grub2/grub.patches
Javier Martinez Canillas 172b494fc6
grub-set-bootflag: Write new env to tmpfile and then rename
Resolves: CVE-2019-14865
Resolves: rhbz#1776580

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2019-11-26 10:38:35 +01:00

191 lines
12 KiB
Text

Patch0001: 0001-Add-support-for-Linux-EFI-stub-loading.patch
Patch0002: 0002-Rework-linux-command.patch
Patch0003: 0003-Rework-linux16-command.patch
Patch0004: 0004-Add-secureboot-support-on-efi-chainloader.patch
Patch0005: 0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch
Patch0006: 0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
Patch0007: 0007-re-write-.gitignore.patch
Patch0008: 0008-IBM-client-architecture-CAS-reboot-support.patch
Patch0009: 0009-for-ppc-reset-console-display-attr-when-clear-screen.patch
Patch0010: 0010-Disable-GRUB-video-support-for-IBM-power-machines.patch
Patch0011: 0011-Honor-a-symlink-when-generating-configuration-by-gru.patch
Patch0012: 0012-Move-bash-completion-script-922997.patch
Patch0013: 0013-Update-to-minilzo-2.08.patch
Patch0014: 0014-Allow-fallback-to-include-entries-by-title-not-just-.patch
Patch0015: 0015-Add-GRUB_DISABLE_UUID.patch
Patch0016: 0016-Make-exit-take-a-return-code.patch
Patch0017: 0017-Mark-po-exclude.pot-as-binary-so-git-won-t-try-to-di.patch
Patch0018: 0018-Make-efi-machines-load-an-env-block-from-a-variable.patch
Patch0019: 0019-DHCP-client-ID-and-UUID-options-added.patch
Patch0020: 0020-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch
Patch0021: 0021-Add-support-for-UEFI-operating-systems-returned-by-o.patch
Patch0022: 0022-Migrate-PPC-from-Yaboot-to-Grub2.patch
Patch0023: 0023-Add-fw_path-variable-revised.patch
Patch0024: 0024-Pass-x-hex-hex-straight-through-unmolested.patch
Patch0025: 0025-Add-X-option-to-printf-functions.patch
Patch0026: 0026-Search-for-specific-config-file-for-netboot.patch
Patch0027: 0027-blscfg-add-blscfg-module-to-parse-Boot-Loader-Specif.patch
Patch0028: 0028-Add-devicetree-loading.patch
Patch0029: 0029-Don-t-write-messages-to-the-screen.patch
Patch0030: 0030-Don-t-print-GNU-GRUB-header.patch
Patch0031: 0031-Don-t-add-to-highlighted-row.patch
Patch0032: 0032-Message-string-cleanups.patch
Patch0033: 0033-Fix-border-spacing-now-that-we-aren-t-displaying-it.patch
Patch0034: 0034-Use-the-correct-indentation-for-the-term-help-text.patch
Patch0035: 0035-Indent-menu-entries.patch
Patch0036: 0036-Fix-margins.patch
Patch0037: 0037-Use-2-instead-of-1-for-our-right-hand-margin-so-line.patch
Patch0038: 0038-Enable-pager-by-default.-985860.patch
Patch0039: 0039-F10-doesn-t-work-on-serial-so-don-t-tell-the-user-to.patch
Patch0040: 0040-Don-t-say-GNU-Linux-in-generated-menus.patch
Patch0041: 0041-Don-t-draw-a-border-around-the-menu.patch
Patch0042: 0042-Use-the-standard-margin-for-the-timeout-string.patch
Patch0043: 0043-Add-.eh_frame-to-list-of-relocations-stripped.patch
Patch0044: 0044-Don-t-munge-raw-spaces-when-we-re-doing-our-cmdline-.patch
Patch0045: 0045-Don-t-require-a-password-to-boot-entries-generated-b.patch
Patch0046: 0046-Don-t-emit-Booting-.-message.patch
Patch0047: 0047-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch
