8ee92f5194
- Implement NV index mode for TPM 2.0 key protector
0001-protectors-Implement-NV-index.patch
- Fall back to passphrase mode when the key protector fails to
unlock the disk
0002-cryptodisk-Fallback-to-passphrase.patch
- Wipe out the cached key cleanly
0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch
- Make diskfiler to look up cryptodisk devices first
0004-diskfilter-look-up-cryptodisk-devices-first.patch
- Version bump to 2.12~rc1
* Added:
- grub-2.12~rc1.tar.xz
* Removed:
- grub-2.06.tar.xz
* Patch dropped merged by new version:
- grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch
- grub2-s390x-02-kexec-module-added-to-emu.patch
- grub2-efi-chainloader-root.patch
- grub2-Fix-incorrect-netmask-on-ppc64.patch
- 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch
- 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch
- 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch
- grub2-s390x-10-keep-network-at-kexec.patch
- 0001-Fix-build-error-in-binutils-2.36.patch
- 0001-emu-fix-executable-stack-marking.patch
- 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch
- 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch
- 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch
- 0001-Filter-out-POSIX-locale-for-translation.patch
OBS-URL: https://build.opensuse.org/request/show/1105405
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=458
91 lines
3.1 KiB
Diff
91 lines
3.1 KiB
Diff
From c31fc5aa0ded9ce1e774d0a3526cfee19be1b77f Mon Sep 17 00:00:00 2001
|
|
From: Michael Chang <mchang@suse.com>
|
|
Date: Mon, 7 Feb 2022 20:49:01 +0800
|
|
Subject: [PATCH 3/5] grub-install: support prep environment block
|
|
|
|
The grub-install can be instructed to create environment block at end of
|
|
PReP paritition with probed device identities and properties in
|
|
variables to facilitate root device discovery. So far these variables
|
|
are defined for this purpose:
|
|
|
|
ENV_FS_UUID - The filesystem uuid for the grub root device
|
|
ENV_CRYPTO_UUID - The crytodisk uuid for the grub root device
|
|
ENV_GRUB_DIR - The path to grub prefix directory
|
|
ENV_HINT - The recommended hint string for searching root device
|
|
|
|
The size of environment block is defined in GRUB_ENVBLK_PREP_SIZE which
|
|
is 4096 bytes and can be extended in the future.
|
|
|
|
Signed-off-by: Michael Chang <mchang@suse.com>
|
|
---
|
|
include/grub/lib/envblk.h | 3 +++
|
|
util/grub-install.c | 38 ++++++++++++++++++++++++++++++++++++++
|
|
2 files changed, 41 insertions(+)
|
|
|
|
--- a/include/grub/lib/envblk.h
|
|
+++ b/include/grub/lib/envblk.h
|
|
@@ -24,6 +24,9 @@
|
|
|
|
#ifndef ASM_FILE
|
|
|
|
+#include <grub/disk.h>
|
|
+#define GRUB_ENVBLK_PREP_SIZE (GRUB_DISK_SECTOR_SIZE << 3)
|
|
+
|
|
struct grub_envblk
|
|
{
|
|
char *buf;
|
|
--- a/util/grub-install.c
|
|
+++ b/util/grub-install.c
|
|
@@ -43,6 +43,7 @@
|
|
#include <grub/util/ofpath.h>
|
|
#include <grub/hfsplus.h>
|
|
#include <grub/time.h>
|
|
+#include <grub/lib/envblk.h>
|
|
|
|
#include <string.h>
|
|
|
|
@@ -2138,6 +2139,43 @@
|
|
if (write_to_disk (ins_dev, imgfile))
|
|
grub_util_error ("%s", _("failed to copy Grub to the PReP partition"));
|
|
grub_set_install_backup_ponr ();
|
|
+
|
|
+ if ((signed_grub_mode >= SIGNED_GRUB_FORCE) || ((signed_grub_mode == SIGNED_GRUB_AUTO) && (ppc_sb_state > 0)))
|
|
+ {
|
|
+ char *uuid = NULL;
|
|
+ const char *cryptouuid = NULL;
|
|
+ grub_envblk_t envblk = NULL;
|
|
+ char *buf;
|
|
+
|
|
+ /* TODO: Add LVM/RAID on encrypted partitions */
|
|
+ if (grub_dev->disk && grub_dev->disk->dev->id == GRUB_DISK_DEVICE_CRYPTODISK_ID)
|
|
+ cryptouuid = grub_util_cryptodisk_get_uuid (grub_dev->disk);
|
|
+ if (grub_fs->fs_uuid && grub_fs->fs_uuid (grub_dev, &uuid))
|
|
+ {
|
|
+ grub_print_error ();
|
|
+ grub_errno = 0;
|
|
+ uuid = NULL;
|
|
+ }
|
|
+ buf = grub_envblk_buf (GRUB_ENVBLK_PREP_SIZE);
|
|
+ envblk = grub_envblk_open (buf, GRUB_ENVBLK_PREP_SIZE);
|
|
+ if (uuid)
|
|
+ grub_envblk_set (envblk, "ENV_FS_UUID", uuid);
|
|
+ if (cryptouuid)
|
|
+ grub_envblk_set (envblk, "ENV_CRYPTO_UUID", cryptouuid);
|
|
+ if (relative_grubdir)
|
|
+ grub_envblk_set (envblk, "ENV_GRUB_DIR", relative_grubdir);
|
|
+ if (have_abstractions)
|
|
+ grub_envblk_set (envblk, "ENV_HINT", grub_dev->disk->name);
|
|
+ if (use_relative_path_on_btrfs)
|
|
+ grub_envblk_set (envblk, "btrfs_relative_path", "1");
|
|
+ if (envblk)
|
|
+ {
|
|
+ fprintf (stderr, _("Write environment block to PReP.\n"));
|
|
+ if (grub_disk_write_tail (ins_dev->disk, envblk->size, envblk->buf))
|
|
+ grub_util_error ("%s", _("failed to write environment block to the PReP partition"));
|
|
+ }
|
|
+ grub_envblk_close (envblk);
|
|
+ }
|
|
grub_device_close (ins_dev);
|
|
if (update_nvram)
|
|
grub_install_register_ieee1275 (1, grub_util_get_os_disk (install_device),
|