Commit graph

9296 commits

Author SHA1 Message Date
Toomas Soome
697eceff6a multiboot_header_tag_module_align fix to confirm multiboot specification 2015-06-04 19:58:59 +03:00
Leif Lindholm
43d4231432 configure.ac: clean up arm64 soft-float handling
Fix compilation with gcc 5.1 (avoid internal compiler error), by
replacing explicit -march +nofp+nosimd options with -mgeneral-regs-only.

This also enables the removal of some further conditional build flag
setting.
2015-06-02 15:41:09 +01:00
dann frazier
3ac342205d arm64/setjmp: Add missing license macro
Including the setjmp module in an arm64-efi image will cause it to
immediately exit with an "incompatible license" error.

The source file includes a GPLv3+ boilerplate, so fix this by declaring a
GPLv3+ license using the GRUB_MOD_LICENSE macro.

Signed-off-by: dann frazier <dann.frazier@canonical.com>
2015-06-01 17:02:04 +01:00
Paul Menzel
ca59c24bd0 disk/ahci.c: Add port number to port debug messages
Currently, some messages cannot be mapped to the port they belong to as
the port number is missing from the output. So add `port: n` to the
debug messages.
2015-05-31 09:26:46 +03:00
Andrei Borzenkov
dec7718878 Clarify use of superusers variable and menu entry access
superusers controls both CLI and editing. Also explicitly mention that
empty superusers disables them.

"Access to menuentry" is a bit vague - change to "execute menuentry"
to make it obvious, what access is granted.
2015-05-30 19:36:41 +03:00
Paul Menzel
fd73b3d008 Correct spelling of *scheduled*
Run the command below

	$ git grep -l schedulded | xargs sed -i 's/schedulded/scheduled/g'

and revert the change in `ChangeLog-2015`.

Including "miscellaneous" spelling fix noted by richardvoigt@gmail.com
2015-05-30 10:05:43 +03:00
Toomas Soome
cad5cc0f5d zfs extensible_dataset and large_blocks feature support
large blocks basically use extensible dataset feature, or to be exact,
setting recordsize above 128k will trigger large_block feature to be
enabled and storing such blocks is using feature extensible dataset. so
the extensible dataset is prerequisite.

Changes implement read support extensible dataset… instead of fixed DMU
types they dont specify type, making it possible to use fat zap objects
from bonus area.
2015-05-30 08:50:53 +03:00
Vladimir Serbinenko
c856be6bca multiboot1: never place modules in low memory.
While in theory permitted by the spec, modules rarely fit in low memory
anyway and not every kernel is able to handle modules in low memory anyway.
At least VMWare is known not to be able to handle modules at arbitrary
locations.
2015-05-27 08:41:39 +02:00
Paul Menzel
5e74a3e6df disk/ahci: Use defines GRUB_ATA_STATUS_BUSY and GRUB_ATA_STATUS_DRQ
Instead of hard coding `0x88` use the macros defined in `disk/ata.h`.
2015-05-24 21:19:01 +03:00
Paul Menzel
f4e62af000 cb_timestamps.c: Add new time stamp descriptions
Add the descriptions of the “core”, that means no vendorcode or payload,
coreboot time stamps added up to coreboot commit a7d92441 (timestamps:
You can never have enough of them!) [1].

Running `coreboot_boottime` in the GRUB command line interface now shows
descriptions for all time stamps again on the ASRock E350M1.

[1] http://review.coreboot.org/9608
2015-05-19 20:28:07 +03:00
Andrei Borzenkov
a666c8bd18 bootp: ignore gateway_ip (relay) field.
From RFC1542:

   The 'giaddr' field is rather poorly named.  It exists to facilitate
   the transfer of BOOTREQUEST messages from a client, through BOOTP
   relay agents, to servers on different networks than the client.
   Similarly, it facilitates the delivery of BOOTREPLY messages from the
   servers, through BOOTP relay agents, back to the client.  In no case
   does it represent a general IP router to be used by the client.  A
   BOOTP client MUST set the 'giaddr' field to zero (0.0.0.0) in all
   BOOTREQUEST messages it generates.

   A BOOTP client MUST NOT interpret the 'giaddr' field of a BOOTREPLY
   message to be the IP address of an IP router.  A BOOTP client SHOULD
   completely ignore the contents of the 'giaddr' field in BOOTREPLY
   messages.

Leave code ifdef'd out for the time being in case we see regression.

Suggested by: Rink Springer <rink@rink.nu>
Closes: 43396
2015-05-17 22:38:30 +03:00
Andrei Borzenkov
2498dc7a3a hostdisk: fix crash with NULL device.map
grub-macbless calls grub_util_biosdisk_init with NULL device.map.
2015-05-17 14:16:36 +03:00
Andrei Borzenkov
5370dcfdae zfs: fix integer truncation in zap_lookup
Size after shift could exceed 16 bits; use grub_unit32_t for result.

