Accepting request 1067492 from Base:System

OBS-URL: https://build.opensuse.org/request/show/1067492
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=285

0001-ieee1275-Further-increase-initially-allocated-heap-f.patch

@@ -0,0 +1,46 @@
+From d44e0a892621a744e9a64e17ed5676470ef4f023 Mon Sep 17 00:00:00 2001
+From: Wen Xiong <wenxiong@linux.ibm.com>
+Date: Mon, 20 Feb 2023 15:58:14 -0500
+Subject: [PATCH 1/2] ieee1275: Further increase initially allocated heap from
+ 1/3 to 1/2
+
+The memory increase to 1/3 of 391MB (~127MB) was still insufficient
+to boot the kernel and initrd of the SuSE distribution:
+
+initrd        2023-Jan-18 04:27    114.9M
+linux         2023-Jan-17 05:23     45.9M
+
+Therefore, further increase the initially allocated heap to 1/2
+of 391MB to ~191MB, which now allows to boot the system from an
+ISO.
+
+Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
+---
+ grub-core/kern/ieee1275/init.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
+index 2a2409d45..e1dbff86a 100644
+--- a/grub-core/kern/ieee1275/init.c
++++ b/grub-core/kern/ieee1275/init.c
+@@ -47,7 +47,7 @@
+ #include <grub/lockdown.h>
+ 
+ /* The maximum heap size we're going to claim. Not used by sparc.
+-   We allocate 1/3 of the available memory under 4G, up to this limit. */
++   We allocate 1/2 of the available memory under 4G, up to this limit. */
+ #ifdef __i386__
+ #define HEAP_MAX_SIZE		(unsigned long) (64 * 1024 * 1024)
+ #else // __powerpc__
+@@ -417,7 +417,7 @@ grub_claim_heap (void)
+ 
+   grub_machine_mmap_iterate (heap_size, &total);
+ 
+-  total = total / 3;
++  total = total / 2;
+   if (total > HEAP_MAX_SIZE)
+     total = HEAP_MAX_SIZE;
+ 
+-- 
+2.39.1
+

0002-ieee1275-implement-vec5-for-cas-negotiation.patch

@@ -1,54 +1,62 @@
-From 6c7c4007ad621029295797b439158d36d0f62487 Mon Sep 17 00:00:00 2001
+From 03056f35a73258fa68a809fba4aeab654ff35734 Mon Sep 17 00:00:00 2001
 From: Diego Domingos <diegodo@linux.vnet.ibm.com>
 Date: Thu, 25 Aug 2022 11:37:56 -0400
-Subject: [PATCH 2/2] ieee1275: implement vec5 for cas negotiation
+Subject: [PATCH] ieee1275: implement vec5 for cas negotiation
 
-As a legacy support, if the vector 5 is not implemented, Power
+As a legacy support, if the vector 5 is not implemented, Power Hypervisor will
-Hypervisor will consider the max CPUs as 64 instead 256 currently
+consider the max CPUs as 64 instead 256 currently supported during
-supported during client-architecture-support negotiation.
+client-architecture-support negotiation.
 
-This patch implements the vector 5 and set the MAX CPUs to 256 while
+This patch implements the vector 5 and set the MAX CPUs to 256 while setting the
-setting the others values to 0 (default).
+others values to 0 (default).
 
 Signed-off-by: Diego Domingos <diegodo@linux.vnet.ibm.com>
-Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Acked-by: Daniel Axtens <dja@axtens.net>
+Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
+Signed-off-by: Avnish Chouhan <avnish@linux.vnet.ibm.com>
 ---
- grub-core/kern/ieee1275/init.c | 20 +++++++++++++++++++-
+ grub-core/kern/ieee1275/init.c | 28 ++++++++++++++++++++++++----
- 1 file changed, 19 insertions(+), 1 deletion(-)
+ 1 file changed, 24 insertions(+), 4 deletions(-)
 
 diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
-index 7d7178d3e..3aa40313f 100644
+index 7d7178d3e..0e902ff62 100644
 --- a/grub-core/kern/ieee1275/init.c
 +++ b/grub-core/kern/ieee1275/init.c
-@@ -311,6 +311,18 @@ struct option_vector2 {
+@@ -311,7 +311,21 @@ struct option_vector2 {
    grub_uint8_t max_pft_size;
  } __attribute__((packed));
  
