Accepting request 1118237 from home:michael-chang:branches:Base:System

- Fix detection of encrypted disk's uuid in powerpc to cope with logical disks when signed image installation is specified (bsc#1216075) * 0003-grub-install-support-prep-environment-block.patch - grub2.spec: Add support to unlocking multiple encrypted disks in signed grub.elf image for logical disks - Version bump to 2.12~rc1 (PED-5589) OBS-URL: https://build.opensuse.org/request/show/1118237 OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=469
2023-10-18 05:19:26 +00:00 · 2023-10-18 05:19:26 +00:00 · 891ae6ee6e
commit 891ae6ee6e
parent 9222984490
3 changed files with 67 additions and 10 deletions
--- a/0003-grub-install-support-prep-environment-block.patch
+++ b/0003-grub-install-support-prep-environment-block.patch
@ -9,13 +9,18 @@ variables to facilitate root device discovery. So far these variables
 are defined for this purpose:
 ENV_FS_UUID - The filesystem uuid for the grub root device
-ENV_CRYPTO_UUID - The crytodisk uuid for the grub root device
+ENV_CRYPTO_UUID - The crytodisk uuid for the grub root device separated
 by space
 ENV_GRUB_DIR - The path to grub prefix directory
 ENV_HINT - The recommended hint string for searching root device
 The size of environment block is defined in GRUB_ENVBLK_PREP_SIZE which
 is 4096 bytes and can be extended in the future.
 v2: Improve detection of ENV_CRYPTO_UUID by traversing all members of
 the logical disk and utilize a space as a separator when multiple UUIDs
 are found (bsc#1216075). 
 Signed-off-by: Michael Chang <mchang@suse.com>
 ---
 include/grub/lib/envblk.h |  3 +++
@ -44,7 +49,49 @@ Signed-off-by: Michael Chang <mchang@suse.com>
 #include <string.h>
-@@ -2138,6 +2139,43 @@
+@@ -609,6 +610,41 @@
     }
 }
 +static char *
 +cryptodisk_uuids (grub_disk_t disk, int in_recurse)
 +{
 +  grub_disk_memberlist_t list = NULL, tmp;
 +  static char *ret;
 +
 +  if (!in_recurse)
 +    ret = NULL;
 +
 +  if (disk->dev->disk_memberlist)
 +    list = disk->dev->disk_memberlist (disk);
 +
 +  while (list)
 +    {
 +      ret = cryptodisk_uuids (list->disk, 1);
 +      tmp = list->next;
 +      free (list);
 +      list = tmp;
 +    }
 +
 +  if (disk->dev->id == GRUB_DISK_DEVICE_CRYPTODISK_ID)
 +    {
 +      if (!ret)
 +        ret = grub_strdup (grub_util_cryptodisk_get_uuid (disk));
 +      else
 +	{
 +	  char *s = grub_xasprintf ("%s %s", grub_util_cryptodisk_get_uuid (disk), ret);
 +	  grub_free (ret);
 +	  ret = s;
 +	}
 +    }
 +
 +  return ret;
 +}
 +
 static int
 is_same_disk (const char *a, const char *b)
 {
@@ -2138,6 +2174,43 @@
 	  if (write_to_disk (ins_dev, imgfile))
 	    grub_util_error ("%s", _("failed to copy Grub to the PReP partition"));
 	  grub_set_install_backup_ponr ();
@ -52,13 +99,13 @@ Signed-off-by: Michael Chang <mchang@suse.com>
 +	  if ((signed_grub_mode >= SIGNED_GRUB_FORCE) || ((signed_grub_mode == SIGNED_GRUB_AUTO) && (ppc_sb_state > 0)))
 +	    {
 +	      char *uuid = NULL;
 +	      const char *cryptouuid = NULL;
 +	      grub_envblk_t envblk = NULL;
 +	      char *buf;
 +	      char *cryptouuid = NULL;
 +
 +	      if (grub_dev->disk)
 +		cryptouuid = cryptodisk_uuids (grub_dev->disk, 0);
 +
 +	      /* TODO: Add LVM/RAID on encrypted partitions */
 +	      if (grub_dev->disk && grub_dev->disk->dev->id == GRUB_DISK_DEVICE_CRYPTODISK_ID)
 +		cryptouuid = grub_util_cryptodisk_get_uuid (grub_dev->disk);
 +	      if (grub_fs->fs_uuid && grub_fs->fs_uuid (grub_dev, &uuid))
 +		{
 +		  grub_print_error ();
--- a/grub2.changes
+++ b/grub2.changes
@ -1,3 +1,12 @@
 -------------------------------------------------------------------
 Mon Oct 16 08:05:03 UTC 2023 - Michael Chang <mchang@suse.com>
 - Fix detection of encrypted disk's uuid in powerpc to cope with logical disks
  when signed image installation is specified (bsc#1216075) 
  * 0003-grub-install-support-prep-environment-block.patch
 - grub2.spec: Add support to unlocking multiple encrypted disks in signed
  grub.elf image for logical disks
 -------------------------------------------------------------------
 Fri Oct  6 05:06:59 UTC 2023 - Michael Chang <mchang@suse.com>
@ -90,7 +99,7 @@ Thu Aug  3 03:24:41 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
 -------------------------------------------------------------------
 Thu Jul 27 06:16:36 UTC 2023 - Michael Chang <mchang@suse.com>
- Version bump to 2.12~rc1
+- Version bump to 2.12~rc1 (PED-5589)
  * Added:
    - grub-2.12~rc1.tar.xz
  * Removed:
--- a/grub2.spec
+++ b/grub2.spec
@ -827,6 +827,7 @@ fi
 echo "ENV_HINT=$ENV_HINT"
 echo "ENV_GRUB_DIR=$ENV_GRUB_DIR"
 echo "ENV_FS_UUID=$ENV_FS_UUID"
 echo "ENV_CRYPTO_UUID=$ENV_CRYPTO_UUID"
 if [ "$btrfs_relative_path" = xy ]; then
  btrfs_relative_path=1
@ -861,9 +862,9 @@ set prefix=""
 set root=""
 set cfg="grub.cfg"
-if [ "$ENV_CRYPTO_UUID" ]; then
+for uuid in $ENV_CRYPTO_UUID; do
-  cryptomount -u "$ENV_CRYPTO_UUID"
+  cryptomount -u $uuid
-fi
+done
 if [ "$ENV_FS_UUID" ]; then
  echo "searching for $ENV_FS_UUID with $hints"