For complicated reasons, even if you have XSM/FLASK disabled (as is
the default) the Xen build system still builds a policy file and puts
it in /boot.
Even so, we shouldn't be loading this in the usual non-"XSM enabled"
entries. It doesn't do any particular harm but it is quite confusing.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Bug-Debian: https://bugs.debian.org/961673
Last-Update: 2020-05-29
Patch-Name: xen-no-xsm-policy-in-non-xsm-options.patch
Add fallback boot entries for alternative installed init systems. Based
on patches from Michael Biebl and Didier Roche.
Bug-Debian: https://bugs.debian.org/757298
Bug-Debian: https://bugs.debian.org/773173
Forwarded: no
Last-Update: 2017-06-23
Patch-Name: mkconfig-other-inits.patch
This is needed in case the Linux kernel is compiled with CONFIG_KERNEL_XZ or
CONFIG_KERNEL_LZO rather than CONFIG_KERNEL_GZ (gzio is already loaded by
grub.cfg today).
Signed-off-by: Ian Campbell <ijc@debian.org>
Bug-Debian: https://bugs.debian.org/755256
Forwarded: http://lists.gnu.org/archive/html/grub-devel/2014-11/msg00091.html
Last-Update: 2014-11-30
Patch-Name: insmod-xzio-and-lzopio-on-xen.patch
This allows the controversial "recovery mode" text to be customised.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1240360
Forwarded: no
Last-Update: 2013-12-25
Patch-Name: mkconfig-recovery-title.patch
This is used for non-recovery Linux entries only; it enables
flicker-free booting if gfxpayload=keep is in use and a suitable kernel
is present.
Author: Andy Whitcroft <apw@canonical.com>
Forwarded: not-needed
Last-Update: 2013-12-25
Patch-Name: vt-handoff.patch
If we don't have writable grubenv, recordfail doesn't work, which means our
quickboot behavior - with a timeout of 0 - leaves the user without a
reliable way to access the boot menu if they're on UEFI, because unlike
BIOS, UEFI does not support checking the state of modifier keys (i.e.
holding down shift at boot is not detectable).
Handle this corner case by always using a non-zero timeout on EFI when
save_env doesn't work.
Reuse GRUB_RECORDFAIL_TIMEOUT to avoid introducing another variable.
Signed-off-by: Steve Langasek <steve.langasek@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1800722
Last-Update: 2019-06-24
Patch-Name: quick-boot-lvm.patch
If other operating systems are installed, then automatically unhide the
menu. Otherwise, if GRUB_HIDDEN_TIMEOUT is 0, then use keystatus if
available to check whether Shift is pressed. If it is, show the menu,
otherwise boot immediately. If keystatus is not available, then fall
back to a short delay interruptible with Escape.
This may or may not remain Ubuntu-specific, although it's not obviously
wanted upstream. It implements a requirement of
https://wiki.ubuntu.com/DesktopExperienceTeam/KarmicBootExperienceDesignSpec#Bootloader.
If the previous boot failed (defined as failing to get to the end of one
of the normal runlevels), then show the boot menu regardless.
Author: Richard Laager <rlaager@wiktel.com>
Author: Robie Basak <robie.basak@ubuntu.com>
Forwarded: no
Last-Update: 2015-09-04
Patch-Name: quick-boot.patch
If this option is enabled, then do all of the following:
Don't display introductory message about line editing unless we're
actually offering a shell prompt. (This is believed to be a workaround
for a different bug. We'll go with this for now, but will drop this in
favour of a better fix upstream if somebody figures out what that is.)
Don't clear the screen just before booting if we never drew the menu in
the first place.
Remove verbose messages printed before reading configuration. In some
ways this is awkward because it makes debugging harder, but it's a
requirement for a smooth-looking boot process; we may be able to do
better in future. Upstream doesn't want this, though.
Disable the cursor as well, for similar reasons of tidiness.
Suppress kernel/initrd progress messages, except in recovery mode.
Suppress "GRUB loading" message unless Shift is held down. Upstream
doesn't want this, as it makes debugging harder. Ubuntu wants it to
provide a cleaner boot experience.
