grub

Merge ~arbell/grub:lp1965983 into ~ubuntu-core-dev/grub/+git/ubuntu:ubuntu

  1. Git
  2. lp:~arbell/grub
  3. lp1965983
  4. Merge into ubuntu
Proposed by Adam Bell
Status: Rejected
Rejected by: Julian Andres Klode
Proposed branch: ~arbell/grub:lp1965983
Merge into: ~ubuntu-core-dev/grub/+git/ubuntu:ubuntu
Diff against target: 55 lines (+41/-0)
2 files modified
debian/patches/grubcfg-zfs-snapshot-generation-failure.patch (+40/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Julian Andres Klode Pending
Ubuntu Core Development Team Pending
Review via email: mp+417575@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Adam Bell (arbell) wrote :

Hello!

I'll try to keep an eye out for any email notifications about this merge request (since this is a public repo), but I'll be leaving Canonical in a couple of days.
If I do not respond, please ping `@certs` in ~fips on MM -- that team will be able to help.

Once this patch is merged, please contact @kylerhornor on MM; this patch is a prerequisite to a couple of other FIPS patches (which he has) in his customer case SF#00328362.

Thank you!
Adam

Revision history for this message
Mauricio Faria de Oliveira (mfo) wrote :

Updated MR:
https://code.launchpad.net/~mfo/grub/+git/grub/+merge/429026

Revision history for this message
Julian Andres Klode (juliank) wrote :

Rejected in favor of mfo's merged one.

Unmerged commits

b466085... by Adam Bell

ZFS snapshots causing grub.cfg generation failure

In the situation where ZFS snapshots do not contain a .../etc
directory, the generation of /b/g/grub.cfg silently fails, providing no
"linux" kernel lines in the /b/g/grub.cfg file. This patch prevents this
type of failure from occurring. This issue is especially apparent on
systems running in FIPS mode with ZFS boot+root pools. (LP: #1965983)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/patches/grubcfg-zfs-snapshot-generation-failure.patch b/debian/patches/grubcfg-zfs-snapshot-generation-failure.patch
2new file mode 100644
3index 0000000..e21827e
4--- /dev/null
5+++ b/debian/patches/grubcfg-zfs-snapshot-generation-failure.patch
6@@ -0,0 +1,40 @@
7+From: Adam Bell <adam.bell@canonical.com>
8+Date: Thu, 10 Mar 2022 22:22:39 +0700
9+Subject: ZFS snapshots causing grub.cfg generation failure
10+
11+In the situation where ZFS snapshots do not contain a .../etc
12+directory, the generation of /b/g/grub.cfg silently fails, providing no
13+"linux" kernel lines in the /b/g/grub.cfg file. This patch prevents this
14+type of failure from occurring. This issue is especially apparent on
15+systems running in FIPS mode with ZFS boot+root pools. (LP: #1965983)
16+
17+Signed-off-by: Adam Bell <adam.bell@canonical.com>
18+---
19+ util/grub.d/10_linux_zfs.in | 14 +++++++++-----
20+ 1 file changed, 9 insertions(+), 5 deletions(-)
21+
22+diff --git a/util/grub.d/10_linux_zfs.in b/util/grub.d/10_linux_zfs.in
23+index cc4f6bd..8170b46 100755
24+--- a/util/grub.d/10_linux_zfs.in
25++++ b/util/grub.d/10_linux_zfs.in
26+@@ -529,11 +529,15 @@ get_dataset_info() {
27+
28+ umount "${mntdir}" || true
29+ # We needed to look in / for snapshots on root dataset, umount the snapshot for etc before zfs lazily unmount it
30+- case "${etc_dir}" in /.zfs/snapshot/*/etc)
31+- snapshot_path="$(findmnt -n -o TARGET -T "${etc_dir}")"
32+- umount "${snapshot_path}" || true
33+- ;;
34+- esac
35++ # This process only needs to run if the snapshot contains an .../etc path,
36++ # otherwise the build process may silently fail and produce no kernel lines in grub.cfg
37++ if [ -e "${etc_dir}" ]; then
38++ case "${etc_dir}" in /.zfs/snapshot/*/etc)
39++ snapshot_path="$(findmnt -n -o TARGET -T "${etc_dir}")"
40++ umount "${snapshot_path}" || true
41++ ;;
42++ esac
43++ fi
44+ }
45+
46+ # Scan available boot options and returns in a formatted list
47diff --git a/debian/patches/series b/debian/patches/series
48index 7c2c2d4..6c6dc90 100644
49--- a/debian/patches/series
50+++ b/debian/patches/series
51@@ -123,3 +123,4 @@ efi-implement-grub_efi_run_image.patch
52 fat-fix-listing-the-root-directory.patch
53 efivar-check-that-efivarfs-is-writeable.patch
54 linuxefi-do-not-validate-kernels-twice.patch
55+grubcfg-zfs-snapshot-generation-failure.patch

Subscribers

People subscribed via source and target branches