2017-04-25 Vladimir Serbinenko Increase version to 2.02. 2017-04-12 Vladimir Serbinenko Fix remaining cases of gcc 7 fallthrough warning. They are all intended, so just add the relevant comment. 2017-04-04 Andrei Borzenkov Add gnulib-fix-gcc7-fallthrough.diff As long as the code is not upstream, add it as explicit patch for the case of gnulib refresh. 2017-04-04 Andrei Borzenkov i386, x86_64, ppc: fix switch fallthrough cases with GCC7 In util/getroot and efidisk slightly modify exitsing comment to mostly retain it but still make GCC7 compliant with respect to fall through annotation. In grub-core/lib/xzembed/xz_dec_lzma2.c it adds same comments as upstream. In grub-core/tests/setjmp_tets.c declare functions as "noreturn" to suppress GCC7 warning. In grub-core/gnulib/regexec.c use new __attribute__, because existing annotation is not recognized by GCC7 parser (which requires that comment immediately precedes case statement). Otherwise add FALLTHROUGH comment. Closes: 50598 2017-04-04 Andrei Borzenkov btrfs: avoid "used uninitialized" error with GCC7 sblock was local and so considered new variable on every loop iteration. Closes: 50597 2017-04-02 Andrei Borzenkov acpi: add missing efi_call wrapper to acpi command Fixed loading of ACPI tables on EFI (side effect was apparent memory corruption ranging from unpredictable behavior to system reset). Reported by Nando Eva 2017-03-15 Vladimir Serbinenko Increment version to GRUB 2.02~rc2. Use core2duo for bootcheck test on 64-bit EFI. Obviously pentium2 can't run efi64. 2017-03-14 Andrei Borzenkov efi: skip iPXE block device. iPXE adds Simple File System Protocol to loaded image handle, as side effect it also adds Block IO protocol (according to comments, to work around some bugs in EDK2). GRUB assumes that every device with Block IO is disk and skips network initialization entirely. But iPXE Block IO implementation is just a stub which always fails for every operation so cannot be used. Attempt to detect and skip such devices. We are using media ID which iPXE sets to "iPXE" and block IO size in hope that no real device would announce 1B block ... Closes: 50518 2017-03-05 phcoder xen: Fix wrong register in relocator. This fixes chainloading of some GRUB variants. 2017-02-27 Vladimir Serbinenko video_fb: Fix blue collor if using unoptimized blitter. when unmapping the color what matters is the mode of source, not target. legacy_initrd: Strip any additional arguments to initrd. 2017-02-26 Andrei Borzenkov grub-fs-tester: improve squash4 tests 1. Make sure files are not multiple of block size. This will ensure tail packing for squash4 and may also trigger more codes paths in other filesystems. 2. Call mksquashfs with -always-use-fragments to force tail packing. 2017-02-25 Andrei Borzenkov efi: strip off final NULL from File Path in grub_efi_get_filename UEFI 2.6 9.3.6.4 File Path Media Device Path says that Path Name is "A NULL-terminated Path string including directory and file names". Strip final NULL from Path Name in each File Path node when constructing full path. To be on safe side, strip all of them. Fixes failure chainloading grub from grub, when loaded grub truncates image path and does not find its grub.cfg. https://bugzilla.opensuse.org/show_bug.cgi?id=1026344 This was triggered by commit ce95549cc54b5d6f494608a7c390dba3aab4fba7; before it we built Path Name without trailing NULL, and apparently all other bootloaders use single File Path node, thus not exposing this bug. 2017-02-24 Andrei Borzenkov squash4: fix handling of fragments and sparse files 1. Do not assume block list and fragment are mutually exclusive. Squash can pack file tail as fragment (unless -no-fragments is specified); so check read offset and read either from block list or from fragments as appropriate. 2. Support sparse files with zero blocks. 3. Fix fragment read - frag.offset is absolute fragment position, not offset relative to ino.chunk. Reported and tested by Carlo Caione 2017-02-22 Vladimir Serbinenko Whitelist sparc64-ieee1275 as having no video modules. ieee1275_fb is not built on sparc64 due to virtual address issues. 2017-02-12 Andrei Borzenkov script: fix double free in lexer yylex_destroy() already frees scanner. Found by: Coverity scan. CID: 176636 2017-02-07 Vladimir Serbinenko xen: Fix parsing of XZ kernel. In case of xz, the uncompressed size is appended to xz data which confuses our xz decompressor. Trim it. 2017-02-07 Vladimir Serbinenko xen: Fix handling of GRUB chainloading. In case of GRUB we put remapper after domain pages and not at 0x0. In this case we use max_addr to put remapper. Unfortunately we increment max_addr as well in this case resulting in virt mapping mapping page at old max_addr and trying to boot using new max_addr. Closes 46014. 2017-02-04 Vladimir Serbinenko linguas: Don't skip ko.po. Translation project doesn't require copyright disclaimers. They're independant from us. They're responsible for their copyright story. 2017-02-03 Vladimir Serbinenko Fix truncated checksum.h. Regenerate checksums.h Screenshots contain version, so we need new checksums. Release 2.02-rc1. Fix mingw compilation. 2017-02-03 Daniel Kahn Gillmor documentation: Clarify documentation for special environment variable "default". The current documentation for the special environment variable "default" is confusing and unclear. This patch attempts to clean it up. In particular, the current documentation refers to the "number or title", but then in the example it gives, the menu entries and submenus all have numbers *in* their title; furthermore, there is no example given about how to choose the number, or any indication about whether counting is zero-indexed or 1-indexed. Having a cleaner example and presenting all variants (numeric, title, and id) should make it clearer to the user. 2017-02-03 Vladimir Serbinenko Avoid causing kernel oops in nilfs2 test. 1024-byte and 2048-byte blocks don't really work with some kernels, skip them as we don't want any oops'es. btrfs: Shorten label by one character. mkfs.btrfs imposes a slightly lower limit than would be possible in btrfs. 2017-02-02 Vladimir Serbinenko grub-fs-tester: Fix mkudffs invocation. With current invocation order of arguments is wrong and path is hardcoded. grub-fs-tester: Fix fat test. mkfs.vfat ignores -S when invoked on a disk, including loopback device, so do an mkfs on underlying image. 2017-02-02 Daniel Kiper i386/relocator: Align stack in grub_relocator64_efi relocator Unified Extensible Firmware Interface Specification, Version 2.6, section 2.3.4, x64 Platforms, boot services, says among others: The stack must be 16-byte aligned. So, do it. Otherwise OS may boot only by chance as it happens right now. 2017-02-02 Vladimir Serbinenko i386-ieee1275: Add missing bootcheck target. bootcheck-linux-i386: Use -cpu pentium2. Most modern kernels are compiled for i686, so use -cpu pentium2 to avoid spurious failures. Use -fPIC with arm64 with clang. Currently it doesn't work either way but with -fPIC it should work once clang bug is fixed. INSTALL: Fix mention of thumb-clang. Fix thumb compilation with clang. According to EABI only STT_FUNC has convention of lowest bit indicating execution mode. R_THM_{JUMP,CALL}* relocations are assumed to be pointing to thumb mode unless they use STT_FUNC. 2017-02-01 Vladimir Serbinenko Add missing strtoull_test.c It was forgotten in my local directory. arm64: Add support for GOT and PCREL32 relocations. mkimage: Fix memory leak. arm/arm64: Fix improper use of start address. It was used instead of loading address of current section or of entire buffer. ia64: Fix iterator for relocation entries. Don't assume relocation entry size and use sh_entsize properly. arm: Fix trampoline generation. We used the wrong pointer in this case. It worked only by accident. Fix bootcheck-related files compilation. We need -static as otherwise linker will set interpreter field and ld.so is not available on our initrd's. Strip all sections we don't need on binary tests. 2017-01-31 Vladimir Serbinenko Regenerate checksum.h. Screenshots checked. Using unifont from http://ftp.us.debian.org/debian/pool/main/u/unifont/xfonts-unifont_7.0.06-1_all.deb. grub-mkfont: Remove leftover debug statement. charset: Trim away RLM and LRM. They are not visible but would otherwise end up as [LRM] or [RLM] squares with some fonts. gfxterm: Fix clearing of cursor. If ascent is bigger than height - 2, then we draw over character box but then to clear cursor we only draw over character box. So trim ascent if necessarry. ia64: Add support for R_IA64_GPREL64I. Recent GCC generates those relocations, so we need to support them. 2017-01-30 Vladimir Serbinenko grub-module-verifier: Add mips to all_video whitelist. On MIPS video is compiled-in. So all_video is empty. Whitelist it. Fix -nopie/-nopie check. We don't use lgcc_s but missing lgcc_s or another library cause test to fail. So use -nostdlib. We need to use -Werror to avoid warning-generated case to be accepted. Clang uses -nopie rather than -no-pie. Check both and use whichever one works. Additionally android clang passes -pie to the linker even though it doesn't define __PIE__. So if compilation without no-pie logic fails add -nopie/-no-pie even if __PIE__ is not defined. grub-module-verifier: Ignore all_video emptiness on xen. It's intentional that it's empty when no video modules are available. 2017-01-28 Vladimir Serbinenko Support arm clang 3.8 amd later. clang 3.8 and later doesn't support -mllvm -use-arm-movt=0 whereas older clang doesn't know -mno-movt. So use -mno-movt whenever possible and fallback to mllvm variant. 2017-01-27 Carlo Caione exfat: Support files over 4GiB file size in grub_fat_data was 32-bit on exfat. 2017-01-27 Vladimir Serbinenko Ensure that grub_reboot doesn't return on emu. Use grub_fatal if longjmp fails. grub_reboot is marked as noreturn so return would cause a crash. 2017-01-27 Vladimir Serbinenko grub-shell: skip font copying when no font is available. Don't use -mlong-calls on arm. We don't really need it and it's flaky and creates bogus symbols with clang. configure: Disable movw/movt with clang. Those relocations are not compatible with PE and also not compatible with custom uboot relocator. Disable them. grub-fs-tester: Delete directory once we're done. grub-fs-tester: Accomodate for slower systems. fstime can be more different with xz squashfs. Allow difference up to 3 seconds. This code is ugly now but rewriting it now is not on the table. grub-fs-tester: Accomodate for testing in proot containers. proot creates hidden files with .proot prefix and name derived from real file name. So decrease file name length and path depth. For some reason depth 85 also results in undeleteable directory, so use 84 instead of 85. 2017-01-24 Andrei Borzenkov osdep/linux: handle autofs entries in /proc/self/mountinfo These entries have placeholder for device name and so are useless for our purpose. grub failed with something like grub-install: error: failed to get canonical path of `systemd-1'. When we see autofs entry, record it (to keep parent-child relationship) but continue to look for real mount. If it is found, we process it as usual. If only autofs entry exists, attempt to trigger mount by opening mount point and retry. Mount point itself is then kept open to avoid timeout. Recent systemd is by default using automount for /boot/efi so this should become more popular problem on EFI systems. Closes: 49942 2017-01-08 Andrei Borzenkov linux: fix "vga=XX deprecated" warning for text mode Arguments were in reverse order which resulted in text is deprecated. Use set gfxpayload=vga=0 before linux command instead. 2016-12-22 Andrei Borzenkov configure: fix check for sys/sysmacros.h under glibc 2.25+ glibc 2.25 still includes sys/sysmacros.h in sys/types.h but also emits deprecation warning. So test for sys/types.h succeeds in configure but later compilation fails because we use -Werror by default. While this is fixed in current autoconf GIT, we really cannot force everyone to use bleeding edge (that is not even released right now). So run test under -Werror as well to force proper detection. This should have no impact on autoconf 2.70+ as AC_HEADER_MAJOR in this version simply checks for header existence. Reported and tested by Khem Raj 2016-12-22 Michael Chang Fix fwpath in efi netboot The path returned by grub_efi_net_config has already been stripped for the directory part extracted from cached bootp packet. We should just return the result to avoild it be stripped again. It fixed the problem that grub.efi as NBP image always looking for grub.cfg and platform directory in upper folder rather than current one it gets loaded while $prefix is empty. The behavior is inconsistent with other architecture and how we would expect empty $prefix going to be in general. The only exception to the general rule of empty $prefix is that when loaded from platform directory itself, the platform part is stripped thus upper folder is used for looking up files. It meets the case for how grub-mknetdir lay out the files under tftp root directory, but also hide away this issue to be identified as it appears to be just works. Also fix possible memory leak by moving grub_efi_get_filename() call after grub_efi_net_config(). 2016-12-15 Andrei Borzenkov efi: properly terminate filepath with NULL in chainloader EFI File Path Media Device Path is defined as NULL terminated string; but chainloader built file paths without final NULL. This caused error with Secure Boot and Linux Foundation PreLoader on Acer with InsydeH20 BIOS. Apparently firmware failed verification with EFI_INVALID_PARAMETER which is considered fatal error by PreLoader. Reported and tested by Giovanni Santini 2016-12-14 Magnus Granberg configure: add check for -no-pie if the compiler default to -fPIE When Grub is compile with gcc 6.1 that have --enable-defult-pie set. It fail with. -ffreestanding -m32 -Wl,-melf_i386 -Wl,--build-id=none -nostdlib -Wl,-N -Wl,-r,-d - o trig.module trig_module-trigtables.o grep 'MARKER' gcry_whirlpool.marker.new > gcry_whirlpool.marker; rm -f gcry_whirlpool.marker.new /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: -r and - shared may not be used together collect2: error: ld returned 1 exit status Makefile:26993: recipe for target 'trig.module' failed Check that compiler supports -no-pie and add it to linker flags. 