Author: Will Thompson <will@willthompson.co.uk>
Bug-Ubuntu: https://bugs.launchpad.net/bugs/386922
Bug-Ubuntu: https://bugs.launchpad.net/bugs/861048
Forwarded: (partial) http://lists.gnu.org/archive/html/grub-devel/2009-09/msg00056.html
Last-Update: 2021-09-24
Patch-Name: maybe-quiet.patch
Since we're already being booted from the Windows boot loader, including
entries that take us back to it mostly just causes confusion, and stops
us from being able to hide the menu if there are no other OSes
installed.
https://blueprints.launchpad.net/ubuntu/+spec/foundations-o-wubi
Forwarded: not-needed
Last-Update: 2013-11-26
Patch-Name: wubi-no-windows.patch
Ubuntu is called "Ubuntu", not "Ubuntu GNU/Linux".
Author: Colin Watson <cjwatson@debian.org>
Author: Harald Sitter <apachelogger@kubuntu.org>
Forwarded: not-needed
Last-Update: 2013-12-25
Patch-Name: mkconfig-ubuntu-distributor.patch
If configured with --enable-ubuntu-recovery, also set nomodeset for
recovery mode, and disable 'set gfxpayload=keep' even if the system
normally supports it. See
https://launchpad.net/ubuntu/+spec/desktop-o-xorg-tools-and-processes.
Author: Stéphane Graber <stgraber@ubuntu.com>
Forwarded: no
Last-Update: 2013-12-25
Patch-Name: mkconfig-ubuntu-recovery.patch
Improve prepare_grub_to_access_device to emit appropriate commands for
such filesystems, and ignore them in Linux grub.d scripts.
This is needed for Ubuntu's Wubi installation method.
This patch isn't inherently Debian/Ubuntu-specific. losetup and
/proc/mounts are Linux-specific, though, so we might need to refine this
before sending it upstream. The changes to the Linux grub.d scripts
might be better handled by integrating 10_lupin properly instead.
Patch-Name: mkconfig-loopback.patch
Setting gfxpayload=keep has been known to cause efifb to be
inappropriately enabled. In any case, with the current Linux kernel the
result of this option is that early kernelspace will be unable to print
anything to the console, so (for example) if boot fails and you end up
dumped to an initramfs prompt, you won't be able to see anything on the
screen. As such it shouldn't be enabled by default in Debian, no matter
what kernel options are enabled.
gfxpayload=keep is a good idea but rather ahead of its time ...
Bug-Debian: http://bugs.debian.org/567245
Forwarded: no
Last-Update: 2013-12-25
Patch-Name: gfxpayload-keep-default.patch
Since the possessive form of "it" is being used, the apostrophe must be omitted.
Signed-off-by: Aru Sahni <aru@arusahni.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch does the following:
- really disables os-prober by default in the util/grub-mkconfig.in
by setting GRUB_DISABLE_OS_PROBER to true,
- fixes the logic in the util/grub.d/30_os-prober.in,
- updates the grub_warn() lines.
Reason for the code shuffling in the util/grub-mkconfig.in:
The default was GRUB_DISABLE_OS_PROBER=false if you don't set
GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting we
have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER to
code section, which is executed by the script. However we still give an
option to the user to overwrite it with false, if he wants to execute
os-prober after all.
Fixes: e3464147 (templates: Disable the os-prober by default)
Reported-by: Didier Spaier <didier@slint.fr>
Reported-by: Lennart Sorensen <lsorense@csclub.uwaterloo.ca>
Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Signed-off-by: Philip Müller <philm@manjaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The os-prober is enabled by default what may lead to potentially
dangerous use cases and borderline opening attack vectors. This
patch disables the os-prober, adds warning messages and updates
GRUB_DISABLE_OS_PROBER configuration option documentation. This
way we make it clear that the os-prober usage is not recommended.
Simplistic nature of this change allows downstream vendors, who
really want os-prober to be enabled out of the box in their
relevant products, easily revert to it's old behavior.
Reported-by: NyankoSec (<nyanko@10x.moe>, https://twitter.com/NyankoSec),
working with SSD Secure Disclosure
Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
XSM is enabled by adding "flask=enforcing" as a Xen command line
argument, and providing the policy file as a grub module.
We make entries for both with and without XSM. If XSM is not compiled
into Xen, then there are no policy files, so no change to the boot
options.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
file_is_not_sym() currently only checks for xen-syms. Extend it to
disregard xenpolicy (XSM policy files) and files ending .config (which
are built by the Xen upstream build system in some configurations and
can therefore end up in /boot).
Rename the function accordingly, to file_is_not_xen_garbage().
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The fwsetup command allows to reboot into the EFI firmware setup menu, add
a template to include a menu entry on EFI systems that makes use of that
command to reboot into the EFI firmware settings.
This is useful for users since the hotkey to enter into the EFI setup menu
may not be the same on all systems so users can use the menu entry without
needing to figure out what key needs to be pressed.
