Commit graph

3894 commits

Author SHA1 Message Date
Steve McIntyre
0b6bd057c0 Make grub-install check for errors from efibootmgr
Code is currently ignoring errors from efibootmgr, giving users
clearly bogus output like:

        Setting up grub-efi-amd64 (2.02~beta3-4) ...
        Installing for x86_64-efi platform.
        Could not delete variable: No space left on device
        Could not prepare Boot variable: No space left on device
        Installation finished. No error reported.

and then potentially unbootable systems. If efibootmgr fails, grub-install
should know that and report it!

We've been using similar patch in Debian now for some time, with no ill effects.

Signed-off-by: Steve McIntyre <93sam@debian.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Eric Snowberg
984c022638 sparc64: fix OF path names for sun4v systems
Fix the Open Firmware (OF) path property for sun4v SPARC systems.
These platforms do not have a /sas/ within their path. Over time
different OF addressing schemes have been supported. There
is no generic addressing scheme that works across every HBA.

It looks that this functionality will not work if you try to cross-install
SPARC GRUB2 binary using e.g. x86 grub-install. By default it should work.
However, we will also have other issues here, like lack of access to OF
firmware/paths, which make such configs unusable anyway. So, let's leave
this patch as is for time being. If somebody cares then he/she should fix
the issue(s) at some point.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Stefan Fritsch
d97d20da82 ahci: Improve error handling
Check the error bits in the interrupt status register. According to the
AHCI 1.2 spec, "Interrupt sources that are disabled (‘0’) are still
reflected in the status registers.", so this should work even though
grub uses polling

This fixes the following problem on a Fujitsu E744 laptop:

Sometimes there is a very long delay (up to several minutes) when
booting from hard disk. It seems accessing the DVD drive (which has no
disk inserted) sometimes fails with some errors, which leads to each
access being stalled until the 20s timeout triggers. This seems to
happen when grub is trying to read filesystem/partition data.

The problem is that the command_issue bit that is checked in the loop is
only reset if the "HBA receives a FIS which clears the BSY, DRQ, and ERR
bits for the command", but the ERR bit is never cleared. Therefore
command_issue is never reset and grub waits for the timeout.

The relevant bit in our case is the Task File Error Status (TFES), which
is equivalent to the ERR bit 0 in tfd. But this patch also checks
the other error bits except for the "Interface non-fatal error status"
bit.

Signed-off-by: Stefan Fritsch <fritsch@genua.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Julien Grall
43d7414af7 arm64/xen: Add missing #address-cells and #size-cells properties
The properties #address-cells and #size-cells are used to know the
number of cells for ranges provided by "regs". If they don't exist, the
value are resp. 2 and 1.

Currently, when multiboot nodes are created it is assumed that #address-cells
and #size-cells are exactly 2. However, they are never set by GRUB and
will result to later failure when the device-tree is generated by GRUB
or contain different values.

To prevent this failure, create the both properties in the chosen nodes.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Eric Snowberg
4aeba29569 ls: prevent double open
Prevent a double open.  This can cause problems with some ieee1275
devices, causing the system to hang.  The double open can occur
as follows:

grub_ls_list_files (char *dirname, int longlist, int all, int human)
       dev = grub_device_open (device_name);
       dev remains open while:
       grub_normal_print_device_info (device_name);
                dev = grub_device_open (name);

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
David E. Box
bee9cdaa2b tsc: Change default tsc calibration method to pmtimer on EFI systems
On efi systems, make pmtimer based tsc calibration the default over the
pit. This prevents Grub from hanging on Intel SoC systems that power gate
the pit.

Signed-off-by: David E. Box <david.e.box@linux.intel.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Alexander Graf
8838ac368e efi: Free malloc regions on exit
When we exit grub, we don't free all the memory that we allocated earlier
for our heap region. This can cause problems with setups where you try
to descend the boot order using "exit" entries, such as PXE -> HD boot
scenarios.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:16:25 -04:00
Alexander Graf
e224ee31c0 efi: Move grub_reboot() into kernel
The reboot function calls machine_fini() and then reboots the system.
Currently it lives in lib/ which means it gets compiled into the
reboot module which lives on the heap.

In a following patch, I want to free the heap on machine_fini()
though, so we would free the memory that the code is running in. That
obviously breaks with smarter UEFI implementations.

So this patch moves it into the core. That way we ensure that all
code running after machine_fini() in the UEFI case is running from
memory that got allocated (and gets deallocated) by the UEFI core.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
46159d35d3 Fix compilation for x86_64-efi. 2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
3badaefe7f gzio: fix unaligned access 2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
86b8024d5d Regenerate checksum.h with newer unifont.
Old link is broken. New unifont is
http://ftp.de.debian.org/debian/pool/main/u/unifont/xfonts-unifont_9.0.06-2_all.deb
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
69c4c683b4 qemu, coreboot, multiboot: Change linking address to 0x9000.
It's common for distros to use a defective ld which links at 0x9000. Instead
of fighting it, just move link target to 0x9000.
2020-09-21 12:02:37 -04:00
Stefan Fritsch
8ce806120b Implement checksum verification for gunzip
This implements the crc32 check for the gzip format. Support for zlib's
adler checksum is not included, yet.
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
88a43b3f8c xfs: Don't attempt to iterate over empty directory.
Reported by: Tuomas Tynkkynen
2020-09-21 12:02:37 -04:00
Patrick Steinhardt
2da5f067f4 unix exec: avoid atexit handlers when child exits
The `grub_util_exec_redirect_all` helper function can be used to
spawn an executable and redirect its output to some files. After calling
`fork()`, the parent will wait for the child to terminate with
`waitpid()` while the child prepares its file descriptors, environment
and finally calls `execvp()`. If something in the children's setup
fails, it will stop by calling `exit(127)`.

