pool/grub2
SHA256
18
1
Fork 4
Code Issues Pull Requests Activity
1,064 Commits 3 Branches 0 Tags
slfo-main
Commit Graph

1064 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
7bebe4975c Accepting request 1310602 from openSUSE:Factory 
https://bugzilla.opensuse.org/show_bug.cgi?id=1251862

OBS-URL: https://build.opensuse.org/request/show/1310602
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=375
 2025-10-10 15:10:13 +00:00
Dominique Leuenberger
2947cf51fa Accepting request 1310602 from openSUSE:Factory 
https://bugzilla.opensuse.org/show_bug.cgi?id=1251862

OBS-URL: https://build.opensuse.org/request/show/1310602
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=375
 2025-10-10 15:10:13 +00:00
Dominique Leuenberger
6ae9de2829 Accepting request 1309413 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1309413
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=374
 2025-10-08 16:12:32 +00:00
Michael Chang
65b3a4a414 - make grub plugin compatible with snapper's plugin API (bsc#1246172) 
- clean up some unused code

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=567
 2025-10-07 05:06:55 +00:00
Ana Guerrero
928faeb505 Accepting request 1306728 from Base:System 
- turn off page flipping for i386-pc using VBE video backend (bsc#1245636)
  * grub2-i386-pc-no-pageflipping.patch

- Fix boot hangs in setting up serial console when ACPI SPCR table is present
  and redirection is disabled (bsc#1249088)
  * 0001-term-ns8250-spcr-Return-if-redirection-is-disabled.patch

OBS-URL: https://build.opensuse.org/request/show/1306728
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=373
 2025-09-23 18:47:08 +00:00
Steffen Winterfeldt
462262e6ea - turn off page flipping for i386-pc using VBE video backend (bsc#1245636) 
* grub2-i386-pc-no-pageflipping.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=566
 2025-09-23 12:32:51 +00:00
Steffen Winterfeldt
3872727a8d - Fix boot hangs in setting up serial console when ACPI SPCR table is present 
and redirection is disabled (bsc#1249088)
  * 0001-term-ns8250-spcr-Return-if-redirection-is-disabled.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=565
 2025-09-23 12:29:27 +00:00
Steffen Winterfeldt
8c20cdcab0 osc copypac from project:Base:System package:grub2 revision:562 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=564
 2025-09-23 12:29:12 +00:00
Steffen Winterfeldt
4085ef8f96 - turn off page flipping for i386-pc using VBE video backend (bsc#1245636) 
* grub2-i386-pc-no-pageflipping.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=563
 2025-09-23 09:32:53 +00:00
Ana Guerrero
7437f32a34 Accepting request 1304184 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1304184
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=372
 2025-09-12 19:09:17 +00:00
Michael Chang
3db63b85e2 - Add support for LoaderEntryDefault EFI variable 
* grub2-bls-loader-entry-default.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=562
 2025-09-12 04:09:11 +00:00
Ana Guerrero
f509f29f48 Accepting request 1303110 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1303110
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=371
 2025-09-08 11:05:03 +00:00
Michael Chang
c90e5054ec - Optimize PBKDF2 to reduce the decryption time 
* 0001-lib-crypto-Introduce-new-HMAC-functions-to-reuse-buf.patch
  * 0002-lib-pbkdf2-Optimize-PBKDF2-by-reusing-HMAC-handle.patch
  * 0001-kern-misc-Implement-faster-grub_memcpy-for-aligned-b.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=561
 2025-09-08 04:52:47 +00:00
Dominique Leuenberger
ef9fe84701 Accepting request 1299305 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1299305
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=370
 2025-08-15 19:51:02 +00:00
Michael Chang
29e0b8290c - UEFI NX support and NX Linux loader using shim loader protocol (bsc#1205588) 
(jsc#PED-13361)
  * 0001-modules-Make-.module_license-read-only.patch
  * 0002-modules-Strip-.llvm_addrsig-sections-and-similar.patch
  * 0003-modules-Don-t-allocate-space-for-non-allocable-secti.patch
  * 0004-modules-Load-module-sections-at-page-aligned-address.patch
  * 0005-nx-Add-memory-attribute-get-set-API.patch
  * 0006-nx-Set-page-permissions-for-loaded-modules.patch
  * 0007-nx-Set-the-NX-compatible-flag-for-the-GRUB-EFI-image.patch
  * 0008-efi-Provide-wrappers-for-load_image-start_image-and-.patch
  * 0009-efi-sb-Add-support-for-the-shim-loader-protocol.patch
  * 0010-efi-sb-Add-API-for-retrieving-shim-loader-image-hand.patch
  * 0011-loader-efi-chainloader-Use-shim-loader-image-handle-.patch
  * 0012-loader-efi-linux-Use-shim-loader-image-handle-where-.patch
  * 0013-nx-Rename-GRUB_DL_ALIGN-to-DL_ALIGN.patch
- Fallback for legacy shim lock protocol while secure boot is enabled
  * 0001-linux-fallback-to-EFI-handover-on-x86_64.patch
  * 0002-linux-fallback-to-direct-PE-entry-boot-on-arm64.patch
  * 0003-efi-chainloader-fallback-to-direct-image-execution.patch
  * 0004-efi-chainloader-fix-missing-file_path-in-loaded_imag.patch
- Removed patch
  * 0001-xen_boot-add-missing-grub_arch_efi_linux_load_image_.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=560
 2025-08-14 02:40:02 +00:00
Dominique Leuenberger
0108c5290e Accepting request 1298703 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1298703
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=369
 2025-08-12 15:03:08 +00:00
Michael Chang
4962b71520 - Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953) 
* 0001-tcp-Fix-TCP-port-number-reused-on-reboot.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=559
 2025-08-11 02:50:27 +00:00
Dominique Leuenberger
e3c4848fca Accepting request 1297414 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1297414
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=368
 2025-08-07 14:48:22 +00:00
Michael Chang
575dbfe9e9 - Skip mount point in grub_find_device function (bsc#1246231) 
* 0001-getroot-Skip-mount-points-in-grub_find_device.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=558
 2025-08-04 07:44:31 +00:00
Dominique Leuenberger
0f03cac870 Accepting request 1296922 from Base:System 
- Fix CVE-2024-56738: side-channel attack due to not constant-time
  algorithm in grub_crypto_memcmp (bsc#1234959)
  * grub2-constant-time-grub_crypto_memcmp.patch

