Rebase patches to fix various small build issues in the linuxefi patch set
Things break here and there because of some small issues in the linuxefi patches,
namely: we build on ppc64el, and efi isn't limited to that. So that we already
have some of the code ready in case there is a firmware for EFI on that platform,
fix the bits that are "wrong" or slightly off:
- ppc64el deserves a nicer cpu header for linux.h; so that when patching things
behave correctly.
- arm64: make sure we include FDT file moves.
- arm64: mark the right parameters to grub_arm64_uefi_boot_image unused.
- arm: include grub/efi/linux.h so grub_linuxefi_secure_validate is recognized
as a valid symbol even if it's not used.
There are a few cases where we legitimately cast to memory that is bigger
than we need when building on one arch, because on a different arch it will
be just right. For example, grub_status_t can be int32 or int64, depending
on the size of void*.
Added GRUB_FORCE_PARTUUID and GRUB_DISABLE_INITRD configuration knobs to allow
users to generate grub menu entries that boot directly to the kernel, without
using an initramfs.
Allow GRUB to mount ext2/3/4 filesystems that have the encryption feature.
On such a filesystem, inodes may have EXT4_ENCRYPT_FLAG set.
For a regular file, this means its contents are encrypted; for a
directory, this means the filenames in its directory entries are
encrypted; and for a symlink, this means its target is encrypted. Since
GRUB cannot decrypt encrypted contents or filenames, just issue an error
if it would need to do so. This is sufficient to allow unencrypted boot
files to co-exist with encrypted files elsewhere on the filesystem.
(Note that encrypted regular files and symlinks will not normally be
encountered outside an encrypted directory; however, it's possible via
hard links, so they still need to be handled.)
Tested by booting from an ext4 /boot partition on which I had run
'tune2fs -O encrypt'. I also verified that the expected error messages
are printed when trying to access encrypted directories, files, and
symlinks from the GRUB command line. Also ran 'sudo ./grub-fs-tester
ext4_encrypt'; note that this requires e2fsprogs v1.43+ and Linux v4.1+.
Signed-off-by: Eric Biggers <email address hidden>
Make grub-install check for errors from efibootmgr
Code is currently ignoring errors from efibootmgr, giving users
clearly bogus output like:
Setting up grub-efi-amd64 (2.02~beta3-4) ...
Installing for x86_64-efi platform.
Could not delete variable: No space left on device
Could not prepare Boot variable: No space left on device Installation finished. No error reported.
and then potentially unbootable systems. If efibootmgr fails,
grub-install should know that and report it!
Signed-off-by: Steve McIntyre <email address hidden>
0b5adf8...
by
Michael Chang <email address hidden>
efinet: Setting DNS server from UEFI protocol
In the URI device path node, any name rahter than address can be used for
looking up the resources so that DNS service become needed to get answer of the
name's address. Unfortunately the DNS is not defined in any of the device path
nodes so that we use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL
to obtain it.
These two protcols are defined the sections of UEFI specification.
include/grub/efi/api.h:
Add new structure and protocol UUID of EFI_IP4_CONFIG2_PROTOCOL and
EFI_IP6_CONFIG_PROTOCOL.
grub-core/net/drivers/efi/efinet.c:
Use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain the list
of DNS server address for IPv4 and IPv6 respectively. The address of DNS
servers is structured into DHCPACK packet and feed into the same DHCP packet
processing functions to ensure the network interface is setting up the same way
it used to be.
Signed-off-by: Michael Chang <email address hidden>
Signed-off-by: Ken Lin <email address hidden>
Patch-Name: efinet_set_dns_from_uefi_proto.patch
914f8b7...
by
Michael Chang <email address hidden>
efinet: Setting network from UEFI device path
The PXE Base Code protocol used to obtain cached PXE DHCPACK packet is no
longer provided for HTTP Boot. Instead, we have to get the HTTP boot
information from the device path nodes defined in following UEFI Specification
sections.
include/grub/efi/api.h:
Add new structure of Uniform Resource Identifiers (URI) Device Path
grub-core/net/drivers/efi/efinet.c:
Check if PXE Base Code is available, if not it will try to obtain the netboot
information from the device path where the image booted from. The DHCPACK
packet is recoverd from the information in device patch and feed into the same
DHCP packet processing functions to ensure the network interface is setting up
the same way it used to be.
Signed-off-by: Michael Chang <email address hidden>
Signed-off-by: Ken Lin <email address hidden>
a8af175...
by
Michael Chang <email address hidden>
bootp: Add processing DHCPACK packet from HTTP Boot
The vendor class identifier with the string "HTTPClient" is used to denote the
packet as responding to HTTP boot request. In DHCP4 config, the filename for
HTTP boot is the URL of the boot file while for PXE boot it is the path to the
boot file. As a consequence, the next-server becomes obseleted because the HTTP
URL already contains the server address for the boot file. For DHCP6 config,
there's no difference definition in existing config as dhcp6.bootfile-url can
be used to specify URL for both HTTP and PXE boot file.
This patch adds processing for "HTTPClient" vendor class identifier in DHCPACK
packet by treating it as HTTP format, not as the PXE format.
Signed-off-by: Michael Chang <email address hidden>
Signed-off-by: Ken Lin <email address hidden>
Patch-Name: bootp_process_dhcpack_http_boot.patch
559610a...
by
Michael Chang <email address hidden>
efinet: UEFI IPv6 PXE support
When grub2 image is booted from UEFI IPv6 PXE, the DHCPv6 Reply packet is
cached in firmware buffer which can be obtained by PXE Base Code protocol. The
network interface can be setup through the parameters in that obtained packet.
Signed-off-by: Michael Chang <email address hidden>
Signed-off-by: Ken Lin <email address hidden>
Patch-Name: efinet_uefi_ipv6_pxe_support.patch
8157f99...
by
Michael Chang <email address hidden>
bootp: New net_bootp6 command
Implement new net_bootp6 command for IPv6 network auto configuration via the
DHCPv6 protocol (RFC3315).
Signed-off-by: Michael Chang <email address hidden>
Signed-off-by: Ken Lin <email address hidden>
