From 70a9d423fbc5781943bce7b8170cc5d08ad010c4 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Oct 12 2021 13:28:34 +0000
Subject: import grub2-2.02-0.87.el7_9.7


---

diff --git a/README.debrand b/README.debrand
deleted file mode 100644
index 01c46d2..0000000
--- a/README.debrand
+++ /dev/null
@@ -1,2 +0,0 @@
-Warning: This package was configured for automatic debranding, but the changes
-failed to apply.
diff --git a/SOURCES/0449-ieee1275-ofdisk-retry-on-open-failure.patch b/SOURCES/0449-ieee1275-ofdisk-retry-on-open-failure.patch
new file mode 100644
index 0000000..dc4aa2a
--- /dev/null
+++ b/SOURCES/0449-ieee1275-ofdisk-retry-on-open-failure.patch
@@ -0,0 +1,100 @@
+From c23e77a9abea3402e29062fdc4dd60d10c9f3c07 Mon Sep 17 00:00:00 2001
+From: Diego Domingos <diegodo@br.ibm.com>
+Date: Mon, 17 May 2021 16:59:04 +0200
+Subject: [PATCH] ieee1275/ofdisk: retry on open failure
+
+This patch aims to make grub more robust when booting from SAN/Multipath disks.
+If a path is failing intermittently so grub will retry the OPEN and READ the
+disk (grub_ieee1275_open and grub_ieee1275_read) until the total amount of times
+specified in MAX_RETRIES.
+
+Signed-off-by: Diego Domingos <diegodo@br.ibm.com>
+---
+ grub-core/disk/ieee1275/ofdisk.c | 32 ++++++++++++++++++++++++--------
+ include/grub/ieee1275/ofdisk.h   |  8 ++++++++
+ 2 files changed, 32 insertions(+), 8 deletions(-)
+
+diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c
+index 5fabe365eca..578d2833273 100644
+--- a/grub-core/disk/ieee1275/ofdisk.c
++++ b/grub-core/disk/ieee1275/ofdisk.c
+@@ -220,7 +220,9 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
+       char *buf, *bufptr;
+       unsigned i;
+ 
+-      if (grub_ieee1275_open (alias->path, &ihandle))
++
++      RETRY_IEEE1275_OFDISK_OPEN(alias->path, ihandle)
++      if (! ihandle)
+ 	return;
+     
+       INIT_IEEE1275_COMMON (&args.common, "call-method", 2, 3);
+@@ -408,7 +410,8 @@ grub_ofdisk_open (const char *name, grub_disk_t disk)
+     last_ihandle = 0;
+     last_devpath = NULL;
+ 
+-    grub_ieee1275_open (op->open_path, &last_ihandle);
++    RETRY_IEEE1275_OFDISK_OPEN(op->open_path, last_ihandle)
++
+     if (! last_ihandle)
+       return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device");
+     last_devpath = op->open_path;
+@@ -481,7 +484,7 @@ grub_ofdisk_prepare (grub_disk_t disk, grub_disk_addr_t sector)
+       last_ihandle = 0;
+       last_devpath = NULL;
+ 
+-      grub_ieee1275_open (disk->data, &last_ihandle);
++      RETRY_IEEE1275_OFDISK_OPEN(disk->data, last_ihandle);
+       if (! last_ihandle)
+ 	return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "can't open device");
+       last_devpath = disk->data;      
+@@ -508,11 +511,24 @@ grub_ofdisk_read (grub_disk_t disk, grub_disk_addr_t sector,
+     return err;
+   grub_ieee1275_read (last_ihandle, buf, size  << disk->log_sector_size,
+ 		      &actual);
+-  if (actual != (grub_ssize_t) (size  << disk->log_sector_size))
+-    return grub_error (GRUB_ERR_READ_ERROR, N_("failure reading sector 0x%llx "
+-					       "from `%s'"),
+-		       (unsigned long long) sector,
+-		       disk->name);
++
++  int i = 0;
++  while(actual != (grub_ssize_t) (size  << disk->log_sector_size)){
++      if (i > MAX_RETRIES){
++       return grub_error (GRUB_ERR_READ_ERROR, N_("failure reading sector 0x%llx "
++                                               "from `%s'"),
++                       (unsigned long long) sector,
++                       disk->name);
++      }
++      grub_dprintf("ofdisk","Read failed. Retrying...\n");
++      last_devpath = NULL;
++      err = grub_ofdisk_prepare (disk, sector);
++      if (err)
++        return err;
++      grub_ieee1275_read (last_ihandle, buf, size  << disk->log_sector_size,
++                      &actual);
++      i++;
++   }
+ 
+   return 0;
+ }
+diff --git a/include/grub/ieee1275/ofdisk.h b/include/grub/ieee1275/ofdisk.h
+index 3f583178748..7446b670213 100644
+--- a/include/grub/ieee1275/ofdisk.h
++++ b/include/grub/ieee1275/ofdisk.h
