Commit graph

3920 commits

Author SHA1 Message Date
Alexander Graf
861212333e RISC-V: Add auxiliary files
To support a new architecture we need to provide a few helper functions
for memory, cache, timer, etc support.

This patch adds the remainders of those. Some bits are still disabled,
as I couldn't guarantee that we're always running on models / in modes
where the respective hardware is available.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 14:01:59 +01:00
Alexander Graf
e0d32cca1d RISC-V: Add awareness for RISC-V reloations
This patch adds awareness of RISC-V relocations throughout the grub tools
as well as dynamic linkage and elf->PE relocation conversion support.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 11:34:09 +01:00
Alexander Graf
222a34304c RISC-V: Add Linux load logic
We currently only support to run grub on RISC-V as UEFI payload. Ideally,
we also only want to support running Linux underneath as UEFI payload.

Prepare that with some Linux boot stub code. Once the arm64 target is
generalized, we can hook into that one and gain boot functionality.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 11:33:06 +01:00
Alexander Graf
4bcb1ac4f7 RISC-V: Add early startup code
On entry, we need to save the system table pointer as well as our image
handle. Add an early startup file that saves them and then brings us
into our main function.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 11:28:44 +01:00
Alexander Graf
ff6871831d RISC-V: Add setjmp implementation
This patch adds a 32/64 capable setjmp implementation for RISC-V.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 11:28:44 +01:00
Alexander Graf
e4b84a0d7c efi: Rename armxx to arch
Some architectures want to boot Linux as plain UEFI binary. Today that
really only encompasses ARM and AArch64, but going forward more
architectures may adopt that model.

So rename our internal API accordingly.

Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 11:28:44 +01:00
Guillaume GARDET
748e544fd0 arm: Move initrd upper to leave more space for kernel
This patch allows to have bigger kernels. If the kernel grows, then it will
overwrite the initrd when it is extracted.

Signed-off-by: Guillaume GARDET <guillaume.gardet@arm.com>
Acked-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-06 11:34:07 +01:00
Leif Lindholm
a0e4ee533d linux, efi, arm*, fdt: Break FDT extra allocation space out into a #define
A certain amount of dynamic space is required for the handover from
GRUB/Linux-EFI-stub. This entails things like initrd addresses,
address-cells entries and associated strings.

But move this into a proper centralised #define rather than live-code
it in the loader.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-23 10:16:32 +01:00
Cristian Ciocaltea
088f7f56e5 uboot: Add the missing disk write operation support
uboot_disk_write() is currently lacking the write support
to storage devices because, historically, those devices did not
implement block_write() in U-Boot.

The solution has been tested using a patched U-Boot loading
and booting GRUB in a QEMU vexpress-a9 environment.
The disk write operations were triggered with GRUB's save_env
command.

Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-22 15:23:51 +01:00
Max Tottenham
f8d1ad2678 tpm: Fix bug in GRUB2 TPM module
The value of tpm_handle changes between successive calls to grub_tpm_handle_find(),
as instead of simply copying the stored pointer we end up taking the address of
said pointer when using the cached value of grub_tpm_handle.

This causes grub_efi_open_protocol() to return a nullptr in grub_tpm2_execute()
and grub_tpm2_log_event(). Said nullptr goes unchecked and
efi_call_5(tpm->hash_log_extend_event,...) ends up jumping to 0x0, Qemu crashes
once video ROM is reached at 0xb0000.

This patch seems to do the trick of fixing that bug, but we should also ensure
that all calls to grub_efi_open_protocol() are checked so that we don't start
executing low memory.

Signed-off-by: Max Tottenham <mtottenh@akamai.com>
Reviewed-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-21 11:22:36 +01:00
Colin Watson
ed087f0460 pgp: Fix emu build and tests after pgp module renaming
Commit b07feb8746 (verifiers: Rename
verify module to pgp module) renamed the "verify" module to "pgp", but
the GRUB_MOD_INIT and GRUB_MOD_FINI macros were left as "verify", which
broke the emu target build; and file_filter_test still referred to the
now non-existent "verify" module. Fix both of these.

Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-14 13:05:18 +01:00
Heinrich Schuchardt
ad0ea7c444 grub-core/loader/efi/fdt.c: Do not copy random memory
We should not try to copy any memory area which is outside of the original
fdt. If this extra memory is controlled by a hypervisor this might end
with a crash.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-14 11:53:52 +01:00
Matthew Garrett
d6ca0a90ca verifiers: Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI. In future we might
want to have some sort of mechanism for choosing which events get logged
to which PCRs, but this seems like a good default policy and we can wait
to see whether anyone  has a use case before adding more complexity.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-12-12 14:51:26 +01:00
Matthew Garrett
d3a5e812c5 verifiers: Verify commands executed by grub
Pass all commands executed by GRUB to the verifiers layer. Most verifiers will
ignore this, but some (such as the TPM verifier) want to be able to measure and
log each command executed in order to ensure that the boot state is as expected.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-12-12 13:17:52 +01:00
Juergen Gross
9c062ad42c xen_pvh: Add build runes for grub-core
Add the modifications to the build system needed to build a xen_pvh
grub.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
1d2473a024 xen: Init memory regions for PVH
Add all usable memory regions to grub memory management and add the
needed mmap iterate code, which will be used by grub core (e.g.
grub-core/lib/relocator.c or grub-core/mmap/mmap.c).

As we are running in 32-bit mode don't add memory above 4GB.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
4c9b4a7c92 xen: Setup Xen specific data for PVH
Initialize the needed Xen specific data. This is:

- the Xen start of day page containing the console and Xenstore ring
  page PFN and event channel
- the grant table
- the shared info page

Write back the possibly modified memory map to the hypervisor in case
the guest is reading it from there again.

Set the RSDP address for the guest from the start_info page passed
as boot parameter.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
2b7a21afd3 xen: Get memory map from hypervisor for PVH
Retrieve the memory map from the hypervisor and normalize it to contain
no overlapping entries and to be sorted by address.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
da81e42a7c xen: Setup hypercall page for PVH
Add the needed code to setup the hypercall page for calling into the
Xen hypervisor.

Import the XEN_HVM_DEBUGCONS_IOPORT define from Xen unstable into
include/xen/arch-x86/xen.h

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
1a4d83af2f xen: Add PVH boot entry code
Add the code for the Xen PVH mode boot entry.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
0b3e4eb2d2 xen: Add basic hooks for PVH in current code
Add the hooks to current code needed for Xen PVH. They will be filled
with code later when the related functionality is being added.

loader/i386/linux.c needs to include machine/kernel.h now as it needs
to get GRUB_KERNEL_USE_RSDP_ADDR from there. This in turn requires to
add an empty kernel.h header for some i386 platforms (efi, coreboot,
ieee1275, xen) and for x86_64 efi.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
3b8d09c774 xen: Modify grub_xen_ptr2mfn() for Xen PVH
grub_xen_ptr2mfn() returns the machine frame number for a given pointer
value. For Xen-PVH guests this is just the PFN. Add the PVH specific
variant.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
bec9edf53f xen: Rearrange xen/init.c to prepare it for Xen PVH mode
Rearrange grub-core/kern/xen/init.c to prepare adding PVH mode support
to it. This includes putting some code under #ifdef GRUB_MACHINE_XEN
as it will not be used when running as PVH.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
fc9d47ead5 xen: Prepare common code for Xen PVH support
Some common code needs to be special cased for Xen PVH mode. This hits
mostly Xen PV mode specific areas.

Split include/grub/i386/pc/int_types.h off from
include/grub/i386/pc/int.h to support including this file later from
xen_pvh code without the grub_bios_interrupt definition.

Move definition of struct grub_e820_mmap_entry from
grub-core/mmap/i386/pc/mmap.c to include/grub/i386/memory.h in order
to make it usable from xen_pvh code.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
c84927272c xen: Carve out grant tab initialization into dedicated function
Initialize the grant tab in a dedicated function. This will enable
using it for PVH guests, too.

Call the new function from grub_machine_init() as this will later
be common between Xen PV and Xen PVH mode.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Juergen Gross
d170be42f1 loader/linux: Support passing RSDP address via boot params
Xen PVH guests will have the RSDP at an arbitrary address. Support that
by passing the RSDP address via the boot parameters to Linux.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Hans van Kranenburg <hans@knorrie.org>
2018-12-12 12:03:27 +01:00
Daniel Kiper
95db97d041 verifiers: ARM Xen fallout cleanup
ARM Xen fallout cleanup after commit ca0a4f689 (verifiers: File type for
fine-grained signature-verification controlling).

