Merge ~xnox/grub:initrdless-docs into ~ubuntu-core-dev/grub/+git/ubuntu:master
- Git
- lp:~xnox/grub
- initrdless-docs
- Merge into master
Status: | Superseded | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Proposed branch: | ~xnox/grub:initrdless-docs | ||||||||||||
Merge into: | ~ubuntu-core-dev/grub/+git/ubuntu:master | ||||||||||||
Diff against target: |
43648 lines (+27070/-3040) 374 files modified
INSTALL (+2/-20) Makefile.am (+3/-0) Makefile.util.def (+7/-0) configure.ac (+12/-2) debian/.git-dpm (+2/-2) debian/build-efi-images (+9/-4) debian/canonical-uefi-ca.crt (+25/-0) debian/changelog (+1029/-0) debian/control (+10/-6) debian/gettext-patches/0001-Support-POTFILES-shell.patch (+54/-0) debian/gettext-patches/0002-Handle-gettext_printf-shell-function.patch (+46/-0) debian/gettext-patches/0003-Make-msgfmt-output-in-little-endian.patch (+34/-0) debian/gettext-patches/0004-Use-SHELL-rather-than-bin-sh.patch (+26/-0) debian/grub-check-signatures (+129/-0) debian/grub-common.dirs (+1/-0) debian/grub-common.install.in (+4/-0) debian/grub-common.service (+14/-0) debian/grub-common.templates (+53/-0) debian/grub-multi-install (+417/-0) debian/patches/0074-uefi-firmware-rename-fwsetup-menuentry-to-UEFI-Firmw.patch (+26/-0) debian/patches/0075-smbios-Add-a-linux-argument-to-apply-linux-modalias-.patch (+86/-0) debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch (+118/-0) debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch (+25/-0) debian/patches/0081-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch (+66/-0) debian/patches/0082-safemath-Add-some-arithmetic-primitives-that-check-f.patch (+120/-0) debian/patches/0083-calloc-Make-sure-we-always-have-an-overflow-checking.patch (+239/-0) debian/patches/0084-calloc-Use-calloc-at-most-places.patch (+1833/-0) debian/patches/0085-malloc-Use-overflow-checking-primitives-where-we-do-.patch (+1319/-0) debian/patches/0086-iso9660-Don-t-leak-memory-on-realloc-failures.patch (+65/-0) debian/patches/0087-font-Do-not-load-more-than-one-NAME-section.patch (+34/-0) debian/patches/0088-gfxmenu-Fix-double-free-in-load_image.patch (+32/-0) debian/patches/0089-lzma-Make-sure-we-don-t-dereference-past-array.patch (+48/-0) debian/patches/0090-tftp-Do-not-use-priority-queue.patch (+279/-0) debian/patches/0091-script-Remove-unused-fields-from-grub_script_functio.patch (+29/-0) debian/patches/0092-script-Avoid-a-use-after-free-when-redefining-a-func.patch (+104/-0) debian/patches/0093-hfsplus-fix-two-more-overflows.patch (+53/-0) debian/patches/0094-lvm-fix-two-more-potential-data-dependent-alloc-over.patch (+98/-0) debian/patches/0095-efi-fix-some-malformed-device-path-arithmetic-errors.patch (+247/-0) debian/patches/0096-linuxefi-fail-kernel-validation-without-shim-protoco.patch (+90/-0) debian/patches/0097-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch (+84/-0) debian/patches/0098-efi-Fix-use-after-free-in-halt-reboot-path.patch (+175/-0) debian/patches/0099-chainloader-Avoid-a-double-free-when-validation-fail.patch (+42/-0) debian/patches/0100-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch (+146/-0) debian/patches/0101-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch (+334/-0) debian/patches/0102-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch (+42/-0) debian/patches/0103-linux-loader-avoid-overflow-on-initrd-size-calculati.patch (+25/-0) debian/patches/0104-linux-Fix-integer-overflows-in-initrd-size-handling.patch (+165/-0) debian/patches/0105-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch (+50/-0) debian/patches/at_keyboard-module-init.patch (+2/-2) debian/patches/bash-completion-drop-have-checks.patch (+2/-2) debian/patches/blacklist-1440x900x32.patch (+2/-2) debian/patches/bootp-new-net_bootp6-command.patch (+4/-4) debian/patches/bootp-process-dhcpack-http-boot.patch (+3/-3) debian/patches/cherrypick-lsefisystab-define-smbios3.patch (+45/-0) debian/patches/cherrypick-lsefisystab-show-dtb.patch (+40/-0) debian/patches/cherrypick-smbios-module.patch (+771/-0) debian/patches/core-in-fs.patch (+1/-1) debian/patches/default-grub-d.patch (+3/-3) debian/patches/disable-floppies.patch (+1/-1) debian/patches/dpkg-version-comparison.patch (+1/-1) debian/patches/efi-variable-storage-minimise-writes.patch (+19/-19) debian/patches/efinet-set-dns-from-uefi-proto.patch (+3/-3) debian/patches/efinet-set-network-from-uefi-devpath.patch (+3/-3) debian/patches/efinet-uefi-ipv6-pxe-support.patch (+3/-3) debian/patches/gettext-quiet.patch (+2/-2) debian/patches/gfxpayload-dynamic.patch (+88/-9) debian/patches/gfxpayload-keep-default.patch (+23/-7) debian/patches/grub-install-backup-and-restore.patch (+175/-0) debian/patches/grub-install-pvxen-paths.patch (+4/-4) debian/patches/grub-legacy-0-based-partitions.patch (+1/-1) debian/patches/grub.cfg-400.patch (+1/-1) debian/patches/ieee1275-clear-reset.patch (+2/-2) debian/patches/ignore-grub_func_test-failures.patch (+2/-2) debian/patches/insmod-xzio-and-lzopio-on-xen.patch (+18/-5) debian/patches/install-efi-fallback.patch (+2/-2) debian/patches/install-efi-ubuntu-flavours.patch (+2/-2) debian/patches/install-locale-langpack.patch (+2/-2) debian/patches/install-powerpc-machtypes.patch (+7/-7) debian/patches/install-stage2-confusion.patch (+2/-2) debian/patches/maybe-quiet.patch (+50/-15) debian/patches/mkconfig-loopback.patch (+4/-4) debian/patches/mkconfig-mid-upgrade.patch (+2/-2) debian/patches/mkconfig-nonexistent-loopback.patch (+3/-3) debian/patches/mkconfig-other-inits.patch (+5/-5) debian/patches/mkconfig-recovery-title.patch (+45/-10) debian/patches/mkconfig-signed-kernel.patch (+48/-8) debian/patches/mkconfig-ubuntu-distributor.patch (+25/-4) debian/patches/mkconfig-ubuntu-recovery.patch (+58/-10) debian/patches/mkrescue-efi-modules.patch (+2/-2) debian/patches/net-read-bracketed-ipv6-addr.patch (+5/-5) debian/patches/no-devicetree-if-secure-boot.patch (+3/-3) debian/patches/no-insmod-on-sb.patch (+4/-4) debian/patches/olpc-prefix-hack.patch (+1/-1) debian/patches/ppc64el-disable-vsx.patch (+2/-2) debian/patches/probe-fusionio.patch (+3/-3) debian/patches/quick-boot-lvm.patch (+2/-2) debian/patches/quick-boot.patch (+34/-10) debian/patches/restore-mkdevicemap.patch (+7/-7) debian/patches/series (+58/-5) debian/patches/skip-grub_cmd_set_date.patch (+2/-2) debian/patches/sleep-shift.patch (+3/-3) debian/patches/ubuntu-add-devicetree-command-support.patch (+52/-0) debian/patches/ubuntu-add-initrd-less-boot-fallback.patch (+213/-0) debian/patches/ubuntu-add-initrd-less-boot-messages.patch (+56/-0) debian/patches/ubuntu-boot-from-multipath-dependent-symlink.patch (+69/-0) debian/patches/ubuntu-dejavu-font-path.patch (+25/-0) debian/patches/ubuntu-dont-verify-loopback-images.patch (+37/-0) debian/patches/ubuntu-efi-allow-loopmount-chainload.patch (+127/-0) debian/patches/ubuntu-efi-console-set-text-mode-as-needed.patch (+197/-0) debian/patches/ubuntu-fix-lzma-decompressor-objcopy.patch (+30/-0) debian/patches/ubuntu-flavour-order.patch (+61/-0) debian/patches/ubuntu-grub-install-extra-removable.patch (+64/-38) debian/patches/ubuntu-install-signed.patch (+33/-30) debian/patches/ubuntu-linuxefi-arm64.patch (+185/-0) debian/patches/ubuntu-linuxefi.patch (+2795/-0) debian/patches/ubuntu-mkconfig-leave-breadcrumbs.patch (+29/-0) debian/patches/ubuntu-recovery-dis_ucode_ldr.patch (+84/-0) debian/patches/ubuntu-resilient-boot-boot-order.patch (+231/-0) debian/patches/ubuntu-resilient-boot-ignore-alternative-esps.patch (+208/-0) debian/patches/ubuntu-shorter-version-info.patch (+41/-0) debian/patches/ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch (+59/-0) debian/patches/ubuntu-speed-zsys-history.patch (+158/-0) debian/patches/ubuntu-support-initrd-less-boot.patch (+107/-0) debian/patches/ubuntu-temp-keep-auto-nvram.patch (+39/-0) debian/patches/ubuntu-tpm-unknown-error-non-fatal.patch (+56/-0) debian/patches/ubuntu-zfs-enhance-support.patch (+1031/-0) debian/patches/uefi-firmware-setup.patch (+4/-4) debian/patches/uefi-secure-boot-cryptomount.patch (+3/-3) debian/patches/vsnprintf-upper-case-hex.patch (+2/-2) debian/patches/vt-handoff.patch (+70/-9) debian/patches/wubi-no-windows.patch (+2/-2) debian/patches/zpool-full-device-name.patch (+2/-2) debian/po/ar.po (+99/-18) debian/po/ast.po (+107/-18) debian/po/be.po (+118/-18) debian/po/bg.po (+119/-18) debian/po/ca.po (+120/-18) debian/po/cs.po (+118/-18) debian/po/cy.po (+109/-18) debian/po/da.po (+119/-18) debian/po/de.po (+122/-18) debian/po/dz.po (+107/-18) debian/po/el.po (+120/-18) debian/po/eo.po (+118/-18) debian/po/es.po (+119/-18) debian/po/eu.po (+118/-18) debian/po/fa.po (+108/-18) debian/po/fi.po (+118/-18) debian/po/fr.po (+120/-18) debian/po/gl.po (+108/-18) debian/po/gu.po (+106/-18) debian/po/he.po (+117/-18) debian/po/hr.po (+118/-18) debian/po/hu.po (+109/-18) debian/po/id.po (+107/-18) debian/po/is.po (+119/-18) debian/po/it.po (+120/-18) debian/po/ja.po (+119/-18) debian/po/ka.po (+87/-18) debian/po/kk.po (+119/-18) debian/po/km.po (+106/-18) debian/po/ko.po (+118/-18) debian/po/lt.po (+118/-18) debian/po/lv.po (+118/-18) debian/po/mr.po (+117/-18) debian/po/nb.po (+119/-18) debian/po/nl.po (+120/-18) debian/po/pl.po (+120/-18) debian/po/pt.po (+120/-18) debian/po/pt_BR.po (+120/-18) debian/po/ro.po (+119/-18) debian/po/ru.po (+118/-18) debian/po/si.po (+106/-18) debian/po/sk.po (+107/-18) debian/po/sl.po (+118/-18) debian/po/sq.po (+105/-18) debian/po/sr.po (+107/-18) debian/po/sr@latin.po (+107/-18) debian/po/sv.po (+119/-18) debian/po/ta.po (+106/-18) debian/po/templates.pot (+87/-18) debian/po/th.po (+117/-18) debian/po/tr.po (+118/-18) debian/po/ug.po (+119/-18) debian/po/uk.po (+118/-18) debian/po/vi.po (+119/-18) debian/po/zh_CN.po (+105/-18) debian/po/zh_TW.po (+116/-18) debian/postinst.in (+80/-14) debian/rules (+21/-6) debian/signing-template.json.in (+0/-1) debian/templates.in (+78/-8) dev/null (+0/-550) docs/grub.info (+13/-0) docs/grub.texi (+88/-0) grub-core/Makefile.am (+1/-0) grub-core/Makefile.core.def (+24/-2) grub-core/bus/usb/usbhub.c (+4/-4) grub-core/commands/efi/lsefisystab.c (+4/-1) grub-core/commands/efi/smbios.c (+61/-0) grub-core/commands/efi/tpm.c (+8/-4) grub-core/commands/i386/pc/smbios.c (+52/-0) grub-core/commands/iorw.c (+7/-0) grub-core/commands/legacycfg.c (+27/-8) grub-core/commands/memrw.c (+7/-0) grub-core/commands/menuentry.c (+1/-1) grub-core/commands/nativedisk.c (+1/-1) grub-core/commands/parttool.c (+9/-3) grub-core/commands/regexp.c (+1/-1) grub-core/commands/search_wrap.c (+1/-1) grub-core/commands/smbios.c (+398/-0) grub-core/commands/wildcard.c (+31/-5) grub-core/disk/diskfilter.c (+2/-2) grub-core/disk/ieee1275/ofdisk.c (+1/-1) grub-core/disk/ldm.c (+30/-16) grub-core/disk/loopback.c (+3/-9) grub-core/disk/luks.c (+1/-1) grub-core/disk/lvm.c (+35/-12) grub-core/disk/xen/xendisk.c (+1/-1) grub-core/efiemu/i386/pc/cfgtables.c (+4/-11) grub-core/efiemu/loadcore.c (+1/-1) grub-core/efiemu/mm.c (+3/-3) grub-core/font/font.c (+13/-3) grub-core/fs/affs.c (+3/-3) grub-core/fs/btrfs.c (+22/-12) grub-core/fs/ext2.c (+9/-1) grub-core/fs/hfs.c (+1/-1) grub-core/fs/hfsplus.c (+11/-6) grub-core/fs/iso9660.c (+55/-18) grub-core/fs/ntfs.c (+2/-2) grub-core/fs/sfs.c (+23/-6) grub-core/fs/squash4.c (+34/-11) grub-core/fs/tar.c (+1/-1) grub-core/fs/udf.c (+29/-16) grub-core/fs/xfs.c (+7/-4) grub-core/fs/zfs/zfs.c (+17/-9) grub-core/fs/zfs/zfscrypt.c (+6/-1) grub-core/gfxmenu/gui_image.c (+4/-1) grub-core/gfxmenu/gui_string_util.c (+1/-1) grub-core/gfxmenu/widget-box.c (+2/-2) grub-core/io/gzio.c (+1/-1) grub-core/kern/arm/coreboot/coreboot.S (+6/-0) grub-core/kern/arm/efi/init.c (+3/-0) grub-core/kern/arm64/efi/init.c (+3/-0) grub-core/kern/dl.c (+1/-0) grub-core/kern/efi/efi.c (+62/-42) grub-core/kern/efi/init.c (+0/-1) grub-core/kern/efi/sb.c (+66/-0) grub-core/kern/emu/hostdisk.c (+1/-1) grub-core/kern/emu/misc.c (+12/-0) grub-core/kern/emu/mm.c (+10/-0) grub-core/kern/fs.c (+1/-1) grub-core/kern/i386/efi/init.c (+7/-2) grub-core/kern/ia64/efi/init.c (+7/-2) grub-core/kern/misc.c (+1/-1) grub-core/kern/mm.c (+40/-0) grub-core/kern/parser.c (+1/-1) grub-core/kern/riscv/efi/init.c (+3/-0) grub-core/kern/uboot/uboot.c (+1/-1) grub-core/lib/LzmaEnc.c (+8/-2) grub-core/lib/arg.c (+18/-2) grub-core/lib/efi/halt.c (+2/-1) grub-core/lib/i386/relocator.c (+11/-17) grub-core/lib/libgcrypt/cipher/ac.c (+4/-4) grub-core/lib/libgcrypt/cipher/primegen.c (+2/-2) grub-core/lib/libgcrypt/cipher/pubkey.c (+2/-2) grub-core/lib/libgcrypt_wrap/mem.c (+9/-2) grub-core/lib/mips/relocator.c (+2/-4) grub-core/lib/posix_wrap/stdlib.h (+7/-1) grub-core/lib/powerpc/relocator.c (+2/-4) grub-core/lib/priority_queue.c (+1/-1) grub-core/lib/reed_solomon.c (+3/-4) grub-core/lib/relocator.c (+7/-7) grub-core/lib/x86_64/efi/relocator.c (+3/-4) grub-core/lib/zstd/fse_decompress.c (+1/-1) grub-core/loader/arm/linux.c (+1/-1) grub-core/loader/arm64/linux.c (+77/-50) grub-core/loader/efi/appleloader.c (+7/-0) grub-core/loader/efi/chainloader.c (+796/-78) grub-core/loader/efi/fdt.c (+1/-0) grub-core/loader/efi/linux.c (+87/-0) grub-core/loader/i386/bsd.c (+14/-1) grub-core/loader/i386/bsdXX.c (+1/-1) grub-core/loader/i386/efi/linux.c (+154/-150) grub-core/loader/i386/linux.c (+59/-39) grub-core/loader/i386/multiboot_mbi.c (+3/-4) grub-core/loader/i386/pc/linux.c (+37/-18) grub-core/loader/i386/xen.c (+10/-2) grub-core/loader/i386/xnu.c (+7/-6) grub-core/loader/linux.c (+56/-22) grub-core/loader/macho.c (+1/-1) grub-core/loader/mips/linux.c (+3/-6) grub-core/loader/multiboot.c (+8/-1) grub-core/loader/multiboot_elfxx.c (+6/-6) grub-core/loader/multiboot_mbi2.c (+5/-5) grub-core/loader/xnu.c (+15/-5) grub-core/loader/xnu_resume.c (+1/-1) grub-core/mmap/mmap.c (+2/-2) grub-core/net/bootp.c (+1/-1) grub-core/net/dns.c (+13/-6) grub-core/net/net.c (+2/-2) grub-core/net/tftp.c (+53/-118) grub-core/normal/charset.c (+13/-7) grub-core/normal/cmdline.c (+19/-9) grub-core/normal/main.c (+4/-1) grub-core/normal/menu_entry.c (+18/-9) grub-core/normal/menu_text.c (+2/-2) grub-core/normal/term.c (+2/-2) grub-core/osdep/basic/no_platform.c (+1/-1) grub-core/osdep/linux/getroot.c (+3/-3) grub-core/osdep/unix/config.c (+1/-1) grub-core/osdep/unix/efivar.c (+167/-11) grub-core/osdep/unix/platform.c (+3/-3) grub-core/osdep/windows/getroot.c (+1/-1) grub-core/osdep/windows/hostdisk.c (+2/-2) grub-core/osdep/windows/init.c (+1/-1) grub-core/osdep/windows/platform.c (+3/-3) grub-core/osdep/windows/relpath.c (+1/-1) grub-core/partmap/gpt.c (+1/-1) grub-core/partmap/msdos.c (+1/-1) grub-core/script/argv.c (+14/-2) grub-core/script/execute.c (+3/-1) grub-core/script/function.c (+13/-3) grub-core/script/lexer.c (+18/-3) grub-core/script/parser.y (+2/-1) grub-core/script/yylex.l (+2/-2) grub-core/term/efi/console.c (+45/-23) grub-core/tests/fake_input.c (+1/-1) grub-core/tests/video_checksum.c (+3/-3) grub-core/video/bitmap.c (+16/-9) grub-core/video/capture.c (+1/-1) grub-core/video/emu/sdl.c (+1/-1) grub-core/video/i386/pc/vga.c (+1/-1) grub-core/video/readers/png.c (+12/-3) grub-initrd-fallback.service (+12/-0) include/grub/arm64/linux.h (+2/-0) include/grub/compiler.h (+8/-0) include/grub/efi/api.h (+14/-5) include/grub/efi/efi.h (+0/-1) include/grub/efi/linux.h (+31/-0) include/grub/efi/pe32.h (+47/-5) include/grub/efi/sb.h (+29/-0) include/grub/emu/misc.h (+1/-0) include/grub/i386/linux.h (+6/-1) include/grub/ia64/linux.h (+0/-0) include/grub/loader.h (+1/-0) include/grub/loopback.h (+30/-0) include/grub/mips/linux.h (+0/-0) include/grub/mm.h (+6/-0) include/grub/powerpc/linux.h (+0/-0) include/grub/relocator.h (+29/-0) include/grub/safemath.h (+37/-0) include/grub/script_sh.h (+1/-4) include/grub/smbios.h (+69/-0) include/grub/sparc64/linux.h (+0/-0) include/grub/unicode.h (+2/-2) include/grub/util/install.h (+8/-9) util/deviceiter.c (+3/-0) util/getroot.c (+1/-1) util/grub-file.c (+1/-1) util/grub-fstest.c (+2/-2) util/grub-install-common.c (+91/-16) util/grub-install.c (+90/-109) util/grub-mkconfig.in (+6/-1) util/grub-mkconfig_lib.in (+15/-0) util/grub-mkimagexx.c (+2/-4) util/grub-mkrescue.c (+2/-2) util/grub-mkstandalone.c (+1/-1) util/grub-pe2elf.c (+5/-7) util/grub-probe.c (+2/-2) util/grub.d/00_header.in (+27/-0) util/grub.d/10_linux.in (+133/-13) util/grub.d/10_linux_zfs.in (+1117/-0) util/grub.d/30_uefi-firmware.in (+2/-2) |
||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu Core Development Team | Pending | ||
Review via email: mp+392865@code.launchpad.net |
This proposal has been superseded by a proposal from 2020-10-27.
Commit message
Add more messages about initrdless boot.
See https:/
Description of the change
Unmerged commits
- debed15... by Dimitri John Ledkov
-
grub-common.
service: port init.d script to systemd unit. Add warning message, when initrdless boot fails triggering fallback. LP: #1901553 - 2b306df... by Dimitri John Ledkov
-
10_linux: emit messages when initrdless boot is configured, attempted and fails triggering fallback. LP: #1901553
- c50fe8d... by Dimitri John Ledkov
-
merge patched-ubuntu into ubuntu
- 50b1378... by Dimitri John Ledkov
-
Ubuntu: add initrd-less-boot informational messages
Add additional messages when initrd-less boot is attempted or
fails. As otherwise it is not obvious why boot seems to panic and
reboot by default.Patch-Name: ubuntu-
add-initrd- less-boot- messages. patch - 13b8f84... by Dimitri John Ledkov
-
releasing package grub2 version 2.04-1ubuntu35
- 5649e23... by Dimitri John Ledkov
-
Do not finalize params twice on arm64. LP: #1897819
- 0511ec4... by Dimitri John Ledkov
-
merge patched-ubuntu into ubuntu
- 26335cb... by Dimitri John Ledkov
-
configure.ac: one more dejavu font search path
Debian/Ubuntu ship dejavu font in a subdir of truetype.
Patch-Name: ubuntu-
dejavu- font-path. patch - f38282a... by Julian Andres Klode
-
Cherry-pick back parts of "Load arm with SB enabled."
These parts got lost in our 2.04 rebase, let's add them back.
Pick (grub_efi_
physical_ address_ t)(grub_ efi_uintn_ t) cast from
fedora-34 instead, it seems to cause compilation error on armhf
to not do the (grub_efi_uintn_t) cast first.Bug-Ubuntu: https:/
/bugs.launchpad .net/1862279
Origin: vendor, https://github. com/rhboot/ grub2/commit/ 2786ab864cf00c1 5123320671f653e 9a36ba12b4
Patch-Name: ubuntu-linuxefi- arm64.patch - e07b23a... by Dimitri John Ledkov
-
postinst.in, grub-multi-install: fix logic of skipping installing onto any device, if one chose to not install bootloader on any device. LP: #1896608
Preview Diff
1 | diff --git a/INSTALL b/INSTALL |
2 | index 342c158..991479b 100644 |
3 | --- a/INSTALL |
4 | +++ b/INSTALL |
5 | @@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If |
6 | you don't have any of them, please obtain and install them before |
7 | configuring the GRUB. |
8 | |
9 | -* GCC 4.1.3 or later |
10 | - Note: older versions may work but support is limited |
11 | - |
12 | - Experimental support for clang 3.3 or later (results in much bigger binaries) |
13 | +* GCC 5.1.0 or later |
14 | + Experimental support for clang 3.8.0 or later (results in much bigger binaries) |
15 | for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64 |
16 | - Note: clang 3.2 or later works for i386 and x86_64 targets but results in |
17 | - much bigger binaries. |
18 | - earlier versions not tested |
19 | - Note: clang 3.2 or later works for arm |
20 | - earlier versions not tested |
21 | - Note: clang on arm64 is not supported due to |
22 | - https://llvm.org/bugs/show_bug.cgi?id=26030 |
23 | - Note: clang 3.3 or later works for mips(el) |
24 | - earlier versions fail to generate .reginfo and hence gprel relocations |
25 | - fail. |
26 | - Note: clang 3.2 or later works for powerpc |
27 | - earlier versions not tested |
28 | - Note: clang 3.5 or later works for sparc64 |
29 | - earlier versions return "error: unable to interface with target machine" |
30 | - Note: clang has no support for ia64 and hence you can't compile GRUB |
31 | - for ia64 with clang |
32 | * GNU Make |
33 | * GNU Bison 2.3 or later |
34 | * GNU gettext 0.17 or later |
35 | diff --git a/Makefile.am b/Makefile.am |
36 | index 1f4bb9b..e6a2207 100644 |
37 | --- a/Makefile.am |
38 | +++ b/Makefile.am |
39 | @@ -473,6 +473,9 @@ ChangeLog: FORCE |
40 | touch $@; \ |
41 | fi |
42 | |
43 | +systemdsystemunit_DATA = \ |
44 | + grub-initrd-fallback.service |
45 | + |
46 | EXTRA_DIST += ChangeLog ChangeLog-2015 |
47 | |
48 | syslinux_test: $(top_builddir)/config.status tests/syslinux/ubuntu10.04_grub.cfg |
49 | diff --git a/Makefile.util.def b/Makefile.util.def |
50 | index 59e4142..504d1c0 100644 |
51 | --- a/Makefile.util.def |
52 | +++ b/Makefile.util.def |
53 | @@ -500,6 +500,13 @@ script = { |
54 | }; |
55 | |
56 | script = { |
57 | + name = '10_linux_zfs'; |
58 | + common = util/grub.d/10_linux_zfs.in; |
59 | + installdir = grubconf; |
60 | + condition = COND_HOST_LINUX; |
61 | +}; |
62 | + |
63 | +script = { |
64 | name = '10_xnu'; |
65 | common = util/grub.d/10_xnu.in; |
66 | installdir = grubconf; |
67 | diff --git a/configure.ac b/configure.ac |
68 | index 8832455..fae9171 100644 |
69 | --- a/configure.ac |
70 | +++ b/configure.ac |
71 | @@ -305,6 +305,16 @@ AC_SUBST(grubdirname) |
72 | AC_DEFINE_UNQUOTED(GRUB_DIR_NAME, "$grubdirname", |
73 | [Default grub directory name]) |
74 | |
75 | +##### systemd unit files |
76 | +AC_ARG_WITH([systemdsystemunitdir], |
77 | + AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]), |
78 | + [], |
79 | + [with_systemdsystemunitdir=/usr/lib/systemd/system], |
80 | + [with_systemdsystemunitdir=no]) |
81 | +if test "x$with_systemdsystemunitdir" != xno; then |
82 | + AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir]) |
83 | +fi |
84 | + |
85 | # |
86 | # Checks for build programs. |
87 | # |
88 | @@ -410,7 +420,7 @@ else |
89 | fi |
90 | |
91 | # Check for functions and headers. |
92 | -AC_CHECK_FUNCS(posix_memalign memalign getextmntent) |
93 | +AC_CHECK_FUNCS(posix_memalign memalign getextmntent on_exit) |
94 | AC_CHECK_HEADERS(sys/param.h sys/mount.h sys/mnttab.h limits.h) |
95 | |
96 | # glibc 2.25 still includes sys/sysmacros.h in sys/types.h but emits deprecation |
97 | @@ -1661,7 +1671,7 @@ fi |
98 | |
99 | if test x"$starfield_excuse" = x; then |
100 | for ext in pcf pcf.gz bdf bdf.gz ttf ttf.gz; do |
101 | - for dir in . /usr/src /usr/share/fonts/X11/misc /usr/share/fonts/truetype/ttf-dejavu /usr/share/fonts/dejavu /usr/share/fonts/truetype; do |
102 | + for dir in . /usr/src /usr/share/fonts/X11/misc /usr/share/fonts/truetype/ttf-dejavu /usr/share/fonts/dejavu /usr/share/fonts/truetype /usr/share/fonts/truetype/dejavu; do |
103 | if test -f "$dir/DejaVuSans.$ext"; then |
104 | DJVU_FONT_SOURCE="$dir/DejaVuSans.$ext" |
105 | break 2 |
106 | diff --git a/debian/.git-dpm b/debian/.git-dpm |
107 | index a87b37e..b8d04a8 100644 |
108 | --- a/debian/.git-dpm |
109 | +++ b/debian/.git-dpm |
110 | @@ -1,6 +1,6 @@ |
111 | # see git-dpm(1) from git-dpm package |
112 | -3d51b212987d47da2b8c65a911140bbbc2fd3153 |
113 | -3d51b212987d47da2b8c65a911140bbbc2fd3153 |
114 | +50b137848fd25a580fcd76760802af16e4e961fa |
115 | +50b137848fd25a580fcd76760802af16e4e961fa |
116 | 578bb115fbd47e1c464696f1f8d6183e5443975d |
117 | 578bb115fbd47e1c464696f1f8d6183e5443975d |
118 | grub2_2.04.orig.tar.xz |
119 | diff --git a/debian/build-efi-images b/debian/build-efi-images |
120 | index dbff3e7..f789cf6 100755 |
121 | --- a/debian/build-efi-images |
122 | +++ b/debian/build-efi-images |
123 | @@ -129,6 +129,7 @@ CD_MODULES=" |
124 | search_fs_file |
125 | search_label |
126 | sleep |
127 | + smbios |
128 | squash4 |
129 | test |
130 | true |
131 | @@ -189,6 +190,7 @@ GRUB_MODULES="$CD_MODULES |
132 | raid6rec |
133 | " |
134 | NET_MODULES="$CD_MODULES |
135 | + http |
136 | tftp |
137 | " |
138 | |
139 | @@ -212,9 +214,12 @@ NET_MODULES="$CD_MODULES |
140 | # Special network boot image for d-i to use. Just the same as the |
141 | # normal network boot image, but with a different value baked in for |
142 | # the prefix setting |
143 | -"$grub_mkimage" -O "$platform" -o "$outdir/grubnet$efi_name-installer.efi" \ |
144 | - -d "$grub_core" -c "$workdir/grub-bootstrap.cfg" \ |
145 | - -m "$workdir/memdisk-netboot.fat" \ |
146 | - -p "${efi_vendor}-installer/$deb_arch/grub" $NET_MODULES |
147 | +# |
148 | +# but not on Ubuntu LP: #1863994 |
149 | +# |
150 | +#"$grub_mkimage" -O "$platform" -o "$outdir/grubnet$efi_name-installer.efi" \ |
151 | +# -d "$grub_core" -c "$workdir/grub-bootstrap.cfg" \ |
152 | +# -m "$workdir/memdisk-netboot.fat" \ |
153 | +# -p "${efi_vendor}-installer/$deb_arch/grub" $NET_MODULES |
154 | |
155 | exit 0 |
156 | diff --git a/debian/canonical-uefi-ca.crt b/debian/canonical-uefi-ca.crt |
157 | new file mode 100644 |
158 | index 0000000..55c06d5 |
159 | --- /dev/null |
160 | +++ b/debian/canonical-uefi-ca.crt |
161 | @@ -0,0 +1,25 @@ |
162 | +-----BEGIN CERTIFICATE----- |
163 | +MIIENDCCAxygAwIBAgIJALlBJKAYLJJnMA0GCSqGSIb3DQEBCwUAMIGEMQswCQYD |
164 | +VQQGEwJHQjEUMBIGA1UECAwLSXNsZSBvZiBNYW4xEDAOBgNVBAcMB0RvdWdsYXMx |
165 | +FzAVBgNVBAoMDkNhbm9uaWNhbCBMdGQuMTQwMgYDVQQDDCtDYW5vbmljYWwgTHRk |
166 | +LiBNYXN0ZXIgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEyMDQxMjExMTI1MVoX |
167 | +DTQyMDQxMTExMTI1MVowgYQxCzAJBgNVBAYTAkdCMRQwEgYDVQQIDAtJc2xlIG9m |
168 | +IE1hbjEQMA4GA1UEBwwHRG91Z2xhczEXMBUGA1UECgwOQ2Fub25pY2FsIEx0ZC4x |
169 | +NDAyBgNVBAMMK0Nhbm9uaWNhbCBMdGQuIE1hc3RlciBDZXJ0aWZpY2F0ZSBBdXRo |
170 | +b3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WzoWdO4hXa5h |
171 | +7Z1WrL3e3nLz3X4tTGIPrMBtSAgRz42L+2EfJ8wRbtlVPTlU60A7sbvihTR5yvd7 |
172 | +v7p6yBAtGX2tWc+m1OlOD9quUupMnpDOxpkNTmdleF350dU4Skp6j5OcfxqjhdvO |
173 | ++ov3wqIhLZtUQTUQVxONbLwpBlBKfuqZqWinO8cHGzKeoBmHDnm7aJktfpNS5fbr |
174 | +yZv5K+24aEm82ZVQQFvFsnGq61xX3nH5QArdW6wehC1QGlLW4fNrbpBkT1u06yDk |
175 | +YRDaWvDq5ELXAcT+IR/ZucBUlUKBUnIfSWR6yGwk8QhwC02loDLRoBxXqE3jr6WO |
176 | +BQU+EEOhAgMBAAGjgaYwgaMwHQYDVR0OBBYEFK2RmQvCKrH1FwSMI7ZlWiaONFpj |
177 | +MB8GA1UdIwQYMBaAFK2RmQvCKrH1FwSMI7ZlWiaONFpjMA8GA1UdEwEB/wQFMAMB |
178 | +Af8wCwYDVR0PBAQDAgGGMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly93d3cuY2Fu |
179 | +b25pY2FsLmNvbS9zZWN1cmUtYm9vdC1tYXN0ZXItY2EuY3JsMA0GCSqGSIb3DQEB |
180 | +CwUAA4IBAQA/ffZ2pbODtCt60G1SGgODxBKnUJxHkszAlHeC0q5Xs5kE9TI6xlUd |
181 | +B9sSqVb62NR2IOvkw1Hbmlyckj8Yc9qUaqGZOIykiG3B/Dlx0HR2FgM+ViM11VVH |
182 | +WxodQcLTEkzc/64KkpxiChcBnHPgXrH9vNa1GRF6fs0+A35m21uoyTlIUf9T4Zwx |
183 | +U5EbOxB1Axe65oECgJRwTEa3lLA9Fc0fjgLgaAKP+/lHHX2iAcYHUcSazO3dz6Nd |
184 | +7ZK7vtH95uwfM1FzBL48crB9CPgB/5h9y5zgaTl3JUdxiLGNJ6UuqPc/X4Bplz6p |
185 | +9JkU284DDgtmxBxtvbgnd8FClL38agq8 |
186 | +-----END CERTIFICATE----- |
187 | diff --git a/debian/changelog b/debian/changelog |
188 | index 79734b2..a9de8cc 100644 |
189 | --- a/debian/changelog |
190 | +++ b/debian/changelog |
191 | @@ -1,3 +1,506 @@ |
192 | +grub2 (2.04-1ubuntu36) UNRELEASED; urgency=medium |
193 | + |
194 | + * 10_linux: emit messages when initrdless boot is configured, attempted |
195 | + and fails triggering fallback. LP: #1901553 |
196 | + * grub-common.service: port init.d script to systemd unit. Add warning |
197 | + message, when initrdless boot fails triggering fallback. LP: #1901553 |
198 | + |
199 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 27 Oct 2020 13:07:20 +0000 |
200 | + |
201 | +grub2 (2.04-1ubuntu35) groovy; urgency=medium |
202 | + |
203 | + * postinst.in, grub-multi-install: fix logic of skipping installing onto |
204 | + any device, if one chose to not install bootloader on any device. LP: |
205 | + #1896608 |
206 | + * Do not finalize params twice on arm64. LP: #1897819 |
207 | + |
208 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 01 Oct 2020 22:59:51 +0800 |
209 | + |
210 | +grub2 (2.04-1ubuntu34) groovy; urgency=medium |
211 | + |
212 | + * configure.ac: one more dejavu font search path |
213 | + |
214 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 14 Sep 2020 10:53:07 +0100 |
215 | + |
216 | +grub2 (2.04-1ubuntu33) groovy; urgency=medium |
217 | + |
218 | + * Build-depend on fonts-dejavu-core, not obsolete ttf-dejavu-core. |
219 | + |
220 | + -- Steve Langasek <steve.langasek@ubuntu.com> Sun, 13 Sep 2020 23:49:08 -0700 |
221 | + |
222 | +grub2 (2.04-1ubuntu32) groovy; urgency=medium |
223 | + |
224 | + * ubuntu-linuxefi-arm64.patch: Fix build on armhf |
225 | + |
226 | + -- Julian Andres Klode <juliank@ubuntu.com> Fri, 11 Sep 2020 20:33:34 +0200 |
227 | + |
228 | +grub2 (2.04-1ubuntu31) groovy; urgency=medium |
229 | + |
230 | + * ubuntu-linuxefi-arm64.patch: Restore arm64 parts of ubuntu-linuxefi.patch |
231 | + that got lost in the 2.04 rebase (LP: #1862279) |
232 | + |
233 | + -- Julian Andres Klode <juliank@ubuntu.com> Fri, 11 Sep 2020 17:49:50 +0200 |
234 | + |
235 | +grub2 (2.04-1ubuntu30) groovy; urgency=medium |
236 | + |
237 | + * postinst.in: do not attempt to call grub-install upon fresh install of |
238 | + grub-pc because it it a job of installers to do that after fresh |
239 | + install. |
240 | + * grub-multi-install: fix non-interactive failures for grub-efi like it |
241 | + was fixed in postinst for grub-pc. |
242 | + |
243 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 03 Sep 2020 14:54:23 +0100 |
244 | + |
245 | +grub2 (2.04-1ubuntu29) groovy; urgency=medium |
246 | + |
247 | + * grub-install: cherry-pick patch from grub-devel to make grub-install |
248 | + fault tolerant. Create backup of files in /boot/grub, and restore them |
249 | + on failure to complete grub-install. LP: #1891680 |
250 | + * postinst.in: do not exit successfully when failing to show critical |
251 | + grub-pc/install_devices_failed and grub-pc/install_devices_empty |
252 | + prompts in non-interactive mode. This enables surfacing upgrade errors |
253 | + to the users and/or automation. LP: #1891680 |
254 | + * postinst.in: Fixup postinst.in, to attempt grub-install upon explicit |
255 | + dpkg-reconfigure grub-pc. LP: #1892526 |
256 | + |
257 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 01 Sep 2020 20:04:44 +0100 |
258 | + |
259 | +grub2 (2.04-1ubuntu28) groovy; urgency=medium |
260 | + |
261 | + * Ensure that grub-multi-install can always find templates (LP: #1879948) |
262 | + * Fix changelog entries for security update |
263 | + |
264 | + -- Julian Andres Klode <juliank@ubuntu.com> Mon, 10 Aug 2020 15:07:29 +0200 |
265 | + |
266 | +grub2 (2.04-1ubuntu27) groovy; urgency=medium |
267 | + |
268 | + * debian/patches/ubuntu-flavour-order.patch: |
269 | + - Add a (hidden) GRUB_FLAVOUR_ORDER setting that can mark certain kernel |
270 | + flavours as preferred, and specify an order between those preferred |
271 | + flavours (LP: #1882663) |
272 | + * debian/patches/ubuntu-zfs-enhance-support.patch: |
273 | + - Use version_find_latest for ordering kernels, so it also supports |
274 | + the GRUB_FLAVOUR_ORDER setting. |
275 | + * debian/patches/ubuntu-dont-verify-loopback-images.patch: |
276 | + - disk/loopback: Don't verify loopback images (LP: #1878541), |
277 | + Thanks to Chris Coulson for the patch |
278 | + * debian/patches/ubuntu-recovery-dis_ucode_ldr.patch |
279 | + - Pass dis_ucode_ldr to kernel for recovery mode (LP: #1831789) |
280 | + * debian/patches/ubuntu-add-initrd-less-boot-fallback.patch: |
281 | + - Merge changes from xnox to fix multiple initrds support (LP: #1878705) |
282 | + * debian/patches/ubuntu-clear-invalid-initrd-spacing.patch: |
283 | + - Remove, no longer needed thanks to xnox's patch |