Calling `exit()` will cause any function registered via `atexit()` to be
executed, which is usually the wrong thing to do in a child. And
actually, one can easily observe faulty behaviour on musl-based systems
without modprobe(8) installed: executing `grub-install --help` will call
`grub_util_exec_redirect_all` with "modprobe", which obviously fails if
modprobe(8) is not installed. Due to the child now exiting and invoking
the `atexit()` handlers, it will clean up some data structures of the
parent and cause it to be deadlocked in the `waitpid()` syscall.

The issue can easily be fixed by calling `_exit(127)` instead, which is
especially designed to be called when the atexit-handlers should not be
executed.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
aa6226fefb enforcing fixup 2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
f6c8225f8c multiboot fixup 2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
fcf791ab27 linux fixup 2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
874a8f13cc yylex: Explicilty cast fprintf to void.
It's needed to avoid warning on recent GCC.
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
384d3e5b84 genmoddep: Check that no modules provide the same symbol.
The semantics of 2 modules providing the same symbol are undefined. So
ensure that it doesn't happen.
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
547d8201cf Fix symbols appearing in several modules in linux*.
If same symbol is provided by 2 modules its semantics are undefined.
Avoid this by depending rather than double-including files.
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
ec4630c2b5 multiboot: disentangle multiboot and multiboot2.
Previously we had multiboot and multiboot2 declaring the same symbols.
This can potentially lead to aliasing and strange behaviours when e.g.
module instead of module2 is used with multiboot2.

Bug: #51137
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
aa34f69d5d hdparm: Depend on hexdump rather than having a second copy of hexdump. 2020-09-21 12:02:37 -04:00
Pete Batard
0f6ca5ecf9 io: add a GRUB_GZ prefix to gzio specific defines
* This is done to avoid a conflict with a PACKED define in the EDK2
2020-09-21 12:02:37 -04:00
Pete Batard
5ba09fb415 core: use GRUB_TERM_ definitions when handling term characters
* Also use hex value for GRUB_TERM_ESC as '\e' is not in the C standard and is not understood by some compilers
2020-09-21 12:02:37 -04:00
Leif Lindholm
5f294d3b9e efi: change heap allocation type to GRUB_EFI_LOADER_CODE
With upcoming changes to EDK2, allocations of type EFI_LOADER_DATA may
not return regions with execute ability. Since modules are loaded onto
the heap, change the heap allocation type to GRUB_EFI_LOADER_CODE in
order to permit execution on systems with this feature enabled.

Closes: 50420

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2020-09-21 12:02:37 -04:00
Leif Lindholm
01f3dcc70a arm64 linux loader: improve type portability
In preparation for turning this into a common loader for 32-bit and 64-bit
platforms, ensure the code will compile cleanly for either.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2020-09-21 12:02:37 -04:00
Leif Lindholm
793b90c851 efi: Add GRUB_PE32_MAGIC definition
Add a generic GRUB_PE32_MAGIC definition for the PE 'MZ' tag and delete
the existing one in arm64/linux.h.

Update arm64 Linux loader to use this new definition.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2020-09-21 12:02:37 -04:00
Leif Lindholm
30f13fbfa6 efi: move fdt helper library
There is nothing ARM64 (or even ARM) specific about the efi fdt helper
library, which is used for locating or overriding a firmware-provided
devicetree in a UEFI system - so move it to loader/efi for reuse.

Move the fdtload.h include file to grub/efi and update path to
efi/fdtload.h in source code referring to it.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2020-09-21 12:02:37 -04:00
Vladimir Serbinenko
6825a1d3f1 Remove grub_efi_allocate_pages.
grub_efi_allocate_pages Essentially does 2 unrelated things:
* Allocate at fixed address.
* Allocate at any address.

To switch between 2 different functions it uses address == 0 as magic
value which is wrong as 0 is a perfectly valid fixed adress to allocate at.
2020-09-21 12:02:37 -04:00
Leif Lindholm
22619f1593 efi: refactor grub_efi_allocate_pages
Expose a new function, grub_efi_allocate_pages_real(), making it possible
to specify allocation type and memory type as supported by the UEFI
AllocatePages boot service.

Make grub_efi_allocate_pages() a consumer of the new function,
maintaining its old functionality.

Also delete some left-around #if 1/#else blocks in the affected
functions.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2020-09-21 11:32:45 -04:00
Pali Rohár
682b3134b6 * grub-core/fs/udf.c: Add support for UUID
Use same algorithm as in libblkid from util-linux v2.30.

1. Take first 16 bytes from UTF-8 encoded string of VolumeSetIdentifier
2. If all bytes are hexadecimal digits, convert to lowercase and use as UUID
3. If first 8 bytes are not all hexadecimal digits, convert those 8 bytes
   to their hexadecimal representation, resulting in 16 bytes for UUID
4. Otherwise, compose UUID from two parts:
   1. part: converted first 8 bytes (which are hexadecimal digits) to lowercase
   2. part: encoded following 4 bytes to their hexadecimal representation (16 bytes)

So UUID would always have 16 hexadecimal digits in lowercase variant.

According to UDF specification, first 16 Unicode characters of
VolumeSetIdentifier should be unique value and first 8 should be
hexadecimal characters.

In most cases all 16 characters are hexadecimal, but e.g. MS Windows
format.exe set only first 8 as hexadecimal and remaining as fixed
(non-unique) which violates specification.
2020-09-21 11:32:45 -04:00
Pali Rohár
ab444c54a7 udf: Fix reading label, lvd.ident is dstring
UDF dstring has stored length in the last byte of buffer. Therefore last
byte is not part of recorded characters. And empty string in dstring is
encoded as empty buffer, including first byte (compression id).
2020-09-21 11:32:45 -04:00
Pete Batard
e2296e205e zfs: remove size_t typedef and use grub_size_t instead
* Prevents some toolchains from issuing a warning on size_t redef.
2020-09-21 11:32:45 -04:00
Rob Clark
a74336596f Fix a segfault in lsefi
when protocols_per_handle returns error, we can't use the pointers we
passed to it, and that includes trusting num_protocols.

