From 4e7debd1127a7b92f304c1be118d7ee10ebba3e6 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jun 24 2021 04:24:25 +0000 Subject: import grub2-2.02-104.el8 --- diff --git a/SOURCES/0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch b/SOURCES/0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch new file mode 100644 index 0000000..d24a587 --- /dev/null +++ b/SOURCES/0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch @@ -0,0 +1,75 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Wed, 14 Apr 2021 20:10:23 +1000 +Subject: [PATCH] ieee1275: drop HEAP_MAX_ADDR, HEAP_MIN_SIZE + +HEAP_MAX_ADDR is confusing. Currently it is set to 32MB, except +on ieee1275 on x86, where it is 64MB. + +There is a comment which purports to explain it: + +/* If possible, we will avoid claiming heap above this address, because it + seems to cause relocation problems with OSes that link at 4 MiB */ + +This doesn't make a lot of sense when the constants are well above 4MB +already. It was not always this way. Prior to +commit 7b5d0fe4440c ("Increase heap limit") in 2010, HEAP_MAX_SIZE and +HEAP_MAX_ADDR were indeed 4MB. However, when the constants were increased +the comment was left unchanged. + +It's been over a decade. It doesn't seem like we have problems with +claims over 4MB on powerpc or x86 ieee1275. (sparc does things completely +differently and never used the constant.) + +Drop the constant and the check. + +The only use of HEAP_MIN_SIZE was to potentially override the +HEAP_MAX_ADDR check. It is now unused. Remove it. + +Signed-off-by: Daniel Axtens +--- + grub-core/kern/ieee1275/init.c | 17 ----------------- + 1 file changed, 17 deletions(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index 22dc3013d86..ee97d761d1e 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -42,9 +42,6 @@ + #include + #endif + +-/* The minimal heap size we can live with. */ +-#define HEAP_MIN_SIZE (unsigned long) (2 * 1024 * 1024) +- + /* The maximum heap size we're going to claim */ + #ifdef __i386__ + #define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024) +@@ -52,14 +49,6 @@ + #define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024) + #endif + +-/* If possible, we will avoid claiming heap above this address, because it +- seems to cause relocation problems with OSes that link at 4 MiB */ +-#ifdef __i386__ +-#define HEAP_MAX_ADDR (unsigned long) (64 * 1024 * 1024) +-#else +-#define HEAP_MAX_ADDR (unsigned long) (32 * 1024 * 1024) +-#endif +- + extern char _end[]; + + #ifdef __sparc__ +@@ -181,12 +170,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + if (*total + len > HEAP_MAX_SIZE) + len = HEAP_MAX_SIZE - *total; + +- /* Avoid claiming anything above HEAP_MAX_ADDR, if possible. */ +- if ((addr < HEAP_MAX_ADDR) && /* if it's too late, don't bother */ +- (addr + len > HEAP_MAX_ADDR) && /* if it wasn't available anyway, don't bother */ +- (*total + (HEAP_MAX_ADDR - addr) > HEAP_MIN_SIZE)) /* only limit ourselves when we can afford to */ +- len = HEAP_MAX_ADDR - addr; +- + /* In theory, firmware should already prevent this from happening by not + listing our own image in /memory/available. The check below is intended + as a safeguard in case that doesn't happen. However, it doesn't protect diff --git a/SOURCES/0482-ieee1275-claim-more-memory.patch b/SOURCES/0482-ieee1275-claim-more-memory.patch new file mode 100644 index 0000000..3499290 --- /dev/null +++ b/SOURCES/0482-ieee1275-claim-more-memory.patch @@ -0,0 +1,252 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Wed, 15 Apr 2020 23:28:29 +1000 +Subject: [PATCH] ieee1275: claim more memory + +On powerpc-ieee1275, we are running out of memory trying to verify +anything. This is because: + + - we have to load an entire file into memory to verify it. This is + extremely difficult to change with appended signatures. + - We only have 32MB of heap. + - Distro kernels are now often around 30MB. + +So we want to claim more memory from OpenFirmware for our heap. + +There are some complications: + + - The grub mm code isn't the only thing that will make claims on + memory from OpenFirmware: + + * PFW/SLOF will have claimed some for their own use. + + * The ieee1275 loader will try to find other bits of memory that we + haven't claimed to place the kernel and initrd when we go to boot. + + * Once we load Linux, it will also try to claim memory. It claims + memory without any reference to /memory/available, it just starts + at min(top of RMO, 768MB) and works down. So we need to avoid this + area. See arch/powerpc/kernel/prom_init.c as of v5.11. + + - The smallest amount of memory a ppc64 KVM guest can have is 256MB. + It doesn't work with distro kernels but can work with custom kernels. + We should maintain support for that. (ppc32 can boot with even less, + and we shouldn't break that either.) + + - Even if a VM has more memory, the memory OpenFirmware makes available + as Real Memory Area can be restricted. A freshly created LPAR on a + PowerVM machine is likely to have only 256MB available to OpenFirmware + even if it has many gigabytes of memory allocated. + +EFI systems will attempt to allocate 1/4th of the available memory, +clamped to between 1M and 1600M. That seems like a good sort of +approach, we just need to figure out if 1/4 is the right fraction +for us. + +We don't know in advance how big the kernel and initrd are going to be, +which makes figuring out how much memory we can take a bit tricky. + +To figure out how much memory we should leave unused, I looked at: + + - an Ubuntu 20.04.1 ppc64le pseries KVM guest: + vmlinux: ~30MB + initrd: ~50MB + + - a RHEL8.2 ppc64le pseries KVM guest: + vmlinux: ~30MB + initrd: ~30MB + +Ubuntu VMs struggle to boot with just 256MB under SLOF. +RHEL likewise has a higher minimum supported memory figure. +So lets first consider a distro kernel and 512MB of addressible memory. +(This is the default case for anything booting under PFW.) Say we lose +131MB to PFW (based on some tests). This leaves us 381MB. 1/4 of 381MB +is ~95MB. That should be enough to verify a 30MB vmlinux and should +leave plenty of space to load Linux and the initrd. + +If we consider 256MB of RMA under PFW, we have just 125MB remaining. 