Daniel Kiper [Thu, 14 Mar 2019 18:45:17 +0000 (19:45 +0100)]
verifiers: PowerPC fallout cleanup
PowerPC fallout cleanup after commit 4d4a8c96e (verifiers: Add possibility
to verify kernel and modules command lines) and ca0a4f689 (verifiers: File
type for fine-grained signature-verification controlling).
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Colin Watson [Tue, 19 Mar 2019 10:26:18 +0000 (10:26 +0000)]
posix_wrap: Flesh out posix_wrap/limits.h a little more
In addition to what was already there, Gnulib's <intprops.h> needs SCHAR_MIN,
SCHAR_MAX, SHRT_MIN, INT_MIN, LONG_MIN, and LONG_MAX. Fixes build on CentOS 7.
Reported-by: "Chen, Farrah" <farrah.chen@intel.com> Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Mirror behaviour of ELF loader in libxc: first look for Xen notes in
PT_NOTE segment, then in SHT_NOTE section and only then fallback to
a section with __xen_guest name. This fixes loading PV kernels that
Xen note have outside of PT_NOTE. While this may be result of a buggy
linker script, loading such kernel directly works fine, so make it work
with GRUB too. Specifically, this applies to binaries built from Unikraft.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Colin Watson [Sat, 9 Mar 2019 14:37:17 +0000 (14:37 +0000)]
getroot: Save/restore CWD more reliably on Unix
Various GRUB utilities fail if the current directory doesn't exist,
because grub_find_device() chdirs to a different directory and then
fails when trying to chdir back. Gnulib's save-cwd module uses fchdir()
instead when it can, avoiding this category of problem.
Fixes Debian bug #918700.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Mostly for cosmetic reasons, we add a "net_dhcp" command, which is (at the
moment) identical to the existing "net_bootp" command. Both actually trigger
a DHCP handshake now, and both should be able to deal with pure BOOTP servers.
We could think about dropping the DHCP options from the initial DISCOVER packet
when the user issues the net_bootp command, but it's unclear whether this is
really useful, as both protocols should be able to coexist.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
net/dhcp: Actually send out DHCPv4 DISCOVER and REQUEST messages
Even though we were parsing some DHCP options sent by the server, so far
we are only using the BOOTP 2-way handshake, even when talking to a DHCP
server.
Change this by actually sending out DHCP DISCOVER packets instead of the
generic (mostly empty) BOOTP BOOTREQUEST packets.
A pure BOOTP server would ignore the extra DHCP options in the DISCOVER
packet and would just reply with a BOOTREPLY packet, which we also
handle in the code.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
net/dhcp: Allow receiving DHCP OFFER and ACK packets
In respone to a BOOTREQUEST packet a BOOTP server would answer with a BOOTREPLY
packet, which ends the conversation for good. DHCP uses a 4-way handshake,
where the initial server respone is an OFFER, which has to be answered with
REQUEST by the client again, only to be completed by an ACKNOWLEDGE packet
from the server.
Teach the grub_net_process_dhcp() function to deal with OFFER packets,
and treat ACK packets the same es BOOTREPLY packets.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The BOOTP RFC describes the boot file name and the server name as being part
of the integral BOOTP data structure, with some limits on the size of them.
DHCP extends this by allowing them to be separate DHCP options, which is more
flexible.
Teach the code dealing with those fields to check for those DHCP options first
and use this information, if provided. We fall back to using the BOOTP
information if those options are not used.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Currently we have a global timeout for all network cards in the BOOTP/DHCP
discovery process.
Make this timeout a per-interface one, so better accommodate the upcoming
4-way DHCP handshake and to also cover the lease time limit a DHCP offer
will come with.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
net/dhcp: Make grub_net_process_dhcp() take an interface
Change the interface of the function dealing with incoming BOOTP packets
to take an interface instead of a card, to allow more fine per-interface
state (timeout, handshake state) later on.
Use the opportunity to clean up the code a bit.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
net/dhcp: Replace parse_dhcp_vendor() with find_dhcp_option()
For proper DHCP support we will need to parse DHCP options from a packet
more often and at various places.
Refactor the option parsing into a new function, which will scan a packet to
find *a particular* option field. Use that new function in places where we
were dealing with DHCP options before.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The comment is right, the "giaddr" fields holds the IP address of the BOOTP
relay, not a general purpose router address. Just remove the commented code,
archeologists can find it in the git history.
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
In order to be able to read from and write to model-specific registers,
two new modules are added. They are i386 specific, as the cpuid module.
rdmsr module registers the command rdmsr that allows reading from a MSR.
wrmsr module registers the command wrmsr that allows writing to a MSR.
wrmsr module is disabled if UEFI secure boot is enabled.