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-12-07 11:59:23 +01:00
Daniel Kiper
e5b846333f verifiers: Xen fallout cleanup
Xen fallout cleanup after commit ca0a4f689 (verifiers: File type for
fine-grained signature-verification controlling).

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-12-07 11:59:23 +01:00
Eric Snowberg
29157553b7 ofnet: Fix build regression in grub_ieee1275_parse_bootpath()
The grub_ieee1275_parse_bootpath() function (commit a661a32, ofnet: Initialize
structs in bootpath parser) introduces a build regression on SPARC:

cc1: warnings being treated as errors
net/drivers/ieee1275/ofnet.c: In function 'grub_ieee1275_parse_bootpath':
net/drivers/ieee1275/ofnet.c:156: error: missing initializer
net/drivers/ieee1275/ofnet.c:156: error: (near initialization for 'client_addr.type')
net/drivers/ieee1275/ofnet.c:156: error: missing initializer
net/drivers/ieee1275/ofnet.c:156: error: (near initialization for 'gateway_addr.type')
net/drivers/ieee1275/ofnet.c:156: error: missing initializer
net/drivers/ieee1275/ofnet.c:156: error: (near initialization for 'subnet_mask.type')
net/drivers/ieee1275/ofnet.c:157: error: missing initializer
net/drivers/ieee1275/ofnet.c:157: error: (near initialization for 'hw_addr.type')
make[3]: *** [net/drivers/ieee1275/ofnet_module-ofnet.o] Error 1

Initialize the entire structure.

More info can be found here:
  http://lists.gnu.org/archive/html/grub-devel/2018-03/msg00034.html

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-28 13:48:45 +01:00
Nick Terrell
3861286486 btrfs: Add zstd support to grub btrfs
- Adds zstd support to the btrfs module.
- Adds a test case for btrfs zstd support.
- Changes top_srcdir to srcdir in the btrfs module's lzo include
  following comments from Daniel Kiper about the zstd include.

Tested on Ubuntu-18.04 with a btrfs /boot partition with and without zstd
compression. A test case was also added to the test suite that fails before
the patch, and passes after.

Signed-off-by: Nick Terrell <terrelln@fb.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-26 23:10:11 +01:00
Nick Terrell
461f1d8af1 zstd: Import upstream zstd-1.3.6
- Import zstd-1.3.6 from upstream
- Add zstd's module.c file
- Add the zstd module to Makefile.core.def

Import zstd-1.3.6 from upstream [1]. Only the files need for decompression
are imported. I used the latest zstd release, which includes patches [2] to
build cleanly in GRUB.

I included the script used to import zstd-1.3.6 below at the bottom of the
commit message.

Upstream zstd commit hash: 4fa456d7f12f8b27bd3b2f5dfd4f46898cb31c24
Upstream zstd commit name: Merge pull request #1354 from facebook/dev

Zstd requires some posix headers, which it gets from posix_wrap.
This can be checked by inspecting the .Po files generated by automake,
which contain the header dependencies. After building run the command
`cat grub-core/lib/zstd/.deps-core/*.Po` to see the dependencies [3].
The only OS dependencies are:

- stddef.h, which is already a dependency in posix_wrap, and used for size_t
  by lzo and xz.
- stdarg.h, which comes from the grub/misc.h header, and we don't use in zstd.

All the types like uint64_t are typedefed to grub_uint64_t under the hood.
The only exception is size_t, which comes from stddef.h. This is already the
case for lzo and xz. I don't think there are any cross-compilation concerns,
because cross-compilers provide their own system headers (and it would already
be broken).

[1] https://github.com/facebook/zstd/releases/tag/v1.3.6
[2] https://github.com/facebook/zstd/pull/1344
[3] https://gist.github.com/terrelln/7a16b92f5a1b3aecf980f944b4a966c4

```

curl -L -O https://github.com/facebook/zstd/releases/download/v1.3.6/zstd-1.3.6.tar.gz
curl -L -O https://github.com/facebook/zstd/releases/download/v1.3.6/zstd-1.3.6.tar.gz.sha256
sha256sum --check zstd-1.3.6.tar.gz.sha256
tar xzf zstd-1.3.6.tar.gz

SRC_LIB="zstd-1.3.6/lib"
DST_LIB="grub-core/lib/zstd"
rm -rf $DST_LIB
mkdir -p $DST_LIB
cp $SRC_LIB/zstd.h $DST_LIB/
cp $SRC_LIB/common/*.[hc] $DST_LIB/
cp $SRC_LIB/decompress/*.[hc] $DST_LIB/
rm $DST_LIB/{pool.[hc],threading.[hc]}
rm -rf zstd-1.3.6*
echo SUCCESS!
```

Signed-off-by: Nick Terrell <terrelln@fb.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-26 23:09:45 +01:00
Michael Chang
e8b37e2c8d verifiers: fix double close on pgp's sig file descriptor
An error emerged as when I was testing the verifiers branch, so instead
of putting it in pgp prefix, the verifiers is used to reflect what the
patch is based on.

While running verify_detached, grub aborts with error.

verify_detached /@/.snapshots/1/snapshot/boot/grub/grub.cfg
/@/.snapshots/1/snapshot/boot/grub/grub.cfg.sig

alloc magic is broken at 0x7beea660: 0
Aborted. Press any key to exit.

The error is caused by sig file descriptor been closed twice, first time
in grub_verify_signature() to which it is passed as parameter. Second in
grub_cmd_verify_signature() or in whichever opens the sig file
descriptor. The second close is not consider as bug to me either, as in
common rule of what opens a file has to close it to avoid file
descriptor leakage.

After all the design of grub_verify_signature() makes it difficult to keep
a good trace on opened file descriptor from it's caller. Let's refine
the application interface to accept file path rather than descriptor, in
this way the caller doesn't have to care about closing the descriptor by
delegating it to grub_verify_signature() with full tracing to opened
file descriptor by itself.

Also making it clear that sig descriptor is not referenced in error
returning path of grub_verify_signature_init(), so it can be closed
directly by it's caller. This also makes delegating it to
grub_pubkey_close() infeasible to help in relieving file descriptor
leakage as it has to depend on uncertainty of ctxt fields in error
returning path.

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-21 14:46:53 +01:00
Lee Jones
5c6f9bc156 generic/blocklist: Fix implicit declaration of function grub_file_filter_disable_compression()
grub_file_filter_disable_compression() no longer exists.

Signed-off-by: Lee Jones <lee.jones@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-21 14:45:33 +01:00
Lee Jones
25e35377a8 arm64/xen: Fix too few arguments to function grub_create_loader_cmdline()
Without this fix, building xen_boot.c omits:

loader/arm64/xen_boot.c: In function ‘xen_boot_binary_load’:
loader/arm64/xen_boot.c:370:7: error: too few arguments to function ‘grub_create_loader_cmdline’
       grub_create_loader_cmdline (argc - 1, argv + 1, binary->cmdline,
       ^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from loader/arm64/xen_boot.c:36:0:
../include/grub/lib/cmdline.h:29:12: note: declared here
 grub_err_t grub_create_loader_cmdline (int argc, char *argv[], char *buf,

Signed-off-by: Lee Jones <lee.jones@linaro.org>
Reviewed-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-21 14:44:50 +01:00
Leif Lindholm
58bfe43581 arm-uboot, ia64, sparc64: Fix up grub_file_open() calls
The verifiers framework changed the grub_file_open() interface, breaking all
non-x86 linux loaders. Add file types to the grub_file_open() calls to make
them build again.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-16 14:42:51 +01:00
Leif Lindholm
9d0559c647 arm64/efi: Fix breakage caused by verifiers
- add variable "err" (used but not defined),
  - add GRUB_FILE_TYPE_LINUX_KERNEL to grub_file_open() call.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-16 14:42:51 +01:00
Leif Lindholm
dfb1742aab grub-core/loader/efi/fdt.c: Fixup grub_file_open() call
The verifiers framework changed the API of grub_file_open(), but did not
fix up all users. Add the file type GRUB_FILE_TYPE_DEVICE_TREE_IMAGE
to the "devicetree" command handler call.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-16 14:42:50 +01:00
Paul Menzel
b71ac53751 unix/platform: Initialize variable to fix grub-install on UEFI system
On a UEFI system, were no boot entry *grub* is present, currently,
`grub-install` fails with an error.