1/4 +of that is a smidge under 32MB, which gives us very poor odds of verifying +a distro-sized kernel. However, if we need 80MB just to put the kernel +and initrd in memory, we can't claim any more than 45MB anyway. So 1/4 +will do. We'll come back to this later. + +grub is always built as a 32-bit binary, even if it's loading a ppc64 +kernel. So we can't address memory beyond 4GB. This gives a natural cap +of 1GB for powerpc-ieee1275. + +Also apply this 1/4 approach to i386-ieee1275, but keep the 32MB cap. + +make check still works for both i386 and powerpc and I've booted +powerpc grub with this change under SLOF and PFW. + +Signed-off-by: Daniel Axtens +--- + grub-core/kern/ieee1275/init.c | 81 +++++++++++++++++++++++++++++++++--------- + docs/grub-dev.texi | 6 ++-- + 2 files changed, 69 insertions(+), 18 deletions(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index ee97d761d1e..a6e169bd003 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -42,11 +42,12 @@ + #include + #endif + +-/* The maximum heap size we're going to claim */ ++/* The maximum heap size we're going to claim. Not used by sparc. ++ We allocate 1/4 of the available memory under 4G, up to this limit. */ + #ifdef __i386__ + #define HEAP_MAX_SIZE (unsigned long) (64 * 1024 * 1024) +-#else +-#define HEAP_MAX_SIZE (unsigned long) (32 * 1024 * 1024) ++#else // __powerpc__ ++#define HEAP_MAX_SIZE (unsigned long) (1 * 1024 * 1024 * 1024) + #endif + + extern char _end[]; +@@ -143,16 +144,45 @@ grub_claim_heap (void) + + GRUB_KERNEL_MACHINE_STACK_SIZE), 0x200000); + } + #else +-/* Helper for grub_claim_heap. */ ++/* Helper for grub_claim_heap on powerpc. */ ++static int ++heap_size (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, ++ void *data) ++{ ++ grub_uint32_t total = *(grub_uint32_t *)data; ++ ++ if (type != GRUB_MEMORY_AVAILABLE) ++ return 0; ++ ++ /* Do not consider memory beyond 4GB */ ++ if (addr > 0xffffffffUL) ++ return 0; ++ ++ if (addr + len > 0xffffffffUL) ++ len = 0xffffffffUL - addr; ++ ++ total += len; ++ *(grub_uint32_t *)data = total; ++ ++ return 0; ++} ++ + static int + heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + void *data) + { +- unsigned long *total = data; ++ grub_uint32_t total = *(grub_uint32_t *)data; + + if (type != GRUB_MEMORY_AVAILABLE) + return 0; + ++ /* Do not consider memory beyond 4GB */ ++ if (addr > 0xffffffffUL) ++ return 0; ++ ++ if (addr + len > 0xffffffffUL) ++ len = 0xffffffffUL - addr; ++ + if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_NO_PRE1_5M_CLAIM)) + { + if (addr + len <= 0x180000) +@@ -166,10 +196,6 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + } + len -= 1; /* Required for some firmware. */ + +- /* Never exceed HEAP_MAX_SIZE */ +- if (*total + len > HEAP_MAX_SIZE) +- len = HEAP_MAX_SIZE - *total; +- + /* In theory, firmware should already prevent this from happening by not + listing our own image in /memory/available. The check below is intended + as a safeguard in case that doesn't happen. However, it doesn't protect +@@ -181,6 +207,18 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + len = 0; + } + ++ /* If this block contains 0x30000000 (768MB), do not claim below that. ++ Linux likes to claim memory at min(RMO top, 768MB) and works down ++ without reference to /memory/available. */ ++ if ((addr < 0x30000000) && ((addr + len) > 0x30000000)) ++ { ++ len = len - (0x30000000 - addr); ++ addr = 0x30000000; ++ } ++ ++ if (len > total) ++ len = total; ++ + if (len) + { + grub_err_t err; +@@ -189,10 +227,12 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + if (err) + return err; + grub_mm_init_region ((void *) (grub_addr_t) addr, len); ++ total -= len; + } + +- *total += len; +- if (*total >= HEAP_MAX_SIZE) ++ *(grub_uint32_t *)data = total; ++ ++ if (total == 0) + return 1; + + return 0; +@@ -201,13 +241,22 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + static void + grub_claim_heap (void) + { +- unsigned long total = 0; ++ grub_uint32_t total = 0; + + if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM)) +- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, +- 1, &total); +- else +- grub_machine_mmap_iterate (heap_init, &total); ++ { ++ heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, ++ 1, &total); ++ return; ++ } ++ ++ grub_machine_mmap_iterate (heap_size, &total); ++ ++ total = total / 4; ++ if (total > HEAP_MAX_SIZE) ++ total = HEAP_MAX_SIZE; ++ ++ grub_machine_mmap_iterate (heap_init, &total); + } + #endif + +diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi +index 421dd410e50..03d53498c51 100644 +--- a/docs/grub-dev.texi ++++ b/docs/grub-dev.texi +@@ -930,7 +930,9 @@ space is limited to 4GiB. GRUB allocates pages from EFI for its heap, at most + 1.6 GiB. + + On i386-ieee1275 and powerpc-ieee1275 GRUB uses same stack as IEEE1275. +-It allocates at most 32MiB for its heap. ++ ++On i386-ieee1275, GRUB allocates at most 32MiB for its heap. On ++powerpc-ieee1275, GRUB allocates up to 1GiB. + + On sparc64-ieee1275 stack is 256KiB and heap is 2MiB. + +@@ -958,7 +960,7 @@ In short: + @item i386-qemu @tab 60 KiB @tab < 4 GiB + @item *-efi @tab ? @tab < 1.6 GiB + @item i386-ieee1275 @tab ? @tab < 32 MiB +-@item powerpc-ieee1275 @tab ? @tab < 32 MiB ++@item powerpc-ieee1275 @tab ? @tab < 1 GiB + @item sparc64-ieee1275 @tab 256KiB @tab 2 MiB + @item arm-uboot @tab 256KiB @tab 2 MiB + @item mips(el)-qemu_mips @tab 2MiB @tab 253 MiB diff --git a/SOURCES/0483-ieee1275-request-memory-with-ibm-client-architecture.patch b/SOURCES/0483-ieee1275-request-memory-with-ibm-client-architecture.patch new file mode 100644 index 0000000..9f4e2b7 --- /dev/null +++ b/SOURCES/0483-ieee1275-request-memory-with-ibm-client-architecture.patch @@ -0,0 +1,268 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Fri, 16 Apr 2021 11:48:46 +1000 +Subject: [PATCH] ieee1275: request memory with ibm,client-architecture-support + +On PowerVM, the first time we boot a Linux partition, we may only get +256MB of real memory area, even if the partition has more memory. + +This isn't really enough. Fortunately, the Power Architecture Platform +Reference (PAPR) defines a method we can call to ask for more memory. +This is part of the broad and powerful ibm,client-architecture-support +(CAS) method. + +CAS can do an enormous amount of things on a PAPR platform: as well as +asking for memory, you can set the supported processor level, the interrupt +controller, hash vs radix mmu, and so on. We want to touch as little of +this as possible because we don't want to step on the toes of the future OS. + +If: + + - we are running under what we think is PowerVM (compatible property of / + begins with "IBM"), and + + - the full amount of RMA is less than 512MB (as determined by the reg + property of /memory) + +then call CAS as