Please note that on SMP systems, interacting with a MSR that has a scope
per hardware thread, implies that the value only applies to the
particular cpu/core/thread that ran the command.
Also, if you specify a reserved or unimplemented MSR address, it will
cause a general protection exception (which is not currently being
handled) and the system will reboot.
Signed-off-by: Jesús Diéguez Fernández <jesusdf@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Eric Snowberg [Tue, 5 Mar 2019 01:34:01 +0000 (17:34 -0800)]
sparc64: Add bios boot partition support
Add BIOS Boot Partition support for sparc64 platforms. This will work a
little different than x86. With GPT, both the OBP "load" and "boot" commands
are partition aware and neither command can see the partition table. Therefore
the entire boot-loader is stored within the BIOS Boot Partition and nothing
is stored within the bootstrap code area of MBR.
To use it, the end user will issue the boot command with the path pointing to
the BIOS Boot Partition.
Eric Snowberg [Tue, 5 Mar 2019 01:27:39 +0000 (17:27 -0800)]
ieee1275: obdisk driver
Add a new disk driver called obdisk for IEEE1275 platforms. Currently
the only platform using this disk driver is SPARC, however other IEEE1275
platforms could start using it if they so choose. While the functionality
within the current IEEE1275 ofdisk driver may be suitable for PPC and x86, it
presented too many problems on SPARC hardware.
Within the old ofdisk, there is not a way to determine the true canonical
name for the disk. Within Open Boot, the same disk can have multiple names
but all reference the same disk. For example the same disk can be referenced
by its SAS WWN, using this form:
It can also be referenced by its PHY identifier using this form:
/pci@302/pci@2/pci@0/pci@17/LSI,sas@0/disk@p0
It can also be referenced by its Target identifier using this form:
/pci@302/pci@2/pci@0/pci@17/LSI,sas@0/disk@0
Also, when the LUN=0, it is legal to omit the ,0 from the device name. So with
the disk above, before taking into account the device aliases, there are 6 ways
to reference the same disk.
Then it is possible to have 0 .. n device aliases all representing the same disk.
Within this new driver the true canonical name is determined using the the
IEEE1275 encode-unit and decode-unit commands when address_cells == 4. This
will determine the true single canonical name for the device so multiple ihandles
are not opened for the same device. This is what frequently happens with the old
ofdisk driver. With some devices when they are opened multiple times it causes
the entire system to hang.
Another problem solved with this driver is devices that do not have a device
alias can be booted and used within GRUB. Within the old ofdisk, this was not
possible, unless it was the original boot device. All devices behind a SAS
or SCSI parent can be found. Within the old ofdisk, finding these disks
relied on there being an alias defined. The alias requirement is not
necessary with this new driver. It can also find devices behind a parent
after they have been hot-plugged. This is something that is not possible
with the old ofdisk driver.
The old ofdisk driver also incorrectly assumes that the device pointing to by a
device alias is in its true canonical form. This assumption is never made with
this new driver.
Another issue solved with this driver is that it properly caches the ihandle
for all open devices. The old ofdisk tries to do this by caching the last
opened ihandle. However this does not work properly because the layer above
does not use a consistent device name for the same disk when calling into the
driver. This is because the upper layer uses the bootpath value returned within
/chosen, other times it uses the device alias, and other times it uses the
value within grub.cfg. It does not have a way to figure out that these devices
are the same disk. This is not a problem with this new driver.
Due to the way GRUB repeatedly opens and closes the same disk. Caching the
ihandle is important on SPARC. Without caching, some SAS devices can take
15 - 20 minutes to get to the GRUB menu. This ihandle caching is not possible
without correctly having the canonical disk name.
When available, this driver also tries to use the deblocker #blocks and
a way of determining the disk size.
Finally and probably most importantly, this new driver is also capable of
seeing all partitions on a GPT disk. With the old driver, the GPT
partition table can not be read and only the first partition on the disk
can be seen.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Paul Menzel [Thu, 7 Mar 2019 11:16:06 +0000 (12:16 +0100)]
Makefile: Allow to set file systems modules for default_payload.elf
By default all file system modules are added to the GRUB coreboot
payload `default_payload.elf`. This makes the image quite big,
especially as often not all modules are needed.
Introduce the variable `FS_PAYLOAD_MODULES`, which can be used to
explicitly set file systems modules to be added.