    $ efibootmgr
    BootCurrent: 0000
    Timeout: 0 seconds
    BootOrder: 0001,0006,0003,0004,0005
    Boot0001  Diskette Drive
    Boot0003* USB Storage Device
    Boot0004* CD/DVD/CD-RW Drive
    Boot0005  Onboard NIC
    Boot0006* WDC WD2500AAKX-75U6AA0
    $ sudo grub-install /dev/sda
    Installing for x86_64-efi platform.
    grub-install: error: efibootmgr failed to register the boot entry: Unknown error 22020.

The error code is always different, and the error message (incorrectly)
points to efibootmgr.

But, the error is in GRUB’s function
`grub_install_remove_efi_entries_by_distributor()`, where the variable
`rc` for the return value, is uninitialized and never set, when no boot
entry for the distributor is found.

The content of that uninitialized variable is then returned as the error
code of efibootmgr.

Set the variable to 0, so that success is returned, when no entry needs
to be deleted.

Tested on Dell OptiPlex 7010 with firmware A28.

    $ sudo ./grub-install /dev/sda
    Installing for x86_64-efi platform.
    Installation finished. No error reported.

[1]: https://github.com/rhboot/efibootmgr/issues/100

Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-09 13:34:16 +01:00
Daniel Kiper
878398c1a3 efi: Add EFI shim lock verifier
This module provides shim lock verification for various kernels
if UEFI secure boot is enabled on a machine.

It is recommended to put this module into GRUB2 standalone image
(avoid putting iorw and memrw modules into it; they are disallowed
if UEFI secure boot is enabled). However, it is also possible to use
it as a normal module. Though such configurations are more fragile
and less secure due to various limitations.

If the module is loaded and UEFI secure boot is enabled then:
  - module itself cannot be unloaded (persistent module),
  - the iorw and memrw modules cannot be loaded,
  - if the iorw and memrw modules are loaded then
    machine boot is disabled,
  - GRUB2 defers modules and ACPI tables verification to
    other verifiers.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Daniel Kiper
ee7808e219 dl: Add support for persistent modules
This type of modules cannot be unloaded. This is useful if a given
functionality, e.g. UEFI secure boot shim signature verification, should
not be disabled if it was enabled at some point in time. Somebody may
say that we can use standalone GRUB2 here. That is true. However, the
code is not so big nor complicated hence it make sense to support
modularized configs too.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Daniel Kiper
b07feb8746 verifiers: Rename verify module to pgp module
Just for clarity. No functional change.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Daniel Kiper
5b8d535395 verifiers: Add possibility to defer verification to other verifiers
This way if a verifier requires verification of a given file it can defer task
to another verifier (another authority) if it is not able to do it itself. E.g.
shim_lock verifier, posted as a subsequent patch, is able to verify only PE
files. This means that it is not able to verify any of GRUB2 modules which have
to be trusted on UEFI systems with secure boot enabled. So, it can defer
verification to other verifier, e.g. PGP one.

I silently assume that other verifiers are trusted and will do good job for us.
Or at least they will not do any harm.

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Vladimir Serbinenko
4d4a8c96e3 verifiers: Add possibility to verify kernel and modules command lines
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Vladimir Serbinenko
75a919e334 verifiers: Framework core
Verifiers framework provides core file verification functionality which
can be used by various security mechanisms, e.g., UEFI secure boot, TPM,
PGP signature verification, etc.

The patch contains PGP code changes and probably they should be extracted
to separate patch for the sake of clarity.

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Vladimir Serbinenko
ca0a4f689a verifiers: File type for fine-grained signature-verification controlling
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.

This is preparatory patch.

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Daniel Kiper
f3f8347569 bufio: Use grub_size_t instead of plain int for size
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Goffredo Baroncelli
72e80c0255 btrfs: Add RAID 6 recovery for a btrfs filesystem
Add the RAID 6 recovery, in order to use a RAID 6 filesystem even if some
disks (up to two) are missing. This code use the md RAID 6 code already
present in grub.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 12:45:39 +01:00
Goffredo Baroncelli
fa926cb4b4 btrfs: Make more generic the code for RAID 6 rebuilding
The original code which handles the recovery of a RAID 6 disks array
assumes that all reads are multiple of 1 << GRUB_DISK_SECTOR_BITS and it
assumes that all the I/O is done via the struct grub_diskfilter_segment.
This is not true for the btrfs code. In order to reuse the native
grub_raid6_recover() code, it is modified to not call
grub_diskfilter_read_node() directly, but to call an handler passed
as an argument.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 12:07:29 +01:00
Goffredo Baroncelli
94854d9c3d btrfs: Add support for recovery for a RAID 5 btrfs profiles
Add support for recovery for a RAID 5 btrfs profile. In addition
it is added some code as preparatory work for RAID 6 recovery code.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 12:01:47 +01:00
Goffredo Baroncelli
c743736048 btrfs: Refactor the code that read from disk
Move the code in charge to read the data from disk into a separate
function. This helps to separate the error handling logic (which
depends on the different raid profiles) from the read from disk
logic. Refactoring this code increases the general readability too.

This is a preparatory patch, to help the adding of the RAID 5/6 recovery code.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:53:03 +01:00
Goffredo Baroncelli
c6f79aca80 btrfs: Move logging code in grub_btrfs_read_logical()
A portion of the logging code is moved outside of internal for(;;). The part
that is left inside is the one which depends on the internal for(;;) index.

This is a preparatory patch. The next one will refactor the code inside
the for(;;) into an another function.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:47:26 +01:00
Goffredo Baroncelli
fd5a1d82f1 btrfs: Avoid a rescan for a device which was already not found
Currently read from missing device triggers rescan. However, it is never
recorded that the device is missing. So, each read of a missing device
triggers rescan again and again. This behavior causes a lot of unneeded
rescans leading to huge slowdowns.

This patch fixes above mentioned issue. Information about missing devices
is stored in the data->devices_attached[] array as NULL value in dev
member. Rescan is triggered only if no information is found for a given
device. This means that only first time read triggers rescan.

The patch drops premature return. This way data->devices_attached[] is
filled even when a given device is missing.

Signed-off-by: Goffredo Baroncelli <kreikack@inwind.it>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:44:55 +01:00
Goffredo Baroncelli
908cdb1d02 btrfs: Move the error logging from find_device() to its caller
The caller knows better if this error is fatal or not, i.e. another disk is
available or not.

This is a preparatory patch.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:43:41 +01:00
Goffredo Baroncelli
846f7a8310 btrfs: Add helper to check the btrfs header
This helper is used in a few places to help the debugging. As
conservative approach the error is only logged.
This does not impact the error handling.

Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:42:44 +01:00
Goffredo Baroncelli
81e2673fb6 btrfs: Add support for reading a filesystem with a RAID 5 or RAID 6 profile
Signed-off-by: Goffredo Baroncelli <kreijack@inwind.it>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-10-31 11:39:32 +01:00
Michael Chang
8ada906031 msdos: Fix overflow in converting partition start and length into 512B blocks
When booting from NVME SSD with 4k sector size, it fails with the message.

error: attempt to read or write outside of partition.

This patch fixes the problem by fixing overflow in converting partition start
and length into 512B blocks.

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-27 14:56:45 +02:00
Mihai Moldovan
5b9308aff0 osdep/linux: Convert partition start to disk sector length
When reading data off a disk, sector values are based on the disk sector
length.

Within grub_util_fd_open_device(), the start of the partition was taken
directly from grub's partition information structure, which uses the
internal sector length (currently 512b), but never transformed to the
disk's sector length.

Subsequent calculations were all wrong for devices that have a diverging
sector length and the functions eventually skipped to the wrong stream
location, reading invalid data.

Signed-off-by: Mihai Moldovan <ionic@ionic.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-27 14:53:32 +02:00
Julian Andres Klode
a661a321c3 ofnet: Initialize structs in bootpath parser
Code later on checks if variables inside the struct are
0 to see if they have been set, like if there were addresses
in the bootpath.

The variables were not initialized however, so the check
might succeed with uninitialized data, and a new interface
with random addresses and the same name is added. This causes
$net_default_mac to point to the random one, so, for example,
using that variable to load per-mac config files fails.