follows: (refer to the Linux on Power Architecture +Reference, LoPAR, which is public, at B.5.2.3): + + - Use the "any" PVR value and supply 2 option vectors. + + - Set option vector 1 (PowerPC Server Processor Architecture Level) + to "ignore". + + - Set option vector 2 with default or Linux-like options, including a + min-rma-size of 512MB. + +This will cause a CAS reboot and the partition will restart with 512MB +of RMA. Grub will notice the 512MB and not call CAS again. + +(A partition can be configured with only 256MB of memory, which would +mean this request couldn't be satisfied, but PFW refuses to load with +only 256MB of memory, so it's a bit moot. SLOF will run fine with 256MB, +but we will never call CAS under qemu/SLOF because /compatible won't +begin with "IBM".) + +One of the first things Linux does while still running under OpenFirmware +is to call CAS with a much fuller set of options (including asking for +512MB of memory). This includes a much more restrictive set of PVR values +and processor support levels, and this will induce another reboot. On this +reboot grub will again notice the higher RMA, and not call CAS. We will get +to Linux, Linux will call CAS but because the values are now set for Linux +this will not induce another CAS reboot and we will finally boot. + +On all subsequent boots, everything will be configured with 512MB of RMA +and all the settings Linux likes, so there will be no further CAS reboots. + +(phyp is super sticky with the RMA size - it persists even on cold boots. +So if you've ever booted Linux in a partition, you'll probably never have +grub call CAS. It'll only ever fire the first time a partition loads grub, +or if you deliberately lower the amount of memory your partition has below +512MB.) + +Signed-off-by: Daniel Axtens +--- + grub-core/kern/ieee1275/cmain.c | 3 + + grub-core/kern/ieee1275/init.c | 144 ++++++++++++++++++++++++++++++++++++++- + include/grub/ieee1275/ieee1275.h | 8 ++- + 3 files changed, 152 insertions(+), 3 deletions(-) + +diff --git a/grub-core/kern/ieee1275/cmain.c b/grub-core/kern/ieee1275/cmain.c +index 3e14f539368..9d5156462c1 100644 +--- a/grub-core/kern/ieee1275/cmain.c ++++ b/grub-core/kern/ieee1275/cmain.c +@@ -124,6 +124,9 @@ grub_ieee1275_find_options (void) + break; + } + } ++ ++ if (grub_strncmp (tmp, "IBM,", 4) == 0) ++ grub_ieee1275_set_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY); + } + + if (is_smartfirmware) +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index a6e169bd003..adf4bd5a88b 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -238,6 +238,135 @@ heap_init (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type, + return 0; + } + ++/* How much memory does OF believe it has? (regardless of whether ++ it's accessible or not) */ ++static grub_err_t ++grub_ieee1275_total_mem (grub_uint64_t *total) ++{ ++ grub_ieee1275_phandle_t root; ++ grub_ieee1275_phandle_t memory; ++ grub_uint32_t reg[4]; ++ grub_ssize_t reg_size; ++ grub_uint32_t address_cells = 1; ++ grub_uint32_t size_cells = 1; ++ grub_uint64_t size; ++ ++ /* If we fail to get to the end, report 0. */ ++ *total = 0; ++ ++ /* Determine the format of each entry in `reg'. */ ++ grub_ieee1275_finddevice ("/", &root); ++ grub_ieee1275_get_integer_property (root, "#address-cells", &address_cells, ++ sizeof address_cells, 0); ++ grub_ieee1275_get_integer_property (root, "#size-cells", &size_cells, ++ sizeof size_cells, 0); ++ ++ if (size_cells > address_cells) ++ address_cells = size_cells; ++ ++ /* Load `/memory/reg'. */ ++ if (grub_ieee1275_finddevice ("/memory", &memory)) ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, ++ "couldn't find /memory node"); ++ if (grub_ieee1275_get_integer_property (memory, "reg", reg, ++ sizeof reg, ®_size)) ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, ++ "couldn't examine /memory/reg property"); ++ if (reg_size < 0 || (grub_size_t) reg_size > sizeof (reg)) ++ return grub_error (GRUB_ERR_UNKNOWN_DEVICE, ++ "/memory response buffer exceeded"); ++ ++ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_BROKEN_ADDRESS_CELLS)) ++ { ++ address_cells = 1; ++ size_cells = 1; ++ } ++ ++ /* Decode only the size */ ++ size = reg[address_cells]; ++ if (size_cells == 2) ++ size = (size << 32) | reg[address_cells + 1]; ++ ++ *total = size; ++ ++ return grub_errno; ++} ++ ++/* Based on linux - arch/powerpc/kernel/prom_init.c */ ++struct option_vector2 { ++ grub_uint8_t byte1; ++ grub_uint16_t reserved; ++ grub_uint32_t real_base; ++ grub_uint32_t real_size; ++ grub_uint32_t virt_base; ++ grub_uint32_t virt_size; ++ grub_uint32_t load_base; ++ grub_uint32_t min_rma; ++ grub_uint32_t min_load; ++ grub_uint8_t min_rma_percent; ++ grub_uint8_t max_pft_size; ++} __attribute__((packed)); ++ ++struct pvr_entry { ++ grub_uint32_t mask; ++ grub_uint32_t entry; ++}; ++ ++struct cas_vector { ++ struct { ++ struct pvr_entry terminal; ++ } pvr_list; ++ grub_uint8_t num_vecs; ++ grub_uint8_t vec1_size; ++ grub_uint8_t vec1; ++ grub_uint8_t vec2_size; ++ struct option_vector2 vec2; ++} __attribute__((packed)); ++ ++/* Call ibm,client-architecture-support to try to get more RMA. ++ We ask for 512MB which should be enough to verify a distro kernel. ++ We ignore most errors: if we don't succeed we'll proceed with whatever ++ memory we have. */ ++static void ++grub_ieee1275_ibm_cas (void) ++{ ++ int rc; ++ grub_ieee1275_ihandle_t root; ++ struct cas_args { ++ struct grub_ieee1275_common_hdr common; ++ grub_ieee1275_cell_t method; ++ grub_ieee1275_ihandle_t ihandle; ++ grub_ieee1275_cell_t cas_addr; ++ grub_ieee1275_cell_t result; ++ } args; ++ struct cas_vector vector = { ++ .