Leo Sandoval
56577a7d89
Remove 'efi: Use shim's loader protocol for EFI image verification'
...
Although this patch is correct and at some point it will be
re-introduced, currently shim does not support the loader protocol so
drop it in the meanwhile.
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
2024-10-03 16:03:31 +02:00
Nicolas Frayer
68641d26b0
mkconfig: More hardening to prevent overwriting grub cfg stub
...
Simplified os detection and remove mountpoint to accommodate
hybrid VMs
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-10-03 16:03:13 +02:00
Leo Sandoval
9ba4d688c7
Rebased to release grub2-2.12 for fedora-41
...
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
2024-10-03 16:02:11 +02:00
Nicolas Frayer
9e756e9174
grub2-mkconfig: Prevent mkconfig from overwriting grub cfg stub
...
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-10-03 15:54:29 +02:00
Nicolas Frayer
f1a4458417
KVM/PowerVM: Add support for KVM on PowerVM
...
Resolved : #2294883
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-10-03 15:53:24 +02:00
Nicolas Frayer
a6a9b36c8f
cmd/search: Rework of CVE-2023-4001 fix
...
Related: #2224951
Resolved : #2263369
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-05-29 13:11:45 +02:00
Leo Sandoval
fa3dd080fa
grub-mkconfig.in: turn off executable owner bit
...
Resolves : #2281464
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
2024-05-24 18:29:07 -06:00
Nicolas Frayer
3e8a581288
fs/xfs: Handle non-continuous data blocks in directory extents
...
Related: #2254370
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-04-15 11:05:24 +02:00
Nicolas Frayer
d2fcd91e36
GRUB2 NTFS driver vulnerabilities
...
(CVE-2023-4692)
(CVE-2023-4693)
Resolves : #2236613
Resolves : #2241978
Resolves : #2241976
Resolves : #2238343
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-03-12 14:59:34 +01:00
Nicolas Frayer
de8520b84a
grub-set-bootflag: Fix for CVE-2024-1048
...
(CVE-2024-1048)
Resolves : #2256678
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-02-07 10:40:35 +01:00
Leo Sandoval
29406ad333
xfs: include directory extent parsing patch
...
Patch is required to boot XFS-formatted partitions created with
xfsprogs 6.5.0
Resolves : #2259266
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
2024-01-23 12:02:27 -06:00
Nicolas Frayer
6cc927e76b
Compiler flags: ignore incompatible types for now as it prevents
...
CI builds
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-01-18 15:22:45 +01:00
Nicolas Frayer
d2d9f6012b
grub-core/commands: add flag to only search root dev
...
Resolves : #2223437
Resolves : #2224951
Resolves : #2258096
Resolves: CVE-2023-4001
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-01-18 15:22:34 +01:00
Nicolas Frayer
ebd311ec52
xfs: Remove directory extent parsing patch
...
Some bios systems can't boot with one of
the xfs upstream patches
Resolves : #2254370
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-01-17 15:23:37 +01:00
Nicolas Frayer
d11c8385d6
normal: fix prefix when loading modules
...
Resolves : #2209435
Resolves : #2173015
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-01-04 11:29:35 +01:00
Leo Sandoval
4562b72afc
chainloader: remove device path debug message
...
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
2023-12-14 09:31:59 -06:00
Nicolas Frayer
c4a49e5c9a
fs/xfs: Add several fixes/improvements to xfs fs from upstream
...
Resolves : #2247926
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-12-01 10:31:36 +01:00
Nicolas Frayer
88924af554
Remove [Install] section from aux systemd units
...
Related: #2247635
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-11-14 17:29:09 +01:00
Nicolas Frayer
8a9297c431
util: grub-install on EFI if forced
...
Resolves : #1917213
Resolves : #2240994
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-11-06 18:10:09 +01:00
Nicolas Frayer
07412b4a97
kern/ieee1275/init: ppc64: Restrict high memory in presence
...
of fadump
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-10-20 18:11:41 +02:00
Nicolas Frayer
aa936e7b0c
ofdisk: Fix missing #include in ofdisk.c
...
