diff --git a/grub2-efi-xen-cfg-unquote.patch b/grub2-efi-xen-cfg-unquote.patch new file mode 100644 index 0000000..907e2f5 --- /dev/null +++ b/grub2-efi-xen-cfg-unquote.patch @@ -0,0 +1,92 @@ +From: Petr Tesarik +Subject: Unquote parameters written to Xen EFI config file +References: bsc#900418 +Patch-mainline: not yet + +The GRUB_CMDLINE_* value is copied verbatim to grub.conf, so it is first +parsed by GRUB2 before being passed down to the kernel. OTOH Xen EFI loader +takes the config file options verbatim. This means that any special GRUB2 +syntax must be evaluated when generating that file. + +Of course, some things are not even possible (e.g. substituting GRUB runtime +variables), but let's call them known limitations. + +Signed-off-by: Petr Tesarik + +--- + util/grub.d/20_linux_xen.in | 54 ++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 52 insertions(+), 2 deletions(-) + +Index: grub-2.02~rc1/util/grub.d/20_linux_xen.in +=================================================================== +--- grub-2.02~rc1.orig/util/grub.d/20_linux_xen.in ++++ grub-2.02~rc1/util/grub.d/20_linux_xen.in +@@ -122,6 +122,52 @@ else + is_efi=false + fi + ++grub2_unquote () ++{ ++ awk ' ++ BEGIN { ++ bare = "[^{}|&$;<> \t\n'\''\"\\\\]+" ++ esc = "\\\\." ++ id = "[[:alpha:]_][[:alnum:]_]*|[[:digit:]]+|[?#*@]" ++ var = "\\$("id")|\\$\\{("id")\\}" ++ dqesc = "\\\\[$\"\\\\]" ++ dqstr = "\\$?\"([^\"]|"var"|"dqesc")*\"" ++ sqstr = "'\''[^'\'']*'\''" ++ pat = bare"|"esc"|"var"|"dqstr"|"sqstr ++ ORS = "" ++ } ++ { ++ patsplit($0, words, pat, sep) ++ print sep[0] ++ for (i in words) { ++ w = words[i] ++ if (w ~ /^\$?\"/) { ++ # Double-quoted string ++ patsplit(w, segs, var"|"dqesc, ssep) ++ print ssep[0] ++ for (j in segs) { ++ if (segs[j] ~ /^\\/) ++ print substr(segs[j], 2) ++ print ssep[j] ++ } ++ } else if (w ~ /^'\''/) { ++ # Single-quoted string ++ print substr(w, 2, length(w)-2) ++ } else if (w ~ /^\\/) { ++ # Escape sequence ++ print substr(w, 2) ++ } else if (w ~ /^\$/) { ++ # Variable expansion ++ } else { ++ # Bare word ++ print w ++ } ++ print sep[i] ++ } ++ print "\n" ++ }' ++} ++ + linux_entry () + { + os="$1" +@@ -174,11 +220,13 @@ linux_entry () + else + section="failsafe.$section_count" + fi ++ xen_args_unq=$(echo $xen_args | grub2_unquote) ++ args_unq=$(echo $args | grub2_unquote) + cat <<-EOF >> $grub_dir/$xen_cfg + + [$section] +- options=${xen_args} +- kernel=${basename} root=${linux_root_device_thisversion} ${args} ++ options=${xen_args_unq} ++ kernel=${basename} root=${linux_root_device_thisversion} ${args_unq} + ramdisk=${initrd} + EOF + message="$(gettext_printf "Loading Xen %s with Linux %s ..." ${xen_version} ${version})" diff --git a/grub2-fix-multi-device-root-kernel-argument.patch b/grub2-fix-multi-device-root-kernel-argument.patch deleted file mode 100644 index 65a93bf..0000000 --- a/grub2-fix-multi-device-root-kernel-argument.patch +++ /dev/null @@ -1,44 +0,0 @@ -Index: grub-2.02~beta2/util/grub.d/10_linux.in -=================================================================== ---- grub-2.02~beta2.orig/util/grub.d/10_linux.in -+++ grub-2.02~beta2/util/grub.d/10_linux.in -@@ -45,12 +45,14 @@ esac - - # btrfs may reside on multiple devices. We cannot pass them as value of root= parameter - # and mounting btrfs requires user space scanning, so force UUID in this case. --if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \ -+if ( [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \ - || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \ -- || ( test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm ); then -+ || uses_abstraction "${GRUB_DEVICE}" lvm ) && test -e "${GRUB_DEVICE}"; then - LINUX_ROOT_DEVICE=${GRUB_DEVICE} - else -- LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID} -+ if [ "x${GRUB_DEVICE_UUID}" != "x" ]; then -+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID} -+ fi - fi - - if [ "x$GRUB_CONMODE" != "x" ]; then -Index: grub-2.02~beta2/util/grub.d/20_linux_xen.in -=================================================================== ---- grub-2.02~beta2.orig/util/grub.d/20_linux_xen.in -+++ grub-2.02~beta2/util/grub.d/20_linux_xen.in -@@ -55,12 +55,14 @@ esac - - # btrfs may reside on multiple devices. We cannot pass them as value of root= parameter - # and mounting btrfs requires user space scanning, so force UUID in this case. --if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \ -+if ( [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \ - || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \ -- || ( test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm ); then -+ || uses_abstraction "${GRUB_DEVICE}" lvm ) && test -e "${GRUB_DEVICE}"; then - LINUX_ROOT_DEVICE=${GRUB_DEVICE} - else -- LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID} -+ if [ "x${GRUB_DEVICE_UUID}" != "x" ]; then -+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID} -+ fi - fi - - # Allow overriding GRUB_CMDLINE_LINUX and GRUB_CMDLINE_LINUX_DEFAULT. diff --git a/grub2-linuxefi-fix-boot-params.patch b/grub2-linuxefi-fix-boot-params.patch new file mode 100644 index 0000000..32a3372 --- /dev/null +++ b/grub2-linuxefi-fix-boot-params.patch @@ -0,0 +1,20 @@ +Index: grub-2.02~rc1/grub-core/loader/i386/efi/linux.c +=================================================================== +--- grub-2.02~rc1.orig/grub-core/loader/i386/efi/linux.c ++++ grub-2.02~rc1/grub-core/loader/i386/efi/linux.c +@@ -324,7 +324,14 @@ grub_cmd_linux (grub_command_t cmd __att + lh.code32_start = (grub_uint32_t)(grub_addr_t) kernel_mem; + } + +- grub_memcpy(params, &lh, 2 * 512); ++ /* Grub linuxefi erroneously initialize linux's boot_params with non-zero values. (bsc#1025563) ++ ++ From https://www.kernel.org/doc/Documentation/x86/boot.txt: ++ The memory for struct boot_params could be allocated anywhere (even above 4G) ++ and initialized to all zero. ++ Then, the setup header at offset 0x01f1 of kernel image on should be ++ loaded into struct boot_params and examined. */ ++ grub_memcpy (¶ms->setup_sects, &lh.setup_sects, sizeof (lh) - 0x01f1); + + params->type_of_loader = 0x21; + diff --git a/grub2.changes b/grub2.changes index c9f724d..f607edf 100644 --- a/grub2.changes +++ b/grub2.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Fri Mar 3 10:26:10 UTC 2017 - mchang@suse.com + +- Fix invalid Xen EFI config files if xen_args include GRUB2 quoting + (bsc#900418) (bsc#951748) + * grub2-efi-xen-cfg-unquote.patch +- Fix linuxefi erroneously initialize linux's boot_params with non-zero + values. (bsc#1025563) + * grub2-linuxefi-fix-boot-params.patch +- Removed grub2-fix-multi-device-root-kernel-argument.patch as it has + regression on how GRUB_DISABLE_LINUX_UUID=true interpreted (bsc#1015138) + ------------------------------------------------------------------- Wed Mar 1 10:29:46 UTC 2017 - mchang@suse.com diff --git a/grub2.spec b/grub2.spec index 99af5f7..87ebbd2 100644 --- a/grub2.spec +++ b/grub2.spec @@ -1,7 +1,7 @@ # # spec file for package grub2 # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -178,8 +178,9 @@ Patch21: grub2-secureboot-add-linuxefi.patch Patch22: grub2-secureboot-use-linuxefi-on-uefi.patch Patch23: grub2-secureboot-no-insmod-on-sb.patch Patch24: grub2-secureboot-provide-linuxefi-config.patch -Patch29: grub2-secureboot-chainloader.patch -Patch34: grub2-secureboot-use-linuxefi-on-uefi-in-os-prober.patch +Patch25: grub2-secureboot-chainloader.patch +Patch26: grub2-secureboot-use-linuxefi-on-uefi-in-os-prober.patch +Patch27: grub2-linuxefi-fix-boot-params.patch Patch35: grub2-linguas.sh-no-rsync.patch Patch37: grub2-use-Unifont-for-starfield-theme-terminal.patch Patch38: grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch @@ -220,13 +221,13 @@ Patch108: grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch Patch120: grub2-efi-xen-chainload.patch Patch121: grub2-efi-chainloader-root.patch Patch122: grub2-efi-xen-cmdline.patch +Patch123: grub2-efi-xen-cfg-unquote.patch # Hidden menu entry and hotkey "t" for text console Patch140: grub2-Add-hidden-menu-entries.patch Patch141: grub2-SUSE-Add-the-t-hotkey.patch # EFI free memory on exit fix (bsc#980739) Patch150: grub2-efi-Free-malloc-regions-on-exit.patch # Linux root device related patches -Patch162: grub2-fix-multi-device-root-kernel-argument.patch Patch163: grub2-zipl-setup-fix-btrfs-multipledev.patch Patch164: grub2-suse-remove-linux-root-param.patch # PPC64 LE support @@ -337,9 +338,9 @@ provides support for %{platform} systems. %package %{grubefiarch} Summary: Bootloader with support for Linux, Multiboot and more +Group: System/Boot # Require efibootmgr # Without it grub-install is broken so break the package as well if unavailable -Group: System/Boot Requires: efibootmgr Requires(post): efibootmgr Requires: %{name} = %{version}-%{release} @@ -426,8 +427,9 @@ swap partition while in resuming %patch22 -p1 %patch23 -p1 %patch24 -p1 -%patch29 -p1 -%patch34 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 %patch35 -p1 %patch37 -p1 %patch38 -p1 @@ -466,10 +468,10 @@ swap partition while in resuming %patch120 -p1 %patch121 -p1 %patch122 -p1 +%patch123 -p1 %patch140 -p1 %patch141 -p1 %patch150 -p1 -%patch162 -p1 %patch163 -p1 %patch164 -p1 %patch205 -p1