Commit graph

2143 commits

Author SHA1 Message Date
Colin Watson
25850cfd50 Don't allow insmod when secure boot is enabled.
Hi,

Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine
as far as it goes.  However, the insmod command is not the only way that
modules can be loaded.  In particular, the 'normal' command, which
implements the usual GRUB menu and the fully-featured command prompt,
will implicitly load commands not currently loaded into memory.  This
permits trivial Secure Boot violations by writing commands implementing
whatever you want to do and pointing $prefix at the malicious code.

I'm currently test-building this patch (replacing your current
grub-2.00-no-insmod-on-sb.patch), but this should be more correct.  It
moves the check into grub_dl_load_file.
2015-04-22 12:47:49 -07:00
Michael Marineau
c70627bc9f gpt: add search by partition label and uuid commands
Builds on the existing filesystem search code. Only for GPT right now.
2014-11-27 18:49:24 -08:00
Michael Marineau
daa4fbd477 gpt: switch partition names to a 16 bit type
In UEFI/GPT strings are UTF-16 so use a uint16 to make dealing with the
string practical.
2014-11-27 16:39:07 -08:00
Michael Marineau
13761c8675 gpt: move gpt guid printing function to common library 2014-11-27 16:39:07 -08:00
Michael Marineau
e49d5b587e gpt: new gptprio.next command for selecting priority based partitions
Basic usage would look something like this:

    gptprio.next -d usr_dev -u usr_uuid
    linuxefi ($usr_dev)/boot/vmlinuz mount.usr=PARTUUID=$usr_uuid

After booting the system should set the 'successful' bit on the
partition that was used.
2014-11-23 15:39:57 -07:00
Michael Marineau
d3c2759e83 gpt: split out checksum recomputation
For basic data modifications the full repair function is overkill.
2014-11-15 13:32:37 -08:00
Michael Marineau
6278c3e75f gpt: add a new generic GUID type
In order to do anything with partition GUIDs they need to be stored in a
proper structure like the partition type GUIDs. Additionally add an
initializer macro to simplify defining both GUID types.
2014-11-15 13:32:37 -08:00
Matthew Garrett
0de7775230 Add support for linuxefi 2014-11-05 20:40:53 -08:00
Michael Marineau
051545ddf0 gpt: add write function and gptrepair command
The first hint of something practical, a command that can restore any of
the GPT structures from the alternate location. New test case must run
under QEMU because the loopback device used by the other unit tests does
not support writing.
2014-10-20 14:10:47 -07:00
Michael Marineau
478458d404 gpt: add new repair function to sync up primary and backup tables. 2014-10-20 13:54:58 -07:00
Michael Marineau
4dd009a6fb gpt: record size of of the entries table
The size of the entries table will be needed later when writing it back
to disk. Restructure the entries reading code to flow a little better.
2014-10-20 13:54:58 -07:00
Michael Marineau
3b2674aef7 gpt: rename misnamed header location fields
The header location fields refer to 'this header' and 'alternate header'
respectively, not 'primary header' and 'backup header'. The previous
field names are backwards for the backup header.
2014-10-20 13:52:55 -07:00
Michael Marineau
f82f65f338 gpt: start new GPT module
This module is a new implementation for reading GUID Partition Tables
which is much stricter than the existing part_gpt module and exports GPT
data directly instead of the generic grub_partition structure. It will
be the basis for modules that need to read/write/update GPT data.

The current code does nothing more than read and verify the table.
2014-10-18 13:54:54 -07:00
Colin Watson
5d90f6e533 Add a new "none" platform that only builds utilities
This makes it possible to build generally-useful utilities such as
grub-mount even if the rest of GRUB has not been ported to the target
CPU.