+@@ -25,4 +25,12 @@ extern void grub_ofdisk_fini (void);
+ extern grub_err_t grub_ofdisk_get_block_size (const char *device,
+                                               grub_uint32_t *block_size);
+ 
++#define MAX_RETRIES 20
++
++
++#define RETRY_IEEE1275_OFDISK_OPEN(device, last_ihandle) unsigned retry_i=0;for(retry_i=0; retry_i < MAX_RETRIES; retry_i++){ \
++						if(!grub_ieee1275_open(device, & last_ihandle)) \
++						break; \
++						grub_dprintf("ofdisk","Opening disk %s failed. Retrying...\n",device); }
++
+ #endif /* ! GRUB_INIT_HEADER */
+-- 
+2.31.1
+
diff --git a/SOURCES/centos-ca-secureboot.der b/SOURCES/centos-ca-secureboot.der
deleted file mode 100644
index 44a2563..0000000
Binary files a/SOURCES/centos-ca-secureboot.der and /dev/null differ
diff --git a/SOURCES/centossecureboot001.crt b/SOURCES/centossecureboot001.crt
deleted file mode 100644
index 294b05f..0000000
--- a/SOURCES/centossecureboot001.crt
+++ /dev/null
@@ -1,425 +0,0 @@
-
-<!DOCTYPE html>
-<html lang='en'>
-<head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-    <title>Tree - rpms/kernel - CentOS Git server</title>
-    <link rel="shortcut icon" type="image/vnd.microsoft.icon"
-href="/theme/static/favicon.ico"/>
-<link rel="stylesheet" href="/static/vendor/bootstrap/bootstrap.min.css" />
-<link href="/theme/static/theme.css" rel="stylesheet" type="text/css" />
-
-    <link type="text/css" rel="stylesheet" nonce="zU2361P7dte9FXpc7MWuyPXgo" href="/static/vendor/font-awesome/font-awesome.css?version=5.8.1"/>
-    <link type="text/css" rel="stylesheet" nonce="zU2361P7dte9FXpc7MWuyPXgo" href="/static/pagure.css?version=5.8.1"/>
-<link nonce="zU2361P7dte9FXpc7MWuyPXgo" rel="stylesheet" href="/static/vendor/highlight.js/styles/github.css?version=5.8.1"/>
-<link nonce="zU2361P7dte9FXpc7MWuyPXgo" rel="stylesheet" href="/static/vendor/highlightjs-line-numbers/highlightjs-line-numbers.min.css?version=5.8.1"/>
-<style nonce="zU2361P7dte9FXpc7MWuyPXgo">
-  .hljs {
-    background: #fff;
-  }
-</style>
-  </head>
-  <body id="home">
-    
-    <!-- start masthead -->
-    <nav class="navbar navbar-dark bg-dark p-0 navbar-expand">
-      <div class="container">
-        <a href="/" class="navbar-brand">
-        <img height=40px src="/theme/static/pagure-logo.png?version=5.8.1"
-             alt="pagure Logo" id="pagureLogo"/>
-        </a>
-        <ul class="navbar-nav ml-auto">
-          <li class="nav-item">
-            <a class="btn btn-primary" href="/login/?next=https://git.centos.org/rpms/kernel/blob/ed0e597ee2d605d93e246185acb1e5cf68f72f5e/f/SOURCES/centossecureboot001.crt">Log In</a>
-          </li>
-        </ul>
-      </div>
-    </nav>
-    <!-- close masthead-->
-
-    <div class="bodycontent">
-
-
-<div class="bg-light border border-bottom pt-3">
-  <div class="container">
-    <div class="row mb-3">
-      <div class="col-6">
-        <div class="row">
-        <div class="col-auto pr-0">
-            <h3>
-<i class="fa fa-calendar-o fa-rotate-270 text-muted"></i></h3>
-        </div>
-        <div class="col-auto pl-2">
-            <h3 class="mb-0">
-<a href="/projects/rpms/%2A">rpms</a>&nbsp;/&nbsp;<a href="/rpms/kernel"><strong>kernel</strong></a>
-            </h3>
-        </div>
-        </div>
-      </div>
-      <div class="col-6 text-right">
-        <div class="btn-group">
-        <div class="btn-group">
-        <a href="#"
-            class="btn btn-sm dropdown-toggle btn-outline-primary"
-            data-toggle="dropdown" id="watch-button">
-          <i class="fa fa-clone fa-fw"></i>
-          <span>Clone</span>
-        </a>
-        <div class="dropdown-menu dropdown-menu-right">
-          <div class="m-3" id="source-dropdown" class="pointer">
-            <div>
-              <h5><strong>Source Code</strong></h5>
-
-              <div class="form-group">
-                <div class="input-group input-group-sm">
-                  <div class="input-group-prepend"><span class="input-group-text">GIT</span></div>
-                  <input class="form-control bg-white select-on-focus" type="text" value="https://git.centos.org/rpms/kernel.git" readonly>
