From abd496abd931004bee3cd702cc621d000276af842c2b89b63a882396c5547814 Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Thu, 17 Dec 2015 14:53:41 +0000
Subject: [PATCH] Accepting request 349298 from Base:System

1

OBS-URL: https://build.opensuse.org/request/show/349298
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=128
---
 ...ue-when-reading-username-and-passwor.patch | 54 +++++++++++++++++++
 grub2-efi-xen-chainload.patch                 |  2 +-
 ...-Grub2-with-SUSE-Xen-package-install.patch | 40 --------------
 grub2-xen.cfg => grub2-xen-pv-firmware.cfg    | 36 ++++++++-----
 grub2.changes                                 | 30 +++++++++++
 grub2.spec                                    |  6 +--
 6 files changed, 110 insertions(+), 58 deletions(-)
 create mode 100644 0001-Fix-security-issue-when-reading-username-and-passwor.patch
 delete mode 100644 grub2-fix-Grub2-with-SUSE-Xen-package-install.patch
 rename grub2-xen.cfg => grub2-xen-pv-firmware.cfg (85%)

diff --git a/0001-Fix-security-issue-when-reading-username-and-passwor.patch b/0001-Fix-security-issue-when-reading-username-and-passwor.patch
new file mode 100644
index 0000000..9a93256
--- /dev/null
+++ b/0001-Fix-security-issue-when-reading-username-and-passwor.patch
@@ -0,0 +1,54 @@
+From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001
+From: Hector Marco-Gisbert <hecmargi@upv.es>
+Date: Wed, 16 Dec 2015 07:57:18 +0300
+Subject: [PATCH] Fix security issue when reading username and password
+
+This patch fixes two integer underflows at:
+  * grub-core/lib/crypto.c
+  * grub-core/normal/auth.c
+
+CVE-2015-8370
+
+Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
+Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
+Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
+---
+ grub-core/lib/crypto.c  | 3 ++-
+ grub-core/normal/auth.c | 7 +++++--
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
+index 010e550..683a8aa 100644
+--- a/grub-core/lib/crypto.c
++++ b/grub-core/lib/crypto.c
+@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size)
+ 
+       if (key == '\b')
+ 	{
+-	  cur_len--;
++	  if (cur_len)
++	    cur_len--;
+ 	  continue;
+ 	}
+ 
+diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
+index c6bd96e..8615c48 100644
+--- a/grub-core/normal/auth.c
++++ b/grub-core/normal/auth.c
+@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size)
+ 
+       if (key == '\b')
+ 	{
+-	  cur_len--;
+-	  grub_printf ("\b");
++	  if (cur_len)
++	    {
++	      cur_len--;
++	      grub_printf ("\b");
++	    }
+ 	  continue;
+ 	}
+ 
+-- 
+1.9.1
+
diff --git a/grub2-efi-xen-chainload.patch b/grub2-efi-xen-chainload.patch
index 6702593..f0c1196 100644
--- a/grub2-efi-xen-chainload.patch
+++ b/grub2-efi-xen-chainload.patch