-+struct option_vector5 {
+-struct pvr_entry {
-+        grub_uint8_t byte1;
++struct option_vector5
-+        grub_uint8_t byte2;
++{
-+        grub_uint8_t byte3;
++  grub_uint8_t byte1;
-+        grub_uint8_t cmo;
++  grub_uint8_t byte2;
-+        grub_uint8_t associativity;
++  grub_uint8_t byte3;
-+        grub_uint8_t bin_opts;
++  grub_uint8_t cmo;
-+        grub_uint8_t micro_checkpoint;
++  grub_uint8_t associativity;
-+        grub_uint8_t reserved0;
++  grub_uint8_t bin_opts;
-+        grub_uint32_t max_cpus;
++  grub_uint8_t micro_checkpoint;
-+} __attribute__((packed));
++  grub_uint8_t reserved0;
++  grub_uint32_t max_cpus;
++} GRUB_PACKED;
 +
- struct pvr_entry {
++struct pvr_entry
++{
    grub_uint32_t mask;
    grub_uint32_t entry;
-@@ -329,6 +341,8 @@ struct cas_vector {
+ };
+@@ -329,7 +343,9 @@ struct cas_vector {
    grub_uint16_t vec3;
    grub_uint8_t vec4_size;
    grub_uint16_t vec4;
+-} __attribute__((packed));
 +  grub_uint8_t vec5_size;
 +  struct option_vector5 vec5;
- } __attribute__((packed));
++} GRUB_PACKED;
  
  /* Call ibm,client-architecture-support to try to get more RMA.
-@@ -349,7 +363,7 @@ grub_ieee1275_ibm_cas (void)
+    We ask for 512MB which should be enough to verify a distro kernel.
+@@ -349,7 +365,7 @@ grub_ieee1275_ibm_cas (void)
    } args;
    struct cas_vector vector = {
      .pvr_list = { { 0x00000000, 0xffffffff } }, /* any processor */
@@ -57,17 +65,19 @@ index 7d7178d3e..3aa40313f 100644
      .vec1_size = 0,
      .vec1 = 0x80, /* ignore */
      .vec2_size = 1 + sizeof(struct option_vector2) - 2,
-@@ -360,6 +374,10 @@ grub_ieee1275_ibm_cas (void)
+@@ -359,7 +375,11 @@ grub_ieee1275_ibm_cas (void)
+     .vec3_size = 2 - 1,
      .vec3 = 0x00e0, // ask for FP + VMX + DFP but don't halt if unsatisfied
      .vec4_size = 2 - 1,
-     .vec4 = 0x0001, // set required minimum capacity % to the lowest value
+-    .vec4 = 0x0001, // set required minimum capacity % to the lowest value
-+    .vec5_size = 1 + sizeof(struct option_vector5) - 2,
++    .vec4 = 0x0001, /* set required minimum capacity % to the lowest value */
++    .vec5_size = 1 + sizeof (struct option_vector5) - 2,
 +    .vec5 = {
-+	0, 0, 0, 0, 0, 0, 0, 0, 256
++      0, 192, 0, 128, 0, 0, 0, 0, 256
 +    }
    };
  
    INIT_IEEE1275_COMMON (&args.common, "call-method", 3, 2);
 -- 
-2.35.3
+2.39.1
 

0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch

@@ -1,28 +1,34 @@
-From 12378be5243c1c02ce28de2e5703e87197c69157 Mon Sep 17 00:00:00 2001
+From e5bba1012e34597215684aa948bbc30093faa750 Mon Sep 17 00:00:00 2001
 From: Michael Chang <mchang@suse.com>
-Date: Mon, 29 Aug 2022 11:28:28 +0800
+Date: Fri, 7 Oct 2022 13:37:10 +0800
-Subject: [PATCH] tpm: Disable tpm verifier if tpm is not present
+Subject: [PATCH 2/2] tpm: Disable tpm verifier if tpm is not present
 
-This helps to prevent out of memory error when reading large files via disablig
+This helps to prevent out of memory error when reading large files via
-tpm device as verifier has to read all content into memory in one chunk to
+disabling tpm device as verifier has to read all content into memory in
-measure the hash and extend to tpm.
+one chunk to measure the hash and extend to tpm.
+
+For ibmvtpm driver support this change here would be needed. It helps to
+prevent much memory consuming tpm subsystem from being activated when no
+vtpm device present.
 
 Signed-off-by: Michael Chang <mchang@suse.com>
+Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 ---
- grub-core/commands/efi/tpm.c |   37 +++++++++++++++++++++++++++++++++++++
+ grub-core/commands/efi/tpm.c          | 37 +++++++++++++++++++++++++++
- grub-core/commands/tpm.c     |    4 ++++
+ grub-core/commands/ieee1275/ibmvtpm.c | 16 +++++++-----
- include/grub/tpm.h           |    1 +
+ grub-core/commands/tpm.c              |  4 +++
- 3 files changed, 42 insertions(+)
+ include/grub/tpm.h                    |  1 +
+ 4 files changed, 52 insertions(+), 6 deletions(-)
 