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */ ++ .num_vecs = 2 - 1, ++ .vec1_size = 0, ++ .vec1 = 0x80, /* ignore */ ++ .vec2_size = 1 + sizeof(struct option_vector2) - 2, ++ .vec2 = { ++ 0, 0, -1, -1, -1, -1, -1, 512, -1, 0, 48 ++ }, ++ }; ++ ++ INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2); ++ args.method = (grub_ieee1275_cell_t)"ibm,client-architecture-support"; ++ rc = grub_ieee1275_open("/", &root); ++ if (rc) { ++ grub_error (GRUB_ERR_IO, "could not open root when trying to call CAS"); ++ return; ++ } ++ args.ihandle = root; ++ args.cas_addr = (grub_ieee1275_cell_t)&vector; ++ ++ grub_printf("Calling ibm,client-architecture-support..."); ++ IEEE1275_CALL_ENTRY_FN (&args); ++ grub_printf("done\n"); ++ ++ grub_ieee1275_close(root); ++} ++ + static void + grub_claim_heap (void) + { +@@ -245,11 +374,22 @@ grub_claim_heap (void) + + if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_FORCE_CLAIM)) + { +- heap_init (GRUB_IEEE1275_STATIC_HEAP_START, GRUB_IEEE1275_STATIC_HEAP_LEN, +- 1, &total); ++ heap_init (GRUB_IEEE1275_STATIC_HEAP_START, ++ GRUB_IEEE1275_STATIC_HEAP_LEN, 1, &total); + return; + } + ++ if (grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY)) ++ { ++ grub_uint64_t rma_size; ++ grub_err_t err; ++ ++ err = grub_ieee1275_total_mem (&rma_size); ++ /* if we have an error, don't call CAS, just hope for the best */ ++ if (!err && rma_size < (512 * 1024 * 1024)) ++ grub_ieee1275_ibm_cas(); ++ } ++ + grub_machine_mmap_iterate (heap_size, &total); + + total = total / 4; +diff --git a/include/grub/ieee1275/ieee1275.h b/include/grub/ieee1275/ieee1275.h +index ca08bd96681..131808d6197 100644 +--- a/include/grub/ieee1275/ieee1275.h ++++ b/include/grub/ieee1275/ieee1275.h +@@ -147,7 +147,13 @@ enum grub_ieee1275_flag + + GRUB_IEEE1275_FLAG_CURSORONOFF_ANSI_BROKEN, + +- GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT ++ GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT, ++ ++ /* On PFW, the first time we boot a Linux partition, we may only get 256MB ++ of real memory area, even if the partition has more memory. Set this flag ++ if we think we're running under PFW. Then, if this flag is set, and the ++ RMA is only 256MB in size, try asking for more with CAS. */ ++ GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY, + }; + + extern int EXPORT_FUNC(grub_ieee1275_test_flag) (enum grub_ieee1275_flag flag); diff --git a/SOURCES/0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch b/SOURCES/0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch new file mode 100644 index 0000000..f65f498 --- /dev/null +++ b/SOURCES/0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch @@ -0,0 +1,315 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Sat, 8 May 2021 02:27:58 +0200 +Subject: [PATCH] appendedsig/x509: Also handle the Extended Key Usage + extension + +Red Hat certificates have both Key Usage and Extended Key Usage extensions +present, but the appended signatures x509 parser doesn't handle the latter +and so buils due finding an unrecognised critical extension: + +Error loading initial key: +../../grub-core/commands/appendedsig/x509.c:780:Unhandled critical x509 extension with OID 2.5.29.37 + +Fix this by also parsing the Extended Key Usage extension and handle it by +verifying that the certificate has a single purpose, that is code signing. + +Signed-off-by: Javier Martinez Canillas +Signed-off-by: Daniel Axtens +--- + grub-core/commands/appendedsig/x509.c | 94 ++++++++++++++++++++++++++++++- + grub-core/tests/appended_signature_test.c | 29 +++++++++- + grub-core/tests/appended_signatures.h | 81 ++++++++++++++++++++++++++ + 3 files changed, 201 insertions(+), 3 deletions(-) + +diff --git a/grub-core/commands/appendedsig/x509.c b/grub-core/commands/appendedsig/x509.c +index 652e4f16870..34a2070a7c9 100644 +--- a/grub-core/commands/appendedsig/x509.c ++++ b/grub-core/commands/appendedsig/x509.c +@@ -47,6 +47,12 @@ const char *keyUsage_oid = "2.5.29.15"; + */ + const char *basicConstraints_oid = "2.5.29.19"; + ++/* ++ * RFC 5280 4.2.1.12 Extended Key Usage ++ */ ++const char *extendedKeyUsage_oid = "2.5.29.37"; ++const char *codeSigningUsage_oid = "1.3.6.1.5.5.7.3.3"; ++ + /* + * RFC 3279 2.3.1 + * +@@ -651,6 +657,77 @@ cleanup: + return err; + } + ++/* ++ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId ++ * ++ * KeyPurposeId ::= OBJECT IDENTIFIER ++ */ ++static grub_err_t ++verify_extended_key_usage (grub_uint8_t * value, int value_size) ++{ ++ asn1_node extendedasn; ++ int result, count; ++ grub_err_t err = GRUB_ERR_NONE; ++ char usage[MAX_OID_LEN]; ++ int usage_size = sizeof (usage); ++ ++ result = ++ asn1_create_element (_gnutls_pkix_asn, "PKIX1.ExtKeyUsageSyntax", ++ &extendedasn); ++ if (result != ASN1_SUCCESS) ++ { ++ return grub_error (GRUB_ERR_OUT_OF_MEMORY, ++ "Could not create ASN.1 structure for Extended Key Usage"); ++ } ++ ++ result = asn1_der_decoding2 (&extendedasn, value, &value_size, ++ ASN1_DECODE_FLAG_STRICT_DER, asn1_error); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error parsing DER for Extended Key Usage: %s", ++ asn1_error); ++ goto cleanup; ++ } ++ ++ /* ++ * If EKUs are present, there must be exactly 1 and it must be a ++ * codeSigning usage. ++ */ ++ result = asn1_number_of_elements(extendedasn, "", &count); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error counting number of Extended Key Usages: %s", ++ asn1_strerror (result)); ++ goto cleanup; ++ } ++ ++ result = asn1_read_value (extendedasn, "?1", usage, &usage_size); ++ if (result != ASN1_SUCCESS) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Error reading Extended Key Usage: %s", ++ asn1_strerror (result)); ++ goto cleanup; ++ } ++ ++ if (grub_strncmp (codeSigningUsage_oid, usage, usage_size) != 0) ++ { ++ err = ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Unexpected Extended Key Usage OID, got: %s", ++ usage); ++ goto cleanup; ++ } ++ ++cleanup: ++ asn1_delete_structure (&extendedasn); ++ return err; ++} + + /* + * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension +@@ -674,7 +751,7 @@ verify_extensions (asn1_node cert) + { + int result; + int ext, num_extensions = 0; +- int usage_present = 0, constraints_present = 0; ++ int usage_present = 0, constraints_present = 0, extended_usage_present = 0; + char *oid_path, *critical_path, *value_path; + char extnID[MAX_OID_LEN]; + int extnID_size; +@@ -768,6 +845,15 @@ verify_extensions (asn1_node cert) + } + constraints_present++; + } ++ else if (grub_strncmp (extendedKeyUsage_oid, extnID, extnID_size) == 0) ++ { ++ err = verify_extended_key_usage (value, value_size); ++ if (err != GRUB_ERR_NONE) ++ { ++ goto cleanup_value; ++ } ++ extended_usage_present++; ++ } + else if (grub_strncmp ("TRUE", critical, critical_size) == 0) + { + /* +@@ -799,6 +885,12 @@ verify_extensions (asn1_node cert) + "Unexpected number of basic constraints extensions - expected 1, got %d", + constraints_present); + } ++ if (extended_usage_present > 1) ++ { ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "Unexpected number of Extended Key Usage extensions - expected 0 or 1, got %d", ++ extended_usage_present); ++ } + return GRUB_ERR_NONE; + + cleanup_value: +diff --git a/grub-core/tests/appended_signature_test.c b/grub-core/tests/appended_signature_test.c +index 88a485200d8..dbba0616621 100644 +--- a/grub-core/tests/appended_signature_test.c ++++ b/grub-core/tests/appended_signature_test.c +@@ -111,6 +111,22 @@ static struct grub_procfs_entry certificate_printable_der_entry = { + .get_contents = get_certificate_printable_der + }; + ++static char * ++get_certificate_eku_der (grub_size_t * sz) ++{ ++ char *ret; ++ *sz = certificate_eku_der_len; ++ ret = grub_malloc (*sz); ++ if (ret) ++ grub_memcpy (ret, certificate_eku_der, *sz); ++ return ret; ++} ++ ++static struct grub_procfs_entry certificate_eku_der_entry = { ++ .name = "certificate_eku.der", ++ .get_contents = get_certificate_eku_der ++}; ++ + + static void + do_verify (const char *f, int is_valid) +@@ -149,6 +165,7 @@ appended_signature_test (void) + char *trust_args2[] = { (char *) "(proc)/certificate2.der", NULL }; + char *trust_args_printable[] = { (char *) "(proc)/certificate_printable.der", + NULL }; ++ char *trust_args_eku[] = { (char *) "(proc)/certificate_eku.der", NULL }; + char *distrust_args[] = { (char *) "1", NULL }; + char *distrust2_args[] = { (char *) "2", NULL }; + grub_err_t err; +@@ -157,6 +174,7 @@ appended_signature_test (void) + grub_procfs_register ("certificate2.der", &certificate2_der_entry); + grub_procfs_register ("certificate_printable.der", + &certificate_printable_der_entry); ++ grub_procfs_register ("certificate_eku.der", &certificate_eku_der_entry); + + cmd_trust = grub_command_find ("trust_certificate"); + if (!cmd_trust) +@@ -266,16 +284,23 @@ appended_signature_test (void) + + /* + * Lastly, check a certificate that uses printableString rather than +- * utf8String loads properly. ++ * utf8String loads properly, and that a certificate with an appropriate ++ * extended key usage loads. + */ + err = (cmd_trust->func) (cmd_trust, 1, trust_args_printable); + grub_test_assert (err == GRUB_ERR_NONE, +- "distrusting printable certificate failed: %d: %s", ++ "trusting printable certificate failed: %d: %s", ++ grub_errno, grub_errmsg); ++ ++ err = (cmd_trust->func) (cmd_trust, 1, trust_args_eku); ++ grub_test_assert (err == GRUB_ERR_NONE, ++ "trusting certificate with extended key usage failed: %d: %s", + grub_errno, grub_errmsg); + + grub_procfs_unregister (&certificate_der_entry); + grub_procfs_unregister (&certificate2_der_entry); + grub_procfs_unregister (&certificate_printable_der_entry); ++ grub_procfs_unregister (&certificate_eku_der_entry); + } + + GRUB_FUNCTIONAL_TEST (appended_signature_test, appended_signature_test); +diff --git a/grub-core/tests/appended_signatures.h b/grub-core/tests/appended_signatures.h +index aa3dc6278e3..2e5ebd7d8bd 100644 +--- a/grub-core/tests/appended_signatures.h ++++ b/grub-core/tests/appended_signatures.h +@@ -555,3 +555,84 @@ unsigned char certificate_printable_der[] = { + 0xd2 + }; + unsigned int certificate_printable_der_len = 829; ++ ++unsigned char certificate_eku_der[] = { ++ 0x30, 0x82, 0x03, 0x90, 0x30, 0x82, 0x02, 0x78, 0xa0, 0x03, 0x02, 0x01, ++ 0x02, 0x02, 0x09, 0x00, 0xd3, 0x9c, 0x41, 0x33, 0xdd, 0x6b, 0x5f, 0x45, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x0b, 0x05, 0x00, 0x30, 0x47, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x18, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, ++ 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, ++ 0x43, 0x41, 0x20, 0x36, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2a, 0x86, ++ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x13, 0x73, 0x65, 0x63, ++ 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, 0x64, 0x68, 0x61, 0x74, ++ 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, ++ 0x31, 0x35, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, 0x17, 0x0d, 0x33, ++ 0x38, 0x30, 0x31, 0x31, 0x37, 0x31, 0x34, 0x30, 0x30, 0x34, 0x34, 0x5a, ++ 0x30, 0x4e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, ++ 0x1f, 0x52, 0x65, 0x64, 0x20, 0x48, 0x61, 0x74, 0x20, 0x53, 0x65, 0x63, ++ 0x75, 0x72, 0x65, 0x20, 0x42, 0x6f, 0x6f, 0x74, 0x20, 0x53, 0x69, 0x67, ++ 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x36, 0x30, 0x32, 0x31, 0x22, 0x30, 0x20, ++ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, ++ 0x13, 0x73, 0x65, 0x63, 0x61, 0x6c, 0x65, 0x72, 0x74, 0x40, 0x72, 0x65, ++ 0x64, 0x68, 0x61, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, ++ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, ++ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, ++ 0x02, 0x82, 0x01, 0x01, 0x00, 0xaa, 0x6f, 0xbb, 0x92, 0x77, 0xd7, 0x15, ++ 0xef, 0x88, 0x80, 0x88, 0xc0, 0xe7, 0x89, 0xeb, 0x35, 0x76, 0xf4, 0x85, ++ 0x05, 0x0f, 0x19, 0xe4, 0x5f, 0x25, 0xdd, 0xc1, 0xa2, 0xe5, 0x5c, 0x06, ++ 0xfb, 0xf1, 0x06, 0xb5, 0x65, 0x45, 0xcb, 0xbd, 0x19, 0x33, 0x54, 0xb5, ++ 0x1a, 0xcd, 0xe4, 0xa8, 0x35, 0x2a, 0xfe, 0x9c, 0x53, 0xf4, 0xc6, 0x76, ++ 0xdb, 0x1f, 0x8a, 0xd4, 0x7b, 0x18, 0x11, 0xaf, 0xa3, 0x90, 0xd4, 0xdd, ++ 0x4d, 0xd5, 0x42, 0xcc, 0x14, 0x9a, 0x64, 0x6b, 0xc0, 0x7f, 0xaa, 0x1c, ++ 0x94, 0x47, 0x4d, 0x79, 0xbd, 0x57, 0x9a, 0xbf, 0x99, 0x4e, 0x96, 0xa9, ++ 0x31, 0x2c, 0xa9, 0xe7, 0x14, 0x65, 0x86, 0xc8, 0xac, 0x79, 0x5e, 0x78, ++ 0xa4, 0x3c, 0x00, 0x24, 0xd3, 0xf7, 0xe1, 0xf5, 0x12, 0xad, 0xa0, 0x29, ++ 0xe5, 0xfe, 0x80, 0xae, 0xf8, 0xaa, 0x60, 0x36, 0xe7, 0xe8, 0x94, 0xcb, ++ 0xe9, 0xd1, 0xcc, 0x0b, 0x4d, 0xf7, 0xde, 0xeb, 0x52, 0xd2, 0x73, 0x09, ++ 0x28, 0xdf, 0x48, 0x99, 0x53, 0x9f, 0xc5, 0x9a, 0xd4, 0x36, 0xa3, 0xc6, ++ 0x5e, 0x8d, 0xbe, 0xd5, 0xdc, 0x76, 0xb4, 0x74, 0xb8, 0x26, 0x18, 0x27, ++ 0xfb, 0xf2, 0xfb, 0xd0, 0x9b, 0x3d, 0x7f, 0x10, 0xe2, 0xab, 0x44, 0xc7, ++ 0x88, 0x7f, 0xb4, 0x3d, 0x3e, 0xa3, 0xff, 0x6d, 0x06, 0x4b, 0x3e, 0x55, ++ 0xb2, 0x84, 0xf4, 0xad, 0x54, 0x88, 0x81, 0xc3, 0x9c, 0xf8, 0xb6, 0x68, ++ 0x96, 0x38, 0x8b, 0xcd, 0x90, 0x6d, 0x25, 0x4b, 0xbf, 0x0c, 0x44, 0x90, ++ 0xa5, 0x5b, 0x98, 0xd0, 0x40, 0x2f, 0xbb, 0x0d, 0xa8, 0x4b, 0x8a, 0x62, ++ 0x82, 0x46, 0x46, 0x18, 0x38, 0xae, 0x82, 0x07, 0xd0, 0xb4, 0x2f, 0x16, ++ 0x79, 0x55, 0x9f, 0x1b, 0xc5, 0x08, 0x6d, 0x85, 0xdf, 0x3f, 0xa9, 0x9b, ++ 0x4b, 0xc6, 0x28, 0xd3, 0x58, 0x72, 0x3d, 0x37, 0x11, 0x02, 0x03, 0x01, ++ 0x00, 0x01, 0xa3, 0x78, 0x30, 0x76, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, ++ 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, ++ 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, ++ 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, ++ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03, ++ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6c, ++ 0xe4, 0x6c, 0x27, 0xaa, 0xcd, 0x0d, 0x4b, 0x74, 0x21, 0xa4, 0xf6, 0x5f, ++ 0x87, 0xb5, 0x31, 0xfe, 0x10, 0xbb, 0xa7, 0x30, 0x1f, 0x06, 0x03, 0x55, ++ 