-                </div>
-              </div>
-            </div>
-          </div>
-        </div>
-
-      </div>
-    </div>
-  </div>
-</div>
-
-<ul class="nav nav-tabs nav-small border-bottom-0">
-  <li class="nav-item mr-2 text-dark">
-    <a class="nav-link active" href="/rpms/kernel">
-        <i class="fa fa-code fa-fw text-muted"></i>
-        <span class="d-none d-md-inline">Source</span>
-    </a>
-  </li>
-
-    <li class="nav-item mr-2 text-dark">
-        <a class="nav-link" href="/rpms/kernel/issues">
-            <i class="fa fa-fw text-muted fa-exclamation-circle"></i>
-            <span class="d-none d-md-inline">Issues&nbsp;</span>
-            <span class="badge badge-secondary py-0 d-none d-md-inline">
-              0
-            </span>
-        </a>
-    </li>
-
-    <li class="nav-item mr-2 text-dark">
-      <a class="nav-link" href="/rpms/kernel/pull-requests">
-          <i class="fa fa-fw text-muted fa-arrow-circle-down"></i>
-          <span class="d-none d-md-inline">Pull Requests&nbsp;</span>
-          <span class="badge badge-secondary py-0 d-none d-md-inline">
-            0
-          </span>
-      </a>
-    </li>
-
-
-    <li class="nav-item mr-2 text-dark">
-      <a class="nav-link" href="/rpms/kernel/stats">
-          <i class="fa fa-line-chart fa-fw text-muted"></i>
-          <span class="d-none d-md-inline">Stats</span>
-      </a>
-    </li>
-
-
-</ul>
-  </div>
-</div>
-
-<div class="container pt-5 repo-body-container">
-  <div class="row">
-    <div class="col-2">
-<nav class="nav nav-tabs nav-sidetabs flex-column">
-  <a class=
-      "nav-link nowrap
-"
-      href="/rpms/kernel">
-      <i class="fa fa-home text-muted fa-fw"></i>&nbsp;<span class="d-none d-md-inline">Overview</span>
-  </a>
-  <a class=
-    "nav-link nowrap
- active"
-    href="/rpms/kernel/tree/ed0e597ee2d605d93e246185acb1e5cf68f72f5e">
-    <i class="fa fa-file-code-o text-muted fa-fw"></i>&nbsp;Files
-  </a>
-  <a class=
-    "nav-link nowrap
-"
-    href="/rpms/kernel/commits/ed0e597ee2d605d93e246185acb1e5cf68f72f5e">
-    <i class="fa fa-list-alt text-muted fa-fw" data-glyph="spreadsheet"></i>&nbsp;Commits
-  </a>
-  <a class=
-    "nav-link nowrap
-"
-    href="/rpms/kernel/branches?branchname=ed0e597ee2d605d93e246185acb1e5cf68f72f5e">
-    <i class="fa fa-random text-muted fa-fw"></i>&nbsp;Branches
-  </a>
-  <a class=
-    "nav-link nowrap
-"
-    href="/rpms/kernel/forks">
-    <i class="fa fa-code-fork text-muted fa-fw"></i>&nbsp;Forks
-  </a>
-  <a class=
-    "nav-link nowrap
-"
-    href="/rpms/kernel/releases">
-    <i class="fa fa-tags text-muted fa-fw"></i>&nbsp;Releases
-  </a>
-</nav>    </div>
-    <div class="col-10">
-  <div class="row mb-1">
-    <div class="col-sm-6">
-    <h3>
-      Files
-    </h3>
-    </div>
-
-    <div class="col-sm-6">
-      <div class="float-right">
-        <a href="#" class="btn btn-outline-light border-secondary text-dark btn-sm"
-        aria-haspopup="true" aria-expanded="false">
-        Commit: <span class="font-weight-bold">ed0e597ee2d605d93e246185acb1e5cf68f72f5e</span>
-        </a>
-    </div>
-  </div>
-  </div>
-    <div class="card mb-3">
-      <div class="card-header">
-        <ol class="breadcrumb p-0 bg-transparent mb-0">
-          <li class="breadcrumb-item">
-            <a href="/rpms/kernel/tree/ed0e597ee2d605d93e246185acb1e5cf68f72f5e">
-              <span class="fa fa-random">
-              </span>&nbsp; ed0e597ee2d605d93e246185acb1e5cf68f72f5e
-            </a>
-          </li>
-<li class="breadcrumb-item"><a href="/rpms/kernel/blob/ed0e597ee2d605d93e246185acb1e5cf68f72f5e/f/SOURCES">
-            <span class="fa fa-folder"></span>&nbsp; SOURCES</a>
-          </li>
-          <li class="active breadcrumb-item">
-            <span class="fa fa-file" data-glyph="">
-            </span>&nbsp; centossecureboot001.crt
-          </li>
-        </ol>
-      </div>
-
-  <div class="card-body p-0">
-            <div class="bg-light border text-right pr-2">