2016-12-14 Stanislav Kholmanskikh ofnet: implement the receive buffer get_card_packet() from ofnet.c allocates a netbuff based on the device's MTU: nb = grub_netbuff_alloc (dev->mtu + 64 + 2); In the case when the MTU is large, and the received packet is relatively small, this leads to allocation of significantly more memory, than it's required. An example could be transmission of TFTP packets with 0x400 blksize via a network card with 0x10000 MTU. This patch implements a per-card receive buffer in a way similar to efinet.c, and makes get_card_packet() allocate a netbuff of the received data size. Reviewed-by: Daniel Kiper 2016-12-14 Stanislav Kholmanskikh ofnet: move the allocation of the transmit buffer into a function In the current code search_net_devices() uses the "alloc-mem" command from the IEEE1275 User Interface for allocation of the transmit buffer for the case when GRUB_IEEE1275_FLAG_VIRT_TO_REAL_BROKEN is set. I don't have hardware where this flag is set to verify if this workaround is still needed. However, further changes to ofnet will require to execute this workaround one more time. Therefore, to avoid possible duplication of code I'm moving this piece of code into a function. Reviewed-by: Daniel Kiper 2016-11-24 Alexander Graf efi: Move fdt helper into own file We only support FDT files with EFI on arm and arm64 systems, not on x86. So move the helper that finds a prepopulated FDT UUID into its own file and only build it for architectures where it also gets called. Reviewed-by: Daniel Kiper 2016-11-22 Andrei Borzenkov NEWS updates 2016-11-22 Andrei Borzenkov bootp: export next server IP as environment variable Network boot autoconfiguration sets default server to next server IP (siaddr) from BOOTP/DHCP reply, but manual configuration using net_bootp exports only server name. Unfortunately semantic of server name is not clearly defined. BOOTP RFC 951 defines it only for client request, and DHCP RFC 1541 only mentions it, without any implied usage. It looks like this field is mostly empty in server replies. Export next server IP as net__next_server variable. This allows grub configuration script to set $root/$prefix based on information obtained by net_bootp. Reported and tested by: Nikunj A Dadhania Cc: nikunj@linux.vnet.ibm.com v2: change variable name to net__next_server as discussed on the list 2016-11-22 Aaro Koskinen configure.ac: don't require build time grub-mkfont on powerpc-ieee1275 Don't require build time grub-mkfont on powerpc-ieee1275. 2016-11-14 Dirk Mueller grub-mknetdir: Add support for ARM64 EFI 2016-11-12 Joonas Lahtinen .gitignore: Add grub-core/build-grub-module-verifier 2016-11-10 Alexander Graf arm efi: Use fdt from firmware when available If EFI is nice enough to pass us an FDT using configuration tables on 32bit ARM, we should really try and make use of it. Reviewed-by: Daniel Kiper 2016-11-10 Alexander Graf arm64: Move firmware fdt search into global function Searching for a device tree that EFI passes to us via configuration tables is nothing architecture specific. Move it into generic code. Reviewed-by: Daniel Kiper 2016-11-05 Corey Hickey fix detection of non-LUKS CRYPT grub_util_get_dm_abstraction() does a string comparison of insufficient length. When using a UUID such as "CRYPT-PLAIN-sda6_crypt", the function returns GRUB_DEV_ABSTRACTION_LUKS. This results in the error: ./grub-probe: error: disk `cryptouuid/sda6_crypt' not found. This appears to be a copy/paste error introduced in: a10e7a5a8918bea6e2632055129fa9b516fe965a The bug was (apparently) latent until revealed by: 3bca85b4184f74995a7cc2791e432173fde26d34 2016-10-27 Juergen Gross xen: add capability to load p2m list outside of kernel mapping Modern pvops linux kernels support a p2m list not covered by the kernel mapping. This capability is flagged by an elf-note specifying the virtual address the kernel is expecting the p2m list to be mapped to. In case the elf-note is set by the kernel don't place the p2m list into the kernel mapping, but map it to the given address. This will allow to support domains with larger memory, as the kernel mapping is limited to 2GB and a domain with huge memory in the TB range will have a p2m list larger than this. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: modify page table construction Modify the page table construction to allow multiple virtual regions to be mapped. This is done as preparation for removing the p2m list from the initial kernel mapping in order to support huge pv domains. This allows a cleaner approach for mapping the relocator page by using this capability. The interface to the assembler level of the relocator has to be changed in order to be able to process multiple page table areas. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: add capability to load initrd outside of initial mapping Modern pvops linux kernels support an initrd not covered by the initial mapping. This capability is flagged by an elf-note. In case the elf-note is set by the kernel don't place the initrd into the initial mapping. This will allow to load larger initrds and/or support domains with larger memory, as the initial mapping is limited to 2GB and it is containing the p2m list. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: factor out allocation of page tables into separate function Do the allocation of page tables in a separate function. This will allow to do the allocation at different times of the boot preparations depending on the features the kernel is supporting. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: factor out allocation of special pages into separate function Do the allocation of special pages (start info, console and xenbus ring buffers) in a separate function. This will allow to do the allocation at different times of the boot preparations depending on the features the kernel is supporting. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: factor out p2m list allocation into separate function Do the p2m list allocation of the to be loaded kernel in a separate function. This will allow doing the p2m list allocation at different times of the boot preparations depending on the features the kernel is supporting. While at this remove superfluous setting of first_p2m_pfn and nr_p2m_frames as those are needed only in case of the p2m list not being mapped by the initial kernel mapping. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: synchronize xen header Get actual version of include/xen/xen.h from the Xen repository in order to be able to use constants defined there. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: add elfnote.h to avoid using numbers instead of constants Various features and parameters of a pv-kernel are specified via elf notes in the kernel image. Those notes are part of the interface between the Xen hypervisor and the kernel. Instead of using num,bers in the code when interpreting the elf notes make use of the header supplied by Xen for that purpose. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: reduce number of global variables in xen loader The loader for xen paravirtualized environment is using lots of global variables. Reduce the number by making them either local or by putting them into a single state structure. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: avoid memleaks on error When loading a Xen pv-kernel avoid memory leaks in case of errors. Reviewed-by: Daniel Kiper 2016-10-27 Juergen Gross xen: make xen loader callable multiple times The loader for xen paravirtualized environment isn't callable multiple times as it won't free any memory in case of failure. Call grub_relocator_unload() as other modules do it before allocating a new relocator or when unloading the module. Reviewed-by: Daniel Kiper 2016-10-27 Daniel Kiper multiboot2: Add support for relocatable images Currently multiboot2 protocol loads image exactly at address specified in ELF or multiboot2 header. This solution works quite well on legacy BIOS platforms. It is possible because memory regions are placed at predictable addresses (though I was not able to find any spec which says that it is strong requirement, so, it looks that it is just a goodwill of hardware designers). However, EFI platforms are more volatile. Even if required memory regions live at specific addresses then they are sometimes simply not free (e.g. used by boot/runtime services on Dell PowerEdge R820 and OVMF). This means that you are not able to just set up final image destination on build time. You have to provide method to relocate image contents to real load address which is usually different than load address specified in ELF and multiboot2 headers. This patch provides all needed machinery to do self relocation in image code. First of all GRUB2 reads min_addr (min. load addr), max_addr (max. load addr), align (required image alignment), preference (it says which memory regions are preferred by image, e.g. none, low, high) from multiboot_header_tag_relocatable header tag contained in binary (at this stage load addresses from multiboot2 and/or ELF headers are ignored). Later loader tries to fulfill request (not only that one) and if it succeeds then it informs image about real load address via multiboot_tag_load_base_addr tag. At this stage GRUB2 role is finished. Starting from now executable must cope with relocations itself using whole static and dynamic knowledge provided by boot loader. This patch does not provide functionality which could do relocations using ELF relocation data. However, I was asked by Konrad Rzeszutek Wilk and Vladimir 'phcoder' Serbinenko to investigate that thing. It looks that relevant machinery could be added to existing code (including this patch) without huge effort. Additionally, ELF relocation could live in parallel with self relocation provided by this patch. However, during research I realized that first of all we should establish the details how ELF relocatable image should look like and how it should be build. At least to build proper test/example files. So, this patch just provides support for self relocatable images. If ELF file with relocs is loaded then GRUB2 complains loudly and ignores it. Support for such files will be added later. This patch was tested with Xen image which uses that functionality. However, this Xen feature is still under development and new patchset will be released in about 2-3 weeks. Reviewed-by: Vladimir Serbinenko 2016-10-27 Daniel Kiper multiboot2: Do not pass memory maps to image if EFI boot services are enabled If image requested EFI boot services then skip multiboot2 memory maps. Main reason for not providing maps is because they will likely be invalid. We do a few allocations after filling them, e.g. for relocator needs. Usually we do not care as we would have finished boot services. If we keep boot services then it is easier/safer to not provide maps. However, if image needs memory maps and they are not provided by bootloader then it should get itself just before ExitBootServices() call. Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Vladimir Serbinenko 2016-10-27 Daniel Kiper multiboot2: Add tags used to pass ImageHandle to loaded image Add tags used to pass ImageHandle to loaded image if requested. It is used by at least ExitBootServices() function. Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Vladimir Serbinenko 2016-10-27 Daniel Kiper i386/relocator: Add grub_relocator64_efi relocator Add grub_relocator64_efi relocator. It will be used on EFI 64-bit platforms when multiboot2 compatible image requests MULTIBOOT_TAG_TYPE_EFI_BS. Relocator will set lower parts of %rax and %rbx accordingly to multiboot2 specification. On the other hand processor mode, just before jumping into loaded image, will be set accordingly to Unified Extensible Firmware Interface Specification, Version 2.4 Errata B, section 2.3.4, x64 Platforms, boot services. This way loaded image will be able to use EFI boot services without any issues. Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Vladimir Serbinenko 2016-10-18 Sakar Arora net/ip: Fix limit_time calculation in freeing old fragments limit_time underflows when current time is less than 90000ms. This causes packet fragments received during this time, i.e., till 90000ms pass since timer init, to be rejected. Hence, set it to 0 if its less than 90000. 2016-09-28 Andrei Borzenkov asm-tests/i386-pc: Check that movl is 5 bytes. LLVM 3.9 now emits short form of jump instructions, but it is still using 32 bit addresses for some movl instructions. Fortunately it was caught early: clang ... boot/i386/pc/boot.S clang -cc1as: fatal error: error in backend: invalid .org offset '440' (at offset '441') Add additional check to catch it during configure run and force -no-integrated-as. Closes: 49200 More details in https://lists.gnu.org/archive/html/grub-devel/2015-02/msg00099.html https://llvm.org/bugs/show_bug.cgi?id=22662 2016-08-13 Pete Batard Add missing va_end() to xasprintf() in grub-emu. 2016-07-27 Andrei Borzenkov at_keyboard: fix numpad "0" and "." mapping Reported for set 1 by fgndevelop . Apparently set 2 was reversed too. 2016-07-26 Andrei Borzenkov dns: fix buffer overflow for data->addresses in recv_hook We may get more than one response before exiting out of loop in grub_net_dns_lookup, but buffer was allocated for the first response only, so storing answers from subsequent replies wrote past allocated size. We never really use more than the very first address during lookup so there is little point in collecting all of them. Just quit early if we already have some reply. Code needs serious redesign to actually collect multiple answers and select the best fit according to requested type (IPv4 or IPv6). Reported and tested by Michael Chang 2016-07-26 Andrei Borzenkov xfs: accept filesystem with meta_uuid XFS V5 stores UUID in metadata and compares them with superblock UUID. To allow changing of user-visible UUID it stores original value in new superblock field (meta_uuid) and sets incompatible flag to indicate that new field must be used to verify metadata. Our driver currently does not check metadata UUID so simply accept such filesystem. Reported-By: Marcos Mello Reviewd by Jan Kara 2016-05-03 Andrei Borzenkov net: translate pxe prefix to tftp when checking for self-load Commit ba218c1 missed legacy pxe and pxe: prefixes which are translated to tftp, so comparison failed. 