$ make default_payload.elf FS_PAYLOAD_MODULES="" # ext2 already in `--modules`
test -f default_payload.elf && rm default_payload.elf || true
pkgdatadir=. ./grub-mkstandalone --grub-mkimage=./grub-mkimage -O i386-coreboot -o default_payload.elf --modules='ahci pata ehci uhci ohci usb_keyboard usbms part_msdos ext2 fat at_keyboard part_gpt usbserial_usbdebug cbfs' --install-modules='ls linux search configfile normal cbtime cbls memrw iorw minicmd lsmmap lspci halt reboot hexdump pcidump regexp setpci lsacpi chain test serial multiboot cbmemc linux16 gzio echo help syslinuxcfg xnu password_pbkdf2 ' --fonts= --themes= --locales= -d grub-core/ /boot/grub/grub.cfg=./coreboot.cfg
$ ls -l default_payload.elf
-rw-rw---- 1 joey joey 832976 Mar 7 12:13 default_payload.elf
So, the resulting payload size is around 370 kB smaller. (Adding it to
the CBFS, it will be compressed, so the effective size difference will
be smaller.)
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
It's much easier to maintain GRUB's use of portability support files
from Gnulib when the process is automatic and driven by a single
configuration file, rather than by maintainers occasionally running
gnulib-tool and committing the result. Removing these
automatically-copied files from revision control also removes the
temptation to hack the output in ways that are difficult for future
maintainers to follow. Gnulib includes a "bootstrap" program which is
designed for this.
The canonical way to bootstrap GRUB from revision control is now
"./bootstrap", but "./autogen.sh" is still useful if you just want to
generate the GRUB-specific parts of the build system.
GRUB now requires Autoconf >= 2.63 and Automake >= 1.11, in line with
Gnulib.
Gnulib source code is now placed in grub-core/lib/gnulib/ (which should
not be edited directly), and GRUB's patches are in
grub-core/lib/gnulib-patches/. I've added a few notes to the developer
manual on how to maintain this.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Colin Watson [Wed, 27 Feb 2019 10:26:30 +0000 (10:26 +0000)]
syslinux: Fix syslinux_test in out-of-tree builds
syslinux_parse simplifies some filenames by removing things like ".."
segments, but the tests assumed that @abs_top_srcdir@ would be
untouched, which is not true in the case of out-of-tree builds where
@abs_top_srcdir@ may contain ".." segments.
Performing the substitution requires some awkwardness in Makefile.am due
to details of how config.status works.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Colin Watson [Wed, 27 Feb 2019 09:10:08 +0000 (09:10 +0000)]
util: Detect more I/O errors
Many of GRUB's utilities don't check anywhere near all the possible
write errors. For example, if grub-install runs out of space when
copying a file, it won't notice. There were missing checks for the
return values of write, fflush, fsync, and close (or the equivalents on
other OSes), all of which must be checked.
I tried to be consistent with the existing logging practices of the
various hostdisk implementations, but they weren't entirely consistent
to start with so I used my judgement. The result at least looks
reasonable on GNU/Linux when I provoke a write error:
Installing for x86_64-efi platform.
grub-install: error: cannot copy `/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed' to `/boot/efi/EFI/debian/grubx64.efi': No space left on device.
There are more missing checks in other utilities, but this should fix
the most critical ones.
Fixes Debian bug #922741.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Steve McIntyre <93sam@debian.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
James Clarke [Tue, 26 Feb 2019 18:40:14 +0000 (18:40 +0000)]
osdep/freebsd: Fix partition calculation for EBR entries
For EBR partitions, "start" is the relative starting sector of the EBR
header itself, whereas "offset" is the relative starting byte of the
partition's contents, excluding the EBR header and any padding. Thus we
must use "offset", and divide by the sector size to convert to sectors.
Fixes Debian bug #923253.
Signed-off-by: James Clarke <jrtc27@jrtc27.com> Reviewed-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Steve McIntyre [Thu, 21 Feb 2019 14:46:11 +0000 (14:46 +0000)]
grub-install: Check for arm-efi as a default target
Much like on x86, we can work out if the system is running on top of EFI
firmware. If so, return "arm-efi". If not, fall back to "arm-uboot" as
previously.
Split out the code to (maybe) load the efivar module and check for
/sys/firmware/efi into a common helper routine is_efi_system().
Signed-off-by: Steve McIntyre <93sam@debian.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Sat, 23 Feb 2019 15:22:19 +0000 (16:22 +0100)]
travis: Add Travis CI config file
There is a really convenient service for open source project from Travis
CI: They allow for free CI testing using their infrastructure.
GRUB has had issues with broken builds for various targets for a long time
already. The main reason is a lack of CI to just do smoke tests on whether
all targets still at least compile.
This patch adds a Travis config file which builds (almost) all currently
available targets.
On top of that, this Travis config also runs a small execution test on the
x86_64-efi target.
All of this config file can easily be extended further on. It probably
makes sense to do something similar to the u-boot test infrastructure
that communicates with the payload properly. Going forward, we also will
want to do more QEMU runtime checks for other targets.
Currently, with this config alone, I already see about half of the available
targets as broken. So it's definitely desperately needed :).
