diff --git a/SOURCES/0486-normal-main-Discover-the-device-to-read-the-config-f.patch b/SOURCES/0486-normal-main-Discover-the-device-to-read-the-config-f.patch
new file mode 100644
index 0000000..0395ae5
--- /dev/null
+++ b/SOURCES/0486-normal-main-Discover-the-device-to-read-the-config-f.patch
@@ -0,0 +1,123 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Thu, 8 Jul 2021 16:39:39 +0200
+Subject: [PATCH] normal/main: Discover the device to read the config from as a
+ fallback
+
+The GRUB core.img is generated locally, when this is done the grub2-probe
+tool figures out the device and partition that needs to be read to parse
+the GRUB configuration file.
+
+But in some cases the core.img can't be generated on the host and instead
+has to be done at package build time. For example, if needs to get signed
+with a key that's only available on the package building infrastructure.
+
+If that's the case, the prefix variable won't have a device and partition
+but only a directory path. So there's no way for GRUB to know from which
+device has to read the configuration file.
+
+To allow GRUB to continue working on that scenario, fallback to iterating
+over all the available devices, if reading the config failed when using
+the prefix and fw_path variables.
+
+Related: rhbz#1899864
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ grub-core/normal/main.c | 58 +++++++++++++++++++++++++++++++++++++++++++------
+ 1 file changed, 51 insertions(+), 7 deletions(-)
+
+diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
+index 49141039f8f..93f33c16732 100644
+--- a/grub-core/normal/main.c
++++ b/grub-core/normal/main.c
+@@ -333,16 +333,11 @@ grub_enter_normal_mode (const char *config)
+ }
+ 
+ static grub_err_t
+-grub_try_normal (const char *variable)
++grub_try_normal_prefix (const char *prefix)
+ {
+     char *config;
+-    const char *prefix;
+     grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
+ 
+-    prefix = grub_env_get (variable);
+-    if (!prefix)
+-      return GRUB_ERR_FILE_NOT_FOUND;
+-
+     if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0)
+       {
+ 	grub_size_t config_len;
+@@ -351,7 +346,7 @@ grub_try_normal (const char *variable)
+ 	config = grub_malloc (config_len);
+ 
+ 	if (! config)
+-	  return GRUB_ERR_FILE_NOT_FOUND;
++	  return err;
+ 
+ 	grub_snprintf (config, config_len, "%s/grub.cfg", prefix);
+ 	err = grub_net_search_configfile (config);
+@@ -380,6 +375,53 @@ grub_try_normal (const char *variable)
+     return err;
+ }
+ 
++static int
++grub_try_normal_dev (const char *name, void *data)
++{
++  grub_err_t err;
++  const char *prefix = grub_xasprintf ("(%s)%s", name, (char *)data);
++
++  if (!prefix)
++    return 0;
++
++  err = grub_try_normal_prefix (prefix);
++  if (err == GRUB_ERR_NONE)
++    return 1;
++
++  return 0;
++}
++
++static grub_err_t
++grub_try_normal_discover (void)
++{
++  char *prefix = grub_env_get ("prefix");
++  grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
++
++  if (!prefix)
++    return err;
++
++  if (grub_device_iterate (grub_try_normal_dev, (void *)prefix))
++    return GRUB_ERR_NONE;
++
++  return err;
++}
++
++static grub_err_t
++grub_try_normal (const char *variable)
++{
++  grub_err_t err = GRUB_ERR_FILE_NOT_FOUND;
++  const char *prefix;
++
++  if (!variable)
++    return err;
++
++  prefix = grub_env_get (variable);
++  if (!prefix)
++    return err;
++
++  return grub_try_normal_prefix (prefix);
++}
++
+ /* Enter normal mode from rescue mode.  */
+ static grub_err_t
+ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
+@@ -394,6 +436,8 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
+       err = grub_try_normal ("fw_path");
+       if (err == GRUB_ERR_FILE_NOT_FOUND)
+         err = grub_try_normal ("prefix");
++      if (err == GRUB_ERR_FILE_NOT_FOUND)
++        err = grub_try_normal_discover ();
+       if (err == GRUB_ERR_FILE_NOT_FOUND)
+         grub_enter_normal_mode (0);
+     }
diff --git a/SOURCES/0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch b/SOURCES/0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch
new file mode 100644
index 0000000..a1092c5
--- /dev/null
+++ b/SOURCES/0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch
@@ -0,0 +1,75 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Mon, 19 Jul 2021 14:35:55 +1000
+Subject: [PATCH] powerpc: adjust setting of prefix for signed binary case
+
+On RHEL-signed powerpc grub, we sign a grub with -p /grub2 and expect
+that there's a boot partition.
+
+Unfortunately grub_set_prefix_and_root tries to convert this to
+($fwdevice)/grub2. This ends up being (ieee1275/disk)/grub2 and that
+falls apart pretty quickly - there's no file-system on ieee1275/disk,
+and it makes the search routine try things like
+(ieee1275/disk,msdos2)(ieee1275/disk)/grub2 which also doesn't work.
+
+Detect if we would be about to create (ieee1275/disk)/path and don't:
+preserve a prefix of /path instead and hope the search later finds us.
+
+Related: rhbz#1899864
+
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+---
+ grub-core/kern/main.c | 38 +++++++++++++++++++++++++++++++++-----
+ 1 file changed, 33 insertions(+), 5 deletions(-)
+
+diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
+index 9bf6a8b231a..25dbcfef1f6 100644
+--- a/grub-core/kern/main.c
++++ b/grub-core/kern/main.c
+@@ -215,13 +215,41 @@ grub_set_prefix_and_root (void)
+   if (device)
+     {
+       char *prefix_set;
+-    
+-      prefix_set = grub_xasprintf ("(%s)%s", device, path ? : "");
+-      if (prefix_set)
++
++#ifdef __powerpc__
++      /* We have to be careful here on powerpc-ieee1275 + signed grub. We
++	 will have signed something with a prefix that doesn't have a device
++	 because we cannot know in advance what partition we're on.