* configure.ac: Add "none" platform.  Default to it for unsupported
CPUs rather than stopping with a fatal error.  Don't downgrade
x86_64-none to i386.  Define COND_real_platform Automake conditional
if the platform is anything other than "none".  Don't do any include
directory linking for "none".
* Makefile.am: Skip building grub-core and all bootcheck targets if
!COND_real_platform.
* include/grub/time.h: Don't include <grub/cpu/time.h> if GRUB_UTIL
is defined.
2014-09-23 12:06:30 +01:00
Valentin Dornauer
0f1f95c7b7 ACPIhalt: Add more ACPI opcodes.
The AML parser implements only a small subset of possible AML
	opcodes. On the Fujitsu Lifebook E744 this and another bug in
	the parser (incorrect handling of TermArg data types) would lead
	to the laptop not turning off (_S5 not found).

	* grub-core/commands/acpihalt.c: Support OpAlias in the AML parser;
	in skip_ext_op(), handle some Type2Opcodes more correctly (TermArgs
	aren't always simply strings!); Add function to skip TermArgs
	* include/grub/acpi.h: Add new opcodes
2014-09-21 18:58:14 +02:00
Vladimir Serbinenko
41c6f91fce * grub-core/normal/main.c: Don't drop to rescue console in
case of password-protected prompt and no menu entries.
2014-09-21 18:51:09 +02:00
Vladimir Serbinenko
5e42618e00 Fix wrong commit 2014-09-21 18:18:03 +02:00
Michael Chang
0aece00c54 * grub-core/osdep/unix/config.c: Remove extraneous comma. 2014-09-21 17:49:13 +02:00
Colin Watson
2a5a532c00 Support grub-emu on x32 (ILP32 but with x86-64 instruction set)
* configure.ac: Remove -m64 from checks for -mcmodel=large and
-mno-red-zone.  These are always either unnecessary (x86_64-emu) or
already in TARGET_CFLAGS at this point, and they produce incorrect
results when building for x32.
* grub-core/kern/x86_64/dl.c (grub_arch_dl_relocate_symbols): Cast
pointers to Elf64_Xword via grub_addr_t, in order to work on x32.
* include/grub/x86_64/types.h (GRUB_TARGET_SIZEOF_VOID_P,
GRUB_TARGET_SIZEOF_LONG): Define to 4 on x32.
2014-09-07 23:04:50 +01:00
Stephane Rochoy
15bd333e10 * grub-core/loader/i386/bsd.c (grub_netbsd_boot): Pass pointer to
EFI system table.
2014-06-22 01:35:52 +02:00
Vladimir Serbinenko
2009da62f2 Add missing #endif 2014-04-04 08:11:15 +02:00
Vladimir Serbinenko
6f6d4aa02c * include/grub/libgcc.h: Remove ctzsi2 and ctzdi2. They're no longer pulled from libgcc. 2014-04-04 08:02:38 +02:00
Colin Watson
24024dac7f Fix partmap, cryptodisk, and abstraction handling in grub-mkconfig.
Commit 588744d0dc caused grub-mkconfig
no longer to be forgiving of trailing spaces on grub-probe output
lines, which among other things means that util/grub.d/10_linux.in
no longer detects LVM.  To fix this, make grub-probe's output
delimiting more consistent.  As a bonus, this improves the coverage
of the -0 option.

Fixes Debian bug #735935.

* grub-core/disk/cryptodisk.c
(grub_util_cryptodisk_get_abstraction): Add a user-data argument.
* grub-core/disk/diskfilter.c (grub_diskfilter_get_partmap):
Likewise.
* include/grub/cryptodisk.h (grub_util_cryptodisk_get_abstraction):
Update prototype.
* include/grub/diskfilter.h (grub_diskfilter_get_partmap): Likewise.
* util/grub-install.c (push_partmap_module, push_cryptodisk_module,
probe_mods): Adjust for extra user-data arguments.
* util/grub-probe.c (do_print, probe_partmap, probe_cryptodisk_uuid,
probe_abstraction): Use configured delimiter.  Update callers.
2014-03-31 14:48:46 +01:00
Vladimir Serbinenko
86402b4e0f * include/grub/i386/openbsd_bootarg.h: Add addr and frequency fields.
* grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Fill addr field.