284 | + |
285 | + -- Julian Andres Klode <juliank@ubuntu.com> Thu, 06 Aug 2020 14:47:52 +0200 |
286 | + |
287 | +grub2 (2.04-1ubuntu26.2) focal; urgency=medium |
288 | + |
289 | + * debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc |
290 | + package, since we cannot be certain that it will install to the correct |
291 | + disk and a grub-install failure will render the system unbootable. |
292 | + LP: #1889556. |
293 | + |
294 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 30 Jul 2020 17:34:25 -0700 |
295 | + |
296 | +grub2 (2.04-1ubuntu26.1) focal; urgency=medium |
297 | + |
298 | + [ Julian Andres Klode ] |
299 | + * Move gettext patches out of git-dpm's way, so it does not delete them |
300 | + |
301 | + [ Chris Coulson ] |
302 | + * SECURITY UPDATE: Heap buffer overflow when encountering commands that |
303 | + cannot be tokenized to less than 8192 characters. |
304 | + - 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make |
305 | + fatal lexer errors actually be fatal |
306 | + - CVE-2020-10713 |
307 | + * SECURITY UPDATE: Multiple integer overflow bugs that could result in |
308 | + heap buffer allocations that were too small and subsequent heap buffer |
309 | + overflows when handling certain filesystems, font files or PNG images. |
310 | + - 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add |
311 | + arithmetic primitives that allow for overflows to be detected |
312 | + - 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch: |
313 | + Make sure that there is always an overflow checking implementation |
314 | + of calloc() available |
315 | + - 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where |
316 | + appropriate |
317 | + - 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use |
318 | + overflow-safe arithmetic primitives when performing allocations |
319 | + based on the results of operations that might overflow |
320 | + - 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in |
321 | + hfsplus |
322 | + - 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix |
323 | + more potential integer overflows in lvm |
324 | + - CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 |
325 | + * SECURITY UPDATE: Use-after-free when executing a command that causes |
326 | + a currently executing function to be redefined. |
327 | + - 0092-script-Remove-unused-fields-from-grub_script_functio.patch: |
328 | + Remove unused fields from grub_script_function |
329 | + - 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch: |
330 | + Avoid a use-after-free when redefining a function during execution |
331 | + - CVE-2020-15706 |
332 | + * SECURITY UPDATE: Integer overflows that could result in heap buffer |
333 | + allocations that were too small and subsequent heap buffer overflows |
334 | + during initrd loading. |
335 | + - 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix |
336 | + integer overflows in initrd size handling |
337 | + - 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix |
338 | + integer overflows in linuxefi grub_cmd_initrd |
339 | + - CVE-2020-15707 |
340 | + * Various fixes as a result of code review and static analysis: |
341 | + - 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a |
342 | + memory leak on realloc failures when processing symbolic links |
343 | + - 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a |
344 | + memory leak when processing font files with more than one NAME |
345 | + section |
346 | + - 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap |
347 | + after it is freed in order to avoid a potential double free later on |
348 | + - 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an |
349 | + out-of-bounds read in LzmaEncode |
350 | + - 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use |
351 | + priority queues and fix a double free |
352 | + - 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix |
353 | + various arithmetic errors with malformed device paths |
354 | + - 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix |
355 | + a NULL deref in the chainloader command introduced by a previous |
356 | + patch |
357 | + - 0099-efi-Fix-use-after-free-in-halt-reboot-path.patch: Fix a |
358 | + use-after-free in the halt and reboot commands by not freeing |
359 | + allocated memory in these paths |
360 | + - 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch: |
361 | + Avoid a double free in the chainloader command when validation fails |
362 | + - 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch: |
363 | + Protect grub_relocator_alloc_chunk_addr input arguments against |
364 | + integer overflow / underflow |
365 | + - 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch: |
366 | + Protect grub_relocator_alloc_chunk_align max_addr argument against |
367 | + integer underflow |
368 | + - 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix |
369 | + grub_relocator_alloc_chunk_align top memory allocation |
370 | + - 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch: |
371 | + Avoid overflow on initrd size calculation |
372 | + |
373 | + [ Dimitri John Ledkov ] |
374 | + * SECURITY UPDATE: Grub does not enforce kernel signature validation |
375 | + when the shim protocol isn't present. |
376 | + - 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch: |
377 | + Fail kernel validation if the shim protocol isn't available |
378 | + - CVE-2020-15705 |
379 | + |
380 | + -- Chris Coulson <chris.coulson@canonical.com> Mon, 20 Jul 2020 19:19:08 +0100 |
381 | + |
382 | +grub2 (2.04-1ubuntu26) focal; urgency=medium |
383 | + |
384 | + [ Julian Andres Klode ] |
385 | + * Move /boot/efi -> debconf migration into wrapper, so it runs everywhere |
386 | + (LP: #1872077) |
387 | + * Display disk name and size in the ESP selection dialog, instead of ??? |
388 | + |
389 | + [ Sebastien Bacher ] |
390 | + * debian/patches/gettext, |
391 | + debian/patches/rules: |
392 | + - backport upstream patches to fix the list of translated strings, |
393 | + reported on the ubuntu-translators mailing list. The changes would |
394 | + be overwritten by autoreconf so applying from a rules override. |
395 | + |
396 | + -- Julian Andres Klode <juliank@ubuntu.com> Wed, 15 Apr 2020 13:31:27 +0200 |
397 | + |
398 | +grub2 (2.04-1ubuntu25) focal; urgency=medium |
399 | + |
400 | + [ Jean-Baptiste Lallement ] |
401 | + [ Didier Roche ] |
402 | + * debian/patches/ubuntu-zfs-enhance-support.patch: |
403 | + - fix trailing } when no advanced menu is printed |
404 | + - ensure we unmount all temporary snapshots path before zfs collect them |
405 | + out. |
406 | + * debian/patches/ubuntu-speed-zsys-history.patch: |
407 | + - Speed up navigating zsys history by reducing greatly grub.cfg file size. |
408 | + It used to take eg 80 seconds when loading 100 system snapshots. This is |
409 | + now instantaneous by using a function with parameters that the users can |
410 | + still easily edit. |
411 | + |
412 | + -- Didier Roche <didrocks@ubuntu.com> Mon, 13 Apr 2020 15:17:42 +0200 |
413 | + |
414 | +grub2 (2.04-1ubuntu24) focal; urgency=medium |
415 | + |
416 | + * Support installing to multiple ESPs (LP: #1871821) |
417 | + |
418 | + -- Julian Andres Klode <juliank@ubuntu.com> Thu, 09 Apr 2020 12:51:07 +0200 |
419 | + |
420 | +grub2 (2.04-1ubuntu23) focal; urgency=medium |
421 | + |
422 | + [ Jean-Baptiste Lallement ] |
423 | + [ Didier Roche ] |
424 | + * Performance improvements for update-grub on ZFS systems (LP: #1869885) |
425 | + |
426 | + -- Didier Roche <didrocks@ubuntu.com> Tue, 31 Mar 2020 15:30:36 +0200 |
427 | + |
428 | +grub2 (2.04-1ubuntu22) focal; urgency=medium |
429 | + |
430 | + * smbios: Add a --linux argument to apply linux modalias-like filtering |
431 | + * Make the linux command in EFI grub always try EFI handover; thanks |
432 | + to Chris Coulson for the patches (LP: #1864533) |
433 | + |
434 | + -- Julian Andres Klode <juliank@ubuntu.com> Wed, 11 Mar 2020 17:46:35 +0100 |
435 | + |
436 | +grub2 (2.04-1ubuntu21) focal; urgency=medium |
437 | + |
438 | + * Make ZFS menu generation depending on new zsysd binary instead of eoan |
439 | + zsys compatibility symlink. |
440 | + |
441 | + -- Didier Roche <didrocks@ubuntu.com> Wed, 26 Feb 2020 09:59:49 +0100 |
442 | + |
443 | +grub2 (2.04-1ubuntu20) focal; urgency=medium |
444 | + |
445 | + * build-efi-images: do not produce -installer.efi.signed. LP: #1863994 |
446 | + |
447 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 25 Feb 2020 01:11:31 +0000 |
448 | + |
449 | +grub2 (2.04-1ubuntu19) focal; urgency=medium |
450 | + |
451 | + * uefi-firmware: rename fwsetup menuentry to UEFI Firmware Settings |
452 | + (LP: #1864547) |
453 | + * build-efi-images: add smbios module to the prebuilt signed EFI images |
454 | + (LP: #1856424) |
455 | + |
456 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 24 Feb 2020 20:34:13 +0000 |
457 | + |
458 | +grub2 (2.04-1ubuntu18) focal; urgency=medium |
459 | + |
460 | + * Cherry-pick fix from Colin W. in debian to build with python3. |
461 | + |
462 | + -- Didier Roche <didrocks@ubuntu.com> Thu, 06 Feb 2020 18:37:44 +0100 |
463 | + |
464 | +grub2 (2.04-1ubuntu17) focal; urgency=medium |
465 | + |
466 | + * Fix ZFS menu generation with ZFS 0.8.x where mounted datasets can’t list |
467 | + snapshots due to an upstream change. |
468 | + https://github.com/zfsonlinux/zfs/issues/9958 |
469 | + |
470 | + -- Didier Roche <didrocks@ubuntu.com> Thu, 06 Feb 2020 18:20:16 +0100 |
471 | + |
472 | +grub2 (2.04-1ubuntu16) focal; urgency=medium |
473 | + |
474 | + * Revert "Add smbios module to build-efi-images script" from previous |
475 | + upload, pending review see https://bugs.launchpad.net/bugs/1856424 |
476 | + |
477 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Sun, 15 Dec 2019 01:28:49 +0000 |
478 | + |
479 | +grub2 (2.04-1ubuntu15) focal; urgency=medium |
480 | + |
481 | + * ubuntu-efi-allow-loopmount-chainload.patch: |
482 | + - Enable chainloading EFI apps from loopmounts |
483 | + * cherrypick-lsefisystab-define-smbios3.patch: |
484 | + * cherrypick-smbios-modules.patch: |
485 | + - Cherrypick from 2.05 module for retrieving SMBIOS information |
486 | + * cherrypick-lsefisystab-show-dtb.patch: |
487 | + - If dtb is provided by the firmware / DtbLoader driver, display it in |
488 | + human form, rather than just UUID |
489 | + |
490 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 13 Dec 2019 11:24:21 +0000 |
491 | + |
492 | +grub2 (2.04-1ubuntu14) focal; urgency=medium |
493 | + |
494 | + * debian/patches/ubuntu-zfs-enhance-support.patch: |
495 | + - Handle the case where grub-probe returns several devices for a single |
496 | + pool (LP: #1848856). Thanks jpb for the report and the proposed patch. |
497 | + - Add savedefault to non-recovery entries (LP: #1850202). Thanks Deltik |
498 | + for the patch. |
499 | + - Do not crash on invalid fstab and report the invalid entry. |
500 | + (LP: #1849347) Thanks Deltik for the patch. |
501 | + - When a pool fails to import, catch and display the error message and |
502 | + continue with other pools. Import all the pools in readonly mode so we |
503 | + can import other pools with unsupported features (LP: #1848399) Thanks |
504 | + satmandu for the investigation and the proposed patch |
505 | + |
506 | + -- Jean-Baptiste Lallement <jean-baptiste.lallement@ubuntu.com> Mon, 18 Nov 2019 11:22:43 +0100 |
507 | + |
508 | +grub2 (2.04-1ubuntu13) focal; urgency=medium |
509 | + |
510 | + * debian/patches/ubuntu-tpm-unknown-error-non-fatal.patch: treat "unknown" |
511 | + TPM errors as non-fatal, but still write up the details as debug messages |
512 | + so we can further track what happens with the systems throwing those up. |
513 | + (LP: #1848892) |
514 | + * debian/patches/ubuntu-linuxefi.patch: Drop extra check for Secure Boot |
515 | + status in linuxefi_secure_validate(); it's unnecessary and blocking boot |
516 | + in chainload (like chainloading Windows) when SB is disabled. |
517 | + (LP: #1845289) |
518 | + |
519 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 31 Oct 2019 17:58:47 -0400 |
520 | + |
521 | +grub2 (2.04-1ubuntu12) eoan; urgency=medium |
522 | + |
523 | + * Move our identifier to com.ubuntu |
524 | + As we are not going to own org.zsys, move our identifier under |
525 | + com.ubuntu.zsys (LP: #1847711) |
526 | + |
527 | + -- Didier Roche <didrocks@ubuntu.com> Fri, 11 Oct 2019 15:57:47 +0200 |
528 | + |
529 | +grub2 (2.04-1ubuntu11) eoan; urgency=medium |
530 | + |
531 | + * Load all kernels (even those without .efi.signed) for secure boot mode |
532 | + as those are signed kernels on ubuntu, loaded by the shim. (LP: #1847581) |
533 | + |
534 | + -- Didier Roche <didrocks@ubuntu.com> Thu, 10 Oct 2019 11:40:44 +0200 |
535 | + |
536 | +grub2 (2.04-1ubuntu10) eoan; urgency=medium |
537 | + |
538 | + * debian/patches/ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch: |
539 | + skip /dev/disk/by-id/lvm-pvm-uuid entries from device iteration. |
540 | + (LP: #1838525) |
541 | + |
542 | + -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Mon, 07 Oct 2019 23:23:54 -0300 |
543 | + |
544 | +grub2 (2.04-1ubuntu9) eoan; urgency=medium |
545 | + |
546 | + * debian/patches/ubuntu-zfs-enhance-support.patch: |
547 | + - Handle case of pure zfs only snapshots giving additional "}", and as |
548 | + such, creating invalid grub menu. |
549 | + Spotted by grubzfs-testsuite autopkgtests. |
550 | + |
551 | + -- Didier Roche <didrocks@ubuntu.com> Wed, 02 Oct 2019 09:59:19 +0200 |
552 | + |
553 | +grub2 (2.04-1ubuntu8) eoan; urgency=medium |
554 | + |
555 | + * debian/patches/install-signed.patch -> ubuntu-install-signed.patch: |
556 | + Really fix the installation of UEFI artefacts to the distributor path (we |
557 | + only want shim, grub, and MokManager, and shim's boot.csv there), and to |
558 | + the removable /EFI/BOOT path (where we want shim and fallback only). |
559 | + Rename the patch to ubuntu- like others that are Ubuntu-specific or |
560 | + otherwise modified to avoid such confusion at merge time in the future. |
561 | + |
562 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Tue, 01 Oct 2019 11:29:24 -0400 |
563 | + |
564 | +grub2 (2.04-1ubuntu7) eoan; urgency=medium |
565 | + |
566 | + * debian/patches/ubuntu-zfs-enhance-support.patch: |
567 | + Disable history entry under some conditions: |
568 | + - Don't show up if the system is a zsys one and zsys isn't installed |
569 | + (LP: #1845333) |
570 | + - Don't show for pure zfs systems: we identified multiple issues due |
571 | + to the mount generator in upstream zfs which makes it incompatible. |
572 | + Disable for now (LP: #1845913) |
573 | + |
574 | + -- Didier Roche <didrocks@ubuntu.com> Mon, 30 Sep 2019 09:35:03 +0200 |
575 | + |
576 | +grub2 (2.04-1ubuntu6) eoan; urgency=medium |
577 | + |
578 | + * debian/patches/install-signed.patch: fix paths for MokManager/fallback; |
579 | + shim no longer ships these with a .signed suffix. (LP: #1845466) |
580 | + |
581 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 26 Sep 2019 09:48:07 -0400 |
582 | + |
583 | +grub2 (2.04-1ubuntu5) eoan; urgency=medium |
584 | + |
585 | + * d/patches/ubuntu-boot-from-multipath-dependent-symlink.patch: fix |
586 | + mis-spelling of helper function in final computation of GRUB_DEVICE in |
587 | + multipath case. |
588 | + |
589 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 13 Aug 2019 08:56:16 +1200 |
590 | + |
591 | +grub2 (2.04-1ubuntu4) eoan; urgency=medium |
592 | + |
593 | + * d/patches/ubuntu-boot-from-multipath-dependent-symlink.patch: when / is |
594 | + multipathed there will be multiple paths to the partition, so using |
595 | + root=UUID= exposes the boot process to udev races. In addition |
596 | + grub-probe --target device / in this case reports /dev/dm-1 or similar -- |
597 | + better to use a symlink that depends on the multipath name. (LP: #1429327) |
598 | + |
599 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 06 Aug 2019 12:37:18 +1200 |
600 | + |
601 | +grub2 (2.04-1ubuntu3) eoan; urgency=medium |
602 | + |
603 | + [ Mathieu Trudel-Lapierre ] |
604 | + * debian/patches/ubuntu-add-devicetree-command-support.patch: import patch |
605 | + into git-dpm: drop [PATCH] tag and add Patch-Name. |
606 | + |
607 | + [ Didier Roche ] |
608 | + * debian/patches/ubuntu-zfs-enhance-support.patch |
609 | + - Don't patch autoregenerated files. |
610 | + - rewrite generate MenuMeta implementation in shell (LP: #1834095) |
611 | + mawk doesn't support \s and other array features. |
612 | + + Change \s by their space or tab equivalent. |
613 | + + Rewrite the menumeta generation in pure shell, which is easier to |
614 | + debug, keeping globally the same algorithm |
615 | + + Support i18n in entry name generation. |
616 | + Co-authored with Jean-Baptiste. |
617 | + - Resplit all patches in debian/patches/*, so that we have upstreamable |
618 | + and non upstreamable parts separate. Also, any change in 10_linux patch |
619 | + will be reflected in 10_linux_zfs. |
620 | + - Always import pools (using force), as we don't mount them. Ensure also |
621 | + that we don't update the host cache, as we import all pools, and not |
622 | + only those attached to that system. |
623 | + |
624 | + -- Didier Roche <didrocks@ubuntu.com> Mon, 29 Jul 2019 08:08:48 +0200 |
625 | + |
626 | +grub2 (2.04-1ubuntu2) eoan; urgency=medium |
627 | + |
628 | + * Add device-tree command support as installed by flash-kernel. |
629 | + |
630 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 17 Jul 2019 23:47:27 +0100 |
631 | + |
632 | +grub2 (2.04-1ubuntu1) eoan; urgency=medium |
633 | + |
634 | + * Merge against Debian; remaining changes: |
635 | + - debian/control: Update Vcs fields for code location on Ubuntu. |
636 | + - debian/control: Breaks shim (<< 13). |
637 | + - debian/patches/linuxefi.patch: Secure Boot support: use newer patchset |
638 | + from rhboot repo, flattened to a single patch. |
639 | + - debian/patches/install_signed.patch, grub-install-extra-removable.patch: |
640 | + - Make sure if we install shim; it should also be exported as the default |
641 | + bootloader to install later to a removable path, if we do. |
642 | + - Rework grub-install-extra-removable.patch to reverse its logic: in the |
643 | + default case, install the bootloader to /EFI/BOOT, unless we're trying |
644 | + to install on a removable device, or explicitly telling grub *not* to |
645 | + do it. |
646 | + - Install a BOOT.CSV for fallback to use. |
647 | + - Make sure postinst and templates know about the replacement of |
648 | + --force-extra-removable with --no-extra-removable. |
649 | + - debian/patches/ubuntu-support-initrd-less-boot.patch: allow non-initrd |
650 | + boot config. |
651 | + - debian/patches/ubuntu-add-initrd-less-boot-fallback.patch: If a kernel |
652 | + fails to boot without initrd, we will fallback to trying to boot the |
653 | + kernel with an initrd. |
654 | + - debian/patches/ubuntu-mkconfig-leave-breadcrumbs.patch: make sure |
655 | + grub-mkconfig leaves a trace of what files were sourced to help generate |
656 | + the config we're building. |
657 | + - debian/patches/ubuntu-efi-console-set-text-mode-as-needed.patch: in EFI |
658 | + console, only set text-mode when we're actually going to need it. |
659 | + - debian/patches/ubuntu-zfs-enhance-support.patch: Better ZFS grub support. |
660 | + - Disable os-prober for ppc64el on the PowerNV platform, to reduce the |
661 | + number of entries/clutter from other OSes in Petitboot |
662 | + - debian/patches/ubuntu-shorter-version-info.patch: Only show the upstream |
663 | + version in menu and console, and hide the package one in a |
664 | + package_version variable. |
665 | + - Verify that the current and newer kernels are signed when grub is |
666 | + updated, to make sure people do not accidentally shutdown without a |
667 | + signed kernel. |
668 | + - debian/default/grub: replace GRUB_HIDDEN_* variables with the less |
669 | + confusing GRUB_TIMEOUT_STYLE=hidden. |
670 | + - debian/rules: shuffle files around for now to keep build artefacts |
671 | + for signing at the same location as they were expected by Launchpad. |
672 | + - debian/rules, debian/control: enable dh-systemd. |
673 | + - debian/grub-common.install.in: install the systemd unit that's part of |
674 | + initrd fallback handling, missed when the feature landed. |
675 | + - debian/build-efi-images: add http module to NET_MODULES. |
676 | + * debian/patches/linuxefi*.patch: Flatten linuxefi patches into one. |
677 | + * debian/patches: rename patches to use "-" as a separator rather than "_". |
678 | + * debian/patches: rename Ubuntu-specific patches and commits to add "ubuntu" |
679 | + so it's clearer which are new or changed when doing a merge. |
680 | + * debian/patches/ubuntu-fix-lzma-decompressor-objcopy.patch: fix FTBFS due |
681 | + to objcopy building an invalid binary padded with zeroes (LP: #1833234) |
682 | + * debian/patches/ubuntu-clear-invalid-initrd-spacing.patch: clear up invalid |
683 | + spacing for the initrd command when not using early initrds. |
684 | + * debian/patches/ubuntu-add-initrd-less-boot-fallback.patch: move the initrd |
685 | + boot success/failure service to start later at boot time. (LP: #1823391) |
686 | + * debian/patches/fix-lockdown.patch: Drop lockdown patch from Debian, which |
687 | + breaks with new linuxefi patchset. |
688 | + * debian/patches/ubuntu-temp-keep-auto-nvram.patch: Temporarily keep the |
689 | + --auto-nvram option we previously had as a supported option in grub-install |
690 | + (with no effect now), to avoid breaking upgrades. "auto-nvram" is default |
691 | + behavior now that we use libefivar instead of calling efibootmgr. |
692 | + |
693 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Tue, 16 Jul 2019 11:31:29 -0400 |
694 | + |
695 | grub2 (2.04-2) UNRELEASED; urgency=medium |
696 | |
697 | [ James Clarke ] |
698 | @@ -139,6 +642,112 @@ grub2 (2.02+dfsg1-13) unstable; urgency=medium |
699 | |
700 | -- Colin Watson <cjwatson@debian.org> Thu, 14 Mar 2019 10:33:24 +0000 |
701 | |
702 | +grub2 (2.02+dfsg1-12ubuntu3) eoan; urgency=medium |
703 | + |
704 | + * debian/patches/zfs_enhance_support.patch: |
705 | + Enhance ZFS grub support: |
706 | + - Support multiple zfs systems (grouped by machine-id) |
707 | + - Group zfs snapshots and clones with latest dataset for a given |
708 | + installation. |
709 | + - Support "history" entry with one time boot, recovery mode and |
710 | + consecutive reboots. |
711 | + - Pin kernel to particular snapshot, trying to reboot with the exact |
712 | + same kernel and initrd. |
713 | + - Disable in 10_linux zfs support if 10_linux_zfs is installed so that |
714 | + we don't end up with the same installation multiple times. |
715 | + * debian/patches/*: |
716 | + - Apply ubuntu/debian specific changes of 10_linux to 10_linux_zfs. |
717 | + |
718 | + Work done with Jean-Baptiste. |
719 | + |
720 | + -- Didier Roche <didrocks@ubuntu.com> Mon, 17 Jun 2019 11:28:48 +0200 |
721 | + |
722 | +grub2 (2.02+dfsg1-12ubuntu2) disco; urgency=medium |
723 | + |
724 | + * debian/patches/efi-console-set-text-mode-as-needed.patch: in EFI console, |
725 | + only set text-mode when we're actually going to need it. |
726 | + * debian/build-efi-images: add http module to NET_MODULES. (LP: #1787630) |
727 | + |
728 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 11 Mar 2019 17:48:49 -0400 |
729 | + |
730 | +grub2 (2.02+dfsg1-12ubuntu1) disco; urgency=medium |
731 | + |
732 | + * Merge against Debian unstable; remaining changes (LP: #564853): |
733 | + - debian/control: Update Vcs fields for code location on Ubuntu. |
734 | + - debian/control: Breaks shim (<< 13). |
735 | + - Secure Boot support: use newer patchset from rhboot repo: |
736 | + - many linuxefi_* patches added and modified |
737 | + - dropped debian/patches/linuxefi_require_shim.patch |
738 | + - renamed: debian/patches/no_insmod_on_sb.patch -> |
739 | + debian/patches/linuxefi_no_insmod_on_sb.patch |
740 | + - debian/patches/install_signed.patch, grub-install-extra-removable.patch: |
741 | + - Make sure if we install shim; it should also be exported as the default |
742 | + bootloader to install later to a removable path, if we do. |
743 | + - Rework grub-install-extra-removable.patch to reverse its logic: in the |
744 | + default case, install the bootloader to /EFI/BOOT, unless we're trying |
745 | + to install on a removable device, or explicitly telling grub *not* to |
746 | + do it. |
747 | + - Install a BOOT.CSV for fallback to use. |
748 | + - Make sure postinst and templates know about the replacement of |
749 | + --force-extra-removable with --no-extra-removable. |
750 | + - debian/patches/add-an-auto-nvram-option-to-grub-install.patch: Add the |
751 | + --auto-nvram option to grub-install for auto-detecting NVRAM availability |
752 | + before attempting NVRAM updates. |
753 | + - debian/build-efi-images: provide a new grub EFI image which enforces that |
754 | + loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is |
755 | + the same as grub$arch.efi minus the 'linux' module. Without fallback to |
756 | + 'linux' for unsigned loading, this makes it effectively enforce having a |
757 | + signed kernel. |
758 | + - Verify that the current and newer kernels are signed when grub is |
759 | + updated, to make sure people do not accidentally shutdown without a |
760 | + signed kernel. |
761 | + - debian/default/grub: replace GRUB_HIDDEN_* variables with the less |
762 | + confusing GRUB_TIMEOUT_STYLE=hidden. |
763 | + - debian/patches/support_initrd-less_boot.patch: Added knobs to allow |
764 | + non-initrd boot config. |
765 | + - Disable os-prober for ppc64el on the PowerNV platform, to reduce the |
766 | + number of entries/clutter from other OSes in Petitboot |
767 | + - debian/patches/shorter_version_info.patch: Only show the upstream version |
768 | + in menu and console, and hide the package one in a package_version |
769 | + variable. |
770 | + - debian/patches/skip_text_gfxpayload_where_not_supported.patch: Skip the |
771 | + 'text' payload if it's not supported but present in gfxpayload, such as |
772 | + on EFI systems. |
773 | + - debian/patches/bufio_sensible_block_sizes.patch: Don't use arbitrary file |
774 | + fizes as block sizes in bufio: this avoids potentially seeking back in |
775 | + the files unnecessarily, which may require re-open files that cannot be |
776 | + seeked into, such as via TFTP. |
777 | + - debian/patches/ofnet-init-structs-in-bootpath-parser.patch: initialize |
778 | + structs in bootpath parser. |
779 | + - debian/rules: shuffle files around for now to keep build artefacts |
780 | + for signing at the same location as they were expected by Launchpad. |
781 | + - debian/rules, debian/control: enable dh-systemd. |
782 | + - debian/grub-common.install.in: install the systemd unit that's part of |
783 | + initrd fallback handling, missed when the feature landed. |
784 | + - debian/patches/quick-boot-lvm.patch: If we don't have writable |
785 | + grubenv and we're on EFI, always show the menu. |
786 | + - debian/patches/mkconfig_leave_breadcrumbs.patch: make sure grub-mkconfig |
787 | + leaves a trace of what files were sourced to help generate the config |
788 | + we're building. |
789 | + - debian/patches/linuxefi_truncate_overlong_reloc_section.patch: Windows |
790 | + 7 bootloader has inconsistent headers; truncate to the smaller, correct |
791 | + size to fix chainloading Windows 7. |
792 | + - debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in |
793 | + relocate_coff() causing issues with relocation of code in chainload. |
794 | + - debian/patches/add-initrd-less-boot-fallback.patch: add initrd-less |
795 | + capabilities. If a kernel fails to boot without initrd, we will fallback |
796 | + to trying to boot the kernel with an initrd. Patch by Chris Glass. |
797 | + - debian/patches/grub-reboot-warn.patch: Warn when "for the next |
798 | + boot only" promise cannot be kept. |
799 | + * Refreshed patches and fixed up attribution to the right authors after |
800 | + merge with Debian. |
801 | + * debian/patches/linuxefi_missing_include.patch, |
802 | + debian/patches/linuxefi_fixing_more_errors.patch: Apply some additional |
803 | + small fixes to casts, format strings, includes and Makefile to make sure |
804 | + the newer linuxefi patches apply and build properly. |
805 | + |
806 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Tue, 05 Mar 2019 17:05:09 -0500 |
807 | + |
808 | grub2 (2.02+dfsg1-12) unstable; urgency=medium |
809 | |
810 | [ Colin Watson ] |
811 | @@ -283,6 +892,175 @@ grub2 (2.02+dfsg1-6) unstable; urgency=medium |
812 | |
813 | -- Colin Watson <cjwatson@debian.org> Tue, 28 Aug 2018 16:17:21 +0100 |
814 | |
815 | +grub2 (2.02+dfsg1-5ubuntu11) disco; urgency=medium |
816 | + |
817 | + [ Mathieu Trudel-Lapierre ] |
818 | + * debian/grub-check-signatures: properly account for DB showing as empty on |
819 | + some broken firmwares: Guard against mokutil --export --db failing, and do |
820 | + a better job at finding the DER certs for conversion to PEM format. |
821 | + (LP: #1814575) |
822 | + |
823 | + [ Steve Langasek ] |
824 | + * debian/patches/quick-boot-lvm.patch: checking the return value of |
825 | + 'lsefi' when the command doesn't exist does not do what's expected, so |
826 | + instead check the value of $grub_platform which is simpler anyway. |
827 | + LP: #1814403. |
828 | + |
829 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 04 Feb 2019 17:51:15 -0500 |
830 | + |
831 | +grub2 (2.02+dfsg1-5ubuntu10) disco; urgency=medium |
832 | + |
833 | + * debian/grub-check-signatures: check kernel signatures against keys known |
834 | + in firmware, in case a kernel is signed but not using a key that will pass |
835 | + validation, such as when using kernels coming from a PPA. (LP: #1789918) |
836 | + |
837 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 21 Jan 2019 09:34:36 -0500 |
838 | + |
839 | +grub2 (2.02+dfsg1-5ubuntu9) disco; urgency=medium |
840 | + |
841 | + [ Steve Langasek ] |
842 | + * debian/patches/quick-boot-lvm.patch: If we don't have writable |
843 | + grubenv and we're on EFI, always show the menu. Closes LP: #1800722. |
844 | + |
845 | + [ Mathieu Trudel-Lapierre ] |
846 | + * debian/patches/mkconfig_leave_breadcrumbs.patch: make sure grub-mkconfig |
847 | + leaves a trace of what files were sourced to help generate the config |
848 | + we're building. |
849 | + |
850 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 07 Jan 2019 17:32:01 -0500 |
851 | + |
852 | +grub2 (2.02+dfsg1-5ubuntu8) cosmic; urgency=medium |
853 | + |
854 | + * debian/patches/grub-install-extra-removable.patch: install mmx64.efi to |
855 | + the EFI removable path to avoid boot failures after install when certs |
856 | + need to be enrolled and the system's firmware is confused. (LP: #1798171) |
857 | + |
858 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 17 Oct 2018 14:44:49 -0400 |
859 | + |
860 | +grub2 (2.02+dfsg1-5ubuntu7) cosmic; urgency=medium |
861 | + |
862 | + [ Steve Langasek ] |
863 | + * debian/grub-common.install.in: install the systemd unit that's part of |
864 | + initrd fallback handling, missed when the feature landed. |
865 | + |
866 | + [ Mathieu Trudel-Lapierre ] |