2016-04-30 Andrei Borzenkov net: reset net->stall in grub_net_seek_real If we open new connection, we need to reset stall indication, otherwise nothing will ever be polled (low level code rely on this field being zero when establishing connection). 2016-04-30 Stefan Fritsch http: reset EOF indication in http_seek Otherwise next read will stop polling too early due to stale EOF indicator, returning incomplete data to caller. 2016-04-24 Mike Gilbert build: Use AC_HEADER_MAJOR to find device macros Depending on the OS/libc, device macros are defined in different headers. This change ensures we include the right one. sys/types.h - BSD sys/mkdev.h - Sun sys/sysmacros.h - glibc (Linux) glibc currently pulls sys/sysmacros.h into sys/types.h, but this may change in a future release. https://sourceware.org/ml/libc-alpha/2015-11/msg00253.html 2016-04-09 Michael Chang http: fix superfluous null line in range request header At least the apache sever is very unhappy with that extra null line and will take more than ten seconds in responding to each range request, which slows down a lot the entire http file transfer process or even time out. 2016-03-22 Andrei Borzenkov configure: set -fno-pie together with -fno-PIE OpenBSD 5.9 apparently defaults to -fpie. We use -fno-PIE when appropriate already, but that is not enough - it does not turn off -fpie. Actually check for -fPIE is not precise enough. __PIE__ is set for both -fpie and -fPIE but with different values. As far as I can tell, both options were introduced at the same time, so both should always be supported. This fixes compilation on OpenBSD 5.9 which otherwise created insanely big lzma_decompress.img. Reported, suggested and tested by: Jiri B 2016-03-20 Andrei Borzenkov bootp: check that interface is not NULL in configure_by_dhcp_ack grub_net_add_addr may fail with OOM and we use returned interface later without any checks. 2016-03-19 Andrei Borzenkov bootp: fix memory leak in grub_cmd_dhcpopt 2016-03-15 Aaron Luft Remove the variable oldname which is attempting to free stack space. Historically this variable hold previous value of filename that had to be freed if allocated previously. Currently this branch is entered only if filename was not allocated previously so it became redundant. It did not cause real problems because grub_free was not called, but code is confusing and causes compilation error in some cases. 2016-03-13 Andrei Borzenkov Makefile.util.def: add $LIBINTL to grub-macbless flags Fixes compilation on OpenBSD 5.9. Reported by Jiri B 2016-03-11 Robert Marshall Failed config now returns exit code (#1252311) Grub would notify the user if the new config was invalid, however, it did not exit properly with exit code 1. Added the proper exit code. Resolves: rhbz#1252311 2016-03-11 Michael Chang xen_file: Fix invalid payload size 2016-03-10 Vladimir Serbinenko multiboot2: Remove useless GRUB_PACKED Reported by: Daniel Kiper 2016-03-06 Andrei Borzenkov 20_linux_xen: fix test for GRUB_DEVICE Same fix as in 082bc9f. 2016-03-06 Mike Gilbert 10_linux: Fix grouping of tests for GRUB_DEVICE Commit 7290bb562 causes GRUB_DISABLE_LINUX_UUID to be ignored due to mixing of || and && operators. Add some parens to help with that. 2016-02-28 Andrei Borzenkov NEWS update 2016-02-28 Vladimir Serbinenko Release 2.02~beta3 grub_arch_sync_dma_caches: Accept volatile address 2016-02-27 Leif Lindholm efidisk: Respect block_io_protocol buffer alignment Returned from the OpenProtocol operation, the grub_efi_block_io_media structure contains the io_align field, specifying the minimum alignment required for buffers used in any data transfers with the device. Make grub_efidisk_readwrite() allocate a temporary buffer, aligned to this boundary, if the buffer passed to it does not already meet the requirements. Also sanity check the io_align field in grub_efidisk_open() for power-of-two-ness and bail if invalid. 2016-02-27 Vladimir Serbinenko usbtrans: Fix memory coherence and use-after-free. ehci: Fix memory coherence This is a no-op on x86 but necessarry on ARM and may be necessarry on MIPS. arm-uboot: Make self-relocatable to allow loading at any address Allow _start == 0 with relocatable images 2016-02-27 Vladimir Serbinenko Provide __bss_start and _end symbols in grub-mkimage. For this ensure that all bss sections are merged. We need this to correctly prelink non-PE relocatable images. 2016-02-27 Vladimir Serbinenko Encapsulate image layout into a separate structure. Currently we pass around a lot of pointer. Instead put all relevant data into one structure. mkimagexx: Split PE and generic part for relocations. As a preparation for U-Boot relocations, split emitting PE-relocations from parsing source ELF-relocations. mkimage.c: Split into separate files. util/grub-mkimagexx.c is included in a special way into mkimage.c. Interoperation between defines makes this very tricky. Instead just have a clean interface and compile util/grub-mkimage*.c separately from mkimage.c bsd: Ensure that kernel is loaded before loading module. kernel_type may be set to the type of failed kernel. This patching-up is easier than to reflow kernel loading routines. cat: Don't switch terminal mode when there is nothing to highlight. This just pollutes serial console. Use console rather than serial_efi0 on arm64-efi in tests 2016-02-27 Andrei Borzenkov efidisk: fix misplaced parenthesis in b00e4c2 2016-02-26 Andrei Borzenkov efidisk: prevent errors from diskfilter scan of removable drives Map EFI_NO_MEDIA to GRUB_ERR_OUT_OF_RANGE that is ignored by diskfilter. This actually matches pretty close (we obviously attempt to read outside of media) and avoids adding more error codes. This affects only internally initiated scans. If read/write from removable is explicitly requested, we still return an error and text explanation is more clear for user than generic error. Reported and tested by Andreas Loew 2016-02-26 Vladimir Serbinenko Regenerate checksums Makefile: Don't delete default_payload.elf if it doesn't exist. 2016-02-25 Josef Bacik net: fix ipv6 routing ipv6 routing in grub2 is broken, we cannot talk to anything outside our local network or anything that doesn't route in our global namespace. This patch fixes this by doing a couple of things 1) Read the router information off of the router advertisement. If we have a router lifetime we need to take the source address and create a route from it. 2) Changes the routing stuff slightly to allow you to specify a gateway _and_ an interface. Since the router advertisements come in on the link local address we need to associate it with the global address on the card. So when we are processing the router advertisement, either use the SLAAC interface we create and add the route to that interface, or loop through the global addresses we currently have on our interface and associate it with one of those addresses. We need to have a special case here for the default route so that it gets used, we do this by setting the masksize to 0 to mean it encompasses all networks. The routing code will automatically select the best route so if there is a closer match we will use that. With this patch I can now talk to ipv6 addresses outside of my local network. Thanks, 2016-02-24 Vladimir Serbinenko ieee1275: fix signed comparison 2016-02-23 Andrei Borzenkov search: actually skip floppy with --no-floppy grub_device_iterate() ignores device when iterator returns 1, not 0. Reported by Carlos E. R. 2016-02-23 Andrei Borzenkov multiboot2: zero reserved field in memory map Documentation says, bootloader should set reserved field to zero. Reported by Wink Saville 2016-02-22 Vladimir Serbinenko Improve EHCI logging Add dprintf's on common error paths and remove some entries which are too noisy. usb_keyboard: Remove useless include This prevents non-PCI machines from having USB. Refresh before abort This ensures that abort message is actually visible to the user. 2016-02-22 Eric Snowberg ieee1275: prevent buffer over-read Prevent buffer over-read in grub_machine_mmap_iterate. This was causing phys_base from being calculated properly. This then caused the wrong value to be placed in ramdisk_image within struct linux_hdrs. Which prevented the ramdisk from loading on boot. Newer SPARC systems contain more than 8 available memory entries. For example on a T5-8 with 2TB of memory, the memory layout could look like this: T5-8 Memory reg 00000000 30000000 0000003f b0000000 00000800 00000000 00000040 00000000 00001000 00000000 00000040 00000000 00001800 00000000 00000040 00000000 00002000 00000000 00000040 00000000 00002800 00000000 00000040 00000000 00003000 00000000 00000040 00000000 00003800 00000000 00000040 00000000 available 00003800 00000000 0000003f ffcae000 00003000 00000000 00000040 00000000 00002800 00000000 00000040 00000000 00002000 00000000 00000040 00000000 00001800 00000000 00000040 00000000 00001000 00000000 00000040 00000000 00000800 00000000 00000040 00000000 00000000 70000000 0000003f 70000000 00000000 6eef8000 00000000 00002000 00000000 30400000 00000000 3eaf6000 name memory 2016-02-22 Thomas Huth menu_entry: Disable cursor during update_screen() When running grub in a VGA console of a KVM pseries guest on PowerPC, you can see the cursor sweeping over the whole line when entering a character in editor mode. This is visible because grub always refreshes the whole line when entering a character in editor mode, and drawing characters is quite a slow operation with the firmware used for the powerpc pseries guests (SLOF). To avoid this ugliness, the cursor should be disabled when refreshing the screen contents during update_screen(). 2016-02-17 Vladimir Serbinenko default_payload.elf: Always rebuild and remove before build. It's difficult to know all dependencies. Since it's manual and cheap target anyway, simply always rebuild it. default_payload.elf: Include password_pbkdf2. Withoout this module we may end up in a system where no password is accepted. default_payload.elf: Add modules from $(EXTRA_PAYLOAD_MODULES). This allows coreboot building system to add extra modules depending on user config. mm: Avoid integer overflow. Remove -Wno-maybe-uninitialized as it may not be present. Fix warnings when compiling with -O3 2016-02-14 Vladimir Serbinenko Add wbinvd around bios call. Via C3 has problems with cache coherency when transitioning between the modes, so flush it around bios calls. 2016-02-12 Eric Snowberg OBP available region contains grub. Start at grub_phys_end. This prevents a problem where grub was being overwritten since grub_phys_start does not start at a zero offset within the memory map. 2016-02-12 Andreas Freimuth Add Thinkpad T410s button cmos address. 2016-02-12 Vladimir Serbinenko TODO: Remove obsolete link 2016-02-12 Toomas Soome lz4: Fix pointer overflow 2016-02-12 Vladimir Serbinenko grub-shell: Update 32-bit OVMF binary name. 2016-02-12 Daniel Kiper relocator: Fix integer underflow. 2016-02-12 Vladimir Serbinenko Change -v to -V for version of shell utils. xnu: Add new kernel path to autoconfig. arm64: Use cpu timer for timekeeping. powerpc: Trim header in tests. default_payload: Include syslinuxcfg, all filesystems and xnu. xnu: Supply random seed. Now we're able to load kernels up to El Capitan. Add RNG module. yylex: use grub_fatal for exit. lexer calls yylex_fatal on fatal internal errors. yylex_fatal itself is declared as noreturn and calls exit. Returning from noreturn function has unpredictable consequences. printf: Fix and test %% behaviour in presence of subsequenbt args. Split pmtimer wait and tsc measurement from pmtimer tsc calibration. Make grub_cpu_is_tsc_supported generally available. Make grub_acpi_find_fadt accessible generically Make unaligned types public. This simplifies code which has to handle those types. Fix emu compilation error on arm. 2016-02-11 Vladimir Serbinenko xnu: Include relocated EFI in heap size. xnu: supply ramsize to the kernel. Without this info recent kernels crash as they allocate no heap. 2016-02-03 Andrei Borzenkov support modules without symbol table all_video module does not have any code or data and exists solely for .moddeps section to pull in dependencies. This makes all symbols unneeded. While in current binutils (last released version as of this commit is 2.26) ``strip --strip-unneeded'' unintentionally adds section symbols for each existing section, this behavior was considered a bug and changed in commit 14f2c699ddca1e2f706342dffc59a6c7e23e844c to completely strip symbol table in this case. Older binutils (verified with 2.17) and some other toolchains (at least elftoolchain r3223M), both used in FreeBSD, remove symbol table in all_video as well. Relax run-time check and do not return error for modules without symbol table. Add additional checks to module verifier to make sure such modules a) have non-empty .moddeps section. Without either externally visible symbols or .moddeps modules are completely useless and should not be built. b) do not have any relocations. Closes: 46986 v2: add run-time check for empty symbol table if relocations are present as suggested by Vladimir. 2016-02-01 Andrei Borzenkov 10_linux: avoid multi-device root= kernel argument If root filesystem is multidev btrfs, do not attempt to pass all devices as kernel root= argument. This results in splitting command line in GRUB due to embedded newline and even if we managed to quote it, kernel does not know how to interpret it anyway. Multidev btrfs requires user space device scanning, so passing single device would not work too. This still respects user settings GRUB_DISABLE_LINUX_UUID. Not sure what we should do in this case. Closes: 45709 2016-01-22 Vladimir Serbinenko Error out if mtools invocation fails. arm64: Add support for relocations needed for linaro gcc efiemu: Fix compilation failure Document cpuid -p 2016-01-22 Robert Elliott efiemu: Handle persistent RAM and unknown possible future additions. 