- Update the bug tag for 0001-tpm2-Add-extra-RSA-SRK-types.patch

OBS-URL: https://build.opensuse.org/request/show/1296922
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=367
 2025-08-03 11:36:23 +00:00
Gary Ching-Pang Lin
03767e119a Update the bug tag for 0001-tpm2-Add-extra-RSA-SRK-types.patch 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=557
 2025-08-01 03:01:52 +00:00
Gary Ching-Pang Lin
5bb0fbd333 - Fix CVE-2024-56738: side-channel attack due to not constant-time 
algorithm in grub_crypto_memcmp (bsc#1234959)
  * grub2-constant-time-grub_crypto_memcmp.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=556
 2025-08-01 02:45:33 +00:00
Ana Guerrero
d5a0d02491 Accepting request 1294250 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1294250
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=366
 2025-07-20 13:28:03 +00:00
Michael Chang
cce4084b41 - Fix test -f and -s do not work properly over the network files served via 
tftp and http (bsc#1246157) (bsc#1246237)
  * 0001-test-Fix-f-test-on-files-over-network.patch
  * 0002-http-Return-HTTP-status-code-in-http_establish.patch
  * 0003-docs-Clarify-test-for-files-on-TFTP-and-HTTP.patch
  * 0004-tftp-Fix-hang-when-file-is-a-directory.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=555
 2025-07-18 04:19:54 +00:00
Ana Guerrero
13af96e7d7 Accepting request 1291823 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1291823
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=365
 2025-07-11 19:29:15 +00:00
Michael Chang
51c5d518ab - Enable loongarch64 build (bsc#1234248) 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=554
 2025-07-11 05:40:08 +00:00
Michael Chang
afe8a1f0a5 - Backport upstream disk password retry (bsc#1245545) 
* 0001-disk-cryptodisk-Allow-user-to-retry-failed-passphras.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=553
 2025-07-11 05:13:27 +00:00
Ana Guerrero
4a3674e455 Accepting request 1289402 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1289402
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=364
 2025-07-02 10:07:32 +00:00
Michael Chang
f53e8a6886 - Fix bls_bumpcounter breaking FDE (bsc#1243842) 
* grub2-blsbumpcounter-menu.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=552
 2025-07-01 07:41:34 +00:00
Dominique Leuenberger
e61685c1c9 Accepting request 1281004 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1281004
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=363
 2025-05-31 17:14:27 +00:00
Michael Chang
7c31296e04 - Use /etc/SUSE-brand to display OS label (bsc#1239169) 
* 0001-mkconfig-Determine-GRUB_DISTRIBUTOR-from-etc-SUSE-br.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=551
 2025-05-29 04:33:22 +00:00
Michael Chang
cda3e9a045 - Add support for LoaderEntryOneshot 
* grub2-bls-loader-entry-oneshot.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=550
 2025-05-28 10:09:06 +00:00
Ana Guerrero
e29bf98e29 Accepting request 1278957 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1278957
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=362
 2025-05-23 12:29:07 +00:00
Michael Chang
c463ace229 - Fix product name missing in snapshot list (bsc#1243162) 
* grub2-snapper-plugin.sh