867 | + * debian/rules: set DEFAULT_TIMEOUT to 0 if we've enabled FLICKER_FREE_BOOT, |
868 | + to avoid unnecessary delay at boot time. (LP: #1784363) |
869 | + |
870 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Fri, 12 Oct 2018 11:10:10 -0400 |
871 | + |
872 | +grub2 (2.02+dfsg1-5ubuntu6) cosmic; urgency=medium |
873 | + |
874 | + [ Steve Langasek ] |
875 | + * debian/grub-check-signatures: Handle the case where we have unsigned |
876 | + vmlinuz and signed vmlinuz.efi.signed. (LP: #1788727) |
877 | + |
878 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 03 Oct 2018 14:59:05 -0400 |
879 | + |
880 | +grub2 (2.02+dfsg1-5ubuntu5) cosmic; urgency=medium |
881 | + |
882 | + [ Mathieu Trudel-Lapierre ] |
883 | + * debian/patches/linuxefi_truncate_overlong_reloc_section.patch: The Windows |
884 | + 7 bootloader has inconsistent headers; truncate to the smaller, correct |
885 | + size to fix chainloading Windows 7. |
886 | + |
887 | + [ Steve Langasek ] |
888 | + * debian/rules, debian/control: enable dh-systemd. |
889 | + * debian/patches/add-initrd-less-boot-fallback.patch: add initrd-less |
890 | + capabilities. If a kernel fails to boot without initrd, grub will fallback |
891 | + to trying to boot the kernel with an initrd. Patch by Chris Glass. |
892 | + |
893 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Tue, 25 Sep 2018 16:05:13 -0400 |
894 | + |
895 | +grub2 (2.02+dfsg1-5ubuntu4) cosmic; urgency=medium |
896 | + |
897 | + * debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in |
898 | + relocate_coff() causing issues with relocation of code in chainload. |
899 | + (LP: #1792575) |
900 | + |
901 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 17 Sep 2018 07:45:49 -0400 |
902 | + |
903 | +grub2 (2.02+dfsg1-5ubuntu3) cosmic; urgency=medium |
904 | + |
905 | + * debian/patches/grub-reboot-warn.patch: Warn when "for the next |
906 | + boot only" promise cannot be kept. (LP: #788298) |
907 | + |
908 | + -- dann frazier <dannf@ubuntu.com> Thu, 13 Sep 2018 15:28:50 -0600 |
909 | + |
910 | +grub2 (2.02+dfsg1-5ubuntu2) cosmic; urgency=medium |
911 | + |
912 | + * debian/patches/add_ext_lfb_base_support.patch: i386/linux: Add support for |
913 | + ext_lfb_base. (LP: #1785033) |
914 | + |
915 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 05 Sep 2018 14:29:04 -0400 |
916 | + |
917 | +grub2 (2.02+dfsg1-5ubuntu1) cosmic; urgency=medium |
918 | + |
919 | + [ Mathieu Trudel-Lapierre] |
920 | + * Merge against Debian unstable; remaining changes: |
921 | + - debian/control: Update Vcs fields for code location on Ubuntu. |
922 | + - debian/control: Breaks shim (<< 13). |
923 | + - Secure Boot support: use newer patchset from rhboot repo: |
924 | + - many linuxefi_* patches added and modified |
925 | + - dropped debian/patches/linuxefi_require_shim.patch |
926 | + - renamed: debian/patches/no_insmod_on_sb.patch -> |
927 | + debian/patches/linuxefi_no_insmod_on_sb.patch |
928 | + - debian/patches/install_signed.patch, grub-install-extra-removable.patch: |
929 | + - Make sure if we install shim; it should also be exported as the default |
930 | + bootloader to install later to a removable path, if we do. |
931 | + - Rework grub-install-extra-removable.patch to reverse its logic: in the |
932 | + default case, install the bootloader to /EFI/BOOT, unless we're trying |
933 | + to install on a removable device, or explicitly telling grub *not* to |
934 | + do it. |
935 | + - Move installing fb$arch.efi to --no-extra-removable; as we don't want |
936 | + fallback to be installed unless we're also installing to /EFI/BOOT. |
937 | + (LP: #1684341) |
938 | + - Install a BOOT.CSV for fallback to use. |
939 | + - Make sure postinst and templates know about the replacement of |
940 | + --force-extra-removable with --no-extra-removable. |
941 | + - debian/patches/add-an-auto-nvram-option-to-grub-install.patch: Add the |
942 | + --auto-nvram option to grub-install for auto-detecting NVRAM availability |
943 | + before attempting NVRAM updates. |
944 | + - debian/build-efi-images: provide a new grub EFI image which enforces that |
945 | + loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is |
946 | + the same as grub$arch.efi minus the 'linux' module. Without fallback to |
947 | + 'linux' for unsigned loading, this makes it effectively enforce having a |
948 | + signed kernel. (LP: #1401532) |
949 | + - Verify that the current and newer kernels are signed when grub is |
950 | + updated, to make sure people do not accidentally shutdown without a |
951 | + signed kernel. |
952 | + - debian/default/grub: replace GRUB_HIDDEN_* variables with the less |
953 | + confusing GRUB_TIMEOUT_STYLE=hidden. (LP: #1258597) |
954 | + - debian/patches/support_initrd-less_boot.patch: Added knobs to allow |
955 | + non-initrd boot config. (LP: #1640878) |
956 | + - Disable os-prober for ppc64el on the PowerNV platform, to reduce the |
957 | + number of entries/clutter from other OSes in Petitboot (LP: #1447500) |
958 | + - debian/patches/shorter_version_info.patch: Only show the upstream version |
959 | + in menu and console, and hide the package one in a package_version |
960 | + variable. (LP: #1723434) |
961 | + - debian/patches/skip_text_gfxpayload_where_not_supported.patch: Skip the |
962 | + 'text' payload if it's not supported but present in gfxpayload, such as |
963 | + on EFI systems. (LP: #1711452) |
964 | + - debian/patches/bufio_sensible_block_sizes.patch: Don't use arbitrary file |
965 | + fizes as block sizes in bufio: this avoids potentially seeking back in |
966 | + the files unnecessarily, which may require re-open files that cannot be |
967 | + seeked into, such as via TFTP. (LP: #1743249) |
968 | + * util/grub-install.c: Drop extra handling for x.efi.signed files for mok |
969 | + and fallback binaries: shim now installs them without the .signed |
970 | + extension. (LP: #1708245) |
971 | + - debian/patches/dont-fail-efi-warnings.patch: handle linuxefi patches and |
972 | + the casting they do on some architectures: we don't want to fail build |
973 | + because of some of the warnings that can show up since we otherwise build |
974 | + with -Werror. |
975 | + * debian/rules: shuffle files around for now to keep putting build artefacts |
976 | + for signing at the same location as they were expected by Launchpad. |
977 | + |
978 | + [ Julian Andres Klode ] |
979 | + * debian/patches/ofnet-init-structs-in-bootpath-parser.patch: initialize |
980 | + structs in bootpath parser. Fixes netboot issues on ppc64el. (LP: #1785859) |
981 | + |
982 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 23 Aug 2018 15:00:14 -0400 |
983 | + |
984 | grub2 (2.02+dfsg1-5) unstable; urgency=medium |
985 | |
986 | [ Colin Watson ] |
987 | @@ -379,6 +1157,171 @@ grub2 (2.02-3) unstable; urgency=medium |
988 | |
989 | -- Colin Watson <cjwatson@debian.org> Sat, 10 Feb 2018 03:00:30 +0000 |
990 | |
991 | +grub2 (2.02-2ubuntu13) cosmic; urgency=medium |
992 | + |
993 | + * debian/patches/tests_update_for_new_qemu.patch: update qemu options to |
994 | + remove deprecated options that fail tests. |
995 | + * debian/patches: fix up busted patches due to git-dpm: |
996 | + - debian/patches/add-an-auto-nvram-option-to-grub-install.patch |
997 | + - debian/patches/grub-shell-test-helper-disable-seabios-sercon.patch |
998 | + * debian/patches/r_x86_64_plt32-is-like-r_x86_64_pc32.patch: For the purpose |
999 | + of grub-mkimage, the R_X86_64_PLT32 relocation is basically the same as |
1000 | + R_X86_64_PC32. Make R_X86_64_PLT32 supported. |
1001 | + |
1002 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 19 Jul 2018 09:46:53 -0400 |
1003 | + |
1004 | +grub2 (2.02-2ubuntu12) cosmic; urgency=medium |
1005 | + |
1006 | + * debian/default/grub: replace GRUB_HIDDEN_* variables with the more concise |
1007 | + and less confusing GRUB_TIMEOUT_STYLE=hidden. (LP: #1258597) |
1008 | + |
1009 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 16 Jul 2018 14:18:46 -0400 |
1010 | + |
1011 | +grub2 (2.02-2ubuntu11) cosmic; urgency=medium |
1012 | + |
1013 | + * Verify that the current and newer kernels are signed when grub is updated, to |
1014 | + make sure people do not accidentally shutdown without a signed kernel. |
1015 | + |
1016 | + -- Julian Andres Klode <juliank@ubuntu.com> Fri, 13 Jul 2018 15:21:48 +0200 |
1017 | + |
1018 | +grub2 (2.02-2ubuntu10) cosmic; urgency=medium |
1019 | + |
1020 | + * debian/patches/grub-shell-test-helper-disable-seabios-sercon.patch: In the |
1021 | + grub-shell test helper, disable seabios's serial console through fw_cfg |
1022 | + runtime configuration as its boot output interferes with testing. |
1023 | + (LP: #1775249) |
1024 | + |
1025 | + -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com> Wed, 06 Jun 2018 01:03:26 +0200 |
1026 | + |
1027 | +grub2 (2.02-2ubuntu9) cosmic; urgency=medium |
1028 | + |
1029 | + * debian/patches/add-an-auto-nvram-option-to-grub-install.patch: Add the |
1030 | + --auto-nvram option to grub-install for auto-detecting NVRAM availability |
1031 | + before attempting NVRAM updates. |
1032 | + |
1033 | + -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com> Tue, 05 Jun 2018 00:34:38 +0200 |
1034 | + |
1035 | +grub2 (2.02-2ubuntu8) bionic; urgency=medium |
1036 | + |
1037 | + * Drop debian/patches/mkconfig_keep_native_term_active.patch, which can |
1038 | + lead to flickering between graphical and text mode when traversing the |
1039 | + menu. (LP: #1752767) |
1040 | + * debian/patches/yylex-explicitly_cast_fprintf_to_void.patch: Fix FTBFS |
1041 | + with flex 2.6.4. |
1042 | + |
1043 | + -- dann frazier <dannf@ubuntu.com> Sun, 04 Mar 2018 06:11:35 -0700 |
1044 | + |
1045 | +grub2 (2.02-2ubuntu7) bionic; urgency=medium |
1046 | + |
1047 | + [ Julian Andres Klode ] |
1048 | + * debian/patches/shorter_version_info.patch: Only show the upstream version |
1049 | + in menu and console, and hide the package one in a package_version |
1050 | + variable. (LP: #1723434) |
1051 | + |
1052 | + [ Mathieu Trudel-Lapierre ] |
1053 | + * debian/patches/skip_text_gfxpayload_where_not_supported.patch: Skip the |
1054 | + 'text' payload if it's not supported but present in gfxpayload, such as |
1055 | + on EFI systems. (LP: #1711452) |
1056 | + |
1057 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Fri, 09 Feb 2018 16:30:45 -0500 |
1058 | + |
1059 | +grub2 (2.02-2ubuntu6) bionic; urgency=medium |
1060 | + |
1061 | + [ Steve Langasek ] |
1062 | + * debian/patches/bufio_sensible_block_sizes.patch: Don't use arbitrary file |
1063 | + fizes as block sizes in bufio: this avoids potentially seeking back in |
1064 | + the files unnecessarily, which may require re-open files that cannot be |
1065 | + seeked into, such as via TFTP. (LP: #1743249) |
1066 | + |
1067 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 05 Feb 2018 11:58:09 -0500 |
1068 | + |
1069 | +grub2 (2.02-2ubuntu5) bionic; urgency=medium |
1070 | + |
1071 | + * debian/patches/mkconfig_keep_native_term_active.patch: Keep the |
1072 | + default EFI console active while enabling gfxterm. (LP: #1743884) |
1073 | + |
1074 | + -- dann frazier <dannf@ubuntu.com> Wed, 31 Jan 2018 10:51:11 -0700 |
1075 | + |
1076 | +grub2 (2.02-2ubuntu4) bionic; urgency=medium |
1077 | + |
1078 | + * debian/patches/vt_handoff.patch: modify the existing patch to set |
1079 | + vt.handoff=1 instead of vt.handoff=7 as we now start display managers on |
1080 | + vt1 anyway. This also fixes issues with netboot installed server systems |
1081 | + not displaying the login prompt on boot. (LP: #1675453) |
1082 | + |
1083 | + -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com> Thu, 18 Jan 2018 18:32:31 +0100 |
1084 | + |
1085 | +grub2 (2.02-2ubuntu3) bionic; urgency=medium |
1086 | + |
1087 | + * util/grub-install.c: Drop extra handling for x.efi.signed files for mok |
1088 | + and fallback binaries: shim now installs them without the .signed |
1089 | + extension. (LP: #1708245) |
1090 | + * debian/control: Breaks shim (<< 13). |
1091 | + |
1092 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 17 Jan 2018 09:25:09 -0500 |
1093 | + |
1094 | +grub2 (2.02-2ubuntu2) bionic; urgency=medium |
1095 | + |
1096 | + * Cherry-pick upstream patch to change the default TSC calibration method |
1097 | + to pmtimer on EFI systems (LP: #1734278) |
1098 | + * debian/control: Update Vcs fields for code location on Ubuntu. |
1099 | + |
1100 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Tue, 05 Dec 2017 11:47:31 -0500 |
1101 | + |
1102 | +grub2 (2.02-2ubuntu1) bionic; urgency=medium |
1103 | + |
1104 | + * Merge with Debian; remaining changes: |
1105 | + - debian/patches/support_initrd-less_boot.patch: Added knobs to allow |
1106 | + non-initrd boot config. (LP: #1640878) |
1107 | + - Disable os-prober for ppc64el on the PowerNV platform, to reduce the |
1108 | + number of entries/clutter from other OSes in Petitboot (LP: #1447500) |
1109 | + - debian/build-efi-images: provide a new grub EFI image which enforces that |
1110 | + loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is |
1111 | + the same as grub$arch.efi minus the 'linux' module. Without fallback to |
1112 | + 'linux' for unsigned loading, this makes it effectively enforce having a |
1113 | + signed kernel. (LP: #1401532) |
1114 | + - debian/patches/install_signed.patch, grub-install-extra-removable.patch: |
1115 | + - Make sure if we install shim; it should also be exported as the default |
1116 | + bootloader to install later to a removable path, if we do. |
1117 | + - Rework grub-install-extra-removable.patch to reverse its logic: in the |
1118 | + default case, install the bootloader to /EFI/BOOT, unless we're trying |
1119 | + to install on a removable device, or explicitly telling grub *not* to |
1120 | + do it. |
1121 | + - Move installing fb$arch.efi to --no-extra-removable; as we don't want |
1122 | + fallback to be installed unless we're also installing to /EFI/BOOT. |
1123 | + (LP: #1684341) |
1124 | + - Make sure postinst and templates know about the replacement of |
1125 | + --force-extra-removable with --no-extra-removable. |
1126 | + * Sync Secure Boot support patches with the upstream patch set from |
1127 | + rhboot/grub2:master-sb. Renamed some patches and updated descriptions for |
1128 | + the whole thing to make more sense, too: |
1129 | + - dropped debian/patches/linuxefi_require_shim.patch |
1130 | + - renamed: debian/patches/no_insmod_on_sb.patch -> |
1131 | + debian/patches/linuxefi_no_insmod_on_sb.patch |
1132 | + - debian/patches/linuxefi.patch |
1133 | + - debian/patches/linuxefi_debug.patch |
1134 | + - debian/patches/linuxefi_non_sb_fallback.patch |
1135 | + - debian/patches/linuxefi_add_sb_to_efi_chainload.patch |
1136 | + - debian/patches/linuxefi_cleanup_errors_in_loader.patch |
1137 | + - debian/patches/linuxefi_fix_efi_validation_race.patch |
1138 | + - debian/patches/linuxefi_handle_multiarch_boot.patch |
1139 | + - debian/patches/linuxefi_honor_sb_mode.patch |
1140 | + - debian/patches/linuxefi_move_fdt_helper.patch |
1141 | + - debian/patches/linuxefi_load_arm_with_sb.patch |
1142 | + - debian/patches/linuxefi_minor_cleanups.patch |
1143 | + - debian/patches/linuxefi_re-enable_linux_cmd.patch |
1144 | + - debian/patches/linuxefi_rework_linux16_cmd.patch |
1145 | + - debian/patches/linuxefi_rework_linux_cmd.patch |
1146 | + - debian/patches/linuxefi_rework_non-sb_efi_chainload.patch |
1147 | + - debian/patches/linuxefi_rework_pe_loading.patch |
1148 | + - debian/patches/linuxefi_use_dev_chainloader_target.patch |
1149 | + * debian/patches/dont-fail-efi-warnings.patch: handle linuxefi patches and |
1150 | + the casting they do on some architectures: we don't want to fail build |
1151 | + because of some of the warnings that can show up since we otherwise build |
1152 | + with -Werror. |
1153 | + |
1154 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 06 Nov 2017 15:37:12 -0500 |
1155 | + |
1156 | grub2 (2.02-2) unstable; urgency=medium |
1157 | |
1158 | * Comment out debian/watch lines for betas and pre-releases for now. |
1159 | @@ -415,6 +1358,92 @@ grub2 (2.02~beta3-5) unstable; urgency=medium |
1160 | |
1161 | -- Colin Watson <cjwatson@debian.org> Sat, 11 Feb 2017 15:09:19 +0000 |
1162 | |
1163 | +grub2 (2.02~beta3-4ubuntu7) artful; urgency=medium |
1164 | + |
1165 | + * debian/patches/headers_for_device_macros.patch, |
1166 | + debian/patches/fix_check_for_sys_macros.patch: make sure the right |
1167 | + device macro header is included and that the deprecation warning |
1168 | + is dealt with. LP: #1722955. |
1169 | + |
1170 | + -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Thu, 12 Oct 2017 09:41:17 -0400 |
1171 | + |
1172 | +grub2 (2.02~beta3-4ubuntu6) artful; urgency=medium |
1173 | + |
1174 | + * debian/patches/mount-ext4-fs-with-crypto-enabled.patch: Allow grub to |
1175 | + mount an EXT4 partition that has the 'encrypt' feature enabled |
1176 | + (closes: 840204) |
1177 | + |
1178 | + -- Tyler Hicks <tyhicks@canonical.com> Wed, 05 Jul 2017 22:23:03 +0000 |
1179 | + |
1180 | +grub2 (2.02~beta3-4ubuntu5) artful; urgency=medium |
1181 | + |
1182 | + * debian/patches/linuxefi.patch: fix double-free caused by an extra |
1183 | + grub_free() call in this patch (which the previous upload didn't change). |
1184 | + * debian/patches/linuxefi_rework_non-sb_cases.patch, |
1185 | + debian/patches/linuxefi_non_sb_fallback.patch: refreshed. |
1186 | + |
1187 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Mon, 29 May 2017 16:28:41 -0400 |
1188 | + |
1189 | +grub2 (2.02~beta3-4ubuntu4) artful; urgency=medium |
1190 | + |
1191 | + * debian/patches: Rework linuxefi/SecureBoot support and sync with upstream |
1192 | + SB patch set: |
1193 | + - linuxefi_arm_sb_support.patch: add Secure Boot support for arm for its |
1194 | + chainloader. |
1195 | + - linuxefi_fix_validation_race.patch: Fix a race in validating images. |
1196 | + - linuxefi_chainloader_path.patch: honor the starting path for grub, so |
1197 | + images do not need to be started from $root. |
1198 | + - linuxefi_chainloader_sb.patch: Fix some more issues in chainloader use |
1199 | + when Secure Boot is enabled. |
1200 | + - linuxefi_loaders_enforce_sb.patch: Enforce Secure Boot policy for all |
1201 | + loaders: don't load the commands when Secure Boot is enabled. |
1202 | + - linuxefi_re-enable_linux_cmd.patch: Since we rely on the linux and |
1203 | + initrd commands to automatically hand-off to linuxefi/initrdefi; re- |
1204 | + enable the linux loader. |
1205 | + - linuxefi_chainloader_pe_fixes.patch: PE parsing fixes for chainloading |
1206 | + "special" PE images, such as Windows'. |
1207 | + - linuxefi_rework_non-sb_cases.patch: rework cases where Secure Boot is |
1208 | + disabled or shim validation is disabled so loading works as EFI binaries |
1209 | + when it is supposed to. |
1210 | + - Removed linuxefi_require_shim.patch; superseded by the above. |
1211 | + |
1212 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 11 May 2017 17:05:04 -0400 |
1213 | + |
1214 | +grub2 (2.02~beta3-4ubuntu3) artful; urgency=medium |
1215 | + |
1216 | + * debian/patches/install_signed.patch, grub-install-extra-removable.patch: |
1217 | + - Make sure if we install shim; it should also be exported as the default |
1218 | + bootloader to install later to a removable path, if we do. |
1219 | + - Rework grub-install-extra-removable.patch to reverse its logic: in the |
1220 | + default case, install the bootloader to /EFI/BOOT, unless we're trying |
1221 | + to install on a removable device, or explicitly telling grub *not* to |
1222 | + do it. |
1223 | + - Move installing fb$arch.efi to --no-extra-removable; as we don't want |
1224 | + fallback to be installed unless we're also installing to /EFI/BOOT. |
1225 | + (LP: #1684341) |
1226 | + |
1227 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 26 Apr 2017 21:08:22 -0400 |
1228 | + |
1229 | +grub2 (2.02~beta3-4ubuntu2) zesty; urgency=medium |
1230 | + |
1231 | + * debian/build-efi-images: provide a new grub EFI image which enforces that |
1232 | + loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is |
1233 | + the same as grub$arch.efi minus the 'linux' module. Without fallback to |
1234 | + 'linux' for unsigned loading, this makes it effectively enforce having a |
1235 | + signed kernel. (LP: #1401532) |
1236 | + |
1237 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Thu, 30 Mar 2017 17:45:23 -0400 |
1238 | + |
1239 | +grub2 (2.02~beta3-4ubuntu1) zesty; urgency=medium |
1240 | + |
1241 | + * Merge with Debian; remaining changes: |
1242 | + - debian/patches/support_initrd-less_boot.patch: Added knobs to allow |
1243 | + non-initrd boot config. (LP: #1640878) |
1244 | + - Disable os-prober for ppc64el on the PowerNV platform, to reduce the |
1245 | + number of entries/clutter from other OSes in Petitboot (LP: #1447500) |
1246 | + |
1247 | + -- dann frazier <dannf@ubuntu.com> Thu, 09 Feb 2017 10:06:57 -0700 |
1248 | + |
1249 | grub2 (2.02~beta3-4) unstable; urgency=medium |
1250 | |
1251 | [ Colin Watson ] |
1252 | diff --git a/debian/control b/debian/control |
1253 | index bed7c77..f9fd5b0 100644 |
1254 | --- a/debian/control |
1255 | +++ b/debian/control |
1256 | @@ -1,11 +1,15 @@ |
1257 | Source: grub2 |
1258 | Section: admin |
1259 | Priority: optional |
1260 | -Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net> |
1261 | +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
1262 | +XSBC-Original-Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net> |
1263 | Uploaders: Felix Zielcke <fzielcke@z-51.de>, Jordi Mallach <jordi@debian.org>, Colin Watson <cjwatson@debian.org>, Ian Campbell <ijc@debian.org>, Steve McIntyre <93sam@debian.org> |
1264 | Build-Depends: debhelper (>= 10~), |
1265 | patchutils, |
1266 | - python, |
1267 | + dh-autoreconf, |
1268 | + dh-systemd, |
1269 | + automake, |
1270 | + python3, |
1271 | flex, |
1272 | bison, |
1273 | po-debconf, |
1274 | @@ -24,7 +28,7 @@ Build-Depends: debhelper (>= 10~), |
1275 | cpio [i386 kopensolaris-i386 amd64 x32], |
1276 | parted [!hurd-any], |
1277 | libfuse-dev (>= 2.8.4-1.4) [linux-any kfreebsd-any], |
1278 | - ttf-dejavu-core, |
1279 | + fonts-dejavu-core, |
1280 | liblzma-dev, |
1281 | dosfstools [any-i386 any-amd64 any-arm64], |
1282 | mtools [any-i386 any-amd64 any-arm64], |
1283 | @@ -37,8 +41,8 @@ Build-Depends: debhelper (>= 10~), |
1284 | Build-Conflicts: autoconf2.13, libzfs-dev, libnvpair-dev |
1285 | Standards-Version: 3.9.6 |
1286 | Homepage: https://www.gnu.org/software/grub/ |
1287 | -Vcs-Git: https://salsa.debian.org/grub-team/grub.git |
1288 | -Vcs-Browser: https://salsa.debian.org/grub-team/grub |
1289 | +Vcs-Git: https://git.launchpad.net/~ubuntu-core-dev/grub/+git/ubuntu |
1290 | +Vcs-Browser: https://git.launchpad.net/~ubuntu-core-dev/grub/+git/ubuntu |
1291 | Rules-Requires-Root: no |
1292 | |
1293 | Package: grub2 |
1294 | @@ -94,7 +98,7 @@ Architecture: any-i386 any-amd64 any-powerpc any-ppc64 any-ppc64el any-sparc any |
1295 | Depends: grub-common (= ${binary:Version}), dpkg (>= 1.15.4) | install-info, ${shlibs:Depends}, ${misc:Depends} |
1296 | Replaces: grub, grub-legacy, ${legacy-doc-br}, grub-common (<< 1.99-1), grub-pc (<< 2.02+dfsg1-7), grub-coreboot (<< 2.02+dfsg1-7), grub-efi-ia32 (<< 2.02+dfsg1-7), grub-efi-amd64 (<< 2.02+dfsg1-7), grub-efi-ia64 (<< 2.02+dfsg1-7), grub-efi-arm (<< 2.02+dfsg1-7), grub-efi-arm64 (<< 2.02+dfsg1-7), grub-ieee1275 (<< 2.02+dfsg1-7), grub-uboot (<< 2.02+dfsg1-7), grub-xen (<< 2.02+dfsg1-7), grub-yeeloong (<< 2.02+dfsg1-7), grub-cloud-amd64 (<< 0.0.4) |
1297 | Conflicts: grub-legacy |
1298 | -Breaks: grub (<< 0.97-54), ${legacy-doc-br}, shim (<< 0.9+1474479173.6c180c6-0ubuntu1~), grub-pc (<< 2.02+dfsg1-7), grub-coreboot (<< 2.02+dfsg1-7), grub-efi-ia32 (<< 2.02+dfsg1-7), grub-efi-amd64 (<< 2.02+dfsg1-7), grub-efi-ia64 (<< 2.02+dfsg1-7), grub-efi-arm (<< 2.02+dfsg1-7), grub-efi-arm64 (<< 2.02+dfsg1-7), grub-ieee1275 (<< 2.02+dfsg1-7), grub-uboot (<< 2.02+dfsg1-7), grub-xen (<< 2.02+dfsg1-7), grub-yeeloong (<< 2.02+dfsg1-7), grub-cloud-amd64 (<< 0.0.4) |
1299 | +Breaks: grub (<< 0.97-54), ${legacy-doc-br}, shim (<< 13), grub-pc (<< 2.02+dfsg1-7), grub-coreboot (<< 2.02+dfsg1-7), grub-efi-ia32 (<< 2.02+dfsg1-7), grub-efi-amd64 (<< 2.02+dfsg1-7), grub-efi-ia64 (<< 2.02+dfsg1-7), grub-efi-arm (<< 2.02+dfsg1-7), grub-efi-arm64 (<< 2.02+dfsg1-7), grub-ieee1275 (<< 2.02+dfsg1-7), grub-uboot (<< 2.02+dfsg1-7), grub-xen (<< 2.02+dfsg1-7), grub-yeeloong (<< 2.02+dfsg1-7), grub-cloud-amd64 (<< 0.0.4) |
1300 | Multi-Arch: foreign |
1301 | Description: GRand Unified Bootloader (common files for version 2) |
1302 | This package contains common files shared by the distinct flavours of GRUB. |
1303 | diff --git a/debian/gettext-patches/0001-Support-POTFILES-shell.patch b/debian/gettext-patches/0001-Support-POTFILES-shell.patch |
1304 | new file mode 100644 |
1305 | index 0000000..5a5d1ec |
1306 | --- /dev/null |
1307 | +++ b/debian/gettext-patches/0001-Support-POTFILES-shell.patch |
1308 | @@ -0,0 +1,54 @@ |
1309 | +From d5bbd8f60aacb0f73ea5a0bde999152c467d0e78 Mon Sep 17 00:00:00 2001 |
1310 | +From: Colin Watson <cjwatson@debian.org> |
1311 | +Date: Sun, 1 Mar 2020 11:57:58 +0000 |
1312 | +Subject: [PATCH 1/4] Support POTFILES-shell |
1313 | + |
1314 | +--- |
1315 | + gettext-runtime/po/Makefile.in.in | 24 ++++++++++++++++++++++-- |
1316 | + 1 file changed, 22 insertions(+), 2 deletions(-) |
1317 | + |
1318 | +diff --git a/gettext-runtime/po/Makefile.in.in b/gettext-runtime/po/Makefile.in.in |
1319 | +index fabdc76c9..32e9323d3 100644 |
1320 | +--- a/gettext-runtime/po/Makefile.in.in |
1321 | ++++ b/gettext-runtime/po/Makefile.in.in |
1322 | +@@ -142,7 +142,7 @@ stamp-po: $(srcdir)/$(DOMAIN).pot |
1323 | + # The determination of whether the package xyz is a GNU one is based on the |
1324 | + # heuristic whether some file in the top level directory mentions "GNU xyz". |
1325 | + # If GNU 'find' is available, we avoid grepping through monster files. |
1326 | +-$(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in remove-potcdate.sed |
1327 | ++$(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in $(srcdir)/POTFILES-shell.in remove-potcdate.sed |
1328 | + if { if (LC_ALL=C find --version) 2>/dev/null | grep GNU >/dev/null; then \ |
1329 | + LC_ALL=C find -L $(top_srcdir) -maxdepth 1 -type f -size -10000000c -exec grep 'GNU @PACKAGE@' /dev/null '{}' ';' 2>/dev/null; \ |
1330 | + else \ |
1331 | +@@ -175,7 +175,27 @@ $(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in remove-potcdate.sed |
1332 | + --package-version='@VERSION@' \ |
1333 | + --msgid-bugs-address="$$msgid_bugs_address" \ |
1334 | + ;; \ |
1335 | +- esac |
1336 | ++ esac; \ |
1337 | ++ case `$(XGETTEXT) --version | sed 1q | sed -e 's,^[^0-9]*,,'` in \ |
1338 | ++ '' | 0.[0-9] | 0.[0-9].* | 0.1[0-5] | 0.1[0-5].* | 0.16 | 0.16.[0-1]*) \ |
1339 | ++ $(XGETTEXT) --default-domain=$(DOMAIN) --directory=$(top_srcdir) \ |
1340 | ++ --add-comments=TRANSLATORS: @XGETTEXT_EXTRA_OPTIONS@ \ |
1341 | ++ --files-from=$(srcdir)/POTFILES-shell.in \ |
1342 | ++ --copyright-holder='$(COPYRIGHT_HOLDER)' \ |
1343 | ++ --msgid-bugs-address="$$msgid_bugs_address" \ |
1344 | ++ --join-existing --language=Shell --keyword=gettext_quoted \ |
1345 | ++ ;; \ |
1346 | ++ *) \ |
1347 | ++ $(XGETTEXT) --default-domain=$(DOMAIN) --directory=$(top_srcdir) \ |
1348 | ++ --add-comments=TRANSLATORS: @XGETTEXT_EXTRA_OPTIONS@ \ |
1349 | ++ --files-from=$(srcdir)/POTFILES-shell.in \ |
1350 | ++ --copyright-holder='$(COPYRIGHT_HOLDER)' \ |
1351 | ++ --package-name="$${package_gnu}@PACKAGE@" \ |
1352 | ++ --package-version='@VERSION@' \ |
1353 | ++ --msgid-bugs-address="$$msgid_bugs_address" \ |
1354 | ++ --join-existing --language=Shell --keyword=gettext_quoted \ |
1355 | ++ ;; \ |
1356 | ++ esac; \ |
1357 | + test ! -f $(DOMAIN).po || { \ |
1358 | + if test -f $(srcdir)/$(DOMAIN).pot; then \ |
1359 | + sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \ |
1360 | +-- |
1361 | +2.17.1 |
1362 | + |
1363 | diff --git a/debian/gettext-patches/0002-Handle-gettext_printf-shell-function.patch b/debian/gettext-patches/0002-Handle-gettext_printf-shell-function.patch |
1364 | new file mode 100644 |
1365 | index 0000000..2767ed6 |
1366 | --- /dev/null |
1367 | +++ b/debian/gettext-patches/0002-Handle-gettext_printf-shell-function.patch |
1368 | @@ -0,0 +1,46 @@ |
1369 | +From fd17c51f2e6c87427679fbdfb5f6224ff48795db Mon Sep 17 00:00:00 2001 |
1370 | +From: Colin Watson <cjwatson@debian.org> |
1371 | +Date: Sun, 1 Mar 2020 12:00:41 +0000 |
1372 | +Subject: [PATCH 2/4] Handle gettext_printf shell function |
1373 | + |
1374 | +Extract gettext_printf arguments. |
1375 | + |
1376 | +Run grub.d.sed over strings extracted from util/grub.d/, in order to set |
1377 | +c-format flags (xgettext refuses to include these itself for strings it |
1378 | +extracted from a shell file, but these really are c-format). |
1379 | +--- |
1380 | + gettext-runtime/po/Makefile.in.in | 8 ++++++-- |
1381 | + 1 file changed, 6 insertions(+), 2 deletions(-) |
1382 | + |
1383 | +diff --git a/gettext-runtime/po/Makefile.in.in b/gettext-runtime/po/Makefile.in.in |
1384 | +index 32e9323d3..32e0c99a2 100644 |
1385 | +--- a/gettext-runtime/po/Makefile.in.in |
1386 | ++++ b/gettext-runtime/po/Makefile.in.in |
1387 | +@@ -183,7 +183,8 @@ $(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in $(srcdir)/POTFILES-shell |
1388 | + --files-from=$(srcdir)/POTFILES-shell.in \ |
1389 | + --copyright-holder='$(COPYRIGHT_HOLDER)' \ |
1390 | + --msgid-bugs-address="$$msgid_bugs_address" \ |
1391 | +- --join-existing --language=Shell --keyword=gettext_quoted \ |
1392 | ++ --join-existing --language=Shell \ |
1393 | ++ --keyword=gettext_quoted --keyword=gettext_printf \ |
1394 | + ;; \ |
1395 | + *) \ |
1396 | + $(XGETTEXT) --default-domain=$(DOMAIN) --directory=$(top_srcdir) \ |
1397 | +@@ -193,10 +194,13 @@ $(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in $(srcdir)/POTFILES-shell |
1398 | + --package-name="$${package_gnu}@PACKAGE@" \ |
1399 | + --package-version='@VERSION@' \ |
1400 | + --msgid-bugs-address="$$msgid_bugs_address" \ |
1401 | +- --join-existing --language=Shell --keyword=gettext_quoted \ |
1402 | ++ --join-existing --language=Shell \ |
1403 | ++ --keyword=gettext_quoted --keyword=gettext_printf \ |
1404 | + ;; \ |
1405 | + esac; \ |
1406 | + test ! -f $(DOMAIN).po || { \ |
1407 | ++ sed -f grub.d.sed < $(DOMAIN).po > $(DOMAIN).1po && \ |
1408 | ++ mv $(DOMAIN).1po $(DOMAIN).po; \ |
1409 | + if test -f $(srcdir)/$(DOMAIN).pot; then \ |
1410 | + sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \ |
1411 | + sed -f remove-potcdate.sed < $(DOMAIN).po > $(DOMAIN).2po && \ |
1412 | +-- |
1413 | +2.17.1 |
1414 | + |
1415 | diff --git a/debian/gettext-patches/0003-Make-msgfmt-output-in-little-endian.patch b/debian/gettext-patches/0003-Make-msgfmt-output-in-little-endian.patch |
1416 | new file mode 100644 |
1417 | index 0000000..4141611 |
1418 | --- /dev/null |
1419 | +++ b/debian/gettext-patches/0003-Make-msgfmt-output-in-little-endian.patch |
1420 | @@ -0,0 +1,34 @@ |
1421 | +From 156c523e2945c9b43c5500fb93988b0dd2f08d75 Mon Sep 17 00:00:00 2001 |
1422 | +From: Vladimir Serbinenko <phcoder@gmail.com> |
1423 | +Date: Sun, 1 Mar 2020 12:09:25 +0000 |
1424 | +Subject: [PATCH 3/4] Make msgfmt output in little-endian |
1425 | + |
1426 | +GRUB expects this. |