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
21b3d3efee fdt: silence clang warning. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
0c4852ea0e arm-efi: Fix compilation 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
8efa8a0e94 ehci: Fix compilation on i386 2020-09-21 11:32:45 -04:00
phcoder
8d54a08733 ehci: Fix compilation for amd64 2020-09-21 11:32:45 -04:00
Eric Biggers
4aaa6b639d Allow GRUB to mount ext2/3/4 filesystems that have the encryption feature.
On such a filesystem, inodes may have EXT4_ENCRYPT_FLAG set.
For a regular file, this means its contents are encrypted; for a
directory, this means the filenames in its directory entries are
encrypted; and for a symlink, this means its target is encrypted.  Since
GRUB cannot decrypt encrypted contents or filenames, just issue an error
if it would need to do so.  This is sufficient to allow unencrypted boot
files to co-exist with encrypted files elsewhere on the filesystem.

(Note that encrypted regular files and symlinks will not normally be
encountered outside an encrypted directory; however, it's possible via
hard links, so they still need to be handled.)

Tested by booting from an ext4 /boot partition on which I had run
'tune2fs -O encrypt'.  I also verified that the expected error messages
are printed when trying to access encrypted directories, files, and
symlinks from the GRUB command line.  Also ran 'sudo ./grub-fs-tester
ext4_encrypt'; note that this requires e2fsprogs v1.43+ and Linux v4.1+.

Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-09-21 11:32:45 -04:00
Eric Snowberg
da4e8334b2 sparc64: Don't use devspec to determine the OBP path
Don't use devspec to determine the OBP path on SPARC hardware.  Within all
versions of Linux on SPARC, the devspec returns one of three values:
"none", "vnet-port", or "vdisk".  Unlike on PPC, none of these values
are useful in determining the OBP path.

Before this patch grub-ofpathname always returned the wrong value
for a virtual disk. For example:

% grub-ofpathname /dev/vdiskc2
vdisk/disk@2:b

After this patch it now returns the correct value:

% grub-ofpathname /dev/vdiskc2
/virtual-devices@100/channel-devices@200/disk@2:b

Orabug: 24459765

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 11:32:45 -04:00
Fu Wei
3418e2bd52 arm64: Add "--nounzip" option support in xen_module command
This patch adds "--nounzip" option support in order to
be compatible with the module command of multiboot on other architecture,
by this way we can simplify grub-mkconfig support code.

This patch also allow us to use zip compressed module(like Linux kernel
for Dom0).

Signed-off-by: Fu Wei <fu.wei@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 11:32:45 -04:00
Julien Grall
bf4d71848f arm64/xen_boot: Fix Xen boot using GRUB2 on AARCH64
Xen is currently crashing because of malformed compatible property for
the boot module. This is because the property string is not
null-terminated as requested by the ePAR spec.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Tested-by: Fu Wei <fu.wei@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 11:32:45 -04:00
Eric Snowberg
53d00ac6ef sparc64: Close cdboot ihandle
The ihandle is left open with a cd-core image.  This will cause a delay
booting grub from a virtual cdrom in a LDOM.  It will also cause problems
as Linux boots, since it expects the ihandle to be closed during init.

Orabug: 25911275

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
6ff34a6a81 at_keyboard: Fix falco chromebook case.
EC is slow, so we need few delays for it to toggle the bits correctly.

Command to enable clock and keyboard were not sent.
2020-09-21 11:32:45 -04:00
Julius Werner
4ffbbeca95 coreboot: Changed cbmemc to support updated console format from coreboot. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
4ff15188e3 Missing parts of previous commit 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
366dee1f7f arm_coreboot: Add Chromebook keyboard driver. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
aad5863e98 rk3288_spi: Add SPI driver 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
eaa55f4a23 fdtbus: Add ability to send/receive messages on parent busses. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
212c93aa36 Fix bug on FDT nodes with compatible property 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
25a88d14dd arm_coreboot: Support EHCI. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
56c0a46068 ehci: Split core code from PCI part.
On ARM often EHCI is present without PCI and just declared in device
tree. So splitcore from PCI part.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
d4529d5d02 arm_coreboot: Support DMA.
This is needed to support USB and some other busses.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
5e1a343a37 arm_coreboot: Support loading linux images. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
f66206989f arm_coreboot: Support keyboard for vexpress. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
7948b1a398 at_keyboard: Split protocol from controller code.
On vexpress controller is different but protocol is the same, so reuse the
code.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
ed5c6e9385 arm-coreboot: Export FDT routines.
We need to use them from modules as well.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
7b6c1ca1ac arm-coreboot: Support for vexpress timer. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
1895c3806b Add support for device-tree-based drivers. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
aa7585d04b arm-coreboot: Start new port. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
2f061fac71 Rename uboot/datetime to dummy/datetime.
It's just a stub and is not UBoot-specific.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
ff7416a848 Rename uboot/halt.c to dummy/halt.c.
It's not U-Boot specific and it's a stub.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
9ec5094213 coreboot: Split parts that are platform-independent.
We currently assume that coreboot is always i386, it's no longer the case,
so split i386-coreboot parts from generic coreboot code.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
25cd7a7df9 Refactor arm-uboot code to make it genereic.
arm-coreboot startup code can be very similar to arm-uboot but current code has
U-Boot specific references. So split U-Boot part from generic part.
2020-09-21 11:32:45 -04:00
Paulo Flabiano Smorigo
5696d56d33 Add Virtual LAN support.
This patch adds support for virtual LAN (VLAN) tagging. VLAN tagging allows
multiple VLANs in a bridged network to share the same physical network link
but maintain isolation:

http://en.wikipedia.org/wiki/IEEE_802.1Q

* grub-core/net/ethernet.c: Add check, get, and set vlan tag id.
* grub-core/net/drivers/ieee1275/ofnet.c: Get vlan tag id from bootargs.
* grub-core/net/arp.c: Add check.
* grub-core/net/ip.c: Likewise.
* include/grub/net/arp.h: Add vlantag attribute.
* include/grub/net/ip.h: Likewise.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
99ab28563b strtoull: Fix behaviour on chars between '9' and 'a'.
Reported by: Aaron Miller <aaronmiller@fb.com>
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
61f4f2d4ef Add strtoull test. 2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
a567ab3d9e Fix shebang for termux.
Termux doesn't have a /bin/sh. So we needto use $SHELL.
Keep /bin/sh as much as possible.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
01415074da Use $(SHELL) rather than /bin/sh.
/bin/sh doesn't exist under termux.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
4152833f0c Support lseek64.
Android doesn't have 64-bit off_t, so use off64_t instead.
2020-09-21 11:32:45 -04:00
Vladimir Serbinenko
d3bccdbd12 Bump version to 2.03 2020-09-21 11:19:14 -04:00
H.J. Lu
1c4dc293df x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32
Starting from binutils commit bd7ab16b4537788ad53521c45469a1bdae84ad4a:

https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bd7ab16b4537788ad53521c45469a1bdae84ad4a

x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for
32-bit PC-relative branches.  Grub2 should treat R_X86_64_PLT32 as
R_X86_64_PC32.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 842c390469)
2019-10-24 16:59:37 +02:00
Michael Chang
721b4677ab Fix packed-not-aligned error on GCC 8
When building with GCC 8, there are several errors regarding packed-not-aligned.

./include/grub/gpt_partition.h:79:1: error: alignment 1 of ‘struct grub_gpt_partentry’ is less than 8 [-Werror=packed-not-aligned]

This patch fixes the build error by cleaning up the ambiguity of placing
aligned structure in a packed one. In "struct grub_btrfs_time" and "struct
grub_gpt_part_type", the aligned attribute seems to be superfluous, and also
has to be packed, to ensure the structure is bit-to-bit mapped to the format
laid on disk. I think we could blame to copy and paste error here for the
mistake. In "struct efi_variable", we have to use grub_efi_packed_guid_t, as
the name suggests. :)

Signed-off-by: Michael Chang <mchang@suse.com>
Tested-by: Michael Chang <mchang@suse.com>
Tested-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
(cherry picked from commit 563b1da6e6)
2019-10-24 16:59:37 +02:00
Luca Bruno
750c71975e loader/i386: fix out of bound memory copy on non-UEFI linux
Ref: https://bugzilla.opensuse.org/show_bug.cgi?id=1029187
Ref: https://build.opensuse.org/package/rdiff/openSUSE:Factory/grub2?linkrev=base&rev=159
2019-10-24 16:59:37 +02:00
David Michael
d3fd939f18
Merge pull request #48 from arm64b/build-issue-fixing
TPM: build issue fixing
2017-11-08 21:59:01 -05:00
Dennis Chen
63818e7800 Remove the deprecated 'Event' struct
'Event' struct will be not used any more, instead we use the
'TCG_PCR_EVENT', so this patch remove the older 'Event' data struct.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-11-08 09:45:39 +00:00
Dennis Chen
7cf67f22fd Fix the build issue in TPM module
The original code use deprecated 'Event' data structure with the wrong
member variable names, which result in the build error. This patch
fix it by using 'TCG_PCR_EVENT'.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-11-08 09:28:49 +00:00
1337ninja
1624d0ffc6 Fix use after free 2017-07-09 18:38:15 +05:30
David Michael
f89e1cf69a Merge branch 'gnu' into sync 2017-04-27 12:05:22 -07:00
Vladimir Serbinenko
e54c99aaff Increase version to 2.02. 2017-04-25 16:23:16 +02:00
Vladimir Serbinenko
d454509bb8 Fix remaining cases of gcc 7 fallthrough warning.
They are all intended, so just add the relevant comment.
2017-04-12 01:42:38 +00:00
Andrei Borzenkov
007f0b407f Add gnulib-fix-gcc7-fallthrough.diff
As long as the code is not upstream, add it as explicit patch for the
case of gnulib refresh.
2017-04-04 19:37:47 +03:00
Andrei Borzenkov
4bd4a88725 i386, x86_64, ppc: fix switch fallthrough cases with GCC7
In util/getroot and efidisk slightly modify exitsing comment to mostly
retain it but still make GCC7 compliant with respect to fall through
annotation.

In grub-core/lib/xzembed/xz_dec_lzma2.c it adds same comments as
upstream.

In grub-core/tests/setjmp_tets.c declare functions as "noreturn" to
suppress GCC7 warning.

In grub-core/gnulib/regexec.c use new __attribute__, because existing
annotation is not recognized by GCC7 parser (which requires that comment
immediately precedes case statement).

Otherwise add FALLTHROUGH comment.

Closes: 50598
2017-04-04 19:23:55 +03:00
Andrei Borzenkov
6cef7f6079 btrfs: avoid "used uninitialized" error with GCC7
sblock was local and so considered new variable on every loop
iteration.

Closes: 50597
2017-04-04 19:22:32 +03:00
Andrei Borzenkov
ec4af117c6 acpi: add missing efi_call wrapper to acpi command
Fixed loading of ACPI tables on EFI (side effect was apparent memory
corruption ranging from unpredictable behavior to system reset).