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xe8, 0x6a, 0x1c, 0xab, ++ 0x2c, 0x48, 0xf9, 0x60, 0x36, 0xa2, 0xf0, 0x7b, 0x8e, 0xd2, 0x9d, 0xb4, ++ 0x2a, 0x28, 0x98, 0xc8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, ++ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, ++ 0x55, 0x34, 0xe2, 0xfa, 0xf6, 0x89, 0x86, 0xad, 0x92, 0x21, 0xec, 0xb9, ++ 0x54, 0x0e, 0x18, 0x47, 0x0d, 0x1b, 0xa7, 0x58, 0xad, 0x69, 0xe4, 0xef, ++ 0x3b, 0xe6, 0x8d, 0xdd, 0xda, 0x0c, 0x45, 0xf6, 0xe8, 0x96, 0xa4, 0x29, ++ 0x0f, 0xbb, 0xcf, 0x16, 0xae, 0x93, 0xd0, 0xcb, 0x2a, 0x26, 0x1a, 0x7b, ++ 0xfc, 0x51, 0x22, 0x76, 0x98, 0x31, 0xa7, 0x0f, 0x29, 0x35, 0x79, 0xbf, ++ 0xe2, 0x4f, 0x0f, 0x14, 0xf5, 0x1f, 0xcb, 0xbf, 0x87, 0x65, 0x13, 0x32, ++ 0xa3, 0x19, 0x4a, 0xd1, 0x3f, 0x45, 0xd4, 0x4b, 0xe2, 0x00, 0x26, 0xa9, ++ 0x3e, 0xd7, 0xa5, 0x37, 0x9f, 0xf5, 0xad, 0x61, 0xe2, 0x40, 0xa9, 0x74, ++ 0x24, 0x53, 0xf2, 0x78, 0xeb, 0x10, 0x9b, 0x2c, 0x27, 0x88, 0x46, 0xcb, ++ 0xe4, 0x60, 0xca, 0xf5, 0x06, 0x24, 0x40, 0x2a, 0x97, 0x3a, 0xcc, 0xd0, ++ 0x81, 0xb1, 0x15, 0xa3, 0x4f, 0xd0, 0x2b, 0x4f, 0xca, 0x6e, 0xaa, 0x24, ++ 0x31, 0xb3, 0xac, 0xa6, 0x75, 0x05, 0xfe, 0x8a, 0xf4, 0x41, 0xc4, 0x06, ++ 0x8a, 0xc7, 0x0a, 0x83, 0x4e, 0x49, 0xd4, 0x3f, 0x83, 0x50, 0xec, 0x57, ++ 0x04, 0x97, 0x14, 0x49, 0xf5, 0xe1, 0xb1, 0x7a, 0x9c, 0x09, 0x4f, 0x61, ++ 0x87, 0xc3, 0x97, 0x22, 0x17, 0xc2, 0xeb, 0xcc, 0x32, 0x81, 0x31, 0x21, ++ 0x3f, 0x10, 0x57, 0x5b, 0x43, 0xbe, 0xcd, 0x68, 0x82, 0xbe, 0xe5, 0xc1, ++ 0x65, 0x94, 0x7e, 0xc2, 0x34, 0x76, 0x2b, 0xcf, 0x89, 0x3c, 0x2b, 0x81, ++ 0x23, 0x72, 0x95, 0xcf, 0xc9, 0x67, 0x19, 0x2a, 0xd5, 0x5c, 0xca, 0xa3, ++ 0x46, 0xbd, 0x48, 0x06, 0x0b, 0xa6, 0xa3, 0x96, 0x50, 0x28, 0xc7, 0x7e, ++ 0xcf, 0x62, 0xf2, 0xfa, 0xc4, 0xf2, 0x53, 0xe3, 0xc9, 0xe8, 0x2e, 0xdd, ++ 0x29, 0x37, 0x07, 0x47, 0xff, 0xff, 0x8a, 0x32, 0xbd, 0xa2, 0xb7, 0x21, ++ 0x89, 0xa0, 0x55, 0xf7 ++}; ++unsigned int certificate_eku_der_len = 916; diff --git a/SOURCES/0485-ieee1275-ofdisk-retry-on-open-failure.patch b/SOURCES/0485-ieee1275-ofdisk-retry-on-open-failure.patch new file mode 100644 index 0000000..93ad912 --- /dev/null +++ b/SOURCES/0485-ieee1275-ofdisk-retry-on-open-failure.patch @@ -0,0 +1,103 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Diego Domingos +Date: Wed, 10 Mar 2021 14:17:52 -0500 +Subject: [PATCH] ieee1275/ofdisk: retry on open failure + +This patch aims to make grub more robust when booting from SAN/Multipath disks. + +If a path is failing intermittently so grub will retry the OPEN and READ the +disk (grub_ieee1275_open and grub_ieee1275_read) until the total amount of times +specified in MAX_RETRIES. + +Signed-off-by: Diego Domingos +--- + grub-core/disk/ieee1275/ofdisk.c | 25 ++++++++++++++++++++----- + include/grub/ieee1275/ofdisk.h | 8 ++++++++ + 2 files changed, 28 insertions(+), 5 deletions(-) + +diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c +index f3a6ecd797f..98325ca982f 100644 +--- a/grub-core/disk/ieee1275/ofdisk.c ++++ b/grub-core/disk/ieee1275/ofdisk.c +@@ -225,7 +225,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) + char *buf, *bufptr; + unsigned i; + +- if (grub_ieee1275_open (alias->path, &ihandle)) ++ ++ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle) ++ if (! ihandle) + return; + + /* This method doesn't need memory allocation for the table. Open +@@ -305,7 +307,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) + return; + } + +- if (grub_ieee1275_open (alias->path, &ihandle)) ++ RETRY_IEEE1275_OFDISK_OPEN(alias->path, &ihandle); ++ ++ if (! ihandle) + { + grub_free (buf); + grub_free (table); +@@ -495,7 +499,7 @@ grub_ofdisk_open (const char *name, grub_disk_t disk) + last_ihandle = 0; + last_devpath = NULL; + +- grub_ieee1275_open (op->open_path, &last_ihandle); ++ RETRY_IEEE1275_OFDISK_OPEN(op->open_path, &last_ihandle); + if (! last_ihandle) + return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); + last_devpath = op->open_path; +@@ -571,7 +575,7 @@ grub_ofdisk_prepare (grub_disk_t disk, grub_disk_addr_t sector) + last_ihandle = 0; + last_devpath = NULL; + +- grub_ieee1275_open (disk->data, &last_ihandle); ++ RETRY_IEEE1275_OFDISK_OPEN(disk->data, &last_ihandle); + if (! last_ihandle) + return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device"); + last_devpath = disk->data; +@@ -598,12 +602,23 @@ grub_ofdisk_read (grub_disk_t disk, grub_disk_addr_t sector, + return err; + grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, + &actual); +- if (actual != (grub_ssize_t) (size << disk->log_sector_size)) ++ int i = 0; ++ while(actual != (grub_ssize_t) (size << disk->log_sector_size)){ ++ if (i>MAX_RETRIES){ + return grub_error (GRUB_ERR_READ_ERROR, N_("failure reading sector 0x%llx " + "from `%s'"), + (unsigned long long) sector, + disk->name); ++ } ++ last_devpath = NULL; ++ err = grub_ofdisk_prepare (disk, sector); ++ if (err) ++ return err; + ++ grub_ieee1275_read (last_ihandle, buf, size << disk->log_sector_size, ++ &actual); ++ i++; ++ } + return 0; + } + +diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h +index 2f69e3f191d..7d2d5409305 100644 +--- a/include/grub/ieee1275/ofdisk.h ++++ b/include/grub/ieee1275/ofdisk.h +@@ -22,4 +22,12 @@ + extern void grub_ofdisk_init (void); + extern void grub_ofdisk_fini (void); + ++#define MAX_RETRIES 20 ++ ++ ++#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \ ++ if(!grub_ieee1275_open(device, last_ihandle)) \ ++ break; \ ++ grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); } ++ + #endif /* ! GRUB_INIT_HEADER */ diff --git a/SOURCES/20-grub.install b/SOURCES/20-grub.install index 3238e43..9b74538 100755 --- a/SOURCES/20-grub.install +++ b/SOURCES/20-grub.install @@ -75,6 +75,14 @@ case "$COMMAND" in command -v restorecon &>/dev/null && \ restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" fi + # symvers is symvers-.gz symlink, needs a special treatment + i="$KERNEL_DIR/symvers.gz" + if [[ -e "$i" ]]; then + rm -f "/boot/symvers-${KERNEL_VERSION}.gz" + ln -s "$i" "/boot/symvers-${KERNEL_VERSION}.gz" + command -v restorecon &>/dev/null && \ + restorecon "/boot/symvers-${KERNEL_VERSION}.gz" + fi fi if [[ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]] || [[ ! -f /sbin/new-kernel-pkg ]]; then @@ -154,6 +162,8 @@ case "$COMMAND" in done # hmac is .vmlinuz-.hmac so needs a special treatment rm -f "/boot/.vmlinuz-${KERNEL_VERSION}.hmac" + # symvers is symvers-.gz symlink, needs a special treatment + rm -f "/boot/symvers-${KERNEL_VERSION}.gz" exit 0 fi diff --git