1427 | +--- |
1428 | + gettext-runtime/po/Makefile.in.in | 6 +++--- |
1429 | + 1 file changed, 3 insertions(+), 3 deletions(-) |
1430 | + |
1431 | +diff --git a/gettext-runtime/po/Makefile.in.in b/gettext-runtime/po/Makefile.in.in |
1432 | +index 32e0c99a2..f3ef54c39 100644 |
1433 | +--- a/gettext-runtime/po/Makefile.in.in |
1434 | ++++ b/gettext-runtime/po/Makefile.in.in |
1435 | +@@ -84,13 +84,13 @@ CATALOGS = @CATALOGS@ |
1436 | + |
1437 | + .po.mo: |
1438 | + @echo "$(MSGFMT) -c -o $@ $<"; \ |
1439 | +- $(MSGFMT) -c -o t-$@ $< && mv t-$@ $@ |
1440 | ++ $(MSGFMT) --endianness=little -c -o t-$@ $< && mv t-$@ $@ |
1441 | + |
1442 | + .po.gmo: |
1443 | + @lang=`echo $* | sed -e 's,.*/,,'`; \ |
1444 | + test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \ |
1445 | +- echo "$${cdcmd}rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics --verbose -o $${lang}.gmo $${lang}.po"; \ |
1446 | +- cd $(srcdir) && rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics --verbose -o t-$${lang}.gmo $${lang}.po && mv t-$${lang}.gmo $${lang}.gmo |
1447 | ++ echo "$${cdcmd}rm -f $${lang}.gmo && $(GMSGFMT) --endianness=little -c --statistics --verbose -o $${lang}.gmo $${lang}.po"; \ |
1448 | ++ cd $(srcdir) && rm -f $${lang}.gmo && $(GMSGFMT) --endianness=little -c --statistics --verbose -o t-$${lang}.gmo $${lang}.po && mv t-$${lang}.gmo $${lang}.gmo |
1449 | + |
1450 | + .sin.sed: |
1451 | + sed -e '/^#/d' $< > t-$@ |
1452 | +-- |
1453 | +2.17.1 |
1454 | + |
1455 | diff --git a/debian/gettext-patches/0004-Use-SHELL-rather-than-bin-sh.patch b/debian/gettext-patches/0004-Use-SHELL-rather-than-bin-sh.patch |
1456 | new file mode 100644 |
1457 | index 0000000..790521d |
1458 | --- /dev/null |
1459 | +++ b/debian/gettext-patches/0004-Use-SHELL-rather-than-bin-sh.patch |
1460 | @@ -0,0 +1,26 @@ |
1461 | +From f36f12e77798223ee7ee882c0d09e0e63db11454 Mon Sep 17 00:00:00 2001 |
1462 | +From: Colin Watson <cjwatson@debian.org> |
1463 | +Date: Sun, 1 Mar 2020 12:14:07 +0000 |
1464 | +Subject: [PATCH 4/4] Use @SHELL rather than /bin/sh |
1465 | + |
1466 | +/bin/sh might not exist. |
1467 | +--- |
1468 | + gettext-runtime/po/Makefile.in.in | 2 +- |
1469 | + 1 file changed, 1 insertion(+), 1 deletion(-) |
1470 | + |
1471 | +diff --git a/gettext-runtime/po/Makefile.in.in b/gettext-runtime/po/Makefile.in.in |
1472 | +index f3ef54c39..285a55a9d 100644 |
1473 | +--- a/gettext-runtime/po/Makefile.in.in |
1474 | ++++ b/gettext-runtime/po/Makefile.in.in |
1475 | +@@ -16,7 +16,7 @@ VERSION = @VERSION@ |
1476 | + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ |
1477 | + |
1478 | + SED = @SED@ |
1479 | +-SHELL = /bin/sh |
1480 | ++SHELL = @SHELL@ |
1481 | + @SET_MAKE@ |
1482 | + |
1483 | + srcdir = @srcdir@ |
1484 | +-- |
1485 | +2.17.1 |
1486 | + |
1487 | diff --git a/debian/grub-check-signatures b/debian/grub-check-signatures |
1488 | new file mode 100755 |
1489 | index 0000000..3d41c3c |
1490 | --- /dev/null |
1491 | +++ b/debian/grub-check-signatures |
1492 | @@ -0,0 +1,129 @@ |
1493 | +#!/bin/sh |
1494 | + |
1495 | +set -e |
1496 | + |
1497 | +. /usr/share/debconf/confmodule |
1498 | + |
1499 | +# Check if we are on an EFI system |
1500 | +efivars=/sys/firmware/efi/efivars |
1501 | +secureboot_var=SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c |
1502 | +moksbstatert_var=MokSBStateRT-605dab50-e046-4300-abb6-3dd810dd8b23 |
1503 | +tmpdir=$(mktemp -d) |
1504 | + |
1505 | +on_secure_boot() { |
1506 | + # Validate any queued actions before we go try to do them. |
1507 | + local moksbstatert=0 |
1508 | + |
1509 | + if ! [ -d $efivars ]; then |
1510 | + return 1 |
1511 | + fi |
1512 | + |
1513 | + if ! [ -f $efivars/$secureboot_var ] \ |
1514 | + || [ "$(od -An -t u1 $efivars/$secureboot_var | awk '{ print $NF }')" -ne 1 ] |
1515 | + then |
1516 | + return 1 |
1517 | + fi |
1518 | + |
1519 | + if [ -f /proc/sys/kernel/moksbstate_disabled ]; then |
1520 | + moksbstatert=$(cat /proc/sys/kernel/moksbstate_disabled 2>/dev/null || echo 0) |
1521 | + elif [ -f $efivars/$moksbstatert_var ]; then |
1522 | + # MokSBStateRT set to 1 means validation is disabled |
1523 | + moksbstatert=$(od -An -t u1 $efivars/$moksbstatert_var | \ |
1524 | + awk '{ print $NF; }') |
1525 | + fi |
1526 | + |
1527 | + if [ $moksbstatert -eq 1 ]; then |
1528 | + return 1 |
1529 | + fi |
1530 | + |
1531 | + return 0 |
1532 | +} |
1533 | + |
1534 | +# Retrieve the keys we do trust from PK, DB, KEK, and MokList. |
1535 | +extract_known_keys() { |
1536 | + # Make the Canonical CA cert available for validation too; in case |
1537 | + # MokListRT is empty due to a bug. |
1538 | + cp /usr/share/grub/canonical-uefi-ca.crt $tmpdir |
1539 | + |
1540 | + # Extract known UEFI certs from firmware variables |
1541 | + ( cd $tmpdir; \ |
1542 | + mokutil --export --db >/dev/null 2>/dev/null; \ |
1543 | + mokutil --export --mok >/dev/null 2>/dev/null; ) |
1544 | + find $tmpdir -name "*.der" -exec openssl x509 -inform der -in {} -outform pem -out {}.crt \; |
1545 | +} |
1546 | + |
1547 | +# Check if a given kernel image is signed |
1548 | +is_signed() { |
1549 | + tmp=$(mktemp) |
1550 | + sbattach --detach $tmp $1 >/dev/null 2>/dev/null # that's ugly... |
1551 | + test "$(wc -c < $tmp)" -ge 16 # Just _some_ minimum size |
1552 | + result=$? |
1553 | + if [ $result -eq 0 ]; then |
1554 | + sig_subject=$(openssl pkcs7 -inform der -in $tmp -print_certs | openssl x509 -noout -text | grep Subject: ) |
1555 | + fi |
1556 | + rm $tmp |
1557 | + if [ $result -eq 0 ]; then |
1558 | + for crtfile in $tmpdir/*.crt; do |
1559 | + sbverify --cert $crtfile $1 >/dev/null 2>/dev/null |
1560 | + result=$? |
1561 | + if [ $result -eq 0 ]; then |
1562 | + return $result; |
1563 | + fi |
1564 | + done |
1565 | + echo "$1 is signed, but using an unknown key:" >&2 |
1566 | + echo "$sig_subject" >&2 |
1567 | + else |
1568 | + echo "$1 is unsigned." >&2 |
1569 | + fi |
1570 | + return $result |
1571 | +} |
1572 | + |
1573 | +# Check that our current kernel and every newer one is signed |
1574 | +find_unsigned() { |
1575 | + uname_r="$(uname -r)" |
1576 | + for kernel in $(ls -1 /boot/vmlinuz-* | sort -V -r); do |
1577 | + # no kernels :( |
1578 | + if [ "$kernel" = "/boot/vmlinuz-*" ]; then |
1579 | + break |
1580 | + fi |
1581 | + this_uname_r="$(echo "$kernel" | sed -r 's#^/boot/vmlinuz-(.*)#\1#; s#\.efi\.signed$##')" |
1582 | + if dpkg --compare-versions "$this_uname_r" lt "$uname_r"; then |
1583 | + continue |
1584 | + fi |
1585 | + if [ -e "$kernel.efi.signed" ]; then |
1586 | + continue |
1587 | + fi |
1588 | + if ! is_signed $kernel; then |
1589 | + echo "$this_uname_r" |
1590 | + fi |
1591 | + done |
1592 | +} |
1593 | + |
1594 | +# Only reached from show_warning |
1595 | +error() { |
1596 | + echo "E: Your kernels are not signed with a key known to your firmware. This system will fail to boot in a Secure Boot environment." >&2 |
1597 | + exit 1 |
1598 | +} |
1599 | + |
1600 | +# Either shows a debconf note or prints an error with error() above if |
1601 | +# that fails |
1602 | +show_warning() { |
1603 | + # kernels should be an indented list of one version per line |
1604 | + escaped="$(printf "%s" "$unsigned" | sed "s#^# #" | debconf-escape -e )" |
1605 | + db_capb escape |
1606 | + db_settitle grub2/unsigned_kernels_title || error |
1607 | + db_fset grub2/unsigned_kernels seen 0 || error |
1608 | + db_subst grub2/unsigned_kernels unsigned_versions "$escaped" || error |
1609 | + db_input critical grub2/unsigned_kernels || error |
1610 | + db_go || error |
1611 | + error |
1612 | +} |
1613 | + |
1614 | +if on_secure_boot; then |
1615 | + extract_known_keys |
1616 | + unsigned="$(find_unsigned)" |
1617 | + if [ -n "$unsigned" ]; then |
1618 | + show_warning "$unsigned" |
1619 | + fi |
1620 | + rm -rf "$tmpdir" |
1621 | +fi |
1622 | diff --git a/debian/grub-common.dirs b/debian/grub-common.dirs |
1623 | index 3d70df4..832239c 100644 |
1624 | --- a/debian/grub-common.dirs |
1625 | +++ b/debian/grub-common.dirs |
1626 | @@ -1,2 +1,3 @@ |
1627 | usr/sbin |
1628 | var/lib/grub/ucf |
1629 | +var/lib/grub/esp |
1630 | diff --git a/debian/grub-common.install.in b/debian/grub-common.install.in |
1631 | index 420a61e..6c5c9f0 100644 |
1632 | --- a/debian/grub-common.install.in |
1633 | +++ b/debian/grub-common.install.in |
1634 | @@ -1,6 +1,9 @@ |
1635 | ../../debian/apport/source_grub2.py usr/share/apport/package-hooks/ |
1636 | ../../debian/grub.d etc |
1637 | ../../debian/init-select.cfg etc/default/grub.d |
1638 | +../../debian/grub-check-signatures usr/share/grub/ |
1639 | +../../debian/grub-multi-install usr/lib/grub/ |
1640 | +../../debian/canonical-uefi-ca.crt usr/share/grub/ |
1641 | |
1642 | etc/grub.d |
1643 | usr/bin/grub-editenv |
1644 | @@ -20,6 +23,7 @@ usr/bin/grub-mkstandalone |
1645 | usr/bin/grub-render-label |
1646 | usr/bin/grub-script-check |
1647 | usr/bin/grub-syslinux2cfg |
1648 | +usr/lib/systemd/system/grub-initrd-fallback.service lib/systemd/system |
1649 | usr/sbin/grub-macbless |
1650 | usr/sbin/grub-mkconfig |
1651 | usr/sbin/grub-mkdevicemap |
1652 | diff --git a/debian/grub-common.service b/debian/grub-common.service |
1653 | new file mode 100644 |
1654 | index 0000000..1395ad9 |
1655 | --- /dev/null |
1656 | +++ b/debian/grub-common.service |
1657 | @@ -0,0 +1,14 @@ |
1658 | +[Unit] |
1659 | +Description=Record successful boot for GRUB |
1660 | + |
1661 | +[Service] |
1662 | +Type=simple |
1663 | +Restart=no |
1664 | +RemainAfterExit=yes |
1665 | +ExecStartPre=/bin/sh -c '[ -s /boot/grub/grubenv ] || rm -f /boot/grub/grubenv; mkdir -p /boot/grub' |
1666 | +ExecStart=grub-editenv /boot/grub/grubenv unset recordfail |
1667 | +ExecStartPost=/bin/sh -c 'if grub-editenv /boot/grub/grubenv list | grep -q initrdless_boot_fallback_triggered=1; then echo "<3>grub: GRUB_FORCE_PARTUUID set, initrdless boot paniced, fallback triggered."; fi' |
1668 | +StandardOutput=kmsg |
1669 | + |
1670 | +[Install] |
1671 | +WantedBy=multi-user.target |
1672 | \ No newline at end of file |
1673 | diff --git a/debian/grub-common.templates b/debian/grub-common.templates |
1674 | new file mode 100644 |
1675 | index 0000000..c75e5d3 |
1676 | --- /dev/null |
1677 | +++ b/debian/grub-common.templates |
1678 | @@ -0,0 +1,53 @@ |
1679 | +Template: grub-efi/install_devices |
1680 | +Type: multiselect |
1681 | +Choices-C: ${RAW_CHOICES} |
1682 | +Choices: ${CHOICES} |
1683 | +_Description: GRUB EFI system partitions: |
1684 | + The grub-efi package is being upgraded. This menu allows you to select which |
1685 | + EFI system partions you'd like grub-install to be automatically run for, if any. |
1686 | + . |
1687 | + Running grub-install automatically is recommended in most situations, to |
1688 | + prevent the installed GRUB core image from getting out of sync with GRUB |
1689 | + modules or grub.cfg. |
1690 | + |
1691 | +Template: grub-efi/install_devices_disks_changed |
1692 | +Type: multiselect |
1693 | +Choices-C: ${RAW_CHOICES} |
1694 | +Choices: ${CHOICES} |
1695 | +_Description: GRUB install devices: |
1696 | + The GRUB boot loader was previously installed to a disk that is no longer |
1697 | + present, or whose unique identifier has changed for some reason. It is |
1698 | + important to make sure that the installed GRUB core image stays in sync |
1699 | + with GRUB modules and grub.cfg. Please check again to make sure that GRUB |
1700 | + is written to the appropriate boot devices. |
1701 | + |
1702 | +Template: grub-efi/partition_description |
1703 | +Type: text |
1704 | +_Description: ${DEVICE} (${SIZE} MB; ${PATH}) on ${DISK_SIZE} MB ${DISK_MODEL} |
1705 | + |
1706 | +Template: grub-efi/install_devices_failed |
1707 | +Type: boolean |
1708 | +Default: false |
1709 | +#flag:translate!:3 |
1710 | +_Description: Writing GRUB to boot device failed - continue? |
1711 | + GRUB failed to install to the following devices: |
1712 | + . |
1713 | + ${FAILED_DEVICES} |
1714 | + . |
1715 | + Do you want to continue anyway? If you do, your computer may not start up |
1716 | + properly. |
1717 | + |
1718 | +Template: grub-efi/install_devices_empty |
1719 | +Type: boolean |
1720 | +Default: false |
1721 | +_Description: Continue without installing GRUB? |
1722 | + You chose not to install GRUB to any devices. If you continue, the boot |
1723 | + loader may not be properly configured, and when this computer next starts |
1724 | + up it will use whatever was previously configured. If there is an |
1725 | + earlier version of GRUB 2 in the EFI system partition, it may be unable to load |
1726 | + modules or handle the current configuration file. |
1727 | + . |
1728 | + If you are already using a different boot loader and want to carry on |
1729 | + doing so, or if this is a special environment where you do not need a boot |
1730 | + loader, then you should continue anyway. Otherwise, you should install |
1731 | + GRUB somewhere. |
1732 | diff --git a/debian/grub-multi-install b/debian/grub-multi-install |
1733 | new file mode 100755 |
1734 | index 0000000..bedc700 |
1735 | --- /dev/null |
1736 | +++ b/debian/grub-multi-install |
1737 | @@ -0,0 +1,417 @@ |
1738 | +#!/bin/bash |
1739 | +# |
1740 | +# Install to multiple ESPs |
1741 | + |
1742 | +set -e |
1743 | + |
1744 | +# Most of this is copy-paste from grub postinst, sigh. |
1745 | + |
1746 | +. /usr/share/debconf/confmodule |
1747 | + |
1748 | +# shamelessly stolen from ucf: |
1749 | +# |
1750 | +# Load our templates, just in case our template has |
1751 | +# not been loaded or the Debconf DB lost or corrupted |
1752 | +# since then. |
1753 | +db_x_loadtemplatefile "$(dpkg-query --control-path grub-common templates)" grub-common |
1754 | + |
1755 | +############################################################################### |
1756 | +# COPY FROM POSTINST |
1757 | +############################################################################### |
1758 | +# This only works on a Linux system with udev running. This is probably the |
1759 | +# vast majority of systems where we need any of this, though, and we fall |
1760 | +# back reasonably gracefully if we don't have it. |
1761 | +cached_available_ids= |
1762 | +available_ids() |
1763 | +{ |
1764 | + local id path |
1765 | + |
1766 | + if [ "$cached_available_ids" ]; then |
1767 | + echo "$cached_available_ids" |
1768 | + return |
1769 | + fi |
1770 | + |
1771 | + [ -d /dev/disk/by-id ] || return |
1772 | + cached_available_ids="$( |
1773 | + for path in /dev/disk/by-id/*; do |
1774 | + [ -e "$path" ] || continue |
1775 | + printf '%s %s\n' "$path" "$(readlink -f "$path")" |
1776 | + done | sort -k2 -s -u | cut -d' ' -f1 |
1777 | + )" |
1778 | + echo "$cached_available_ids" |
1779 | +} |
1780 | + |
1781 | +# Returns non-zero and no output if no mapping can be found. |
1782 | +device_to_id() |
1783 | +{ |
1784 | + local id |
1785 | + for id in $(available_ids); do |
1786 | + if [ "$(readlink -f "$id")" = "$(readlink -f "$1")" ]; then |
1787 | + echo "$id" |
1788 | + return 0 |
1789 | + fi |
1790 | + done |
1791 | + # Fall back to the plain device name if there's no by-id link for it. |
1792 | + if [ -e "$1" ]; then |
1793 | + echo "$1" |
1794 | + return 0 |
1795 | + fi |
1796 | + return 1 |
1797 | +} |
1798 | + |
1799 | +# for Linux |
1800 | +sysfs_size() |
1801 | +{ |
1802 | + local num_sectors sector_size size |
1803 | + # Try to find out the size without relying on a partitioning tool being |
1804 | + # installed. This isn't too hard on Linux 2.6 with sysfs, but we have to |
1805 | + # try a couple of variants on detection of the sector size. |
1806 | + if [ -e "$1/size" ]; then |
1807 | + num_sectors="$(cat "$1/size")" |
1808 | + sector_size=512 |
1809 | + if [ -e "$1/queue/logical_block_size" ]; then |
1810 | + sector_size="$(cat "$1/queue/logical_block_size")" |
1811 | + elif [ -e "$1/queue/hw_sector_size" ]; then |
1812 | + sector_size="$(cat "$1/queue/hw_sector_size")" |
1813 | + fi |
1814 | + size="$(expr "$num_sectors" \* "$sector_size" / 1000 / 1000)" |
1815 | + fi |
1816 | + [ "$size" ] || size='???' |
1817 | + echo "$size" |
1818 | +} |
1819 | + |
1820 | +# for kFreeBSD |
1821 | +camcontrol_size() |
1822 | +{ |
1823 | + local num_sectors sector_size size= |
1824 | + |
1825 | + if num_sectors="$(camcontrol readcap "$1" -q -s -N)"; then |
1826 | + sector_size="$(camcontrol readcap "$1" -q -b)" |
1827 | + size="$(expr "$num_sectors" \* "$sector_size" / 1000 / 1000)" |
1828 | + fi |
1829 | + |
1830 | + [ "$size" ] || size='???' |
1831 | + echo "$size" |
1832 | +} |
1833 | + |
1834 | +maybe_udevadm() |
1835 | +{ |
1836 | + if which udevadm >/dev/null 2>&1; then |
1837 | + udevadm "$@" || true |
1838 | + fi |
1839 | +} |
1840 | + |
1841 | +# Parse /proc/mounts and find out the mount for the given device. |
1842 | +# The device must be a real device in /dev, not a symlink to one. |
1843 | +get_mounted_device() |
1844 | +{ |
1845 | + mountpoint="$1" |
1846 | + cat /proc/mounts | while read -r line; do |
1847 | + set -f |
1848 | + set -- $line |
1849 | + set +f |
1850 | + if [ "$2" = "$mountpoint" ]; then |
1851 | + echo "$1" |
1852 | + break |
1853 | + fi |
1854 | + done |
1855 | +} |
1856 | + |
1857 | +############################################################################### |
1858 | +# New or modified helpers |
1859 | +############################################################################### |
1860 | + |
1861 | +# Fixed: Return nothing if the argument is empty |
1862 | +get_mountpoint() |
1863 | +{ |
1864 | + local relpath boot_mountpoint |
1865 | + |
1866 | + if [ -z "$1" ]; then |
1867 | + return |
1868 | + fi |
1869 | + |
1870 | + relpath="$(grub-mkrelpath "$1")" |
1871 | + boot_mountpoint="${1#$relpath}" |
1872 | + echo "${boot_mountpoint:-/}" |
1873 | +} |
1874 | + |
1875 | + |
1876 | +# Returns value in $RET, like a debconf command. |
1877 | +# |
1878 | +# Merged version of describe_disk and describe_partition, as disks can't be |
1879 | +# valid ESPs on their own, so we can't render them as an entry. |
1880 | +describe_efi_system_partition() |
1881 | +{ |
1882 | + local disk part id path sysfs_path diskbase partbase size |
1883 | + local disk_basename disk_size model |
1884 | + disk="$1" |
1885 | + part="$2" |
1886 | + id="$3" |
1887 | + path="$4" |
1888 | + |
1889 | + # BEGIN: Stolen from describe_disk |
1890 | + model= |
1891 | + case $(uname -s) in |
1892 | + Linux) |
1893 | + sysfs_path="$(maybe_udevadm info -n "$disk" -q path)" |
1894 | + if [ -z "$sysfs_path" ]; then |
1895 | + sysfs_path="/block/$(printf %s "${disk#/dev/}" | sed 's,/,!,g')" |
1896 | + fi |
1897 | + disk_size="$(sysfs_size "/sys$sysfs_path")" |
1898 | + |
1899 | + model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^ID_MODEL=//p')" |
1900 | + if [ -z "$model" ]; then |
1901 | + model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^DM_NAME=//p')" |
1902 | + if [ -z "$model" ]; then |
1903 | + model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^MD_NAME=//p')" |
1904 | + if [ -z "$model" ] && which dmsetup >/dev/null 2>&1; then |
1905 | + model="$(dmsetup info -c --noheadings -o name "$disk" 2>/dev/null || true)" |
1906 | + fi |
1907 | + fi |
1908 | + fi |
1909 | + ;; |
1910 | + GNU/kFreeBSD) |
1911 | + disk_basename=$(basename "$disk") |
1912 | + disk_size="$(camcontrol_size "$disk_basename")" |
1913 | + model="$(camcontrol inquiry "$disk_basename" | sed -ne "s/^pass0: <\([^>]*\)>.*/\1/p")" |
1914 | + ;; |
1915 | + esac |
1916 | + |
1917 | + [ "$model" ] || model='???' |
1918 | + |
1919 | + # END: Stolen from describe_disk |
1920 | + |
1921 | + sysfs_path="$(maybe_udevadm info -n "$part" -q path)" |
1922 | + if [ -z "$sysfs_path" ]; then |
1923 | + diskbase="${disk#/dev/}" |
1924 | + diskbase="$(printf %s "$diskbase" | sed 's,/,!,g')" |
1925 | + partbase="${part#/dev/}" |
1926 | + partbase="$(printf %s "$partbase" | sed 's,/,!,g')" |
1927 | + sysfs_path="/block/$diskbase/$partbase" |
1928 | + fi |
1929 | + size="$(sysfs_size "/sys$sysfs_path")" |
1930 | + |
1931 | + db_subst grub-efi/partition_description DEVICE "$part" |
1932 | + db_subst grub-efi/partition_description SIZE "$size" |
1933 | + db_subst grub-efi/partition_description PATH "$path" |
1934 | + db_subst grub-efi/partition_description DISK_MODEL "$model" |
1935 | + db_subst grub-efi/partition_description DISK_SIZE "$disk_size" |
1936 | + db_metaget grub-efi/partition_description description |
1937 | +} |
1938 | + |
1939 | + |
1940 | +# Parse /proc/mounts and find out the mount for the given device. |
1941 | +# The device must be a real device in /dev, not a symlink to one. |
1942 | +find_mount_point() |
1943 | +{ |
1944 | + real_device="$1" |
1945 | + cat /proc/mounts | while read -r line; do |
1946 | + set -f |
1947 | + set -- $line |
1948 | + set +f |
1949 | + if [ "$1" = "$real_device" -a "$3" = "vfat" ]; then |
1950 | + echo "$2" |
1951 | + break |
1952 | + fi |
1953 | + done |
1954 | +} |
1955 | + |
1956 | +# Return all devices that are a valid ESP |
1957 | +usable_efi_system_partitions() |
1958 | +{ |
1959 | + local last_partition path partition partition_id |
1960 | + local ID_PART_ENTRY_TYPE ID_PART_ENTRY_SCHEME |
1961 | + |
1962 | + last_partition= |
1963 | + ( |
1964 | + for partition in /dev/disk/by-id/*; do |
1965 | + eval "$(udevadm info -q property -n "$partition" | grep -E '^ID_PART_ENTRY_(TYPE|SCHEME)=')" |
1966 | + if [ -z "$ID_PART_ENTRY_TYPE" -o -z "$ID_PART_ENTRY_SCHEME" -o \ |
1967 | + \( "$ID_PART_ENTRY_SCHEME" != gpt -a "$ID_PART_ENTRY_SCHEME" != dos \) -o \ |
1968 | + \( "$ID_PART_ENTRY_SCHEME" = gpt -a "$ID_PART_ENTRY_TYPE" != c12a7328-f81f-11d2-ba4b-00a0c93ec93b \) -o \ |
1969 | + \( "$ID_PART_ENTRY_SCHEME" = dos -a "$ID_PART_ENTRY_TYPE" != 0xef \) ]; then |
1970 | + continue |
1971 | + fi |
1972 | + # unify the partition id |
1973 | + partition_id="$(device_to_id "$partition" || true)" |
1974 | + real_device="$(readlink -f "$partition")" |
1975 | + path="$(find_mount_point $real_device)" |
1976 | + echo "$path:$partition_id" |
1977 | + done |
1978 | + ) | sort -t: -k2 -u |
1979 | +} |
1980 | + |
1981 | +############################################################################### |
1982 | +# MAGIC SCRIPT |
1983 | +############################################################################### |
1984 | +FALLBACK_MOUNTPOINT=/var/lib/grub/esp |
1985 | + |
1986 | +# Initial install/upgrade from /boot/efi? |
1987 | +db_fget grub-efi/install_devices seen |
1988 | +seen="$RET" |
1989 | + |
1990 | +# Get configured value |
1991 | +question=grub-efi/install_devices |
1992 | +priority=high |
1993 | +db_get grub-efi/install_devices |
1994 | +valid=1 |
1995 | + |
1996 | +# We either migrate /boot/efi over, or we check if we have invalid devices |
1997 | +if [ -z "$RET" ] && [ "$seen" != "true" ]; then |
1998 | + echo "Trying to migrate /boot/efi into esp config" |
1999 | + esp="$(get_mounted_device /boot/efi)" |
2000 | + if [ "$esp" ]; then |
2001 | + esp="$(device_to_id "$esp")" |
2002 | + fi |
2003 | + if [ "$esp" ]; then |
2004 | + db_set grub-efi/install_devices "$esp" |
2005 | + db_fset grub-efi/install_devices seen true |
2006 | + RET="$esp" |
2007 | + fi |
2008 | +else |
2009 | + for device in $RET; do |
2010 | + if [ ! -e "${device%,}" ]; then |
2011 | + valid=0 |
2012 | + break |
2013 | + fi |
2014 | + done |
2015 | +fi |
2016 | + |
2017 | +# If /boot/efi points to a device that's not in the list, trigger the |
2018 | +# install_devices_disks_changed prompt below, but add the device behind |
2019 | +# /boot/efi to the defaults. |
2020 | +boot_efi_device=$(get_mounted_device /boot/efi || true) |
2021 | +if [ "$boot_efi_device" ]; then |
2022 | + for device in $RET; do |
2023 | + device="${device%,}" |
2024 | + real_device="$(readlink -f "$device" || true)" |
2025 | + if [ "$real_device" = "$boot_efi_device" ]; then |
2026 | + boot_efi_device="" |
2027 | + break |
2028 | + fi |
2029 | + done |
2030 | + |
2031 | + if [ "$boot_efi_device" ]; then |
2032 | + boot_efi_device="$(device_to_id "$boot_efi_device" || true)" |
2033 | + if [ "$RET" ]; then |
2034 | + RET="$RET, $boot_efi_device" |
2035 | + else |
2036 | + RET="$boot_efi_device" |
2037 | + fi |
2038 | + valid=0 |
2039 | + fi |
2040 | +fi |
2041 | + |
2042 | + |
2043 | +if [ "$valid" = 0 ]; then |
2044 | + question=grub-efi/install_devices_disks_changed |
2045 | + priority=critical |
2046 | + db_set "$question" "$RET" |
2047 | + db_fset "$question" seen false |
2048 | + db_fset grub-efi/install_devices_empty seen false |
2049 | +fi |
2050 | + |
2051 | +while :; do |
2052 | + ids= |
2053 | + descriptions= |
2054 | + partitions="$(usable_efi_system_partitions)" |
2055 | + |
2056 | + for partition_pair in $partitions; do |
2057 | + partition_id="${partition_pair#*:}" |
2058 | + device="${partition_id%%-part*}" |
2059 | + ids="${ids:+$ids, }$partition_id" |
2060 | + describe_efi_system_partition "$(readlink -f "$device")" "$(readlink -f "$partition_id")" "$partition_id" "$(get_mountpoint "${partition_pair%%:*}")" |
2061 | + RET="$(printf %s "$RET" | sed 's/,/\\,/g')" |
2062 | + descriptions="${descriptions:+$descriptions, }$RET" |
2063 | + done |
2064 | + |
2065 | + db_subst "$question" RAW_CHOICES "$ids" |
2066 | + db_subst "$question" CHOICES "$descriptions" |
2067 | + db_input "$priority" "$question" || true |
2068 | + db_go |
2069 | + db_get "$question" |
2070 | + |
2071 | + |
2072 | + # Run the installer |
2073 | + failed_devices= |
2074 | + for i in `echo $RET | sed -e 's/, / /g'` ; do |
2075 | + real_device="$(readlink -f "$i")" |
2076 | + mntpoint=$(find_mount_point $real_device) |
2077 | + if [ -z "$mntpoint" ]; then |
2078 | + mntpoint=$FALLBACK_MOUNTPOINT |
2079 | + mount $real_device $mntpoint |
2080 | + fi |
2081 | + echo "Installing grub to $mntpoint." >&2 |
2082 | + if _UBUNTU_ALTERNATIVE_ESPS="$RET" grub-install --efi-directory=$mntpoint "$@" ; then |
2083 | + # We just installed GRUB 2; then also generate grub.cfg. |
2084 | + touch /boot/grub/grub.cfg |
2085 | + else |
2086 | + failed_devices="$failed_devices $real_device" |
2087 | + fi |
2088 | + |
2089 | + if [ "$mntpoint" = "$FALLBACK_MOUNTPOINT" ]; then |
2090 | + umount $mntpoint |
2091 | + fi |
2092 | + done |
2093 | + |
2094 | + if [ "$question" != grub-efi/install_devices ] && [ "$RET" ]; then |
2095 | + # XXX cjwatson 2019-02-26: The description of |
2096 | + # grub-efi/install_devices_disks_changed ought to explain that |
2097 | + # selecting no devices will leave the configuration unchanged |
2098 | + # so that you'll be prompted again next time, but it's a bit |
2099 | + # close to the Debian 10 release to be introducing new |
2100 | + # translatable text. For now, it should be sufficient to |
2101 | + # avoid losing configuration data. |
2102 | + db_set grub-efi/install_devices "$RET" |
2103 | + db_fset grub-efi/install_devices seen true |
2104 | + fi |
2105 | + |
2106 | + if [ "$failed_devices" ]; then |
2107 | + db_subst grub-efi/install_devices_failed FAILED_DEVICES "$failed_devices" |
2108 | + db_fset grub-efi/install_devices_failed seen false |
2109 | + if db_input critical grub-efi/install_devices_failed; then |
2110 | + db_go |
2111 | + db_get grub-efi/install_devices_failed |
2112 | + if [ "$RET" = true ]; then |
2113 | + break |
2114 | + else |
2115 | + db_fset "$question" seen false |
2116 | + db_fset grub-efi/install_devices_failed seen false |
2117 | + continue |
2118 | + fi |
2119 | + else |
2120 | + exit 1 # noninteractive |
2121 | + fi |
2122 | + fi |
2123 | + |
2124 | + db_get "$question" |
2125 | + if [ -z "$RET" ]; then |
2126 | + # Reset the seen flag if the current answer is false, since |
2127 | + # otherwise we'll loop with no indication of why. |
2128 | + db_get grub-efi/install_devices_empty |
2129 | + if [ "$RET" = false ]; then |
2130 | + db_fset grub-efi/install_devices_empty seen false |
2131 | + fi |
2132 | + if db_input critical grub-efi/install_devices_empty; then |
2133 | + db_go |
2134 | + db_get grub-efi/install_devices_empty |
2135 | + if [ "$RET" = true ]; then |
2136 | + break |
2137 | + else |
2138 | + db_fset "$question" seen false |
2139 | + db_fset grub-efi/install_devices_empty seen false |
2140 | + fi |
2141 | + else |
2142 | + # if question was seen we are done |
2143 | + # Otherwise, abort |
2144 | + db_fget grub-efi/install_devices_empty seen |
2145 | + if [ "$RET" = true ]; then |
2146 | + break |
2147 | + else |
2148 | + exit 1 |
2149 | + fi |
2150 | + fi |
2151 | + else |
2152 | + break |
2153 | + fi |
2154 | +done |
2155 | diff --git a/debian/patches/0074-uefi-firmware-rename-fwsetup-menuentry-to-UEFI-Firmw.patch b/debian/patches/0074-uefi-firmware-rename-fwsetup-menuentry-to-UEFI-Firmw.patch |
2156 | new file mode 100644 |
2157 | index 0000000..20dbfb4 |
2158 | --- /dev/null |
2159 | +++ b/debian/patches/0074-uefi-firmware-rename-fwsetup-menuentry-to-UEFI-Firmw.patch |
2160 | @@ -0,0 +1,26 @@ |
2161 | +From 7bae32b384bf0129a980b77447e21abb4024f693 Mon Sep 17 00:00:00 2001 |
2162 | +From: Dimitri John Ledkov <xnox@ubuntu.com> |
2163 | +Date: Mon, 24 Feb 2020 20:29:53 +0000 |
2164 | +Subject: uefi-firmware: rename fwsetup menuentry to UEFI Firmware Settings |
2165 | + |
2166 | +LP: #1864547 |
2167 | +--- |
2168 | + util/grub.d/30_uefi-firmware.in | 4 ++-- |
2169 | + 1 file changed, 2 insertions(+), 2 deletions(-) |
2170 | + |
2171 | +diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in |
2172 | +index 3c9f533d8c..b072d219f6 100644 |
2173 | +--- a/util/grub.d/30_uefi-firmware.in |
2174 | ++++ b/util/grub.d/30_uefi-firmware.in |
2175 | +@@ -32,9 +32,9 @@ OsIndications="$efi_vars_dir/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE/data" |
2176 | + |
2177 | + if [ -e "$OsIndications" ] && \ |
2178 | + [ "$(( $(printf 0x%x \'"$(cat $OsIndications | cut -b1)") & 1 ))" = 1 ]; then |
2179 | +- LABEL="System setup" |
2180 | ++ LABEL="UEFI Firmware Settings" |
2181 | + |
2182 | +- gettext_printf "Adding boot menu entry for EFI firmware configuration\n" >&2 |
2183 | ++ gettext_printf "Adding boot menu entry for UEFI Firmware Settings\n" >&2 |
2184 | + |
2185 | + onstr="$(gettext_printf "(on %s)" "${DEVICE}")" |
2186 | + |
2187 | diff --git a/debian/patches/0075-smbios-Add-a-linux-argument-to-apply-linux-modalias-.patch b/debian/patches/0075-smbios-Add-a-linux-argument-to-apply-linux-modalias-.patch |
2188 | new file mode 100644 |
2189 | index 0000000..3f8f67c |
2190 | --- /dev/null |
2191 | +++ b/debian/patches/0075-smbios-Add-a-linux-argument-to-apply-linux-modalias-.patch |
2192 | @@ -0,0 +1,86 @@ |
2193 | +From 484c805e1361fd010e0c3e2c44585f5f7e3899c1 Mon Sep 17 00:00:00 2001 |
2194 | +From: Julian Andres Klode <julian.klode@canonical.com> |
2195 | +Date: Tue, 3 Mar 2020 16:06:34 +0100 |
2196 | +Subject: smbios: Add a --linux argument to apply linux modalias-like filtering |
2197 | + |
2198 | +Linux creates modalias strings by filtering out non-ASCII, space, |
2199 | +and colon characters. Provide an option that does the same filtering |
2200 | +so people can create a modalias string in GRUB, and then match their |
2201 | +modalias patterns against it. |
2202 | + |
2203 | +Signed-off-by: Julian Andres Klode <julian.klode@canonical.com> |
2204 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
2205 | +Origin: upstream, https://git.savannah.gnu.org/cgit/grub.git/commit/?id=87049f9716fb095aecb595fb8f45497bbbb1b4a2 |
2206 | +--- |
2207 | + grub-core/commands/smbios.c | 24 ++++++++++++++++++++++++ |
2208 | + 1 file changed, 24 insertions(+) |