Reported by Nando Eva <nando4eva@ymail.com>
2017-04-02 14:47:20 +03:00
Vladimir Serbinenko
8014b7b337 Increment version to GRUB 2.02~rc2. 2017-03-15 09:20:29 +01:00
Andrei Borzenkov
c42cb97f08 efi: skip iPXE block device.
iPXE adds Simple File System Protocol to loaded image handle, as side
effect it also adds Block IO protocol (according to comments, to work
around some bugs in EDK2). GRUB assumes that every device with Block IO
is disk and skips network initialization entirely. But iPXE Block IO
implementation is just a stub which always fails for every operation
so cannot be used. Attempt to detect and skip such devices.

We are using media ID which iPXE sets to "iPXE" and block IO size in
hope that no real device would announce 1B block ...

Closes: 50518
2017-03-14 04:14:36 +00:00
phcoder
bcf3c55531 xen: Fix wrong register in relocator.
This fixes chainloading of some GRUB variants.
2017-03-05 10:07:36 +01:00
Vladimir Serbinenko
fb93c75bdd video_fb: Fix blue collor if using unoptimized blitter.
when unmapping the color what matters is the mode of source, not target.
2017-02-27 01:58:50 +00:00
Vladimir Serbinenko
641bb15fa4 legacy_initrd: Strip any additional arguments to initrd. 2017-02-27 00:43:54 +00:00
Andrei Borzenkov
892dfbe113 efi: strip off final NULL from File Path in grub_efi_get_filename
UEFI 2.6 9.3.6.4 File Path Media Device Path says that Path Name is
"A NULL-terminated Path string including directory and file names".

Strip final NULL from Path Name in each File Path node when constructing
full path. To be on safe side, strip all of them.

Fixes failure chainloading grub from grub, when loaded grub truncates
image path and does not find its grub.cfg.

https://bugzilla.opensuse.org/show_bug.cgi?id=1026344

This was triggered by commit ce95549cc54b5d6f494608a7c390dba3aab4fba7;
before it we built Path Name without trailing NULL, and apparently all
other bootloaders use single File Path node, thus not exposing this bug.
2017-02-25 08:39:38 +03:00
Andrei Borzenkov
951306c509 squash4: fix handling of fragments and sparse files
1. Do not assume block list and fragment are mutually exclusive. Squash
can pack file tail as fragment (unless -no-fragments is specified); so
check read offset and read either from block list or from fragments as
appropriate.

2. Support sparse files with zero blocks.

3. Fix fragment read - frag.offset is absolute fragment position,
not offset relative to ino.chunk.

Reported and tested by Carlo Caione <carlo@endlessm.com>
2017-02-24 19:10:43 +03:00
Andrei Borzenkov
2fb8cd26a9 script: fix double free in lexer
yylex_destroy() already frees scanner.

Found by: Coverity scan.
CID: 176636
2017-02-12 09:23:34 +03:00
Vladimir Serbinenko
529818738f xen: Fix parsing of XZ kernel.
In case of xz, the uncompressed size is appended to xz data which confuses
our xz decompressor. Trim it.
2017-02-07 13:25:38 +01:00
Vladimir Serbinenko
8a96fc4093 xen: Fix handling of GRUB chainloading.
In case of GRUB we put remapper after domain pages and not at 0x0.
In this case we use max_addr to put remapper. Unfortunately we increment
max_addr as well in this case resulting in virt mapping mapping page
at old max_addr and trying to boot using new max_addr.

Closes 46014.
2017-02-07 00:42:43 +01:00
Vladimir Serbinenko
ec4aca088a Fix truncated checksum.h. 2017-02-03 20:17:48 +01:00
Vladimir Serbinenko
fcb1528d93 Regenerate checksums.h
Screenshots contain version, so we need new checksums.
2017-02-03 13:44:56 +01:00
Vladimir Serbinenko
c96cfac167 Fix mingw compilation. 2017-02-03 13:01:34 +01:00
Daniel Kiper
4e5414b2a1 i386/relocator: Align stack in grub_relocator64_efi relocator
Unified Extensible Firmware Interface Specification, Version 2.6,
section 2.3.4, x64 Platforms, boot services, says among others:
The stack must be 16-byte aligned. So, do it. Otherwise OS may
boot only by chance as it happens right now.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-02-02 22:24:47 +01:00
Vladimir Serbinenko
42e24b6006 Fix thumb compilation with clang.
According to EABI only STT_FUNC has convention of lowest bit indicating
execution mode. R_THM_{JUMP,CALL}* relocations are assumed to be pointing
to thumb mode unless they use STT_FUNC.
2017-02-02 00:59:49 +01:00
Vladimir Serbinenko
08438d783f Add missing strtoull_test.c
It was forgotten in my local directory.
2017-02-01 21:50:17 +01:00
Vladimir Serbinenko
34fe0b5901 arm64: Add support for GOT and PCREL32 relocations. 2017-02-01 21:46:19 +01:00
Vladimir Serbinenko
ea20dd2b22 ia64: Fix iterator for relocation entries.
Don't assume relocation entry size and use sh_entsize properly.
2017-02-01 20:10:26 +01:00
Vladimir Serbinenko
3d173955f0 arm: Fix trampoline generation.
We used the wrong pointer in this case. It worked only by accident.
2017-02-01 15:58:36 +01:00
Vladimir Serbinenko
0704e83a1b Regenerate checksum.h.
Screenshots checked.
Using unifont from http://ftp.us.debian.org/debian/pool/main/u/unifont/xfonts-unifont_7.0.06-1_all.deb.
2017-01-31 22:36:11 +01:00
Vladimir Serbinenko
0fd9fa565b charset: Trim away RLM and LRM.
They are not visible but would otherwise end up as [LRM] or [RLM] squares
with some fonts.
2017-01-31 19:29:31 +01:00
Vladimir Serbinenko
6f5aa28bc2 gfxterm: Fix clearing of cursor.
If ascent is bigger than height - 2, then we draw over character box but then
to clear cursor we only draw over character box. So trim ascent if necessarry.
2017-01-31 18:49:37 +01:00
Vladimir Serbinenko
a134ef1ab9 ia64: Add support for R_IA64_GPREL64I.
Recent GCC generates those relocations, so we need to support them.
2017-01-31 12:39:01 +01:00
Vladimir Serbinenko
6371e9c104 grub-module-verifier: Ignore all_video emptiness on xen.
It's intentional that it's empty when no video modules
are available.
2017-01-30 00:13:41 +00:00
Carlo Caione
a0413e2677 exfat: Support files over 4GiB
file size in grub_fat_data was 32-bit on exfat.
2017-01-27 22:10:21 +00:00
Vladimir Serbinenko
43dbf83aa2 Ensure that grub_reboot doesn't return on emu.
Use grub_fatal if longjmp fails.