2016-01-22 Vladimir Serbinenko Document expr1 expr2 syntax for test command 2016-01-22 Michael Chang Restore terminal settings on grub-emu exit. 2016-01-22 Vladimir Serbinenko xen_boot: Remove obsolete module type distinctions. arm: Ignore qemu clock bug i386-ieee1275: Increase maximum heap size to accomodate highres graphi tests 2016-01-20 Colin Watson Remove pragmas related to -Wunreachable-code -Wunreachable-code has been a no-op since GCC 4.5; GRUB hasn't been compiled with it since 2012; and GCC 6 produces "error: '-Wunreachable-code' is not an option that controls warnings" for these. Fixes Debian bug #812047. 2016-01-16 Colin Watson loader/bsd: Fix signed/unsigned comparison ahci, ehci: Fix typos 2016-01-16 Andrei Borzenkov grub-probe: fix memory leak Found by: Coverity scan. CID: 73783 2016-01-16 Andrei Borzenkov tftp: fix memory leaks in open If protocol open fails, file is immediately freed, so data was leaked. Found by: Coverity scan. CID: 96659 2016-01-16 Andrei Borzenkov tcp: fix memory leaks Found by: Coverity scan. CID: 96639, 96647 net: fix memory leaks Found by: Coverity scan. CID: 96638, 96648 legacycfg: fix memory leaks and add NULL check Memory leaks found by Coverity scan. CID: 96642, 96645 2016-01-15 Andrei Borzenkov loader: Unintended sign extension CID: 96707, 96699, 96693, 96691, 96711, 96709, 96708, 96703, 96702, 96700, 96698, 96696, 96695, 96692, 96710, 96705 2016-01-12 Andrei Borzenkov script: fix memory leak Found by: Coverity scan. CID: 96637 normal: fix memory leak Found by: Coverity scan. CID: 96641, 96670, 96667 xnu: fix memory leak Found by: Coverity scan. CID: 96663 truecrypt: fix memory leak Found by: Coverity scan. CID: 156611 gfxmenu: fix memory leak Found by: Coverity scan. CID: 96657 efiemu: fix memory leak Found by: Coverity scan. CID: 156610 efidisk: fix memory leak Found by: Coverity scan. CID: 96644 verify: fix memory leak Found by: Coverity scan. CID: 96643 password_pbkdf2: fix memory leak Found by: Coverity scan. CID: 96656 parttool: fix memory leak Found by: Coverity scan. CID: 96652 2016-01-12 Andrei Borzenkov nativedisk: fix memory leak Based on Coverity scan. CID: 96660 Extended to also cover other error return places. 2016-01-12 Andrei Borzenkov acpi: fix memory leak Found by: Coverity scan. CID: 96673 2016-01-10 Andrei Borzenkov grub-install: include ehci in list of native modules This matches behavior of "nativedisk" command. Reported and tested by Smith Henry 2016-01-10 Andrei Borzenkov grub-mkimage: remove redundant NULL check Found by: Coverity scan. CID: 73737 2016-01-10 Andrei Borzenkov net: remove dead and redundant code server cannot be NULL at this point (we return error earlier if it is). Also structure is zalloc'ed, so no need to explicitly initialize members to 0. Found by: Coverity scan. CID: 73837 2016-01-10 Andrei Borzenkov hostdisk: fix device detection Condition was apparently reversed so GRUB assumed all devices were files. This later made it skip BLKFLSBUF ioctl on Linux which caused various page cache coherency issues. Observed were - failure to validate blocklist install (read content did not match just written) - failure to detect Linux MD on disk after online hot addition (GRUB got stale superblock) Closes: 46691 2016-01-09 Andrei Borzenkov setup: fix NULL pointer dereference Check return value of grub_guess_root_devices Found by: Coverity scan. CID: 73638, 73751 2016-01-09 Andrei Borzenkov mkimage: fix unintended sign extension Found by: Coverity scan. CID: 73691, 73717 2016-01-09 Andrei Borzenkov util/getroot: delete dead code is_part cannot be non-zero at this point. Found by: Coveruty scan. CID: 73838 2016-01-09 Andrei Borzenkov loader/multiboot: fix unintended sign extension Found by: Coveruty scan. CID: 73700, 73763 kern/elf: fix unintended sign extension Found by: Coverity scan. CID: 73729, 73735, 73758, 73760 2016-01-09 Andrei Borzenkov xfs: fix possible inode corruption in directory scan grub_xfs_iterate_dir did not restore first character after inline name when match was found. Dependning on XFS format this character could be inode number and we could return to the same node later in find_file if processing cycled symlinks. CID: 86724 2016-01-09 Andrei Borzenkov rescue_parser: restructure code to avoid Coverity false positive If line contains single word, line and argv[0] are aliases, so no NULL dereference is possible, but Coverity does not know it. Change code to avoid ambiguity and also remove redundant call to grub_strchr. CID: 86725 2016-01-09 Andrei Borzenkov grub-mklayout: check subscript bounds Found by: Coverity scan. CID: 73686 grub-probe: fix memory leak Found by: Coverity scan. CID: 73783 gfxmenu: fix memory leak Found by: Coverity scan. CID: 73766 2016-01-09 Andrei Borzenkov util/setup: fix grub_util_path_list leak Add helper grub_util_free_path_list and use it where appropriate. Found by: Coverity scan. CID: 73727 2016-01-09 Andrei Borzenkov setup: fix memory leak Found by: Coverity scan. CID: 73680, 73715 efiemu: check return value of grub_efiemu_write_value Found by: Coverity scan. CID: 73590 efiemu: change code to avoid Coverity false positive CID: 73623 efiemu: fix unintended sign extension Found by: Coverity scan. CID: 73883, 73637 hfs: fix memory leak Found by: Coverity scan. CID: 156531 grub-module-verifier: fix unintended sign extension Found by: Coverity scan. CID: 156533, 156532 2016-01-08 Vladimir Serbinenko Tests: Support arm-efi 2016-01-07 Vladimir Serbinenko arm64/setjmp: Add missing move for arg1 == 0 case. grub-shell: Support arm64-efi 2016-01-07 Mark Salter arm-efi: Reduce timer event frequency by 10 Timer event to keep grub msec counter was running at 1000HZ. This was too fast for UEFI timer driver and resulted in a 10x slowdown in grub time versus wallclock. Reduce the timer event frequency and increase tick increment accordingly to keep better time. 2016-01-07 Vladimir Serbinenko x86_64-efi: Automatically add -bios OVMF.fd to qemu in tests. Allow GRUB_QEMU_OPTS to override machine. arm64: Disable tests that need native drivers. Disable NetBSD bootcheck on EFI until it supports ACPI on EFI. grub-shell: Use new cbfstool syntax. grub-shell: On i386-ieee1275 don't try to switch to console. console goes to serial as well, so this doesn't stop garbage from going to serial. But it creates garbage itself. hddboot_test: reenable on OVMF OVMF now supports booting from disks. iee1275/datetime: Fix off-by-1 error. 2016-01-07 Vladimir Serbinenko Adjust bootcheck tests for multiboot/coreboot/qemu to match real support. coreboot has ACPI while 2 others don't. *BSD need ACPI and have trouble without it. Don't even attempt to boot *BSD on multiboot or qemu targets. On coreboot boot all *BSD except 32-bit NetBSD which apparently does some early BIOS calls. 2016-01-05 Vladimir Serbinenko minixfs_test: Check if mkfs.minixfs supports -B option. Add memdisk support to grub-emu. Use it to add custom files, so that tests which need them work. Move file loading functions to grub-emu. So that we can use it in grub-emu as well as utils. Disable progress indicator in grub-shell. This disables progress indicator for tests. This in turn fixes test flakiness as they ended up timing-dependent. Update checksums 2016-01-02 Andrei Borzenkov acpihalt: add GRUB_ACPI_OPCODE_CREATE_DWORD_FIELD (0x8a) Fixes ACPI halt on ASUSTeK P8B75-V, Bios: American Megatrends v: 0414 date: 04/24/2012 Reported-By: Goh Lip 2016-01-02 Andrei Borzenkov acpihalt: fix GRUB_DSDT_TEST compilation 2016-01-01 Andrei Borzenkov Add missing BUILD_EXEEXT 2015-12-31 Vladimir Serbinenko configure.ac: Reorder efiemu check to after link format check. efiemu is supposed to be disabled when compiling through exe format. Unfortunately format was determined only after efiemu check. Reorder to fix the problem 2015-12-31 Andrey Borzenkov remove temporary .bin files (kernel and modules) add dejavu built fonts to cleanfiles 2015-12-31 Andrei Borzenkov Add grub-module-verifier files to EXTRA_DIST 2015-12-31 Vladimir Serbinenko configure: Add -fno-unwind-tables if supported. Unwind tables are useless for us bt consume space if present. Ensure that they are not. module-verifier: allow limited-range relocations on sparc64. clang as incomplete mcmodel=large support. As we don't currently need full mcmodel=large support for sparc64, relax those checks. Disable build-time module check on emu. On emu some checks can be laxer like check for relocation range. Additionally module loading in emu is rarely used. So skip this check rather than making it laxer for all platforms. In ideal we may want to have slightly different check for emu but for now this is good enough. configure: Fix grub_cv_cc_fno_unwind_tables check. Check tries -fno-dwarf2-cfi-asm but adds -fno-asynchronous-unwind-tables to TARGET_CFLAGS. Fix this. Add -mno-stack-arg-probe on mingw. This argument disables generation of calls to __chkstk_ms. Those calls are useless on GRUB as function is dummy. Yet they increase module size and use limited-range relocations which may not work under some memory layouts. We currently don't use such layouts on concerned platforms but lt's correct this. Strip .ARM.exidx This section is generated by clang and is useful only for debugging. It contains exotic relocations, so strip them to avoid them interferring with module loading. module-verifier: Check range-limited relative relocations. Check that they point to the same module, so will end up in the same chunk of memory. xen/relocator: Use local symbol to ensure that code is relocation-free. backtrace: Fix register call syntax Verify modules on build-time rather than failing in runtime. sparc64: Fix assembly to let compiler to fill in memory references. This fixes the use of not fully relocatable (they assume that variables are under 4G limit in virtual memory) references. 2015-12-30 Andrey Borzenkov 30_os-prober: derive --class from os-prober generated label Currently only Windows gets distinguished icons, everything else is displayed using the same generic one. Add additional --class based on os-prober returned label, which usually is expected to match primary distribution name. Also use it for Windows as well - chainloader prober may actually return different strings (Windows, MS-DOS, Windows9xME). 2015-12-30 Vladimir Serbinenko backtrace: Remove assembly assumption that grub_backtrace_pointer is under 4G 2015-12-30 Andrei Borzenkov menu: fix line count calculation for long lines It gave one extra screen line if length was exactly equal to screen width. Reported by Michael Chang. Also-By: Michael Chang 2015-12-29 Vladimir Serbinenko grub-mkrescue: Delete temporary file Reported by: Thomas Schmitt grub-mount: Fix oath parsing. Brackets detection was copied from somewhere else and makes no sense in case of grub-mount and prevents user from accessing and files with ) in them. exfat: Fix stream extension flag parsing. 2015-12-26 Andrei Borzenkov devmapper: check for valid device abstraction in get_grub_dev This was lost when code was refactored. Patch restores previous behavior. It is still not clear whether this is the right one. Due to the way we detect DM abstraction, partitions on DM are skipped, we fall through to generic detection which ends up in assuming parent device is BIOS disk. It is useful to install GRUB on VM disk from the host. But it also means that GRUB will mistakenly allow install on real system as well. For now let's fix regression; future behavior needs to be discussed. Closes: 45163 2015-12-19 Andrei Borzenkov windows: correct LBA in generated EFI HDD media paths GRUB keeps partition offset and size in units of 512B sectors. Media paths are defined in terms of LBA which are presumed to match HDD sector size. This is probably cosmetic (EFI requires that partition is searched by GUID) and still incorrect if GPT was created using different logical block size. But current code is obviously wrong and new has better chances to be correct. 2015-12-17 Robert Elliott lsefimmap: support persistent memory and other UEFI 2.5 features This should accompany 76ce1de740 Translate UEFI persistent memory type 1. Add a string for the EfiPersistentMemory type 14 that was added in UEFI 2.5. 2. Decode the memory attributes that were added in UEFI 2.5: * NV (non-volatile) * MORE_RELIABLE (higher reliable, e.g., mirrored memory in a system with partial memory mirroring) * RO (read-only) 3. Use proper IEC binary units (KiB, MiB, etc.) for power-of-two values rather than misusing SI power-of-ten units (KB, MB, etc.) 4. The lsmmap command only decodes memory ranges sizes up to GiB scale units. Persistent memory ranges will reach into the TiB scale. Since 64-bit size field supports TiB, PiB, and EiB, decode all of them for completeness. 