2209 | + |
2210 | +diff --git a/grub-core/commands/smbios.c b/grub-core/commands/smbios.c |
2211 | +index 7a6a391fc1..1a9086ddd4 100644 |
2212 | +--- a/grub-core/commands/smbios.c |
2213 | ++++ b/grub-core/commands/smbios.c |
2214 | +@@ -64,6 +64,21 @@ grub_smbios_get_eps3 (void) |
2215 | + return eps; |
2216 | + } |
2217 | + |
2218 | ++static char * |
2219 | ++linux_string (const char *value) |
2220 | ++{ |
2221 | ++ char *out = grub_malloc( grub_strlen (value) + 1); |
2222 | ++ const char *src = value; |
2223 | ++ char *dst = out; |
2224 | ++ |
2225 | ++ for (; *src; src++) |
2226 | ++ if (*src > ' ' && *src < 127 && *src != ':') |
2227 | ++ *dst++ = *src; |
2228 | ++ |
2229 | ++ *dst = 0; |
2230 | ++ return out; |
2231 | ++} |
2232 | ++ |
2233 | + /* |
2234 | + * These functions convert values from the various SMBIOS structure field types |
2235 | + * into a string formatted to be returned to the user. They expect that the |
2236 | +@@ -176,6 +191,7 @@ static const struct { |
2237 | + /* List command options, with structure field getters ordered as above. */ |
2238 | + #define FIRST_GETTER_OPT (3) |
2239 | + #define SETTER_OPT (FIRST_GETTER_OPT + ARRAY_SIZE(field_extractors)) |
2240 | ++#define LINUX_OPT (FIRST_GETTER_OPT + ARRAY_SIZE(field_extractors) + 1) |
2241 | + |
2242 | + static const struct grub_arg_option options[] = { |
2243 | + {"type", 't', 0, N_("Match structures with the given type."), |
2244 | +@@ -198,6 +214,8 @@ static const struct grub_arg_option options[] = { |
2245 | + N_("offset"), ARG_TYPE_INT}, |
2246 | + {"set", '\0', 0, N_("Store the value in the given variable name."), |
2247 | + N_("variable"), ARG_TYPE_STRING}, |
2248 | ++ {"linux", '\0', 0, N_("Filter the result like linux does."), |
2249 | ++ N_("variable"), ARG_TYPE_NONE}, |
2250 | + {0, 0, 0, 0, 0, 0} |
2251 | + }; |
2252 | + |
2253 | +@@ -261,6 +279,7 @@ grub_cmd_smbios (grub_extcmd_context_t ctxt, |
2254 | + |
2255 | + const grub_uint8_t *structure; |
2256 | + const char *value; |
2257 | ++ char *modified_value = NULL; |
2258 | + grub_int32_t option; |
2259 | + grub_int8_t field_type = -1; |
2260 | + grub_uint8_t i; |
2261 | +@@ -334,12 +353,17 @@ grub_cmd_smbios (grub_extcmd_context_t ctxt, |
2262 | + return grub_error (GRUB_ERR_IO, |
2263 | + N_("failed to retrieve the structure field")); |
2264 | + |
2265 | ++ if (state[LINUX_OPT].set) |
2266 | ++ value = modified_value = linux_string (value); |
2267 | ++ |
2268 | + /* Store or print the formatted value. */ |
2269 | + if (state[SETTER_OPT].set) |
2270 | + grub_env_set (state[SETTER_OPT].arg, value); |
2271 | + else |
2272 | + grub_printf ("%s\n", value); |
2273 | + |
2274 | ++ grub_free(modified_value); |
2275 | ++ |
2276 | + return GRUB_ERR_NONE; |
2277 | + } |
2278 | + |
2279 | diff --git a/debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch b/debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch |
2280 | new file mode 100644 |
2281 | index 0000000..8460c3c |
2282 | --- /dev/null |
2283 | +++ b/debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch |
2284 | @@ -0,0 +1,118 @@ |
2285 | +From 80b0e6a9375628f209b96173ce0a3af70060131c Mon Sep 17 00:00:00 2001 |
2286 | +From: Chris Coulson <chris.coulson@canonical.com> |
2287 | +Date: Wed, 11 Mar 2020 16:46:00 +0100 |
2288 | +Subject: ubuntu: Make the linux command in EFI grub always try EFI handover |
2289 | + |
2290 | +The previous implementation only boots via the EFI handover protocol when |
2291 | +secure boot is enabled. This means that disabling secure boot breaks some |
2292 | +features that depend on the kernel being booted via the EFI handover entry |
2293 | +point, such as retrieval of the TCG event log. |
2294 | + |
2295 | +Update the linux command to always attempt to defer to linuxefi in EFI grub |
2296 | +builds, regardless of whether secure boot is enabled or not. This also allows |
2297 | +a fallback to the non-EFI handover path on kernels that don't support it, but |
2298 | +only if secure boot is disabled. |
2299 | +--- |
2300 | + grub-core/loader/i386/efi/linux.c | 14 +++++---- |
2301 | + grub-core/loader/i386/linux.c | 47 +++++++++++++++++-------------- |
2302 | + 2 files changed, 35 insertions(+), 26 deletions(-) |
2303 | + |
2304 | +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c |
2305 | +index 6b6aef87f7..fe3ca2c596 100644 |
2306 | +--- a/grub-core/loader/i386/efi/linux.c |
2307 | ++++ b/grub-core/loader/i386/efi/linux.c |
2308 | +@@ -27,6 +27,7 @@ |
2309 | + #include <grub/lib/cmdline.h> |
2310 | + #include <grub/efi/efi.h> |
2311 | + #include <grub/efi/linux.h> |
2312 | ++#include <grub/efi/sb.h> |
2313 | + |
2314 | + GRUB_MOD_LICENSE ("GPLv3+"); |
2315 | + |
2316 | +@@ -195,12 +196,15 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), |
2317 | + goto fail; |
2318 | + } |
2319 | + |
2320 | +- rc = grub_linuxefi_secure_validate (kernel, filelen); |
2321 | +- if (rc < 0) |
2322 | ++ if (grub_efi_secure_boot ()) |
2323 | + { |
2324 | +- grub_error (GRUB_ERR_ACCESS_DENIED, N_("%s has invalid signature"), |
2325 | +- argv[0]); |
2326 | +- goto fail; |
2327 | ++ rc = grub_linuxefi_secure_validate (kernel, filelen); |
2328 | ++ if (rc < 0) |
2329 | ++ { |
2330 | ++ grub_error (GRUB_ERR_ACCESS_DENIED, N_("%s has invalid signature"), |
2331 | ++ argv[0]); |
2332 | ++ goto fail; |
2333 | ++ } |
2334 | + } |
2335 | + |
2336 | + params = grub_efi_allocate_pages_max (0x3fffffff, |
2337 | +diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c |
2338 | +index 4328bcbdb0..991eb29db9 100644 |
2339 | +--- a/grub-core/loader/i386/linux.c |
2340 | ++++ b/grub-core/loader/i386/linux.c |
2341 | +@@ -658,35 +658,40 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), |
2342 | + |
2343 | + #ifdef GRUB_MACHINE_EFI |
2344 | + using_linuxefi = 0; |
2345 | +- if (grub_efi_secure_boot ()) |
2346 | +- { |
2347 | +- /* linuxefi requires a successful signature check and then hand over |
2348 | +- to the kernel without calling ExitBootServices. */ |
2349 | +- grub_dl_t mod; |
2350 | +- grub_command_t linuxefi_cmd; |
2351 | + |
2352 | +- grub_dprintf ("linux", "Secure Boot enabled: trying linuxefi\n"); |
2353 | ++ grub_dl_t mod; |
2354 | ++ grub_command_t linuxefi_cmd; |
2355 | ++ |
2356 | ++ grub_dprintf ("linux", "Trying linuxefi\n"); |
2357 | + |
2358 | +- mod = grub_dl_load ("linuxefi"); |
2359 | +- if (mod) |
2360 | ++ mod = grub_dl_load ("linuxefi"); |
2361 | ++ if (mod) |
2362 | ++ { |
2363 | ++ grub_dl_ref (mod); |
2364 | ++ linuxefi_cmd = grub_command_find ("linuxefi"); |
2365 | ++ initrdefi_cmd = grub_command_find ("initrdefi"); |
2366 | ++ if (linuxefi_cmd && initrdefi_cmd) |
2367 | + { |
2368 | +- grub_dl_ref (mod); |
2369 | +- linuxefi_cmd = grub_command_find ("linuxefi"); |
2370 | +- initrdefi_cmd = grub_command_find ("initrdefi"); |
2371 | +- if (linuxefi_cmd && initrdefi_cmd) |
2372 | ++ (linuxefi_cmd->func) (linuxefi_cmd, argc, argv); |
2373 | ++ if (grub_errno == GRUB_ERR_NONE) |
2374 | ++ { |
2375 | ++ grub_dprintf ("linux", "Handing off to linuxefi\n"); |
2376 | ++ using_linuxefi = 1; |
2377 | ++ return GRUB_ERR_NONE; |
2378 | ++ } |
2379 | ++ else if (grub_efi_secure_boot ()) |
2380 | + { |
2381 | +- (linuxefi_cmd->func) (linuxefi_cmd, argc, argv); |
2382 | +- if (grub_errno == GRUB_ERR_NONE) |
2383 | +- { |
2384 | +- grub_dprintf ("linux", "Handing off to linuxefi\n"); |
2385 | +- using_linuxefi = 1; |
2386 | +- return GRUB_ERR_NONE; |
2387 | +- } |
2388 | +- grub_dprintf ("linux", "linuxefi failed (%d)\n", grub_errno); |
2389 | ++ grub_dprintf ("linux", "linuxefi failed and secure boot is enabled (%d)\n", grub_errno); |
2390 | + goto fail; |
2391 | + } |
2392 | + } |
2393 | + } |
2394 | ++ |
2395 | ++ if (grub_efi_secure_boot ()) |
2396 | ++ { |
2397 | ++ grub_dprintf("linux", "Unable to hand off to linuxefi and secure boot is enabled\n"); |
2398 | ++ goto fail; |
2399 | ++ } |
2400 | + #endif |
2401 | + |
2402 | + if (argc == 0) |
2403 | diff --git a/debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch b/debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch |
2404 | new file mode 100644 |
2405 | index 0000000..dfd3ee8 |
2406 | --- /dev/null |
2407 | +++ b/debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch |
2408 | @@ -0,0 +1,25 @@ |
2409 | +From f59fbf2d6ae70d8872d8b680cfccb6e139410944 Mon Sep 17 00:00:00 2001 |
2410 | +From: Chris Coulson <chris.coulson@canonical.com> |
2411 | +Date: Wed, 11 Mar 2020 16:46:41 +0100 |
2412 | +Subject: ubuntu: Update the linux boot protocol version check. |
2413 | + |
2414 | +The EFI implementation of grub_cmd_linux makes use of xloadflags which was |
2415 | +introduced in to version 2.12 of the kernel's boot protocol, so update the |
2416 | +check accordingly. |
2417 | +--- |
2418 | + grub-core/loader/i386/efi/linux.c | 2 +- |
2419 | + 1 file changed, 1 insertion(+), 1 deletion(-) |
2420 | + |
2421 | +diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c |
2422 | +index fe3ca2c596..2929da7a29 100644 |
2423 | +--- a/grub-core/loader/i386/efi/linux.c |
2424 | ++++ b/grub-core/loader/i386/efi/linux.c |
2425 | +@@ -245,7 +245,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), |
2426 | + } |
2427 | + |
2428 | + grub_dprintf ("linuxefi", "checking lh->version\n"); |
2429 | +- if (lh->version < grub_cpu_to_le16 (0x020b)) |
2430 | ++ if (lh->version < grub_cpu_to_le16 (0x020c)) |
2431 | + { |
2432 | + grub_error (GRUB_ERR_BAD_OS, N_("kernel too old")); |
2433 | + goto fail; |
2434 | diff --git a/debian/patches/0081-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch b/debian/patches/0081-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch |
2435 | new file mode 100644 |
2436 | index 0000000..5ce30a2 |
2437 | --- /dev/null |
2438 | +++ b/debian/patches/0081-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch |
2439 | @@ -0,0 +1,66 @@ |
2440 | +From e25ff4f02fae2c006408a8fa1283320cd81ff87d Mon Sep 17 00:00:00 2001 |
2441 | +From: Peter Jones <pjones@redhat.com> |
2442 | +Date: Wed, 15 Apr 2020 15:45:02 -0400 |
2443 | +Subject: yylex: Make lexer fatal errors actually be fatal |
2444 | + |
2445 | +When presented with a command that can't be tokenized to anything |
2446 | +smaller than YYLMAX characters, the parser calls YY_FATAL_ERROR(errmsg), |
2447 | +expecting that will stop further processing, as such: |
2448 | + |
2449 | + #define YY_DO_BEFORE_ACTION \ |
2450 | + yyg->yytext_ptr = yy_bp; \ |
2451 | + yyleng = (int) (yy_cp - yy_bp); \ |
2452 | + yyg->yy_hold_char = *yy_cp; \ |
2453 | + *yy_cp = '\0'; \ |
2454 | + if ( yyleng >= YYLMAX ) \ |
2455 | + YY_FATAL_ERROR( "token too large, exceeds YYLMAX" ); \ |
2456 | + yy_flex_strncpy( yytext, yyg->yytext_ptr, yyleng + 1 , yyscanner); \ |
2457 | + yyg->yy_c_buf_p = yy_cp; |
2458 | + |
2459 | +The code flex generates expects that YY_FATAL_ERROR() will either return |
2460 | +for it or do some form of longjmp(), or handle the error in some way at |
2461 | +least, and so the strncpy() call isn't in an "else" clause, and thus if |
2462 | +YY_FATAL_ERROR() is *not* actually fatal, it does the call with the |
2463 | +questionable limit, and predictable results ensue. |
2464 | + |
2465 | +Unfortunately, our implementation of YY_FATAL_ERROR() is: |
2466 | + |
2467 | + #define YY_FATAL_ERROR(msg) \ |
2468 | + do { \ |
2469 | + grub_printf (_("fatal error: %s\n"), _(msg)); \ |
2470 | + } while (0) |
2471 | + |
2472 | +The same pattern exists in yyless(), and similar problems exist in users |
2473 | +of YY_INPUT(), several places in the main parsing loop, |
2474 | +yy_get_next_buffer(), yy_load_buffer_state(), yyensure_buffer_stack, |
2475 | +yy_scan_buffer(), etc. |
2476 | + |
2477 | +All of these callers expect YY_FATAL_ERROR() to actually be fatal, and |
2478 | +the things they do if it returns after calling it are wildly unsafe. |
2479 | + |
2480 | +Fixes: CVE-2020-10713 |
2481 | + |
2482 | +Signed-off-by: Peter Jones <pjones@redhat.com> |
2483 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
2484 | +--- |
2485 | + grub-core/script/yylex.l | 4 ++-- |
2486 | + 1 file changed, 2 insertions(+), 2 deletions(-) |
2487 | + |
2488 | +diff --git a/grub-core/script/yylex.l b/grub-core/script/yylex.l |
2489 | +index 7b44c37b76..b7203c8230 100644 |
2490 | +--- a/grub-core/script/yylex.l |
2491 | ++++ b/grub-core/script/yylex.l |
2492 | +@@ -37,11 +37,11 @@ |
2493 | + |
2494 | + /* |
2495 | + * As we don't have access to yyscanner, we cannot do much except to |
2496 | +- * print the fatal error. |
2497 | ++ * print the fatal error and exit. |
2498 | + */ |
2499 | + #define YY_FATAL_ERROR(msg) \ |
2500 | + do { \ |
2501 | +- grub_printf (_("fatal error: %s\n"), _(msg)); \ |
2502 | ++ grub_fatal (_("fatal error: %s\n"), _(msg));\ |
2503 | + } while (0) |
2504 | + |
2505 | + #define COPY(str, hint) \ |
2506 | diff --git a/debian/patches/0082-safemath-Add-some-arithmetic-primitives-that-check-f.patch b/debian/patches/0082-safemath-Add-some-arithmetic-primitives-that-check-f.patch |
2507 | new file mode 100644 |
2508 | index 0000000..b87a7fb |
2509 | --- /dev/null |
2510 | +++ b/debian/patches/0082-safemath-Add-some-arithmetic-primitives-that-check-f.patch |
2511 | @@ -0,0 +1,120 @@ |
2512 | +From daa399d191529cbbe465cfe3ecf5e90cada76786 Mon Sep 17 00:00:00 2001 |
2513 | +From: Peter Jones <pjones@redhat.com> |
2514 | +Date: Mon, 15 Jun 2020 10:58:42 -0400 |
2515 | +Subject: safemath: Add some arithmetic primitives that check for overflow |
2516 | + |
2517 | +This adds a new header, include/grub/safemath.h, that includes easy to |
2518 | +use wrappers for __builtin_{add,sub,mul}_overflow() declared like: |
2519 | + |
2520 | + bool OP(a, b, res) |
2521 | + |
2522 | +where OP is grub_add, grub_sub or grub_mul. OP() returns true in the |
2523 | +case where the operation would overflow and res is not modified. |
2524 | +Otherwise, false is returned and the operation is executed. |
2525 | + |
2526 | +These arithmetic primitives require newer compiler versions. So, bump |
2527 | +these requirements in the INSTALL file too. |
2528 | + |
2529 | +Signed-off-by: Peter Jones <pjones@redhat.com> |
2530 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
2531 | +--- |
2532 | + INSTALL | 22 ++-------------------- |
2533 | + include/grub/compiler.h | 8 ++++++++ |
2534 | + include/grub/safemath.h | 37 +++++++++++++++++++++++++++++++++++++ |
2535 | + 3 files changed, 47 insertions(+), 20 deletions(-) |
2536 | + create mode 100644 include/grub/safemath.h |
2537 | + |
2538 | +diff --git a/INSTALL b/INSTALL |
2539 | +index 342c158e91..991479b521 100644 |
2540 | +--- a/INSTALL |
2541 | ++++ b/INSTALL |
2542 | +@@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If |
2543 | + you don't have any of them, please obtain and install them before |
2544 | + configuring the GRUB. |
2545 | + |
2546 | +-* GCC 4.1.3 or later |
2547 | +- Note: older versions may work but support is limited |
2548 | +- |
2549 | +- Experimental support for clang 3.3 or later (results in much bigger binaries) |
2550 | ++* GCC 5.1.0 or later |
2551 | ++ Experimental support for clang 3.8.0 or later (results in much bigger binaries) |
2552 | + for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64 |
2553 | +- Note: clang 3.2 or later works for i386 and x86_64 targets but results in |
2554 | +- much bigger binaries. |
2555 | +- earlier versions not tested |
2556 | +- Note: clang 3.2 or later works for arm |
2557 | +- earlier versions not tested |
2558 | +- Note: clang on arm64 is not supported due to |
2559 | +- https://llvm.org/bugs/show_bug.cgi?id=26030 |
2560 | +- Note: clang 3.3 or later works for mips(el) |
2561 | +- earlier versions fail to generate .reginfo and hence gprel relocations |
2562 | +- fail. |
2563 | +- Note: clang 3.2 or later works for powerpc |
2564 | +- earlier versions not tested |
2565 | +- Note: clang 3.5 or later works for sparc64 |
2566 | +- earlier versions return "error: unable to interface with target machine" |
2567 | +- Note: clang has no support for ia64 and hence you can't compile GRUB |
2568 | +- for ia64 with clang |
2569 | + * GNU Make |
2570 | + * GNU Bison 2.3 or later |
2571 | + * GNU gettext 0.17 or later |
2572 | +diff --git a/include/grub/compiler.h b/include/grub/compiler.h |
2573 | +index c9e1d7a73d..8f3be3ae70 100644 |
2574 | +--- a/include/grub/compiler.h |
2575 | ++++ b/include/grub/compiler.h |
2576 | +@@ -48,4 +48,12 @@ |
2577 | + # define WARN_UNUSED_RESULT |
2578 | + #endif |
2579 | + |
2580 | ++#if defined(__clang__) && defined(__clang_major__) && defined(__clang_minor__) |
2581 | ++# define CLANG_PREREQ(maj,min) \ |
2582 | ++ ((__clang_major__ > (maj)) || \ |
2583 | ++ (__clang_major__ == (maj) && __clang_minor__ >= (min))) |
2584 | ++#else |
2585 | ++# define CLANG_PREREQ(maj,min) 0 |
2586 | ++#endif |
2587 | ++ |
2588 | + #endif /* ! GRUB_COMPILER_HEADER */ |
2589 | +diff --git a/include/grub/safemath.h b/include/grub/safemath.h |
2590 | +new file mode 100644 |
2591 | +index 0000000000..c17b89bba1 |
2592 | +--- /dev/null |
2593 | ++++ b/include/grub/safemath.h |
2594 | +@@ -0,0 +1,37 @@ |
2595 | ++/* |
2596 | ++ * GRUB -- GRand Unified Bootloader |
2597 | ++ * Copyright (C) 2020 Free Software Foundation, Inc. |
2598 | ++ * |
2599 | ++ * GRUB is free software: you can redistribute it and/or modify |
2600 | ++ * it under the terms of the GNU General Public License as published by |
2601 | ++ * the Free Software Foundation, either version 3 of the License, or |
2602 | ++ * (at your option) any later version. |
2603 | ++ * |
2604 | ++ * GRUB is distributed in the hope that it will be useful, |
2605 | ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
2606 | ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
2607 | ++ * GNU General Public License for more details. |
2608 | ++ * |
2609 | ++ * You should have received a copy of the GNU General Public License |
2610 | ++ * along with GRUB. If not, see <http://www.gnu.org/licenses/>. |
2611 | ++ * |
2612 | ++ * Arithmetic operations that protect against overflow. |
2613 | ++ */ |
2614 | ++ |
2615 | ++#ifndef GRUB_SAFEMATH_H |
2616 | ++#define GRUB_SAFEMATH_H 1 |
2617 | ++ |
2618 | ++#include <grub/compiler.h> |
2619 | ++ |
2620 | ++/* These appear in gcc 5.1 and clang 3.8. */ |
2621 | ++#if GNUC_PREREQ(5, 1) || CLANG_PREREQ(3, 8) |
2622 | ++ |
2623 | ++#define grub_add(a, b, res) __builtin_add_overflow(a, b, res) |
2624 | ++#define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res) |
2625 | ++#define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res) |
2626 | ++ |
2627 | ++#else |
2628 | ++#error gcc 5.1 or newer or clang 3.8 or newer is required |
2629 | ++#endif |
2630 | ++ |
2631 | ++#endif /* GRUB_SAFEMATH_H */ |
2632 | diff --git a/debian/patches/0083-calloc-Make-sure-we-always-have-an-overflow-checking.patch b/debian/patches/0083-calloc-Make-sure-we-always-have-an-overflow-checking.patch |
2633 | new file mode 100644 |
2634 | index 0000000..6238eee |
2635 | --- /dev/null |
2636 | +++ b/debian/patches/0083-calloc-Make-sure-we-always-have-an-overflow-checking.patch |
2637 | @@ -0,0 +1,239 @@ |
2638 | +From 5cffb625b814199eff98b73c34a92879b17fd5ac Mon Sep 17 00:00:00 2001 |
2639 | +From: Peter Jones <pjones@redhat.com> |
2640 | +Date: Mon, 15 Jun 2020 12:15:29 -0400 |
2641 | +Subject: calloc: Make sure we always have an overflow-checking calloc() |
2642 | + available |
2643 | + |
2644 | +This tries to make sure that everywhere in this source tree, we always have |
2645 | +an appropriate version of calloc() (i.e. grub_calloc(), xcalloc(), etc.) |
2646 | +available, and that they all safely check for overflow and return NULL when |
2647 | +it would occur. |
2648 | + |
2649 | +Signed-off-by: Peter Jones <pjones@redhat.com> |
2650 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
2651 | +--- |
2652 | + grub-core/kern/emu/misc.c | 12 +++++++++ |
2653 | + grub-core/kern/emu/mm.c | 10 ++++++++ |
2654 | + grub-core/kern/mm.c | 40 ++++++++++++++++++++++++++++++ |
2655 | + grub-core/lib/libgcrypt_wrap/mem.c | 11 ++++++-- |
2656 | + grub-core/lib/posix_wrap/stdlib.h | 8 +++++- |
2657 | + include/grub/emu/misc.h | 1 + |
2658 | + include/grub/mm.h | 6 +++++ |
2659 | + 7 files changed, 85 insertions(+), 3 deletions(-) |
2660 | + |
2661 | +diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c |
2662 | +index 65db79baa1..dfd8a8ec48 100644 |
2663 | +--- a/grub-core/kern/emu/misc.c |
2664 | ++++ b/grub-core/kern/emu/misc.c |
2665 | +@@ -85,6 +85,18 @@ grub_util_error (const char *fmt, ...) |
2666 | + exit (1); |
2667 | + } |
2668 | + |
2669 | ++void * |
2670 | ++xcalloc (grub_size_t nmemb, grub_size_t size) |
2671 | ++{ |
2672 | ++ void *p; |
2673 | ++ |
2674 | ++ p = calloc (nmemb, size); |
2675 | ++ if (!p) |
2676 | ++ grub_util_error ("%s", _("out of memory")); |
2677 | ++ |
2678 | ++ return p; |
2679 | ++} |
2680 | ++ |
2681 | + void * |
2682 | + xmalloc (grub_size_t size) |
2683 | + { |
2684 | +diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c |
2685 | +index f262e95e38..145b01d371 100644 |
2686 | +--- a/grub-core/kern/emu/mm.c |
2687 | ++++ b/grub-core/kern/emu/mm.c |
2688 | +@@ -25,6 +25,16 @@ |
2689 | + #include <string.h> |
2690 | + #include <grub/i18n.h> |
2691 | + |
2692 | ++void * |
2693 | ++grub_calloc (grub_size_t nmemb, grub_size_t size) |
2694 | ++{ |
2695 | ++ void *ret; |
2696 | ++ ret = calloc (nmemb, size); |
2697 | ++ if (!ret) |
2698 | ++ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); |
2699 | ++ return ret; |
2700 | ++} |
2701 | ++ |
2702 | + void * |
2703 | + grub_malloc (grub_size_t size) |
2704 | + { |
2705 | +diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c |
2706 | +index ee88ff6118..f2822a8364 100644 |
2707 | +--- a/grub-core/kern/mm.c |
2708 | ++++ b/grub-core/kern/mm.c |
2709 | +@@ -67,8 +67,10 @@ |
2710 | + #include <grub/dl.h> |
2711 | + #include <grub/i18n.h> |
2712 | + #include <grub/mm_private.h> |
2713 | ++#include <grub/safemath.h> |
2714 | + |
2715 | + #ifdef MM_DEBUG |
2716 | ++# undef grub_calloc |
2717 | + # undef grub_malloc |
2718 | + # undef grub_zalloc |
2719 | + # undef grub_realloc |
2720 | +@@ -375,6 +377,30 @@ grub_memalign (grub_size_t align, grub_size_t size) |
2721 | + return 0; |
2722 | + } |
2723 | + |
2724 | ++/* |
2725 | ++ * Allocate NMEMB instances of SIZE bytes and return the pointer, or error on |
2726 | ++ * integer overflow. |
2727 | ++ */ |
2728 | ++void * |
2729 | ++grub_calloc (grub_size_t nmemb, grub_size_t size) |
2730 | ++{ |
2731 | ++ void *ret; |
2732 | ++ grub_size_t sz = 0; |
2733 | ++ |
2734 | ++ if (grub_mul (nmemb, size, &sz)) |
2735 | ++ { |
2736 | ++ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected")); |
2737 | ++ return NULL; |
2738 | ++ } |
2739 | ++ |
2740 | ++ ret = grub_memalign (0, sz); |
2741 | ++ if (!ret) |
2742 | ++ return NULL; |
2743 | ++ |
2744 | ++ grub_memset (ret, 0, sz); |
2745 | ++ return ret; |
2746 | ++} |
2747 | ++ |
2748 | + /* Allocate SIZE bytes and return the pointer. */ |
2749 | + void * |
2750 | + grub_malloc (grub_size_t size) |
2751 | +@@ -561,6 +587,20 @@ grub_mm_dump (unsigned lineno) |
2752 | + grub_printf ("\n"); |
2753 | + } |
2754 | + |
2755 | ++void * |
2756 | ++grub_debug_calloc (const char *file, int line, grub_size_t nmemb, grub_size_t size) |
2757 | ++{ |
2758 | ++ void *ptr; |
2759 | ++ |
2760 | ++ if (grub_mm_debug) |
2761 | ++ grub_printf ("%s:%d: calloc (0x%" PRIxGRUB_SIZE ", 0x%" PRIxGRUB_SIZE ") = ", |
2762 | ++ file, line, size); |
2763 | ++ ptr = grub_calloc (nmemb, size); |
2764 | ++ if (grub_mm_debug) |
2765 | ++ grub_printf ("%p\n", ptr); |
2766 | ++ return ptr; |
2767 | ++} |
2768 | ++ |
2769 | + void * |
2770 | + grub_debug_malloc (const char *file, int line, grub_size_t size) |
2771 | + { |
2772 | +diff --git a/grub-core/lib/libgcrypt_wrap/mem.c b/grub-core/lib/libgcrypt_wrap/mem.c |
2773 | +index beeb661a3c..74c6eafe52 100644 |
2774 | +--- a/grub-core/lib/libgcrypt_wrap/mem.c |
2775 | ++++ b/grub-core/lib/libgcrypt_wrap/mem.c |
2776 | +@@ -4,6 +4,7 @@ |
2777 | + #include <grub/crypto.h> |
2778 | + #include <grub/dl.h> |
2779 | + #include <grub/env.h> |
2780 | ++#include <grub/safemath.h> |
2781 | + |
2782 | + GRUB_MOD_LICENSE ("GPLv3+"); |
2783 | + |
2784 | +@@ -36,7 +37,10 @@ void * |
2785 | + gcry_xcalloc (size_t n, size_t m) |
2786 | + { |
2787 | + void *ret; |
2788 | +- ret = grub_zalloc (n * m); |
2789 | ++ size_t sz; |
2790 | ++ if (grub_mul (n, m, &sz)) |
2791 | ++ grub_fatal ("gcry_xcalloc would overflow"); |
2792 | ++ ret = grub_zalloc (sz); |
2793 | + if (!ret) |
2794 | + grub_fatal ("gcry_xcalloc failed"); |
2795 | + return ret; |
2796 | +@@ -56,7 +60,10 @@ void * |
2797 | + gcry_xcalloc_secure (size_t n, size_t m) |
2798 | + { |
2799 | + void *ret; |
2800 | +- ret = grub_zalloc (n * m); |
2801 | ++ size_t sz; |
2802 | ++ if (grub_mul (n, m, &sz)) |
2803 | ++ grub_fatal ("gcry_xcalloc would overflow"); |
2804 | ++ ret = grub_zalloc (sz); |
2805 | + if (!ret) |
2806 | + grub_fatal ("gcry_xcalloc failed"); |
2807 | + return ret; |
2808 | +diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h |
2809 | +index 3b46f47ff5..7a8d385e97 100644 |
2810 | +--- a/grub-core/lib/posix_wrap/stdlib.h |
2811 | ++++ b/grub-core/lib/posix_wrap/stdlib.h |
2812 | +@@ -21,6 +21,7 @@ |
2813 | + |
2814 | + #include <grub/mm.h> |
2815 | + #include <grub/misc.h> |
2816 | ++#include <grub/safemath.h> |
2817 | + |
2818 | + static inline void |
2819 | + free (void *ptr) |
2820 | +@@ -37,7 +38,12 @@ malloc (grub_size_t size) |
2821 | + static inline void * |
2822 | + calloc (grub_size_t size, grub_size_t nelem) |
2823 | + { |
2824 | +- return grub_zalloc (size * nelem); |
2825 | ++ grub_size_t sz; |
2826 | ++ |
2827 | ++ if (grub_mul (size, nelem, &sz)) |
2828 | ++ return NULL; |
2829 | ++ |
2830 | ++ return grub_zalloc (sz); |
2831 | + } |
2832 | + |
2833 | + static inline void * |
2834 | +diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h |
2835 | +index ce464cfd00..ff9c48a649 100644 |
2836 | +--- a/include/grub/emu/misc.h |
2837 | ++++ b/include/grub/emu/misc.h |
2838 | +@@ -47,6 +47,7 @@ grub_util_device_is_mapped (const char *dev); |
2839 | + #define GRUB_HOST_PRIuLONG_LONG "llu" |
2840 | + #define GRUB_HOST_PRIxLONG_LONG "llx" |
2841 | + |
2842 | ++void * EXPORT_FUNC(xcalloc) (grub_size_t nmemb, grub_size_t size) WARN_UNUSED_RESULT; |
2843 | + void * EXPORT_FUNC(xmalloc) (grub_size_t size) WARN_UNUSED_RESULT; |
2844 | + void * EXPORT_FUNC(xrealloc) (void *ptr, grub_size_t size) WARN_UNUSED_RESULT; |
2845 | + char * EXPORT_FUNC(xstrdup) (const char *str) WARN_UNUSED_RESULT; |
2846 | +diff --git a/include/grub/mm.h b/include/grub/mm.h |
2847 | +index 28e2e53eb3..9c38dd3ca5 100644 |
2848 | +--- a/include/grub/mm.h |
2849 | ++++ b/include/grub/mm.h |
2850 | +@@ -29,6 +29,7 @@ |
2851 | + #endif |
2852 | + |
2853 | + void grub_mm_init_region (void *addr, grub_size_t size); |
2854 | ++void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size); |
2855 | + void *EXPORT_FUNC(grub_malloc) (grub_size_t size); |
2856 | + void *EXPORT_FUNC(grub_zalloc) (grub_size_t size); |
2857 | + void EXPORT_FUNC(grub_free) (void *ptr); |
2858 | +@@ -48,6 +49,9 @@ extern int EXPORT_VAR(grub_mm_debug); |
2859 | + void grub_mm_dump_free (void); |
2860 | + void grub_mm_dump (unsigned lineno); |
2861 | + |
2862 | ++#define grub_calloc(nmemb, size) \ |
2863 | ++ grub_debug_calloc (GRUB_FILE, __LINE__, nmemb, size) |
2864 | ++ |
2865 | + #define grub_malloc(size) \ |
2866 | + grub_debug_malloc (GRUB_FILE, __LINE__, size) |
2867 | + |
2868 | +@@ -63,6 +67,8 @@ void grub_mm_dump (unsigned lineno); |
2869 | + #define grub_free(ptr) \ |
2870 | + grub_debug_free (GRUB_FILE, __LINE__, ptr) |
2871 | + |
2872 | ++void *EXPORT_FUNC(grub_debug_calloc) (const char *file, int line, |
2873 | ++ grub_size_t nmemb, grub_size_t size); |
2874 | + void *EXPORT_FUNC(grub_debug_malloc) (const char *file, int line, |
2875 | + grub_size_t size); |
2876 | + void *EXPORT_FUNC(grub_debug_zalloc) (const char *file, int line, |
2877 | diff --git a/debian/patches/0084-calloc-Use-calloc-at-most-places.patch b/debian/patches/0084-calloc-Use-calloc-at-most-places.patch |
2878 | new file mode 100644 |
2879 | index 0000000..ac5217f |
2880 | --- /dev/null |
2881 | +++ b/debian/patches/0084-calloc-Use-calloc-at-most-places.patch |
2882 | @@ -0,0 +1,1833 @@ |
2883 | +From 855173c18eab34ad93f21f5c509fe0e91bfd1c44 Mon Sep 17 00:00:00 2001 |
2884 | +From: Peter Jones <pjones@redhat.com> |
2885 | +Date: Mon, 15 Jun 2020 12:26:01 -0400 |
2886 | +Subject: calloc: Use calloc() at most places |
2887 | + |
2888 | +This modifies most of the places we do some form of: |
2889 | + |
2890 | + X = malloc(Y * Z); |
2891 | + |
2892 | +to use calloc(Y, Z) instead. |
2893 | + |
2894 | +Among other issues, this fixes: |
2895 | + - allocation of integer overflow in grub_png_decode_image_header() |
2896 | + reported by Chris Coulson, |
2897 | + - allocation of integer overflow in luks_recover_key() |
2898 | + reported by Chris Coulson, |
2899 | + - allocation of integer overflow in grub_lvm_detect() |
2900 | + reported by Chris Coulson. |
2901 | + |
2902 | +Fixes: CVE-2020-14308 |
2903 | + |
2904 | +Signed-off-by: Peter Jones <pjones@redhat.com> |
2905 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
2906 | +--- |
2907 | + grub-core/bus/usb/usbhub.c | 8 ++++---- |
2908 | + grub-core/commands/efi/lsefisystab.c | 3 ++- |
2909 | + grub-core/commands/legacycfg.c | 6 +++--- |
2910 | + grub-core/commands/menuentry.c | 2 +- |
2911 | + grub-core/commands/nativedisk.c | 2 +- |
2912 | + grub-core/commands/parttool.c | 12 +++++++++--- |
2913 | + grub-core/commands/regexp.c | 2 +- |
2914 | + grub-core/commands/search_wrap.c | 2 +- |
2915 | + grub-core/disk/diskfilter.c | 4 ++-- |
2916 | + grub-core/disk/ieee1275/ofdisk.c | 2 +- |
2917 | + grub-core/disk/ldm.c | 14 +++++++------- |
2918 | + grub-core/disk/luks.c | 2 +- |
2919 | + grub-core/disk/lvm.c | 8 ++++---- |
2920 | + grub-core/disk/xen/xendisk.c | 2 +- |
2921 | + grub-core/efiemu/loadcore.c | 2 +- |
2922 | + grub-core/efiemu/mm.c | 6 +++--- |
2923 | + grub-core/font/font.c | 3 +-- |
2924 | + grub-core/fs/affs.c | 6 +++--- |
2925 | + grub-core/fs/btrfs.c | 6 +++--- |
2926 | + grub-core/fs/hfs.c | 2 +- |
2927 | + grub-core/fs/hfsplus.c | 6 +++--- |
2928 | + grub-core/fs/iso9660.c | 2 +- |
2929 | + grub-core/fs/ntfs.c | 4 ++-- |
2930 | + grub-core/fs/sfs.c | 2 +- |
2931 | + grub-core/fs/tar.c | 2 +- |
2932 | + grub-core/fs/udf.c | 4 ++-- |
2933 | + grub-core/fs/zfs/zfs.c | 4 ++-- |
2934 | + grub-core/gfxmenu/gui_string_util.c | 2 +- |
2935 | + grub-core/gfxmenu/widget-box.c | 4 ++-- |
2936 | + grub-core/io/gzio.c | 2 +- |
2937 | + grub-core/kern/efi/efi.c | 6 +++--- |
2938 | + grub-core/kern/emu/hostdisk.c | 2 +- |
2939 | + grub-core/kern/fs.c | 2 +- |
2940 | + grub-core/kern/misc.c | 2 +- |
2941 | + grub-core/kern/parser.c | 2 +- |
2942 | + grub-core/kern/uboot/uboot.c | 2 +- |
2943 | + grub-core/lib/libgcrypt/cipher/ac.c | 8 ++++---- |
2944 | + grub-core/lib/libgcrypt/cipher/primegen.c | 4 ++-- |
2945 | + grub-core/lib/libgcrypt/cipher/pubkey.c | 4 ++-- |
2946 | + grub-core/lib/priority_queue.c | 2 +- |
2947 | + grub-core/lib/reed_solomon.c | 7 +++---- |
2948 | + grub-core/lib/relocator.c | 10 +++++----- |
2949 | + grub-core/lib/zstd/fse_decompress.c | 2 +- |
2950 | + grub-core/loader/arm/linux.c | 2 +- |
2951 | + grub-core/loader/efi/chainloader.c | 2 +- |
2952 | + grub-core/loader/i386/bsdXX.c | 2 +- |