grub_reboot is marked as noreturn so return would cause
a crash.
2017-01-27 20:10:23 +00:00
Geoff Levand
dc2eaa5855 loader: Add arm64 verity
Signed-off-by: Geoff Levand <geoff@infradead.org>
2017-01-25 14:54:46 -08:00
Geoff Levand
57fca7d1a3 loader: Move verity-hash.h to include
Signed-off-by: Geoff Levand <geoff@infradead.org>
2017-01-25 14:54:46 -08:00
Andrei Borzenkov
a2932fbe8a osdep/linux: handle autofs entries in /proc/self/mountinfo
These entries have placeholder for device name and so are useless for our
purpose. grub failed with something like

grub-install: error: failed to get canonical path of `systemd-1'.

When we see autofs entry, record it (to keep parent-child relationship) but
continue to look for real mount. If it is found, we process it as usual. If
only autofs entry exists, attempt to trigger mount by opening mount point
and retry. Mount point itself is then kept open to avoid timeout.

Recent systemd is by default using automount for /boot/efi so this should
become more popular problem on EFI systems.

Closes: 49942
2017-01-24 20:05:19 +03:00
David Michael
e576eb0cbc Merge remote-tracking branch 'upstream/master' 2017-01-23 14:02:45 -08:00
Andrei Borzenkov
972765fe82 linux: fix "vga=XX deprecated" warning for text mode
Arguments were in reverse order which resulted in

text is deprecated. Use set gfxpayload=vga=0 before linux command instead.
2017-01-08 15:52:49 +03:00
Michael Chang
562c406763 Fix fwpath in efi netboot
The path returned by grub_efi_net_config has already been stripped for the
directory part extracted from cached bootp packet. We should just return the
result to avoild it be stripped again.

It fixed the problem that grub.efi as NBP image always looking for grub.cfg and
platform directory in upper folder rather than current one it gets loaded while
$prefix is empty. The behavior is inconsistent with other architecture and how
we would expect empty $prefix going to be in general.

The only exception to the general rule of empty $prefix is that when loaded
from platform directory itself, the platform part is stripped thus upper folder
is used for looking up files. It meets the case for how grub-mknetdir lay out
the files under tftp root directory, but also hide away this issue to be
identified as it appears to be just works.

Also fix possible memory leak by moving grub_efi_get_filename() call after
grub_efi_net_config().
2016-12-22 22:37:32 +03:00
Andrei Borzenkov
ce95549cc5 efi: properly terminate filepath with NULL in chainloader
EFI File Path Media Device Path is defined as NULL terminated string;
but chainloader built file paths without final NULL. This caused error
with Secure Boot and Linux Foundation PreLoader on Acer with InsydeH20 BIOS.
Apparently firmware failed verification with EFI_INVALID_PARAMETER which is
considered fatal error by PreLoader.

Reported and tested by Giovanni Santini <itachi.sama.amaterasu@gmail.com>
2016-12-15 16:07:00 +03:00
Stanislav Kholmanskikh
130234bc78 ofnet: implement the receive buffer
get_card_packet() from ofnet.c allocates a netbuff based on the device's MTU:

 nb = grub_netbuff_alloc (dev->mtu + 64 + 2);

In the case when the MTU is large, and the received packet is
relatively small, this leads to allocation of significantly more memory,
than it's required. An example could be transmission of TFTP packets
with 0x400 blksize via a network card with 0x10000 MTU.

This patch implements a per-card receive buffer in a way similar to efinet.c,
and makes get_card_packet() allocate a netbuff of the received data size.

Signed-off-by: Stanislav Kholmanskikh <stanislav.kholmanskikh@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-12-14 14:13:34 +01:00
Stanislav Kholmanskikh
7b4c54c4ad ofnet: move the allocation of the transmit buffer into a function
In the current code search_net_devices() uses the "alloc-mem" command
from the IEEE1275 User Interface for allocation of the transmit buffer
for the case when GRUB_IEEE1275_FLAG_VIRT_TO_REAL_BROKEN is set.

I don't have hardware where this flag is set to verify if this
workaround is still needed. However, further changes to ofnet will
require to execute this workaround one more time. Therefore, to
avoid possible duplication of code I'm moving this piece of
code into a function.

Signed-off-by: Stanislav Kholmanskikh <stanislav.kholmanskikh@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-12-14 14:13:34 +01:00
Alexander Graf
0d2345774d efi: Move fdt helper into own file
We only support FDT files with EFI on arm and arm64 systems, not
on x86. So move the helper that finds a prepopulated FDT UUID
into its own file and only build it for architectures where it
also gets called.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-11-24 10:09:24 +01:00
Andrei Borzenkov
f8c3af3b61 bootp: export next server IP as environment variable
Network boot autoconfiguration sets default server to next server IP
(siaddr) from BOOTP/DHCP reply, but manual configuration using net_bootp
exports only server name. Unfortunately semantic of server name is not
clearly defined. BOOTP RFC 951 defines it only for client request, and
DHCP RFC 1541 only mentions it, without any implied usage. It looks like
this field is mostly empty in server replies.