Bug-Ubuntu: https://bugs.launchpad.net/bugs/1785859

Signed-off-by: Julian Andres Klode <julian.klode@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-13 11:03:05 +02:00
Cao jin
d2374cfb71 relocator16: Comments update
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-13 10:58:32 +02:00
Paul Menzel
d62cafcf35 ahci: Increase time-out from 10 s to 32 s
This is a cryptographically signed message in MIME format.

Date: Thu, 9 Aug 2018 07:27:35 +0200

Currently, the GRUB payload for coreboot does not detect the Western
Digital hard disk WDC WD20EARS-60M AB51 connected to the ASRock E350M1,
as that takes over ten seconds to spin up.

```
disk/ahci.c:533: port 0, err: 0
disk/ahci.c:539: port 0, err: 0
disk/ahci.c:543: port 0, err: 0
disk/ahci.c:549: port 0, offset: 120, tfd:80, CMD: 6016
disk/ahci.c:552: port 0, err: 0
disk/ahci.c:563: port 0, offset: 120, tfd:80, CMD: 6016
disk/ahci.c:566: port: 0, err: 0
disk/ahci.c:593: port 0 is busy
disk/ahci.c:621: cleaning up failed devs
```

GRUB detects the drive, when either unloading the module *ahci*, and
then loading it again, or when doing a warm reset.

As the ten second time-out is too short, increase it to 32 seconds,
used by SeaBIOS. which detects the drive successfully.

The AHCI driver in libpayload uses 30 seconds, and that time-out was
added in commit 354066e1 (libpayload: ahci: Increase timeout for
signature reading) with the description below.

> We can't read the drives signature before it's ready, i.e. spun up.
> So set the timeout to the standard 30s. Also put a notice on the
> console, so the user knows why the signature reading failed.

Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-13 10:54:54 +02:00
Cao jin
5d7d13ce44 linux16: Code cleanup
1. move relocator related code more close to each other
2. use variable "len" since it has correct assignment, and keep coding
style with upper code

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-13 10:51:34 +02:00
Leif Lindholm
9bfba354bb loader/multiboot_mbi2: Use central copy of grub_efi_find_mmap_size()
Delete local copy of function to determine required buffer size for the
UEFI memory map, use helper in kern/efi/mm.c.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-12 12:59:23 +02:00
Leif Lindholm
9415914e0f loader/ia64/linux: Use central copy of grub_efi_find_mmap_size()
Delete local copy of function to determine required buffer size for the
UEFI memory map, use helper in kern/efi/mm.c.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-12 12:59:15 +02:00
Leif Lindholm
ad2bebc6fc loader/i386/linux: Use central copy of grub_efi_find_mmap_size()
Delete local copy of function to determine required buffer size for the
UEFI memory map, use helper in kern/efi/mm.c.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-12 12:58:31 +02:00
Leif Lindholm
c79ebcd18c i386: Don't include lib/i386/reset.c in EFI builds
Commit 0ba90a7f01 ("efi: Move grub_reboot() into kernel") broke
the build on i386-efi - genmoddep.awk bails out with message
  grub_reboot in reboot is duplicated in kernel
This is because both lib/i386/reset.c and kern/efi/efi.c now provide
this function.

Rather than explicitly list each i386 platform variant in
Makefile.core.def, include the contents of lib/i386/reset.c only when
GRUB_MACHINE_EFI is not set.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
a2f26adfef efi: Restrict arm/arm64 linux loader initrd placement
The 32-bit arm Linux kernel is built as a zImage, which self-decompresses
down to near start of RAM. In order for an initrd/initramfs to be
accessible, it needs to be placed within the first ~768MB of RAM.
The initrd loader built into the kernel EFI stub restricts this down to
512MB for simplicity - so enable the same restriction in grub.

For arm64, the requirement is within a 1GB aligned 32GB window also
covering the (runtime) kernel image. Since the EFI stub loader itself
will attempt to relocate to near start of RAM, force initrd to be loaded
completely within the first 32GB of RAM.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
77808dd66b arm: Delete unused efi support from loader/arm
The 32-bit arm efi port now shares the 64-bit linux loader, so delete
the now unused bits from the 32-bit linux loader.

This in turn leaves the grub-core/kern/arm/efi/misc.c unused, so
delete that too.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
d0c070179d arm/efi: Switch to arm64 linux loader
The arm64 and arm linux kernel EFI-stub support presents pretty much
identical interfaces, so the same linux loader source can be used for
both architectures.

Switch 32-bit ARM UEFI platforms over to the existing EFI-stub aware
loader initially developed for arm64.

This *WILL* stop non-efistub Linux kernels from booting on arm-efi.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
d24dd12086 arm64/linux/loader: Rename functions and macros and move to common headers
In preparation for using the linux loader for 32-bit and 64-bit platforms,
rename grub_arm64*/GRUB_ARM64* to grub_armxx*/GRUB_ARMXX*.

Move prototypes for now-common functions to efi/efi.h.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
bad144c60f efi: Add grub_efi_get_ram_base() function for arm64
Since ARM platforms do not have a common memory map, add a helper
function that finds the lowest address region with the EFI_MEMORY_WB
attribute set in the UEFI memory map.

Required for the arm64 efi linux loader to restrict the initrd
location to where it will be accessible by the kernel at runtime.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Leif Lindholm
8ec18d1a4c efi: Add central copy of grub_efi_find_mmap_size
There are several implementations of this function in the tree.
Add a central version in grub-core/efi/mm.c.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:11 +02:00
Arindam Nath
886edba877 i386/linux: Add support for ext_lfb_base
The EFI Graphics Output Protocol can return a 64-bit
linear frame buffer address in some firmware/BIOS
implementations. We currently only store the lower
32-bits in the lfb_base. This will eventually be
passed to Linux kernel and the efifb driver will
incorrectly interpret the framebuffer address as
32-bit address.

The Linux kernel has already added support to handle
64-bit linear framebuffer address in the efifb driver
since quite some time now.

This patch adds the support for 64-bit linear frame
buffer address in GRUB to address the above mentioned
scenario.

Signed-off-by: Arindam Nath <arindam.nath@amd.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-25 14:18:05 +02:00
Leif Lindholm
9b37229f01 commands/file: Use definitions from arm64/linux.h
Clean up code for matching IS_ARM64 slightly by making use of struct
linux_arm64_kernel_header and GRUB_LINUX_ARM64_MAGIC_SIGNATURE.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-11 12:02:18 +02:00
Leif Lindholm
40dc61ed75 commands/file: Use definitions from arm/linux.h
Clean up code for matching IS_ARM slightly by making use of struct
linux_arm_kernel_header and GRUB_LINUX_ARM_MAGIC_SIGNATURE.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-11 11:57:11 +02:00
Hans de Goede
edece25a77 efi/console: Fix the "enter" key not working on x86 tablets
Most 8" or 7" x86 Windows 10 tablets come with volume up/down buttons and
a power-button. In their UEFI these are almost always mapped to arrow
up/down and enter.

Pressing the volume buttons (sometimes by accident) will stop the
menu countdown, but the power-button / "enter" key was not being recognized
as enter, so the user would be stuck at the grub menu.

The problem is that these tablets send scan_code 13 or 0x0d for the
power-button, which officialy maps to the F3 key. They also set
unicode_char to 0x0d.

This commit recognizes the special case of both scan_code and unicode_char
being set to 0x0d and treats this as an enter key press.

This fixes things getting stuck at the grub-menu and allows the user
to choice a grub-menu entry using the buttons on the tablet.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-11 11:53:28 +02:00
Denis 'GNUtoo' Carikli
ec2de93f8d multiboot_elfxx.c: Fix compilation by fixing undeclared variable
Without that fix we have:
  In file included from ../../include/grub/command.h:25:0,
                   from ../../grub-core/loader/multiboot.c:30:
  ../../grub-core/loader/multiboot_elfxx.c: In function 'grub_multiboot_load_elf64':
  ../../grub-core/loader/multiboot_elfxx.c:130:28: error: 'relocatable' undeclared (first use in this function)
     "load_base_addr=0x%x\n", relocatable,

This happens due to mistake in the commit 14ec665
(mbi: Use per segment a separate relocator chunk).

So, let's fix it.

