efi: Add grub_efi_get_ram_base() function for arm64
Since ARM platforms do not have a common memory map, add a helper
function that finds the lowest address region with the EFI_MEMORY_WB
attribute set in the UEFI memory map.
Required for the arm64 efi linux loader to restrict the initrd
location to where it will be accessible by the kernel at runtime.
Leif Lindholm [Thu, 1 Feb 2018 18:18:56 +0000 (18:18 +0000)]
arm: make linux.h safe to include for non-native builds
<grub/machine/loader.h> (for machine arm/efi) and
<grub/machine/kernel.h> (for machine arm/coreboot) will not always
resolve (and will likely not be valid to) if pulled in when building
non-native commands, such as host tools or the "file" command.
So explicitly include them with their expanded pathnames.
Leif Lindholm [Thu, 1 Feb 2018 18:18:50 +0000 (18:18 +0000)]
Make arch-specific linux.h include guards architecture unique
Replace uses of GRUB_LINUX_MACHINE_HEADER and GRUB_LINUX_CPU_HEADER
with GRUB_<arch>_LINUX_HEADER include guards to prevent issues when
including more than one of them.
Leif Lindholm [Thu, 3 Aug 2017 10:04:32 +0000 (11:04 +0100)]
efi: change heap allocation type to GRUB_EFI_LOADER_CODE
With upcoming changes to EDK2, allocations of type EFI_LOADER_DATA may
not return regions with execute ability. Since modules are loaded onto
the heap, change the heap allocation type to GRUB_EFI_LOADER_CODE in
order to permit execution on systems with this feature enabled.
Leif Lindholm [Thu, 3 Aug 2017 10:04:24 +0000 (11:04 +0100)]
efi: move fdt helper library
There is nothing ARM64 (or even ARM) specific about the efi fdt helper
library, which is used for locating or overriding a firmware-provided
devicetree in a UEFI system - so move it to loader/efi for reuse.
Move the fdtload.h include file to grub/efi and update path to
efi/fdtload.h in source code referring to it.
Leif Lindholm [Thu, 3 Aug 2017 10:04:23 +0000 (11:04 +0100)]
efi: refactor grub_efi_allocate_pages
Expose a new function, grub_efi_allocate_pages_real(), making it possible
to specify allocation type and memory type as supported by the UEFI
AllocatePages boot service.
Make grub_efi_allocate_pages() a consumer of the new function,
maintaining its old functionality.
Also delete some left-around #if 1/#else blocks in the affected
functions.
Colin Watson [Mon, 29 Oct 2018 12:24:41 +0000 (12:24 +0000)]
Cope with / being on a ZFS root dataset
If / is on the root dataset in a ZFS pool, then ${bootfs} will be set to
"/" (whereas if it is on a non-root dataset, there will be no trailing
slash). Passing "root=ZFS=${rpool}/" will fail to boot, but
"root=ZFS=${rpool}" works fine, so strip the trailing slash.
Fixes: https://savannah.gnu.org/bugs/?52746 Tested-by: Fejes József <jozsef.fejes@gmail.com> Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
Bug: https://savannah.gnu.org/bugs/?52746
Bug-Debian: https://bugs.debian.org/886178
Last-Update: 2018-10-29
The EFI Graphics Output Protocol can return a 64-bit
linear frame buffer address in some firmware/BIOS
implementations. We currently only store the lower
32-bits in the lfb_base. This will eventually be
passed to Linux kernel and the efifb driver will
incorrectly interpret the framebuffer address as
32-bit address.
The Linux kernel has already added support to handle
64-bit linear framebuffer address in the efifb driver
since quite some time now.