@@ -114,7 +114,7 @@ Index: grub-2.02~beta2/util/grub.d/20_linux_xen.in
 +	 	chainloader  \$cmdpath/${xen_basename} ${xen_basename} $section
 +	}
 +	EOF
-+    for f in ${grub_dir}/$xen_cfg ${xen_dir}/${xen_basename} ${rel_dirname}/${basename} ${rel_dirname}/${initrd}; do
++    for f in ${grub_dir}/$xen_cfg ${xen_dir}/${xen_basename} ${dirname}/${basename} ${dirname}/${initrd}; do
 +      cp --preserve=timestamps $f $efi_dir
 +      echo $(basename $f) >> $efi_dir/grub.xen-files
 +    done
diff --git a/grub2-fix-Grub2-with-SUSE-Xen-package-install.patch b/grub2-fix-Grub2-with-SUSE-Xen-package-install.patch
deleted file mode 100644
index 025410f..0000000
--- a/grub2-fix-Grub2-with-SUSE-Xen-package-install.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 86fdefd6b0d447cd7d3d80f794fcd4df2aa96792 Mon Sep 17 00:00:00 2001
-From: Michael Chang <mchang@suse.com>
-Date: Thu, 30 Aug 2012 15:27:50 +0800
-Subject: [PATCH] fix Grub2 with SUSE Xen package install
-
-References: bnc#774666
-Patch-Mainline: no
-
-This fixes Grub2 does not offer a Xen entry after installing hypervisor
-and tools, which is caused by install sequence of xen-kernel and xen is
-unpredictable.
-
-By judging the system is dom0 with xen kernel installed, the xen_list
-will be set to /boot/xen.gz if it's empty. Because the xen kernel would
-trigger the config updated prior to the xen package installation.
----
- util/grub.d/20_linux_xen.in |   13 +++++++++++++
- 1 files changed, 13 insertions(+), 0 deletions(-)
-
-Index: grub-2.02~beta2/util/grub.d/20_linux_xen.in
-===================================================================
---- grub-2.02~beta2.orig/util/grub.d/20_linux_xen.in
-+++ grub-2.02~beta2/util/grub.d/20_linux_xen.in
-@@ -182,6 +182,16 @@ else
-         if grub_file_is_not_garbage "$i" && file_is_not_sym "$i" ; then echo -n "$i " ; fi
-         done`
- fi
-+
-+# bnc#774666 - Grub2 does not offer a Xen entry after installing hypervisor and tools
-+# This is a workaround to the install sequence of xen-kernel and xen is unpredictable
-+if [ "x${xen_list}" = "x" ]; then
-+# If the code reaches here, it means that xen-kernel has been installed, but xen hypervisor
-+# is missing. This is not likely a sane condition for dom0. We assume this is xen-kernel
-+# triggers config update prior to the xen package.
-+    xen_list="/boot/xen.gz"
-+fi
-+
- prepare_boot_cache=
- boot_device_id=
- 
diff --git a/grub2-xen.cfg b/grub2-xen-pv-firmware.cfg
similarity index 85%
rename from grub2-xen.cfg
rename to grub2-xen-pv-firmware.cfg
index 5bb3ab8..788ed86 100644
--- a/grub2-xen.cfg
+++ b/grub2-xen-pv-firmware.cfg
@@ -41,18 +41,33 @@ if [ -n "${suse_cddev_content}" -a -n "${suse_cddev_product}" -a "${suse_cddev_c
     set suse_cddev="${suse_cddev_content}"
 fi
 
