rpm/tboot
SHA256
1
0
Fork 0
forked from pool/tboot
Code Pull Requests Activity

- add tboot-bsc#1207833-copy-mbi.patch: correctly move MBI from a lower

Browse Source 
address above tboot (bsc#1207833). This fixes a broken boot situation in
  some configurations stopping with log line "TBOOT: loader context was moved
  from 0x<address> to 0x<address>".
  this patch syncs the Factory package with the SLE package. For some reason I
  forgot to add the patch to Factory first. Also upstream did not react to the
  patch, that I posted to their mailing list, so it's not contained in the
  upstream tarball.

OBS-URL: https://build.opensuse.org/package/show/security/tboot?expand=0&rev=118
This commit is contained in:
Matthias Gerstner 2024-06-25 07:38:05 +00:00 committed by Git OBS Bridge
parent 077993b9b0
commit d464f59886
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
tboot-bsc#1207833-copy-mbi.patch Normal file
View File

@ -0,0 +1,24 @@
--- tboot-1.10.2/tboot/common/loader.c.orig 2023-05-31 01:49:45.935321582 -0500
+++ tboot-1.10.2/tboot/common/loader.c 2023-05-31 01:57:27.914405762 -0500
@@ -1099,11 +1099,17 @@ move_modules(loader_ctx *lctx)
if ( below_tboot(lowest) )
from = lowest;
- else
- if ( below_tboot((unsigned long)lctx->addr) )
+
+ /*
+ * if MBI is below tboot & the lowest module, make sure it gets
+ * copied, too!
+ */
+ if ( below_tboot((unsigned long)lctx->addr) &&
+ (unsigned long)lctx->addr < lowest )
from = (unsigned long)lctx->addr;
- else
- return;
+
+ if (from == 0)
+ return;
unsigned long highest = get_highest_mod_end(lctx);
unsigned long to = PAGE_UP(highest);

13
tboot.changes
View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Tue Jun 25 07:34:57 UTC 2024 - Matthias Gerstner <matthias.gerstner@suse.com>
- add tboot-bsc#1207833-copy-mbi.patch: correctly move MBI from a lower
address above tboot (bsc#1207833). This fixes a broken boot situation in
some configurations stopping with log line "TBOOT: loader context was moved
from 0x<address> to 0x<address>".
this patch syncs the Factory package with the SLE package. For some reason I
forgot to add the patch to Factory first. Also upstream did not react to the
patch, that I posted to their mailing list, so it's not contained in the
upstream tarball.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Jun 17 13:09:34 UTC 2024 - Matthias Gerstner <matthias.gerstner@suse.com> Mon Jun 17 13:09:34 UTC 2024 - Matthias Gerstner <matthias.gerstner@suse.com>

1
tboot.spec
View File

@ -30,6 +30,7 @@ Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch
Patch7: tboot-distributor.patch Patch7: tboot-distributor.patch
Patch8: tboot-grub2-refuse-secure-boot.patch Patch8: tboot-grub2-refuse-secure-boot.patch
Patch9: tboot-bsc#1207833-copy-mbi.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
ExclusiveArch: %{ix86} x86_64 ExclusiveArch: %{ix86} x86_64
BuildRequires: openssl-devel BuildRequires: openssl-devel