 --- a/grub-core/commands/efi/tpm.c
 +++ b/grub-core/commands/efi/tpm.c
-@@ -349,3 +349,40 @@
+@@ -397,3 +397,40 @@
  
    return result;
  }
 +
 +int
-+grub_tpm_present ()
++grub_tpm_present (void)
 +{
 +  grub_efi_handle_t tpm_handle;
 +  grub_efi_uint8_t protocol_version;
@@ -57,9 +63,38 @@ Signed-off-by: Michael Chang <mchang@suse.com>
 +      return grub_tpm2_present (tpm);
 +    }
 +}
+--- a/grub-core/commands/ieee1275/ibmvtpm.c
++++ b/grub-core/commands/ieee1275/ibmvtpm.c
+@@ -136,12 +136,6 @@
+ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
+ 		  const char *description)
+ {
+-  grub_err_t err = tpm_init();
+-
+-  /* Absence of a TPM isn't a failure. */
+-  if (err != GRUB_ERR_NONE)
+-    return GRUB_ERR_NONE;
+-
+   grub_dprintf ("tpm", "log_event, pcr = %d, size = 0x%" PRIxGRUB_SIZE ", %s\n",
+ 		pcr, size, description);
+ 
+@@ -150,3 +144,13 @@
+ 
+   return GRUB_ERR_NONE;
+ }
++
++int
++grub_tpm_present (void)
++{
++  /*
++   * Call tpm_init() 'late' rather than from GRUB_MOD_INIT() so that device nodes
++   * can be found.
++   */
++  return tpm_init() == GRUB_ERR_NONE;
++}
 --- a/grub-core/commands/tpm.c
 +++ b/grub-core/commands/tpm.c
-@@ -291,6 +291,8 @@
+@@ -311,6 +311,8 @@
  
  GRUB_MOD_INIT (tpm)
  {
@@ -68,7 +103,7 @@ Signed-off-by: Michael Chang <mchang@suse.com>
    grub_verifier_register (&grub_tpm_verifier);
  
    cmd = grub_register_extcmd ("tpm_record_pcrs", grub_tpm_record_pcrs, 0,
-@@ -301,6 +303,8 @@
+@@ -321,6 +323,8 @@
  
  GRUB_MOD_FINI (tpm)
  {

grub2.changes

@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Wed Feb 22 07:08:44 UTC 2023 - Michael Chang <mchang@suse.com>
+
+- Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024)
+  * 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch
+  * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
+- Fix lpar got hung at grub after inactive migration (bsc#1207684)
+  * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch
+- Rediff
+  * safe_tpm_pcr_snapshot.patch
+- Patch supersceded
+  * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
+
 -------------------------------------------------------------------
 Wed Feb 15 07:09:39 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
 

grub2.spec

@@ -438,7 +438,6 @@ Patch915:       tpm-protector-export-secret-key.patch
 Patch916:       grub-install-record-pcrs.patch
 Patch917:       grub-unseal-debug.patch
 # efi mm
-Patch918:       0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
 Patch919:       0001-mm-Allow-dynamically-requesting-additional-memory-re.patch
 Patch920:       0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch
 Patch921:       0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch
@@ -495,6 +494,9 @@ Patch968:       0012-tpm2-initialize-the-PCR-selection-list-early.patch
 Patch969:       0013-tpm2-support-unsealing-key-with-authorized-policy.patch
 # Set efi variables LoaderDevicePartUUID & LoaderInfo (needed for UKI)
 Patch970:       grub2-add-module-for-boot-loader-interface.patch
+# Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024)
+Patch971:       0001-ieee1275-Further-increase-initially-allocated-heap-f.patch
+Patch972:       0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
 
 Requires:       gettext-runtime
 %if 0%{?suse_version} >= 1140

safe_tpm_pcr_snapshot.patch

@@ -55,7 +55,7 @@
    if (argc == 0)
      pcr_bitmask = GRUB2_PCR_BITMASK_DEFAULT;
    else
-@@ -287,13 +295,28 @@
+@@ -287,6 +295,18 @@
    return rv;
  }
  
@@ -74,32 +74,6 @@
  static grub_extcmd_t cmd;
  
  GRUB_MOD_INIT (tpm)
- {
--  if (!grub_tpm_present())
--    return;
-+#ifdef GRUB_MACHINE_EFI
-+  if (grub_tpm_present())
-+    grub_verifier_register (&grub_tpm_verifier);
-+#else
-   grub_verifier_register (&grub_tpm_verifier);
-+#endif
- 
-   cmd = grub_register_extcmd ("tpm_record_pcrs", grub_tpm_record_pcrs, 0,
- 			      N_("LIST_OF_PCRS"),
-@@ -303,8 +326,11 @@
- 
- GRUB_MOD_FINI (tpm)
- {
--  if (!grub_tpm_present())
--    return;
-+#ifdef GRUB_MACHINE_EFI
-+  if (grub_tpm_present())
-+    grub_verifier_unregister (&grub_tpm_verifier);
-+#else
-   grub_verifier_unregister (&grub_tpm_verifier);
-+#endif
-   grub_unregister_extcmd (cmd);
- }
 --- a/util/grub-install.c
 +++ b/util/grub-install.c
 @@ -1457,8 +1457,9 @@