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Steve McIntyre [Mon, 11 Feb 2019 02:42:34 +0000 (02:42 +0000)]
grub-install: Check for arm-efi as a default target
Much like on x86, we can work out if the system is running on top
of EFI firmware. If so, return "arm-efi". If not, fall back to
"arm-uboot" as previously.
Heavily inspired by the existing code for x86.
Signed-off-by: Steve McIntyre <93sam@debian.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Leif Lindholm [Thu, 21 Feb 2019 10:15:08 +0000 (10:15 +0000)]
arm64/efi: Fix grub_efi_get_ram_base()
grub_efi_get_ram_base() looks for the lowest available RAM address by
traversing the memory map, comparing lowest address found so far.
Due to a brain glitch, that "so far" was initialized to GRUB_UINT_MAX -
completely preventing boot on systems without RAM below 4GB.
Change the initial value to GRUB_EFI_MAX_USABLE_ADDRESS, as originally
intended.
Reported-by: Steve McIntyre <93sam@debian.org> Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Tested-by: Steve McIntyre <93sam@debian.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Paul Menzel [Tue, 5 Feb 2019 16:29:13 +0000 (17:29 +0100)]
normal/menu: Do not treat error values as key presses
Some terminals, like `grub-core/term/at_keyboard.c`, return `-1` in case
they are not ready yet.
if (! KEYBOARD_ISREADY (grub_inb (KEYBOARD_REG_STATUS)))
return -1;
Currently, that is treated as a key press, and the menu time-out is
cancelled/cleared. This is unwanted, as the boot is stopped and the user
manually has to select a menu entry. Therefore, adapt the condition to
require the key value also to be greater than 0.
`GRUB_TERM_NO_KEY` is defined as 0, so the condition could be collapsed
to greater or equal than (≥) 0, but the compiler will probably do that
for us anyway, so keep the cases separate for clarity.
This is tested with coreboot, the GRUB default payload, and the
configuration file `grub.cfg` below.
For GRUB:
$ ./autogen.sh
$ ./configure --with-platform=coreboot
$ make -j`nproc`
$ make default_payload.elf
For coreboot:
$ more grub.cfg
serial --unit 0 --speed 115200
set timeout=5
menuentry 'halt' {
halt
}
$ build/cbfstool build/coreboot.rom add-payload \
-f /dev/shm/grub/default_payload.elf -n fallback/payload -c lzma
$ build/cbfstool build/coreboot.rom add -f grub.cfg -n etc/grub.cfg -t raw
$ qemu-system-x86_64 --version
QEMU emulator version 3.1.0 (Debian 1:3.1+dfsg-2+b1)
Copyright (c) 2003-2018 Fabrice Bellard and the QEMU Project developers
$ qemu-system-x86_64 -M pc -bios build/coreboot.rom -serial stdio -nic none
Currently, the time-out is cancelled/cleared. With the commit, it is not.
With a small GRUB payload, this the problem is also reproducible on the
ASRock E350M1.
Alexander Graf [Tue, 12 Feb 2019 10:31:08 +0000 (11:31 +0100)]
fdt: Treat device tree file type like ACPI
We now have signature check logic in grub which allows us to treat
files differently depending on their file type.
Treat a loaded device tree like an overlayed ACPI table.
Both describe hardware, so I suppose their threat level is the same.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:07 +0000 (11:31 +0100)]
RISC-V: Add to build system
This patch adds support for RISC-V to the grub build system. With this
patch, I can successfully build grub on RISC-V as a UEFI application.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:05 +0000 (11:31 +0100)]
RISC-V: Add auxiliary files
To support a new architecture we need to provide a few helper functions
for memory, cache, timer, etc support.
This patch adds the remainders of those. Some bits are still disabled,
as I couldn't guarantee that we're always running on models / in modes
where the respective hardware is available.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:04 +0000 (11:31 +0100)]
RISC-V: Add awareness for RISC-V reloations
This patch adds awareness of RISC-V relocations throughout the grub tools
as well as dynamic linkage and elf->PE relocation conversion support.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:03 +0000 (11:31 +0100)]
RISC-V: Add Linux load logic
We currently only support to run grub on RISC-V as UEFI payload. Ideally,
we also only want to support running Linux underneath as UEFI payload.
Prepare that with some Linux boot stub code. Once the arm64 target is
generalized, we can hook into that one and gain boot functionality.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:02 +0000 (11:31 +0100)]
RISC-V: Add early startup code
On entry, we need to save the system table pointer as well as our image
handle. Add an early startup file that saves them and then brings us
into our main function.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:01 +0000 (11:31 +0100)]
RISC-V: Add setjmp implementation
This patch adds a 32/64 capable setjmp implementation for RISC-V.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:31:00 +0000 (11:31 +0100)]
elf.h: Add RISC-V definitions
The RISC-V ABI document outlines ELF header structure and relocation
information. Pull the respective magic numbers into our elf header
so we can make use of them.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:30:59 +0000 (11:30 +0100)]
PE: Add RISC-V definitions
The PE format defines magic numbers as well as relocation identifiers for
RISC-V. Add them to our include file, so we can make use of them.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Tue, 12 Feb 2019 10:30:58 +0000 (11:30 +0100)]
efi: Rename armxx to arch
Some architectures want to boot Linux as plain UEFI binary. Today that
really only encompasses ARM and AArch64, but going forward more
architectures may adopt that model.