This patch adds the support for 64-bit linear frame
buffer address in GRUB to address the above mentioned
scenario.
x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for
32-bit PC-relative branches. Grub2 should treat R_X86_64_PLT32 as
R_X86_64_PC32.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Origin: upstream, https://git.savannah.gnu.org/cgit/grub.git/commit/?id=842c390469e2c2e10b5aa36700324cd3bde25875
Last-Update: 2018-07-30
Luca Boccassi [Tue, 15 May 2018 10:36:46 +0000 (11:36 +0100)]
Add patch to fix lockdown mode
Description: do not overwrite sentinel byte in boot_params, breaks lockdown
grub currently copies the entire boot_params, which includes setting sentinel
byte to 0xff, which triggers sanitize_boot_params in the kernel which in
turn clears various boot_params variables, including the indication that
the booloader chain is verified and thus the kernel disables lockdown mode.
According to the information on the Fedora bug tracker, only the information
from byte 0x1f1 is necessary, so start copying from there instead.
Author: Luca Boccassi <bluca@debian.org>
Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1418360
Forwarded: no
Patch-Name: fix_lockdown.patch
Linn Crosetto [Tue, 5 Apr 2016 17:49:05 +0000 (11:49 -0600)]
Disallow unsigned kernels if UEFI Secure Boot is enabled
If UEFI Secure Boot is enabled and kernel signature verification fails, do not
boot the kernel. Before this change, if kernel signature verification failed
then GRUB would fall back to calling ExitBootServices() and continuing the
boot.
Patch-Name: linuxefi_disable_sb_fallback.patch
Signed-off-by: Linn Crosetto <linn@hpe.com>
Gbp-Pq: Name linuxefi_disable_sb_fallback.patch
Use grub-file to figure out whether multiboot2 should be used for Xen.gz
The multiboot2 is much more preferable than multiboot. Especiall
if booting under EFI where multiboot does not have the functionality
to pass ImageHandler.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Origin: backport, https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b4d709b6ee789cdaf3fa7a80fd90c721a16f48c2
Bug-Debian: https://bugs.debian.org/898947
Last-Update: 2018-06-16
Colin Watson [Tue, 30 Jan 2018 21:54:17 +0000 (21:54 +0000)]
build: Use pkg-config to find FreeType
pkg-config is apparently preferred over freetype-config these days (see
the BUGS section of freetype-config(1)). pkg-config support was added
to FreeType in version 2.1.5, which was released in 2003, so it should
comfortably be available everywhere by now.
We no longer need to explicitly substitute FREETYPE_CFLAGS and
FREETYPE_LIBS, since PKG_CHECK_MODULES does that automatically.
David E. Box [Fri, 15 Sep 2017 22:37:05 +0000 (15:37 -0700)]
tsc: Change default tsc calibration method to pmtimer on EFI systems
On efi systems, make pmtimer based tsc calibration the default over the
pit. This prevents Grub from hanging on Intel SoC systems that power gate
the pit.
Signed-off-by: David E. Box <david.e.box@linux.intel.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Origin: upstream, https://git.savannah.gnu.org/cgit/grub.git/commit/?id=446794de8da4329ea532cbee4ca877bcafd0e534
Bug-Debian: https://bugs.debian.org/883193
Last-Update: 2017-12-01
Eric Biggers [Thu, 29 Jun 2017 13:27:49 +0000 (13:27 +0000)]
Allow GRUB to mount ext2/3/4 filesystems that have the encryption feature.
On such a filesystem, inodes may have EXT4_ENCRYPT_FLAG set.
For a regular file, this means its contents are encrypted; for a
directory, this means the filenames in its directory entries are
encrypted; and for a symlink, this means its target is encrypted. Since
GRUB cannot decrypt encrypted contents or filenames, just issue an error
if it would need to do so. This is sufficient to allow unencrypted boot
files to co-exist with encrypted files elsewhere on the filesystem.
(Note that encrypted regular files and symlinks will not normally be
encountered outside an encrypted directory; however, it's possible via
hard links, so they still need to be handled.)
Tested by booting from an ext4 /boot partition on which I had run
'tune2fs -O encrypt'. I also verified that the expected error messages
are printed when trying to access encrypted directories, files, and
symlinks from the GRUB command line. Also ran 'sudo ./grub-fs-tester
ext4_encrypt'; note that this requires e2fsprogs v1.43+ and Linux v4.1+.