Patch0048: 0048-use-fw_path-prefix-when-fallback-searching-for-grub-.patch
Patch0049: 0049-Try-mac-guid-etc-before-grub.cfg-on-tftp-config-file.patch
Patch0050: 0050-Fix-convert-function-to-support-NVMe-devices.patch
Patch0051: 0051-Add-grub_util_readlink.patch
Patch0052: 0052-Make-editenv-chase-symlinks-including-those-across-d.patch
Patch0053: 0053-Generate-OS-and-CLASS-in-10_linux-from-etc-os-releas.patch
Patch0054: 0054-Minimize-the-sort-ordering-for-.debug-and-rescue-ker.patch
Patch0055: 0055-Try-prefix-if-fw_path-doesn-t-work.patch
Patch0056: 0056-Update-info-with-grub.cfg-netboot-selection-order-11.patch
Patch0057: 0057-Use-Distribution-Package-Sort-for-grub2-mkconfig-112.patch
Patch0058: 0058-Handle-rssd-storage-devices.patch
Patch0059: 0059-Make-grub2-mkconfig-construct-titles-that-look-like-.patch
Patch0060: 0060-Add-friendly-grub2-password-config-tool-985962.patch
Patch0061: 0061-tcp-add-window-scaling-support.patch
Patch0062: 0062-Fix-security-issue-when-reading-username-and-passwor.patch
Patch0063: 0063-Add-a-url-parser.patch
Patch0064: 0064-efinet-and-bootp-add-support-for-dhcpv6.patch
Patch0065: 0065-Add-grub-get-kernel-settings-and-use-it-in-10_linux.patch
Patch0066: 0066-Normalize-slashes-in-tftp-paths.patch
Patch0067: 0067-bz1374141-fix-incorrect-mask-for-ppc64.patch
Patch0068: 0068-Make-grub_fatal-also-backtrace.patch
Patch0069: 0069-Fix-up-some-man-pages-rpmdiff-noticed.patch
Patch0070: 0070-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch
Patch0071: 0071-Make-our-info-pages-say-grub2-where-appropriate.patch
Patch0072: 0072-print-more-debug-info-in-our-module-loader.patch
Patch0073: 0073-macos-just-build-chainloader-entries-don-t-try-any-x.patch
Patch0074: 0074-grub2-btrfs-Add-ability-to-boot-from-subvolumes.patch
Patch0075: 0075-export-btrfs_subvol-and-btrfs_subvolid.patch
Patch0076: 0076-grub2-btrfs-03-follow_default.patch
Patch0077: 0077-grub2-btrfs-04-grub2-install.patch
Patch0078: 0078-grub2-btrfs-05-grub2-mkconfig.patch
Patch0079: 0079-grub2-btrfs-06-subvol-mount.patch
Patch0080: 0080-Fallback-to-old-subvol-name-scheme-to-support-old-sn.patch
Patch0081: 0081-Grub-not-working-correctly-with-btrfs-snapshots-bsc-.patch
Patch0082: 0082-Add-grub_efi_allocate_pool-and-grub_efi_free_pool-wr.patch
Patch0083: 0083-Use-grub_efi_.-memory-helpers-where-reasonable.patch
Patch0084: 0084-Add-PRIxGRUB_EFI_STATUS-and-use-it.patch
Patch0085: 0085-Don-t-use-dynamic-sized-arrays-since-we-don-t-build-.patch
Patch0086: 0086-don-t-ignore-const.patch
Patch0087: 0087-don-t-use-int-for-efi-status.patch
Patch0088: 0088-make-GRUB_MOD_INIT-declare-its-function-prototypes.patch
Patch0089: 0089-editenv-handle-relative-symlinks.patch
Patch0090: 0090-Make-libgrub.pp-depend-on-config-util.h.patch
Patch0091: 0091-Don-t-guess-boot-efi-as-HFS-on-ppc-machines-in-grub-.patch
Patch0092: 0092-20_linux_xen-load-xen-or-multiboot-2-modules-as-need.patch
Patch0093: 0093-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch
Patch0094: 0094-align-struct-efi_variable-better.patch
Patch0095: 0095-Add-BLS-support-to-grub-mkconfig.patch