Export next server IP as net_<interface>_next_server variable. This allows
grub configuration script to set $root/$prefix based on information obtained
by net_bootp.

Reported and tested by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Cc: nikunj@linux.vnet.ibm.com

v2: change variable name to net_<interface>_next_server as discussed on the list
2016-11-22 20:43:04 +03:00
Alexander Graf
fbca374105 arm64: Move firmware fdt search into global function
Searching for a device tree that EFI passes to us via configuration tables
is nothing architecture specific. Move it into generic code.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-11-10 13:20:56 +01:00
Corey Hickey
5f311e86d2 fix detection of non-LUKS CRYPT
grub_util_get_dm_abstraction() does a string comparison of insufficient
length. When using a UUID such as "CRYPT-PLAIN-sda6_crypt", the function
returns GRUB_DEV_ABSTRACTION_LUKS.

This results in the error:
    ./grub-probe: error: disk `cryptouuid/sda6_crypt' not found.

This appears to be a copy/paste error introduced in:
a10e7a5a89

The bug was (apparently) latent until revealed by:
3bca85b418

Signed-off-by: Corey Hickey <bugfood-c@fatooh.org>
2016-11-05 15:28:50 +03:00
Juergen Gross
0de3eeb623 xen: add capability to load p2m list outside of kernel mapping
Modern pvops linux kernels support a p2m list not covered by the
kernel mapping. This capability is flagged by an elf-note specifying
the virtual address the kernel is expecting the p2m list to be mapped
to.

In case the elf-note is set by the kernel don't place the p2m list
into the kernel mapping, but map it to the given address. This will
allow to support domains with larger memory, as the kernel mapping is
limited to 2GB and a domain with huge memory in the TB range will have
a p2m list larger than this.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
b67a95ecad xen: modify page table construction
Modify the page table construction to allow multiple virtual regions
to be mapped. This is done as preparation for removing the p2m list
from the initial kernel mapping in order to support huge pv domains.

This allows a cleaner approach for mapping the relocator page by
using this capability.

The interface to the assembler level of the relocator has to be changed
in order to be able to process multiple page table areas.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
5500cefccd xen: add capability to load initrd outside of initial mapping
Modern pvops linux kernels support an initrd not covered by the initial
mapping. This capability is flagged by an elf-note.

In case the elf-note is set by the kernel don't place the initrd into
the initial mapping. This will allow to load larger initrds and/or
support domains with larger memory, as the initial mapping is limited
to 2GB and it is containing the p2m list.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
d73976fdff xen: factor out allocation of page tables into separate function
Do the allocation of page tables in a separate function. This will
allow to do the allocation at different times of the boot preparations
depending on the features the kernel is supporting.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
1fbb2b4b39 xen: factor out allocation of special pages into separate function
Do the allocation of special pages (start info, console and xenbus
ring buffers) in a separate function. This will allow to do the
allocation at different times of the boot preparations depending on
the features the kernel is supporting.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
c221ea06b5 xen: factor out p2m list allocation into separate function
Do the p2m list allocation of the to be loaded kernel in a separate
function. This will allow doing the p2m list allocation at different
times of the boot preparations depending on the features the kernel
is supporting.

While at this remove superfluous setting of first_p2m_pfn and
nr_p2m_frames as those are needed only in case of the p2m list not
being mapped by the initial kernel mapping.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:22:06 +02:00
Juergen Gross
7e5fcb0b34 xen: add elfnote.h to avoid using numbers instead of constants
Various features and parameters of a pv-kernel are specified via
elf notes in the kernel image. Those notes are part of the interface
between the Xen hypervisor and the kernel.

Instead of using num,bers in the code when interpreting the elf notes
make use of the header supplied by Xen for that purpose.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:21:25 +02:00
Juergen Gross
6ae55ce103 xen: reduce number of global variables in xen loader
The loader for xen paravirtualized environment is using lots of global
variables. Reduce the number by making them either local or by putting
them into a single state structure.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:17:15 +02:00
Juergen Gross
c69d1858f1 xen: avoid memleaks on error
When loading a Xen pv-kernel avoid memory leaks in case of errors.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:17:15 +02:00
Juergen Gross
4231927e44 xen: make xen loader callable multiple times
The loader for xen paravirtualized environment isn't callable multiple
times as it won't free any memory in case of failure.

Call grub_relocator_unload() as other modules do it before allocating
a new relocator or when unloading the module.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2016-10-27 16:16:54 +02:00
Daniel Kiper
a620876e3b multiboot2: Add support for relocatable images
Currently multiboot2 protocol loads image exactly at address specified in
ELF or multiboot2 header. This solution works quite well on legacy BIOS
platforms. It is possible because memory regions are placed at predictable
addresses (though I was not able to find any spec which says that it is
strong requirement, so, it looks that it is just a goodwill of hardware
designers). However, EFI platforms are more volatile. Even if required
memory regions live at specific addresses then they are sometimes simply
not free (e.g. used by boot/runtime services on Dell PowerEdge R820 and
OVMF). This means that you are not able to just set up final image
destination on build time. You have to provide method to relocate image
contents to real load address which is usually different than load address
specified in ELF and multiboot2 headers.

This patch provides all needed machinery to do self relocation in image code.
First of all GRUB2 reads min_addr (min. load addr), max_addr (max. load addr),
align (required image alignment), preference (it says which memory regions are
preferred by image, e.g. none, low, high) from multiboot_header_tag_relocatable
header tag contained in binary (at this stage load addresses from multiboot2
and/or ELF headers are ignored). Later loader tries to fulfill request (not only
that one) and if it succeeds then it informs image about real load address via
multiboot_tag_load_base_addr tag. At this stage GRUB2 role is finished. Starting
from now executable must cope with relocations itself using whole static and
dynamic knowledge provided by boot loader.