Steve McIntyre [Mon, 30 Jan 2017 19:04:51 +0000 (19:04 +0000)]
Make grub-install check for errors from efibootmgr
Code is currently ignoring errors from efibootmgr, giving users
clearly bogus output like:
Setting up grub-efi-amd64 (2.02~beta3-4) ...
Installing for x86_64-efi platform.
Could not delete variable: No space left on device
Could not prepare Boot variable: No space left on device
Installation finished. No error reported.
and then potentially unbootable systems. If efibootmgr fails,
grub-install should know that and report it!
Signed-off-by: Steve McIntyre <93sam@debian.org>
Bug-Debian: https://bugs.debian.org/853234
Forwarded: https://lists.gnu.org/archive/html/grub-devel/2017-01/msg00107.html
Michael Chang [Thu, 27 Oct 2016 21:43:21 +0000 (17:43 -0400)]
efinet: Setting DNS server from UEFI protocol
In the URI device path node, any name rahter than address can be used for
looking up the resources so that DNS service become needed to get answer of the
name's address. Unfortunately the DNS is not defined in any of the device path
nodes so that we use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL
to obtain it.
These two protcols are defined the sections of UEFI specification.
include/grub/efi/api.h:
Add new structure and protocol UUID of EFI_IP4_CONFIG2_PROTOCOL and
EFI_IP6_CONFIG_PROTOCOL.
grub-core/net/drivers/efi/efinet.c:
Use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain the list
of DNS server address for IPv4 and IPv6 respectively. The address of DNS
servers is structured into DHCPACK packet and feed into the same DHCP packet
processing functions to ensure the network interface is setting up the same way
it used to be.
Signed-off-by: Michael Chang <mchang@suse.com> Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet_set_dns_from_uefi_proto.patch
Michael Chang [Thu, 27 Oct 2016 21:43:05 +0000 (17:43 -0400)]
efinet: Setting network from UEFI device path
The PXE Base Code protocol used to obtain cached PXE DHCPACK packet is no
longer provided for HTTP Boot. Instead, we have to get the HTTP boot
information from the device path nodes defined in following UEFI Specification
sections.
include/grub/efi/api.h:
Add new structure of Uniform Resource Identifiers (URI) Device Path
grub-core/net/drivers/efi/efinet.c:
Check if PXE Base Code is available, if not it will try to obtain the netboot
information from the device path where the image booted from. The DHCPACK
packet is recoverd from the information in device patch and feed into the same
DHCP packet processing functions to ensure the network interface is setting up
the same way it used to be.
Signed-off-by: Michael Chang <mchang@suse.com> Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet_set_network_from_uefi_devpath.patch
Gbp-Pq: Name efinet_set_network_from_uefi_devpath.patch
Michael Chang [Thu, 27 Oct 2016 21:42:19 +0000 (17:42 -0400)]
bootp: Add processing DHCPACK packet from HTTP Boot
The vendor class identifier with the string "HTTPClient" is used to denote the
packet as responding to HTTP boot request. In DHCP4 config, the filename for
HTTP boot is the URL of the boot file while for PXE boot it is the path to the
boot file. As a consequence, the next-server becomes obseleted because the HTTP
URL already contains the server address for the boot file. For DHCP6 config,
there's no difference definition in existing config as dhcp6.bootfile-url can
be used to specify URL for both HTTP and PXE boot file.
This patch adds processing for "HTTPClient" vendor class identifier in DHCPACK
packet by treating it as HTTP format, not as the PXE format.
Signed-off-by: Michael Chang <mchang@suse.com> Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: bootp_process_dhcpack_http_boot.patch
Gbp-Pq: Name bootp_process_dhcpack_http_boot.patch
Michael Chang [Thu, 27 Oct 2016 21:41:21 +0000 (17:41 -0400)]
efinet: UEFI IPv6 PXE support
When grub2 image is booted from UEFI IPv6 PXE, the DHCPv6 Reply packet is
cached in firmware buffer which can be obtained by PXE Base Code protocol. The
network interface can be setup through the parameters in that obtained packet.