Signed-off-by: Ignat Korchagin <ignat@cloudflare.com>
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-07-02 14:16:14 +02:00
Leif Lindholm
347210a5d5 efi/fdt: Set address/size cells to 2 for empty tree
When booting an arm* system on UEFI with an empty device tree (currently
only when hardware description comes from ACPI), we don't currently set
default to 1 cell (32 bits).

Set both of these properties, to 2 cells (64 bits), to resolve issues
with kexec on some platforms.

This change corresponds with linux kernel commit ae8a442dfdc4
("efi/libstub/arm*: Set default address and size cells values for an empty dtb")
and ensures booting through grub does not behave differently from booting
the stub loader directly.

See also https://patchwork.kernel.org/patch/9561201/

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-06-23 21:43:00 +02:00
Leif Lindholm
e93fd6b776 fdt: Move prop_entry_size to fdt.h
To be able to resuse the prop_entry_size macro, move it to
<grub/fdt.h> and rename it grub_fdt_prop_entry_size.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-06-23 21:40:55 +02:00
Alexander Boettcher
14ec665c3f mbi: Use per segment a separate relocator chunk
Instead of setting up a all comprising relocator chunk for all segments,
use per segment a separate relocator chunk.

Currently, if the ELF is non-relocatable, a single relocator chunk will
comprise memory (between the segments) which gets overridden by the relst()
invocation of the movers code in grub_relocator16/32/64_boot().

The overridden memory may contain reserved ranges like VGA memory or ACPI
tables, which may lead to crashes or at least to strange boot behaviour.

Signed-off-by: Alexander Boettcher <alexander.boettcher@genode-labs.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-06-23 21:36:02 +02:00
Daniel Kiper
cda0a857dd xfs: Accept filesystem with sparse inodes
The sparse inode metadata format became a mkfs.xfs default in
xfsprogs-4.16.0, and such filesystems are now rejected by grub as
containing an incompatible feature.

In essence, this feature allows xfs to allocate inodes into fragmented
freespace.  (Without this feature, if xfs could not allocate contiguous
space for 64 new inodes, inode creation would fail.)

In practice, the disk format change is restricted to the inode btree,
which as far as I can tell is not used by grub.  If all you're doing
today is parsing a directory, reading an inode number, and converting
that inode number to a disk location, then ignoring this feature
should be fine, so I've added it to XFS_SB_FEAT_INCOMPAT_SUPPORTED

I did some brief testing of this patch by hacking up the regression
tests to completely fragment freespace on the test xfs filesystem, and
then write a large-ish number of inodes to consume any existing
contiguous 64-inode chunk.  This way any files the grub tests add and
traverse would be in such a fragmented inode allocation.  Tests passed,
but I'm not sure how to cleanly integrate that into the test harness.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Chris Murphy <lists@colorremedies.com>
2018-05-29 16:16:02 +02:00
Oleg Solovyov
6d28b3bd26 grub-probe: Don't skip /dev/mapper/dm-* devices
This patch ensures that grub-probe will find the root device placed in
/dev/mapper/dm-[0-9]+-.* e.g. device named /dev/mapper/dm-0-luks will be
found and grub.cfg will be updated properly, enabling the system to boot.

Signed-off-by: Oleg Solovyov <mcpain@altlinux.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-05-29 15:55:27 +02:00
Michael Chang
b66e364f13 bufio: Round up block size to power of 2
Rounding up the bufio->block_size to meet power of 2 to facilitate next_buf
calculation in grub_bufio_read().

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-05-08 12:28:18 +02:00
Nicholas Vinson
a16f4a822f disk: Update grub_gpt_partentry
Rename grub_gpt_part_type to grub_gpt_part_guid and update grub_gpt_partentry
to use this type for both the partition type GUID string and the partition GUID
string entries.  This change ensures that the two GUID fields are handled more
consistently and helps to simplify the changes needed to add Linux partition
GUID support.

Signed-off-by: Nicholas Vinson <nvinson234@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-04-23 13:21:45 +02:00
Cao jin
9dcac673ed diskboot: Trivial correction on stale comments
diskboot.img now is loaded at 0x8000 and is jumped to with 0:0x8000.

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-04-23 13:04:58 +02:00
Jaegeuk Kim
71f9e4ac44 fs: Add F2FS support
"F2FS (Flash-Friendly File System) is flash-friendly file system which was merged
into Linux kernel v3.8 in 2013.

The motive for F2FS was to build a file system that from the start, takes into
account the characteristics of NAND flash memory-based storage devices (such as
solid-state disks, eMMC, and SD cards).

F2FS was designed on a basis of a log-structured file system approach, which
remedies some known issues of the older log structured file systems, such as
the snowball effect of wandering trees and high cleaning overhead. In addition,
since a NAND-based storage device shows different characteristics according to
its internal geometry or flash memory management scheme (such as the Flash
Translation Layer or FTL), it supports various parameters not only for
configuring on-disk layout, but also for selecting allocation and cleaning
algorithm.", quote by https://en.wikipedia.org/wiki/F2FS.

The source codes for F2FS are available from:

http://git.kernel.org/cgit/linux/kernel/git/jaegeuk/f2fs.git
http://git.kernel.org/cgit/linux/kernel/git/jaegeuk/f2fs-tools.git

This patch has been integrated in OpenMandriva Lx 3.
  https://www.openmandriva.org/

Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Pete Batard <pete@akeo.ie>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-04-10 19:05:04 +02:00
Michael Chang
563b1da6e6 Fix packed-not-aligned error on GCC 8
When building with GCC 8, there are several errors regarding packed-not-aligned.

./include/grub/gpt_partition.h:79:1: error: alignment 1 of ‘struct grub_gpt_partentry’ is less than 8 [-Werror=packed-not-aligned]

This patch fixes the build error by cleaning up the ambiguity of placing
aligned structure in a packed one. In "struct grub_btrfs_time" and "struct
grub_gpt_part_type", the aligned attribute seems to be superfluous, and also
has to be packed, to ensure the structure is bit-to-bit mapped to the format
laid on disk. I think we could blame to copy and paste error here for the
mistake. In "struct efi_variable", we have to use grub_efi_packed_guid_t, as
the name suggests. :)

Signed-off-by: Michael Chang <mchang@suse.com>
Tested-by: Michael Chang <mchang@suse.com>
Tested-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-04-04 21:51:42 +02:00
mike.travis@hpe.com
a537d65018 efi/uga: Fix PCIe LER when GRUB2 accesses non-enabled MMIO data from VGA
A GPU inserted into a PCIe I/O slot disappears during system startup.
The problem centers around GRUB and a specific VGA init function in
efi_uga.c. This causes an LER (Link Error Recorvery) because the MMIO
memory has not been enabled before attempting access.

The fix is to add the same coding used in other VGA drivers, specifically
to add a check to insure that it is indeed a VGA controller. And then
enable the MMIO address space with the specific bits.

Signed-off-by: Mike Travis <mike.travis@hpe.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-04-04 21:48:52 +02:00
Eric Snowberg
5ceb55b7a0 ieee1275: NULL pointer dereference in grub_machine_get_bootlocation()
Read from NULL pointer canon in function grub_machine_get_bootlocation().
Function grub_ieee1275_canonicalise_devname() may return NULL.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-26 15:03:36 +02:00
Eric Snowberg
e2faabacff ieee1275: split up grub_machine_get_bootlocation
Split up some of the functionality in grub_machine_get_bootlocation into
grub_ieee1275_get_boot_dev.  This will allow for code reuse in a follow on
patch.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-14 13:24:40 +01:00
C. Masloch
c225298038 chainloader: patch in BPB's sectors_per_track and num_heads
These fields must reflect the ROM-BIOS's geometry for CHS-based
loaders to correctly load their next stage. Most loaders do not
query the ROM-BIOS (Int13.08), relying on the BPB fields to hold
the correct values already.

Tested with lDebug booted in qemu via grub2's
FreeDOS direct loading support, refer to
https://bitbucket.org/ecm/ldosboot + https://bitbucket.org/ecm/ldebug
(For this test, lDebug's iniload.asm must be assembled with
-D_QUERY_GEOMETRY=0 to leave the BPB values provided by grub.)