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=549
 2025-05-21 06:19:49 +00:00
Michael Chang
68b2283712 - Fix incorrect nvme disks and boot order in bootlist output (bsc#1237174) 
* 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=548
 2025-05-20 05:11:19 +00:00
Ana Guerrero
fa4bf43e5e Accepting request 1276721 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1276721
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=361
 2025-05-13 18:12:05 +00:00
Michael Chang
48391de1c2 - Fix CVE-2025-4382: TPM auto-decryption data exposure (bsc#1242971) 
* 0001-kern-rescue_reader-Block-the-rescue-mode-until-the-C.patch
  * 0002-commands-search-Introduce-the-cryptodisk-only-argume.patch
  * 0003-disk-diskfilter-Introduce-the-cryptocheck-command.patch
  * 0004-commands-search-Add-the-diskfilter-support.patch
  * 0005-docs-Document-available-crypto-disks-checks.patch
  * 0006-disk-cryptodisk-Add-the-erase-secrets-function.patch
  * 0007-disk-cryptodisk-Wipe-the-passphrase-from-memory.patch
  * 0008-cryptocheck-Add-quiet-option.patch
- patch rebased
  * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
  * 0004-Key-revocation-on-out-of-bound-file-access.patch
- patch refrehed
  * 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch
  * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=547
 2025-05-12 06:38:05 +00:00
Dominique Leuenberger
1661d1c96c Accepting request 1273319 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1273319
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=360
 2025-04-29 14:39:46 +00:00
Michael Chang
3883c7dd4a - grub2-common: use fuse3 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=546
 2025-04-29 07:08:25 +00:00
Michael Chang
b983f3a284 Correct patch file name in previous SR. 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=545
 2025-04-28 03:55:36 +00:00
Michael Chang
032390ea7d - Add support for boot assessment, needed by health-checker 
* grub2-bls-boot-counting.patch
  * grub2-bls-boot-assessment.patch
  * grub2-bls-show-snapshot.patch
  * grub2-blscfg-fix-hang.patch
  * grub2-blscfg-set-efivars.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=544
 2025-04-28 03:48:46 +00:00
Ana Guerrero
f1b1a65d52 Accepting request 1272144 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1272144
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=359
 2025-04-24 15:25:03 +00:00
Michael Chang
a06e684503 - Fix reading bls fragments in file-system dependent order that is not 
predictable (bsc#1241046)
  * 0001-blscfg-read-fragments-in-order.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=543
 2025-04-23 10:30:12 +00:00
Michael Chang
b46ca08141 - Fix PPC CAS reboot failure work when initiated via submenu (bsc#1241132) 
* 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=542
 2025-04-23 08:57:39 +00:00
Ana Guerrero
b2a0c64894 Accepting request 1269746 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1269746
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=358
 2025-04-16 18:38:04 +00:00
Michael Chang
f56f2d4310 add grub2-string-initializer.patch, part of upstream gnulib patch, to fix gcc15 compile time error (bsc#1239884) 
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=541
 2025-04-16 00:31:16 +00:00
Ana Guerrero
c686ed8e88 Accepting request 1269414 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1269414
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=357
 2025-04-15 18:47:01 +00:00
Michael Chang
55e98eca8c - Measure the envblk used by pre_loadenv 