So rename our internal API accordingly.
Signed-off-by: Alexander Graf <agraf@suse.de> Acked-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Alexander Graf [Mon, 28 Jan 2019 13:35:29 +0000 (14:35 +0100)]
mkimage: Clarify file alignment in efi case
There are a few spots in the PE generation code for EFI binaries that uses
the section alignment rather than file alignment, even though the alignment
is really only file bound.
Replace those cases with the file alignment constant instead.
Reported-by: Daniel Kiper <dkiper@net-space.pl> Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Julien ROBIN <julien.robin28@free.fr>
Alexander Graf [Mon, 28 Jan 2019 13:35:28 +0000 (14:35 +0100)]
mkimage: Align efi sections on 4k boundary
There is UEFI firmware popping up in the wild now that implements stricter
permission checks using NX and write protect page table entry bits.
This means that firmware now may fail to load binaries if its individual
sections are not page aligned, as otherwise it can not ensure permission
boundaries.
So let's bump all efi section alignments up to 4k (EFI page size). That way
we will stay compatible going forward.
Unfortunately our internals can't deal very well with a mismatch of alignment
between the virtual and file offsets, so we have to also pad our target
binary a bit.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Julien ROBIN <julien.robin28@free.fr>
Leif Lindholm [Tue, 22 Jan 2019 16:59:41 +0000 (16:59 +0000)]
linux, efi, arm*, fdt: Break FDT extra allocation space out into a #define
A certain amount of dynamic space is required for the handover from
GRUB/Linux-EFI-stub. This entails things like initrd addresses,
address-cells entries and associated strings.
But move this into a proper centralised #define rather than live-code
it in the loader.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
uboot: Add the missing disk write operation support
uboot_disk_write() is currently lacking the write support
to storage devices because, historically, those devices did not
implement block_write() in U-Boot.
The solution has been tested using a patched U-Boot loading
and booting GRUB in a QEMU vexpress-a9 environment.
The disk write operations were triggered with GRUB's save_env
command.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Max Tottenham [Mon, 14 Jan 2019 14:03:29 +0000 (14:03 +0000)]
tpm: Fix bug in GRUB2 TPM module
The value of tpm_handle changes between successive calls to grub_tpm_handle_find(),
as instead of simply copying the stored pointer we end up taking the address of
said pointer when using the cached value of grub_tpm_handle.
This causes grub_efi_open_protocol() to return a nullptr in grub_tpm2_execute()
and grub_tpm2_log_event(). Said nullptr goes unchecked and
efi_call_5(tpm->hash_log_extend_event,...) ends up jumping to 0x0, Qemu crashes
once video ROM is reached at 0xb0000.
This patch seems to do the trick of fixing that bug, but we should also ensure
that all calls to grub_efi_open_protocol() are checked so that we don't start
executing low memory.
Signed-off-by: Max Tottenham <mtottenh@akamai.com> Reviewed-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Colin Watson [Wed, 9 Jan 2019 14:54:39 +0000 (14:54 +0000)]
pgp: Fix emu build and tests after pgp module renaming
Commit b07feb8746c3bb845e3f0d33d37c0bded704d14d (verifiers: Rename
verify module to pgp module) renamed the "verify" module to "pgp", but
the GRUB_MOD_INIT and GRUB_MOD_FINI macros were left as "verify", which
broke the emu target build; and file_filter_test still referred to the
now non-existent "verify" module. Fix both of these.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Peter Große [Sat, 8 Dec 2018 13:35:03 +0000 (14:35 +0100)]
grub-mkconfig/20_linux_xen: Support multiple early initrd images
Add support for multiple, shared, early initrd images. These early
images will be loaded in the order declared, and all will be loaded
before the initrd image.
While many classes of data can be provided by early images, the
immediate use case would be for distributions to provide CPU
microcode to mitigate the Meltdown and Spectre vulnerabilities.
Xen has also support to load microcode updates provided as additional
modules by the bootloader.
There are two environment variables provided for declaring the early
images.
* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
images that are provided by the distribution or installed packages.
If undeclared, this will default to a set of common microcode image
names.
* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
images will be loaded after the stock images.
These separate configurations allow the distribution and user to
declare different image sets without clobbering each other.
This also makes a minor update to ensure that UUID partition labels
stay disabled when no initrd image is found, even if early images are
present.