2953 | + grub-core/loader/i386/xnu.c | 4 ++-- |
2954 | + grub-core/loader/macho.c | 2 +- |
2955 | + grub-core/loader/multiboot_elfxx.c | 2 +- |
2956 | + grub-core/loader/xnu.c | 2 +- |
2957 | + grub-core/mmap/mmap.c | 4 ++-- |
2958 | + grub-core/net/bootp.c | 2 +- |
2959 | + grub-core/net/dns.c | 10 +++++----- |
2960 | + grub-core/net/net.c | 4 ++-- |
2961 | + grub-core/normal/charset.c | 10 +++++----- |
2962 | + grub-core/normal/cmdline.c | 14 +++++++------- |
2963 | + grub-core/normal/menu_entry.c | 14 +++++++------- |
2964 | + grub-core/normal/menu_text.c | 4 ++-- |
2965 | + grub-core/normal/term.c | 4 ++-- |
2966 | + grub-core/osdep/linux/getroot.c | 6 +++--- |
2967 | + grub-core/osdep/unix/config.c | 2 +- |
2968 | + grub-core/osdep/windows/getroot.c | 2 +- |
2969 | + grub-core/osdep/windows/hostdisk.c | 4 ++-- |
2970 | + grub-core/osdep/windows/init.c | 2 +- |
2971 | + grub-core/osdep/windows/platform.c | 4 ++-- |
2972 | + grub-core/osdep/windows/relpath.c | 2 +- |
2973 | + grub-core/partmap/gpt.c | 2 +- |
2974 | + grub-core/partmap/msdos.c | 2 +- |
2975 | + grub-core/script/execute.c | 2 +- |
2976 | + grub-core/tests/fake_input.c | 2 +- |
2977 | + grub-core/tests/video_checksum.c | 6 +++--- |
2978 | + grub-core/video/capture.c | 2 +- |
2979 | + grub-core/video/emu/sdl.c | 2 +- |
2980 | + grub-core/video/i386/pc/vga.c | 2 +- |
2981 | + grub-core/video/readers/png.c | 2 +- |
2982 | + include/grub/unicode.h | 4 ++-- |
2983 | + util/getroot.c | 2 +- |
2984 | + util/grub-file.c | 2 +- |
2985 | + util/grub-fstest.c | 4 ++-- |
2986 | + util/grub-install-common.c | 2 +- |
2987 | + util/grub-install.c | 4 ++-- |
2988 | + util/grub-mkimagexx.c | 6 ++---- |
2989 | + util/grub-mkrescue.c | 4 ++-- |
2990 | + util/grub-mkstandalone.c | 2 +- |
2991 | + util/grub-pe2elf.c | 12 +++++------- |
2992 | + util/grub-probe.c | 4 ++-- |
2993 | + 86 files changed, 176 insertions(+), 175 deletions(-) |
2994 | + |
2995 | +diff --git a/grub-core/bus/usb/usbhub.c b/grub-core/bus/usb/usbhub.c |
2996 | +index 34a7ff1b5f..a06cce302d 100644 |
2997 | +--- a/grub-core/bus/usb/usbhub.c |
2998 | ++++ b/grub-core/bus/usb/usbhub.c |
2999 | +@@ -149,8 +149,8 @@ grub_usb_add_hub (grub_usb_device_t dev) |
3000 | + grub_usb_set_configuration (dev, 1); |
3001 | + |
3002 | + dev->nports = hubdesc.portcnt; |
3003 | +- dev->children = grub_zalloc (hubdesc.portcnt * sizeof (dev->children[0])); |
3004 | +- dev->ports = grub_zalloc (dev->nports * sizeof (dev->ports[0])); |
3005 | ++ dev->children = grub_calloc (hubdesc.portcnt, sizeof (dev->children[0])); |
3006 | ++ dev->ports = grub_calloc (dev->nports, sizeof (dev->ports[0])); |
3007 | + if (!dev->children || !dev->ports) |
3008 | + { |
3009 | + grub_free (dev->children); |
3010 | +@@ -268,8 +268,8 @@ grub_usb_controller_dev_register_iter (grub_usb_controller_t controller, void *d |
3011 | + |
3012 | + /* Query the number of ports the root Hub has. */ |
3013 | + hub->nports = controller->dev->hubports (controller); |
3014 | +- hub->devices = grub_zalloc (sizeof (hub->devices[0]) * hub->nports); |
3015 | +- hub->ports = grub_zalloc (sizeof (hub->ports[0]) * hub->nports); |
3016 | ++ hub->devices = grub_calloc (hub->nports, sizeof (hub->devices[0])); |
3017 | ++ hub->ports = grub_calloc (hub->nports, sizeof (hub->ports[0])); |
3018 | + if (!hub->devices || !hub->ports) |
3019 | + { |
3020 | + grub_free (hub->devices); |
3021 | +diff --git a/grub-core/commands/efi/lsefisystab.c b/grub-core/commands/efi/lsefisystab.c |
3022 | +index 902788250e..d29188efaf 100644 |
3023 | +--- a/grub-core/commands/efi/lsefisystab.c |
3024 | ++++ b/grub-core/commands/efi/lsefisystab.c |
3025 | +@@ -73,7 +73,8 @@ grub_cmd_lsefisystab (struct grub_command *cmd __attribute__ ((unused)), |
3026 | + grub_printf ("Vendor: "); |
3027 | + |
3028 | + for (vendor_utf16 = st->firmware_vendor; *vendor_utf16; vendor_utf16++); |
3029 | +- vendor = grub_malloc (4 * (vendor_utf16 - st->firmware_vendor) + 1); |
3030 | ++ /* Allocate extra 3 bytes to simplify math. */ |
3031 | ++ vendor = grub_calloc (4, vendor_utf16 - st->firmware_vendor + 1); |
3032 | + if (!vendor) |
3033 | + return grub_errno; |
3034 | + *grub_utf16_to_utf8 ((grub_uint8_t *) vendor, st->firmware_vendor, |
3035 | +diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c |
3036 | +index db7a8f0027..5e3ec0d5e4 100644 |
3037 | +--- a/grub-core/commands/legacycfg.c |
3038 | ++++ b/grub-core/commands/legacycfg.c |
3039 | +@@ -314,7 +314,7 @@ grub_cmd_legacy_kernel (struct grub_command *mycmd __attribute__ ((unused)), |
3040 | + if (argc < 2) |
3041 | + return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); |
3042 | + |
3043 | +- cutargs = grub_malloc (sizeof (cutargs[0]) * (argc - 1)); |
3044 | ++ cutargs = grub_calloc (argc - 1, sizeof (cutargs[0])); |
3045 | + if (!cutargs) |
3046 | + return grub_errno; |
3047 | + cutargc = argc - 1; |
3048 | +@@ -436,7 +436,7 @@ grub_cmd_legacy_kernel (struct grub_command *mycmd __attribute__ ((unused)), |
3049 | + { |
3050 | + char rbuf[3] = "-r"; |
3051 | + bsdargc = cutargc + 2; |
3052 | +- bsdargs = grub_malloc (sizeof (bsdargs[0]) * bsdargc); |
3053 | ++ bsdargs = grub_calloc (bsdargc, sizeof (bsdargs[0])); |
3054 | + if (!bsdargs) |
3055 | + { |
3056 | + err = grub_errno; |
3057 | +@@ -559,7 +559,7 @@ grub_cmd_legacy_initrdnounzip (struct grub_command *mycmd __attribute__ ((unused |
3058 | + return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("can't find command `%s'"), |
3059 | + "module"); |
3060 | + |
3061 | +- newargs = grub_malloc ((argc + 1) * sizeof (newargs[0])); |
3062 | ++ newargs = grub_calloc (argc + 1, sizeof (newargs[0])); |
3063 | + if (!newargs) |
3064 | + return grub_errno; |
3065 | + grub_memcpy (newargs + 1, args, argc * sizeof (newargs[0])); |
3066 | +diff --git a/grub-core/commands/menuentry.c b/grub-core/commands/menuentry.c |
3067 | +index 2c5363da7f..9164df744a 100644 |
3068 | +--- a/grub-core/commands/menuentry.c |
3069 | ++++ b/grub-core/commands/menuentry.c |
3070 | +@@ -154,7 +154,7 @@ grub_normal_add_menu_entry (int argc, const char **args, |
3071 | + goto fail; |
3072 | + |
3073 | + /* Save argc, args to pass as parameters to block arg later. */ |
3074 | +- menu_args = grub_malloc (sizeof (char*) * (argc + 1)); |
3075 | ++ menu_args = grub_calloc (argc + 1, sizeof (char *)); |
3076 | + if (! menu_args) |
3077 | + goto fail; |
3078 | + |
3079 | +diff --git a/grub-core/commands/nativedisk.c b/grub-core/commands/nativedisk.c |
3080 | +index 699447d11e..7c8f97f6ad 100644 |
3081 | +--- a/grub-core/commands/nativedisk.c |
3082 | ++++ b/grub-core/commands/nativedisk.c |
3083 | +@@ -195,7 +195,7 @@ grub_cmd_nativedisk (grub_command_t cmd __attribute__ ((unused)), |
3084 | + else |
3085 | + path_prefix = prefix; |
3086 | + |
3087 | +- mods = grub_malloc (argc * sizeof (mods[0])); |
3088 | ++ mods = grub_calloc (argc, sizeof (mods[0])); |
3089 | + if (!mods) |
3090 | + return grub_errno; |
3091 | + |
3092 | +diff --git a/grub-core/commands/parttool.c b/grub-core/commands/parttool.c |
3093 | +index 22b46b1874..051e31320e 100644 |
3094 | +--- a/grub-core/commands/parttool.c |
3095 | ++++ b/grub-core/commands/parttool.c |
3096 | +@@ -59,7 +59,13 @@ grub_parttool_register(const char *part_name, |
3097 | + for (nargs = 0; args[nargs].name != 0; nargs++); |
3098 | + cur->nargs = nargs; |
3099 | + cur->args = (struct grub_parttool_argdesc *) |
3100 | +- grub_malloc ((nargs + 1) * sizeof (struct grub_parttool_argdesc)); |
3101 | ++ grub_calloc (nargs + 1, sizeof (struct grub_parttool_argdesc)); |
3102 | ++ if (!cur->args) |
3103 | ++ { |
3104 | ++ grub_free (cur); |
3105 | ++ curhandle--; |
3106 | ++ return -1; |
3107 | ++ } |
3108 | + grub_memcpy (cur->args, args, |
3109 | + (nargs + 1) * sizeof (struct grub_parttool_argdesc)); |
3110 | + |
3111 | +@@ -257,7 +263,7 @@ grub_cmd_parttool (grub_command_t cmd __attribute__ ((unused)), |
3112 | + return err; |
3113 | + } |
3114 | + |
3115 | +- parsed = (int *) grub_zalloc (argc * sizeof (int)); |
3116 | ++ parsed = (int *) grub_calloc (argc, sizeof (int)); |
3117 | + |
3118 | + for (i = 1; i < argc; i++) |
3119 | + if (! parsed[i]) |
3120 | +@@ -290,7 +296,7 @@ grub_cmd_parttool (grub_command_t cmd __attribute__ ((unused)), |
3121 | + } |
3122 | + ptool = cur; |
3123 | + pargs = (struct grub_parttool_args *) |
3124 | +- grub_zalloc (ptool->nargs * sizeof (struct grub_parttool_args)); |
3125 | ++ grub_calloc (ptool->nargs, sizeof (struct grub_parttool_args)); |
3126 | + for (j = i; j < argc; j++) |
3127 | + if (! parsed[j]) |
3128 | + { |
3129 | +diff --git a/grub-core/commands/regexp.c b/grub-core/commands/regexp.c |
3130 | +index f00b184c81..4019164f36 100644 |
3131 | +--- a/grub-core/commands/regexp.c |
3132 | ++++ b/grub-core/commands/regexp.c |
3133 | +@@ -116,7 +116,7 @@ grub_cmd_regexp (grub_extcmd_context_t ctxt, int argc, char **args) |
3134 | + if (ret) |
3135 | + goto fail; |
3136 | + |
3137 | +- matches = grub_zalloc (sizeof (*matches) * (regex.re_nsub + 1)); |
3138 | ++ matches = grub_calloc (regex.re_nsub + 1, sizeof (*matches)); |
3139 | + if (! matches) |
3140 | + goto fail; |
3141 | + |
3142 | +diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c |
3143 | +index d7fd26b940..47fc8eb996 100644 |
3144 | +--- a/grub-core/commands/search_wrap.c |
3145 | ++++ b/grub-core/commands/search_wrap.c |
3146 | +@@ -122,7 +122,7 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) |
3147 | + for (i = 0; state[SEARCH_HINT_BAREMETAL].args[i]; i++) |
3148 | + nhints++; |
3149 | + |
3150 | +- hints = grub_malloc (sizeof (hints[0]) * nhints); |
3151 | ++ hints = grub_calloc (nhints, sizeof (hints[0])); |
3152 | + if (!hints) |
3153 | + return grub_errno; |
3154 | + j = 0; |
3155 | +diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c |
3156 | +index c3b578acf2..68ca9e0be9 100644 |
3157 | +--- a/grub-core/disk/diskfilter.c |
3158 | ++++ b/grub-core/disk/diskfilter.c |
3159 | +@@ -1134,7 +1134,7 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb, |
3160 | + array->lvs->segments->node_count = nmemb; |
3161 | + array->lvs->segments->raid_member_size = disk_size; |
3162 | + array->lvs->segments->nodes |
3163 | +- = grub_zalloc (nmemb * sizeof (array->lvs->segments->nodes[0])); |
3164 | ++ = grub_calloc (nmemb, sizeof (array->lvs->segments->nodes[0])); |
3165 | + array->lvs->segments->stripe_size = stripe_size; |
3166 | + for (i = 0; i < nmemb; i++) |
3167 | + { |
3168 | +@@ -1226,7 +1226,7 @@ insert_array (grub_disk_t disk, const struct grub_diskfilter_pv_id *id, |
3169 | + grub_partition_t p; |
3170 | + for (p = disk->partition; p; p = p->parent) |
3171 | + s++; |
3172 | +- pv->partmaps = xmalloc (s * sizeof (pv->partmaps[0])); |
3173 | ++ pv->partmaps = xcalloc (s, sizeof (pv->partmaps[0])); |
3174 | + s = 0; |
3175 | + for (p = disk->partition; p; p = p->parent) |
3176 | + pv->partmaps[s++] = xstrdup (p->partmap->name); |
3177 | +diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c |
3178 | +index f73257e66d..03674cb477 100644 |
3179 | +--- a/grub-core/disk/ieee1275/ofdisk.c |
3180 | ++++ b/grub-core/disk/ieee1275/ofdisk.c |
3181 | +@@ -297,7 +297,7 @@ dev_iterate (const struct grub_ieee1275_devalias *alias) |
3182 | + /* Power machines documentation specify 672 as maximum SAS disks in |
3183 | + one system. Using a slightly larger value to be safe. */ |
3184 | + table_size = 768; |
3185 | +- table = grub_malloc (table_size * sizeof (grub_uint64_t)); |
3186 | ++ table = grub_calloc (table_size, sizeof (grub_uint64_t)); |
3187 | + |
3188 | + if (!table) |
3189 | + { |
3190 | +diff --git a/grub-core/disk/ldm.c b/grub-core/disk/ldm.c |
3191 | +index 2a22d2d6c1..e6323701ab 100644 |
3192 | +--- a/grub-core/disk/ldm.c |
3193 | ++++ b/grub-core/disk/ldm.c |
3194 | +@@ -323,8 +323,8 @@ make_vg (grub_disk_t disk, |
3195 | + lv->segments->type = GRUB_DISKFILTER_MIRROR; |
3196 | + lv->segments->node_count = 0; |
3197 | + lv->segments->node_alloc = 8; |
3198 | +- lv->segments->nodes = grub_zalloc (sizeof (*lv->segments->nodes) |
3199 | +- * lv->segments->node_alloc); |
3200 | ++ lv->segments->nodes = grub_calloc (lv->segments->node_alloc, |
3201 | ++ sizeof (*lv->segments->nodes)); |
3202 | + if (!lv->segments->nodes) |
3203 | + goto fail2; |
3204 | + ptr = vblk[i].dynamic; |
3205 | +@@ -543,8 +543,8 @@ make_vg (grub_disk_t disk, |
3206 | + { |
3207 | + comp->segment_alloc = 8; |
3208 | + comp->segment_count = 0; |
3209 | +- comp->segments = grub_malloc (sizeof (*comp->segments) |
3210 | +- * comp->segment_alloc); |
3211 | ++ comp->segments = grub_calloc (comp->segment_alloc, |
3212 | ++ sizeof (*comp->segments)); |
3213 | + if (!comp->segments) |
3214 | + goto fail2; |
3215 | + } |
3216 | +@@ -590,8 +590,8 @@ make_vg (grub_disk_t disk, |
3217 | + } |
3218 | + comp->segments->node_count = read_int (ptr + 1, *ptr); |
3219 | + comp->segments->node_alloc = comp->segments->node_count; |
3220 | +- comp->segments->nodes = grub_zalloc (sizeof (*comp->segments->nodes) |
3221 | +- * comp->segments->node_alloc); |
3222 | ++ comp->segments->nodes = grub_calloc (comp->segments->node_alloc, |
3223 | ++ sizeof (*comp->segments->nodes)); |
3224 | + if (!lv->segments->nodes) |
3225 | + goto fail2; |
3226 | + } |
3227 | +@@ -1017,7 +1017,7 @@ grub_util_ldm_embed (struct grub_disk *disk, unsigned int *nsectors, |
3228 | + *nsectors = lv->size; |
3229 | + if (*nsectors > max_nsectors) |
3230 | + *nsectors = max_nsectors; |
3231 | +- *sectors = grub_malloc (*nsectors * sizeof (**sectors)); |
3232 | ++ *sectors = grub_calloc (*nsectors, sizeof (**sectors)); |
3233 | + if (!*sectors) |
3234 | + return grub_errno; |
3235 | + for (i = 0; i < *nsectors; i++) |
3236 | +diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c |
3237 | +index 86c50c6121..18b3a8bb1d 100644 |
3238 | +--- a/grub-core/disk/luks.c |
3239 | ++++ b/grub-core/disk/luks.c |
3240 | +@@ -336,7 +336,7 @@ luks_recover_key (grub_disk_t source, |
3241 | + && grub_be_to_cpu32 (header.keyblock[i].stripes) > max_stripes) |
3242 | + max_stripes = grub_be_to_cpu32 (header.keyblock[i].stripes); |
3243 | + |
3244 | +- split_key = grub_malloc (keysize * max_stripes); |
3245 | ++ split_key = grub_calloc (keysize, max_stripes); |
3246 | + if (!split_key) |
3247 | + return grub_errno; |
3248 | + |
3249 | +diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c |
3250 | +index 7b265c780c..d1df640b31 100644 |
3251 | +--- a/grub-core/disk/lvm.c |
3252 | ++++ b/grub-core/disk/lvm.c |
3253 | +@@ -173,7 +173,7 @@ grub_lvm_detect (grub_disk_t disk, |
3254 | + first one. */ |
3255 | + |
3256 | + /* Allocate buffer space for the circular worst-case scenario. */ |
3257 | +- metadatabuf = grub_malloc (2 * mda_size); |
3258 | ++ metadatabuf = grub_calloc (2, mda_size); |
3259 | + if (! metadatabuf) |
3260 | + goto fail; |
3261 | + |
3262 | +@@ -426,7 +426,7 @@ grub_lvm_detect (grub_disk_t disk, |
3263 | + #endif |
3264 | + goto lvs_fail; |
3265 | + } |
3266 | +- lv->segments = grub_zalloc (sizeof (*seg) * lv->segment_count); |
3267 | ++ lv->segments = grub_calloc (lv->segment_count, sizeof (*seg)); |
3268 | + seg = lv->segments; |
3269 | + |
3270 | + for (i = 0; i < lv->segment_count; i++) |
3271 | +@@ -483,8 +483,8 @@ grub_lvm_detect (grub_disk_t disk, |
3272 | + if (seg->node_count != 1) |
3273 | + seg->stripe_size = grub_lvm_getvalue (&p, "stripe_size = "); |
3274 | + |
3275 | +- seg->nodes = grub_zalloc (sizeof (*stripe) |
3276 | +- * seg->node_count); |
3277 | ++ seg->nodes = grub_calloc (seg->node_count, |
3278 | ++ sizeof (*stripe)); |
3279 | + stripe = seg->nodes; |
3280 | + |
3281 | + p = grub_strstr (p, "stripes = ["); |
3282 | +diff --git a/grub-core/disk/xen/xendisk.c b/grub-core/disk/xen/xendisk.c |
3283 | +index 48476cbbf9..d6612eebd7 100644 |
3284 | +--- a/grub-core/disk/xen/xendisk.c |
3285 | ++++ b/grub-core/disk/xen/xendisk.c |
3286 | +@@ -426,7 +426,7 @@ grub_xendisk_init (void) |
3287 | + if (!ctr) |
3288 | + return; |
3289 | + |
3290 | +- virtdisks = grub_malloc (ctr * sizeof (virtdisks[0])); |
3291 | ++ virtdisks = grub_calloc (ctr, sizeof (virtdisks[0])); |
3292 | + if (!virtdisks) |
3293 | + return; |
3294 | + if (grub_xenstore_dir ("device/vbd", fill, &ctr)) |
3295 | +diff --git a/grub-core/efiemu/loadcore.c b/grub-core/efiemu/loadcore.c |
3296 | +index 44085ef818..2b924623f5 100644 |
3297 | +--- a/grub-core/efiemu/loadcore.c |
3298 | ++++ b/grub-core/efiemu/loadcore.c |
3299 | +@@ -201,7 +201,7 @@ grub_efiemu_count_symbols (const Elf_Ehdr *e) |
3300 | + |
3301 | + grub_efiemu_nelfsyms = (unsigned) s->sh_size / (unsigned) s->sh_entsize; |
3302 | + grub_efiemu_elfsyms = (struct grub_efiemu_elf_sym *) |
3303 | +- grub_malloc (sizeof (struct grub_efiemu_elf_sym) * grub_efiemu_nelfsyms); |
3304 | ++ grub_calloc (grub_efiemu_nelfsyms, sizeof (struct grub_efiemu_elf_sym)); |
3305 | + |
3306 | + /* Relocators */ |
3307 | + for (i = 0, s = (Elf_Shdr *) ((char *) e + e->e_shoff); |
3308 | +diff --git a/grub-core/efiemu/mm.c b/grub-core/efiemu/mm.c |
3309 | +index 52a032f7b2..9b8e0d0ad1 100644 |
3310 | +--- a/grub-core/efiemu/mm.c |
3311 | ++++ b/grub-core/efiemu/mm.c |
3312 | +@@ -554,11 +554,11 @@ grub_efiemu_mmap_sort_and_uniq (void) |
3313 | + /* Initialize variables*/ |
3314 | + grub_memset (present, 0, sizeof (int) * GRUB_EFI_MAX_MEMORY_TYPE); |
3315 | + scanline_events = (struct grub_efiemu_mmap_scan *) |
3316 | +- grub_malloc (sizeof (struct grub_efiemu_mmap_scan) * 2 * mmap_num); |
3317 | ++ grub_calloc (mmap_num, sizeof (struct grub_efiemu_mmap_scan) * 2); |
3318 | + |
3319 | + /* Number of chunks can't increase more than by factor of 2 */ |
3320 | + result = (grub_efi_memory_descriptor_t *) |
3321 | +- grub_malloc (sizeof (grub_efi_memory_descriptor_t) * 2 * mmap_num); |
3322 | ++ grub_calloc (mmap_num, sizeof (grub_efi_memory_descriptor_t) * 2); |
3323 | + if (!result || !scanline_events) |
3324 | + { |
3325 | + grub_free (result); |
3326 | +@@ -660,7 +660,7 @@ grub_efiemu_mm_do_alloc (void) |
3327 | + |
3328 | + /* Preallocate mmap */ |
3329 | + efiemu_mmap = (grub_efi_memory_descriptor_t *) |
3330 | +- grub_malloc (mmap_reserved_size * sizeof (grub_efi_memory_descriptor_t)); |
3331 | ++ grub_calloc (mmap_reserved_size, sizeof (grub_efi_memory_descriptor_t)); |
3332 | + if (!efiemu_mmap) |
3333 | + { |
3334 | + grub_efiemu_unload (); |
3335 | +diff --git a/grub-core/font/font.c b/grub-core/font/font.c |
3336 | +index 85a292557a..8e118b315c 100644 |
3337 | +--- a/grub-core/font/font.c |
3338 | ++++ b/grub-core/font/font.c |
3339 | +@@ -293,8 +293,7 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct |
3340 | + font->num_chars = sect_length / FONT_CHAR_INDEX_ENTRY_SIZE; |
3341 | + |
3342 | + /* Allocate the character index array. */ |
3343 | +- font->char_index = grub_malloc (font->num_chars |
3344 | +- * sizeof (struct char_index_entry)); |
3345 | ++ font->char_index = grub_calloc (font->num_chars, sizeof (struct char_index_entry)); |
3346 | + if (!font->char_index) |
3347 | + return 1; |
3348 | + font->bmp_idx = grub_malloc (0x10000 * sizeof (grub_uint16_t)); |
3349 | +diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c |
3350 | +index 6b6a2bc913..220b3712f2 100644 |
3351 | +--- a/grub-core/fs/affs.c |
3352 | ++++ b/grub-core/fs/affs.c |
3353 | +@@ -301,7 +301,7 @@ grub_affs_read_symlink (grub_fshelp_node_t node) |
3354 | + return 0; |
3355 | + } |
3356 | + latin1[symlink_size] = 0; |
3357 | +- utf8 = grub_malloc (symlink_size * GRUB_MAX_UTF8_PER_LATIN1 + 1); |
3358 | ++ utf8 = grub_calloc (GRUB_MAX_UTF8_PER_LATIN1 + 1, symlink_size); |
3359 | + if (!utf8) |
3360 | + { |
3361 | + grub_free (latin1); |
3362 | +@@ -422,7 +422,7 @@ grub_affs_iterate_dir (grub_fshelp_node_t dir, |
3363 | + return 1; |
3364 | + } |
3365 | + |
3366 | +- hashtable = grub_zalloc (data->htsize * sizeof (*hashtable)); |
3367 | ++ hashtable = grub_calloc (data->htsize, sizeof (*hashtable)); |
3368 | + if (!hashtable) |
3369 | + return 1; |
3370 | + |
3371 | +@@ -628,7 +628,7 @@ grub_affs_label (grub_device_t device, char **label) |
3372 | + len = file.namelen; |
3373 | + if (len > sizeof (file.name)) |
3374 | + len = sizeof (file.name); |
3375 | +- *label = grub_malloc (len * GRUB_MAX_UTF8_PER_LATIN1 + 1); |
3376 | ++ *label = grub_calloc (GRUB_MAX_UTF8_PER_LATIN1 + 1, len); |
3377 | + if (*label) |
3378 | + *grub_latin1_to_utf8 ((grub_uint8_t *) *label, file.name, len) = '\0'; |
3379 | + } |
3380 | +diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c |
3381 | +index 48bd3d04a5..11272efc1a 100644 |
3382 | +--- a/grub-core/fs/btrfs.c |
3383 | ++++ b/grub-core/fs/btrfs.c |
3384 | +@@ -413,7 +413,7 @@ lower_bound (struct grub_btrfs_data *data, |
3385 | + { |
3386 | + desc->allocated = 16; |
3387 | + desc->depth = 0; |
3388 | +- desc->data = grub_malloc (sizeof (desc->data[0]) * desc->allocated); |
3389 | ++ desc->data = grub_calloc (desc->allocated, sizeof (desc->data[0])); |
3390 | + if (!desc->data) |
3391 | + return grub_errno; |
3392 | + } |
3393 | +@@ -752,7 +752,7 @@ raid56_read_retry (struct grub_btrfs_data *data, |
3394 | + grub_err_t ret = GRUB_ERR_OUT_OF_MEMORY; |
3395 | + grub_uint64_t i, failed_devices; |
3396 | + |
3397 | +- buffers = grub_zalloc (sizeof(*buffers) * nstripes); |
3398 | ++ buffers = grub_calloc (nstripes, sizeof (*buffers)); |
3399 | + if (!buffers) |
3400 | + goto cleanup; |
3401 | + |
3402 | +@@ -2160,7 +2160,7 @@ grub_btrfs_embed (grub_device_t device __attribute__ ((unused)), |
3403 | + *nsectors = 64 * 2 - 1; |
3404 | + if (*nsectors > max_nsectors) |
3405 | + *nsectors = max_nsectors; |
3406 | +- *sectors = grub_malloc (*nsectors * sizeof (**sectors)); |
3407 | ++ *sectors = grub_calloc (*nsectors, sizeof (**sectors)); |
3408 | + if (!*sectors) |
3409 | + return grub_errno; |
3410 | + for (i = 0; i < *nsectors; i++) |
3411 | +diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c |
3412 | +index ac0a40990e..3fe842b4d8 100644 |
3413 | +--- a/grub-core/fs/hfs.c |
3414 | ++++ b/grub-core/fs/hfs.c |
3415 | +@@ -1360,7 +1360,7 @@ grub_hfs_label (grub_device_t device, char **label) |
3416 | + grub_size_t len = data->sblock.volname[0]; |
3417 | + if (len > sizeof (data->sblock.volname) - 1) |
3418 | + len = sizeof (data->sblock.volname) - 1; |
3419 | +- *label = grub_malloc (len * MAX_UTF8_PER_MAC_ROMAN + 1); |
3420 | ++ *label = grub_calloc (MAX_UTF8_PER_MAC_ROMAN + 1, len); |
3421 | + if (*label) |
3422 | + macroman_to_utf8 (*label, data->sblock.volname + 1, |
3423 | + len + 1, 0); |
3424 | +diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c |
3425 | +index 54786bb1c6..dae43becc9 100644 |
3426 | +--- a/grub-core/fs/hfsplus.c |
3427 | ++++ b/grub-core/fs/hfsplus.c |
3428 | +@@ -720,7 +720,7 @@ list_nodes (void *record, void *hook_arg) |
3429 | + if (! filename) |
3430 | + return 0; |
3431 | + |
3432 | +- keyname = grub_malloc (grub_be_to_cpu16 (catkey->namelen) * sizeof (*keyname)); |
3433 | ++ keyname = grub_calloc (grub_be_to_cpu16 (catkey->namelen), sizeof (*keyname)); |
3434 | + if (!keyname) |
3435 | + { |
3436 | + grub_free (filename); |
3437 | +@@ -1007,7 +1007,7 @@ grub_hfsplus_label (grub_device_t device, char **label) |
3438 | + grub_hfsplus_btree_recptr (&data->catalog_tree, node, ptr); |
3439 | + |
3440 | + label_len = grub_be_to_cpu16 (catkey->namelen); |
3441 | +- label_name = grub_malloc (label_len * sizeof (*label_name)); |
3442 | ++ label_name = grub_calloc (label_len, sizeof (*label_name)); |
3443 | + if (!label_name) |
3444 | + { |
3445 | + grub_free (node); |
3446 | +@@ -1029,7 +1029,7 @@ grub_hfsplus_label (grub_device_t device, char **label) |
3447 | + } |
3448 | + } |
3449 | + |
3450 | +- *label = grub_malloc (label_len * GRUB_MAX_UTF8_PER_UTF16 + 1); |
3451 | ++ *label = grub_calloc (label_len, GRUB_MAX_UTF8_PER_UTF16 + 1); |
3452 | + if (! *label) |
3453 | + { |
3454 | + grub_free (label_name); |
3455 | +diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c |
3456 | +index 49c0c632bf..4f1b52a552 100644 |
3457 | +--- a/grub-core/fs/iso9660.c |
3458 | ++++ b/grub-core/fs/iso9660.c |
3459 | +@@ -331,7 +331,7 @@ grub_iso9660_convert_string (grub_uint8_t *us, int len) |
3460 | + int i; |
3461 | + grub_uint16_t t[MAX_NAMELEN / 2 + 1]; |
3462 | + |
3463 | +- p = grub_malloc (len * GRUB_MAX_UTF8_PER_UTF16 + 1); |
3464 | ++ p = grub_calloc (len, GRUB_MAX_UTF8_PER_UTF16 + 1); |
3465 | + if (! p) |
3466 | + return NULL; |
3467 | + |
3468 | +diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c |
3469 | +index fc4e1f678d..2f34f76da8 100644 |
3470 | +--- a/grub-core/fs/ntfs.c |
3471 | ++++ b/grub-core/fs/ntfs.c |
3472 | +@@ -556,8 +556,8 @@ get_utf8 (grub_uint8_t *in, grub_size_t len) |
3473 | + grub_uint16_t *tmp; |
3474 | + grub_size_t i; |
3475 | + |
3476 | +- buf = grub_malloc (len * GRUB_MAX_UTF8_PER_UTF16 + 1); |
3477 | +- tmp = grub_malloc (len * sizeof (tmp[0])); |
3478 | ++ buf = grub_calloc (len, GRUB_MAX_UTF8_PER_UTF16 + 1); |
3479 | ++ tmp = grub_calloc (len, sizeof (tmp[0])); |
3480 | + if (!buf || !tmp) |
3481 | + { |
3482 | + grub_free (buf); |
3483 | +diff --git a/grub-core/fs/sfs.c b/grub-core/fs/sfs.c |
3484 | +index 50c1fe72f4..90f7fb3791 100644 |
3485 | +--- a/grub-core/fs/sfs.c |
3486 | ++++ b/grub-core/fs/sfs.c |
3487 | +@@ -266,7 +266,7 @@ grub_sfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock) |
3488 | + node->next_extent = node->block; |
3489 | + node->cache_size = 0; |
3490 | + |
3491 | +- node->cache = grub_malloc (sizeof (node->cache[0]) * cache_size); |
3492 | ++ node->cache = grub_calloc (cache_size, sizeof (node->cache[0])); |
3493 | + if (!node->cache) |
3494 | + { |
3495 | + grub_errno = 0; |
3496 | +diff --git a/grub-core/fs/tar.c b/grub-core/fs/tar.c |
3497 | +index 7d63e0c99c..c551ed6b52 100644 |
3498 | +--- a/grub-core/fs/tar.c |
3499 | ++++ b/grub-core/fs/tar.c |
3500 | +@@ -120,7 +120,7 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name, |
3501 | + if (data->linkname_alloc < linksize + 1) |
3502 | + { |
3503 | + char *n; |
3504 | +- n = grub_malloc (2 * (linksize + 1)); |
3505 | ++ n = grub_calloc (2, linksize + 1); |
3506 | + if (!n) |
3507 | + return grub_errno; |
3508 | + grub_free (data->linkname); |
3509 | +diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c |
3510 | +index dc8b6e2d1c..a83761674a 100644 |
3511 | +--- a/grub-core/fs/udf.c |
3512 | ++++ b/grub-core/fs/udf.c |
3513 | +@@ -873,7 +873,7 @@ read_string (const grub_uint8_t *raw, grub_size_t sz, char *outbuf) |
3514 | + { |
3515 | + unsigned i; |
3516 | + utf16len = sz - 1; |
3517 | +- utf16 = grub_malloc (utf16len * sizeof (utf16[0])); |
3518 | ++ utf16 = grub_calloc (utf16len, sizeof (utf16[0])); |
3519 | + if (!utf16) |
3520 | + return NULL; |
3521 | + for (i = 0; i < utf16len; i++) |
3522 | +@@ -883,7 +883,7 @@ read_string (const grub_uint8_t *raw, grub_size_t sz, char *outbuf) |
3523 | + { |
3524 | + unsigned i; |
3525 | + utf16len = (sz - 1) / 2; |
3526 | +- utf16 = grub_malloc (utf16len * sizeof (utf16[0])); |
3527 | ++ utf16 = grub_calloc (utf16len, sizeof (utf16[0])); |
3528 | + if (!utf16) |
3529 | + return NULL; |
3530 | + for (i = 0; i < utf16len; i++) |
3531 | +diff --git a/grub-core/fs/zfs/zfs.c b/grub-core/fs/zfs/zfs.c |
3532 | +index 2f72e42bf8..381dde556d 100644 |
3533 | +--- a/grub-core/fs/zfs/zfs.c |
3534 | ++++ b/grub-core/fs/zfs/zfs.c |
3535 | +@@ -3325,7 +3325,7 @@ dnode_get_fullpath (const char *fullpath, struct subvolume *subvol, |
3536 | + } |
3537 | + subvol->nkeys = 0; |
3538 | + zap_iterate (&keychain_dn, 8, count_zap_keys, &ctx, data); |
3539 | +- subvol->keyring = grub_zalloc (subvol->nkeys * sizeof (subvol->keyring[0])); |
3540 | ++ subvol->keyring = grub_calloc (subvol->nkeys, sizeof (subvol->keyring[0])); |
3541 | + if (!subvol->keyring) |
3542 | + { |
3543 | + grub_free (fsname); |
3544 | +@@ -4336,7 +4336,7 @@ grub_zfs_embed (grub_device_t device __attribute__ ((unused)), |
3545 | + *nsectors = (VDEV_BOOT_SIZE >> GRUB_DISK_SECTOR_BITS); |
3546 | + if (*nsectors > max_nsectors) |
3547 | + *nsectors = max_nsectors; |
3548 | +- *sectors = grub_malloc (*nsectors * sizeof (**sectors)); |
3549 | ++ *sectors = grub_calloc (*nsectors, sizeof (**sectors)); |
3550 | + if (!*sectors) |
3551 | + return grub_errno; |
3552 | + for (i = 0; i < *nsectors; i++) |
3553 | +diff --git a/grub-core/gfxmenu/gui_string_util.c b/grub-core/gfxmenu/gui_string_util.c |
3554 | +index a9a415e312..ba1e1eab31 100644 |
3555 | +--- a/grub-core/gfxmenu/gui_string_util.c |
3556 | ++++ b/grub-core/gfxmenu/gui_string_util.c |
3557 | +@@ -55,7 +55,7 @@ canonicalize_path (const char *path) |
3558 | + if (*p == '/') |
3559 | + components++; |
3560 | + |
3561 | +- char **path_array = grub_malloc (components * sizeof (*path_array)); |
3562 | ++ char **path_array = grub_calloc (components, sizeof (*path_array)); |
3563 | + if (! path_array) |
3564 | + return 0; |
3565 | + |
3566 | +diff --git a/grub-core/gfxmenu/widget-box.c b/grub-core/gfxmenu/widget-box.c |
3567 | +index b606028891..470597ded2 100644 |
3568 | +--- a/grub-core/gfxmenu/widget-box.c |
3569 | ++++ b/grub-core/gfxmenu/widget-box.c |
3570 | +@@ -303,10 +303,10 @@ grub_gfxmenu_create_box (const char *pixmaps_prefix, |
3571 | + box->content_height = 0; |
3572 | + box->raw_pixmaps = |
3573 | + (struct grub_video_bitmap **) |
3574 | +- grub_malloc (BOX_NUM_PIXMAPS * sizeof (struct grub_video_bitmap *)); |
3575 | ++ grub_calloc (BOX_NUM_PIXMAPS, sizeof (struct grub_video_bitmap *)); |
3576 | + box->scaled_pixmaps = |
3577 | + (struct grub_video_bitmap **) |
3578 | +- grub_malloc (BOX_NUM_PIXMAPS * sizeof (struct grub_video_bitmap *)); |
3579 | ++ grub_calloc (BOX_NUM_PIXMAPS, sizeof (struct grub_video_bitmap *)); |
3580 | + |
3581 | + /* Initialize all pixmap pointers to NULL so that proper destruction can |
3582 | + be performed if an error is encountered partway through construction. */ |
3583 | +diff --git a/grub-core/io/gzio.c b/grub-core/io/gzio.c |
3584 | +index 6208a97636..43d98a7bdf 100644 |
3585 | +--- a/grub-core/io/gzio.c |
3586 | ++++ b/grub-core/io/gzio.c |
3587 | +@@ -554,7 +554,7 @@ huft_build (unsigned *b, /* code lengths in bits (all assumed <= BMAX) */ |
3588 | + z = 1 << j; /* table entries for j-bit table */ |
3589 | + |
3590 | + /* allocate and link in new table */ |
3591 | +- q = (struct huft *) grub_zalloc ((z + 1) * sizeof (struct huft)); |
3592 | ++ q = (struct huft *) grub_calloc (z + 1, sizeof (struct huft)); |
3593 | + if (! q) |
3594 | + { |
3595 | + if (h) |
3596 | +diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c |
3597 | +index 6e1ceb9051..dc31caa213 100644 |
3598 | +--- a/grub-core/kern/efi/efi.c |
3599 | ++++ b/grub-core/kern/efi/efi.c |
3600 | +@@ -202,7 +202,7 @@ grub_efi_set_variable(const char *var, const grub_efi_guid_t *guid, |
3601 | + |
3602 | + len = grub_strlen (var); |
3603 | + len16 = len * GRUB_MAX_UTF16_PER_UTF8; |
3604 | +- var16 = grub_malloc ((len16 + 1) * sizeof (var16[0])); |
3605 | ++ var16 = grub_calloc (len16 + 1, sizeof (var16[0])); |
3606 | + if (!var16) |
3607 | + return grub_errno; |
3608 | + len16 = grub_utf8_to_utf16 (var16, len16, (grub_uint8_t *) var, len, NULL); |
3609 | +@@ -237,7 +237,7 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, |
3610 | + |
3611 | + len = grub_strlen (var); |
3612 | + len16 = len * GRUB_MAX_UTF16_PER_UTF8; |
3613 | +- var16 = grub_malloc ((len16 + 1) * sizeof (var16[0])); |
3614 | ++ var16 = grub_calloc (len16 + 1, sizeof (var16[0])); |
3615 | + if (!var16) |
3616 | + return NULL; |