Signed-off-by: C. Masloch <pushbx@38.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-14 13:23:27 +01:00
Eric Snowberg
599efeb622 sparc64: #blocks64 disk node method
Return the 64bit number of blocks of storage associated with the device or
instance. Where a "block" is a unit of storage consisting of the number of
bytes returned by the package's "block-size" method. If the size cannot be
determined, or if the number of blocks exceeds the range return -1.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:26:36 +01:00
Eric Snowberg
ab4c93cb4b sparc64: #blocks disk node method
Return the number of blocks of storage associated with the device or
instance. Where a "block" is a unit of storage consisting of the number
of bytes returned by the package's "block-size" method. If the size cannot
be determined, the #blocks method returns the maximum unsigned integer
(which, because of Open Firmware's assumption of two's complement arithmetic,
is equivalent to the signed number -1). If the number of blocks exceeds
the range of an unsigned number, return 0 to alert the caller to try
the #blocks64 command.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:12:35 +01:00
Eric Snowberg
ad6d8f5063 ieee1275: block-size deblocker support method
IEEE Std 1275-1994 Standard for Boot (Initialization Configuration)
Firmware: Core Requirements and Practices

3.8.3 deblocker support package

Any package that uses the "deblocker" support package must define
the following method, which the deblocker uses as a low-level
interface to the device

block-size ( -- block-len ) Return "granularity" for accesses to this
device.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:12:35 +01:00
Daniel Kiper
c422bb6019 ieee1275: no-data-command bus specific method
IEEE 1275-1994 Standard for Boot (Initialization Configuration)
Firmware: Core Requirements and Practices

E.3.2.2 Bus-specific methods for bus nodes

A package implementing the scsi-2 device type shall implement the
following bus-specific method:

no-data-command ( cmd-addr -- error? )
Executes a simple SCSI command, automatically retrying under
certain conditions.  cmd-addr is the address of a 6-byte command buffer
containing an SCSI command that does not have a data transfer phase.
Executes the command, retrying indefinitely with the same retry criteria
as retry-command.

error? is nonzero if an error occurred, zero otherwise.
NOTE no-data-command is a convenience function. It provides
no capabilities that are not present in retry-command, but for
those commands that meet its restrictions, it is easier to use.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:11:18 +01:00
Eric Snowberg
f02037afe3 ieee1275: set-address bus specific method
IEEE 1275-1994 Standard for Boot (Initialization Configuration)
Firmware: Core Requirements and Practices
E.3.2.2 Bus-specific methods for bus nodes

A package implementing the scsi-2 device type shall implement the
following bus-specific method:

 set-address ( unit# target# -- )
   Sets the SCSI target number (0x0..0xf) and unit number (0..7) to which
   subsequent commands apply.

This function is for devices with #address-cells == 2

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:08:19 +01:00
Eric Snowberg
820c64e4c0 ieee1275: encode-unit command for 4 addr cell devs
Convert physical address to text unit-string.

Convert phys.lo ... phys-high, the numerical representation, to unit-string,
the text string representation of a physical address within the address
space defined by this device node. The number of cells in the list
phys.lo ... phys.hi is determined by the value of the #address-cells property
of this node.

This function is for devices with #address-cells == 4

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:00:12 +01:00
Eric Snowberg
6003eb2fea ieee1275: decode-unit command for 4 addr cell devs
decode-unit ( addr len -- phys.lo ... phys.hi )

Convert text unit-string to physical address.

Convert unit-string, the text string representation, to phys.lo ... phys.hi,
the numerical representation of a physical address within the address space
defined by this device node. The number of cells in the list
phys.lo ... phys.hi is determined by the value of the #address-cells
property of this node.

This function is for devices with #address-cells == 4

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 15:00:09 +01:00
Eric Snowberg
f35826423e sparc64: Limit nvme of_path_of_nvme to just SPARC
Limit NVMe of_path_of_nvme to just SPARC hardware for now.  It has been
found that non-Open Firmware hardware platforms can some how access
this function.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 14:38:07 +01:00
John Paul Adrian Glaubitz
25b2b22d54 ieee1275: Fix crash in of_path_of_nvme when of_path is empty
The of_path_of_nvme function (commit 2391d57, ieee1275: add nvme
support within ofpath) introduced a functional regression:

On systems which are not based on Open Firmware but have at
least one NVME device, find_obppath will return NULL and thus
trying to append the disk name to of_path will result in a
crash.

The proper behavior of of_path_of_nvme is, however, to just
return NULL in such cases, like other users of find_obppath,
such as of_path_of_scsi.

Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Reviewed-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 14:36:28 +01:00
Peter Jones
413f1e13e6 .mod files: Strip annobin annotations and .eh_frame, and their relocations
This way debuginfo built from the .module will still include this
information, but the final result won't have the data we don't actually
need in the modules, either on-disk, loaded at runtime, or in prebuilt
images.

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 14:08:22 +01:00
Joakim Bech
72b425b640 ieee1275: fix build regression in of_path_of_nvme
The of_path_of_nvme function (commit 2391d57, ieee1275: add nvme
support within ofpath) introduced a build regression:
    grub-core/osdep/linux/ofpath.c:365:21: error: comparison between pointer
    and zero character constant [-Werror=pointer-compare]
       if ((digit_string != '\0') && (*part_end == 'p'))

Update digit_string to compare against the char instead of the pointer.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-26 10:37:36 +01:00
Leif Lindholm
cda0332986 arm: switch linux loader to linux_arm_kernel_header struct
Use kernel header struct and magic definition to align (and coexist) with
i386/arm64 ports.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
7fd9722d0c arm64: align linux kernel magic macro naming with i386
Change GRUB_ARM64_LINUX_MAGIC to GRUB_LINUX_ARM64_MAGIC_SIGNATURE.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
ff1cf2548a arm64: align linux kernel header struct naming with i386
Rename struct grub_arm64_linux_kernel_header -> linux_arm64_kernel_header.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
7d36709d5e i386: make struct linux_kernel_header architecture specific
struct linux_kernel_header -> struct linux_i386_kernel_header

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
3245f02d9d make GRUB_LINUX_MAGIC_SIGNATURE architecture-specific
Rename GRUB_LINUX_MAGIC_SIGNATURE GRUB_LINUX_I386_MAGIC_SIGNATURE,
to be usable in code that supports more than one image type.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
083c6e2455 arm64/efi: move EFI_PAGE definitions to efi/memory.h
The EFI page definitions and macros are generic and should not be confined
to arm64 headers - so move to efi/memory.h.
Also add EFI_PAGE_SIZE macro.

Update loader sources to reflect new header location.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Colin Watson
e5ba6b2618 libgcrypt: Import replacement CRC operations
The CRC implementation imported from libgcrypt 1.5.3 is arguably
non-free, due to being encumbered by the restrictive Internet Society
licence on RFCs (see e.g. https://wiki.debian.org/NonFreeIETFDocuments).
Fortunately, libgcrypt has since replaced it with a version that is both
reportedly better-optimised and doesn't suffer from this encumbrance.

The ideal solution would be to update to a new version of libgcrypt, and
I spent some time trying to do that.  However, util/import_gcry.py
requires complex modifications to cope with the new version, and I
stalled part-way through; furthermore, GRUB's libgcrypt tree already
contains some backports of upstream changes.  Rather than allowing the
perfect to be the enemy of the good, I think it's best to backport this
single change to at least sort out the licensing situation.  Doing so
won't make things any harder for a future wholesale upgrade.

This commit is mostly a straightforward backport of
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=06e122baa3321483a47bbf82fd2a4540becfa0c9,
but I also imported bufhelp.h from libgcrypt 1.7.0 (newer versions
required further changes elsewhere).

I've tested that "hashsum -h crc32" still produces correct output for a
variety of files on both i386-pc and x86_64-emu targets.

Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:37:36 +01:00
Eric Snowberg
2391d57909 ieee1275: add nvme support within ofpath
Add NVMe support within ofpath.

The Open Firmware text representation for a NVMe device contains the
Namespace ID. An invalid namespace ID is one whose value is zero or whose
value is greater than the value reported by the Number of Namespaces (NN)
field in the Identify Controller data structure.  At the moment  only a
single Namespace is supported, therefore the value is currently hard coded
to one.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:36:53 +01:00
Daniel Kiper
ae2a274518 chainloader: Fix wrong break condition (must be AND not, OR)
The definition of bpb's num_total_sectors_16 and num_total_sectors_32
is that either the 16-bit field is non-zero and is used (in which case
eg mkfs.fat sets the 32-bit field to zero), or it is zero and the
32-bit field is used. Therefore, a BPB is invalid only if *both*
fields are zero; having one field as zero and the other as non-zero is
the case to be expected. (Indeed, according to Microsoft's specification
one of the fields *must* be zero, and the other non-zero.)