Patch0096: 0096-Don-t-attempt-to-backtrace-on-grub_abort-for-grub-em.patch
Patch0097: 0097-Add-linux-and-initrd-commands-for-grub-emu.patch
Patch0098: 0098-Add-grub2-switch-to-blscfg.patch
Patch0099: 0099-Add-grub_debug_enabled.patch
Patch0100: 0100-make-better-backtraces.patch
Patch0101: 0101-normal-don-t-draw-our-startup-message-if-debug-is-se.patch
Patch0102: 0102-Work-around-some-minor-include-path-weirdnesses.patch
Patch0103: 0103-Make-it-possible-to-enabled-build-id-sha1.patch
Patch0104: 0104-Add-grub_qdprintf-grub_dprintf-without-the-file-line.patch
Patch0105: 0105-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch
Patch0106: 0106-TPM-support.patch
Patch0107: 0107-Fixup-for-newer-compiler.patch
Patch0108: 0108-Don-t-attempt-to-export-the-start-and-_start-symbols.patch
Patch0109: 0109-Fixup-for-newer-compiler.patch
Patch0110: 0110-Use-xid-to-match-DHCP-replies.patch
Patch0111: 0111-Add-support-for-non-Ethernet-network-cards.patch
Patch0112: 0112-misc-fix-invalid-character-recongition-in-strto-l.patch
Patch0113: 0113-net-read-bracketed-ipv6-addrs-and-port-numbers.patch
Patch0114: 0114-bootp-New-net_bootp6-command.patch
Patch0115: 0115-efinet-UEFI-IPv6-PXE-support.patch
Patch0116: 0116-grub.texi-Add-net_bootp6-doument.patch
Patch0117: 0117-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch
Patch0118: 0118-efinet-Setting-network-from-UEFI-device-path.patch
Patch0119: 0119-efinet-Setting-DNS-server-from-UEFI-protocol.patch
Patch0120: 0120-Fix-one-more-coverity-complaint.patch
Patch0121: 0121-Support-UEFI-networking-protocols.patch
Patch0122: 0122-AUDIT-0-http-boot-tracker-bug.patch
Patch0123: 0123-grub-core-video-efi_gop.c-Add-support-for-BLT_ONLY-a.patch
Patch0124: 0124-efi-uga-use-64-bit-for-fb_base.patch
Patch0125: 0125-EFI-console-Do-not-set-text-mode-until-we-actually-n.patch
Patch0126: 0126-EFI-console-Add-grub_console_read_key_stroke-helper-.patch
Patch0127: 0127-EFI-console-Implement-getkeystatus-support.patch
Patch0128: 0128-Make-grub_getkeystatus-helper-funtion-available-ever.patch
Patch0129: 0129-Accept-ESC-F8-and-holding-SHIFT-as-user-interrupt-ke.patch
Patch0130: 0130-grub-editenv-Add-incr-command-to-increment-integer-v.patch
Patch0131: 0131-Add-auto-hide-menu-support.patch
Patch0132: 0132-Output-a-menu-entry-for-firmware-setup-on-UEFI-FastB.patch
Patch0133: 0133-Add-grub-set-bootflag-utility.patch
Patch0134: 0134-docs-Add-grub-boot-indeterminate.service-example.patch
Patch0135: 0135-gentpl-add-disable-support.patch
Patch0136: 0136-gentpl-add-pc-firmware-type.patch
Patch0137: 0137-efinet-also-use-the-firmware-acceleration-for-http.patch
Patch0138: 0138-efi-http-Make-root_url-reflect-the-protocol-hostname.patch
Patch0139: 0139-Force-everything-to-use-python3.patch
Patch0140: 0140-Fix-an-8-year-old-typo.patch
Patch0141: 0141-autogen-don-t-run-autoreconf-in-the-topdir.patch
Patch0142: 0142-Make-it-so-we-can-tell-configure-which-cflags-utils-.patch
Patch0143: 0143-module-verifier-make-it-possible-to-run-checkers-on-.patch
Patch0144: 0144-grub-module-verifier-report-the-filename-or-modname-.patch
Patch0145: 0145-Rework-how-the-fdt-command-builds.patch