-                <form class="btn btn-sm" method="POST" name="fork_project"
-                    action="/fork_edit/rpms/kernel/edit/ed0e597ee2d605d93e246185acb1e5cf68f72f5e/f/SOURCES/centossecureboot001.crt">
-                    <button class="btn btn-sm btn-secondary fork_project_btn">
-                            Fork and Edit
-                    </button>
-                    
-                </form>
-
-                <a class="btn btn-secondary btn-sm" href="/rpms/kernel/blob/ed0e597ee2d605d93e246185acb1e5cf68f72f5e/f/SOURCES/centossecureboot001.crt" title="View as blob">Blob</a>
-
-                <a class="btn btn-secondary btn-sm" href="/rpms/kernel/blame/SOURCES/centossecureboot001.crt?identifier=ed0e597ee2d605d93e246185acb1e5cf68f72f5e" title="View git blame">Blame</a>
-
-                <a class="btn btn-secondary btn-sm" href="/rpms/kernel/raw/ed0e597ee2d605d93e246185acb1e5cf68f72f5e/f/SOURCES/centossecureboot001.crt" title="View as raw">Raw</a>
-            </div>
-
-        <pre class="syntaxhighlightblock"><code class="">Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            b6:16:15:71:72:fb:31:7e
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=CentOS Secure Boot (CA key 1)/emailAddress=security@centos.org
-        Validity
-            Not Before: Aug  1 11:47:30 2018 GMT
-            Not After : Dec 31 11:47:30 2037 GMT
-        Subject: CN=CentOS Secure Boot (key 1)/emailAddress=security@centos.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
-                    00:c1:a3:6a:f4:2d:71:83:6c:21:ca:0c:b7:ac:fa:
-                    76:80:43:03:40:87:5d:de:e9:1e:df:ad:e7:2b:51:
-                    cb:f8:31:0f:9a:db:ab:23:25:04:11:05:57:7d:f2:
-                    4b:8d:1e:b3:75:78:1d:b9:57:8b:18:0b:bb:7e:e3:
-                    24:0f:6a:40:5f:2b:4f:03:a5:85:94:d2:f9:08:a0:
-                    bc:db:a5:ea:4f:7f:e8:7c:d1:a9:f8:f0:9c:25:18:
-                    00:14:c4:c4:35:7d:1d:4c:8a:8d:95:f8:ed:65:97:
-                    a5:a4:da:7d:cb:f0:33:3b:b7:03:94:68:47:05:57:
-                    6c:96:91:ac:14:f2:e3:f6:6d:4a:18:cf:68:8a:35:
-                    6f:8e:26:99:7f:db:c9:83:54:c2:c3:bf:ad:45:a0:
-                    aa:a0:86:5f:20:b1:86:1b:ae:b7:28:15:11:f9:65:
-                    53:5d:70:33:9b:a3:c7:b5:c8:11:ff:55:3b:e7:46:
-                    f1:6c:6b:8c:bb:f2:9f:36:23:b1:2d:23:2f:8f:4f:
-                    6c:a8:cc:ae:f5:56:9e:22:6c:0e:9a:4a:b1:bd:b2:
-                    76:15:5c:05:85:b8:5e:dc:8c:a5:c3:e0:75:51:a4:
-                    94:9b:03:2e:7b:f8:d3:b9:dd:7f:88:ce:2e:2f:28:
-                    4c:b4:92:2f:e6:e0:67:0a:d0:ff:c5:d2:79:a6:ef:
-                    94:0f
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature
-            X509v3 Subject Key Identifier: 
-                F0:37:C6:EA:EC:36:D4:05:7A:52:6C:0E:C6:D5:A9:5B:32:4E:E1:29
-            X509v3 Authority Key Identifier: 
-                keyid:54:EC:81:85:89:3E:E9:1A:DB:08:F7:44:88:54:7E:8E:3F:74:3A:F3
-
-    Signature Algorithm: sha256WithRSAEncryption
-        97:97:ba:a6:0b:5b:bb:84:39:2e:ef:8b:51:9a:89:bb:65:3c:
-        dc:15:d0:5a:88:c5:af:ce:93:f5:c1:74:98:15:59:a9:38:da:
-        11:fd:46:d5:4f:23:7c:03:1f:ae:0c:70:93:94:a7:61:2f:4b:
-        2f:5f:bb:cc:8a:d7:4a:24:66:73:85:b4:19:13:fc:6a:61:4a:
-        28:1f:a2:38:f4:72:90:03:c4:3e:64:63:8b:fb:15:22:22:4e:
-        b9:43:d9:b4:3d:3a:60:c1:4d:3a:09:85:68:7a:bc:3b:f9:ef:
-        f3:f5:e9:c9:4f:80:8c:c6:e9:cb:ef:28:44:b0:5d:d4:9e:4f:
-        0f:02:9a:65:aa:98:35:b4:6f:d2:80:e3:08:ef:12:d0:17:56:
-        a6:a1:42:1e:1d:ab:e5:33:c0:fd:88:0d:40:42:81:c8:27:30:
-        17:07:57:3e:05:9d:aa:05:0e:5b:3a:79:b4:29:aa:7c:42:5a:
-        ad:43:59:fb:34:4d:dc:62:58:63:e4:fb:de:bb:fd:6c:4e:97:
-        58:f4:b9:99:4a:71:fe:7f:16:50:55:25:46:39:96:9b:88:6c:
-        75:19:33:9e:70:b3:04:82:fe:16:a8:8e:22:47:83:6d:16:77:
-        da:26:ad:31:d8:06:6d:c5:7e:46:4b:21:ab:ae:ec:2a:93:71:
-        da:7f:89:1d
------BEGIN CERTIFICATE-----
-MIIDdTCCAl2gAwIBAgIJALYWFXFy+zF+MA0GCSqGSIb3DQEBCwUAMEwxJjAkBgNV
-BAMMHUNlbnRPUyBTZWN1cmUgQm9vdCAoQ0Ega2V5IDEpMSIwIAYJKoZIhvcNAQkB