This affects all users of grub_chainloader_patch_bpb which are in
chainloader.c, freedos.c, and ntldr.c

Some descriptions of the semantics of these two fields:

https://www.win.tue.nl/~aeb/linux/fs/fat/fat-1.html

  The old 2-byte fields "total number of sectors" and "number of
  sectors per FAT" are now zero; this information is now found in
  the new 4-byte fields.

(Here given in the FAT32 EBPB section but the total sectors 16/32 bit
fields semantic is true of FAT12 and FAT16 too.)

https://wiki.osdev.org/FAT#BPB_.28BIOS_Parameter_Block.29

  19 | 2 | The total sectors in the logical volume. If this value is 0,
  it means there are more than 65535 sectors in the volume, and the actual
  count is stored in "Large Sectors (bytes 32-35).

  32 | 4 | Large amount of sector on media. This field is set if there
  are more than 65535 sectors in the volume.

(Doesn't specify what the "large" field is set to when unused, but as
mentioned mkfs.fat sets it to zero then.)

https://technet.microsoft.com/en-us/library/cc976796.aspx

  0x13 | WORD | 0x0000 |
  Small Sectors . The number of sectors on the volume represented in 16
  bits (< 65,536). For volumes larger than 65,536 sectors, this field
  has a value of zero and the Large Sectors field is used instead.

  0x20 | DWORD | 0x01F03E00 |
  Large Sectors . If the value of the Small Sectors field is zero, this
  field contains the total number of sectors in the FAT16 volume. If the
  value of the Small Sectors field is not zero, the value of this field
  is zero.

https://staff.washington.edu/dittrich/misc/fatgen103.pdf page 10

  BPB_TotSec16 | 19 | 2 |
  This field is the old 16-bit total count of sectors on the volume.
  This count includes the count of all sectors in all four regions of the
  volume. This field can be 0; if it is 0, then BPB_TotSec32 must be
  non-zero. For FAT32 volumes, this field must be 0. For FAT12 and
  FAT16 volumes, this field contains the sector count, and
  BPB_TotSec32 is 0 if the total sector count “fits” (is less than
  0x10000).

  BPB_TotSec32 | 32 | 4 |
  This field is the new 32-bit total count of sectors on the volume.
  This count includes the count of all sectors in all four regions of the
  volume. This field can be 0; if it is 0, then BPB_TotSec16 must be
  non-zero. For FAT32 volumes, this field must be non-zero. For
  FAT12/FAT16 volumes, this field contains the sector count if
  BPB_TotSec16 is 0 (count is greater than or equal to 0x10000).

(This specifies that an unused BPB_TotSec32 field is set to zero.)

By the way fix offsets in include/grub/fat.h.

Tested with lDebug booted in qemu via grub2's
FreeDOS direct loading support, refer to
https://bitbucket.org/ecm/ldosboot + https://bitbucket.org/ecm/ldebug

Signed-off-by: C. Masloch <pushbx@38.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:32:55 +01:00
H.J. Lu
842c390469 x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32
Starting from binutils commit bd7ab16b4537788ad53521c45469a1bdae84ad4a:

https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bd7ab16b4537788ad53521c45469a1bdae84ad4a

x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for
32-bit PC-relative branches.  Grub2 should treat R_X86_64_PLT32 as
R_X86_64_PC32.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:25:30 +01:00
Steve McIntyre
6400613ad0 Make grub-install check for errors from efibootmgr
Code is currently ignoring errors from efibootmgr, giving users
clearly bogus output like:

        Setting up grub-efi-amd64 (2.02~beta3-4) ...
        Installing for x86_64-efi platform.
        Could not delete variable: No space left on device
        Could not prepare Boot variable: No space left on device
        Installation finished. No error reported.

and then potentially unbootable systems. If efibootmgr fails, grub-install
should know that and report it!

We've been using similar patch in Debian now for some time, with no ill effects.

Signed-off-by: Steve McIntyre <93sam@debian.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-14 18:02:01 +01:00
Eric Snowberg
d85c76b501 sparc64: fix OF path names for sun4v systems
Fix the Open Firmware (OF) path property for sun4v SPARC systems.
These platforms do not have a /sas/ within their path. Over time
different OF addressing schemes have been supported. There
is no generic addressing scheme that works across every HBA.

It looks that this functionality will not work if you try to cross-install
SPARC GRUB2 binary using e.g. x86 grub-install. By default it should work.
However, we will also have other issues here, like lack of access to OF
firmware/paths, which make such configs unusable anyway. So, let's leave
this patch as is for time being. If somebody cares then he/she should fix
the issue(s) at some point.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-14 17:49:10 +01:00
Stefan Fritsch
566a03a623 ahci: Improve error handling
Check the error bits in the interrupt status register. According to the
AHCI 1.2 spec, "Interrupt sources that are disabled (‘0’) are still
reflected in the status registers.", so this should work even though
grub uses polling

This fixes the following problem on a Fujitsu E744 laptop:

Sometimes there is a very long delay (up to several minutes) when
booting from hard disk. It seems accessing the DVD drive (which has no
disk inserted) sometimes fails with some errors, which leads to each
access being stalled until the 20s timeout triggers. This seems to
happen when grub is trying to read filesystem/partition data.

The problem is that the command_issue bit that is checked in the loop is
only reset if the "HBA receives a FIS which clears the BSY, DRQ, and ERR
bits for the command", but the ERR bit is never cleared. Therefore
command_issue is never reset and grub waits for the timeout.

The relevant bit in our case is the Task File Error Status (TFES), which
is equivalent to the ERR bit 0 in tfd. But this patch also checks
the other error bits except for the "Interface non-fatal error status"
bit.

Signed-off-by: Stefan Fritsch <fritsch@genua.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-01-29 12:53:24 +01:00
Julien Grall
d34977cb66 arm64/xen: Add missing #address-cells and #size-cells properties
The properties #address-cells and #size-cells are used to know the
number of cells for ranges provided by "regs". If they don't exist, the
value are resp. 2 and 1.

Currently, when multiboot nodes are created it is assumed that #address-cells
and #size-cells are exactly 2. However, they are never set by GRUB and
will result to later failure when the device-tree is generated by GRUB
or contain different values.

To prevent this failure, create the both properties in the chosen nodes.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-12-06 13:02:34 +01:00
Eric Snowberg
3d8df86d82 ls: prevent double open
Prevent a double open.  This can cause problems with some ieee1275
devices, causing the system to hang.  The double open can occur
as follows:

grub_ls_list_files (char *dirname, int longlist, int all, int human)
       dev = grub_device_open (device_name);
       dev remains open while:
       grub_normal_print_device_info (device_name);
                dev = grub_device_open (name);

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-11-24 16:18:29 +01:00
David E. Box
446794de8d tsc: Change default tsc calibration method to pmtimer on EFI systems
On efi systems, make pmtimer based tsc calibration the default over the
pit. This prevents Grub from hanging on Intel SoC systems that power gate
the pit.

Signed-off-by: David E. Box <david.e.box@linux.intel.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-10-06 16:58:55 +02:00
Alexander Graf
92bfc33db9 efi: Free malloc regions on exit
When we exit grub, we don't free all the memory that we allocated earlier
for our heap region. This can cause problems with setups where you try
to descend the boot order using "exit" entries, such as PXE -> HD boot
scenarios.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-09-07 23:35:01 +02:00
Alexander Graf
0ba90a7f01 efi: Move grub_reboot() into kernel
The reboot function calls machine_fini() and then reboots the system.
Currently it lives in lib/ which means it gets compiled into the
reboot module which lives on the heap.

In a following patch, I want to free the heap on machine_fini()
though, so we would free the memory that the code is running in. That
obviously breaks with smarter UEFI implementations.