This is basically a copy of a698240d "grub-mkconfig/10_linux: Support
multiple early initrd images" by Matthew S. Turnbull.
Signed-off-by: Peter Große <pegro@friiks.de> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/loader/efi/fdt.c: Do not copy random memory
We should not try to copy any memory area which is outside of the original
fdt. If this extra memory is controlled by a hypervisor this might end
with a crash.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Matthew Garrett [Thu, 29 Nov 2018 19:28:09 +0000 (11:28 -0800)]
verifiers: Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI. In future we might
want to have some sort of mechanism for choosing which events get logged
to which PCRs, but this seems like a good default policy and we can wait
to see whether anyone has a use case before adding more complexity.
Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Matthew Garrett [Thu, 29 Nov 2018 19:28:08 +0000 (11:28 -0800)]
verifiers: Verify commands executed by grub
Pass all commands executed by GRUB to the verifiers layer. Most verifiers will
ignore this, but some (such as the TPM verifier) want to be able to measure and
log each command executed in order to ensure that the boot state is as expected.
Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Hans van Kranenburg <hans@knorrie.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:42 +0000 (13:11 +0100)]
xen: Init memory regions for PVH
Add all usable memory regions to grub memory management and add the
needed mmap iterate code, which will be used by grub core (e.g.
grub-core/lib/relocator.c or grub-core/mmap/mmap.c).
As we are running in 32-bit mode don't add memory above 4GB.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:41 +0000 (13:11 +0100)]
xen: Setup Xen specific data for PVH
Initialize the needed Xen specific data. This is:
- the Xen start of day page containing the console and Xenstore ring
page PFN and event channel
- the grant table
- the shared info page
Write back the possibly modified memory map to the hypervisor in case
the guest is reading it from there again.
Set the RSDP address for the guest from the start_info page passed
as boot parameter.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:39 +0000 (13:11 +0100)]
xen: Setup hypercall page for PVH
Add the needed code to setup the hypercall page for calling into the
Xen hypervisor.
Import the XEN_HVM_DEBUGCONS_IOPORT define from Xen unstable into
include/xen/arch-x86/xen.h
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:37 +0000 (13:11 +0100)]
xen: Add basic hooks for PVH in current code
Add the hooks to current code needed for Xen PVH. They will be filled
with code later when the related functionality is being added.
loader/i386/linux.c needs to include machine/kernel.h now as it needs
to get GRUB_KERNEL_USE_RSDP_ADDR from there. This in turn requires to
add an empty kernel.h header for some i386 platforms (efi, coreboot,
ieee1275, xen) and for x86_64 efi.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:34 +0000 (13:11 +0100)]
xen: Rearrange xen/init.c to prepare it for Xen PVH mode
Rearrange grub-core/kern/xen/init.c to prepare adding PVH mode support
to it. This includes putting some code under #ifdef GRUB_MACHINE_XEN
as it will not be used when running as PVH.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:33 +0000 (13:11 +0100)]
xen: Add some dummy headers for PVH mode
With Xen PVH mode adding a new machine type the machine related headers
need to be present for the build to succeed. Most of the headers just
need to include the related common i386 headers. Add those to the tree.
Note that xen_pvh/int.h needs to include pc/int_types.h instead of
pc/int.h in order to avoid the definition of grub_bios_interrupt().
xen_pvh/memory.h needs to include coreboot/memory.h (like some other
<machine>/memory.h do as well) as this contains just the needed stubs.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:32 +0000 (13:11 +0100)]
xen: Prepare common code for Xen PVH support
Some common code needs to be special cased for Xen PVH mode. This hits
mostly Xen PV mode specific areas.
Split include/grub/i386/pc/int_types.h off from
include/grub/i386/pc/int.h to support including this file later from
xen_pvh code without the grub_bios_interrupt definition.
Move definition of struct grub_e820_mmap_entry from
grub-core/mmap/i386/pc/mmap.c to include/grub/i386/memory.h in order
to make it usable from xen_pvh code.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Juergen Gross [Fri, 7 Dec 2018 12:11:29 +0000 (13:11 +0100)]
xen: Add some Xen headers
In order to support grub2 in Xen PVH environment some additional Xen
headers are needed as grub2 will be started in PVH mode requiring to
use several HVM hypercalls and structures.
Add the needed headers from Xen 4.10 being the first Xen version with
full (not only experimental) PVH guest support.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Tested-by: Hans van Kranenburg <hans@knorrie.org>
Nick Terrell [Mon, 19 Nov 2018 19:20:08 +0000 (11:20 -0800)]
btrfs: Add zstd support to grub btrfs
- Adds zstd support to the btrfs module.
- Adds a test case for btrfs zstd support.