-FhNzZWN1cml0eUBjZW50b3Mub3JnMB4XDTE4MDgwMTExNDczMFoXDTM3MTIzMTEx
-NDczMFowSTEjMCEGA1UEAxMaQ2VudE9TIFNlY3VyZSBCb290IChrZXkgMSkxIjAg
-BgkqhkiG9w0BCQEWE3NlY3VyaXR5QGNlbnRvcy5vcmcwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDBo2r0LXGDbCHKDLes+naAQwNAh13e6R7frecrUcv4
-MQ+a26sjJQQRBVd98kuNHrN1eB25V4sYC7t+4yQPakBfK08DpYWU0vkIoLzbpepP
-f+h80an48JwlGAAUxMQ1fR1Mio2V+O1ll6Wk2n3L8DM7twOUaEcFV2yWkawU8uP2
-bUoYz2iKNW+OJpl/28mDVMLDv61FoKqghl8gsYYbrrcoFRH5ZVNdcDObo8e1yBH/
-VTvnRvFsa4y78p82I7EtIy+PT2yozK71Vp4ibA6aSrG9snYVXAWFuF7cjKXD4HVR
-pJSbAy57+NO53X+Izi4vKEy0ki/m4GcK0P/F0nmm75QPAgMBAAGjXTBbMAwGA1Ud
-EwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBTwN8bq7DbUBXpSbA7G1alb
-Mk7hKTAfBgNVHSMEGDAWgBRU7IGFiT7pGtsI90SIVH6OP3Q68zANBgkqhkiG9w0B
-AQsFAAOCAQEAl5e6pgtbu4Q5Lu+LUZqJu2U83BXQWojFr86T9cF0mBVZqTjaEf1G
-1U8jfAMfrgxwk5SnYS9LL1+7zIrXSiRmc4W0GRP8amFKKB+iOPRykAPEPmRji/sV
-IiJOuUPZtD06YMFNOgmFaHq8O/nv8/XpyU+AjMbpy+8oRLBd1J5PDwKaZaqYNbRv
-0oDjCO8S0BdWpqFCHh2r5TPA/YgNQEKByCcwFwdXPgWdqgUOWzp5tCmqfEJarUNZ
-+zRN3GJYY+T73rv9bE6XWPS5mUpx/n8WUFUlRjmWm4hsdRkznnCzBIL+FqiOIkeD
-bRZ32iatMdgGbcV+Rkshq67sKpNx2n+JHQ==
------END CERTIFICATE-----
-</code></pre>
-  </div>
- </div> <!-- end .card-->
-
-</div>
-</div>
-</div>
-    </div>
-
-        <div class="footer py-3 bg-light border-top text-center">
-        <div class="container">
-            <p class="text-muted credit">
-         Powered by
-          <a href="https://pagure.io/pagure">Pagure</a>
-          5.8.1
-            </p>
-            <p><a href="/ssh_info">SSH Hostkey/Fingerprint</a> | <a href="https://docs.pagure.org/pagure/usage/index.html">Documentation</a></p>
-        </div>
-    </div>
-
-
-    <script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo" src="/static/vendor/jquery/jquery.min.js?version=5.8.1"></script>
-
-    <script src="/static/vendor/bootstrap/bootstrap.bundle.min.js"></script>
-
-    <script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo">
-      $('[data-toggle="tooltip"]').tooltip({placement : 'bottom'});
-      $(".cancel_btn").click(function() {
-        history.back();
-      });
-    </script>
-
-<script type="text/javascript"  nonce="zU2361P7dte9FXpc7MWuyPXgo" src="/static/vendor/lazyload/lazyload.min.js?version=5.8.1"></script>
-
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo">
-window.addEventListener("load", function(event) {
-    lazyload();
-});
-</script>
-
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo">
-$("#giturl-toggle").on('click', function(event){
-  event.stopPropagation();
-  $("#giturl-more").toggle();
-  $("#giturl-toggle").hide();
-})
-
-$(".fork_project_btn").click(function() {
-  $('#fork_project').submit();
-});
-
-$(".select-on-focus").on("focus", function() {
-  $(this).select();
-});
-
-</script>
-
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo" src="/static/vendor/highlight.js/highlight.pack.js?version=5.8.1"></script>
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo" src="/static/vendor/highlightjs-line-numbers/highlightjs-line-numbers.min.js?version=5.8.1"></script>
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo" src="/static/vendor/highlight.js/spec.js?version=5.8.1"></script>
-
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo">
-  $(document).ready(function() {
-  $('.fork_project_btn').click($("[name=fork_project]").submit);
-
-  $('pre.syntaxhighlightblock code').each(function(i, block) {
-    hljs.highlightBlock(block);
-    hljs.lineNumbersBlock(block);
-  });
-
-  var cls = "highlighted-line";
-  var lines = location.hash.substr(2).split('-').map(function (x) { return parseInt(x, 10) });
-  if (! isNaN(lines[0]))
-  {
-    for (var i = lines[lines.length - 1]; i >= lines[0]; i--) {
-      $('#_' + i).parent().parent().addClass(cls);
-    }
-    setTimeout(function(){
-      $("#_" + lines[0]).get(0).scrollIntoView({behavior: "instant", block: "start", inline: "nearest"});
-    }, 50);
-  }
-});
-</script>
-
-<script type="text/javascript" nonce="zU2361P7dte9FXpc7MWuyPXgo">
-
-  function updateHighlight() {
