grub:master

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

386b59d... by Forest on 2024-05-07

disk/cryptodisk: Allow user to retry failed passphrase

Give the user a chance to re-enter their cryptodisk passphrase after a typo,
rather than immediately failing (and likely dumping them into a GRUB shell).

By default, we allow 3 tries before giving up. A value in the
cryptodisk_passphrase_tries environment variable will override this default.

The user can give up early by entering an empty passphrase, just as they
could before this patch.

Signed-off-by: Forest <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

99b4c0c... by Lidong Chen <email address hidden> on 2024-04-29

disk/mdraid1x_linux: Prevent infinite recursion

The test corpus for version-1 RAID generated an infinite recursion
in grub_partition_iterate() while attempting to read the superblock.
The reason for the issue was that the data region overlapped with
the superblock.

The infinite call loop looks like this:
  grub_partition_iterate() -> partmap->iterate() ->
    -> grub_disk_read() -> grub_disk_read_small() ->
    -> grub_disk_read_small_real() -> grub_diskfilter_read() ->
    -> read_lv() -> read_segment() -> grub_diskfilter_read_node() ->
    -> grub_disk_read() -> grub_disk_read_small() -> ...

The fix adds checks for both the superblock region and the data
region when parsing the superblock metadata in grub_mdraid_detect().

Signed-off-by: Lidong Chen <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

b272ed2... by Ard Biesheuvel <email address hidden> on 2024-04-27

efi: Fix stack protector issues

The "ground truth" stack protector cookie value is kept in a global
variable, and loaded in every function prologue and epilogue to store
it into resp. compare it with the stack slot holding the cookie.

If the comparison fails, the program aborts, and this might occur
spuriously when the global variable changes values between the entry and
exit of a function. This implies that assigning the global variable at
boot should not involve any instrumented function calls, unless special
care is taken to ensure that the live call stack is synchronized, which
is non-trivial.

So avoid any function calls, including grub_memcpy(), which is
unnecessary given that the stack cookie is always a suitably aligned
variable of the native word size.

While at it, leave the last byte 0x0 to avoid inadvertent unbounded
strings on the stack.

Note that the use of __attribute__((optimize)) is described as
unsuitable for production use in the GCC documentation, so let's drop
this as well now that it is no longer needed.

Signed-off-by: Ard Biesheuvel <email address hidden>
Signed-off-by: Glenn Washburn <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

6744840... by Oliver Steffen <email address hidden> on 2024-02-22

build: Track explicit module dependencies in Makefile.core.def

Add a new keyword, "depends", to the module definition syntax
used in Makefile.core.def. This allows specifying explicit module
dependencies together with the module definition.

Do not track the "extra_deps.lst" file in the repository anymore,
it is now auto-generated.

Make use of this new keyword in the bli module definition.

Signed-off-by: Oliver Steffen <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

8719cc2... by Daniel Kiper <email address hidden> on 2024-04-09

windows: Add _stack_chk_guard/_stack_chk_fail symbols for Windows 64-bit target

Otherwise the GRUB cannot start due to missing symbols when stack
protector is enabled on EFI platforms.

Signed-off-by: Daniel Kiper <email address hidden>
Reviewed-by: Vladimir Serbinenko <email address hidden>

0876fdf... by Gary Lin <email address hidden> on 2024-03-25

util/bash-completion: Fix for bash-completion 2.12

_split_longopt() was the bash-completion private API and removed since
bash-completion 2.12. This commit initializes the bash-completion
general variables with _init_completion() to avoid the potential
"command not found" error.

Although bash-completion 2.12 introduces _comp_initialize() to deprecate
_init_completion(), _init_completion() is still chosen for the better
backward compatibility.

Signed-off-by: Gary Lin <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

28c4405... by phcoder on 2024-03-15

util/grub-fstest: Add a new command zfs-bootfs

It is useful to check zfs-bootfs command.

Signed-off-by: Vladimir Serbinenko <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

52e039e... by phcoder on 2024-03-15

efi: Enable CMOS on x86 EFI platforms

The CMOS actually exists on most EFI platforms and in some cases is used to
store useful data that makes it justifiable for GRUB to read/write it.

As for date and time keep using EFI API and not CMOS one.

Signed-off-by: Vladimir Serbinenko <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

aa80270... by phcoder on 2024-03-15

acpi: Mark MADT entries as packed

No alignment is guaranteed and in fact on my IA-64 SAPIC is aligned
to 4 bytes instead of 8 and causes a trap. It affects only rarely used
lsacpi command and so went unnoticed.

Signed-off-by: Vladimir Serbinenko <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

39c927d... by Michael Chang <email address hidden> on 2024-02-19

gfxmenu/view: Resolve false grub_errno disrupting boot process

When enabling gfxmenu and choosing to boot the Xen hypervisor from its
menu, an error occurred:

  error: ../../grub-core/video/bitmap_scale.c:42:null src bitmap in grub_video_create_scaled.

The error is returned by grub_video_bitmap_create_scaled() when the
source pixmap is not there. The init_background() uses it to scale up
the background image so it can fully fit into the screen resolution.

However not all backgrounds are set by a image, i.e. the "desktop-image"
property of the theme file. Instead a color code may be used, for
example OpenSUSE's green background uses "desktop-color" property:

  desktop-color: "#0D202F"

So it is absolutely fine to call init_background() without a raw pixmap
if color code is used. A missing check has to be added to ensure the
grub_errno will not be erroneously set and gets in the way of ensuing
boot process.

The reason it happens sporadically is due to grub_errno is reset to
GRUB_ERR_NONE in other places if a function's error return can be
ignored. In particular this hunk in grub_gfxmenu_create_box() does the
majority of the reset of grub_errno returned by init_background(), but
the path may not be always chosen.

  grub_video_bitmap_load (&box->raw_pixmaps[i], path);
  grub_free (path);

  /* Ignore missing pixmaps. */
  grub_errno = GRUB_ERR_NONE;

In any case, we cannot account on such random behavior and should only
return grub_errno if it is justified.

On the occasion move the grub_video_bitmap struct definition to the
beginning of the function.

Signed-off-by: Michael Chang <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>