Commit graph

564 commits

Author SHA1 Message Date
Robbie Harwood
b84b21f7a2 Apply more hardening to host binaries
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-11 15:40:17 +00:00
Robbie Harwood
d2ad09e81a Allow internal grub allocations over 4GB
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2023-01-10 19:49:15 +00:00
Robbie Harwood
9e46a970c6 Fix prefix setting with memdisk creation for network boot
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-21 22:35:22 +00:00
Robbie Harwood
55921d8655 Attempt to fix eln build
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-19 14:36:15 -05:00
Robbie Harwood
fa48146e4c ppc64le: fix lpar cas5
Resolves: #2152547
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-14 19:30:52 +00:00
Robbie Harwood
85cfe6dd30 Fix error handling in grub_file_open()
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-06 15:57:14 +00:00
Robbie Harwood
9b063ec0c5 Bump spec for "Allow for xz'd symvers file"
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-12-05 12:24:36 -05:00
81ed67d3a8 Bump release to install unicode.pf2
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
2022-11-23 20:45:18 +01:00
Robbie Harwood
f09f9764c6 Add BR on squashfs-tools
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-22 18:18:54 -05:00
Robbie Harwood
0ccadff7a2 Bundle unicode.pf2 with images
Resolves: #2143725
Resolves: #2144113
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-22 17:56:56 -05:00
Peter Robinson
558410c2d9 Don't obsolete the tools package with extra/efi
The extra/efi packages aren't needed in a lot of use cases.
The efi subpackage is actually only useful on EFI based macs.
The extra subpackage isn't useful on cloud/server and a lot
of places where there's no need for pretty GUIs. Stop obsoleting
the tools package so that they're pulled in with every update
even though they may have been actively remove by images or users.

Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
[rharwood: bump spec]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-22 11:39:30 -05:00
Robbie Harwood
06e51d2a65 Forward-port ppc64le image creation (with nerfed signing)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-21 15:22:04 -05:00
Robbie Harwood
3972172d4d Font fixes (CVE-2022-2601 batch)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-08 11:00:57 -05:00
Robbie Harwood
3d407d2111 Try dropping custom sort again
See-also: https://github.com/rpm-software-management/rpm/pull/2249
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-11-01 13:58:37 -04:00
Robbie Harwood
bc32a76bab TDX measurements to RTMR
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-28 16:58:27 +00:00
Robbie Harwood
fdd5c6f423 x86-efi: Fix an incorrect array size in kernel allocation
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-12 18:08:53 +00:00
Robbie Harwood
4fa957c61c Flush instruction cache before starting aa64 kernel
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-10-04 19:42:56 +00:00
Robbie Harwood
7a1af0ff6d Bump spec for grub.macros gettext changes from Jens
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-09-09 18:06:11 +00:00
Robbie Harwood
c50cc54b88 aa64: support pe/coff decompressor
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-09-08 20:17:42 +00:00
Robbie Harwood
db229abffb Revert patches to claim more memory for the arena
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-09-07 23:51:40 +00:00
Robbie Harwood
82f5820dd4 Fix root definition for blscfg in emu
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-25 21:59:45 +00:00
Robbie Harwood
d8336270fe gettext to gettext-runtime migration from Jens
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-25 18:19:28 +00:00
Robbie Harwood
c814f068c6 ieee1275: implement vec5 for cas negotiation
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-25 15:40:30 +00:00
Robbie Harwood
714559fb3d Handle ostree's non-writable /etc/kernel
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-17 16:09:22 +00:00
Robbie Harwood
bb8ac90efb Give up on rhgb quiet
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-17 15:31:34 +00:00
Robbie Harwood
fc76aed533 Fix duplicated args and cope with /etc/default/grub modification
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-17 11:08:14 -04:00
Robbie Harwood
2f39adbb14 Fix nvr mismatch
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-16 15:25:07 -04:00
Robbie Harwood
89d7a298b6 Skip rpm mtime verification on likely-vfat filesystems
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-15 20:50:19 +00:00
Robbie Harwood
867b41f7d3 Use --with-rpm-version
Resolves: #2118390
Suggested-by: François Rigault <frigo@amadeus.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-15 16:21:35 -04:00
Robbie Harwood
ac27fd45d7 Try reserving less RAM to fix windows booting
Related: #2115202
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-08 16:32:19 +00:00
Robbie Harwood
11e6d3f1b0 Populate /etc/kernel/cmdline during mkconfig
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-02 17:13:34 -04:00
Robbie Harwood
74d57bbd19 Rest of allocator fixes
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-02 14:39:11 +00:00
Robbie Harwood
5b44e10cf3 Some allocator fixes for kernel
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-08-01 21:57:55 +00:00
Robbie Harwood
e7aee52b19 Handle FAT mtime of 0
Resolves: #2096192
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-07-19 16:24:58 +00:00
Robbie Harwood
f0ad2aaa26 CVE fixes for 2022-05-24
Resolves: CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733
Resolves: CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-06-03 13:54:45 -04:00
Robbie Harwood
a44a6377ed ppc64le: make ofdisk retries optional
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-05-16 21:15:56 +00:00
Robbie Harwood
ea7cfdf726 Fix missing declaration of strchrnul in rpm-sort
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-05-05 22:14:21 +00:00
Robbie Harwood
d15d46b0e4 ppc64le: CAS improvements, prefix detection, and vTPM support
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-05-04 18:00:02 +00:00
Dominik 'Rathann' Mierzejewski
ac52d21d8a Fix mkformat error from grub2-mkrescue
grub2-tools-extra missing dependency on mformat (mtools).

[rharwood: NVR fix, commit message]
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-19 10:38:41 -04:00
Robbie Harwood
e622855aa2 Attempt to fix version display
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-18 21:58:58 +00:00
Robbie Harwood
f9344de20a Stop using %{name} for things in the spec file
There's no point to this (the packaging isn't generic, confusion between
grub and grub2 in places, it's not fewer characters to type, have to
think about escaping in macros, ...) and it makes searching for things
needlessly difficult.

This finishes the revert of 967c5629ed
("Don't harcode grub2 in the spec file") that was begun in
af038a0bdc ("Revert "Don't harcode grub2
in the spec file"").

Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-18 17:14:40 -04:00
Robbie Harwood
1d98b5f260 Fix permission change report from rpm verification on grub.cfg
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-18 17:50:28 +00:00
Robbie Harwood
6c2cc46451 Enable "read" module
Resolves: #2071644
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-13 15:13:22 +00:00
Robbie Harwood
2e106f9a3e Drop use of which and update requirements
Original patches by Zbigniew Jędrzejewski-Szmek.

Merges: #16
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-04-12 14:46:11 -04:00
Robbie Harwood
eeff7639b3 Drop i32 build for real this time
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-03-31 21:23:48 +00:00
Robbie Harwood
bd73b85ea3 Switch to upstream man pages
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-03-31 21:21:43 +00:00
Robbie Harwood
d171a2a95c Revert previous change (grub2-pc-modules is built on i32)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-03-30 14:44:17 +00:00
Robbie Harwood
2b909b72a4 Drop i32 support
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-03-29 18:45:49 +00:00
Adam Williamson
f29388d27a Fix a syntax error in the ostree BLS fix attempt 2022-03-23 16:48:18 -07:00
Peter Robinson
5d7c163550 Rebuild for secure-boot signing 2022-03-23 10:29:57 +00:00