	Suggested by: Markus Müller.
2014-02-28 10:50:05 +01:00
Paulo Flabiano Smorigo
9585647a25 add bootpath parser for open firmware
It enables net boot even when there is no bootp/dhcp server.

* grub-core/net/drivers/ieee1275/ofnet.c: Add grub_ieee1275_parse_bootpath and
call it at grub_ieee1275_net_config_real.
* grub-core/kern/ieee1275/init.c: Add bootpath to grub_ieee1275_net_config.
* include/grub/ieee1275/ieee1275.h: Likewise.
2014-02-04 19:02:16 -02:00
Paulo Flabiano Smorigo
e4dbf247b6 add grub_env_set_net_property function
* grub-core/net/bootp.c: Remove set_env_limn_ro.
* grub-core/net/net.c: Add grub_env_set_net_property.
* include/grub/net.h: Likewise.
2014-02-04 18:41:38 -02:00
Andrey Borzenkov
5ae584c0b0 fix Mingw W64-32 cross compile failure due to printf redefinition in libintl.h
In file included from util/misc.c:36:0:
./include/grub/emu/misc.h:56:1: error: 'libintl_printf' is an unrecognized format function type [-Werror=format=]
 char * EXPORT_FUNC(xasprintf) (const char *fmt, ...) __attribute__ ((format (printf, 1, 2))) WARN_UNUSED_RESULT;
 ^
./include/grub/emu/misc.h:58:1: error: 'libintl_printf' is an unrecognized format function type [-Werror=format=]

The reason is libintl.h which redefines printf as libintl_printf. The problem
is not present in native MinGW build which avoids redefinition.  Use
(format (__printf__) instead which is valid replacement in GCC.