So this patch moves it into the core. That way we ensure that all
code running after machine_fini() in the UEFI case is running from
memory that got allocated (and gets deallocated) by the UEFI core.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-09-07 23:29:31 +02:00
Vladimir Serbinenko
78d2b81bd1 Fix compilation for x86_64-efi. 2017-09-07 13:55:22 +02:00
Vladimir Serbinenko
95acd4cbda gzio: fix unaligned access 2017-08-30 21:31:28 +02:00
Vladimir Serbinenko
061258a05e Regenerate checksum.h with newer unifont.
Old link is broken. New unifont is
http://ftp.de.debian.org/debian/pool/main/u/unifont/xfonts-unifont_9.0.06-2_all.deb
2017-08-30 17:12:04 +02:00
Vladimir Serbinenko
ec763ed00a qemu, coreboot, multiboot: Change linking address to 0x9000.
It's common for distros to use a defective ld which links at 0x9000. Instead
of fighting it, just move link target to 0x9000.
2017-08-30 16:29:59 +02:00
Stefan Fritsch
b18ce97c67 Implement checksum verification for gunzip
This implements the crc32 check for the gzip format. Support for zlib's
adler checksum is not included, yet.
2017-08-30 16:07:54 +02:00
Vladimir Serbinenko
c42acc23ff xfs: Don't attempt to iterate over empty directory.
Reported by: Tuomas Tynkkynen
2017-08-30 15:56:19 +02:00
Patrick Steinhardt
e75cf4a58b unix exec: avoid atexit handlers when child exits
The `grub_util_exec_redirect_all` helper function can be used to
spawn an executable and redirect its output to some files. After calling
`fork()`, the parent will wait for the child to terminate with
`waitpid()` while the child prepares its file descriptors, environment
and finally calls `execvp()`. If something in the children's setup
fails, it will stop by calling `exit(127)`.

Calling `exit()` will cause any function registered via `atexit()` to be
executed, which is usually the wrong thing to do in a child. And
actually, one can easily observe faulty behaviour on musl-based systems
without modprobe(8) installed: executing `grub-install --help` will call
`grub_util_exec_redirect_all` with "modprobe", which obviously fails if
modprobe(8) is not installed. Due to the child now exiting and invoking
the `atexit()` handlers, it will clean up some data structures of the
parent and cause it to be deadlocked in the `waitpid()` syscall.

The issue can easily be fixed by calling `_exit(127)` instead, which is
especially designed to be called when the atexit-handlers should not be
executed.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
2017-08-30 15:20:13 +02:00
Vladimir Serbinenko
6ccb2d54bc enforcing fixup 2017-08-14 16:27:10 +02:00
Vladimir Serbinenko
4bfd26623f multiboot fixup 2017-08-14 16:24:05 +02:00
Vladimir Serbinenko
6cc79ec10c linux fixup 2017-08-14 16:23:52 +02:00
Vladimir Serbinenko
c36c2a8640 yylex: Explicilty cast fprintf to void.
It's needed to avoid warning on recent GCC.
2017-08-14 14:11:43 +02:00
Vladimir Serbinenko
3732816bc0 genmoddep: Check that no modules provide the same symbol.
The semantics of 2 modules providing the same symbol are undefined. So
ensure that it doesn't happen.
2017-08-14 14:10:48 +02:00
Vladimir Serbinenko
26e5aea941 Fix symbols appearing in several modules in linux*.
If same symbol is provided by 2 modules its semantics are undefined.
Avoid this by depending rather than double-including files.
2017-08-14 14:09:30 +02:00
Vladimir Serbinenko
21e4a6fa03 multiboot: disentangle multiboot and multiboot2.
Previously we had multiboot and multiboot2 declaring the same symbols.
This can potentially lead to aliasing and strange behaviours when e.g.
module instead of module2 is used with multiboot2.

Bug: #51137
2017-08-14 14:08:54 +02:00
Vladimir Serbinenko
6662372053 hdparm: Depend on hexdump rather than having a second copy of hexdump. 2017-08-14 12:48:58 +02:00
Pete Batard
1deebd85ef io: add a GRUB_GZ prefix to gzio specific defines
* This is done to avoid a conflict with a PACKED define in the EDK2
2017-08-07 19:30:26 +02:00
Pete Batard
bdd89d239c core: use GRUB_TERM_ definitions when handling term characters
* Also use hex value for GRUB_TERM_ESC as '\e' is not in the C standard and is not understood by some compilers
2017-08-07 19:28:22 +02:00
Leif Lindholm
f826330683 efi: change heap allocation type to GRUB_EFI_LOADER_CODE
With upcoming changes to EDK2, allocations of type EFI_LOADER_DATA may
not return regions with execute ability. Since modules are loaded onto
the heap, change the heap allocation type to GRUB_EFI_LOADER_CODE in
order to permit execution on systems with this feature enabled.

Closes: 50420

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 19:03:34 +02:00
Leif Lindholm
91212e0aa0 arm64 linux loader: improve type portability
In preparation for turning this into a common loader for 32-bit and 64-bit
platforms, ensure the code will compile cleanly for either.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:54:56 +02:00
Leif Lindholm
c5841ba7f0 efi: Add GRUB_PE32_MAGIC definition
Add a generic GRUB_PE32_MAGIC definition for the PE 'MZ' tag and delete
the existing one in arm64/linux.h.

Update arm64 Linux loader to use this new definition.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:52:09 +02:00
Leif Lindholm
8c9465fac9 efi: move fdt helper library
There is nothing ARM64 (or even ARM) specific about the efi fdt helper
library, which is used for locating or overriding a firmware-provided
devicetree in a UEFI system - so move it to loader/efi for reuse.

Move the fdtload.h include file to grub/efi and update path to
efi/fdtload.h in source code referring to it.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:50:44 +02:00
Vladimir Serbinenko
4bc909bf89 Remove grub_efi_allocate_pages.
grub_efi_allocate_pages Essentially does 2 unrelated things:
* Allocate at fixed address.
* Allocate at any address.

To switch between 2 different functions it uses address == 0 as magic
value which is wrong as 0 is a perfectly valid fixed adress to allocate at.
2017-08-07 18:33:29 +02:00
Leif Lindholm
dd5fde2df8 efi: refactor grub_efi_allocate_pages
Expose a new function, grub_efi_allocate_pages_real(), making it possible
to specify allocation type and memory type as supported by the UEFI
AllocatePages boot service.

Make grub_efi_allocate_pages() a consumer of the new function,
maintaining its old functionality.

Also delete some left-around #if 1/#else blocks in the affected
functions.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:23:39 +02:00
Pali Rohár
435fa75e01 * grub-core/fs/udf.c: Add support for UUID
Use same algorithm as in libblkid from util-linux v2.30.

1. Take first 16 bytes from UTF-8 encoded string of VolumeSetIdentifier
2. If all bytes are hexadecimal digits, convert to lowercase and use as UUID
3. If first 8 bytes are not all hexadecimal digits, convert those 8 bytes
   to their hexadecimal representation, resulting in 16 bytes for UUID
4. Otherwise, compose UUID from two parts:
   1. part: converted first 8 bytes (which are hexadecimal digits) to lowercase
   2. part: encoded following 4 bytes to their hexadecimal representation (16 bytes)

So UUID would always have 16 hexadecimal digits in lowercase variant.

According to UDF specification, first 16 Unicode characters of
VolumeSetIdentifier should be unique value and first 8 should be
hexadecimal characters.

In most cases all 16 characters are hexadecimal, but e.g. MS Windows
format.exe set only first 8 as hexadecimal and remaining as fixed
(non-unique) which violates specification.
2017-08-07 17:51:50 +02:00
Pali Rohár
76188809d5 udf: Fix reading label, lvd.ident is dstring
UDF dstring has stored length in the last byte of buffer. Therefore last
byte is not part of recorded characters. And empty string in dstring is
encoded as empty buffer, including first byte (compression id).
2017-08-07 17:51:50 +02:00
Pete Batard
fa42786264 zfs: remove size_t typedef and use grub_size_t instead
* Prevents some toolchains from issuing a warning on size_t redef.
2017-08-07 16:21:15 +02:00
Rob Clark
e8ab5a1a9e Fix a segfault in lsefi
when protocols_per_handle returns error, we can't use the pointers we
passed to it, and that includes trusting num_protocols.

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-08-03 20:03:09 +02:00
Vladimir Serbinenko
68d54b55f4 fdt: silence clang warning. 2017-07-10 01:34:22 +00:00
Vladimir Serbinenko
cb8b7e4e36 arm-efi: Fix compilation 2017-07-09 21:49:55 +00:00
AppChecker
a0fe0c26aa crypto: Fix use after free.
Reported by: AppChecker
Transformed to patch by: Satish Govindarajan
2017-07-09 21:57:35 +02:00
Vladimir Serbinenko
284afab081 ehci: Fix compilation on i386 2017-07-09 21:31:19 +02:00