Patch0146: 0146-Disable-non-wordsize-allocations-on-arm.patch
Patch0147: 0147-strip-R-.note.gnu.property-at-more-places.patch
Patch0148: 0148-Prepend-prefix-when-HTTP-path-is-relative.patch
Patch0149: 0149-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch
Patch0150: 0150-Make-grub_error-more-verbose.patch
Patch0151: 0151-Make-reset-an-alias-for-the-reboot-command.patch
Patch0152: 0152-EFI-more-debug-output-on-GOP-and-UGA-probing.patch
Patch0153: 0153-Add-a-version-command.patch
Patch0154: 0154-Add-more-dprintf-and-nerf-dprintf-in-script.c.patch
Patch0155: 0155-arm-arm64-loader-Better-memory-allocation-and-error-.patch
Patch0156: 0156-Try-to-pick-better-locations-for-kernel-and-initrd.patch
Patch0157: 0157-Attempt-to-fix-up-all-the-places-Wsign-compare-error.patch
Patch0158: 0158-Don-t-use-Wno-sign-compare-Wno-conversion-Wno-error-.patch
Patch0159: 0159-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch
Patch0160: 0160-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
Patch0161: 0161-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
Patch0162: 0162-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
Patch0163: 0163-Fix-getroot.c-s-trampolines.patch
Patch0164: 0164-Do-not-allow-stack-trampolines-anywhere.patch
Patch0165: 0165-Reimplement-boot_counter.patch
Patch0166: 0166-Make-grub_strtoul-end-pointer-have-the-right-constif.patch
Patch0167: 0167-Fix-menu-entry-selection-based-on-ID-and-title.patch
Patch0168: 0168-Make-the-menu-entry-users-option-argument-to-be-opti.patch
Patch0169: 0169-Add-efi-export-env-and-efi-load-env-commands.patch
Patch0170: 0170-Make-it-possible-to-subtract-conditions-from-debug.patch
Patch0171: 0171-Export-all-variables-from-the-initial-context-when-c.patch
Patch0172: 0172-Fix-the-looking-up-grub.cfg-XXX-while-tftp-booting.patch
Patch0173: 0173-Try-to-set-fPIE-and-friends-on-libgnu.a.patch
Patch0174: 0174-Don-t-make-grub_strtoull-print-an-error-if-no-conver.patch
Patch0175: 0175-Fix-the-type-of-grub_efi_status_t.patch
Patch0176: 0176-mkimage-Use-EFI32_HEADER_SIZE-define-in-arm-efi-case.patch
Patch0177: 0177-mkimage-Align-efi-sections-on-4k-boundary.patch
Patch0178: 0178-mkimage-Clarify-file-alignment-in-efi-case.patch
Patch0179: 0179-grub.d-Split-out-boot-success-reset-from-menu-auto-h.patch
Patch0180: 0180-Fix-systemctl-kexec-exit-status-check.patch
Patch0181: 0181-Print-grub-emu-linux-loader-messages-as-debug.patch
Patch0182: 0182-Don-t-assume-that-boot-commands-will-only-return-on-.patch
Patch0183: 0183-Fix-undefined-references-for-fdt-when-building-with-.patch
Patch0184: 0184-arm-Move-trampolines-into-code-section.patch
Patch0185: 0185-arm-Align-section-alignment-with-manual-relocation-o.patch
Patch0186: 0186-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch
Patch0187: 0187-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch
Patch0188: 0188-Don-t-add-a-class-option-to-menu-entries-generated-f.patch
Patch0189: 0189-blscfg-Fix-typo-for-gfxpayload-variable-name.patch
Patch0190: 0190-grub-set-bootflag-Update-comment-about-running-as-ro.patch
Patch0191: 0191-grub-set-bootflag-Write-new-env-to-tmpfile-and-then-.patch