3617 | + len16 = grub_utf8_to_utf16 (var16, len16, (grub_uint8_t *) var, len, NULL); |
3618 | +@@ -383,7 +383,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0) |
3619 | + while (len > 0 && fp->path_name[len - 1] == 0) |
3620 | + len--; |
3621 | + |
3622 | +- dup_name = grub_malloc (len * sizeof (*dup_name)); |
3623 | ++ dup_name = grub_calloc (len, sizeof (*dup_name)); |
3624 | + if (!dup_name) |
3625 | + { |
3626 | + grub_free (name); |
3627 | +diff --git a/grub-core/kern/emu/hostdisk.c b/grub-core/kern/emu/hostdisk.c |
3628 | +index 8ac5239538..f90b6c9ce4 100644 |
3629 | +--- a/grub-core/kern/emu/hostdisk.c |
3630 | ++++ b/grub-core/kern/emu/hostdisk.c |
3631 | +@@ -627,7 +627,7 @@ static char * |
3632 | + grub_util_path_concat_real (size_t n, int ext, va_list ap) |
3633 | + { |
3634 | + size_t totlen = 0; |
3635 | +- char **l = xmalloc ((n + ext) * sizeof (l[0])); |
3636 | ++ char **l = xcalloc (n + ext, sizeof (l[0])); |
3637 | + char *r, *p, *pi; |
3638 | + size_t i; |
3639 | + int first = 1; |
3640 | +diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c |
3641 | +index 2b85f4950b..f90be6566b 100644 |
3642 | +--- a/grub-core/kern/fs.c |
3643 | ++++ b/grub-core/kern/fs.c |
3644 | +@@ -151,7 +151,7 @@ grub_fs_blocklist_open (grub_file_t file, const char *name) |
3645 | + while (p); |
3646 | + |
3647 | + /* Allocate a block list. */ |
3648 | +- blocks = grub_zalloc (sizeof (struct grub_fs_block) * (num + 1)); |
3649 | ++ blocks = grub_calloc (num + 1, sizeof (struct grub_fs_block)); |
3650 | + if (! blocks) |
3651 | + return 0; |
3652 | + |
3653 | +diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c |
3654 | +index 18cad5803b..83c068d61b 100644 |
3655 | +--- a/grub-core/kern/misc.c |
3656 | ++++ b/grub-core/kern/misc.c |
3657 | +@@ -691,7 +691,7 @@ parse_printf_args (const char *fmt0, struct printf_args *args, |
3658 | + args->ptr = args->prealloc; |
3659 | + else |
3660 | + { |
3661 | +- args->ptr = grub_malloc (args->count * sizeof (args->ptr[0])); |
3662 | ++ args->ptr = grub_calloc (args->count, sizeof (args->ptr[0])); |
3663 | + if (!args->ptr) |
3664 | + { |
3665 | + grub_errno = GRUB_ERR_NONE; |
3666 | +diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c |
3667 | +index 78175aac2d..619db3122a 100644 |
3668 | +--- a/grub-core/kern/parser.c |
3669 | ++++ b/grub-core/kern/parser.c |
3670 | +@@ -213,7 +213,7 @@ grub_parser_split_cmdline (const char *cmdline, |
3671 | + return grub_errno; |
3672 | + grub_memcpy (args, buffer, bp - buffer); |
3673 | + |
3674 | +- *argv = grub_malloc (sizeof (char *) * (*argc + 1)); |
3675 | ++ *argv = grub_calloc (*argc + 1, sizeof (char *)); |
3676 | + if (!*argv) |
3677 | + { |
3678 | + grub_free (args); |
3679 | +diff --git a/grub-core/kern/uboot/uboot.c b/grub-core/kern/uboot/uboot.c |
3680 | +index be4816fe6f..aac8f9ae1f 100644 |
3681 | +--- a/grub-core/kern/uboot/uboot.c |
3682 | ++++ b/grub-core/kern/uboot/uboot.c |
3683 | +@@ -133,7 +133,7 @@ grub_uboot_dev_enum (void) |
3684 | + return num_devices; |
3685 | + |
3686 | + max_devices = 2; |
3687 | +- enum_devices = grub_malloc (sizeof(struct device_info) * max_devices); |
3688 | ++ enum_devices = grub_calloc (max_devices, sizeof(struct device_info)); |
3689 | + if (!enum_devices) |
3690 | + return 0; |
3691 | + |
3692 | +diff --git a/grub-core/lib/libgcrypt/cipher/ac.c b/grub-core/lib/libgcrypt/cipher/ac.c |
3693 | +index f5e946a2d8..63f6fcd11e 100644 |
3694 | +--- a/grub-core/lib/libgcrypt/cipher/ac.c |
3695 | ++++ b/grub-core/lib/libgcrypt/cipher/ac.c |
3696 | +@@ -185,7 +185,7 @@ ac_data_mpi_copy (gcry_ac_mpi_t *data_mpis, unsigned int data_mpis_n, |
3697 | + gcry_mpi_t mpi; |
3698 | + char *label; |
3699 | + |
3700 | +- data_mpis_new = gcry_malloc (sizeof (*data_mpis_new) * data_mpis_n); |
3701 | ++ data_mpis_new = gcry_calloc (data_mpis_n, sizeof (*data_mpis_new)); |
3702 | + if (! data_mpis_new) |
3703 | + { |
3704 | + err = gcry_error_from_errno (errno); |
3705 | +@@ -572,7 +572,7 @@ _gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp, |
3706 | + } |
3707 | + |
3708 | + /* Add MPI list. */ |
3709 | +- arg_list = gcry_malloc (sizeof (*arg_list) * (data_n + 1)); |
3710 | ++ arg_list = gcry_calloc (data_n + 1, sizeof (*arg_list)); |
3711 | + if (! arg_list) |
3712 | + { |
3713 | + err = gcry_error_from_errno (errno); |
3714 | +@@ -1283,7 +1283,7 @@ ac_data_construct (const char *identifier, int include_flags, |
3715 | + /* We build a list of arguments to pass to |
3716 | + gcry_sexp_build_array(). */ |
3717 | + data_length = _gcry_ac_data_length (data); |
3718 | +- arg_list = gcry_malloc (sizeof (*arg_list) * (data_length * 2)); |
3719 | ++ arg_list = gcry_calloc (data_length, sizeof (*arg_list) * 2); |
3720 | + if (! arg_list) |
3721 | + { |
3722 | + err = gcry_error_from_errno (errno); |
3723 | +@@ -1593,7 +1593,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits, |
3724 | + arg_list_n += 2; |
3725 | + |
3726 | + /* Allocate list. */ |
3727 | +- arg_list = gcry_malloc (sizeof (*arg_list) * arg_list_n); |
3728 | ++ arg_list = gcry_calloc (arg_list_n, sizeof (*arg_list)); |
3729 | + if (! arg_list) |
3730 | + { |
3731 | + err = gcry_error_from_errno (errno); |
3732 | +diff --git a/grub-core/lib/libgcrypt/cipher/primegen.c b/grub-core/lib/libgcrypt/cipher/primegen.c |
3733 | +index 2788e349fa..b12e79b192 100644 |
3734 | +--- a/grub-core/lib/libgcrypt/cipher/primegen.c |
3735 | ++++ b/grub-core/lib/libgcrypt/cipher/primegen.c |
3736 | +@@ -383,7 +383,7 @@ prime_generate_internal (int need_q_factor, |
3737 | + } |
3738 | + |
3739 | + /* Allocate an array to track pool usage. */ |
3740 | +- pool_in_use = gcry_malloc (n * sizeof *pool_in_use); |
3741 | ++ pool_in_use = gcry_calloc (n, sizeof *pool_in_use); |
3742 | + if (!pool_in_use) |
3743 | + { |
3744 | + err = gpg_err_code_from_errno (errno); |
3745 | +@@ -765,7 +765,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel, |
3746 | + if (nbits < 16) |
3747 | + log_fatal ("can't generate a prime with less than %d bits\n", 16); |
3748 | + |
3749 | +- mods = gcry_xmalloc( no_of_small_prime_numbers * sizeof *mods ); |
3750 | ++ mods = gcry_xcalloc( no_of_small_prime_numbers, sizeof *mods); |
3751 | + /* Make nbits fit into gcry_mpi_t implementation. */ |
3752 | + val_2 = mpi_alloc_set_ui( 2 ); |
3753 | + val_3 = mpi_alloc_set_ui( 3); |
3754 | +diff --git a/grub-core/lib/libgcrypt/cipher/pubkey.c b/grub-core/lib/libgcrypt/cipher/pubkey.c |
3755 | +index 910982141e..ca087ad75b 100644 |
3756 | +--- a/grub-core/lib/libgcrypt/cipher/pubkey.c |
3757 | ++++ b/grub-core/lib/libgcrypt/cipher/pubkey.c |
3758 | +@@ -2941,7 +2941,7 @@ gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey) |
3759 | + * array to a format string, so we have to do it this way :-(. */ |
3760 | + /* FIXME: There is now such a format specifier, so we can |
3761 | + change the code to be more clear. */ |
3762 | +- arg_list = malloc (nelem * sizeof *arg_list); |
3763 | ++ arg_list = calloc (nelem, sizeof *arg_list); |
3764 | + if (!arg_list) |
3765 | + { |
3766 | + rc = gpg_err_code_from_syserror (); |
3767 | +@@ -3233,7 +3233,7 @@ gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey) |
3768 | + } |
3769 | + strcpy (p, "))"); |
3770 | + |
3771 | +- arg_list = malloc (nelem * sizeof *arg_list); |
3772 | ++ arg_list = calloc (nelem, sizeof *arg_list); |
3773 | + if (!arg_list) |
3774 | + { |
3775 | + rc = gpg_err_code_from_syserror (); |
3776 | +diff --git a/grub-core/lib/priority_queue.c b/grub-core/lib/priority_queue.c |
3777 | +index 659be0b7f4..7d5e7c05aa 100644 |
3778 | +--- a/grub-core/lib/priority_queue.c |
3779 | ++++ b/grub-core/lib/priority_queue.c |
3780 | +@@ -92,7 +92,7 @@ grub_priority_queue_new (grub_size_t elsize, |
3781 | + { |
3782 | + struct grub_priority_queue *ret; |
3783 | + void *els; |
3784 | +- els = grub_malloc (elsize * 8); |
3785 | ++ els = grub_calloc (8, elsize); |
3786 | + if (!els) |
3787 | + return 0; |
3788 | + ret = (struct grub_priority_queue *) grub_malloc (sizeof (*ret)); |
3789 | +diff --git a/grub-core/lib/reed_solomon.c b/grub-core/lib/reed_solomon.c |
3790 | +index ee9fa7b4fe..467305b46a 100644 |
3791 | +--- a/grub-core/lib/reed_solomon.c |
3792 | ++++ b/grub-core/lib/reed_solomon.c |
3793 | +@@ -20,6 +20,7 @@ |
3794 | + #include <stdio.h> |
3795 | + #include <string.h> |
3796 | + #include <stdlib.h> |
3797 | ++#define xcalloc calloc |
3798 | + #define xmalloc malloc |
3799 | + #define grub_memset memset |
3800 | + #define grub_memcpy memcpy |
3801 | +@@ -158,11 +159,9 @@ rs_encode (gf_single_t *data, grub_size_t s, grub_size_t rs) |
3802 | + gf_single_t *rs_polynomial; |
3803 | + int i, j; |
3804 | + gf_single_t *m; |
3805 | +- m = xmalloc ((s + rs) * sizeof (gf_single_t)); |
3806 | ++ m = xcalloc (s + rs, sizeof (gf_single_t)); |
3807 | + grub_memcpy (m, data, s * sizeof (gf_single_t)); |
3808 | +- grub_memset (m + s, 0, rs * sizeof (gf_single_t)); |
3809 | +- rs_polynomial = xmalloc ((rs + 1) * sizeof (gf_single_t)); |
3810 | +- grub_memset (rs_polynomial, 0, (rs + 1) * sizeof (gf_single_t)); |
3811 | ++ rs_polynomial = xcalloc (rs + 1, sizeof (gf_single_t)); |
3812 | + rs_polynomial[rs] = 1; |
3813 | + /* Multiply with X - a^r */ |
3814 | + for (j = 0; j < rs; j++) |
3815 | +diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c |
3816 | +index ea3ebc719b..5847aac364 100644 |
3817 | +--- a/grub-core/lib/relocator.c |
3818 | ++++ b/grub-core/lib/relocator.c |
3819 | +@@ -495,9 +495,9 @@ malloc_in_range (struct grub_relocator *rel, |
3820 | + } |
3821 | + #endif |
3822 | + |
3823 | +- eventt = grub_malloc (maxevents * sizeof (events[0])); |
3824 | ++ eventt = grub_calloc (maxevents, sizeof (events[0])); |
3825 | + counter = grub_malloc ((DIGITSORT_MASK + 2) * sizeof (counter[0])); |
3826 | +- events = grub_malloc (maxevents * sizeof (events[0])); |
3827 | ++ events = grub_calloc (maxevents, sizeof (events[0])); |
3828 | + if (!events || !eventt || !counter) |
3829 | + { |
3830 | + grub_dprintf ("relocator", "events or counter allocation failed %d\n", |
3831 | +@@ -963,7 +963,7 @@ malloc_in_range (struct grub_relocator *rel, |
3832 | + #endif |
3833 | + unsigned cural = 0; |
3834 | + int oom = 0; |
3835 | +- res->subchunks = grub_malloc (sizeof (res->subchunks[0]) * nallocs); |
3836 | ++ res->subchunks = grub_calloc (nallocs, sizeof (res->subchunks[0])); |
3837 | + if (!res->subchunks) |
3838 | + oom = 1; |
3839 | + res->nsubchunks = nallocs; |
3840 | +@@ -1562,8 +1562,8 @@ grub_relocator_prepare_relocs (struct grub_relocator *rel, grub_addr_t addr, |
3841 | + count[(chunk->src & 0xff) + 1]++; |
3842 | + } |
3843 | + } |
3844 | +- from = grub_malloc (nchunks * sizeof (sorted[0])); |
3845 | +- to = grub_malloc (nchunks * sizeof (sorted[0])); |
3846 | ++ from = grub_calloc (nchunks, sizeof (sorted[0])); |
3847 | ++ to = grub_calloc (nchunks, sizeof (sorted[0])); |
3848 | + if (!from || !to) |
3849 | + { |
3850 | + grub_free (from); |
3851 | +diff --git a/grub-core/lib/zstd/fse_decompress.c b/grub-core/lib/zstd/fse_decompress.c |
3852 | +index 72bbead5be..2227b84bc7 100644 |
3853 | +--- a/grub-core/lib/zstd/fse_decompress.c |
3854 | ++++ b/grub-core/lib/zstd/fse_decompress.c |
3855 | +@@ -82,7 +82,7 @@ |
3856 | + FSE_DTable* FSE_createDTable (unsigned tableLog) |
3857 | + { |
3858 | + if (tableLog > FSE_TABLELOG_ABSOLUTE_MAX) tableLog = FSE_TABLELOG_ABSOLUTE_MAX; |
3859 | +- return (FSE_DTable*)malloc( FSE_DTABLE_SIZE_U32(tableLog) * sizeof (U32) ); |
3860 | ++ return (FSE_DTable*)calloc( FSE_DTABLE_SIZE_U32(tableLog), sizeof (U32) ); |
3861 | + } |
3862 | + |
3863 | + void FSE_freeDTable (FSE_DTable* dt) |
3864 | +diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c |
3865 | +index 092e8e3077..979d425dfb 100644 |
3866 | +--- a/grub-core/loader/arm/linux.c |
3867 | ++++ b/grub-core/loader/arm/linux.c |
3868 | +@@ -82,7 +82,7 @@ linux_prepare_atag (void *target_atag) |
3869 | + |
3870 | + /* some place for cmdline, initrd and terminator. */ |
3871 | + tmp_size = get_atag_size (atag_orig) + 20 + (arg_size) / 4; |
3872 | +- tmp_atag = grub_malloc (tmp_size * sizeof (grub_uint32_t)); |
3873 | ++ tmp_atag = grub_calloc (tmp_size, sizeof (grub_uint32_t)); |
3874 | + if (!tmp_atag) |
3875 | + return grub_errno; |
3876 | + |
3877 | +diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c |
3878 | +index 04e815c052..b9a2df34b1 100644 |
3879 | +--- a/grub-core/loader/efi/chainloader.c |
3880 | ++++ b/grub-core/loader/efi/chainloader.c |
3881 | +@@ -126,7 +126,7 @@ copy_file_path (grub_efi_file_path_device_path_t *fp, |
3882 | + fp->header.type = GRUB_EFI_MEDIA_DEVICE_PATH_TYPE; |
3883 | + fp->header.subtype = GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE; |
3884 | + |
3885 | +- path_name = grub_malloc (len * GRUB_MAX_UTF16_PER_UTF8 * sizeof (*path_name)); |
3886 | ++ path_name = grub_calloc (len, GRUB_MAX_UTF16_PER_UTF8 * sizeof (*path_name)); |
3887 | + if (!path_name) |
3888 | + return; |
3889 | + |
3890 | +diff --git a/grub-core/loader/i386/bsdXX.c b/grub-core/loader/i386/bsdXX.c |
3891 | +index af6741d157..a8d8bf7dae 100644 |
3892 | +--- a/grub-core/loader/i386/bsdXX.c |
3893 | ++++ b/grub-core/loader/i386/bsdXX.c |
3894 | +@@ -48,7 +48,7 @@ read_headers (grub_file_t file, const char *filename, Elf_Ehdr *e, char **shdr) |
3895 | + if (e->e_ident[EI_CLASS] != SUFFIX (ELFCLASS)) |
3896 | + return grub_error (GRUB_ERR_BAD_OS, N_("invalid arch-dependent ELF magic")); |
3897 | + |
3898 | +- *shdr = grub_malloc ((grub_uint32_t) e->e_shnum * e->e_shentsize); |
3899 | ++ *shdr = grub_calloc (e->e_shnum, e->e_shentsize); |
3900 | + if (! *shdr) |
3901 | + return grub_errno; |
3902 | + |
3903 | +diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c |
3904 | +index e64ed08f58..b7d176b5d3 100644 |
3905 | +--- a/grub-core/loader/i386/xnu.c |
3906 | ++++ b/grub-core/loader/i386/xnu.c |
3907 | +@@ -295,7 +295,7 @@ grub_xnu_devprop_add_property_utf8 (struct grub_xnu_devprop_device_descriptor *d |
3908 | + return grub_errno; |
3909 | + |
3910 | + len = grub_strlen (name); |
3911 | +- utf16 = grub_malloc (sizeof (grub_uint16_t) * len); |
3912 | ++ utf16 = grub_calloc (len, sizeof (grub_uint16_t)); |
3913 | + if (!utf16) |
3914 | + { |
3915 | + grub_free (utf8); |
3916 | +@@ -331,7 +331,7 @@ grub_xnu_devprop_add_property_utf16 (struct grub_xnu_devprop_device_descriptor * |
3917 | + grub_uint16_t *utf16; |
3918 | + grub_err_t err; |
3919 | + |
3920 | +- utf16 = grub_malloc (sizeof (grub_uint16_t) * namelen); |
3921 | ++ utf16 = grub_calloc (namelen, sizeof (grub_uint16_t)); |
3922 | + if (!utf16) |
3923 | + return grub_errno; |
3924 | + grub_memcpy (utf16, name, sizeof (grub_uint16_t) * namelen); |
3925 | +diff --git a/grub-core/loader/macho.c b/grub-core/loader/macho.c |
3926 | +index 085f9c6890..05710c48e0 100644 |
3927 | +--- a/grub-core/loader/macho.c |
3928 | ++++ b/grub-core/loader/macho.c |
3929 | +@@ -97,7 +97,7 @@ grub_macho_file (grub_file_t file, const char *filename, int is_64bit) |
3930 | + if (grub_file_seek (macho->file, sizeof (struct grub_macho_fat_header)) |
3931 | + == (grub_off_t) -1) |
3932 | + goto fail; |
3933 | +- archs = grub_malloc (sizeof (struct grub_macho_fat_arch) * narchs); |
3934 | ++ archs = grub_calloc (narchs, sizeof (struct grub_macho_fat_arch)); |
3935 | + if (!archs) |
3936 | + goto fail; |
3937 | + if (grub_file_read (macho->file, archs, |
3938 | +diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c |
3939 | +index 70cd1db513..cc6853692a 100644 |
3940 | +--- a/grub-core/loader/multiboot_elfxx.c |
3941 | ++++ b/grub-core/loader/multiboot_elfxx.c |
3942 | +@@ -217,7 +217,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld) |
3943 | + { |
3944 | + grub_uint8_t *shdr, *shdrptr; |
3945 | + |
3946 | +- shdr = grub_malloc ((grub_uint32_t) ehdr->e_shnum * ehdr->e_shentsize); |
3947 | ++ shdr = grub_calloc (ehdr->e_shnum, ehdr->e_shentsize); |
3948 | + if (!shdr) |
3949 | + return grub_errno; |
3950 | + |
3951 | +diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c |
3952 | +index e0f47e72b0..2f0ebd0b8b 100644 |
3953 | +--- a/grub-core/loader/xnu.c |
3954 | ++++ b/grub-core/loader/xnu.c |
3955 | +@@ -801,7 +801,7 @@ grub_cmd_xnu_mkext (grub_command_t cmd __attribute__ ((unused)), |
3956 | + if (grub_be_to_cpu32 (head.magic) == GRUB_MACHO_FAT_MAGIC) |
3957 | + { |
3958 | + narchs = grub_be_to_cpu32 (head.nfat_arch); |
3959 | +- archs = grub_malloc (sizeof (struct grub_macho_fat_arch) * narchs); |
3960 | ++ archs = grub_calloc (narchs, sizeof (struct grub_macho_fat_arch)); |
3961 | + if (! archs) |
3962 | + { |
3963 | + grub_file_close (file); |
3964 | +diff --git a/grub-core/mmap/mmap.c b/grub-core/mmap/mmap.c |
3965 | +index 6a31cbae32..57b4e9a72a 100644 |
3966 | +--- a/grub-core/mmap/mmap.c |
3967 | ++++ b/grub-core/mmap/mmap.c |
3968 | +@@ -143,9 +143,9 @@ grub_mmap_iterate (grub_memory_hook_t hook, void *hook_data) |
3969 | + |
3970 | + /* Initialize variables. */ |
3971 | + ctx.scanline_events = (struct grub_mmap_scan *) |
3972 | +- grub_malloc (sizeof (struct grub_mmap_scan) * 2 * mmap_num); |
3973 | ++ grub_calloc (mmap_num, sizeof (struct grub_mmap_scan) * 2); |
3974 | + |
3975 | +- present = grub_zalloc (sizeof (present[0]) * current_priority); |
3976 | ++ present = grub_calloc (current_priority, sizeof (present[0])); |
3977 | + |
3978 | + if (! ctx.scanline_events || !present) |
3979 | + { |
3980 | +diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c |
3981 | +index 558d97ba1e..dd0ffcdaea 100644 |
3982 | +--- a/grub-core/net/bootp.c |
3983 | ++++ b/grub-core/net/bootp.c |
3984 | +@@ -1559,7 +1559,7 @@ grub_cmd_bootp (struct grub_command *cmd __attribute__ ((unused)), |
3985 | + if (ncards == 0) |
3986 | + return grub_error (GRUB_ERR_NET_NO_CARD, N_("no network card found")); |
3987 | + |
3988 | +- ifaces = grub_zalloc (ncards * sizeof (ifaces[0])); |
3989 | ++ ifaces = grub_calloc (ncards, sizeof (ifaces[0])); |
3990 | + if (!ifaces) |
3991 | + return grub_errno; |
3992 | + |
3993 | +diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c |
3994 | +index 5d9afe093c..e332d5eb4a 100644 |
3995 | +--- a/grub-core/net/dns.c |
3996 | ++++ b/grub-core/net/dns.c |
3997 | +@@ -285,8 +285,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), |
3998 | + ptr++; |
3999 | + ptr += 4; |
4000 | + } |
4001 | +- *data->addresses = grub_malloc (sizeof ((*data->addresses)[0]) |
4002 | +- * grub_be_to_cpu16 (head->ancount)); |
4003 | ++ *data->addresses = grub_calloc (grub_be_to_cpu16 (head->ancount), |
4004 | ++ sizeof ((*data->addresses)[0])); |
4005 | + if (!*data->addresses) |
4006 | + { |
4007 | + grub_errno = GRUB_ERR_NONE; |
4008 | +@@ -406,8 +406,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)), |
4009 | + dns_cache[h].addresses = 0; |
4010 | + dns_cache[h].name = grub_strdup (data->oname); |
4011 | + dns_cache[h].naddresses = *data->naddresses; |
4012 | +- dns_cache[h].addresses = grub_malloc (*data->naddresses |
4013 | +- * sizeof (dns_cache[h].addresses[0])); |
4014 | ++ dns_cache[h].addresses = grub_calloc (*data->naddresses, |
4015 | ++ sizeof (dns_cache[h].addresses[0])); |
4016 | + dns_cache[h].limit_time = grub_get_time_ms () + 1000 * ttl_all; |
4017 | + if (!dns_cache[h].addresses || !dns_cache[h].name) |
4018 | + { |
4019 | +@@ -479,7 +479,7 @@ grub_net_dns_lookup (const char *name, |
4020 | + } |
4021 | + } |
4022 | + |
4023 | +- sockets = grub_malloc (sizeof (sockets[0]) * n_servers); |
4024 | ++ sockets = grub_calloc (n_servers, sizeof (sockets[0])); |
4025 | + if (!sockets) |
4026 | + return grub_errno; |
4027 | + |
4028 | +diff --git a/grub-core/net/net.c b/grub-core/net/net.c |
4029 | +index b917a75d54..fed7bc57cb 100644 |
4030 | +--- a/grub-core/net/net.c |
4031 | ++++ b/grub-core/net/net.c |
4032 | +@@ -333,8 +333,8 @@ grub_cmd_ipv6_autoconf (struct grub_command *cmd __attribute__ ((unused)), |
4033 | + ncards++; |
4034 | + } |
4035 | + |
4036 | +- ifaces = grub_zalloc (ncards * sizeof (ifaces[0])); |
4037 | +- slaacs = grub_zalloc (ncards * sizeof (slaacs[0])); |
4038 | ++ ifaces = grub_calloc (ncards, sizeof (ifaces[0])); |
4039 | ++ slaacs = grub_calloc (ncards, sizeof (slaacs[0])); |
4040 | + if (!ifaces || !slaacs) |
4041 | + { |
4042 | + grub_free (ifaces); |
4043 | +diff --git a/grub-core/normal/charset.c b/grub-core/normal/charset.c |
4044 | +index b0ab47d73f..d57fb72faa 100644 |
4045 | +--- a/grub-core/normal/charset.c |
4046 | ++++ b/grub-core/normal/charset.c |
4047 | +@@ -203,7 +203,7 @@ grub_utf8_to_ucs4_alloc (const char *msg, grub_uint32_t **unicode_msg, |
4048 | + { |
4049 | + grub_size_t msg_len = grub_strlen (msg); |
4050 | + |
4051 | +- *unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t)); |
4052 | ++ *unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t)); |
4053 | + |
4054 | + if (!*unicode_msg) |
4055 | + return -1; |
4056 | +@@ -488,7 +488,7 @@ grub_unicode_aglomerate_comb (const grub_uint32_t *in, grub_size_t inlen, |
4057 | + } |
4058 | + else |
4059 | + { |
4060 | +- n = grub_malloc (sizeof (n[0]) * (out->ncomb + 1)); |
4061 | ++ n = grub_calloc (out->ncomb + 1, sizeof (n[0])); |
4062 | + if (!n) |
4063 | + { |
4064 | + grub_errno = GRUB_ERR_NONE; |
4065 | +@@ -842,7 +842,7 @@ grub_bidi_line_logical_to_visual (const grub_uint32_t *logical, |
4066 | + } \ |
4067 | + } |
4068 | + |
4069 | +- visual = grub_malloc (sizeof (visual[0]) * logical_len); |
4070 | ++ visual = grub_calloc (logical_len, sizeof (visual[0])); |
4071 | + if (!visual) |
4072 | + return -1; |
4073 | + |
4074 | +@@ -1165,8 +1165,8 @@ grub_bidi_logical_to_visual (const grub_uint32_t *logical, |
4075 | + { |
4076 | + const grub_uint32_t *line_start = logical, *ptr; |
4077 | + struct grub_unicode_glyph *visual_ptr; |
4078 | +- *visual_out = visual_ptr = grub_malloc (3 * sizeof (visual_ptr[0]) |
4079 | +- * (logical_len + 2)); |
4080 | ++ *visual_out = visual_ptr = grub_calloc (logical_len + 2, |
4081 | ++ 3 * sizeof (visual_ptr[0])); |
4082 | + if (!visual_ptr) |
4083 | + return -1; |
4084 | + for (ptr = logical; ptr <= logical + logical_len; ptr++) |
4085 | +diff --git a/grub-core/normal/cmdline.c b/grub-core/normal/cmdline.c |
4086 | +index c037d5050e..c57242e2ea 100644 |
4087 | +--- a/grub-core/normal/cmdline.c |
4088 | ++++ b/grub-core/normal/cmdline.c |
4089 | +@@ -41,7 +41,7 @@ grub_err_t |
4090 | + grub_set_history (int newsize) |
4091 | + { |
4092 | + grub_uint32_t **old_hist_lines = hist_lines; |
4093 | +- hist_lines = grub_malloc (sizeof (grub_uint32_t *) * newsize); |
4094 | ++ hist_lines = grub_calloc (newsize, sizeof (grub_uint32_t *)); |
4095 | + |
4096 | + /* Copy the old lines into the new buffer. */ |
4097 | + if (old_hist_lines) |
4098 | +@@ -114,7 +114,7 @@ static void |
4099 | + grub_history_set (int pos, grub_uint32_t *s, grub_size_t len) |
4100 | + { |
4101 | + grub_free (hist_lines[pos]); |
4102 | +- hist_lines[pos] = grub_malloc ((len + 1) * sizeof (grub_uint32_t)); |
4103 | ++ hist_lines[pos] = grub_calloc (len + 1, sizeof (grub_uint32_t)); |
4104 | + if (!hist_lines[pos]) |
4105 | + { |
4106 | + grub_print_error (); |
4107 | +@@ -349,7 +349,7 @@ grub_cmdline_get (const char *prompt_translated) |
4108 | + char *ret; |
4109 | + unsigned nterms; |
4110 | + |
4111 | +- buf = grub_malloc (max_len * sizeof (grub_uint32_t)); |
4112 | ++ buf = grub_calloc (max_len, sizeof (grub_uint32_t)); |
4113 | + if (!buf) |
4114 | + return 0; |
4115 | + |
4116 | +@@ -377,7 +377,7 @@ grub_cmdline_get (const char *prompt_translated) |
4117 | + FOR_ACTIVE_TERM_OUTPUTS(cur) |
4118 | + nterms++; |
4119 | + |
4120 | +- cl_terms = grub_malloc (sizeof (cl_terms[0]) * nterms); |
4121 | ++ cl_terms = grub_calloc (nterms, sizeof (cl_terms[0])); |
4122 | + if (!cl_terms) |
4123 | + { |
4124 | + grub_free (buf); |
4125 | +@@ -385,7 +385,7 @@ grub_cmdline_get (const char *prompt_translated) |
4126 | + } |
4127 | + cl_term_cur = cl_terms; |
4128 | + |
4129 | +- unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t)); |
4130 | ++ unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t)); |
4131 | + if (!unicode_msg) |
4132 | + { |
4133 | + grub_free (buf); |
4134 | +@@ -495,7 +495,7 @@ grub_cmdline_get (const char *prompt_translated) |
4135 | + grub_uint32_t *insert; |
4136 | + |
4137 | + insertlen = grub_strlen (insertu8); |
4138 | +- insert = grub_malloc ((insertlen + 1) * sizeof (grub_uint32_t)); |
4139 | ++ insert = grub_calloc (insertlen + 1, sizeof (grub_uint32_t)); |
4140 | + if (!insert) |
4141 | + { |
4142 | + grub_free (insertu8); |
4143 | +@@ -602,7 +602,7 @@ grub_cmdline_get (const char *prompt_translated) |
4144 | + |
4145 | + grub_free (kill_buf); |
4146 | + |
4147 | +- kill_buf = grub_malloc ((n + 1) * sizeof(grub_uint32_t)); |
4148 | ++ kill_buf = grub_calloc (n + 1, sizeof (grub_uint32_t)); |
4149 | + if (grub_errno) |
4150 | + { |
4151 | + grub_print_error (); |
4152 | +diff --git a/grub-core/normal/menu_entry.c b/grub-core/normal/menu_entry.c |
4153 | +index cdf3590a36..1993995be6 100644 |
4154 | +--- a/grub-core/normal/menu_entry.c |
4155 | ++++ b/grub-core/normal/menu_entry.c |
4156 | +@@ -95,8 +95,8 @@ init_line (struct screen *screen, struct line *linep) |
4157 | + { |
4158 | + linep->len = 0; |
4159 | + linep->max_len = 80; |
4160 | +- linep->buf = grub_malloc ((linep->max_len + 1) * sizeof (linep->buf[0])); |
4161 | +- linep->pos = grub_zalloc (screen->nterms * sizeof (linep->pos[0])); |
4162 | ++ linep->buf = grub_calloc (linep->max_len + 1, sizeof (linep->buf[0])); |
4163 | ++ linep->pos = grub_calloc (screen->nterms, sizeof (linep->pos[0])); |
4164 | + if (! linep->buf || !linep->pos) |
4165 | + { |
4166 | + grub_free (linep->buf); |
4167 | +@@ -287,7 +287,7 @@ update_screen (struct screen *screen, struct per_term_screen *term_screen, |
4168 | + pos = linep->pos + (term_screen - screen->terms); |
4169 | + |
4170 | + if (!*pos) |
4171 | +- *pos = grub_zalloc ((linep->len + 1) * sizeof (**pos)); |
4172 | ++ *pos = grub_calloc (linep->len + 1, sizeof (**pos)); |
4173 | + |
4174 | + if (i == region_start || linep == screen->lines + screen->line |
4175 | + || (i > region_start && mode == ALL_LINES)) |
4176 | +@@ -471,7 +471,7 @@ insert_string (struct screen *screen, const char *s, int update) |
4177 | + |
4178 | + /* Insert the string. */ |
4179 | + current_linep = screen->lines + screen->line; |
4180 | +- unicode_msg = grub_malloc ((p - s) * sizeof (grub_uint32_t)); |
4181 | ++ unicode_msg = grub_calloc (p - s, sizeof (grub_uint32_t)); |
4182 | + |
4183 | + if (!unicode_msg) |
4184 | + return 0; |
4185 | +@@ -1023,7 +1023,7 @@ complete (struct screen *screen, int continuous, int update) |
4186 | + if (completion_buffer.buf) |
4187 | + { |
4188 | + buflen = grub_strlen (completion_buffer.buf); |
4189 | +- ucs4 = grub_malloc (sizeof (grub_uint32_t) * (buflen + 1)); |
4190 | ++ ucs4 = grub_calloc (buflen + 1, sizeof (grub_uint32_t)); |
4191 | + |
4192 | + if (!ucs4) |
4193 | + { |
4194 | +@@ -1268,7 +1268,7 @@ grub_menu_entry_run (grub_menu_entry_t entry) |
4195 | + for (i = 0; i < (unsigned) screen->num_lines; i++) |
4196 | + { |
4197 | + grub_free (screen->lines[i].pos); |
4198 | +- screen->lines[i].pos = grub_zalloc (screen->nterms * sizeof (screen->lines[i].pos[0])); |
4199 | ++ screen->lines[i].pos = grub_calloc (screen->nterms, sizeof (screen->lines[i].pos[0])); |
4200 | + if (! screen->lines[i].pos) |
4201 | + { |
4202 | + grub_print_error (); |
4203 | +@@ -1278,7 +1278,7 @@ grub_menu_entry_run (grub_menu_entry_t entry) |
4204 | + } |
4205 | + } |
4206 | + |
4207 | +- screen->terms = grub_zalloc (screen->nterms * sizeof (screen->terms[0])); |
4208 | ++ screen->terms = grub_calloc (screen->nterms, sizeof (screen->terms[0])); |
4209 | + if (!screen->terms) |
4210 | + { |
4211 | + grub_print_error (); |
4212 | +diff --git a/grub-core/normal/menu_text.c b/grub-core/normal/menu_text.c |
4213 | +index e22bb91f6e..18240e76ce 100644 |
4214 | +--- a/grub-core/normal/menu_text.c |
4215 | ++++ b/grub-core/normal/menu_text.c |
4216 | +@@ -78,7 +78,7 @@ grub_print_message_indented_real (const char *msg, int margin_left, |
4217 | + grub_size_t msg_len = grub_strlen (msg) + 2; |
4218 | + int ret = 0; |
4219 | + |
4220 | +- unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t)); |
4221 | ++ unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t)); |
4222 | + |
4223 | + if (!unicode_msg) |
4224 | + return 0; |
4225 | +@@ -211,7 +211,7 @@ print_entry (int y, int highlight, grub_menu_entry_t entry, |
4226 | + |
4227 | + title = entry ? entry->title : ""; |
4228 | + title_len = grub_strlen (title); |
4229 | +- unicode_title = grub_malloc (title_len * sizeof (*unicode_title)); |
4230 | ++ unicode_title = grub_calloc (title_len, sizeof (*unicode_title)); |
4231 | + if (! unicode_title) |
4232 | + /* XXX How to show this error? */ |
4233 | + return; |
4234 | +diff --git a/grub-core/normal/term.c b/grub-core/normal/term.c |
4235 | +index a1e5c5a0da..cc8c173b6e 100644 |
4236 | +--- a/grub-core/normal/term.c |
4237 | ++++ b/grub-core/normal/term.c |
4238 | +@@ -264,7 +264,7 @@ grub_term_save_pos (void) |
4239 | + FOR_ACTIVE_TERM_OUTPUTS(cur) |
4240 | + cnt++; |
4241 | + |
4242 | +- ret = grub_malloc (cnt * sizeof (ret[0])); |
4243 | ++ ret = grub_calloc (cnt, sizeof (ret[0])); |
4244 | + if (!ret) |
4245 | + return NULL; |
4246 | + |
4247 | +@@ -1013,7 +1013,7 @@ grub_xnputs (const char *str, grub_size_t msg_len) |
4248 | + |
4249 | + grub_error_push (); |
4250 | + |
4251 | +- unicode_str = grub_malloc (msg_len * sizeof (grub_uint32_t)); |
4252 | ++ unicode_str = grub_calloc (msg_len, sizeof (grub_uint32_t)); |
4253 | + |
4254 | + grub_error_pop (); |
4255 | + |
4256 | +diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c |
4257 | +index 7adc0f30ee..a5bd0752fb 100644 |
4258 | +--- a/grub-core/osdep/linux/getroot.c |
4259 | ++++ b/grub-core/osdep/linux/getroot.c |
4260 | +@@ -168,7 +168,7 @@ grub_util_raid_getmembers (const char *name, int bootable) |
4261 | + if (ret != 0) |
4262 | + grub_util_error (_("ioctl GET_ARRAY_INFO error: %s"), strerror (errno)); |
4263 | + |
4264 | +- devicelist = xmalloc ((info.nr_disks + 1) * sizeof (char *)); |
4265 | ++ devicelist = xcalloc (info.nr_disks + 1, sizeof (char *)); |
4266 | + |
4267 | + for (i = 0, j = 0; j < info.nr_disks; i++) |
4268 | + { |
4269 | +@@ -241,7 +241,7 @@ grub_find_root_devices_from_btrfs (const char *dir) |
4270 | + return NULL; |
4271 | + } |
4272 | + |
4273 | +- ret = xmalloc ((fsi.num_devices + 1) * sizeof (ret[0])); |
4274 | ++ ret = xcalloc (fsi.num_devices + 1, sizeof (ret[0])); |
4275 | + |
4276 | + for (i = 1; i <= fsi.max_id && j < fsi.num_devices; i++) |
4277 | + { |
4278 | +@@ -396,7 +396,7 @@ grub_find_root_devices_from_mountinfo (const char *dir, char **relroot) |
4279 | + if (relroot) |
4280 | + *relroot = NULL; |
4281 | + |
4282 | +- entries = xmalloc (entry_max * sizeof (*entries)); |
4283 | ++ entries = xcalloc (entry_max, sizeof (*entries)); |
4284 | + |
4285 | + again: |
4286 | + fp = grub_util_fopen ("/proc/self/mountinfo", "r"); |
4287 | +diff --git a/grub-core/osdep/unix/config.c b/grub-core/osdep/unix/config.c |
4288 | +index 5478030fde..89dc70d93c 100644 |
4289 | +--- a/grub-core/osdep/unix/config.c |
4290 | ++++ b/grub-core/osdep/unix/config.c |
4291 | +@@ -130,7 +130,7 @@ grub_util_load_config (struct grub_util_config *cfg) |
4292 | + if (num_cfgpaths == 0) |
4293 | + goto out; |
4294 | + |
4295 | +- sorted_cfgpaths = xmalloc (num_cfgpaths * sizeof (*sorted_cfgpaths)); |