Reported and tested by: Kostya Berger <bergerkos@yahoo.co.uk>
Closes: 44448
2015-05-14 07:50:33 +03:00
Andrei Borzenkov
5082ea6184 remove extra newlines in grub_util_* strings
grub_util_{info,warn,error} already add trailing newlines, so remove
them from format strings. Also trailing full stops are already added.
2015-05-13 09:47:17 +03:00
Jan Kara
a139188eb5 xfs: Convert inode numbers to cpu endianity immediately after reading
Currently XFS driver converted inode numbers to native endianity only
when using them to compute inode position. Although this works, it is
somewhat confusing. So convert inode numbers when reading them from disk
structures as every other field.

Signed-off-by: Jan Kara <jack@suse.cz>
2015-05-12 08:21:10 +03:00
Jan Kara
1570140f03 xfs: Fix termination loop for directory iteration
Directory iteration used wrong position (sizeof wrong structure) for
termination of iteration inside a directory block. Luckily the position
ended up being wrong by just 1 byte and directory entries are larger so
things worked out fine in practice. But fix the problem anyway.

Signed-off-by: Jan Kara <jack@suse.cz>
2015-05-11 14:48:14 +03:00
Andrei Borzenkov
07258815e9 acpi: do not skip BIOS scan if EBDA length is zero
EBDA layout is not standardized so we cannot assume first two bytes
are length. Neither is it required by ACPI standard. HP 8710W is known
to contain zeroes here.

Closes: 45002
2015-05-08 06:15:16 +03:00
Andrei Borzenkov
6a5c78c8c8 Add asm-tests to tarball 2015-05-07 22:15:16 +03:00
Vladimir Serbinenko
2dcf260d89 util/grub-mkrescue: Fix compilation 2015-05-07 19:45:06 +02:00
Andrei Borzenkov
49426e9fd2 efinet: open Simple Network Protocol exclusively
EDK2 network stack is based on Managed Network Protocol which is layered
on top of Simple Management Protocol and does background polling. This
polling races with grub for received (and probably trasmitted) packets
which causes either serious slowdown or complete failure to load files.

Open SNP device exclusively.  This destroys all child MNP instances and
stops background polling.

Exclusive open cannot be done when enumerating cards, as it would destroy
PXE information we need to autoconfigure interface; and it cannot be done
during autoconfiguration as we need to do it for non-PXE boot as well. So
move SNP open to card ->open method and add matching ->close to clean up.

Based on patch from Mark Salter <msalter@redhat.com>

Also-By: Mark Salter <msalter@redhat.com>
Closes: 41731
2015-05-07 20:37:17 +03:00
Andrei Borzenkov
c52ae40570 efinet: skip virtual IPv4 and IPv6 devices when enumerating cards
EDK2 PXE driver creates two child devices - IPv4 and IPv6 - with
bound SNP instance. This means we get three cards for every physical
adapter when enumerating. Not only is this confusing, this may result
in grub ignoring packets that come in via the "wrong" card.

Example of device hierarchy is

 Ctrl[91] PciRoot(0x0)/Pci(0x3,0x0)
   Ctrl[95] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1)
     Ctrl[B4] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1)/IPv4(0.0.0.0)
     Ctrl[BC] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000)

Skip PXE created virtual devices when enumerating cards. Make sure to
find real card when applying initial autoconfiguration during PXE boot,
this information is associated with one of child devices.
2015-05-07 20:37:17 +03:00
Andrei Borzenkov
7b386b7031 efidisk: move device path helpers in core for efinet 2015-05-07 20:37:16 +03:00
Andrei Borzenkov
16a7e723ea convert to, not from, CPU byte order in DNS receive function 2015-05-07 20:33:28 +03:00
Andrei Borzenkov
a8c473288d loader/linux: do not pad initrd with zeroes at the end
Syslinux memdisk is using initrd image and needs to know uncompressed
size in advance. For gzip uncompressed size is at the end of compressed
stream. Grub padded each input file to 4 bytes at the end, which means
syslinux got wrong size.

Linux initramfs loader apparently does not care about trailing alignment.
So change code to align beginning of each file instead which atomatically
gives us the correct size for single file.

Reported-By: David Shaw <dshaw@jabberwocky.com>
2015-05-07 20:24:24 +03:00
Daniel Kiper
71783dc978 i386/relocator: Remove unused extern grub_relocator64_rip_addr
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
2015-05-07 18:00:47 +02:00
Vladimir Serbinenko
9916ed6f82 grub-install-common: Increase buf size to 8192 as modinfo.sh is bigger. 2015-05-07 17:09:58 +02:00
Vladimir Serbinenko
5fd1cb980a grub-mkrescue: Recognize -output as an alias of --output.
This helps us to be in line with xorriso -as mkisofs.