v2: add grub-core/lib/libgcrypt/src/g10lib.h
v3: modify g10lib.h during import
2014-01-25 21:49:41 +04:00
Vladimir Serbinenko
95cd131ea0 * util/grub-install.c: List available targets. 2014-01-24 18:09:25 +01:00
Paulo Flabiano Smorigo
6f65e36cc4 increase network try interval gradually
* grub-core/net/arp.c (grub_net_arp_send_request): Increase network try
interval gradually.
* grub-core/net/icmp6.c (grub_net_icmp6_send_request): Likewise.
* grub-core/net/net.c (grub_net_fs_read_real): Likewise.
* grub-core/net/tftp.c (tftp_open): Likewise.
* include/grub/net.h (GRUB_NET_INTERVAL_ADDITION): New define.
2014-01-21 11:06:35 -02:00
Andrey Borzenkov
f371dd5da8 fix include loop on MinGW due to libintl.h pulling stdio.h
In file included from ./include/grub/dl.h:23:0,
                 from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/list.h:34:18: warning: conflicting types for 'grub_list_push' [en
abled by default]
 void EXPORT_FUNC(grub_list_push) (grub_list_t *head, grub_list_t item);
                  ^
./include/grub/symbol.h:68:25: note: in definition of macro 'EXPORT_FUNC'
 # define EXPORT_FUNC(x) x
                         ^
In file included from ./include/grub/fs.h:30:0,
                 from ./include/grub/file.h:25,
                 from ./grub-core/lib/posix_wrap/stdio.h:23,
                 from c:\mingw\include\libintl.h:314,
                 from ./include/grub/i18n.h:33,
                 from ./include/grub/misc.h:27,
                 from ./include/grub/list.h:25,
                 from ./include/grub/dl.h:28,
                 from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/partition.h:106:3: note: previous implicit declaration of 'grub_l
ist_push' was here
   grub_list_push (GRUB_AS_LIST_P (&grub_partition_map_list),
   ^
list.h needs just ATTRIBUTE_ERROR from misc.h; split compiler features
into separate file grub/compiler.h and include it instead.
2014-01-18 21:22:57 +04:00
Andrey Borzenkov
5ef569df5b Use _W64 to detect MinGW W64-32 instead of _FILE_OFFSET_BITS
In 94cee4a4c2 I overlooked that config.h
unconditionally sets _FILE_OFFSET_BITS, so it cannot be used to detect
MinGW W64 environment. It looks like Emacs folks already found
solution; instead of _FILE_OFFSET_BITS use _W64 as suggested in
http://lists.gnu.org/archive/html/emacs-devel/2013-03/msg00723.html
2014-01-18 20:04:11 +04:00
Andrey Borzenkov
94cee4a4c2 fix 32 bit compilation on MinGW-w64
Use _FILE_OFFSET_BITS macro to distinguish between native MinGW and
32 bit under MinGW-64. The latter does not require fseeko/ftello
redefinition which it already does in case of _FILE_OFFSET_BITS=64.
2014-01-07 18:44:51 +04:00
Vladimir Serbinenko
4d6c69536e Show SATA device path. 2013-12-24 18:10:28 +01:00
Vladimir Serbinenko
e5fa26e573 Make newly-created files other than grub.cfg world-readable. 2013-12-24 17:36:10 +01:00
Vladimir Serbinenko
e88f0420b9 Make grub_util_devmapper_part_to_disk and grub_util_find_partition_start
follow the same algorithm to avoid method mismatch. Don't assume
	DMRAID- UUID to mean full disk but instead check that mapping is linear.
2013-12-24 14:16:57 +01:00
Vladimir Serbinenko
da98622662 Declare GRUB_EFI_VENDOR_APPLE_GUID. 2013-12-24 14:14:19 +01:00
Vladimir Serbinenko
fba31b5f69 Dump type and vendor specific data when printing device path. 2013-12-24 14:05:48 +01:00
Vladimir Serbinenko
74fa9ac1a6 * include/grub/arm64/linux.h: Remove leftovers. Add missing prefixes. 2013-12-23 05:56:31 +01:00
Vladimir Serbinenko
bbc52c228f Enable cache on ARM U-Boot port.
Without it the port is reidiculously slow.
2013-12-23 05:01:58 +01:00
Leif Lindholm
30a9ab952f arm64: add EFI Linux loader
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2013-12-22 18:38:44 +00:00
Leif Lindholm
c415eaa98f fdt: additions required for arm64 Linux loader
- Add grub_fdt_create_empty_tree() function.
- Add 64-bit setprop.
2013-12-22 18:38:44 +00:00
Vladimir Serbinenko
5ad9f728eb Workaround buggy timer in raspberry pie by using our own timer
implementation.
2013-12-22 02:48:42 +01:00
Vladimir Serbinenko
eeb8499721 * include/grub/arm/uboot/kernel.h (GRUB_KERNEL_MACHINE_HEAP_SIZE):
Increase to 16 MiB to allow loading the whole memdisk.
2013-12-22 00:32:55 +01:00
Vladimir Serbinenko
0d8b81f89a Fix ARM Linux Loader on non-FDT platforms. 2013-12-22 00:30:19 +01:00
Vladimir Serbinenko
8a913e664e * include/grub/crypto.h (grub_crypto_xor): Fix cast-align warning. 2013-12-21 15:35:15 +01:00
Vladimir Serbinenko
ab216512d7 * grub-core/commands/macbless.c (grub_mac_bless_inode): Pass inode as u32
as both HFS and HFS+ have 32-bit inodes.
2013-12-21 14:40:53 +01:00
Vladimir Serbinenko
0d4aa91d0d * include/grub/misc.h (grub_strtol): Fix overflow. 2013-12-21 14:35:46 +01:00
Vladimir Serbinenko
a997af68e3 * include/grub/term.h (grub_unicode_estimate_width): Use grub_size_t
as return type in both conditionals.
2013-12-21 14:33:36 +01:00
Vladimir Serbinenko
36bcaf2903 * include/grub/video.h (grub_video_rgba_color_rgb): Fix prototype
to use uint8_t for color.
2013-12-21 14:31:47 +01:00
Vladimir Serbinenko
d88ae4f0a4 * include/grub/crypto.h: Don't discard const attribute. 2013-12-21 13:36:42 +01:00