++
++	 We will have had !device earlier, so we will have set device=fwdevice
++	 However, we want to make sure we do not end up setting prefix to be
++	 ($fwdevice)/path, because we will then end up trying to boot or search
++	 based on a prefix of (ieee1275/disk)/path, which will not work because
++	 it's missing a partition.
++
++	 Also:
++	  - You can end up with a device with an FS directly on it, without
++	    a partition, e.g. ieee1275/cdrom.
++
++	  - powerpc-ieee1275 + grub-install sets e.g. prefix=(,gpt2)/path,
++	    which will have now been extended to device=$fwdisk,partition
++	    and path=/path
++
++	 So we only need to act if device = ieee1275/disk exactly.
++       */
++      if (grub_strncmp (device, "ieee1275/disk", 14) == 0)
++        grub_env_set ("prefix", path);
++      else
++#endif
+ 	{
+-	  grub_env_set ("prefix", prefix_set);
+-	  grub_free (prefix_set);
++	  prefix_set = grub_xasprintf ("(%s)%s", device, path ? : "");
++	  if (prefix_set)
++	  {
++	    grub_env_set ("prefix", prefix_set);
++	    grub_free (prefix_set);
++	  }
+ 	}
++
+       grub_env_set ("root", device);
+     }
+ 
diff --git a/SOURCES/0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch b/SOURCES/0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch
new file mode 100644
index 0000000..415c702
--- /dev/null
+++ b/SOURCES/0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch
@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Mon, 16 Aug 2021 16:01:47 +1000
+Subject: [PATCH] powerpc: fix prefix + signed grub special case for PowerVM
+
+Mea culpa: when testing the PowerPC special case for signed grub, I
+assumed qemu and PowerVM would behave identically. This was wrong, and
+with hindsight a pretty dumb error.
+
+This fixes it. This time, I am actually testing on PowerVM.
+
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+---
+ grub-core/kern/main.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c
+index 25dbcfef1f6..40a709117f1 100644
+--- a/grub-core/kern/main.c
++++ b/grub-core/kern/main.c
+@@ -235,9 +235,20 @@ grub_set_prefix_and_root (void)
+ 	    which will have now been extended to device=$fwdisk,partition
+ 	    and path=/path
+ 
+-	 So we only need to act if device = ieee1275/disk exactly.
++	  - PowerVM will give us device names like
++	    ieee1275//vdevice/v-scsi@3000006c/disk@8100000000000000
++	    and we don't want to try to encode some sort of truth table about
++	    what sorts of paths represent disks with partition tables and those
++	    without partition tables.
++
++	 So we act unless there is a comma in the device, which would indicate
++	 a partition has already been specified.
++
++	 (If we only have a path, the code in normal to discover config files
++	 will try both without partitions and then with any partitions so we
++	 will cover both CDs and HDs.)
+        */
+-      if (grub_strncmp (device, "ieee1275/disk", 14) == 0)
++      if (grub_strchr (device, ',') == NULL)
+         grub_env_set ("prefix", path);
+       else
+ #endif
diff --git a/SOURCES/grub.macros b/SOURCES/grub.macros
index 2f50680..2eb014a 100644
--- a/SOURCES/grub.macros
+++ b/SOURCES/grub.macros
@@ -430,7 +430,7 @@ if [ -x /usr/bin/rpm-sign ]; then				\
 fi								\
 # FIXME: using this prefix is fragile, must be done properly	\
 ./grub-mkimage -O %{1} -o %{2}.orig				\\\
-	-p '(,msdos2)/grub2' -d grub-core			\\\
+	-p '/grub2' -d grub-core				\\\
 	-x %{3} -x %{4}						\\\
 	--appended-signature-size ${APPENDED_SIG_SIZE}		\\\
 	${GRUB_MODULES}						\
diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches
index 79469be..ad83e09 100644
--- a/SOURCES/grub.patches
+++ b/SOURCES/grub.patches
@@ -483,3 +483,6 @@ Patch0482: 0482-ieee1275-claim-more-memory.patch
 Patch0483: 0483-ieee1275-request-memory-with-ibm-client-architecture.patch
 Patch0484: 0484-appendedsig-x509-Also-handle-the-Extended-Key-Usage-.patch
 Patch0485: 0485-ieee1275-ofdisk-retry-on-open-failure.patch
+Patch0486: 0486-normal-main-Discover-the-device-to-read-the-config-f.patch
+Patch0487: 0487-powerpc-adjust-setting-of-prefix-for-signed-binary-c.patch
+Patch0488: 0488-powerpc-fix-prefix-signed-grub-special-case-for-Powe.patch
diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec
index c62e437..1a88aa6 100644
--- a/SPECS/grub2.spec
+++ b/SPECS/grub2.spec
@@ -7,7 +7,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.02
-Release:	104%{?dist}
+Release:	106%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 Group:		System Environment/Base
 License:	GPLv3+
@@ -523,6 +523,14 @@ fi
 %endif
 
 %changelog
+* Thu Aug 19 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-106
+- Fix device discoverability on PowerVM when the prefix is not set (dja)
+  Related: rhbz#1899864
+
+* Thu Jul 22 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-105
+- Discover the device to read the config from as a fallback
+  Related: rhbz#1899864
+
 * Mon Jun 21 2021 Javier Martinez Canillas <javierm@redhat.com> - 2.02-104
 - 20-grub-install: Create a symvers.gz symbolic link
   Resolves: rhbz#1919125