Suggested by: Thomas Schmitt
2015-05-07 16:34:34 +02:00
Vladimir Serbinenko
e5b4ba8c2b linux.c: Ensure that initrd is page-aligned. 2015-05-07 16:23:39 +02:00
Vladimir Serbinenko
9f731abc7f Revert parts accidentally committed 2 commits ago. 2015-05-07 16:21:34 +02:00
Fu Wei
cfe2ae8936 fdt.h: Add grub_fdt_set_reg64 macro
Signed-off-by: Fu Wei <fu.wei@linaro.org>
2015-05-07 15:13:25 +02:00
Fu Wei
f8451af825 arm64: Export useful functions from linux.c
Signed-off-by: Fu Wei <fu.wei@linaro.org>
2015-05-07 15:11:04 +02:00
Andrei Borzenkov
cc699535e5 Revert "efinet: memory leak on module removal"
This reverts commits 47b2bee3ef
and 8d3c4544ff. It is not safe
to free allocated cards, dangling pointers main remain. Such
cleanup requires more changes in net core.
2015-05-04 09:17:59 +03:00
Andrei Borzenkov
47b2bee3ef efinet: cannot free const char * pointer 2015-05-04 08:39:29 +03:00
Andrei Borzenkov
8d3c4544ff efinet: memory leak on module removal 2015-05-04 08:08:57 +03:00
Andrei Borzenkov
6210b8e8f7 zfs: add missing NULL check and fix incorrect buffer overwrite
grub_memset should zero out padding after data end. It is not clear
why it is needed at all - ZFS block is at least 512 bytes and power
of two, so it is always multiple of 16 bytes. This grub_memset
apparently never did anything.
2015-05-03 18:57:32 +03:00
Toomas Soome
4a7ea4003b zfs: com.delphix:embedded_data feature support 2015-05-03 18:45:40 +03:00
Toomas Soome
a1007c6af2 zfs: com.delphix:hole_birth feature support
In the past birth was always zero for holes. This feature started
to make use of birth for holes as well, so change code to test for
valid DVA address instead.
2015-05-03 18:11:29 +03:00
Andrei Borzenkov
104dff36ea grub-mkconfig: use $pkgdatadir in scripts
Otherwise scripts will source wrong grub-mkconfig_lib.
2015-04-29 19:18:54 +03:00
Vladimir Serbinenko
70b002de55 Remove -V in grub-mkrescue.c
It clashhes with -V which is alias to -volid.
2015-04-24 17:52:30 +02:00
mjg59
19c075a7ac Merge pull request #8 from mjg59/master
Add some more secure boot infrastructure to grub
2015-04-22 16:02:19 -07:00
Matthew Garrett
2755ecd157 Add efi getenv command
Add a command to obtain the contents of EFI firmware variables.
2015-04-22 13:08:26 -07:00
Matthew Garrett
9b669efb38 Fail validation if we can't find shim and Secure Boot is enabled
If grub is signed with a key that's in the trusted EFI keyring, an attacker
can point a boot entry at grub rather than at shim and grub will fail to
locate the shim verification protocol. This would then allow booting an
arbitrary kernel image. Fail validation if Secure Boot is enabled and we
can't find the shim protocol in order to prevent this.
2015-04-22 12:47:49 -07:00
Colin Watson
25850cfd50 Don't allow insmod when secure boot is enabled.
Hi,

Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine
as far as it goes.  However, the insmod command is not the only way that
modules can be loaded.  In particular, the 'normal' command, which
implements the usual GRUB menu and the fully-featured command prompt,
will implicitly load commands not currently loaded into memory.  This
permits trivial Secure Boot violations by writing commands implementing
whatever you want to do and pointing $prefix at the malicious code.

I'm currently test-building this patch (replacing your current
grub-2.00-no-insmod-on-sb.patch), but this should be more correct.  It
moves the check into grub_dl_load_file.
2015-04-22 12:47:49 -07:00
Toomas Soome
677dcaa92b getroot: include sys/mkdev.h for makedev
Solaris (like) systems need to include sys/mkdev.h for makedev() function.
2015-04-13 19:52:28 +03:00
Toomas Soome
5b5d8666a7 core/partmap: rename 'sun' to avoid clash with predefined symbol
the symbol “sun” is defined macro in solaris derived systems, from
gcc -dM -E:

and therefore can not be used as name.
2015-04-13 19:49:15 +03:00
Paul Menzel
e97f5f4968 docs/grub.texi: Fix spelling of cbfstool 2015-04-12 09:10:11 +03:00
Andrei Borzenkov
f11db3c7fc core: avoid NULL derefrence in grub_divmod64s
It can be called with NULL for third argument.  grub_divmod32* for
now are called only from within wrappers, so skip check.

Reported-By: Michael Zimmermann <sigmaepsilon92@gmail.com>
2015-04-06 19:30:51 +03:00
Andrei Borzenkov
12bf557039 do not emit cryptomount without crypto UUID 2015-03-28 22:13:35 +03:00
Sarah Newman
7d39938474 grub-core/loader/i386/xen.c: Initialized initrd_ctx so we don't free a random pointer from the stack.
Signed-off-by: Sarah Newman <srn@prgmr.com>
2015-03-28 07:14:17 +03:00
Andrei Borzenkov
ebd92af8c3 net: trivial grub_cpu_to_XX_compile_time cleanup 2015-03-27 18:58:57 +03:00