Signed-off-by: Michael Chang <mchang@suse.com> Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet_uefi_ipv6_pxe_support.patch
Aaron Miller [Thu, 27 Oct 2016 21:39:49 +0000 (17:39 -0400)]
net: read bracketed ipv6 addrs and port numbers
Allow specifying port numbers for http and tftp paths, and allow ipv6 addresses
to be recognized with brackets around them, which is required to specify a port
number
Aaron Miller [Thu, 27 Oct 2016 21:33:07 +0000 (17:33 -0400)]
misc: fix invalid character recongition in strto*l
Would previously allow digits larger than the base and didn't check that
subtracting the difference from 0-9 to lowercase letters for characters
larger than 9 didn't result in a value lower than 9, which allowed the
parses: ` = 9, _ = 8, ^ = 7, ] = 6, \ = 5, and [ = 4
Chad MILLER [Thu, 27 Oct 2016 21:15:07 +0000 (17:15 -0400)]
Tell zpool to emit full device names
zfs-initramfs currently provides extraneous, undesired symlinks to
devices directly underneath /dev/ to satisfy zpool's historical output
of unqualified device names. By including this environment variable to
signal our intent to zpool, zfs-linux packages can drop the symlink
behavior when updating to its upstream or backported output behavior.
Colin Watson [Sun, 18 Sep 2016 16:26:00 +0000 (17:26 +0100)]
syslinux_test: Fix out-of-tree build handling
When doing out-of-tree builds, abs_top_srcdir may well contain ".."
segments, and grub-syslinux2cfg canonicalises its --root argument. As a
result, the expansion of @abs_top_srcdir@ may not match what
grub-syslinux2cfg produces.
It's somewhat difficult to portably canonicalize a path in shell, and
autoconf/automake don't offer any support for this. But there's a much
simpler option: copy the test data to a temporary directory and make
substitutions in the expected output file based on that.
Steve McIntyre [Wed, 3 Dec 2014 01:25:12 +0000 (01:25 +0000)]
Add support for forcing EFI installation to the removable media path
Add an extra option to grub-install "--force-extra-removable". On EFI
platforms, this will cause an extra copy of the grub-efi image to be
written to the appropriate removable media patch
/boot/efi/EFI/BOOT/BOOT$ARCH.EFI as well. This will help with broken
UEFI implementations where the firmware does not work when configured
with new boot paths.
Signed-off-by: Steve McIntyre <93sam@debian.org>
Bug-Debian: https://bugs.debian.org/767037 https://bugs.debian.org/773092
Forwarded: Not yet
Last-Update: 2014-12-20
Ian Campbell [Sun, 30 Nov 2014 12:12:52 +0000 (12:12 +0000)]
Arrange to insmod xzio and lzopio when booting a kernel as a Xen guest
This is needed in case the Linux kernel is compiled with CONFIG_KERNEL_XZ or
CONFIG_KERNEL_LZO rather than CONFIG_KERNEL_GZ (gzio is already loaded by
grub.cfg today).
Signed-off-by: Ian Campbell <ijc@debian.org>
Bug-Debian: https://bugs.debian.org/755256
Forwarded: http://lists.gnu.org/archive/html/grub-devel/2014-11/msg00091.html
Last-Update: 2014-11-30
Ian Campbell [Sat, 6 Sep 2014 11:20:12 +0000 (12:20 +0100)]
grub-install: Install PV Xen binaries into the upstream specified path
Upstream have defined a specification for where guests ought to place their
xenpv grub binaries in order to facilitate chainloading from a stage 1 grub
loaded from dom0.
VSX bit is enabled by default for Power7 and Power8 CPU models,
so we need to disable them in order to avoid instruction exceptions.
Kernel will activate it when necessary.
