From 6c125c6d3a18d4d2fe49195dd3e7059f76989351377e22d0e66781ff97091169 Mon Sep 17 00:00:00 2001 From: Jiri Slaby Date: Fri, 29 Mar 2013 08:58:57 +0000 Subject: [PATCH] Accepting request 161696 from home:arvidjaar:branches:Base:System - corretly set chainloaded image device handle in secure boot mode (bnc#809038) OBS-URL: https://build.opensuse.org/request/show/161696 OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=33 --- grub2-secureboot-chainloader.patch | 49 +++++++++++++++++++++--------- grub2.changes | 5 +++ grub2.spec | 2 +- 3 files changed, 40 insertions(+), 16 deletions(-) diff --git a/grub2-secureboot-chainloader.patch b/grub2-secureboot-chainloader.patch index 7121229..9d1c853 100644 --- a/grub2-secureboot-chainloader.patch +++ b/grub2-secureboot-chainloader.patch @@ -21,11 +21,11 @@ Signed-off-by: Michael Chang grub-core/loader/efi/chainloader.c | 538 +++++++++++++++++++++++++++++++++-- 1 files changed, 507 insertions(+), 31 deletions(-) -diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c -index 3f3e6e3..12e1aff 100644 ---- a/grub-core/loader/efi/chainloader.c -+++ b/grub-core/loader/efi/chainloader.c -@@ -36,15 +36,30 @@ +Index: grub-2.00/grub-core/loader/efi/chainloader.c +=================================================================== +--- grub-2.00.orig/grub-core/loader/efi/chainloader.c ++++ grub-2.00/grub-core/loader/efi/chainloader.c +@@ -36,15 +36,31 @@ #include #include @@ -48,6 +48,7 @@ index 3f3e6e3..12e1aff 100644 static grub_efi_handle_t image_handle; static grub_efi_char16_t *cmdline; +static grub_ssize_t cmdline_len; ++static grub_efi_handle_t dev_handle; + +#ifdef SUPPORT_SECURE_BOOT +static grub_efi_boolean_t debug_secureboot = 0; @@ -56,7 +57,15 @@ index 3f3e6e3..12e1aff 100644 static grub_err_t grub_chainloader_unload (void) -@@ -186,12 +201,458 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename) +@@ -59,6 +75,7 @@ grub_chainloader_unload (void) + grub_free (cmdline); + cmdline = 0; + file_path = 0; ++ dev_handle = 0; + + grub_dl_unref (my_mod); + return GRUB_ERR_NONE; +@@ -186,19 +203,466 @@ make_file_path (grub_efi_device_path_t * return file_path; } @@ -456,6 +465,7 @@ index 3f3e6e3..12e1aff 100644 + li->load_options = cmdline; + li->load_options_size = cmdline_len; + li->file_path = grub_efi_get_media_file_path (file_path); ++ li->device_handle = dev_handle; + if (li->file_path) + { + grub_printf ("file path: "); @@ -493,6 +503,7 @@ index 3f3e6e3..12e1aff 100644 + grub_free (cmdline); + cmdline = 0; + file_path = 0; ++ dev_handle = 0; + + grub_dl_unref (my_mod); + return GRUB_ERR_NONE; @@ -516,7 +527,18 @@ index 3f3e6e3..12e1aff 100644 grub_efi_status_t status; grub_efi_boot_services_t *b; grub_device_t dev = 0; -@@ -213,6 +674,32 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), + grub_efi_device_path_t *dp = 0; + grub_efi_loaded_image_t *loaded_image; + char *filename; +- grub_efi_handle_t dev_handle = 0; + + if (argc == 0) + return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); +@@ -210,9 +674,36 @@ grub_cmd_chainloader (grub_command_t cmd + address = 0; + image_handle = 0; + file_path = 0; ++ dev_handle = 0; b = grub_efi_system_table->boot_services; @@ -549,7 +571,7 @@ index 3f3e6e3..12e1aff 100644 file = grub_file_open (filename); if (! file) goto fail; -@@ -258,14 +745,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), +@@ -258,14 +749,14 @@ grub_cmd_chainloader (grub_command_t cmd grub_printf ("file path: "); grub_efi_print_device_path (file_path); @@ -567,7 +589,7 @@ index 3f3e6e3..12e1aff 100644 status = efi_call_4 (b->allocate_pages, GRUB_EFI_ALLOCATE_ANY_PAGES, GRUB_EFI_LOADER_CODE, -@@ -278,7 +765,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), +@@ -278,7 +769,7 @@ grub_cmd_chainloader (grub_command_t cmd goto fail; } @@ -576,7 +598,7 @@ index 3f3e6e3..12e1aff 100644 { if (grub_errno == GRUB_ERR_NONE) grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), -@@ -287,8 +774,17 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), +@@ -287,8 +778,17 @@ grub_cmd_chainloader (grub_command_t cmd goto fail; } @@ -595,7 +617,7 @@ index 3f3e6e3..12e1aff 100644 &image_handle); if (status != GRUB_EFI_SUCCESS) { -@@ -313,33 +809,10 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), +@@ -313,33 +813,10 @@ grub_cmd_chainloader (grub_command_t cmd grub_file_close (file); @@ -631,7 +653,7 @@ index 3f3e6e3..12e1aff 100644 } grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0); -@@ -358,6 +831,9 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)), +@@ -358,6 +835,9 @@ grub_cmd_chainloader (grub_command_t cmd if (address) efi_call_2 (b->free_pages, address, pages); @@ -641,6 +663,3 @@ index 3f3e6e3..12e1aff 100644 grub_dl_unref (my_mod); return grub_errno; --- -1.7.3.4 - diff --git a/grub2.changes b/grub2.changes index 2ee24d6..9cccc0e 100644 --- a/grub2.changes +++ b/grub2.changes @@ -12,6 +12,11 @@ Mon Mar 25 17:37:59 UTC 2013 - dvaleev@suse.com - extraconfigure macro is not defined on ppc +------------------------------------------------------------------- +Sat Mar 23 18:31:07 UTC 2013 - arvidjaar@gmail.com + +- corretly set chainloaded image device handle in secure boot mode (bnc#809038) + ------------------------------------------------------------------- Wed Mar 13 11:30:52 UTC 2013 - mchang@suse.com diff --git a/grub2.spec b/grub2.spec index e1314ac..754337c 100644 --- a/grub2.spec +++ b/grub2.spec @@ -47,8 +47,8 @@ BuildRequires: python BuildRequires: xz-devel %ifarch x86_64 %if 0%{?suse_version} >= 1230 || 0%{?suse_version} == 1110 -BuildRequires: pesign-obs-integration BuildRequires: openssl >= 0.9.8 +BuildRequires: pesign-obs-integration %endif %endif