-    var cls = "highlighted-line";
-    $('.' + cls).removeClass(cls)
-    if (location.hash !== '') {
-      var lines = location.hash.substr(2).split('-').map(function (x) { return parseInt(x, 10) });
-      for (var i = lines[lines.length - 1]; i >= lines[0]; i--) {
-        $('[data-line-number=' + i + ']').closest('tr').addClass(cls);
-      }
-      return lines;
-    }
-    return [];
-  }
-  $(window).on('hashchange', updateHighlight);
-  var selected = [];
-  $("[data-line-number]").click(function (ev) {
-    var line = $(this).attr('data-line-number');
-    if (ev.shiftKey) {
-      selected = selected.slice(-1).concat(line);
-    } else {
-      selected = [line];
-    }
-
-    var hash = '_' + selected[0];
-    if (selected.length === 2) {
-      hash = '_' + Math.min(selected[0], selected[1]) + '-' + Math.max(selected[0], selected[1]);
-    }
-    window.location.hash = hash;
-    return false;
-  });
-
-</script>
-
-
-
-</body>
-</html>
\ No newline at end of file
diff --git a/SOURCES/centossecureboot202.crt b/SOURCES/centossecureboot202.crt
deleted file mode 100644
index fba3730..0000000
--- a/SOURCES/centossecureboot202.crt
+++ /dev/null
@@ -1,84 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            93:c2:04:d8:bd:77:6b:12
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=CentOS Secure Boot CA 2/emailAddress=security@centos.org
-        Validity
-            Not Before: Jun  9 10:37:54 2020 GMT
-            Not After : Jan 18 10:37:54 2038 GMT
-        Subject: CN=CentOS Secure Boot Signing 202/emailAddress=security@centos.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:d4:f0:32:4d:50:7a:c0:41:d6:61:68:59:5e:5b:
-                    ce:65:e3:e9:7b:01:e4:53:94:c9:b7:c1:6b:b7:12:
-                    0b:bc:8f:d7:17:1b:c1:77:3a:08:17:ba:23:f1:bd:
-                    98:f0:7c:cb:96:70:2e:0e:2e:96:66:b7:9f:29:12:
-                    6f:ee:30:33:a1:a5:ee:f9:4b:a3:fb:52:45:d8:7e:
-                    c2:e8:a9:20:a9:f2:2e:f4:44:b7:85:3f:34:7c:c0:
-                    73:1d:73:63:2f:11:a0:7d:df:e7:5a:20:b9:b9:ff:
-                    5d:0e:6d:90:86:1f:2e:fa:c7:b5:94:37:80:46:0d:
-                    fb:5f:f8:26:f4:ce:2f:0d:5b:bf:e5:8d:a5:12:d7:
-                    ba:cf:16:f2:5c:10:ae:a0:80:a8:dc:c4:6b:00:24:
-                    f4:4b:f0:01:82:7e:4b:1c:b6:d6:ac:e1:72:32:07:
-                    5d:48:4a:cd:ba:5c:9c:09:72:89:b2:2e:60:f7:b7:
-                    ed:ea:b6:0d:ae:63:f8:09:a1:8f:62:ee:09:d2:cb:
-                    0a:81:df:7c:72:4b:bf:bd:fb:59:24:84:1f:1d:ce:
-                    36:bc:4c:13:84:ca:c5:e0:81:bb:ec:61:8f:9f:78:
-                    88:43:8d:e0:16:b2:ab:90:14:23:29:ce:1d:e7:a1:
-                    bb:4a:93:f9:f8:8d:b8:ff:2f:30:74:66:b2:31:89:
-                    b1:7d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Key Usage: critical
-                Digital Signature
-            X509v3 Extended Key Usage: critical
-                Code Signing
-            X509v3 Subject Key Identifier: 
-                1E:55:FF:FF:01:71:5F:F1:28:7F:C8:A9:7C:AF:83:9F:ED:7A:33:0B
-            X509v3 Authority Key Identifier: 
-                keyid:70:00:7F:99:20:9C:12:6B:E1:47:74:EA:EC:7B:6D:96:31:F3:4D:CA
-
-    Signature Algorithm: sha256WithRSAEncryption
-         6b:1b:fa:f3:a8:c0:1e:e7:55:49:f2:4e:16:1f:9a:1b:22:9c:
-         ff:c9:81:d0:5b:d6:28:3c:38:91:65:b5:ca:63:e6:9d:13:2d:
-         5f:f5:cc:67:c2:82:55:73:8f:8b:0c:0c:a9:60:2a:a8:b2:19:
-         c1:a7:87:94:d8:69:5e:3c:88:e5:32:8a:4c:a6:6f:69:8b:c5:
-         f2:7e:8e:d2:af:37:2d:27:73:c7:ad:9d:bc:14:08:a8:aa:57:
-         22:37:be:c6:d2:2d:a3:70:81:4a:88:8c:a3:44:89:6c:7d:9d:
-         9f:db:ff:5c:c6:ec:6d:97:b0:08:8d:76:c6:14:d0:25:81:a3:
-         09:b6:f2:89:32:12:b2:f2:71:71:b6:ac:c1:65:d1:9c:6b:e1:
-         a4:4e:74:d0:01:17:ad:38:0f:17:86:07:56:b3:a1:86:5d:99:
-         ef:d6:55:98:b9:ce:63:46:8b:37:c4:53:55:8b:7a:10:75:90:
-         fd:e6:62:f0:6c:af:89:91:17:34:f7:99:77:6d:29:fa:92:bb:
-         c3:45:77:fe:a3:15:da:54:7d:47:16:b6:6f:94:09:b8:5f:ca:
-         e9:34:a2:bf:18:cd:d3:f4:17:2c:98:e4:e4:ca:46:ad:4b:a4:
-         34:77:47:ec:5d:21:a6:cf:5c:b9:5a:47:ca:04:a1:93:56:13:
-         0a:cc:47:91
------BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIJAJPCBNi9d2sSMA0GCSqGSIb3DQEBCwUAMEYxIDAeBgNV
-BAMMF0NlbnRPUyBTZWN1cmUgQm9vdCBDQSAyMSIwIAYJKoZIhvcNAQkBFhNzZWN1
-cml0eUBjZW50b3Mub3JnMB4XDTIwMDYwOTEwMzc1NFoXDTM4MDExODEwMzc1NFow
-TTEnMCUGA1UEAwweQ2VudE9TIFNlY3VyZSBCb290IFNpZ25pbmcgMjAyMSIwIAYJ
-KoZIhvcNAQkBFhNzZWN1cml0eUBjZW50b3Mub3JnMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEA1PAyTVB6wEHWYWhZXlvOZePpewHkU5TJt8FrtxILvI/X
-FxvBdzoIF7oj8b2Y8HzLlnAuDi6WZrefKRJv7jAzoaXu+Uuj+1JF2H7C6KkgqfIu
-9ES3hT80fMBzHXNjLxGgfd/nWiC5uf9dDm2Qhh8u+se1lDeARg37X/gm9M4vDVu/
-5Y2lEte6zxbyXBCuoICo3MRrACT0S/ABgn5LHLbWrOFyMgddSErNulycCXKJsi5g
-97ft6rYNrmP4CaGPYu4J0ssKgd98cku/vftZJIQfHc42vEwThMrF4IG77GGPn3iI
-Q43gFrKrkBQjKc4d56G7SpP5+I24/y8wdGayMYmxfQIDAQABo3gwdjAMBgNVHRMB
-Af8EAjAAMA4GA1UdDwEB/wQEAwIHgDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDAzAd
-BgNVHQ4EFgQUHlX//wFxX/Eof8ipfK+Dn+16MwswHwYDVR0jBBgwFoAUcAB/mSCc
-EmvhR3Tq7HttljHzTcowDQYJKoZIhvcNAQELBQADggEBAGsb+vOowB7nVUnyThYf
-mhsinP/JgdBb1ig8OJFltcpj5p0TLV/1zGfCglVzj4sMDKlgKqiyGcGnh5TYaV48
-iOUyikymb2mLxfJ+jtKvNy0nc8etnbwUCKiqVyI3vsbSLaNwgUqIjKNEiWx9nZ/b
-/1zG7G2XsAiNdsYU0CWBowm28okyErLycXG2rMFl0Zxr4aROdNABF604DxeGB1az
-oYZdme/WVZi5zmNGizfEU1WLehB1kP3mYvBsr4mRFzT3mXdtKfqSu8NFd/6jFdpU
-fUcWtm+UCbhfyuk0or8YzdP0FyyY5OTKRq1LpDR3R+xdIabPXLlaR8oEoZNWEwrM
-R5E=
------END CERTIFICATE-----
diff --git a/SOURCES/centossecurebootca2.crt b/SOURCES/centossecurebootca2.crt
deleted file mode 100644
index ff4e981..0000000
--- a/SOURCES/centossecurebootca2.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDYjCCAkqgAwIBAgIJAIlReu6IOzL7MA0GCSqGSIb3DQEBCwUAMEYxIDAeBgNV
-BAMMF0NlbnRPUyBTZWN1cmUgQm9vdCBDQSAyMSIwIAYJKoZIhvcNAQkBFhNzZWN1
-cml0eUBjZW50b3Mub3JnMB4XDTIwMDYwOTA4MTkzMloXDTM4MDExODA4MTkzMlow
-RjEgMB4GA1UEAwwXQ2VudE9TIFNlY3VyZSBCb290IENBIDIxIjAgBgkqhkiG9w0B
-CQEWE3NlY3VyaXR5QGNlbnRvcy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQChatbNaQDV0RTCqff1tl92xI6gu1k8jYufW8FyzZ6uDnxoGpBT0LiU
-WKuGjMQ89JgiApFzDYSLWrZg8NbTnVdz0hny4SMyspe5weUk6IToKXvEejZNFn6i
-vae2vfT0/ASKsgIvUcz4sWHMK43vbfv/pVpYGLgoG5aNUkt7VhkeURwJzR3ODgDp
-aL4bQ/7qEo8ASHCEvQx6klG330Z06O0kjS6GK12cPC1t5ZlimVXCNWP1jf0pMWmh
-aBrZjbyY0j8R7Yns3cEovAM230chsVdyFxSYpqCLzMlmWNxiIlvcAoDIRMWEa7Da
-SSAfJWH+ygAzad1PHlnCB0zAFbLAMJH1AgMBAAGjUzBRMB0GA1UdDgQWBBRwAH+Z
-IJwSa+FHdOrse22WMfNNyjAfBgNVHSMEGDAWgBRwAH+ZIJwSa+FHdOrse22WMfNN
-yjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAe5NcVSUd/POZs
-Jkiep8ATNwXglLAeYxB55F42sXx5OOdKMBmhqWQIVJvaih/wsfKIBfdUGv2L9dH8
-IQgiU1PRYx0baSVJno3HcQTbCqLvnvckusR7IUTDAFj774MvXwS6yV6pXzxDmuh2
-t8hRktOKFeUtdlDYqg9X3Ia3GkoB5huyEbuaZTNcV4TAfU/yAERNIAgRs+fLQU70
-OgGlWsp35J8qPkZKabGf0surDa2xa6iAoFyknxruoKQ8uNSB9KB7/0JvVouNx90+
-ncykWW96GVKs8+H5WGza10FqrchtThSNCSXTtLbTXoK0Atdvu0o04XUbsCGMnlcG
-zAVb3/m0
------END CERTIFICATE-----
diff --git a/SOURCES/grub.macros b/SOURCES/grub.macros
index a4291b2..0dade27 100644
--- a/SOURCES/grub.macros
+++ b/SOURCES/grub.macros
@@ -101,6 +101,16 @@
 		-e 's/-m64//g'				\\\
 	) %{nil}
 %endif
+%ifarch %{ix86}
+%global target_cpu_name %{_arch}
+%global grub_target_name %{_arch}-pc
+
+%global legacy_target_cpu_name i386
+%global legacy_package_arch pc
+%global platform pc
+
+%global with_legacy_arch 0
+%endif
 
 %ifarch aarch64
 %global efiarch aa64
@@ -152,6 +162,14 @@
 %global with_efi_common 1
 %global with_legacy_common 0
 %endif
+%ifarch %{ix86}
+%global with_efi_arch 0
+%global with_alt_efi_arch 0
+%global with_efi_common 0
+%global with_legacy_common 1
+%global with_legacy_utils 1
+%global with_legacy_arch 0
+%endif
 
 %if 0%{with_efi_common}
 %global common_srcdir grub-%{grubefiarch}-%{tarversion}
@@ -331,7 +349,7 @@ GRUB_MODULES="	all_video boot btrfs cat chain configfile echo	\\\
 		gzio halt hfsplus iso9660 jpeg loadenv loopback \\\
 		lvm mdraid09 mdraid1x minicmd normal part_apple \\\
 		part_msdos part_gpt password_pbkdf2 png reboot	\\\
-		search search_fs_uuid search_fs_file	\\\
+		regexp search search_fs_uuid search_fs_file	\\\