a/SOURCES/centos-ca-secureboot.der b/SOURCES/centos-ca-secureboot.der deleted file mode 100644 index 44a2563..0000000 Binary files a/SOURCES/centos-ca-secureboot.der and /dev/null differ diff --git a/SOURCES/centossecureboot001.der b/SOURCES/centossecureboot001.der deleted file mode 100644 index e8216b1..0000000 Binary files a/SOURCES/centossecureboot001.der and /dev/null differ diff --git a/SOURCES/centossecureboot202.der b/SOURCES/centossecureboot202.der deleted file mode 100644 index ab8213c..0000000 Binary files a/SOURCES/centossecureboot202.der and /dev/null differ diff --git a/SOURCES/centossecurebootca2.der b/SOURCES/centossecurebootca2.der deleted file mode 100644 index 42bdfcf..0000000 Binary files a/SOURCES/centossecurebootca2.der and /dev/null differ diff --git a/SOURCES/grub.macros b/SOURCES/grub.macros index 98ad11a..2f50680 100644 --- a/SOURCES/grub.macros +++ b/SOURCES/grub.macros @@ -71,6 +71,7 @@ %global with_legacy_arch 0 %global grubefiarch %{nil} %global grublegacyarch %{nil} +%global grubelfname %{nil} # sparc is always compiled 64 bit %ifarch %{sparc} @@ -108,13 +109,24 @@ %{!?with_efi_only:%global without_efi_only 0} %{?with_efi_only:%global without_efi_only 1} -### fixme + +%ifarch %{efi_arch} +%global efi_modules " efi_netfs efifwsetup efinet lsefi lsefimmap " +%endif + +%ifarch x86_64 %{ix86} +%global platform_modules " backtrace chain usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard " +%endif + +%ifarch ppc64le +%global platform_modules " appendedsig " +%endif + %ifarch aarch64 %{arm} %global platform_modules " " -%else -%global platform_modules " backtrace chain usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard " %endif + %ifarch aarch64 %{arm} %global legacy_provides -l %endif @@ -203,6 +215,7 @@ %global with_legacy_arch 1 %global grublegacyarch %{legacy_target_cpu_name}-%{platform} %global moduledir %{legacy_target_cpu_name}-%{platform} +%global grubelfname core.elf %endif %global evr %{epoch}:%{version}-%{release} @@ -366,45 +379,85 @@ for x in grub-mkimage ; do \\\ done \ %{nil} +%global grub_modules " all_video boot blscfg btrfs \\\ + cat configfile cryptodisk echo ext2 \\\ + fat font gcry_rijndael gcry_rsa gcry_serpent \\\ + gcry_sha256 gcry_twofish gcry_whirlpool \\\ + gfxmenu gfxterm gzio halt hfsplus http \\\ + increment iso9660 jpeg loadenv loopback linux \\\ + lvm luks mdraid09 mdraid1x minicmd net \\\ + normal part_apple part_msdos part_gpt \\\ + password_pbkdf2 png reboot regexp search \\\ + search_fs_uuid search_fs_file search_label \\\ + serial sleep syslinuxcfg test tftp video xfs" \ + %ifarch x86_64 aarch64 %{arm} -%define mkimage() \ +%define efi_mkimage() \ %{4}./grub-mkimage -O %{1} -o %{2}.orig \\\ - -p /EFI/%{efi_vendor} -d grub-core ${GRUB_MODULES} \\\ - --sbat %{4}./sbat.csv \ + -p /EFI/%{efi_vendor} -d grub-core \\\ + --sbat %{4}./sbat.csv \\\ + ${GRUB_MODULES} \ %{4}./grub-mkimage -O %{1} -o %{3}.orig \\\ - -p /EFI/BOOT -d grub-core ${GRUB_MODULES} \\\ - --sbat %{4}./sbat.csv \ + -p /EFI/BOOT -d grub-core \\\ + --sbat %{4}./sbat.csv \\\ + ${GRUB_MODULES} \ %{expand:%%{pesign -s -i %%{2}.orig -o %%{2}.one -a %%{5} -c %%{6} -n %%{7}}} \ %{expand:%%{pesign -s -i %%{3}.orig -o %%{3}.one -a %%{5} -c %%{6} -n %%{7}}} \ %{expand:%%{pesign -s -i %%{2}.one -o %%{2} -a %%{8} -c %%{9} -n %%{10}}} \ %{expand:%%{pesign -s -i %%{3}.one -o %%{3} -a %%{8} -c %%{9} -n %%{10}}} \ %{nil} %else -%define mkimage() \ +%define efi_mkimage() \ %{4}./grub-mkimage -O %{1} -o %{2} \\\ - -p /EFI/%{efi_vendor} -d grub-core ${GRUB_MODULES} \ + -p /EFI/%{efi_vendor} -d grub-core \\\ + ${GRUB_MODULES} \ %{4}./grub-mkimage -O %{1} -o %{3} \\\ - -p /EFI/BOOT -d grub-core ${GRUB_MODULES} \ + -p /EFI/BOOT -d grub-core \\\ + ${GRUB_MODULES} \ +%{nil} +%endif + +%ifarch ppc64le +%define ieee1275_mkimage() \ +APPENDED_SIG_SIZE=0 \ +if [ -x /usr/bin/rpm-sign ]; then \ + touch empty.unsigned \ + rpm-sign --key %{5} \\\ + --lkmsign empty.unsigned \\\ + --output empty.signed \ + APPENDED_SIG_SIZE="$(stat -c '%s' empty.signed)" \ + rm empty.{un,}signed \ +fi \ +# FIXME: using this prefix is fragile, must be done properly \ +./grub-mkimage -O %{1} -o %{2}.orig \\\ + -p '(,msdos2)/grub2' -d grub-core \\\ + -x %{3} -x %{4} \\\ + --appended-signature-size ${APPENDED_SIG_SIZE} \\\ + ${GRUB_MODULES} \ +if [ -x /usr/bin/rpm-sign ]; then \ + truncate -s -${APPENDED_SIG_SIZE} %{2}.orig \ + rpm-sign --key %{5} \\\ + --lkmsign %{2}.orig \\\ + --output %{2} \ +else \ + mv %{2}.orig %{2} \ +fi \ %{nil} %endif %define do_efi_build_images() \ -GRUB_MODULES=" all_video boot blscfg btrfs \\\ - cat configfile cryptodisk \\\ - echo efi_netfs efifwsetup efinet ext2 \\\ - fat font gcry_rijndael gcry_rsa gcry_serpent \\\ - gcry_sha256 gcry_twofish gcry_whirlpool \\\ - gfxmenu gfxterm gzio \\\ - halt hfsplus http increment iso9660 jpeg \\\ - loadenv loopback linux lvm lsefi lsefimmap luks \\\ - mdraid09 mdraid1x minicmd net \\\ - normal part_apple part_msdos part_gpt \\\ - password_pbkdf2 png reboot \\\ - regexp search search_fs_uuid search_fs_file \\\ - search_label serial sleep syslinuxcfg test tftp \\\ - video xfs" \ +GRUB_MODULES+=%{grub_modules} \ +GRUB_MODULES+=%{efi_modules} \ GRUB_MODULES+=%{platform_modules} \ -%{expand:%%{mkimage %{1} %{2} %{3} %{4} %{5} %{6} %{7} %{8} %{9} %{10}}} \ +%{expand:%%{efi_mkimage %{1} %{2} %{3} %{4} %{5} %{6} %{7} %{8} %{9} %{10}}} \ +%{nil} + +%define do_ieee1275_build_images() \ +GRUB_MODULES+=%{grub_modules} \ +GRUB_MODULES+=%{platform_modules} \ +cd grub-%{1}-%{tarversion} \ +%{expand:%%ieee1275_mkimage %%{1} %%{2} %%{3} %%{4} %%{5}} \ +cd .. \ %{nil} %define do_primary_efi_build() \ @@ -501,6 +554,9 @@ fi \ if [ -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info ]; then \ rm -f $RPM_BUILD_ROOT%{_infodir}/grub-dev.info \ fi \ +%{expand:%ifarch ppc64le \ + install -m 700 %{grubelfname} $RPM_BUILD_ROOT/%{_libdir}/grub/%{1} \ +%endif} \ ln -s ../boot/%{name}/grub.cfg \\\ ${RPM_BUILD_ROOT}%{_sysconfdir}/grub2.cfg \ if [ -f $RPM_BUILD_ROOT/%{_libdir}/grub/%{1}/grub2.chrp ]; then \ @@ -542,12 +598,19 @@ touch ${RPM_BUILD_ROOT}/boot/%{name}/grub.cfg \ %config(noreplace) %{_sysconfdir}/%{name}.cfg \ %ghost %config(noreplace) /boot/%{name}/grub.cfg \ %dir %attr(0700,root,root)/boot/loader/entries \ +%ifarch ppc64le \ +%dir %{_libdir}/grub/%{2}/ \ +%{_libdir}/grub/%{2}/%{grubelfname} \ +%endif \ \ %{expand:%if 0%{?with_legacy_modules} \ %{expand:%%files %{1}-modules} \ %defattr(-,root,root) \ %dir %{_libdir}/grub/%{2}/ \ %{_libdir}/grub/%{2}/* \ +%ifarch ppc64le \ +%exclude %{_libdir}/grub/%{2}/%{grubelfname} \ +%endif \ %exclude %{_libdir}/grub/%{2}/*.module \ %exclude %{_libdir}/grub/%{2}/{boot,boot_hybrid,cdboot,diskboot,lzma_decompress,pxeboot}.image \ %exclude %{_libdir}/grub/%{2}/*.o \ diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches index cc743e3..79469be 100644 --- a/SOURCES/grub.patches +++ b/SOURCES/grub.patches @@ -478,3 +478,8 @@ Patch0477: 0477-kern-misc-Add-function-to-check-printf-format-agains.patch Patch0478: 0478-gfxmenu-gui-Check-printf-format-in-the-gui_progress_.patch Patch0479: 0479-kern-mm-Fix-grub_debug_calloc-compilation-error.patch Patch0480: 0480-efi-net-Fix-malformed-device-path-arithmetic-errors-.patch +Patch0481: 0481-ieee1275-drop-HEAP_MAX_ADDR-HEAP_MIN_SIZE.patch +Patch0482: 0482-ieee1275-claim-more-memory.patch +Patch0483: 0483-ieee1275-request-memory-with-ibm-client-architecture.patch +Patch0484: 0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch +Patch0485: 0485-ieee1275-ofdisk-retry-on-open-failure.patch diff --git a/SOURCES/redhatsecureboot301.cer b/SOURCES/redhatsecureboot301.cer new file mode 100644 index 0000000..4ff8b79 Binary files /dev/null and b/SOURCES/redhatsecureboot301.cer differ diff --git a/SOURCES/redhatsecureboot303.cer b/SOURCES/redhatsecureboot303.cer new file mode 100644 index 0000000..2c0087d Binary files /dev/null and b/SOURCES/redhatsecureboot303.cer differ diff --git a/SOURCES/redhatsecureboot502.cer b/SOURCES/redhatsecureboot502.cer new file mode 100644 index 0000000..be0b5e2 Binary files /dev/null and b/SOURCES/redhatsecureboot502.cer differ diff --git a/SOURCES/redhatsecureboot601.cer b/SOURCES/redhatsecureboot601.cer new file mode 100644 index 0000000..c92b96b Binary files /dev/null and b/SOURCES/redhatsecureboot601.cer differ diff --git a/SOURCES/redhatsecurebootca3.cer b/SOURCES/redhatsecurebootca3.cer new file mode 100644 index 0000000..b235400 Binary files /dev/null and b/SOURCES/redhatsecurebootca3.cer differ diff --git a/SOURCES/redhatsecurebootca5.cer b/SOURCES/redhatsecurebootca5.cer new file mode 100644 index 0000000..dfb0284 Binary files /dev/null and b/SOURCES/redhatsecurebootca5.cer differ diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec index 7913939..c62e437 100644 --- a/SPECS/grub2.spec +++ b/SPECS/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 99%{?dist} +Release: 104%{?dist} Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -24,14 +24,31 @@ Source6: gitignore Source8: strtoull_test.c Source9: 20-grub.install Source12: 99-grub-mkconfig.install -Source13: centos-ca-secureboot.der -Source14: centossecureboot001.der -Source15: centossecurebootca2.der -Source16: centossecureboot202.der -Source17: sbat.csv.in +Source13: redhatsecurebootca3.cer +Source14: redhatsecureboot301.cer +Source15: redhatsecurebootca5.cer +Source16: redhatsecureboot502.cer +Source17: redhatsecureboot303.cer +Source18: redhatsecureboot601.cer +Source19: sbat.csv.in %include %{SOURCE1} +%if 0%{with_efi_arch} +%define old_sb_ca %{SOURCE13} +%define old_sb_cer %{SOURCE14} +%define old_sb_key redhatsecureboot301 +%define sb_ca %{SOURCE15} +%define sb_cer %{SOURCE16} +%define sb_key redhatsecureboot502 +%endif + +%ifarch ppc64le +%define old_sb_cer %{SOURCE17} +%define sb_cer %{SOURCE18} +%define sb_key redhatsecureboot602 +%endif + # generate with do-rebase %include %{SOURCE2} @@ -55,11 +72,7 @@ BuildRequires: pesign >= 0.99-8 BuildRequires: ccache %endif -%if 0%{?centos} -%global efidir centos -%endif - -ExcludeArch: s390 s390x +ExcludeArch: s390 s390x %{arm} Obsoletes: %{name} <= %{evr} %if 0%{with_legacy_arch} @@ -153,7 +166,7 @@ This subpackage provides tools for support of all platforms. mkdir grub-%{grubefiarch}-%{tarversion} grep -A100000 '# stuff "make" creates' .gitignore > grub-%{grubefiarch}-%{tarversion}/.gitignore cp %{SOURCE4} grub-%{grubefiarch}-%{tarversion}/unifont.pcf.gz -sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE17} \ +sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE19} \ > grub-%{grubefiarch}-%{tarversion}/sbat.csv git add grub-%{grubefiarch}-%{tarversion} %endif @@ -173,14 +186,17 @@ git commit -m "After making subdirs" %build %if 0%{with_efi_arch} -%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{SOURCE13} %{SOURCE14} centossecureboot001 %{SOURCE15} %{SOURCE16} centossecureboot202} +%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{old_sb_ca} %{old_sb_cer} %{old_sb_key} %{sb_ca} %{sb_cer} %{sb_key}} %endif %if 0%{with_alt_efi_arch} -%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{SOURCE13} %{SOURCE14} centossecureboot001 %{SOURCE15} %{SOURCE16} centossecureboot202} +%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{old_sb_ca} %{old_sb_cer} %{old_sb_key} %{sb_ca} %{sb_cer} %{sb_key}} %endif %if 0%{with_legacy_arch} %{expand:%do_legacy_build %%{grublegacyarch}} %endif +%ifarch ppc64le +%{expand:%do_ieee1275_build_images %%{grublegacyarch} %{grubelfname} %{old_sb_cer} %{sb_cer} %{sb_key}} +%endif makeinfo --info --no-split -I docs -o docs/grub-dev.info \ docs/grub-dev.texi makeinfo --info --no-split -I docs -o docs/grub.info \ @@ -507,6 +523,26 @@ fi %endif %changelog +* Mon Jun 21 2021 Javier Martinez Canillas - 2.02-104 +- 20-grub-install: Create a symvers.gz symbolic link + Resolves: rhbz#1919125 + +* Mon May 17 2021 Javier Martinez Canillas - 2.02-103 +- Fix boot failures in ppc64le caused by storage race condition (diegodo) + Resolves: rhbz#1942152 + +* Tue May 11 2021 Javier Martinez Canillas - 2.02-102 +- Build and sign powerpc-ieee1275 images + Related: rhbz#1899864 + +* Fri Apr 23 2021 Javier Martinez Canillas - 2.02-101 +- Find and claim more memory for ieee1275 (dja) + Related: rhbz#1853410 + +* Fri Apr 23 2021 Javier Martinez Canillas - 2.02-100 +- Sync with the latest content of the rhel-8.4.0 branch + Resolves: rhbz#1952840 + * Thu Feb 25 2021 Javier Martinez Canillas - 2.02-99 - Fix bug of grub2-install not checking for the SBAT option Resolves: CVE-2020-14372 @@ -529,13 +565,10 @@ fi * Tue Feb 23 2021 Javier Martinez Canillas - 2.02-97 - Fix keylayouts module listed twice in GRUB_MODULES variable - Related: rhbz#1897587 * Tue Feb 23 2021 Javier Martinez Canillas - 2.02-96 - Fix "Add 'at_keyboard_fallback_set' var to force the set manually" - Related: rhbz#1897587 - Fix a boot failure due patch "ieee1275: claim up to 256MB memory" - Resolves: rhbz#1929111 * Tue Jan 26 2021 Javier Martinez Canillas - 2.02-95 - Add appended signatures support for ppc64le LPAR Secure Boot (daxtens)