- Changes top_srcdir to srcdir in the btrfs module's lzo include
following comments from Daniel Kiper about the zstd include.
Tested on Ubuntu-18.04 with a btrfs /boot partition with and without zstd
compression. A test case was also added to the test suite that fails before
the patch, and passes after.
Signed-off-by: Nick Terrell <terrelln@fb.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Nick Terrell [Mon, 19 Nov 2018 19:20:07 +0000 (11:20 -0800)]
zstd: Import upstream zstd-1.3.6
- Import zstd-1.3.6 from upstream
- Add zstd's module.c file
- Add the zstd module to Makefile.core.def
Import zstd-1.3.6 from upstream [1]. Only the files need for decompression
are imported. I used the latest zstd release, which includes patches [2] to
build cleanly in GRUB.
I included the script used to import zstd-1.3.6 below at the bottom of the
commit message.
Zstd requires some posix headers, which it gets from posix_wrap.
This can be checked by inspecting the .Po files generated by automake,
which contain the header dependencies. After building run the command
`cat grub-core/lib/zstd/.deps-core/*.Po` to see the dependencies [3].
The only OS dependencies are:
- stddef.h, which is already a dependency in posix_wrap, and used for size_t
by lzo and xz.
- stdarg.h, which comes from the grub/misc.h header, and we don't use in zstd.
All the types like uint64_t are typedefed to grub_uint64_t under the hood.
The only exception is size_t, which comes from stddef.h. This is already the
case for lzo and xz. I don't think there are any cross-compilation concerns,
because cross-compilers provide their own system headers (and it would already
be broken).
Michael Chang [Tue, 20 Nov 2018 11:15:37 +0000 (19:15 +0800)]
verifiers: fix double close on pgp's sig file descriptor
An error emerged as when I was testing the verifiers branch, so instead
of putting it in pgp prefix, the verifiers is used to reflect what the
patch is based on.
While running verify_detached, grub aborts with error.
alloc magic is broken at 0x7beea660: 0
Aborted. Press any key to exit.
The error is caused by sig file descriptor been closed twice, first time
in grub_verify_signature() to which it is passed as parameter. Second in
grub_cmd_verify_signature() or in whichever opens the sig file
descriptor. The second close is not consider as bug to me either, as in
common rule of what opens a file has to close it to avoid file
descriptor leakage.
After all the design of grub_verify_signature() makes it difficult to keep
a good trace on opened file descriptor from it's caller. Let's refine
the application interface to accept file path rather than descriptor, in
this way the caller doesn't have to care about closing the descriptor by
delegating it to grub_verify_signature() with full tracing to opened
file descriptor by itself.
Also making it clear that sig descriptor is not referenced in error
returning path of grub_verify_signature_init(), so it can be closed
directly by it's caller. This also makes delegating it to
grub_pubkey_close() infeasible to help in relieving file descriptor
leakage as it has to depend on uncertainty of ctxt fields in error
returning path.
Signed-off-by: Michael Chang <mchang@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Lee Jones [Tue, 20 Nov 2018 10:45:04 +0000 (10:45 +0000)]
arm64/xen: Fix too few arguments to function grub_create_loader_cmdline()
Without this fix, building xen_boot.c omits:
loader/arm64/xen_boot.c: In function ‘xen_boot_binary_load’:
loader/arm64/xen_boot.c:370:7: error: too few arguments to function ‘grub_create_loader_cmdline’
grub_create_loader_cmdline (argc - 1, argv + 1, binary->cmdline,
^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from loader/arm64/xen_boot.c:36:0:
../include/grub/lib/cmdline.h:29:12: note: declared here
grub_err_t grub_create_loader_cmdline (int argc, char *argv[], char *buf,
Signed-off-by: Lee Jones <lee.jones@linaro.org> Reviewed-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Leif Lindholm [Wed, 14 Nov 2018 19:29:19 +0000 (19:29 +0000)]
arm-uboot, ia64, sparc64: Fix up grub_file_open() calls
The verifiers framework changed the grub_file_open() interface, breaking all
non-x86 linux loaders. Add file types to the grub_file_open() calls to make
them build again.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The verifiers framework changed the API of grub_file_open(), but did not
fix up all users. Add the file type GRUB_FILE_TYPE_DEVICE_TREE_IMAGE
to the "devicetree" command handler call.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Leif Lindholm [Wed, 14 Nov 2018 19:29:16 +0000 (19:29 +0000)]
include/grub/file.h: Add device tree file type
The API change of grub_file_open() for adding verifiers did not include
a type for device tree blobs. Add GRUB_FILE_TYPE_DEVICE_TREE_IMAGE to
the grub_file_type enum.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Leif Lindholm [Wed, 14 Nov 2018 19:29:15 +0000 (19:29 +0000)]
include/grub/verify.h: Add include guard
verify.h was added without include guards. This means compiling anything
including both include/grub/verify.h and include/grub/lib/cmdline.h fails
(at least grub-core/loader/arm64/linux.c.