5. In the lsefimmap command, rewrite the print statements to * avoid rounding * avoid a big nested if/else tree. For example: In the sixth entry below, the value of 309MB implies 316416KB but is really reporting 316436KB. Widen the size column to 6 digits to accommodate typical cases. The worst case value would require 14 digits; if that happens, let the columns get out of sync. Old format: Type Physical start - end #Pages Size Attributes conv-mem 0000000000000000-0000000000092fff 00000093 588KB UC WC WT WB reserved 0000000000093000-0000000000093fff 00000001 4KB UC WC WT WB conv-mem 0000000000094000-000000000009ffff 0000000c 48KB UC WC WT WB conv-mem 0000000000100000-000000000fffffff 0000ff00 255MB UC WC WT WB BS-code 0000000010000000-0000000010048fff 00000049 292KB UC WC WT WB conv-mem 0000000010049000-000000002354dfff 00013505 309MB UC WC WT WB ldr-data 000000002354e000-000000003ecfffff 0001b7b2 439MB UC WC WT WB BS-data 000000003ed00000-000000003ed7ffff 00000080 512KB UC WC WT WB conv-mem 000000003ed80000-000000006af5ffff 0002c1e0 705MB UC WC WT WB reserved 000000006af60000-000000006b55ffff 00000600 6MB UC WC WT WB BS-data 000000006b560000-000000006b560fff 00000001 4KB UC WC WT WB RT-data 000000006b561000-000000006b5e1fff 00000081 516KB RT UC WC WT WB BS-data 000000006b5e2000-000000006ecfafff 00003719 55MB UC WC WT WB BS-code 000000006ecfb000-000000006ecfbfff 00000001 4KB UC WC WT WB conv-mem 000000006ecfc000-00000000711fafff 000024ff 36MB UC WC WT WB BS-data 00000000711fb000-000000007128dfff 00000093 588KB UC WC WT WB Unk 0d 0000000880000000-0000000e7fffffff 00600000 24GB UC WC WT WB NV reserved 0000001680000000-0000001c7fffffff 00600000 24GB UC WC WT WB NV New format: Type Physical start - end #Pages Size Attributes conv-mem 0000000000000000-0000000000092fff 00000093 588KiB UC WC WT WB reserved 0000000000093000-0000000000093fff 00000001 4KiB UC WC WT WB conv-mem 0000000000094000-000000000009ffff 0000000c 48KiB UC WC WT WB conv-mem 0000000000100000-000000000fffffff 0000ff00 255MiB UC WC WT WB BS-code 0000000010000000-0000000010048fff 00000049 292KiB UC WC WT WB conv-mem 0000000010049000-000000002354dfff 00013505 316436KiB UC WC WT WB ldr-data 000000002354e000-000000003ecfffff 0001b7b2 450248KiB UC WC WT WB BS-data 000000003ed00000-000000003ed7ffff 00000080 512KiB UC WC WT WB conv-mem 000000003ed80000-000000006af5ffff 0002c1e0 722816KiB UC WC WT WB reserved 000000006af60000-000000006b55ffff 00000600 6MiB UC WC WT WB BS-data 000000006b560000-000000006b560fff 00000001 4KiB UC WC WT WB RT-data 000000006b561000-000000006b5e1fff 00000081 516KiB RT UC WC WT WB BS-data 000000006b5e2000-000000006ecfafff 00003719 56420KiB UC WC WT WB BS-code 000000006ecfb000-000000006ecfbfff 00000001 4KiB UC WC WT WB conv-mem 000000006ecfc000-0000000071222fff 00002527 38044KiB UC WC WT WB BS-data 0000000071223000-00000000712ddfff 000000bb 748KiB UC WC WT WB persist 0000000880000000-0000000e7fffffff 00600000 24GiB UC WC WT WB NV reserved 0000001680000000-0000001c7fffffff 00600000 24GiB UC WC WT WB NV 2015-12-16 Andrei Borzenkov kernel: print and reset grub_errno after each embedded config line Otherwise it causes subsequent file open to fail, because grub_file_open misinterprets set grub_errno for grub_file_get_device_name failure. Closes: 46540 2015-12-16 Andrei Borzenkov Erase backspaced character in grub_username_get It probably does not work across linefeed, but hopefully user names are not that long (and nobody is using terminal that small). 2015-12-16 Hector Marco-Gisbert Fix security issue when reading username and password This patch fixes two integer underflows at: * grub-core/lib/crypto.c * grub-core/normal/auth.c CVE-2015-8370 Also-By: Andrey Borzenkov 2015-12-15 Andrei Borzenkov NEWS: more additions Also-By: Robert Elliott 2015-12-15 Robert Elliott Translate UEFI persistent memory type Define * GRUB_EFI_PERSISTENT_MEMORY (UEFI memory map type 14) per UEFI 2.5 * GRUB_MEMORY_PERSISTENT (E820 type 7) per ACPI 3.0 * GRUB_MEMORY_PERSISTENT_LEGACY (E820 unofficial type 12) per ACPI 3.0 and translate GRUB_EFI_PERSISTENT_MEMORY to GRUB_MEMORY_PERSISTENT in grub_efi_mmap_iterate(). Includes * adding the E820 names to lsmmap * handling the E820 types in make_efi_memtype() Suggested-by: Vladimir 'φ-coder/phcoder' Serbinenko Suggested-by: Andrei Borzenkov 2015-12-14 Vladimir Serbinenko Document bootlocation discovery limitations and xen platform limitations 2015-12-07 Josef Bacik tcp: ack when we get an OOO/lost packet While adding tcp window scaling support I was finding that I'd get some packet loss or reordering when transferring from large distances and grub would just timeout. This is because we weren't ack'ing when we got our OOO packet, so the sender didn't know it needed to retransmit anything, so eventually it would fill the window and stop transmitting, and we'd time out. Fix this by ACK'ing when we don't find our next sequence numbered packet. With this fix I no longer time out. Thanks, 2015-12-01 Michael Chang i386: fix TSC calibration using PIT Condition was accidentally reversed, so PIT calibration always failed when PIT was present and always succeeded when PIT was missing, but in the latter case resulted in absurdly fast clock. Reported and tested by Vitaly Kuznetsov 2015-11-28 Andrei Borzenkov Do not include generated gnulib headers in tarball gnulib files are already handled by recursive make distdir invocation. Including all generated headers (after make completed) causes build failure if target system is different (different compile version etc). 2015-11-27 Andrei Borzenkov Replace numbers with grub_memory_type_t enums 2015-11-27 Andrei Borzenkov configure: fix macports flex version detection Macports add extra information after version itself: $flex --version flex 2.5.35 Apple(flex-31) We require at least felx 2.5.35 so do not need to care about prehistoric "flex version n.n.n"; just use second field always. Reported by Peter Cheung 2015-11-27 Vladimir Serbinenko tsc: Use alternative delay sources whenever appropriate. PIT isn't available on some of new hardware including Hyper-V. So use pmtimer for calibration. Moreover pmtimer calibration is faster, so use it on coreboor where booting time is important. Based on patch by Michael Chang. 2015-11-26 Andrei Borzenkov efi: really mark memory of unknown type as reserved 9be4c45dbe3c877d1f4856e99ee15133c6cd2261 added switch case between fall through cases, causing all memory regions of unknown type to be marked as available. Move default case into its own block and add explicit FALLTHROUGH annotation. Reported by Elliott, Robert (Persistent Memory) 2015-11-24 Josef Bacik net: reset nb->data per dns record lookup loop We were resetting nb->data every time we tried a new server, but we need to do it every time we try for a different record, otherwise we don't end up falling back to the A record properly. Thanks, 2015-11-18 Andrei Borzenkov unix: do not close stdin in grub_passwd_get This makes it impossible to read from stdin without controlling tty: 10:/mnt # echo -e passwd\\npasswd | setsid ./grub-mkpasswd-pbkdf2 Enter password: Reenter password: ./grub-mkpasswd-pbkdf2: error: failure to read password. 10:/mnt 2015-11-17 Andrei Borzenkov lsefisystab: add missing comma after 7994077 2015-11-14 Pavel Bludov Add some UUIDs found in the hardware 2015-11-13 Konstantin Vlasov gfxterm: fix calculation of terminal-top and terminal-height They used screen width, not height. 2015-11-12 Paulo Flabiano Smorigo ofdisk: add sas disks to the device list 2015-11-12 Vladimir Serbinenko multiboot: Don't rely on particular ordering of options. multiboot_mbi: Fix handling of --quirk-bad-kludge. 2015-11-12 Fu Wei xen_boot: Remove useless file_name_index variable. Document ARM64 xen commands 2015-11-11 Vladimir Serbinenko asm-tests/i386-pc: Check that near jumps are 2 bytes. We already check that jump over 300 bytes gap is 3 bytes in code16-mode. Some clang versions generate 3-byte opcode for short jumps which makes boot.img blow over 512-byte limit. Enforce -no-integrated-as in such cases 2015-11-11 Paulo Flabiano Smorigo ofdisk: add a comment about vscsi method 2015-11-09 Vladimir Serbinenko fdt.mod: Move license tag to the right file. 2015-11-09 Fu Wei fdt.mod: Add missing license tag. 2015-11-09 Vladimir Serbinenko kern/elf: Ignore cast-align warnings 2015-11-09 Vladimir Serbinenko cbfs: Fix corner case and compilation with recdent gcc Accept the header to touch the jump address at 0xfffffff0. Fix compilation for 64-bit EFI with recent GCC. 2015-11-08 Vladimir Serbinenko fstester: Enforce LC_ALL=C Adapt build-system to use imported xen headers. Import xen headers directly into GRUB cbfs: Check for ptr range sanity. Triaged by Andrei and enhanced with suggestions by Aaron Durbin Also-By: Andrei Borzenkov Remove reliance C.UTF-8 genmoddep.awk: Add a test that we have no circular dependencies Makefile.core.def: Break circular dependency on arm64. autogen: Use cp instead of ln -s. libgcrypt-grub shouldn't be modified directly anyway. With this patch tarball without contrib can be unpacked on FAT and stay usable for out-of-tree compile on full POSIX FS (compile on FAT not tested). 2015-11-07 Andrei Borzenkov partmap_test: check that parted is available Skip test if parted is unavailable instead of returning false failure. 2015-11-07 grub-devel@iam.tj cryptodisk: teach grub_cryptodisk_insert() about partitions (bug #45889) It is not possible to configure encrypted containers on multiple partitions of the same disk; after the first one all subsequent fail with disk/cryptodisk.c:978: already mounted as crypto0 Store partition offset in cryptomount descriptor to distinguish between them. 2015-11-07 Andrey Borzenkov doc: document config_directory and config_file variables 2015-11-07 Andrei Borzenkov unix/getroot: remove unused MAJOR definition We use major() everywhere, these definitions just add to confusion. Add comments to code for commit d313218 2015-11-07 Andrei Borzenkov devmapper/getroot: use makedev instead of direct shift Fixes device detection with large number of devices. Reported by Tim Wallberg 2015-11-06 Andrei Borzenkov mkimage: zero fill alignment space This did not cause real problem but is good for reproducible builds. I hit it with recent bootinfoscript that displays embedded config; I was puzzled by random garbage at the end. Prezero memory buffer used to assemble core.img. This makes individual memset redundant. Also ensure buffer is filled with zeroes in several other places. Also remove redundant zeroing code where we fill in the whole memory block anyway. 2015-11-06 Vladimir Serbinenko configure.ac: Explicitly add -mno-sse3 on x86. README: Remove dead link to the wiki 2015-10-29 Andrei Borzenkov NEWS: mention powerpc64le support 2015-10-29 Ignat Korchagin tcp: Fix uninited mac address when accepting connection. 2015-10-29 Fu Wei arm64: Add support for xen boot protocol. 2015-10-29 Vladimir Serbinenko arm64: Move FDT functions to separate module 2015-10-27 Andrei Borzenkov efi: fix warnings with recent GCC ../../grub-core/term/efi/console.c:128:32: error: suggest parentheses around '&&' within '||' [-Werror=parentheses] if (key.unicode_char >= 0x20 && key.unicode_char <= 0x7f 2015-10-26 Eric Snowberg ofdisk: Fix devpath freeing logic. 2015-10-26 Paulo Flabiano Smorigo Implement cross-endian ELF load for powerpc 2015-10-25 Peter Jones Use EFI_SIMPLE_TEXT_INPUT_EX to support key combinations. 2015-10-14 Andrei Borzenkov configure: find options to force endian on MIPS 2015-10-14 Andrei Borzenkov configure: force o32 ABI on MIPS GRUB code expects O32 or N32. N32 is less tested than O32, so we prefer to compile with O32. Some systems (e.g. GNU Guix) default to using newer n64 or n32 ABI. Try to find suitable options to force o32. For GCC this is simply -mabi=32. While clang supports this option as well, o32 ABI is valid for MIPS target and n32/64 ABI are valid for MIPS64 target only, so use "-target mips/mipsel -mabi=32". Reported-By: Mark H Weaver Also-By: Mark H Weaver 2015-10-12 Andrei Borzenkov net: avoid closing NULL socket in DNS lookup Refactor code so that we do not store NULL pointers in array of in-flight DNS servers. Reported-By: Josef Bacik 2015-10-11 Andrei Borzenkov install: --compress argument is not optional Fixes crash if argument is not specified. Also use `|' to separate choices in list of compression methods to align it with --core-compress. 2015-10-11 Vladimir Serbinenko mips: Make setjmp code N32-compliant. mips: Make the assembly-code N32-compatible. There are no $t4 or $t5 in N32 but there are $a4 and $a5. 2015-10-10 Andrei Borzenkov progress: avoid NULL dereference for net files From original patch by dann frazier : grub_net_fs_open() saves off a copy of the file structure it gets passed and uses it to create a bufio structure. It then overwrites the passed in file structure with this new bufio structure. Since file->name doesn't get set until we return back to grub_file_open(), it means that only the bufio structure gets a valid file->name. The "real" file's name is left uninitialized. This leads to a crash when the progress module hook is called on it. grub_net_fs_open() already saved copy of file name as ->net->name, so change progress module to use it. Also, grub_file_open may leave file->name as NULL if grub_strdup fails. Check for it. Also-By: dann frazier 2015-10-10 Andrei Borzenkov file: ignore host disk in blocklist check It cannot work anyway because host disk cannot be read. This fixes hostfs access on native Windows build where filenames start with '\' or do not have initial separator at all (d:\foo). Issue was observed when running grub-fstest on Windows. On UNIX image name is canonicalized to always start with `/' so this was not noticed. This has side effect of allowing relative path names on host, but this already was the case with `ls' command, so it just extends it to all commands. Reported-By: Arch Stack Also-By: Arch Stack 2015-10-09 Vladimir Serbinenko mips/dl: Handle addend in RELA entries. gfxmenu/model: Delete empty file. 2015-10-09 Alexander Bluhm ufs: Fix parameters to grub_memset. len = 0 made simply no sense. Fix parameters to be in line with read. 2015-10-07 Stanislav Kholmanskikh ofnet: Do not set SUFFIX for sun4v network devices sun4v vnet devices do not implement the support of duplex and speed instance attributes. An attempt to open such a device with the attributes will fail: ok select net:speed=auto,duplex=auto Unknown key 'speed' Unknown key 'duplex' Manual Configuration: Host IP, boot server and filename must be specified WARNING: /virtual-devices@100/channel-devices@200/network@0: Can't open OBP standard TFTP package Can't open device ok Therefore, let's not set SUFFIX for such devices. 2015-10-07 Eric Snowberg sparc64 - use correct drive name within grub_util_sparc_setup Incorrect drive name was being passed into grub_util_sparc_setup, causing the grub-install to fail. 2015-09-13 Andrei Borzenkov cryptodisk: strip parenthesis from backing device name Otherwise subsequent disk open fails. Reported-By: Klemens Nanni 2015-08-22 Felix Zielcke disk/ldm, partmap/msdos.c: fix spelling error 2015-08-13 Andrei Borzenkov net: do not try to load protocol module via itself Otherwise we get infinite recursion. Closes: 45729 2015-08-09 Josef Bacik efinet: handle get_status() on buggy firmware properly The EFI spec indicates that get_status() should return the address of the buffer we passed into transmit to indicate the the buffer was transmitted. However we have boxes where the firmware returns some arbitrary address instead, which makes grub think that we've not sent anything. So since we have the SNP stuff opened in exclusive mode just assume any non-NULL txbuf means that our transmit occurred properly. This makes grub able to do its networking stuff properly on our broken firmware. Thanks, cc: Peter Jones 2015-08-09 Andrei Borzenkov linguas.sh: fix error when removing non-existing autogenerated files 2015-07-28 Vladimir Serbinenko ahci: Ensure that bus mastering is set. Fixes ahci_test failing on several platforms. 