Colin Watson [Tue, 28 Jan 2014 14:40:02 +0000 (14:40 +0000)]
Port yaboot logic for various powerpc machine types
Some powerpc machines require not updating the NVRAM. This can be handled
by existing grub-install command-line options, but it's friendlier to detect
this automatically.
On chrp_ibm machines, use the nvram utility rather than nvsetenv. (This
is possibly suitable for other machines too, but that needs to be
verified.)
Evan Broder [Mon, 13 Jan 2014 12:13:29 +0000 (12:13 +0000)]
Add configure option to enable gfxpayload=keep dynamically
Set GRUB_GFXPAYLOAD_LINUX=keep unless it's known to be unsupported on
the current hardware. See
https://blueprints.launchpad.net/ubuntu/+spec/packageselection-foundations-n-grub2-boot-framebuffer.
Author: Colin Watson <cjwatson@ubuntu.com>
Forwarded: no
Last-Update: 2013-12-25
Colin Watson [Mon, 13 Jan 2014 12:13:28 +0000 (12:13 +0000)]
Add configure option to bypass boot menu if possible
If other operating systems are installed, then automatically unhide the
menu. Otherwise, if GRUB_HIDDEN_TIMEOUT is 0, then use keystatus if
available to check whether Shift is pressed. If it is, show the menu,
otherwise boot immediately. If keystatus is not available, then fall
back to a short delay interruptible with Escape.
This may or may not remain Ubuntu-specific, although it's not obviously
wanted upstream. It implements a requirement of
https://wiki.ubuntu.com/DesktopExperienceTeam/KarmicBootExperienceDesignSpec#Bootloader.
If the previous boot failed (defined as failing to get to the end of one
of the normal runlevels), then show the boot menu regardless.
Author: Richard Laager <rlaager@wiktel.com>
Author: Robie Basak <robie.basak@ubuntu.com>
Forwarded: no
Last-Update: 2015-09-04
Colin Watson [Mon, 13 Jan 2014 12:13:27 +0000 (12:13 +0000)]
Cope with Kubuntu setting GRUB_DISTRIBUTOR
This is not a very good approach, and certainly not sanely upstreamable;
we probably need to split GRUB_DISTRIBUTOR into a couple of different
variables.
Colin Watson [Mon, 13 Jan 2014 12:13:26 +0000 (12:13 +0000)]
Add configure option to reduce visual clutter at boot time
If this option is enabled, then do all of the following:
Don't display introductory message about line editing unless we're
actually offering a shell prompt. (This is believed to be a workaround
for a different bug. We'll go with this for now, but will drop this in
favour of a better fix upstream if somebody figures out what that is.)
Don't clear the screen just before booting if we never drew the menu in
the first place.
Remove verbose messages printed before reading configuration. In some
ways this is awkward because it makes debugging harder, but it's a
requirement for a smooth-looking boot process; we may be able to do
better in future. Upstream doesn't want this, though.
Disable the cursor as well, for similar reasons of tidiness.
Suppress kernel/initrd progress messages, except in recovery mode.
Suppress "GRUB loading" message unless Shift is held down. Upstream
doesn't want this, as it makes debugging harder. Ubuntu wants it to
provide a cleaner boot experience.
Colin Watson [Mon, 13 Jan 2014 12:13:24 +0000 (12:13 +0000)]
Skip Windows os-prober entries on Wubi systems
Since we're already being booted from the Windows boot loader, including
entries that take us back to it mostly just causes confusion, and stops
us from being able to hide the menu if there are no other OSes
installed.
Colin Watson [Mon, 13 Jan 2014 12:13:23 +0000 (12:13 +0000)]
Allow Shift to interrupt 'sleep --interruptible'
Upstream would like to consider this at more length. See
http://lists.gnu.org/archive/html/grub-devel/2009-08/msg00718.html, and
the rest of the thread for context.