-hdcfg_lst="/boot/grub2/grub.cfg \
+hdcfg_list="/boot/grub2/grub.cfg \
 /@/boot/grub2/grub.cfg \
-/boot/grub/menu.lst \
-/grub2/grub.cfg \
+/@/.snapshots/1/snapshot/boot/grub2/grub.cfg \
+/.snapshots/1/snapshot/boot/grub2/grub.cfg \
+/grub2/grub.cfg"
+
+hdlst_list="/boot/grub/menu.lst \
 /grub/menu.lst"
 
-set hdcfg=""
-for c in ${hdcfg_lst}; do
+for c in ${hdcfg_list}; do
     if search -s hddev -f "${c}"; then
-        set hdcfg="${c}"
+        menuentry "${hddev} Boot From Hard Disk ($c)" {
+            set root="${hddev}"
+            configfile "${c}"
+        }
         break
-    fi 
+    fi
+done
+
+for c in ${hdlst_list}; do
+    if search -s hddev -f "${c}"; then
+        menuentry "${hddev} Boot From Hard Disk (${c})" {
+            set root="${hddev}"
+            legacy_configfile "${c}"
+        }
+        break
+    fi
 done
 
 set timeout=0
@@ -113,10 +128,3 @@ if [ -n "${suse_cddev}" ]; then
     fi
 fi
 
-if [ -n "${hddev}" ] ; then
-    set default="Boot From Hard Disk"
-    menuentry "${hddev} Boot From Hard Disk" {
-        set root="${hddev}"
-        configfile "${hdcfg}"
-    }
-fi
diff --git a/grub2.changes b/grub2.changes
index 39960cf..55ca0ac 100644
--- a/grub2.changes
+++ b/grub2.changes
@@ -1,3 +1,33 @@
+-------------------------------------------------------------------
+Wed Dec 16 05:04:37 UTC 2015 - arvidjaar@gmail.com
+
+- Add 0001-Fix-security-issue-when-reading-username-and-passwor.patch
+  Fix for CVE-2015-8370 [boo#956631]
+
+-------------------------------------------------------------------
+Wed Dec  9 18:13:27 UTC 2015 - arvidjaar@gmail.com
+
+- Update grub2-efi-xen-chainload.patch - fix copying of Linux kernel
+  and initrd to ESP (boo#958193)
+
+-------------------------------------------------------------------
+Mon Dec  7 08:03:41 UTC 2015 - olaf@aepfle.de
+
+- Rename grub2-xen.cfg to grub2-xen-pv-firmware.cfg (boo#926795)
+
+-------------------------------------------------------------------
+Fri Dec  4 17:06:17 UTC 2015 - olaf@aepfle.de
+
+- grub2-xen.cfg: to handle grub1 menu.lst in PV guest (boo#926795)
+
+-------------------------------------------------------------------
+Thu Nov 26 10:22:28 UTC 2015 - mchang@suse.com
+
+- Expand list of grub.cfg search path in PV Xen guest for systems
+  installed to btrfs snapshot. (bsc#946148) (bsc#952539) 
+  * modified grub2-xen.cfg
+- drop grub2-fix-Grub2-with-SUSE-Xen-package-install.patch (bsc#774666)
+
 -------------------------------------------------------------------
 Wed Nov 18 19:33:42 UTC 2015 - arvidjaar@gmail.com
 
diff --git a/grub2.spec b/grub2.spec
index 6e303d1..7d8bebb 100644
--- a/grub2.spec
+++ b/grub2.spec
@@ -146,7 +146,7 @@ Source11:       SLES-UEFI-CA-Certificate.crt
 Source12:       grub2-snapper-plugin.sh
 Source14:       80_suse_btrfs_snapshot
 Source15:       grub2-once.service
-Source16:       grub2-xen.cfg
+Source16:       grub2-xen-pv-firmware.cfg
 # required hook for systemd-sleep (bsc#941758)
 Source17:       grub2-systemd-sleep.sh
 Source1000:     PATCH_POLICY
@@ -160,7 +160,6 @@ Patch9:         grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch
 Patch10:        grub2-fix-error-terminal-gfxterm-isn-t-found.patch
 Patch12:        grub2-fix-menu-in-xen-host-server.patch
 Patch15:        not-display-menu-when-boot-once.patch
-Patch16:        grub2-fix-Grub2-with-SUSE-Xen-package-install.patch
 Patch17:        grub2-pass-corret-root-for-nfsroot.patch
 Patch18:        grub2-fix-locale-en.mo.gz-not-found-error-message.patch
 Patch19:        grub2-efi-HP-workaround.patch
@@ -206,6 +205,7 @@ Patch68:        grub2-btrfs-fix-get_root-key-comparison-failures-due-to-en.patch
 Patch69:        grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch
 Patch70:        grub2-default-distributor.patch
 Patch71:        grub2-menu-unrestricted.patch
+Patch72:        0001-Fix-security-issue-when-reading-username-and-passwor.patch
 # Btrfs snapshot booting related patches
 Patch101:       grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
 Patch102:       grub2-btrfs-02-export-subvolume-envvars.patch
@@ -436,7 +436,6 @@ mv po/grub.pot po/%{name}.pot
 %patch10 -p1
 %patch12 -p1
 %patch15 -p1
-%patch16 -p1
 %patch17 -p1
 %patch18 -p1
 %patch19 -p1
@@ -481,6 +480,7 @@ mv po/grub.pot po/%{name}.pot
 %patch69 -p1
 %patch70 -p1
 %patch71 -p1
+%patch72 -p1
 %patch101 -p1
 %patch102 -p1
 %patch103 -p1