2015-07-27 Vladimir Serbinenko archelp: Never pass NULL as mtime. Moves complexity from fs code (NULL check) to common code (passing non-NULL). HFS: Convert to fshelp. HFS doesn't handle "." and ".." properly. Convert it to fshelp to reuse the logic. FAT: Convert to fshelp. exFAT doesn't handle "." and ".." correctly, convert it to fshelp to reuse the same logic. BFS: Convert to fshelp. BFS doesn't handle ".." correctly, so convert it to fshelp to reuse the logic. fshelp: Add handling of "." and ".." and grub_fshelp_find_file_lookup. Recent tests have discovered that many of our filesystems have flawed handling of "." and "..". Rather than attempting to fix it in filesystems themselves, make the common code fshelp aware of "." and ".." and handle them in this layer. Add grub_fshelp_find_file_lookup for easy conversion of BFS, HFS and exFAT which have the same problem and don't use fshelp. Switch procfs to use archelp. This fixes handling of "." and "..". grub-install: Use a+ in fopen rather than r+. r+ does not create a file if none exists. Add transform_data as a variant of data with substitutions. This fixrs name mismatch for grub.chrp with transform_program_name='s,grub,grub2,g' 2015-07-24 Ignat Korchagin efi: fix GetVariable return status check in 81ca24a GetVariable should return EFI_BUFFER_TOO_SMALL if given buffer of size zero; commit incorrectly checked for EFI_SUCCESS. 2015-07-24 Vladimir Serbinenko zfs_test: Skip dotdot in volume root test. Given special semantics of ZFS it's far from clear what the expected result is. Just skip it for now xfs_test: Test both crc and non-crc filesystems. xfs: Fix handling of symlink with crc-enabled filesystem. reiserfs: Fix handling of first entry in the directory. Fixes garbage being added to "." filename. 2015-07-23 Ignat Korchagin efi: fix memory leak in variable handling 2015-07-23 Vladimir Serbinenko exclude.pot: Add missing blacklisted strings. archelp: Fix handling of dot and dotdot at the end of the name. Fixes cpio_test and tar_test. arm-emu: Add __aeabi_memcpy* and __aeabi_memclr* symbols. Fixes compilation with clang. 2015-07-22 Vladimir Serbinenko fwstart: Fix loading of address of read_spd_fail. fwstart: Add missing argument to p2align. Resulting binary is unchanged as it happens we were already aligned by chance. 2015-07-22 Vladimir Serbinenko fwstart: Replace blt with bltz. blt A, $zero, B and bltz A, B are equivalent but clang recognizes only later, so use it. Resulting binary is unchanged. 2015-07-22 Vladimir Serbinenko Remove mips_attributes. mips_attributes was introduced to work around clang problems with -msoft-float. Those problems are now fixed and moreover .gnu_attributes itself is unportable and creates problem with clang. Revert "mips: Fix soft-float handling." This partially reverts commit 6a4ecd276ed39f66be0ad6ff0f8ff67598098605. 2015-07-22 Vladimir Serbinenko ARM: provide __aeabi_memclr* and __aeabi_memcpy* symbols Fixes compilation with recent clang. diskfilter: Make name a const char to fix compilation error. dmraid_nvidia: Set a name to usable value to avoid null dereference. Reported by: Andrei Borzenkov configure.ac: Handle powerpc64le compiler Also-by: Paulo Flabiano Smorigo 2015-07-20 Bernhard Übelacker loader/linux: Make trailer initrd entry aligned again. Regression from commit: loader/linux: do not pad initrd with zeroes at the end a8c473288d3f0a5e17a903a5121dea1a695dda3b Wimboot fails since the change above because it expects the "trailer" initrd element on an aligned address. This issue shows only when newc_name is used and the last initrd entry has a not aligned size. 2015-07-16 Vladimir Serbinenko XFS: Fix wrong alignment treatment. grub_ext2_read_block: Fix return type on error. 2015-07-05 Andrei Borzenkov use TARGET_LDFLAGS in grub_PROG_OBJCOPY_ABSOLUTE That's what Makefile will use and it is required if unusual flags must be passed to linker (e.g. to build ppc32 code on ppc64le with clang). 2015-06-26 Michael Chang Fix missing byte order conversion in get_btrfs_fs_prefix function Since btrfs on-disk format uses little-endian, the searched item types (ROOT_REF, INODE_REF) need converting the byte order in order to function properly on big-endian systems. 2015-06-26 Andrei Borzenkov chainloader: fix resoource leak Found by: Coverity scan. CID: 96651 loader/bsd: fix memory leak Found by: Coverity scan. CID: 96662, 96665 2015-06-20 Andrei Borzenkov loader/bsd: free memory leaks Found by: Coverity scan. CID: 96671, 96658, 96653 search_wrap: fix memory leak Found by: Coverity scan. CID: 96675 password_pbkdf2: fix memory leak Found by: Coverity scan. CID: 96676 normal: fix memory leak Found by: Coverity scan. CID: 96677 efi/serial: fix memory leak Found by: Coverity scan. CID: 96678 ohci: fix memory leak Found by: Coverity scan. CID: 96679 loader/bsd: free memory leaks Found by: Coverity scan. CID: 96682 multiboot: fix memory leak Found by: Coverity scan. CID: 96684 normal: fix memory leak Found by: Coverity scan. CID: 96685 loader/bsd: fix memory leak Found by: Coverity scan. CID: 96686 reed_solomon: fix memory leak Found by: Coverity scan. CID: 96688 usb: fix use after free Found by: Coverity scan. CID: 96704 xnu: fix use after free Found by: Coverity scan. CID: 96706 disk/scsi: fix use after free Found by: Coverity scan. CID: 96713 efi/chainloader: fix use after free Found by: Coverity scan. CID: 96714 search: fix use after free Found by: Coverity scan. CID: 96715 NEWS: emu libusb support removed 2015-06-19 Andrei Borzenkov grub-probe: fix memory leak in probe (ofpath) Found by: Coverity scan. CID: 73772 2015-06-19 Andrei Borzenkov grub-probe: restructure code to make static analysis easier Current code in probe() could not be verified to not contain memory leaks. Restructure code and ensure grub_device_close is always called at the end of loop. Calms down Coverity scan. CID: 73739 2015-06-19 Andrei Borzenkov zfs: fix memory leak Found by: Coverity scan. CID: 73647 xfs: silence Coverity overflow warning inode size cannot really overflow integer, but Coverity does not know it. CID: 96602 zfs: memory leak Found by Coverity scan. CID: 96603 unix/getroot: memory leak Found by Coverity scan. CID: 96605 unix/relpath: memory leak Found by Coverity scan. CID: 96606 2015-06-19 Andrei Borzenkov syslinux_parse: assorted issues found by Coverity 1. Remove unneeded NULL check CID: 96607 2. Do not allocate storage for initrd, copy it directly from input buffer. Avoids memory leak in failure path. CID: 96604 3. Unchecked error return from print() CID: 96601, 73595 2015-06-19 Andrei Borzenkov syslinux_parse: make print_escaped actually stop before `to' The only current user is mboot.c32 which unfortunately is not covered by regression tests. 2015-06-18 Andrei Borzenkov fat: fix handling of "." and ".." directory entries Emulate dot and dotdot in root directory. For other directories do not add separator between name and extension for these two special entries. Closes: 45335 2015-06-18 Andrei Borzenkov tests: regression tests for "." and ".." directory entries 2015-06-16 Andrei Borzenkov efinet: enable hardware filters when opening interface Exclusive open on SNP will close all existing protocol instances which may disable all receive filters on interface. Reinstall them after we opened protocol exclusively. Also follow UEFI specification recommendation and stop interfaces when closing them: Unexpected system errors, reboots and hangs can occur if an OS is loaded and the network devices are not Shutdown() and Stopped(). Also by: Mark Salter Closes: 45204 2015-06-16 Andrei Borzenkov NEWS: mention libgcc removal 2015-06-15 Paulo Flabiano Smorigo Add flag for powerpc ieee1275 to avoid unneeded optimizations 2015-06-12 Mark Salter Fix exit to EFI firmware The current code for EFI grub_exit() calls grub_efi_fini() before returning to firmware. In the case of ARM, this leaves a timer event running which could lead to a firmware crash. This patch changes this so that grub_machine_fini() is called with a NORETURN flag. This allows machine-specific shutdown to happen as well as the shutdown done by grub_efi_fini(). 2015-06-12 Paul Menzel disk/ahci.c: Use defines `GRUB_AHCI_HBA_PORT_CMD_SPIN_UP` and `GRUB_AHCI_HBA_PORT_CMD_POWER_ON` Instead of hard coding `2` and `4` use the macros defined already at the top of the file. As a consequence, wrap the now too long line. 2015-06-12 Andrei Borzenkov NEWS: XFS v5 support 2015-06-12 Jan Kara xfs: V5 filesystem format support Add support for new XFS on disk format. We have to handle optional filetype fields in directory entries, additional CRC, LSN, UUID entries in some structures, etc. xfs: Add helpers for inode size Add helpers to return size of XFS inode on disk and when loaded in memory. 2015-06-04 Toomas Soome multiboot_header_tag_module_align fix to confirm multiboot specification 2015-06-02 Leif Lindholm configure.ac: clean up arm64 soft-float handling Fix compilation with gcc 5.1 (avoid internal compiler error), by replacing explicit -march +nofp+nosimd options with -mgeneral-regs-only. This also enables the removal of some further conditional build flag setting. 2015-06-01 dann frazier arm64/setjmp: Add missing license macro Including the setjmp module in an arm64-efi image will cause it to immediately exit with an "incompatible license" error. The source file includes a GPLv3+ boilerplate, so fix this by declaring a GPLv3+ license using the GRUB_MOD_LICENSE macro. 2015-05-31 Paul Menzel disk/ahci.c: Add port number to port debug messages Currently, some messages cannot be mapped to the port they belong to as the port number is missing from the output. So add `port: n` to the debug messages. 2015-05-30 Andrei Borzenkov Clarify use of superusers variable and menu entry access superusers controls both CLI and editing. Also explicitly mention that empty superusers disables them. "Access to menuentry" is a bit vague - change to "execute menuentry" to make it obvious, what access is granted. 2015-05-30 Paul Menzel Correct spelling of *scheduled* Run the command below $ git grep -l schedulded | xargs sed -i 's/schedulded/scheduled/g' and revert the change in `ChangeLog-2015`. Including "miscellaneous" spelling fix noted by richardvoigt@gmail.com 2015-05-30 Toomas Soome zfs extensible_dataset and large_blocks feature support large blocks basically use extensible dataset feature, or to be exact, setting recordsize above 128k will trigger large_block feature to be enabled and storing such blocks is using feature extensible dataset. so the extensible dataset is prerequisite. Changes implement read support extensible dataset… instead of fixed DMU types they dont specify type, making it possible to use fat zap objects from bonus area. 2015-05-27 Vladimir Serbinenko multiboot1: never place modules in low memory. While in theory permitted by the spec, modules rarely fit in low memory anyway and not every kernel is able to handle modules in low memory anyway. At least VMWare is known not to be able to handle modules at arbitrary locations. 2015-05-24 Paul Menzel disk/ahci: Use defines `GRUB_ATA_STATUS_BUSY` and `GRUB_ATA_STATUS_DRQ` Instead of hard coding `0x88` use the macros defined in `disk/ata.h`. 2015-05-19 Paul Menzel cb_timestamps.c: Add new time stamp descriptions Add the descriptions of the “core”, that means no vendorcode or payload, coreboot time stamps added up to coreboot commit a7d92441 (timestamps: You can never have enough of them!) [1]. Running `coreboot_boottime` in the GRUB command line interface now shows descriptions for all time stamps again on the ASRock E350M1. [1] http://review.coreboot.org/9608 2015-05-17 Andrei Borzenkov bootp: ignore gateway_ip (relay) field. From RFC1542: The 'giaddr' field is rather poorly named. It exists to facilitate the transfer of BOOTREQUEST messages from a client, through BOOTP relay agents, to servers on different networks than the client. Similarly, it facilitates the delivery of BOOTREPLY messages from the servers, through BOOTP relay agents, back to the client. In no case does it represent a general IP router to be used by the client. A BOOTP client MUST set the 'giaddr' field to zero (0.0.0.0) in all BOOTREQUEST messages it generates. A BOOTP client MUST NOT interpret the 'giaddr' field of a BOOTREPLY message to be the IP address of an IP router. A BOOTP client SHOULD completely ignore the contents of the 'giaddr' field in BOOTREPLY messages. Leave code ifdef'd out for the time being in case we see regression. Suggested by: Rink Springer Closes: 43396 2015-05-17 Andrei Borzenkov hostdisk: fix crash with NULL device.map grub-macbless calls grub_util_biosdisk_init with NULL device.map. 2015-05-14 Andrei Borzenkov zfs: fix integer truncation in zap_lookup Size after shift could exceed 16 bits; use grub_unit32_t for result. Reported and tested by: Kostya Berger Closes: 44448 2015-05-13 Andrei Borzenkov remove extra newlines in grub_util_* strings grub_util_{info,warn,error} already add trailing newlines, so remove them from format strings. Also trailing full stops are already added. 2015-05-12 Jan Kara xfs: Convert inode numbers to cpu endianity immediately after reading Currently XFS driver converted inode numbers to native endianity only when using them to compute inode position. Although this works, it is somewhat confusing. So convert inode numbers when reading them from disk structures as every other field. 2015-05-11 Jan Kara xfs: Fix termination loop for directory iteration Directory iteration used wrong position (sizeof wrong structure) for termination of iteration inside a directory block. Luckily the position ended up being wrong by just 1 byte and directory entries are larger so things worked out fine in practice. But fix the problem anyway. 