53:49 +0800 -Subject: [PATCH] remove the items of unsupported filesystems in fs.lst - ---- - grub-core/Makefile.am | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am -index dd49939..fb487a8 100644 ---- a/grub-core/Makefile.am -+++ b/grub-core/Makefile.am -@@ -368,10 +368,13 @@ endif - # List files - - fs.lst: $(MARKER_FILES) -+ DISABLE_FS=(affs.marker afs.marker bfs.marker jfs.marker minix.marker minix2.marker minix3.marker minix_be.marker minix2_be.marker minix3_be.marker nilfs2.marker reiserfs.marker romfs.marker sfs.marker ufs1.marker ufs2.marker ufs1_be.marker); \ - (for pp in $^; do \ - b=`basename $$pp .marker`; \ - if grep 'FS_LIST_MARKER' $$pp >/dev/null 2>&1; then \ -- echo $$b; \ -+ if [[ ! "$${DISABLE_FS[@]}" =~ $$b ]]; then \ -+ echo $$b; \ -+ fi; \ - fi; \ - done) | sort -u > $@ - platform_DATA += fs.lst --- -2.19.1 - diff --git a/skip-verification-when-not-loading-grub.cfg.patch b/skip-verification-when-not-loading-grub.cfg.patch deleted file mode 100644 index 69280005493b3048ba30c4409a8f8ce143ee1ba1..0000000000000000000000000000000000000000 --- a/skip-verification-when-not-loading-grub.cfg.patch +++ /dev/null @@ -1,29 +0,0 @@ -From c8b6446348a445a51024d04b2e8e5b417c3a1f73 Mon Sep 17 00:00:00 2001 -From: Qiumiao Zhang -Date: Wed, 31 May 2023 15:13:07 +0800 -Subject: [PATCH] skip verification when not loading grub.cfg - -Skip verification when just opening the grub.cfg without loading it. -There is no need to verify grub.cfg twice when tpcm is enabled. - -Signed-off-by: Qiumiao Zhang ---- - grub-core/normal/main.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c -index b72fe3d..8ce5a60 100644 ---- a/grub-core/normal/main.c -+++ b/grub-core/normal/main.c -@@ -369,7 +369,7 @@ grub_try_normal_prefix (const char *prefix) - if (config) - { - grub_file_t file; -- file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG); -+ file = grub_file_open (config, GRUB_FILE_TYPE_SKIP_SIGNATURE); - if (file) - { - grub_file_close (file); --- -2.27.0 - diff --git a/support-TPM2.0.patch b/support-TPM2.0.patch deleted file mode 100644 index e5ad77ebbd2f66a2aa3ac23e80bd72087886b24d..0000000000000000000000000000000000000000 --- a/support-TPM2.0.patch +++ /dev/null @@ -1,97 +0,0 @@ -From f3d9f0413e8c7304b5bb4a0e927a6608504f2795 Mon Sep 17 00:00:00 2001 -From: gaoyusong -Date: Thu, 13 May 2021 18:34:23 +0800 -Subject: [PATCH] support TPM2.0 - ---- - grub-core/kern/verifiers.c | 26 ++++++++++++++++++++------ - grub-core/script/execute.c | 12 +++++++++++- - 2 files changed, 31 insertions(+), 7 deletions(-) - -diff --git a/grub-core/kern/verifiers.c b/grub-core/kern/verifiers.c -index 75d7994..1d3ca2b 100644 ---- a/grub-core/kern/verifiers.c -+++ b/grub-core/kern/verifiers.c -@@ -84,9 +84,15 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type) - grub_file_t ret = 0; - grub_err_t err; - int defer = 0; -+ int grub_env_flag = 0; -+ char *ptr = NULL; - - grub_dprintf ("verify", "file: %s type: %d\n", io->name, type); - -+ ptr = grub_strstr(io->name, "grubenv"); -+ if (ptr) -+ grub_env_flag = 1; -+ - if ((type & GRUB_FILE_TYPE_MASK) == GRUB_FILE_TYPE_SIGNATURE - || (type & GRUB_FILE_TYPE_MASK) == GRUB_FILE_TYPE_VERIFY_SIGNATURE - || (type & GRUB_FILE_TYPE_SKIP_SIGNATURE)) -@@ -148,6 +154,8 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type) - verified->buf = grub_malloc (ret->size); - if (!verified->buf) - { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, -+ "cannot allocate verified buffer, the %s is too large\n", io->name); - goto fail; - } - if (grub_file_read (io, verified->buf, ret->size) != (grub_ssize_t) ret->size) -@@ -158,9 +166,12 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type) - goto fail; - } - -- err = ver->write (context, verified->buf, ret->size); -- if (err) -- goto fail; -+ if (!grub_env_flag) -+ { -+ err = ver->write (context, verified->buf, ret->size); -+ if (err) -+ goto fail; -+ } - - err = ver->fini ? ver->fini (context) : GRUB_ERR_NONE; - if (err) -@@ -179,9 +190,12 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type) - /* Verification done earlier. So, we are happy here. */ - flags & GRUB_VERIFY_FLAGS_DEFER_AUTH) - continue; -- err = ver->write (context, verified->buf, ret->size); -- if (err) -- goto fail; -+ if (!grub_env_flag) -+ { -+ err = ver->write (context, verified->buf, ret->size); -+ if (err) -+ goto fail; -+ } - - err = ver->fini ? ver->fini (context) : GRUB_ERR_NONE; - if (err) -diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c -index 0c6dd9c..3e761c4 100644 ---- a/grub-core/script/execute.c -+++ b/grub-core/script/execute.c -@@ -1002,7 +1002,17 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd) - argv.args[i]); - } - cmdstring[cmdlen - 1] = '\0'; -- grub_verify_string (cmdstring, GRUB_VERIFY_COMMAND); -+ -+ if (grub_strncmp(cmdstring, "[ 0 = 1 ]", 9) == 0) { -+ char res_str[] = "[ = 1 ]"; -+ grub_verify_string (res_str, GRUB_VERIFY_COMMAND); -+ } else if (grub_strncmp(cmdstring, "[ 0 = 1 -o = 1 ]", 17) == 0) { -+ char res_str[] = "[ = 1 -o = 1 ]"; -+ grub_verify_string (res_str, GRUB_VERIFY_COMMAND); -+ } else { -+ grub_verify_string (cmdstring, GRUB_VERIFY_COMMAND); -+ } -+ - grub_free (cmdstring); - invert = 0; - argc = argv.argc - 1; --- -2.19.1 - diff --git a/use-default-timestamp.patch b/use-default-timestamp.patch deleted file mode 100644 index 6196ab9cf4ecc35491bf7a8ef49ed6364fa45eff..0000000000000000000000000000000000000000 --- a/use-default-timestamp.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 62cb96c5b34bfa68ad3d7ffe3f3098d8cd08f83f Mon Sep 17 00:00:00 2001 -From: zhouyihang -Date: Thu, 10 Jun 2021 20:01:54 +0800 -Subject: [PATCH] use default timestamp - ---- - docs/grub-dev.texi | 4 ++-- - docs/grub.texi | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi -index 9008377..874b3ea 100644 ---- a/docs/grub-dev.texi -+++ b/docs/grub-dev.texi -@@ -18,7 +18,7 @@ - - @copying - This developer manual is for GNU GRUB (version @value{VERSION}, --@value{UPDATED}). -+24 June 2019). - - Copyright @copyright{} 1999,2000,2001,2002,2004,2005,2006,2008,2009,2010,2011 Free Software Foundation, Inc. - -@@ -40,7 +40,7 @@ Invariant Sections. - @titlepage - @sp 10 - @title the GNU GRUB developer manual --@subtitle The GRand Unified Bootloader, version @value{VERSION}, @value{UPDATED}. -+@subtitle The GRand Unified Bootloader, version @value{VERSION}, 24 June 2019. - @author Yoshinori K. Okuji - @author Colin D Bennett - @author Vesa Jääskeläinen -diff --git a/docs/grub.texi b/docs/grub.texi -index a4da9c2..79055be 100644 ---- a/docs/grub.texi -+++ b/docs/grub.texi -@@ -18,7 +18,7 @@ - - @copying - This manual is for GNU GRUB (version @value{VERSION}, --@value{UPDATED}). -+24 June 2019). - - Copyright @copyright{} 1999,2000,2001,2002,2004,2006,2008,2009,2010,2011,2012,2013 Free Software Foundation, Inc. - -@@ -48,7 +48,7 @@ Invariant Sections. - @titlepage - @sp 10 - @title the GNU GRUB manual --@subtitle The GRand Unified Bootloader, version @value{VERSION}, @value{UPDATED}. -+@subtitle The GRand Unified Bootloader, version @value{VERSION}, 24 June 2019). - @author Gordon Matzigkeit - @author Yoshinori K. Okuji - @author Colin Watson --- -2.19.1 -