* 0001-prep_loadenv-Measure-the-environment-block-into-PCR-.patch
- Enable PowerPC 64 support for tss2 and tpm2_key_protector
  * 0001-tpm2_key_protector-Add-grub-emu-support.patch
  * 0001-tss2-Adjust-bit-fields-for-big-endian-targets.patch
  * 0002-term-ieee1275-serial-Cast-0-to-proper-type.patch
  * 0003-ieee1275-Consolidate-repeated-definitions-of-IEEE127.patch
  * 0004-ieee1275-ibmvpm-Move-TPM-initialization-functions-to.patch
  * 0005-ieee1275-tcg2-Refactor-grub_ieee1275_tpm_init.patch
  * 0006-ieee1275-tcg2-Add-TCG2-driver-for-ieee1275-PowerPC-f.patch
  * 0007-tpm2_key_protector-Enable-build-for-powerpc_ieee1275.patch
- Dump PCRs when TPM unsealing fails
  * 0001-tpm2_key_protector-Dump-PCRs-on-policy-fail.patch
  * 0002-tpm2_key_protector-Add-tpm2_dump_pcr-command.patch
- Add 'NV index' handle support to tpm2_key_protector
  * 0003-tss2-Fix-the-missing-authCommand.patch
  * 0004-tss2-Add-TPM-2.0-NV-index-commands.patch
  * 0005-tpm2_key_protector-Unseal-key-from-a-buffer.patch
  * 0006-tpm2_key_protector-Support-NV-index-handles.patch
  * 0007-util-grub-protect-Support-NV-index-mode.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=540
 2025-04-15 04:10:27 +00:00
Ana Guerrero
0f7a4c5987 Accepting request 1267829 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/1267829
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=356
 2025-04-09 19:49:16 +00:00
Michael Chang
4124e2a54b We currently use simpledrm for early graphics on PCs. As you mention, we set gfxpayload in Grub to forward information about the system's framebuffer to the kernel. Simpledrm picks up the framebuffer for displaying graphics. 
The driver is good enough for the job, we can do better on platforms with EFI or VESA graphics. There are currently two drivers under review at https://patchwork.freedesktop.org/series/146477/. I expect them to enter upstream in v6.16. These drivers can use the EDID data provided by EFI and VESA interfaces. This allows user space, such as Gnome, to pick up information about the output device. On vesadrm, Gnome even supports gamma correction.

With EFI systems, we'll fetch the EDID during the kernel's early boot stages. On VESA systems, we need the EDID information being passed on from Grub. The gfxpayload options only forwards information about the framebuffer itself (size, colors, memory address), but not information about the display device.

To our advantage, the kernel already contains real-mode code for fetching the VESA EDID; see https://elixir.bootlin.com/linux/v6.13.7/source/arch/x86/boot/video-vesa.c#L236. Hence there's already the edid_info field in the boot parameters. But this code only runs when booting with Grub's 'linux16' (or old LILO). Modern Grub never utilized the field or provided the EDID information at all. That's what this patch implements.

I've opened bsc#1240624 to track the progress of this project.

- Add grub2-provide-edid.patch: Grub2 already retrieves the EDID
  from video adapters. Copy the raw data into the Linux kernel boot
  parameters, so that Linux can use this information. The necessary
  fields have been present in the boot parameters since at least
  commit f8eeaaf41803 ("[PATCH] Make the bzImage format
  self-terminating"), but never used. Within the kernel, the EDID
  data will be propagated to graphics drivers and finally to user
  space. (bsc#1240624)

OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=539
 2025-04-08 07:19:13 +00:00