2015-05-08 Andrei Borzenkov acpi: do not skip BIOS scan if EBDA length is zero EBDA layout is not standardized so we cannot assume first two bytes are length. Neither is it required by ACPI standard. HP 8710W is known to contain zeroes here. Closes: 45002 2015-05-07 Andrei Borzenkov Add asm-tests to tarball 2015-05-07 Vladimir Serbinenko util/grub-mkrescue: Fix compilation 2015-05-07 Andrei Borzenkov efinet: open Simple Network Protocol exclusively EDK2 network stack is based on Managed Network Protocol which is layered on top of Simple Management Protocol and does background polling. This polling races with grub for received (and probably trasmitted) packets which causes either serious slowdown or complete failure to load files. Open SNP device exclusively. This destroys all child MNP instances and stops background polling. Exclusive open cannot be done when enumerating cards, as it would destroy PXE information we need to autoconfigure interface; and it cannot be done during autoconfiguration as we need to do it for non-PXE boot as well. So move SNP open to card ->open method and add matching ->close to clean up. Based on patch from Mark Salter Also-By: Mark Salter Closes: 41731 2015-05-07 Andrei Borzenkov efinet: skip virtual IPv4 and IPv6 devices when enumerating cards EDK2 PXE driver creates two child devices - IPv4 and IPv6 - with bound SNP instance. This means we get three cards for every physical adapter when enumerating. Not only is this confusing, this may result in grub ignoring packets that come in via the "wrong" card. Example of device hierarchy is Ctrl[91] PciRoot(0x0)/Pci(0x3,0x0) Ctrl[95] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1) Ctrl[B4] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1)/IPv4(0.0.0.0) Ctrl[BC] PciRoot(0x0)/Pci(0x3,0x0)/MAC(525400123456,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000) Skip PXE created virtual devices when enumerating cards. Make sure to find real card when applying initial autoconfiguration during PXE boot, this information is associated with one of child devices. 2015-05-07 Andrei Borzenkov efidisk: move device path helpers in core for efinet convert to, not from, CPU byte order in DNS receive function 2015-05-07 Andrei Borzenkov loader/linux: do not pad initrd with zeroes at the end Syslinux memdisk is using initrd image and needs to know uncompressed size in advance. For gzip uncompressed size is at the end of compressed stream. Grub padded each input file to 4 bytes at the end, which means syslinux got wrong size. Linux initramfs loader apparently does not care about trailing alignment. So change code to align beginning of each file instead which atomatically gives us the correct size for single file. Reported-By: David Shaw 2015-05-07 Daniel Kiper i386/relocator: Remove unused extern grub_relocator64_rip_addr 2015-05-07 Vladimir Serbinenko grub-install-common: Increase buf size to 8192 as modinfo.sh is bigger. 2015-05-07 Vladimir Serbinenko grub-mkrescue: Recognize -output as an alias of --output. This helps us to be in line with xorriso -as mkisofs. Suggested by: Thomas Schmitt 2015-05-07 Vladimir Serbinenko linux.c: Ensure that initrd is page-aligned. Revert parts accidentally committed 2 commits ago. 2015-05-07 Fu Wei fdt.h: Add grub_fdt_set_reg64 macro arm64: Export useful functions from linux.c 2015-05-04 Andrei Borzenkov Revert "efinet: memory leak on module removal" This reverts commits 47b2bee3ef0ea60fc3f5bfc37f3784e559385297 and 8d3c4544ffdd0289a4b0bdeb0cdc6355f801a4b3. It is not safe to free allocated cards, dangling pointers main remain. Such cleanup requires more changes in net core. efinet: cannot free const char * pointer efinet: memory leak on module removal 2015-05-03 Andrei Borzenkov zfs: add missing NULL check and fix incorrect buffer overwrite grub_memset should zero out padding after data end. It is not clear why it is needed at all - ZFS block is at least 512 bytes and power of two, so it is always multiple of 16 bytes. This grub_memset apparently never did anything. 2015-05-03 Toomas Soome zfs: com.delphix:embedded_data feature support zfs: com.delphix:hole_birth feature support In the past birth was always zero for holes. This feature started to make use of birth for holes as well, so change code to test for valid DVA address instead. 2015-04-29 Andrei Borzenkov grub-mkconfig: use $pkgdatadir in scripts Otherwise scripts will source wrong grub-mkconfig_lib. 2015-04-24 Vladimir Serbinenko Remove -V in grub-mkrescue.c It clashhes with -V which is alias to -volid. 2015-04-13 Toomas Soome getroot: include sys/mkdev.h for makedev Solaris (like) systems need to include sys/mkdev.h for makedev() function. 2015-04-13 Toomas Soome core/partmap: rename 'sun' to avoid clash with predefined symbol the symbol “sun” is defined macro in solaris derived systems, from gcc -dM -E: and therefore can not be used as name. 2015-04-12 Paul Menzel docs/grub.texi: Fix spelling of cbfstool 2015-04-06 Andrei Borzenkov core: avoid NULL derefrence in grub_divmod64s It can be called with NULL for third argument. grub_divmod32* for now are called only from within wrappers, so skip check. Reported-By: Michael Zimmermann 2015-03-28 Andrei Borzenkov do not emit cryptomount without crypto UUID 2015-03-28 Sarah Newman grub-core/loader/i386/xen.c: Initialized initrd_ctx so we don't free a random pointer from the stack. 2015-03-27 Andrei Borzenkov net: trivial grub_cpu_to_XX_compile_time cleanup 2015-03-27 Lunar syslinux: Support {vesa,}menu.c32. 2015-03-27 Steve McIntyre Recognize EFI platform even in case of mismatch between Linux and EFI. Some x86 systems might be capable of running a 64-bit Linux kernel but only use a 32-bit EFI (e.g. Intel Bay Trail systems). It's useful for grub-install to be able to recognise such systems, to set the default x86 platform correctly. To allow grub-install to know the size of the firmware rather than just the size of the kernel, there is now an extra EFI sysfs file to describe the underlying firmware. Read that if possible, otherwise fall back to the kernel type as before. 2015-03-27 Michael Zimmermann Add missing initializers to silence suprious warnings. 2015-03-27 Leif Lindholm dl_helper: Cleanup Use the new thumb_get_instruction_word/thumb_set_instruction_word helpers throughout. Style cleanup (missing spaces). Move Thumb MOVW/MOVT handlers into Thumb relocation section of file. 2015-03-27 Martin Wilck efinet: Check for immediate completition. This both speeds GRUB up and workarounds unexpected EFI behaviour. 2015-03-27 Vladimir Serbinenko Make Makefile.util.def independent of platform. 2015-03-27 Daniel Kahn Gillmor util/mkimage: Use stable timestamp when generating binaries. 2015-03-27 Vladimir Serbinenko modinfo.sh.in: Add missing config variables. Makefile.core.def: Remove obsolete LDADD_KERNEL arp, icmp: Fix handling in case of oversized or invalid packets. This restrict ARP handling to MAC and IP addresses but in practice we need only this case anyway and other cases are very rar if exist at all. It makes code much simpler and less error-prone. 2015-03-23 Colin Watson hostfs: Drop unnecessary feature test macros _BSD_SOURCE was added to allow the use of DT_DIR, but that was removed in e768b77068a0b030a07576852bd0f121c9a077eb. While adding _DEFAULT_SOURCE as well works around problems with current glibc, neither is in fact needed nowadays. 2015-03-20 Vladimir Serbinenko compiler-rt-emu: Add missing file. emunet: Fix init error checking. Otherwise emunet doesn't expose any cards. fddboot_test: Add -no-pad to xorriso. grub-mkrescue: pass all unrecognized options unchanged to xorriso. cacheinfo: Add missing license information. 2015-03-19 Andrei Borzenkov grub-fs-tester: add LVM RAID1 support LVM miscalculates bitmap size with small extent, so start with 16K as for other RAID types. Until version 2.02.103 LVM counts metadata segments twice when checking available space, reduce segment count by one to account for this bug. 2015-03-19 Andrei Borzenkov core: add LVM RAID1 support Closes 44534. 2015-03-16 Andrei Borzenkov grub-fs-tester: explicitly set segment type for LVM mirror LVM mirror defaults to RAID1 today and can be different on different systems as set in lvm.conf. 2015-03-15 Andrei Borzenkov grub-fs-tester: better estimation of filesystem time for LVM/RAID Write activity with LVM/RAID can happen after filesystem is unmounted. In my testing modification time of loop files was 15 - 20 seconds after unmount. So use time as close to unmount as possible as reference instead. 2015-03-06 Vladimir Serbinenko hfsplus: Fix potential access to uninited memory on invalid FS 2015-03-06 Jon McCune autogen.sh: Allow overriding the python to be used by setting $PYTHON. Some installations have several python versions installed. Allow user to choose which one to use by setting $PYTHON. 2015-03-05 Andrei Borzenkov update gnulib/argp-help.c to fix garbage in grub-mknetdir --help output argp_help attempts to translate empty string, which results in printing meta information about translation, like in bor@opensuse:~/build/grub> grub2-mknetdir --help Использование: grub2-mknetdir [ПАРАМЕТР…] Project-Id-Version: grub 2.02-pre2 Report-Msgid-Bugs-To: bug-grub@gnu.org ... Update gnulib/argp-help.c to the current version which fixes this (commit b9bfe78424b871f5b92e5ee9e7d21ef951a6801d). 2015-03-05 Andrey Borzenkov update m4/extern-inline.m4 to upstream version to fix compilation on FreeBSD In file included from util/grub-mkimage.c:54:0: ./grub-core/gnulib/argp.h:627:49: error: '__sbistype' is static but used in inline function '_option_is_short' which is not static [-Werror] cc1: all warnings being treated as errors gmake[2]: *** [util/grub_mkimage-grub-mkimage.o] Error 1 Update m4/extern-inline.m4 to current upstream gnulib version that contains fix for this (commit b9bfe78424b871f5b92e5ee9e7d21ef951a6801d). Reported-By: Beeblebrox 2015-03-04 Vladimir Serbinenko syslinux_parse: Fix the case of unknown localboot. Reported by: Jordan Uggla configure.ac: Fix the name of pciaccess header. Fix canonicalize_file_name clash. canonicalize_file_name clashed with gnulib function. Additionally it was declared in 2 places: emu/misc.h and util/misc.h. Added grub_ prefix and removed second declaration. 2015-03-03 Vladimir Serbinenko Remove emu libusb support. It's disabled by default and has been broken for a long time. As nobody is interested in fixing and maintaining it, remove it. configure.ac: Remove unused COND_clang Remove libgcc dependency. libgcc for boot environment isn't always present and compatible. libgcc is often absent if endianness or bit-size at boot is different from running OS. libgcc may use optimised opcodes that aren't available on boot time. So instead of relying on libgcc shipped with the compiler, supply the functions in GRUB directly. Tests are present to ensure that those replacement functions behave the way compiler expects them to. types.h: Use __builtin_bswap* with clang. clang pretends to be GCC 4.2 but we use __builtin_bswap* only with GCC 4.3+. clang support __builtin_bswap*, so use it. configure.ac: Set $CPPFLAGS when checking for no_app_regs. Fixes compilation for sparc64 with clang. Don't continue to query block-size if disk doesn't have it. Stops poluting screen with a lot of "block-size: exception -21". 2015-02-28 Andrei Borzenkov grub-probe: free temporary variable 2015-02-28 Vladimir Serbinenko exclude.pot: Add new technical strings grub-probe: Mark a "[default=]" for translation. grub-shell: Add missing --locale-directory. Fixes the language tests is no make install was done. ntfs_test: Skip is setfattr is unavailable. 2015-02-26 Vladimir Serbinenko emu/cache: Change declaration of __clear_cache to match builtin declaration. Fixes compile of arm64-emu. arm/dl: Fix handling of nonstandard relocation sizes gzio: Optimize by removing division. raid6: Optimize by removing division. dmraid_nvidia: Fix division by 0 and missing byte-swap. crypto: restrict cipher block size to power of 2. All current ciphers have blocks which are power of 2 and it's unlikely to change. Other block length would be tricky to handle anyway. This restriction allows avoiding extra divisions. jpeg: Optimise by replacing division with shifts. png: Optimize by avoiding divisions. Add missing lib/division.c fbblit: Optimize by replacing division with additions and shifts. bitmap_scale: Optimize by moving division out of the loop. minilzo: Skip parts tha we don't need. 2015-02-23 Vladimir Serbinenko mips: Fix soft-float handling. Add -msoft-float alongside clang arguments to specify ABI. Specify ABI in asm files explicitly. This trigers asm warning due to gcc failing to propagate -msoft-float but it's tolerable. Add missing grub_ prefix in memcpy invocation Allow clang compilation for thumb with -mthumb-interwork. clang already uses -mthumb-interwork behaviour even thout it doesn't support the option. arm64: Fix compilation failure. Don't supply +nosimd to asm files. Otherwise +nosimd coming from flags forbids some of instructions used in cache_flush. Supply signed division to fix ARM compilation. Previously we supplied only unsigned divisions on platforms that need software division. Yet compiler may itself use a signed division. A typical example would be a difference between 2 pointers which involves division by object size. 2015-02-22 Vladimir Serbinenko acpi: Fix unused function warning. configure.ac: Add ia64-specific way to disable floats. i386/tsc: Fix unused function warning on xen. 2015-02-22 Vladimir Serbinenko Experimental support for clang for sparc64. Automatically discover command line options to make clang and gcc behave in same way. Tested with qemu. 2015-02-22 Vladimir Serbinenko Discover which option provides soft-float on configure stage. Deals with clang needing other arguments to stop issuing floating instructions than gcc. 2015-02-21 Vladimir Serbinenko mips: Switch to more portable .org Binary is unchanged. sparc64: Switch to more portable .org. Binaries are unchanged. kernel-8086: Switch to more portable .org. Relax requirements on asm for non-BIOS i386 platforms. These platforms don't have a hard limit on size of resulting code16 code, so we don't care if assembly is bigger than necessarry. qemu: Switch to more portable .org Binary is checked identical. qemu: Fix GateA20 enabling. GateA20 code was inactive due to address error. qemu: Fix compilation Remove realmode.S from coreboot and qemu. It's not used there. Remove obsolete ADDR32 and DATA32 checks. i386: Remove needless ADDR32 prefixes when address is known and fixed. Shaves off 6 bytes in lzma_decompress.img. i386-pc/boot: Explicitly mark kernel_address[_high] as local. Otherwise apple asm might try to make accesses relocatable. Change dot assignmnet to more portable .org. Binary is unchanged (verified) i386: Move from explicit ADDR32/DATA32 prefixes to instruction suffixes. Is more portable. Binary is unchanged (verified). Test which flags make our asm compile. Previously we relied on assumption that clang always needs -no-integrated-as but it's not always true. INSTALL: clarify that clang support is experimental zfs/mzap_lookup: Fix argument types wildcard: Mark unused argument as such. ofdisk: Exclude floppies from scanning. It causes similar hang as CD on at least the qemu. configure: Add -msoft-float to CCASFLAGS Otherwise mismatch between API flags triggers linker failure mips/startup_raw: Use more portable .asciz Provide __aeabi_mem{cpy,set} Fixes ARM compilation div_test: Don't try to divide by zero INSTALL: Fix names of host flags to match actual behaviour Strip .MIPS.abiflags which causes compile failure 2015-02-20 Vladimir Serbinenko configure: Move adding of include options to the very end to avoid subshell. configure: Add missing comma. 