Add the necessary include guard.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Matthew Daley [Tue, 6 Nov 2018 22:44:08 +0000 (11:44 +1300)]
mkimage: Pad DTBs to target-specific pointer size
Device tree (DTB) lengths are being padded to a multiple of 4 bytes
rather than the target-specific pointer size. This causes objects
following OBJ_TYPE_DTB objects to be incorrectly parsed during GRUB
execution on arm64.
Fix by using ALIGN_ADDR(), not ALIGN_UP().
Signed-by-off: Matthew Daley <mattd@bugfuzz.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Colin Watson [Mon, 29 Oct 2018 12:33:37 +0000 (12:33 +0000)]
Cope with / being on a ZFS root dataset
If / is on the root dataset in a ZFS pool, then ${bootfs} will be set to
"/" (whereas if it is on a non-root dataset, there will be no trailing
slash). Passing "root=ZFS=${rpool}/" will fail to boot, but
"root=ZFS=${rpool}" works fine, so strip the trailing slash.
Fixes: https://savannah.gnu.org/bugs/?52746 Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Tested-by: Fejes József <jozsef.fejes@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Paul Menzel [Tue, 23 Oct 2018 13:00:13 +0000 (15:00 +0200)]
unix/platform: Initialize variable to fix grub-install on UEFI system
On a UEFI system, were no boot entry *grub* is present, currently,
`grub-install` fails with an error.
$ efibootmgr
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0001,0006,0003,0004,0005
Boot0001 Diskette Drive
Boot0003* USB Storage Device
Boot0004* CD/DVD/CD-RW Drive
Boot0005 Onboard NIC
Boot0006* WDC WD2500AAKX-75U6AA0
$ sudo grub-install /dev/sda
Installing for x86_64-efi platform.
grub-install: error: efibootmgr failed to register the boot entry: Unknown error 22020.
The error code is always different, and the error message (incorrectly)
points to efibootmgr.
But, the error is in GRUB’s function
`grub_install_remove_efi_entries_by_distributor()`, where the variable
`rc` for the return value, is uninitialized and never set, when no boot
entry for the distributor is found.
The content of that uninitialized variable is then returned as the error
code of efibootmgr.
Set the variable to 0, so that success is returned, when no entry needs
to be deleted.
Tested on Dell OptiPlex 7010 with firmware A28.
$ sudo ./grub-install /dev/sda
Installing for x86_64-efi platform.
Installation finished. No error reported.
Daniel Kiper [Fri, 3 Aug 2018 11:25:44 +0000 (13:25 +0200)]
efi: Add EFI shim lock verifier
This module provides shim lock verification for various kernels
if UEFI secure boot is enabled on a machine.
It is recommended to put this module into GRUB2 standalone image
(avoid putting iorw and memrw modules into it; they are disallowed
if UEFI secure boot is enabled). However, it is also possible to use
it as a normal module. Though such configurations are more fragile
and less secure due to various limitations.
If the module is loaded and UEFI secure boot is enabled then:
- module itself cannot be unloaded (persistent module),
- the iorw and memrw modules cannot be loaded,
- if the iorw and memrw modules are loaded then
machine boot is disabled,
- GRUB2 defers modules and ACPI tables verification to
other verifiers.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Daniel Kiper [Tue, 2 Oct 2018 16:49:26 +0000 (18:49 +0200)]
dl: Add support for persistent modules
This type of modules cannot be unloaded. This is useful if a given
functionality, e.g. UEFI secure boot shim signature verification, should
not be disabled if it was enabled at some point in time. Somebody may
say that we can use standalone GRUB2 here. That is true. However, the
code is not so big nor complicated hence it make sense to support
modularized configs too.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Daniel Kiper [Wed, 26 Sep 2018 11:17:52 +0000 (13:17 +0200)]
verifiers: Add possibility to defer verification to other verifiers
This way if a verifier requires verification of a given file it can defer task
to another verifier (another authority) if it is not able to do it itself. E.g.
shim_lock verifier, posted as a subsequent patch, is able to verify only PE
files. This means that it is not able to verify any of GRUB2 modules which have
to be trusted on UEFI systems with secure boot enabled. So, it can defer
verification to other verifier, e.g. PGP one.
I silently assume that other verifiers are trusted and will do good job for us.
Or at least they will not do any harm.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
verifiers: Add possibility to verify kernel and modules command lines
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Verifiers framework provides core file verification functionality which
can be used by various security mechanisms, e.g., UEFI secure boot, TPM,
PGP signature verification, etc.
The patch contains PGP code changes and probably they should be extracted
to separate patch for the sake of clarity.
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
projects / grub2.git / log