Colin Watson [Mon, 13 Jan 2014 12:13:06 +0000 (12:13 +0000)]
"single" -> "recovery" when friendly-recovery is installed
If configured with --enable-ubuntu-recovery, also set nomodeset for
recovery mode, and disable 'set gfxpayload=keep' even if the system
normally supports it. See
https://launchpad.net/ubuntu/+spec/desktop-o-xorg-tools-and-processes.
Author: Stéphane Graber <stgraber@ubuntu.com>
Forwarded: no
Last-Update: 2013-12-25
Colin Watson [Mon, 13 Jan 2014 12:13:05 +0000 (12:13 +0000)]
Fall back to i386-pc if booted using EFI but -efi is missing
It may be possible, particularly in recovery situations, to be booted
using EFI on x86 when only the i386-pc target is installed. There's
nothing actually stopping us installing i386-pc from an EFI environment,
and it's better than returning a confusing error.
Colin Watson [Mon, 13 Jan 2014 12:13:03 +0000 (12:13 +0000)]
Bail out if trying to run grub-mkconfig during upgrade to 2.00
Since files in /etc/grub.d/ are conffiles, they are not put in place
until grub-common is configured, meaning that they may be out of sync
with the parts of grub-mkconfig that reside in /usr/. In GRUB 1.99,
/etc/grub.d/00_header contained a reference to ${GRUB_PREFIX}/video.lst.
This and other code from 1.99 breaks with 2.00's grub-mkconfig.
Deferring this to when grub-PLATFORM.postinst eventually runs is safe
and avoids this problem.
Colin Watson [Mon, 13 Jan 2014 12:13:01 +0000 (12:13 +0000)]
Restore grub-mkdevicemap
This is kind of a mess, requiring lots of OS-specific code to iterate
over all possible devices. However, we use it in a number of scripts to
discover devices and reimplementing those in terms of something else
would be very complicated.
Author: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Forwarded: no
Last-Update: 2018-03-16
Colin Watson [Mon, 13 Jan 2014 12:13:00 +0000 (12:13 +0000)]
Handle filesystems loop-mounted on file images
Improve prepare_grub_to_access_device to emit appropriate commands for
such filesystems, and ignore them in Linux grub.d scripts.
This is needed for Ubuntu's Wubi installation method.
This patch isn't inherently Debian/Ubuntu-specific. losetup and
/proc/mounts are Linux-specific, though, so we might need to refine this
before sending it upstream. The changes to the Linux grub.d scripts
might be better handled by integrating 10_lupin properly instead.
Colin Watson [Mon, 13 Jan 2014 12:12:57 +0000 (12:12 +0000)]
Disable gfxpayload=keep by default
Setting gfxpayload=keep has been known to cause efifb to be
inappropriately enabled. In any case, with the current Linux kernel the
result of this option is that early kernelspace will be unable to print
anything to the console, so (for example) if boot fails and you end up
dumped to an initramfs prompt, you won't be able to see anything on the
screen. As such it shouldn't be enabled by default in Debian, no matter
what kernel options are enabled.
gfxpayload=keep is a good idea but rather ahead of its time ...
Bug-Debian: http://bugs.debian.org/567245
Forwarded: no
Last-Update: 2013-12-25
Colin Watson [Fri, 16 Feb 2018 11:02:19 +0000 (11:02 +0000)]
Import replacement CRC operations from libgcrypt
Mostly backported from
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=06e122baa3321483a47bbf82fd2a4540becfa0c9,
but importing bufhelp.h from libgcrypt 1.7.0 as well. We can drop this
once GRUB updates to a newer import of libgcrypt.
The new implementation is not encumbered by the restrictive Internet
Society licence on RFCs.
Steve McIntyre [Tue, 25 Jun 2019 09:11:12 +0000 (10:11 +0100)]
grub2 (2.02+dfsg1-20) unstable; urgency=medium
[ Steve McIntyre ]
* Make all the signed EFI arches have a Recommends: from
grub-efi-ARCH-signed to shim-signed, not just amd64. Closes: #931038
* Add myself to Uploaders