4296 | ++ sorted_cfgpaths = xcalloc (num_cfgpaths, sizeof (*sorted_cfgpaths)); |
4297 | + i = 0; |
4298 | + if (grub_util_is_regular (cfgfile)) |
4299 | + sorted_cfgpaths[i++] = xstrdup (cfgfile); |
4300 | +diff --git a/grub-core/osdep/windows/getroot.c b/grub-core/osdep/windows/getroot.c |
4301 | +index 661d954619..eada663b26 100644 |
4302 | +--- a/grub-core/osdep/windows/getroot.c |
4303 | ++++ b/grub-core/osdep/windows/getroot.c |
4304 | +@@ -59,7 +59,7 @@ grub_get_mount_point (const TCHAR *path) |
4305 | + |
4306 | + for (ptr = path; *ptr; ptr++); |
4307 | + allocsize = (ptr - path + 10) * 2; |
4308 | +- out = xmalloc (allocsize * sizeof (out[0])); |
4309 | ++ out = xcalloc (allocsize, sizeof (out[0])); |
4310 | + |
4311 | + /* When pointing to EFI system partition GetVolumePathName fails |
4312 | + for ESP root and returns abberant information for everything |
4313 | +diff --git a/grub-core/osdep/windows/hostdisk.c b/grub-core/osdep/windows/hostdisk.c |
4314 | +index 355100789a..0be3273949 100644 |
4315 | +--- a/grub-core/osdep/windows/hostdisk.c |
4316 | ++++ b/grub-core/osdep/windows/hostdisk.c |
4317 | +@@ -111,7 +111,7 @@ grub_util_get_windows_path_real (const char *path) |
4318 | + |
4319 | + while (1) |
4320 | + { |
4321 | +- fpa = xmalloc (alloc * sizeof (fpa[0])); |
4322 | ++ fpa = xcalloc (alloc, sizeof (fpa[0])); |
4323 | + |
4324 | + len = GetFullPathName (tpath, alloc, fpa, NULL); |
4325 | + if (len >= alloc) |
4326 | +@@ -399,7 +399,7 @@ grub_util_fd_opendir (const char *name) |
4327 | + for (l = 0; name_windows[l]; l++); |
4328 | + for (l--; l >= 0 && (name_windows[l] == '\\' || name_windows[l] == '/'); l--); |
4329 | + l++; |
4330 | +- pattern = xmalloc ((l + 3) * sizeof (pattern[0])); |
4331 | ++ pattern = xcalloc (l + 3, sizeof (pattern[0])); |
4332 | + memcpy (pattern, name_windows, l * sizeof (pattern[0])); |
4333 | + pattern[l] = '\\'; |
4334 | + pattern[l + 1] = '*'; |
4335 | +diff --git a/grub-core/osdep/windows/init.c b/grub-core/osdep/windows/init.c |
4336 | +index e8ffd62c6a..6297de6326 100644 |
4337 | +--- a/grub-core/osdep/windows/init.c |
4338 | ++++ b/grub-core/osdep/windows/init.c |
4339 | +@@ -161,7 +161,7 @@ grub_util_host_init (int *argc __attribute__ ((unused)), |
4340 | + LPWSTR *targv; |
4341 | + |
4342 | + targv = CommandLineToArgvW (tcmdline, argc); |
4343 | +- *argv = xmalloc ((*argc + 1) * sizeof (argv[0])); |
4344 | ++ *argv = xcalloc (*argc + 1, sizeof (argv[0])); |
4345 | + |
4346 | + for (i = 0; i < *argc; i++) |
4347 | + (*argv)[i] = grub_util_tchar_to_utf8 (targv[i]); |
4348 | +diff --git a/grub-core/osdep/windows/platform.c b/grub-core/osdep/windows/platform.c |
4349 | +index a3f738fb9b..b160949d8e 100644 |
4350 | +--- a/grub-core/osdep/windows/platform.c |
4351 | ++++ b/grub-core/osdep/windows/platform.c |
4352 | +@@ -231,8 +231,8 @@ grub_install_register_efi (grub_device_t efidir_grub_dev, const char *efidir, |
4353 | + grub_util_error ("%s", _("no EFI routines are available when running in BIOS mode")); |
4354 | + |
4355 | + distrib8_len = grub_strlen (efi_distributor); |
4356 | +- distributor16 = xmalloc ((distrib8_len + 1) * GRUB_MAX_UTF16_PER_UTF8 |
4357 | +- * sizeof (grub_uint16_t)); |
4358 | ++ distributor16 = xcalloc (distrib8_len + 1, |
4359 | ++ GRUB_MAX_UTF16_PER_UTF8 * sizeof (grub_uint16_t)); |
4360 | + distrib16_len = grub_utf8_to_utf16 (distributor16, distrib8_len * GRUB_MAX_UTF16_PER_UTF8, |
4361 | + (const grub_uint8_t *) efi_distributor, |
4362 | + distrib8_len, 0); |
4363 | +diff --git a/grub-core/osdep/windows/relpath.c b/grub-core/osdep/windows/relpath.c |
4364 | +index cb0861744a..478e8ef14d 100644 |
4365 | +--- a/grub-core/osdep/windows/relpath.c |
4366 | ++++ b/grub-core/osdep/windows/relpath.c |
4367 | +@@ -72,7 +72,7 @@ grub_make_system_path_relative_to_its_root (const char *path) |
4368 | + if (dirwindows[0] && dirwindows[1] == ':') |
4369 | + offset = 2; |
4370 | + } |
4371 | +- ret = xmalloc (sizeof (ret[0]) * (flen - offset + 2)); |
4372 | ++ ret = xcalloc (flen - offset + 2, sizeof (ret[0])); |
4373 | + if (dirwindows[offset] != '\\' |
4374 | + && dirwindows[offset] != '/' |
4375 | + && dirwindows[offset]) |
4376 | +diff --git a/grub-core/partmap/gpt.c b/grub-core/partmap/gpt.c |
4377 | +index 103f6796f3..72a2e37cd4 100644 |
4378 | +--- a/grub-core/partmap/gpt.c |
4379 | ++++ b/grub-core/partmap/gpt.c |
4380 | +@@ -199,7 +199,7 @@ gpt_partition_map_embed (struct grub_disk *disk, unsigned int *nsectors, |
4381 | + *nsectors = ctx.len; |
4382 | + if (*nsectors > max_nsectors) |
4383 | + *nsectors = max_nsectors; |
4384 | +- *sectors = grub_malloc (*nsectors * sizeof (**sectors)); |
4385 | ++ *sectors = grub_calloc (*nsectors, sizeof (**sectors)); |
4386 | + if (!*sectors) |
4387 | + return grub_errno; |
4388 | + for (i = 0; i < *nsectors; i++) |
4389 | +diff --git a/grub-core/partmap/msdos.c b/grub-core/partmap/msdos.c |
4390 | +index 7b8e450762..ee3f24982b 100644 |
4391 | +--- a/grub-core/partmap/msdos.c |
4392 | ++++ b/grub-core/partmap/msdos.c |
4393 | +@@ -337,7 +337,7 @@ pc_partition_map_embed (struct grub_disk *disk, unsigned int *nsectors, |
4394 | + avail_nsectors = *nsectors; |
4395 | + if (*nsectors > max_nsectors) |
4396 | + *nsectors = max_nsectors; |
4397 | +- *sectors = grub_malloc (*nsectors * sizeof (**sectors)); |
4398 | ++ *sectors = grub_calloc (*nsectors, sizeof (**sectors)); |
4399 | + if (!*sectors) |
4400 | + return grub_errno; |
4401 | + for (i = 0; i < *nsectors; i++) |
4402 | +diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c |
4403 | +index ee299fd0ea..c8d6806fe0 100644 |
4404 | +--- a/grub-core/script/execute.c |
4405 | ++++ b/grub-core/script/execute.c |
4406 | +@@ -553,7 +553,7 @@ gettext_append (struct grub_script_argv *result, const char *orig_str) |
4407 | + for (iptr = orig_str; *iptr; iptr++) |
4408 | + if (*iptr == '$') |
4409 | + dollar_cnt++; |
4410 | +- ctx.allowed_strings = grub_malloc (sizeof (ctx.allowed_strings[0]) * dollar_cnt); |
4411 | ++ ctx.allowed_strings = grub_calloc (dollar_cnt, sizeof (ctx.allowed_strings[0])); |
4412 | + |
4413 | + if (parse_string (orig_str, gettext_save_allow, &ctx, 0)) |
4414 | + goto fail; |
4415 | +diff --git a/grub-core/tests/fake_input.c b/grub-core/tests/fake_input.c |
4416 | +index 2d60852989..b5eb516be2 100644 |
4417 | +--- a/grub-core/tests/fake_input.c |
4418 | ++++ b/grub-core/tests/fake_input.c |
4419 | +@@ -49,7 +49,7 @@ grub_terminal_input_fake_sequence (int *seq_in, int nseq_in) |
4420 | + saved = grub_term_inputs; |
4421 | + if (seq) |
4422 | + grub_free (seq); |
4423 | +- seq = grub_malloc (nseq_in * sizeof (seq[0])); |
4424 | ++ seq = grub_calloc (nseq_in, sizeof (seq[0])); |
4425 | + if (!seq) |
4426 | + return; |
4427 | + |
4428 | +diff --git a/grub-core/tests/video_checksum.c b/grub-core/tests/video_checksum.c |
4429 | +index 74d5b65e5c..44d0810698 100644 |
4430 | +--- a/grub-core/tests/video_checksum.c |
4431 | ++++ b/grub-core/tests/video_checksum.c |
4432 | +@@ -336,7 +336,7 @@ grub_video_capture_write_bmp (const char *fname, |
4433 | + { |
4434 | + case 4: |
4435 | + { |
4436 | +- grub_uint8_t *buffer = xmalloc (mode_info->width * 3); |
4437 | ++ grub_uint8_t *buffer = xcalloc (3, mode_info->width); |
4438 | + grub_uint32_t rmask = ((1 << mode_info->red_mask_size) - 1); |
4439 | + grub_uint32_t gmask = ((1 << mode_info->green_mask_size) - 1); |
4440 | + grub_uint32_t bmask = ((1 << mode_info->blue_mask_size) - 1); |
4441 | +@@ -367,7 +367,7 @@ grub_video_capture_write_bmp (const char *fname, |
4442 | + } |
4443 | + case 3: |
4444 | + { |
4445 | +- grub_uint8_t *buffer = xmalloc (mode_info->width * 3); |
4446 | ++ grub_uint8_t *buffer = xcalloc (3, mode_info->width); |
4447 | + grub_uint32_t rmask = ((1 << mode_info->red_mask_size) - 1); |
4448 | + grub_uint32_t gmask = ((1 << mode_info->green_mask_size) - 1); |
4449 | + grub_uint32_t bmask = ((1 << mode_info->blue_mask_size) - 1); |
4450 | +@@ -407,7 +407,7 @@ grub_video_capture_write_bmp (const char *fname, |
4451 | + } |
4452 | + case 2: |
4453 | + { |
4454 | +- grub_uint8_t *buffer = xmalloc (mode_info->width * 3); |
4455 | ++ grub_uint8_t *buffer = xcalloc (3, mode_info->width); |
4456 | + grub_uint16_t rmask = ((1 << mode_info->red_mask_size) - 1); |
4457 | + grub_uint16_t gmask = ((1 << mode_info->green_mask_size) - 1); |
4458 | + grub_uint16_t bmask = ((1 << mode_info->blue_mask_size) - 1); |
4459 | +diff --git a/grub-core/video/capture.c b/grub-core/video/capture.c |
4460 | +index 4f83c74411..4d3195e017 100644 |
4461 | +--- a/grub-core/video/capture.c |
4462 | ++++ b/grub-core/video/capture.c |
4463 | +@@ -89,7 +89,7 @@ grub_video_capture_start (const struct grub_video_mode_info *mode_info, |
4464 | + framebuffer.mode_info = *mode_info; |
4465 | + framebuffer.mode_info.blit_format = grub_video_get_blit_format (&framebuffer.mode_info); |
4466 | + |
4467 | +- framebuffer.ptr = grub_malloc (framebuffer.mode_info.height * framebuffer.mode_info.pitch); |
4468 | ++ framebuffer.ptr = grub_calloc (framebuffer.mode_info.height, framebuffer.mode_info.pitch); |
4469 | + if (!framebuffer.ptr) |
4470 | + return grub_errno; |
4471 | + |
4472 | +diff --git a/grub-core/video/emu/sdl.c b/grub-core/video/emu/sdl.c |
4473 | +index a2f639f66d..0ebab6f57d 100644 |
4474 | +--- a/grub-core/video/emu/sdl.c |
4475 | ++++ b/grub-core/video/emu/sdl.c |
4476 | +@@ -172,7 +172,7 @@ grub_video_sdl_set_palette (unsigned int start, unsigned int count, |
4477 | + if (start + count > mode_info.number_of_colors) |
4478 | + count = mode_info.number_of_colors - start; |
4479 | + |
4480 | +- tmp = grub_malloc (count * sizeof (tmp[0])); |
4481 | ++ tmp = grub_calloc (count, sizeof (tmp[0])); |
4482 | + for (i = 0; i < count; i++) |
4483 | + { |
4484 | + tmp[i].r = palette_data[i].r; |
4485 | +diff --git a/grub-core/video/i386/pc/vga.c b/grub-core/video/i386/pc/vga.c |
4486 | +index 01f47112d3..b2f776c997 100644 |
4487 | +--- a/grub-core/video/i386/pc/vga.c |
4488 | ++++ b/grub-core/video/i386/pc/vga.c |
4489 | +@@ -127,7 +127,7 @@ grub_video_vga_setup (unsigned int width, unsigned int height, |
4490 | + |
4491 | + vga_height = height ? : 480; |
4492 | + |
4493 | +- framebuffer.temporary_buffer = grub_malloc (vga_height * VGA_WIDTH); |
4494 | ++ framebuffer.temporary_buffer = grub_calloc (vga_height, VGA_WIDTH); |
4495 | + framebuffer.front_page = 0; |
4496 | + framebuffer.back_page = 0; |
4497 | + if (!framebuffer.temporary_buffer) |
4498 | +diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c |
4499 | +index 777e71334c..61bd645379 100644 |
4500 | +--- a/grub-core/video/readers/png.c |
4501 | ++++ b/grub-core/video/readers/png.c |
4502 | +@@ -309,7 +309,7 @@ grub_png_decode_image_header (struct grub_png_data *data) |
4503 | + if (data->is_16bit || data->is_gray || data->is_palette) |
4504 | + #endif |
4505 | + { |
4506 | +- data->image_data = grub_malloc (data->image_height * data->row_bytes); |
4507 | ++ data->image_data = grub_calloc (data->image_height, data->row_bytes); |
4508 | + if (grub_errno) |
4509 | + return grub_errno; |
4510 | + |
4511 | +diff --git a/include/grub/unicode.h b/include/grub/unicode.h |
4512 | +index a0403e91f9..4de986a857 100644 |
4513 | +--- a/include/grub/unicode.h |
4514 | ++++ b/include/grub/unicode.h |
4515 | +@@ -293,7 +293,7 @@ grub_unicode_glyph_dup (const struct grub_unicode_glyph *in) |
4516 | + grub_memcpy (out, in, sizeof (*in)); |
4517 | + if (in->ncomb > ARRAY_SIZE (out->combining_inline)) |
4518 | + { |
4519 | +- out->combining_ptr = grub_malloc (in->ncomb * sizeof (out->combining_ptr[0])); |
4520 | ++ out->combining_ptr = grub_calloc (in->ncomb, sizeof (out->combining_ptr[0])); |
4521 | + if (!out->combining_ptr) |
4522 | + { |
4523 | + grub_free (out); |
4524 | +@@ -315,7 +315,7 @@ grub_unicode_set_glyph (struct grub_unicode_glyph *out, |
4525 | + grub_memcpy (out, in, sizeof (*in)); |
4526 | + if (in->ncomb > ARRAY_SIZE (out->combining_inline)) |
4527 | + { |
4528 | +- out->combining_ptr = grub_malloc (in->ncomb * sizeof (out->combining_ptr[0])); |
4529 | ++ out->combining_ptr = grub_calloc (in->ncomb, sizeof (out->combining_ptr[0])); |
4530 | + if (!out->combining_ptr) |
4531 | + return; |
4532 | + grub_memcpy (out->combining_ptr, in->combining_ptr, |
4533 | +diff --git a/util/getroot.c b/util/getroot.c |
4534 | +index cdd41153c5..6ae35ecaa6 100644 |
4535 | +--- a/util/getroot.c |
4536 | ++++ b/util/getroot.c |
4537 | +@@ -200,7 +200,7 @@ make_device_name (const char *drive) |
4538 | + char *ret, *ptr; |
4539 | + const char *iptr; |
4540 | + |
4541 | +- ret = xmalloc (strlen (drive) * 2); |
4542 | ++ ret = xcalloc (2, strlen (drive)); |
4543 | + ptr = ret; |
4544 | + for (iptr = drive; *iptr; iptr++) |
4545 | + { |
4546 | +diff --git a/util/grub-file.c b/util/grub-file.c |
4547 | +index 50c18b6835..b2e7dd69f4 100644 |
4548 | +--- a/util/grub-file.c |
4549 | ++++ b/util/grub-file.c |
4550 | +@@ -54,7 +54,7 @@ main (int argc, char *argv[]) |
4551 | + |
4552 | + grub_util_host_init (&argc, &argv); |
4553 | + |
4554 | +- argv2 = xmalloc (argc * sizeof (argv2[0])); |
4555 | ++ argv2 = xcalloc (argc, sizeof (argv2[0])); |
4556 | + |
4557 | + if (argc == 2 && strcmp (argv[1], "--version") == 0) |
4558 | + { |
4559 | +diff --git a/util/grub-fstest.c b/util/grub-fstest.c |
4560 | +index f14e02d972..57246af7c6 100644 |
4561 | +--- a/util/grub-fstest.c |
4562 | ++++ b/util/grub-fstest.c |
4563 | +@@ -650,7 +650,7 @@ argp_parser (int key, char *arg, struct argp_state *state) |
4564 | + if (args_count < num_disks) |
4565 | + { |
4566 | + if (args_count == 0) |
4567 | +- images = xmalloc (num_disks * sizeof (images[0])); |
4568 | ++ images = xcalloc (num_disks, sizeof (images[0])); |
4569 | + images[args_count] = grub_canonicalize_file_name (arg); |
4570 | + args_count++; |
4571 | + return 0; |
4572 | +@@ -734,7 +734,7 @@ main (int argc, char *argv[]) |
4573 | + |
4574 | + grub_util_host_init (&argc, &argv); |
4575 | + |
4576 | +- args = xmalloc (argc * sizeof (args[0])); |
4577 | ++ args = xcalloc (argc, sizeof (args[0])); |
4578 | + |
4579 | + argp_parse (&argp, argc, argv, 0, 0, 0); |
4580 | + |
4581 | +diff --git a/util/grub-install-common.c b/util/grub-install-common.c |
4582 | +index fdfe2c7ead..447504d3f4 100644 |
4583 | +--- a/util/grub-install-common.c |
4584 | ++++ b/util/grub-install-common.c |
4585 | +@@ -286,7 +286,7 @@ handle_install_list (struct install_list *il, const char *val, |
4586 | + il->n_entries++; |
4587 | + } |
4588 | + il->n_alloc = il->n_entries + 1; |
4589 | +- il->entries = xmalloc (il->n_alloc * sizeof (il->entries[0])); |
4590 | ++ il->entries = xcalloc (il->n_alloc, sizeof (il->entries[0])); |
4591 | + ptr = val; |
4592 | + for (ce = il->entries; ; ce++) |
4593 | + { |
4594 | +diff --git a/util/grub-install.c b/util/grub-install.c |
4595 | +index f408b19860..843dfc7c80 100644 |
4596 | +--- a/util/grub-install.c |
4597 | ++++ b/util/grub-install.c |
4598 | +@@ -658,7 +658,7 @@ device_map_check_duplicates (const char *dev_map) |
4599 | + if (! fp) |
4600 | + return; |
4601 | + |
4602 | +- d = xmalloc (alloced * sizeof (d[0])); |
4603 | ++ d = xcalloc (alloced, sizeof (d[0])); |
4604 | + |
4605 | + while (fgets (buf, sizeof (buf), fp)) |
4606 | + { |
4607 | +@@ -1405,7 +1405,7 @@ main (int argc, char *argv[]) |
4608 | + ndev++; |
4609 | + } |
4610 | + |
4611 | +- grub_drives = xmalloc (sizeof (grub_drives[0]) * (ndev + 1)); |
4612 | ++ grub_drives = xcalloc (ndev + 1, sizeof (grub_drives[0])); |
4613 | + |
4614 | + for (curdev = grub_devices, curdrive = grub_drives; *curdev; curdev++, |
4615 | + curdrive++) |
4616 | +diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c |
4617 | +index bc087c2b57..d97d0e7bef 100644 |
4618 | +--- a/util/grub-mkimagexx.c |
4619 | ++++ b/util/grub-mkimagexx.c |
4620 | +@@ -2294,10 +2294,8 @@ SUFFIX (grub_mkimage_load_image) (const char *kernel_path, |
4621 | + + grub_host_to_target16 (e->e_shstrndx) * smd.section_entsize); |
4622 | + smd.strtab = (char *) e + grub_host_to_target_addr (s->sh_offset); |
4623 | + |
4624 | +- smd.addrs = xmalloc (sizeof (*smd.addrs) * smd.num_sections); |
4625 | +- memset (smd.addrs, 0, sizeof (*smd.addrs) * smd.num_sections); |
4626 | +- smd.vaddrs = xmalloc (sizeof (*smd.vaddrs) * smd.num_sections); |
4627 | +- memset (smd.vaddrs, 0, sizeof (*smd.vaddrs) * smd.num_sections); |
4628 | ++ smd.addrs = xcalloc (smd.num_sections, sizeof (*smd.addrs)); |
4629 | ++ smd.vaddrs = xcalloc (smd.num_sections, sizeof (*smd.vaddrs)); |
4630 | + |
4631 | + SUFFIX (locate_sections) (e, kernel_path, &smd, layout, image_target); |
4632 | + |
4633 | +diff --git a/util/grub-mkrescue.c b/util/grub-mkrescue.c |
4634 | +index 45d6140d3e..cb972f120b 100644 |
4635 | +--- a/util/grub-mkrescue.c |
4636 | ++++ b/util/grub-mkrescue.c |
4637 | +@@ -441,8 +441,8 @@ main (int argc, char *argv[]) |
4638 | + xorriso = xstrdup ("xorriso"); |
4639 | + label_font = grub_util_path_concat (2, pkgdatadir, "unicode.pf2"); |
4640 | + |
4641 | +- argp_argv = xmalloc (sizeof (argp_argv[0]) * argc); |
4642 | +- xorriso_tail_argv = xmalloc (sizeof (argp_argv[0]) * argc); |
4643 | ++ argp_argv = xcalloc (argc, sizeof (argp_argv[0])); |
4644 | ++ xorriso_tail_argv = xcalloc (argc, sizeof (argp_argv[0])); |
4645 | + |
4646 | + xorriso_tail_argc = 0; |
4647 | + /* Program name */ |
4648 | +diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c |
4649 | +index 4907d44c0b..edf309717c 100644 |
4650 | +--- a/util/grub-mkstandalone.c |
4651 | ++++ b/util/grub-mkstandalone.c |
4652 | +@@ -296,7 +296,7 @@ main (int argc, char *argv[]) |
4653 | + grub_util_host_init (&argc, &argv); |
4654 | + grub_util_disable_fd_syncs (); |
4655 | + |
4656 | +- files = xmalloc ((argc + 1) * sizeof (files[0])); |
4657 | ++ files = xcalloc (argc + 1, sizeof (files[0])); |
4658 | + |
4659 | + argp_parse (&argp, argc, argv, 0, 0, 0); |
4660 | + |
4661 | +diff --git a/util/grub-pe2elf.c b/util/grub-pe2elf.c |
4662 | +index 0d4084a108..11331294f1 100644 |
4663 | +--- a/util/grub-pe2elf.c |
4664 | ++++ b/util/grub-pe2elf.c |
4665 | +@@ -100,9 +100,9 @@ write_section_data (FILE* fp, const char *name, char *image, |
4666 | + char *pe_strtab = (image + pe_chdr->symtab_offset |
4667 | + + pe_chdr->num_symbols * sizeof (struct grub_pe32_symbol)); |
4668 | + |
4669 | +- section_map = xmalloc ((2 * pe_chdr->num_sections + 5) * sizeof (int)); |
4670 | ++ section_map = xcalloc (2 * pe_chdr->num_sections + 5, sizeof (int)); |
4671 | + section_map[0] = 0; |
4672 | +- shdr = xmalloc ((2 * pe_chdr->num_sections + 5) * sizeof (shdr[0])); |
4673 | ++ shdr = xcalloc (2 * pe_chdr->num_sections + 5, sizeof (shdr[0])); |
4674 | + idx = 1; |
4675 | + idx_reloc = pe_chdr->num_sections + 1; |
4676 | + |
4677 | +@@ -233,7 +233,7 @@ write_reloc_section (FILE* fp, const char *name, char *image, |
4678 | + |
4679 | + pe_sec = pe_shdr + shdr[i].sh_link; |
4680 | + pe_rel = (struct grub_pe32_reloc *) (image + pe_sec->relocations_offset); |
4681 | +- rel = (elf_reloc_t *) xmalloc (pe_sec->num_relocations * sizeof (elf_reloc_t)); |
4682 | ++ rel = (elf_reloc_t *) xcalloc (pe_sec->num_relocations, sizeof (elf_reloc_t)); |
4683 | + num_rels = 0; |
4684 | + modified = 0; |
4685 | + |
4686 | +@@ -365,12 +365,10 @@ write_symbol_table (FILE* fp, const char *name, char *image, |
4687 | + pe_symtab = (struct grub_pe32_symbol *) (image + pe_chdr->symtab_offset); |
4688 | + pe_strtab = (char *) (pe_symtab + pe_chdr->num_symbols); |
4689 | + |
4690 | +- symtab = (Elf_Sym *) xmalloc ((pe_chdr->num_symbols + 1) * |
4691 | +- sizeof (Elf_Sym)); |
4692 | +- memset (symtab, 0, (pe_chdr->num_symbols + 1) * sizeof (Elf_Sym)); |
4693 | ++ symtab = (Elf_Sym *) xcalloc (pe_chdr->num_symbols + 1, sizeof (Elf_Sym)); |
4694 | + num_syms = 1; |
4695 | + |
4696 | +- symtab_map = (int *) xmalloc (pe_chdr->num_symbols * sizeof (int)); |
4697 | ++ symtab_map = (int *) xcalloc (pe_chdr->num_symbols, sizeof (int)); |
4698 | + |
4699 | + for (i = 0; i < (int) pe_chdr->num_symbols; |
4700 | + i += pe_symtab->num_aux + 1, pe_symtab += pe_symtab->num_aux + 1) |
4701 | +diff --git a/util/grub-probe.c b/util/grub-probe.c |
4702 | +index 81d27eead5..cbe6ed94ca 100644 |
4703 | +--- a/util/grub-probe.c |
4704 | ++++ b/util/grub-probe.c |
4705 | +@@ -361,8 +361,8 @@ probe (const char *path, char **device_names, char delim) |
4706 | + grub_util_pull_device (*curdev); |
4707 | + ndev++; |
4708 | + } |
4709 | +- |
4710 | +- drives_names = xmalloc (sizeof (drives_names[0]) * (ndev + 1)); |
4711 | ++ |
4712 | ++ drives_names = xcalloc (ndev + 1, sizeof (drives_names[0])); |
4713 | + |
4714 | + for (curdev = device_names, curdrive = drives_names; *curdev; curdev++, |
4715 | + curdrive++) |
4716 | diff --git a/debian/patches/0085-malloc-Use-overflow-checking-primitives-where-we-do-.patch b/debian/patches/0085-malloc-Use-overflow-checking-primitives-where-we-do-.patch |
4717 | new file mode 100644 |
4718 | index 0000000..e0bb952 |
4719 | --- /dev/null |
4720 | +++ b/debian/patches/0085-malloc-Use-overflow-checking-primitives-where-we-do-.patch |
4721 | @@ -0,0 +1,1319 @@ |
4722 | +From 83e59f56362e11618083f376cbf700861d6b8f2a Mon Sep 17 00:00:00 2001 |
4723 | +From: Peter Jones <pjones@redhat.com> |
4724 | +Date: Mon, 15 Jun 2020 12:28:27 -0400 |
4725 | +Subject: malloc: Use overflow checking primitives where we do complex |
4726 | + allocations |
4727 | + |
4728 | +This attempts to fix the places where we do the following where |
4729 | +arithmetic_expr may include unvalidated data: |
4730 | + |
4731 | + X = grub_malloc(arithmetic_expr); |
4732 | + |
4733 | +It accomplishes this by doing the arithmetic ahead of time using grub_add(), |
4734 | +grub_sub(), grub_mul() and testing for overflow before proceeding. |
4735 | + |
4736 | +Among other issues, this fixes: |
4737 | + - allocation of integer overflow in grub_video_bitmap_create() |
4738 | + reported by Chris Coulson, |
4739 | + - allocation of integer overflow in grub_png_decode_image_header() |
4740 | + reported by Chris Coulson, |
4741 | + - allocation of integer overflow in grub_squash_read_symlink() |
4742 | + reported by Chris Coulson, |
4743 | + - allocation of integer overflow in grub_ext2_read_symlink() |
4744 | + reported by Chris Coulson, |
4745 | + - allocation of integer overflow in read_section_as_string() |
4746 | + reported by Chris Coulson. |
4747 | + |
4748 | +Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 |
4749 | + |
4750 | +Signed-off-by: Peter Jones <pjones@redhat.com> |
4751 | +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
4752 | +--- |
4753 | + grub-core/commands/legacycfg.c | 29 +++++++++++++++---- |
4754 | + grub-core/commands/wildcard.c | 36 ++++++++++++++++++++---- |
4755 | + grub-core/disk/ldm.c | 32 +++++++++++++++------ |
4756 | + grub-core/font/font.c | 7 ++++- |
4757 | + grub-core/fs/btrfs.c | 28 +++++++++++++------ |
4758 | + grub-core/fs/ext2.c | 10 ++++++- |
4759 | + grub-core/fs/iso9660.c | 51 ++++++++++++++++++++++++---------- |
4760 | + grub-core/fs/sfs.c | 27 ++++++++++++++---- |
4761 | + grub-core/fs/squash4.c | 45 ++++++++++++++++++++++-------- |
4762 | + grub-core/fs/udf.c | 41 +++++++++++++++++---------- |
4763 | + grub-core/fs/xfs.c | 11 +++++--- |
4764 | + grub-core/fs/zfs/zfs.c | 22 ++++++++++----- |
4765 | + grub-core/fs/zfs/zfscrypt.c | 7 ++++- |
4766 | + grub-core/lib/arg.c | 20 +++++++++++-- |
4767 | + grub-core/loader/i386/bsd.c | 8 +++++- |
4768 | + grub-core/net/dns.c | 9 +++++- |
4769 | + grub-core/normal/charset.c | 10 +++++-- |
4770 | + grub-core/normal/cmdline.c | 14 ++++++++-- |
4771 | + grub-core/normal/menu_entry.c | 13 +++++++-- |
4772 | + grub-core/script/argv.c | 16 +++++++++-- |
4773 | + grub-core/script/lexer.c | 21 ++++++++++++-- |
4774 | + grub-core/video/bitmap.c | 25 +++++++++++------ |
4775 | + grub-core/video/readers/png.c | 13 +++++++-- |
4776 | + 23 files changed, 382 insertions(+), 113 deletions(-) |
4777 | + |
4778 | +diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c |
4779 | +index 5e3ec0d5e4..cc5971f4db 100644 |
4780 | +--- a/grub-core/commands/legacycfg.c |
4781 | ++++ b/grub-core/commands/legacycfg.c |
4782 | +@@ -32,6 +32,7 @@ |
4783 | + #include <grub/auth.h> |
4784 | + #include <grub/disk.h> |
4785 | + #include <grub/partition.h> |
4786 | ++#include <grub/safemath.h> |
4787 | + |
4788 | + GRUB_MOD_LICENSE ("GPLv3+"); |
4789 | + |
4790 | +@@ -104,13 +105,22 @@ legacy_file (const char *filename) |
4791 | + if (newsuffix) |
4792 | + { |
4793 | + char *t; |
4794 | +- |
4795 | ++ grub_size_t sz; |
4796 | ++ |
4797 | ++ if (grub_add (grub_strlen (suffix), grub_strlen (newsuffix), &sz) || |
4798 | ++ grub_add (sz, 1, &sz)) |
4799 | ++ { |
4800 | ++ grub_errno = GRUB_ERR_OUT_OF_RANGE; |
4801 | ++ goto fail_0; |
4802 | ++ } |
4803 | ++ |
4804 | + t = suffix; |
4805 | +- suffix = grub_realloc (suffix, grub_strlen (suffix) |
4806 | +- + grub_strlen (newsuffix) + 1); |
4807 | ++ suffix = grub_realloc (suffix, sz); |
4808 | + if (!suffix) |
4809 | + { |
4810 | + grub_free (t); |
4811 | ++ |
4812 | ++ fail_0: |
4813 | + grub_free (entrysrc); |
4814 | + grub_free (parsed); |
4815 | + grub_free (newsuffix); |
4816 | +@@ -154,13 +164,22 @@ legacy_file (const char *filename) |
4817 | + else |
4818 | + { |
4819 | + char *t; |
4820 | ++ grub_size_t sz; |
4821 | ++ |
4822 | ++ if (grub_add (grub_strlen (entrysrc), grub_strlen (parsed), &sz) || |
4823 | ++ grub_add (sz, 1, &sz)) |
4824 | ++ { |
4825 | ++ grub_errno = GRUB_ERR_OUT_OF_RANGE; |
4826 | ++ goto fail_1; |
4827 | ++ } |
4828 | + |
4829 | + t = entrysrc; |
4830 | +- entrysrc = grub_realloc (entrysrc, grub_strlen (entrysrc) |
4831 | +- + grub_strlen (parsed) + 1); |
4832 | ++ entrysrc = grub_realloc (entrysrc, sz); |
4833 | + if (!entrysrc) |
4834 | + { |
4835 | + grub_free (t); |
4836 | ++ |
4837 | ++ fail_1: |
4838 | + grub_free (parsed); |
4839 | + grub_free (suffix); |
4840 | + return grub_errno; |
4841 | +diff --git a/grub-core/commands/wildcard.c b/grub-core/commands/wildcard.c |
4842 | +index 4a106ca040..cc3290311f 100644 |
4843 | +--- a/grub-core/commands/wildcard.c |
4844 | ++++ b/grub-core/commands/wildcard.c |
4845 | +@@ -23,6 +23,7 @@ |
4846 | + #include <grub/file.h> |
4847 | + #include <grub/device.h> |
4848 | + #include <grub/script_sh.h> |
4849 | ++#include <grub/safemath.h> |
4850 | + |
4851 | + #include <regex.h> |
4852 | + |
4853 | +@@ -48,6 +49,7 @@ merge (char **dest, char **ps) |
4854 | + int i; |
4855 | + int j; |
4856 | + char **p; |
4857 | ++ grub_size_t sz; |
4858 | + |
4859 | + if (! dest) |
4860 | + return ps; |
4861 | +@@ -60,7 +62,12 @@ merge (char **dest, char **ps) |
4862 | + for (j = 0; ps[j]; j++) |
4863 | + ; |
4864 | + |
4865 | +- p = grub_realloc (dest, sizeof (char*) * (i + j + 1)); |
4866 | ++ if (grub_add (i, j, &sz) || |
4867 | ++ grub_add (sz, 1, &sz) || |
4868 | ++ grub_mul (sz, sizeof (char *), &sz)) |
4869 | ++ return dest; |
4870 | ++ |
4871 | ++ p = grub_realloc (dest, sz); |
4872 | + if (! p) |
4873 | + { |
4874 | + grub_free (dest); |
4875 | +@@ -115,8 +122,15 @@ make_regex (const char *start, const char *end, regex_t *regexp) |
4876 | + char ch; |
4877 | + int i = 0; |
4878 | + unsigned len = end - start; |
4879 | +- char *buffer = grub_malloc (len * 2 + 2 + 1); /* worst case size. */ |
4880 | ++ char *buffer; |
4881 | ++ grub_size_t sz; |
4882 | + |
4883 | ++ /* Worst case size is (len * 2 + 2 + 1). */ |
4884 | ++ if (grub_mul (len, 2, &sz) || |
4885 | ++ grub_add (sz, 3, &sz)) |
4886 | ++ return 1; |
4887 | ++ |
4888 | ++ buffer = grub_malloc (sz); |
4889 | + if (! buffer) |
4890 | + return 1; |
4891 | + |
4892 | +@@ -226,6 +240,7 @@ match_devices_iter (const char *name, void *data) |
4893 | + struct match_devices_ctx *ctx = data; |
4894 | + char **t; |
4895 | + char *buffer; |
4896 | ++ grub_size_t sz; |
4897 | + |
4898 | + /* skip partitions if asked to. */ |
4899 | + if (ctx->noparts && grub_strchr (name, ',')) |
4900 | +@@ -239,11 +254,16 @@ match_devices_iter (const char *name, void *data) |
4901 | + if (regexec (ctx->regexp, buffer, 0, 0, 0)) |
4902 | + { |
4903 | + grub_dprintf ("expand", "not matched\n"); |
4904 | ++ fail: |
4905 | + grub_free (buffer); |
4906 | + return 0; |
4907 | + } |
4908 | + |
4909 | +- t = grub_realloc (ctx->devs, sizeof (char*) * (ctx->ndev + 2)); |
4910 | ++ if (grub_add (ctx->ndev, 2, &sz) || |
4911 | ++ grub_mul (sz, sizeof (char *), &sz)) |
4912 | ++ goto fail; |
4913 | ++ |
4914 | ++ t = grub_realloc (ctx->devs, sz); |
4915 | + if (! t) |
4916 | + { |
4917 | + grub_free (buffer); |
4918 | +@@ -300,6 +320,7 @@ match_files_iter (const char *name, |
4919 | + struct match_files_ctx *ctx = data; |
4920 | + char **t; |
4921 | + char *buffer; |
4922 | ++ grub_size_t sz; |
4923 | + |
4924 | + /* skip . and .. names */ |
4925 | + if (grub_strcmp(".", name) == 0 || grub_strcmp("..", name) == 0) |
4926 | +@@ -315,9 +336,14 @@ match_files_iter (const char *name, |
4927 | + if (! buffer) |
4928 | + return 1; |
4929 | + |
4930 | +- t = grub_realloc (ctx->files, sizeof (char*) * (ctx->nfile + 2)); |
4931 | +- if (! t) |
4932 | ++ if (grub_add (ctx->nfile, 2, &sz) || |
4933 | ++ grub_mul (sz, sizeof (char *), &sz)) |
4934 | ++ goto fail; |
4935 | ++ |
4936 | ++ t = grub_realloc (ctx->files, sz); |
4937 | ++ if (!t) |
4938 | + { |
4939 | ++ fail: |
4940 | + grub_free (buffer); |
4941 | + return 1; |
4942 | + } |
4943 | +diff --git a/grub-core/disk/ldm.c b/grub-core/disk/ldm.c |
4944 | +index e6323701ab..58f8a53e1a 100644 |
4945 | +--- a/grub-core/disk/ldm.c |
4946 | ++++ b/grub-core/disk/ldm.c |
4947 | +@@ -25,6 +25,7 @@ |
4948 | + #include <grub/msdos_partition.h> |
4949 | + #include <grub/gpt_partition.h> |
4950 | + #include <grub/i18n.h> |
4951 | ++#include <grub/safemath.h> |
4952 | + |
4953 | + #ifdef GRUB_UTIL |
4954 | + #include <grub/emu/misc.h> |
4955 | +@@ -289,6 +290,7 @@ make_vg (grub_disk_t disk, |
4956 | + struct grub_ldm_vblk vblk[GRUB_DISK_SECTOR_SIZE |
4957 | + / sizeof (struct grub_ldm_vblk)]; |
4958 | + unsigned i; |
4959 | ++ grub_size_t sz; |
4960 | + err = grub_disk_read (disk, cursec, 0, |
4961 | + sizeof(vblk), &vblk); |
4962 | + if (err) |
4963 | +@@ -350,7 +352,13 @@ make_vg (grub_disk_t disk, |
4964 | + grub_free (lv); |
4965 | + goto fail2; |
4966 | + } |
4967 | +- lv->name = grub_malloc (*ptr + 1); |
4968 | ++ if (grub_add (*ptr, 1, &sz)) |
4969 | ++ { |
4970 | ++ grub_free (lv->internal_id); |
4971 | ++ grub_free (lv); |
4972 | ++ goto fail2; |
4973 | ++ } |
4974 | ++ lv->name = grub_malloc (sz); |
4975 | + if (!lv->name) |
4976 | + { |
4977 | + grub_free (lv->internal_id); |
4978 | +@@ -599,10 +607,13 @@ make_vg (grub_disk_t disk, |
4979 | + if (lv->segments->node_alloc == lv->segments->node_count) |
4980 | + { |
4981 | + void *t; |
4982 | +- lv->segments->node_alloc *= 2; |
4983 | +- t = grub_realloc (lv->segments->nodes, |
4984 | +- sizeof (*lv->segments->nodes) |
4985 | +- * lv->segments->node_alloc); |
4986 | ++ grub_size_t sz; |
4987 | ++ |
4988 | ++ if (grub_mul (lv->segments->node_alloc, 2, &lv->segments->node_alloc) || |
4989 | ++ grub_mul (lv->segments->node_alloc, sizeof (*lv->segments->nodes), &sz)) |
4990 | ++ goto fail2; |
4991 | ++ |
4992 | ++ t = grub_realloc (lv->segments->nodes, sz); |
4993 | + if (!t) |
4994 | + goto fail2; |
4995 | + lv->segments->nodes = t; |
4996 | +@@ -723,10 +734,13 @@ make_vg (grub_disk_t disk, |
4997 | + if (comp->segment_alloc == comp->segment_count) |
4998 | + { |
4999 | + void *t; |
5000 | +- comp->segment_alloc *= 2; |