lp:~psusi/ubuntu/quantal/grub2/fix-ldm

Created by Phillip Susi on 2012-11-28 and last modified on 2012-11-29
Get this branch:
bzr branch lp:~psusi/ubuntu/quantal/grub2/fix-ldm
Only Phillip Susi can upload to this branch. If you are Phillip Susi please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Phillip Susi
Status:
Development

Recent revisions

161. By Phillip Susi on 2012-11-28

debian/ldm-require-sfs-partition.patch: Only recognize ldm partition
table if there is an SFS partition listed in the DOS MBR (LP: #1061255)

160. By Colin Watson on 2012-10-14

* Fix incorrect initrd minimum address calculation (LP: #1055686).
* Add keystatus and loadenv to signed image (LP: #1066399).

159. By Colin Watson on 2012-10-12

Ignore symlink traversal failures in grub-mount readdir (LP: #1051306).

158. By Colin Watson on 2012-10-12

Fix patch to forbid insmod on UEFI secure boot to also forbid other
methods of loading modules (LP: #1065621).

157. By Colin Watson on 2012-10-11

Add some extra debugging to signed/unsigned kernel logic, to make it
easier to work out why it fails for some people.

156. By Colin Watson on 2012-10-10

Make embedded FAT filesystem a multiple of 32 blocks so that mtools is
happy with it.

155. By Colin Watson on 2012-10-10

GRUB's rescue parser doesn't understand 'if', so the embedded
configuration file in gcdx64.efi emitted errors. Add the memdisk
module, embed a tiny FAT filesystem containing the grub.cfg with the
search-and-chain logic, and embed a bootstrap configuration file that
loads that using 'normal'.

154. By Colin Watson on 2012-10-09

Embed a configuration file in gcdx64.efi which looks for a real boot
disk containing /.disk/info or /.disk/mini-info and chains to
/boot/grub/$platform/grub.cfg there.

153. By Colin Watson on 2012-10-08

[ Colin Watson ]
* Install signed images if UEFI Secure Boot is enabled (LP: #1063602).

[ Steve Langasek ]
* debian/patches/ubuntu_uefi_firmware_setup.patch: Output a menu entry
  for firmware setup on UEFI FastBoot systems.

152. By Colin Watson on 2012-10-07

* If the postinst is running in a container, skip grub-install and all its
  associated questions (LP: #1060404).
* Merge UEFI secure boot tweaks from Fedora:
  - Don't error on insmod on UEFI/SB, but also don't do any insmodding.
  - Add sleep to the list of modules in the signed image.
* Move Ubuntu modifications to the Fedora linuxefi patch into separate
  patches, to ease maintenance.
* Implement secure boot handling policy as outlined by Steve Langasek:
  - Make the linux module call linuxefi when necessary, simplifying
    configuration. Add the linux module to the signed image.
  - If secure boot is enabled and the kernel is signed, linux will call
    linuxefi to hand over to it without calling ExitBootServices.
  - Otherwise, linux will fall through to previous code, call
    ExitBootServices itself, and boot the kernel normally.
  - Change linuxefi to return GRUB_ERR_ACCESS_DENIED rather than
    GRUB_ERR_INVALID_COMMAND in the case of an invalid signature, to make
    it easier to implement different handling of unsigned kernels in
    future if necessary.
* Build two images for signing: one with prefix /EFI/BOOT for use on
  removable media, and one with prefix /EFI/ubuntu (and with the lvm,
  mdraid09, and mdraid1x modules added) for use on fixed disks. Setup
  mostly borrowed from Fedora.
* Generate configuration for signed UEFI kernels if available.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/raring/grub2
This branch contains Public information 
Everyone can see this information.

Subscribers