This patch does not provide functionality which could do relocations using
ELF relocation data. However, I was asked by Konrad Rzeszutek Wilk and Vladimir
'phcoder' Serbinenko to investigate that thing. It looks that relevant machinery
could be added to existing code (including this patch) without huge effort.
Additionally, ELF relocation could live in parallel with self relocation provided
by this patch. However, during research I realized that first of all we should
establish the details how ELF relocatable image should look like and how it should
be build. At least to build proper test/example files.

So, this patch just provides support for self relocatable images. If ELF file
with relocs is loaded then GRUB2 complains loudly and ignores it. Support for
such files will be added later.

This patch was tested with Xen image which uses that functionality. However, this Xen
feature is still under development and new patchset will be released in about 2-3 weeks.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
2016-10-27 15:55:16 +02:00
Daniel Kiper
f2b6c20a25 multiboot2: Do not pass memory maps to image if EFI boot services are enabled
If image requested EFI boot services then skip multiboot2 memory maps.
Main reason for not providing maps is because they will likely be
invalid. We do a few allocations after filling them, e.g. for relocator
needs. Usually we do not care as we would have finished boot services.
If we keep boot services then it is easier/safer to not provide maps.
However, if image needs memory maps and they are not provided by bootloader
then it should get itself just before ExitBootServices() call.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
2016-10-27 15:55:00 +02:00
Daniel Kiper
ba89c19f49 multiboot2: Add tags used to pass ImageHandle to loaded image
Add tags used to pass ImageHandle to loaded image if requested.
It is used by at least ExitBootServices() function.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
2016-10-27 15:54:46 +02:00
Daniel Kiper
9862b24121 i386/relocator: Add grub_relocator64_efi relocator
Add grub_relocator64_efi relocator. It will be used on EFI 64-bit platforms
when multiboot2 compatible image requests MULTIBOOT_TAG_TYPE_EFI_BS. Relocator
will set lower parts of %rax and %rbx accordingly to multiboot2 specification.
On the other hand processor mode, just before jumping into loaded image, will
be set accordingly to Unified Extensible Firmware Interface Specification,
Version 2.4 Errata B, section 2.3.4, x64 Platforms, boot services. This way
loaded image will be able to use EFI boot services without any issues.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
2016-10-27 15:53:43 +02:00
Michael Marineau
bcd7fb9fd2 loader: add support for passing verity hash to xen kernels
This only supports DomU Linux bzImage, ignoring bare ELF images and
Dom0 Xen+Linux but those cases are not applicable to us on CoreOS.
2016-10-19 15:18:06 -07:00
Michael Marineau
dab6a0f0c3 loader: validate cmdline string length before appending verity arg 2016-10-19 14:12:55 -07:00
Sakar Arora
e563928ba4 net/ip: Fix limit_time calculation in freeing old fragments
limit_time underflows when current time is less than 90000ms.
This causes packet fragments received during this time, i.e.,
till 90000ms pass since timer init, to be rejected.

Hence, set it to 0 if its less than 90000.

Signed-off-by: Sakar Arora <Sakar.Arora@nxp.com>
2016-10-18 20:26:42 +03:00
Matthew Garrett
bf25cda14e Make TPM errors less fatal
Handle TPM errors, and stop trying to use the TPM once we hit one.
2016-10-13 14:01:52 -07:00
Michael Marineau
44f54cbf43 gpt: write backup GPT first, skip if inaccessible.
Writing the primary GPT before the backup may lead to a confusing
situation: booting a freshly updated system could consistently fail and
next boot will fall back to the old system if writing the primary works
but writing the backup fails. If the backup is written first and fails
the primary is left in the old state so the next boot will re-try and
possibly fail in the exact same way. Making that repeatable should make
it easier for users to identify the error.

Additionally if the firmware and OS disagree on the disk size, making
the backup inaccessible to GRUB, then just skip writing the backup.
When this happens the automatic call to `coreos-setgoodroot` after boot
will take care of repairing the backup.
2016-09-23 12:25:53 -07:00
Michael Marineau
e4d25afd18 gpt: prefer disk size from header over firmware
The firmware and the OS may disagree on the disk configuration and size.
Although such a setup should be avoided users are unlikely to know about
the problem, assuming everything behaves like the OS. Tolerate this as
best we can and trust the reported on-disk location over the firmware
when looking for the backup GPT. If the location is inaccessible report
the error as best we can and move on.
2016-09-23 12:25:53 -07:00
Michael Marineau
8f7045ee19 gpt: rename and update documentation for grub_gpt_update
The function now does more than just recompute checksums so give it a
more general name to reflect that.
2016-09-22 11:58:44 -07:00
Michael Marineau
7cd866bd2d gpt: report all revalidation errors
Before returning an error that the primary or backup GPT is invalid push
the existing error onto the stack so the user will be told what is bad.
2016-09-22 11:57:29 -07:00
Michael Marineau
5342b880f4 gpt: read entries table at the same time as the header
I personally think this reads easier. Also has the side effect of
directly comparing the primary and backup tables instead of presuming
they are equal if the crc32 matches.
2016-09-21 16:34:36 -07:00
Michael Marineau
f24685b22e gpt: include backup-in-sync check in revalidation 2016-09-21 16:34:36 -07:00
Michael Marineau
d2f9096444 gpt: always revalidate when recomputing checksums
This ensures all code modifying GPT data include the same sanity check
that repair does. If revalidation fails the status flags are left in the
appropriate state.
2016-09-21 16:34:36 -07:00