 		search_label serial sleep syslinuxcfg test tftp \\\
 		video xfs"					\
 GRUB_MODULES+=%{efi_modules}					\
diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches
index e039536..4937bc1 100644
--- a/SOURCES/grub.patches
+++ b/SOURCES/grub.patches
@@ -446,3 +446,4 @@ Patch0445: 0445-Add-at_keyboard_fallback_set-var-to-force-the-set-ma.patch
 Patch0446: 0446-ieee1275-powerpc-implements-fibre-channel-discovery-.patch
 Patch0447: 0447-ieee1275-powerpc-enables-device-mapper-discovery.patch
 Patch0448: 0448-ieee1275-Avoiding-many-unecessary-open-close.patch
+Patch0449: 0449-ieee1275-ofdisk-retry-on-open-failure.patch
diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec
index 4977e54..6f1bc9f 100644
--- a/SPECS/grub2.spec
+++ b/SPECS/grub2.spec
@@ -1,22 +1,12 @@
 %undefine _hardened_build
-%global flagday 1:2.02-0.87.el7.centos.2
+
 %global tarversion 2.02~beta2
 %undefine _missing_build_ids_terminate_build
 
-%ifarch i686
-%define platform pc
-%define legacy_package_arch i386
-%define legacy_target_cpu_name i386
-%define target_cpu_name i386
-%endif
-%ifarch x86_64
-%define mock 1
-%endif
-
 Name:           grub2
 Epoch:          1
 Version:        2.02
-Release:        0.87%{?dist}%{?buildid}.6
+Release:        0.87%{?dist}%{?buildid}.7
 Summary:        Bootloader with support for Linux, Multiboot and more
 Group:          System Environment/Base
 License:        GPLv3+
@@ -27,10 +17,10 @@ Source1:	grub.macros
 Source2:	grub.patches
 Source3:	http://unifoundry.com/unifont-5.1.20080820.pcf.gz
 Source4:	gitignore
-Source5:       centos-ca-secureboot.der
-Source6:       centossecureboot001.crt
-Source7:       centossecurebootca2.crt
-Source8:       centossecureboot202.crt
+Source5:	redhatsecurebootca3.cer
+Source6:	redhatsecureboot301.cer
+Source7:	redhatsecurebootca5.cer
+Source8:	redhatsecureboot502.cer
 Source9:	sbat.csv.in
 
 %include %{SOURCE1}
@@ -64,11 +54,8 @@ BuildRequires:	pesign >= 0.99-8
 %if %{?_with_ccache: 1}%{?!_with_ccache: 0}
 BuildRequires:  ccache
 %endif
-%if 0%{?centos}
-%global efidir centos
-%endif
 
-ExcludeArch:	s390 s390x %{arm}
+ExcludeArch:	s390 s390x %{arm} %{?ix86}
 Obsoletes:	%{name} <= %{flagday}
 
 %if 0%{with_legacy_arch}
@@ -153,10 +140,6 @@ This subpackage provides tools for support of all platforms.
 %prep
 %setup -T -c -n grub-%{tarversion}
 %do_common_setup
-sed -i.orig -e 's@/efi/EFI/redhat/@/efi/EFI/%{efidir}/@' \
-    grub-%{tarversion}/util/grub-setpassword.in
-touch --reference=grub-%{tarversion}/util/grub-setpassword.in.orig \
-    grub-%{tarversion}/util/grub-setpassword.in
 %if 0%{with_efi_arch}
 %do_setup %{grubefiarch}
 sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE9} \
@@ -171,10 +154,10 @@ sed -e "s,@@VERSION@@,%{evr},g" %{SOURCE9} \
 
 %build
 %if 0%{with_efi_arch}
-%do_primary_efi_build %{grubefiarch} %{grubefiname} %{grubeficdname} %{_target_platform} "'%{efi_cflags}'" %{SOURCE5} %{SOURCE6} centossecureboot001 %{SOURCE7} %{SOURCE8} centossecureboot202
+%do_primary_efi_build %{grubefiarch} %{grubefiname} %{grubeficdname} %{_target_platform} "'%{efi_cflags}'" %{SOURCE5} %{SOURCE6} redhatsecureboot301 %{SOURCE7} %{SOURCE8} redhatsecureboot502
 %endif
 %if 0%{with_alt_efi_arch}
-%do_alt_efi_build %{grubaltefiarch} %{grubaltefiname} %{grubalteficdname} %{_alt_target_platform} "'%{alt_efi_cflags}'" %{SOURCE5} %{SOURCE6} centossecureboot001 %{SOURCE7} %{SOURCE8} centossecureboot202
+%do_alt_efi_build %{grubaltefiarch} %{grubaltefiname} %{grubalteficdname} %{_alt_target_platform} "'%{alt_efi_cflags}'" %{SOURCE5} %{SOURCE6} redhatsecureboot301 %{SOURCE7} %{SOURCE8} redhatsecureboot502
 %endif
 %if 0%{with_legacy_arch}%{with_legacy_utils}
 %do_legacy_build %{grublegacyarch}
@@ -486,6 +469,10 @@ fi
 %endif
 
 %changelog
+* Mon May 17 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-0.87.e7.7
+- Fix boot failures in ppc64le caused by storage race condition (diegodo)
+  Resolves: rhbz#1942148
+
 * Fri Mar 05 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-0.87.e7.6
 - Fix ppc64le performance issues (diegodo)
   Resolves: rhbz#1759298