2015-02-16 Vladimir Serbinenko ext2: Ignore INCOMPAT_MMP. It's not really incompatible as long as driver never writes to FS. ext2: Support META_BG. This fixes bug that system would become unbootable after ext* online resize if no resize_inode was created at ext* format time. 2015-02-16 Andrei Borzenkov tests: remove hardcoded paths from syslinux_test abs_top_srcdir appeared in Autoconf 2.52f. Minimal grub requirement is 2.60 so we should be good here. build-sys: add syslinux test files to tarball 2015-02-16 Vladimir Serbinenko Add test for syslinux converter 2015-02-16 Vladimir Serbinenko Don't remove initrd= parameter. Based on simplified patch by Lunar. Reported by: Lunar 2015-02-16 Vladimir Serbinenko syslinux_parse: Always output comments even if no entries are found. 2015-02-15 Andrei Borzenkov diskfilter_make_raid: more memory leaks in failure path 2015-02-14 Vladimir Serbinenko disk/lvm: Use zalloc to ensure that segments are initialised to sane value. Reported by: EmanueL Czirai. 2015-02-14 Daniel Kiper multiboot2: Fix information request tag size calculation 2015-02-14 Andrei Borzenkov diskfilter: fix double free of lv names for mdraid Avoid micro-optimization in grub_diskfilter_make_raid and make sure name and fullname are independent strings. This avoids need to special case it everywhere else. Also fix memory leak in failure case in grub_diskfilter_make_raid. Closes: 41582 2015-02-14 Andrei Borzenkov diskfilter: fix crash in validate_lv for mdraid arrays Commit 750f4bacd3262376ced3f837d8dc78f834ca233a put LV validation before actual vg assignment. Make grub_diskfilter_make_raid to assign ->vg as happens in other cases for consistency. Also clean up redundant code and add explicit NULL lv->vg check in validate_lv. Also fix segment validation in validate_lv; it became obvious when crash was fixed. Closes: 44199 2015-02-12 Jiri Slaby util: mkimage, fix gcc5 build failure gcc5 reports: ../util/mkimage.c: In function 'grub_install_get_image_target': ../util/mkimage.c:954:5: error: loop exit may only be reached after undefined behavior [-Werror=aggressive-loop-optimizations] && j < ARRAY_SIZE (image_targets[i].names); j++) ^ ../util/mkimage.c:953:39: note: possible undefined statement is here for (j = 0; image_targets[i].names[j] ^ Well, let's move the index 'j' test before accesing the array to: 1) make the loop obvious 2) make gcc happy 2015-02-03 Leif Lindholm arm: implement additional relocations generated by gcc 4.9 at -O3 GCC 4.9 also generates R_ARM_THM_MOVW_ABS_NC and R_ARM_THM_MOVT_ABS, as an alternative to ABS32. 2015-01-30 Andrei Borzenkov setup: fix blocklist size calculation Found by: Coverity scan. grub-fstest: fix descriptor leak Found by: Coverity scan. 2015-01-30 Andrei Borzenkov net/pxe: fix error condition Test return value of grub_netbuff_reserve(), buf itself cannot be NULL here. Found by: Coverity scan. 2015-01-30 Andrei Borzenkov grub-mkimage: fix potential NULL pointer dereference Move fatal check whether symtab_section is NULL before first reference. Found by: Coverity scan. 2015-01-30 Andrei Borzenkov net/ip: check result of grub_netbuff_push Found by: Coverity scan. tests: add test command file tests This requires access to files in both host and grub image, so implementing as separate test unit instead of script test was more easy. test: consistently use TMPDIR and same name pattern for temp files test: fix previous commit - we need to return from subexpression ( ... ) was processed recursively, we need to return from it. Revert this change. test: do not stop after first file test or closing bracket Closes: 44115 2015-01-28 Leif Lindholm configure.ac: don't use -msoft-float for arm64 aarch64 toolchains do not support the -msoft-float option added by commit 3661261f. Insted, for arm64 use -march=armv8-a+nofp+nosimd. Reported-by: Ryan Harkin 2015-01-28 Andrei Borzenkov script/execute.c: fix memory leak. Make sure to continue loop over array after failure to free allocated strings. Found by: Coverity scan. 2015-01-28 Andrei Borzenkov syslinux_parse: fix memory leak. Found by: Coverity scan. 2015-01-27 Andrei Borzenkov Change quotes to match overall style in NEWS loader/xnu: fix memory leak. Foound by: Coverity scan. util/grub-probe: fix memory leaks. Found by: Coverity scan. fs/hfsplus: fix memory leak. Found by: Coverity scan. fs/zfs/zfscrypt.c: fix indentation. fs/zfs/zfscrypt.c: fix memory leaks. Found by: Coverity scan. commands/parttool: fix memory leak. Found by: Coverity scan. fs/zfs/zfs.c: fix memory leak. Found by: Coverity scan. linux/ofpath: fix descriptor leak Found by: Coverity scan linux/hostdisk: use strncpy instead of strlcpy strlcpy is not available on Linux as part of standard libraries. It probably is not worth extra configure checks espicially as we need to handle missing function anyway. 2015-01-27 Vladimir Serbinenko Document intentional fallthroughs. Found by: Coverity scan. linux/ofpath: Fix error handling. Found by: Coverity Scan. linux/hostdisk: Limit strcpy size to buffer size. Found by: Coverity scan. fs/zfscrypt: Add missing explicit cast. Found by: Coverity scan. fs/zfs: Fix error handling. Found by: Coverity Scan. 2015-01-27 Vladimir Serbinenko fs/{cbfs,cpio}: Remove useless check if mode is NULL. Callers already ensure that it's not null. Found by: Coverity Scan. 2015-01-27 Vladimir Serbinenko commands/acpi: Use ALIGN_UP rather than manual expression. Improves readability and hopefully automatic scanning. Found by: Coverity Scan. 2015-01-26 Andrei Borzenkov util/setup: fix memory leak. Found by: Coverity scan. util/mkimage: fix memory leaks. Found by: Coverity scan. util/grub-mount: fix descriptor leak. Found by: Coverity scan. util/grub-mkstandalone: fix memory leak. Found by: Coverity scan. util/grub-install: rearrange code to avoid memory leak. Found by: Coverity scan. linux/getroot: fix memory leak. Found by: Coverity scan. util/install: fix memory leak. Found by: Coverity scan. util/setup: fix memory leak. Found by: Coverity scan. linux/ofpath: fix various memory leaks. Found by: Coverity scan. linux/getroot: fix descriptor leak. Found by: Coverity scan. 2015-01-26 Vladimir Serbinenko util/misc.c: Check ftello return value. Found by: Coverity scan. grub-macbless: Fix resource leak. Found by: Coverity scan. grub-install: Fix memory leak. Found by: Coverity scan. grub-install-common: Fix sizeof usage. Found by: Coverity scan. util/getroot: Add missing grub_disk_close. Found by: Coverity scan. vbe: Fix incorrect register usage. Found by: Coverity scan. unix/password: Fix file descriptor leak. Found by: Coverity scan. linux/getroot: Fix error handling. Found by: Coverity scan. linux/blocklist: Fix memory leak. Found by: Coverity scan. devmapper/getroot: Fix memory leak. Found by: Coverity scan. normal/misc: Close device on all pathes. Found by: Coverity scan. normal/main: Fix error handling. Found by: Coverity scan. xnu: Add missing error check. Found by: Coveriy scan. plan9: Add missing grub_device_close. Found by: Coverity scan. multiboot: Simplify to avoid confusing assignment. Found by: Coverity scan. bsd: Add missing null-pointer check. Found by: Coverity scan. lib/syslinux_parse: Add missing error check. Found by: Coverity scan. lib/syslinux_parse: Fix memory leak. Found by: Coveriy scan. lib/syslinux_parse: Add missing alloc check. Found by: Coverity scan. i386/pc/mmap: Fix memset size. Found by: Coverity scan. gfxmenu/theme_loader: Add missing allos error check. Found by: Coverity scan. gfxmenu/icon_manager: Fix null pointer dereference. Found by: Coverity scan. fs/ufs: Add missing error check. Found by: Coverity scan. configure.ac: Always add -D_FILE_OFFSET_BITS=64. 2015-01-25 Vladimir Serbinenko fs/sfs: Fix error check and add sanity check. Found by: Coverity scan. fs/reiserfs: Fix sector count overflow. Found by: Coverity scan. fs/ntfs: Add sizes sanity checks. Found by: Coverity scan. fs/ntfs: Add missing free. Found by: Coverity scan. 2015-01-25 Vladimir Serbinenko fs/minix: Fix sector promotion to 64-bit. While on it make GRUB_MINIX_ZONE2SECT into function. Found by: Coverity scan 2015-01-25 Vladimir Serbinenko grub_iso9660_read: Explicitly check read_node return value. Not really needed as grub_errno is already checked but is nicer. Found by: Coverity scan. 2015-01-25 Andrei Borzenkov commands/fileXX: Fix remaining memory leak. Found by: Coverity Scan. 2015-01-25 Vladimir Serbinenko fs/hfs: Add pointer sanity checks. Found by: Coverity scan. fs/hfs/hfs_open: Check that mount succeeded. Found by: Coverity scan. fs/fat: Fix codepath to properly free on error. Found by: Coverity scan. fs/cpio_common: Add a sanity check on namesize. Found by: Coverity scan. fs/cbfs: Add missing free. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko font: Add missing free. Found by: Coverity Scan. biosdisk: Add missing cast. Found by: Coverity scan. disk/geli: Add missing free. Found by: Coverity scan. disk/geli: Add missing seek success check. Found by: Coverity scan. disk/diskfilter: Add missing lv presence check. Found by: Coverity scan. disk/cryptodisk: Add missing error check. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko disk/ahci: Fix device_map_range argument. Argument is not used on x86, hence it's gone unnoticed. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko disk/AFsplitter: check argument validity before doing any allocs. This avoids possible memory leaks. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko commands/wildcard: Add missing free. Found by: Coverity scan. commands/verify: Fix sha1 context zeroing-out. Current code doesn't zero-out context completely. It's a minor issue really as sha1 init already takes care of initing the context. commands/tr: Simplify and fix missing parameter test. Found by: Coverity scan commands/syslinux: Add missing free. Found by: Coverity scan. commands/parttool: Add missing device close. Found by: Coverity scan. commands/nativedisk: Add missing device_close. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko commands/macbless: Handle device opening errors correctly. Wrong variable was checked for errors. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko commands/macbless: Fix potential overflow. Is a minor concern as no such FS would be created under normal circumstances and failure was benign. Found by: Coverity scan. 2015-01-24 Vladimir Serbinenko commands/macbless: Remove incorrect grub_free. Found by: Coverity Scan commands/legacycfg: Fix resource leaks. zfs: Fix disk-matching logic. Reported by: Tim Chase commands/hdparm: Add missing grub_disk_close. Found by: Coverity scan. gptsync: Add missing device_close. Found by: Coverity scan commands/fileXX: Fix memory leak. Found by: Coverity Scan. 2015-01-24 Vladimir Serbinenko commands/file: Change the confusing loop stop condition. Old condition was used to zero-out header variable on exit of the loop. This is correct but confusing. Replace with in-loop logic. Found by: Coverity Scan. 2015-01-24 Vladimir Serbinenko commands/acpi: Use ALIGN_UP rather than manual expression. Improves readability and hopefully automatic scanning. Found by: Coverity Scan. 2015-01-24 Vladimir Serbinenko uhci: Fix null pointer dereference. Found by: Coverity scan. Always add -msoft-float to avoid compiler generating float arithmetics. 2015-01-24 Vladimir Serbinenko Generate empty ChangeLog if no .git is available. When making dist from a git snapshot without repo available make dist would fail to find ChangeLog. Generate empty ChangeLog if no ChangeLog is already present and repo is not available. Reported by: Andrei Borzenkov 2015-01-24 Vladimir Serbinenko Makefile.am: Fix Changelog cutoff address. gitlog-to-changelog Doesn't generate entries for cutoff day, only for days after the cutoff date, adjust by one to compensate. efidisk: Return the determined root disk even if partition is unknown. util/grub-mkrescue.c: Always include part_msdos and part_gpt on EFI. When booted from stick, EFI would use GPT partition and our root device detection algortihm depends on GRUB's ability to see the same partitions. Hence include msdos and gpt partmap modules on EFI even when they're not needed to access root filesystem. conf/Makefile.common: Remove unused {LD,C}FLAGS_CPU. Autogenerate ChangeLog from git changelog. Old ChangeLog is moved to ChangeLog-2015. For all changes starting from this one ChangeLog will be generated from gitlog only on explicit make invocation and make dist. 2015-01-23 Vladimir Serbinenko * tests/file_filter/file: Really add missing file. 2015-01-23 Andrei Borzenkov Mention platform "none" in NEWS 2015-01-23 Andrey Borzenkov accept also hdX as alias to native Xen disk name To be compatible with legacy pv-grub, sort disks by increasing order of handle value. This allows reusing legacy pv-grub menu.lst which is using hdX names. Suggested-By: Michael Chang Closes: 44026