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-09-29 18:06:49 +02:00
Nicolas Frayer
52d23fe6f6
arm64: Use proper memory type for kernel allocation
...
Resolves : #2149020
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-09-14 18:26:26 +02:00
Nicolas Frayer
d161705351
spec: Use systemd presets and macros for units in tools package
...
Resolves : #2230575
Signed-off-by: Christian Glombek <cglombek@redhat.com>
2023-09-14 18:26:07 +02:00
Nicolas Frayer
6d1f9f4a80
efi/http: change uint32_t to uintn_t
...
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-08-22 14:25:39 +02:00
Nicolas Frayer
5184f7bcf1
util: Enable default kernel for updates
...
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2023-08-22 14:14:44 +02:00
Robbie Harwood
dc5c4e3f52
Add switch-root support to grub-emu
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-04-12 15:23:39 +00:00
Robbie Harwood
e6b8f35a69
Fix aa64 page fault with EFI_MEMORY_ATTRIBUTE_PROTOCOL
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-04-10 16:44:09 +00:00
Robbie Harwood
dc0bc06560
Disable the tpm verifier if the TPM device is not present
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-03-30 12:47:20 +00:00
Robbie Harwood
ecd22580ae
ppc64le: more cas vec5 shenanigans
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-03-30 12:31:37 +00:00
Robbie Harwood
6a9365c88d
emu: work around systemctl bad behavior
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-03-22 18:39:56 +00:00
Robbie Harwood
48cf39de05
emu: handle BLS /boot weirdness
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-03-09 16:48:40 +00:00
Robbie Harwood
5c83f50804
Update mm fixes from upstream
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-20 16:49:18 +00:00
Robbie Harwood
b86fd390b8
Fix disk sector size computation
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-16 14:24:30 +00:00
Robbie Harwood
851216d61a
ppc64le: sync cas/tpm patchset with upstream
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-08 20:07:44 +00:00
Robbie Harwood
ed1787d5fc
emu: support newer kexec syscall
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-06 22:43:11 +00:00
Robbie Harwood
a5299c3192
ppc64le: cas5, take 3
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-06 20:29:49 +00:00
Robbie Harwood
3a3516d360
Fix implicit function declaration warnings
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-02-06 18:54:15 +00:00
Robbie Harwood
3ce59ed7e1
ppc64le: update signed media fixes
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-27 14:04:12 -05:00
Robbie Harwood
ac206cb17b
ppc64le: fix issues using core.elf on boot media
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-13 20:28:48 +00:00
Robbie Harwood
7be2bf00c3
Pull allocator improvements from upstream
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-11 18:57:23 +00:00
Robbie Harwood
d2ad09e81a
Allow internal grub allocations over 4GB
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-10 19:49:15 +00:00
Robbie Harwood
fa48146e4c
ppc64le: fix lpar cas5
...
Resolves : #2152547
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-14 19:30:52 +00:00
Robbie Harwood
85cfe6dd30
Fix error handling in grub_file_open()
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-06 15:57:14 +00:00
Robbie Harwood
0ccadff7a2
Bundle unicode.pf2 with images
...
Resolves : #2143725
Resolves : #2144113
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-22 17:56:56 -05:00
Robbie Harwood
3972172d4d
Font fixes (CVE-2022-2601 batch)
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-08 11:00:57 -05:00
Robbie Harwood
3d407d2111
Try dropping custom sort again
...
See-also: https://github.com/rpm-software-management/rpm/pull/2249
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-01 13:58:37 -04:00
Robbie Harwood
bc32a76bab
TDX measurements to RTMR
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-28 16:58:27 +00:00
Robbie Harwood
fdd5c6f423
x86-efi: Fix an incorrect array size in kernel allocation
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-12 18:08:53 +00:00
Robbie Harwood
4fa957c61c
Flush instruction cache before starting aa64 kernel
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-04 19:42:56 +00:00
Robbie Harwood
c50cc54b88
aa64: support pe/coff decompressor
...
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-09-08 20:17:42 +00:00