Also, if fastboot is enabled in the BIOS then often it is not possible to
enter the firmware setup menu. So the entry is again useful for this case.
Signed-off-by: Steve Langasek <steve.langasek@ubuntu.com>
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The "which" utility is not guaranteed to be installed either, and if it
is, its behavior is not portable either.
Conversely, the "command -v" shell builtin is required to exist in all
POSIX 2008 compliant shells, and is thus guaranteed to work everywhere.
Examples of open-source shells likely to be installed as /bin/sh on
Linux, which implement the 11-year-old standard: ash, bash, busybox,
dash, ksh, mksh and zsh.
A side benefit of using the POSIX portable option is that it requires
neither an external disk executable, nor (because unlike "which", the
exit code is reliable) a subshell fork. This therefore represents a mild
speedup.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The GRUB_DISABLE_SUBMENU option is different than the others in the sense
that it has to be set to "y" instead of "true" to be enabled.
That causes a lot of confusion to users, some may wrongly set it to "true"
expecting that will work the same than with most options, and some may set
it to "yes" since for other options the value to set is a word and not a
single character.
This patch changes all the grub.d scripts using the GRUB_DISABLE_SUBMENU
option, so they check if it was set to "true" instead of "y", making it
consistent with all the other options.
But to keep backward compatibility for users that set the option to "y" in
/etc/default/grub file, keep testing for this value. And also do it for
"yes", since it is a common mistake made by users caused by this option
being inconsistent with the others.
Signed-off-by: Prarit Bhargava <prarit@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add support for multiple, shared, early initrd images. These early
images will be loaded in the order declared, and all will be loaded
before the initrd image.
While many classes of data can be provided by early images, the
immediate use case would be for distributions to provide CPU
microcode to mitigate the Meltdown and Spectre vulnerabilities.
Xen has also support to load microcode updates provided as additional
modules by the bootloader.
There are two environment variables provided for declaring the early
images.
* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
images that are provided by the distribution or installed packages.
If undeclared, this will default to a set of common microcode image
names.
* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
images will be loaded after the stock images.
These separate configurations allow the distribution and user to
declare different image sets without clobbering each other.
This also makes a minor update to ensure that UUID partition labels
stay disabled when no initrd image is found, even if early images are
present.
This is basically a copy of a698240d "grub-mkconfig/10_linux: Support
multiple early initrd images" by Matthew S. Turnbull.
Signed-off-by: Peter Große <pegro@friiks.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
If / is on the root dataset in a ZFS pool, then ${bootfs} will be set to
"/" (whereas if it is on a non-root dataset, there will be no trailing
slash). Passing "root=ZFS=${rpool}/" will fail to boot, but
"root=ZFS=${rpool}" works fine, so strip the trailing slash.
Fixes: https://savannah.gnu.org/bugs/?52746
Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
Tested-by: Fejes József <jozsef.fejes@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Commit 51be337 (templates: Update grub script template files)
lacked one "]", so, add it.
Reported-by: Philip <philm@manjaro.org>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Update grub-mkconfig.in and 10_linux.in to support grub-probe's new
partuuid target. Update grub.texi documentation. The following table
shows how GRUB_DISABLE_LINUX_UUID, GRUB_DISABLE_LINUX_PARTUUID, and
initramfs detection interact:
Initramfs GRUB_DISABLE_LINUX_PARTUUID GRUB_DISABLE_LINUX_UUID Linux Root
detected Set Set ID Method
false false false part UUID
false false true part UUID
false true false dev name
false true true dev name
true false false fs UUID
true false true part UUID
true true false fs UUID
true true true dev name
Note: GRUB_DISABLE_LINUX_PARTUUID and GRUB_DISABLE_LINUX_UUID equate to
'false' when unset or set to any value other than 'true'.
GRUB_DISABLE_LINUX_PARTUUID defaults to 'true'.
Signed-off-by: Nicholas Vinson <nvinson234@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add support for multiple, shared, early initrd images. These early
images will be loaded in the order declared, and all will be loaded
before the initrd image.
While many classes of data can be provided by early images, the
immediate use case would be for distributions to provide CPU
microcode to mitigate the Meltdown and Spectre vulnerabilities.
There are two environment variables provided for declaring the early
images.
* GRUB_EARLY_INITRD_LINUX_STOCK is for the distribution declare
images that are provided by the distribution or installed packages.
If undeclared, this will default to a set of common microcode image
names.
* GRUB_EARLY_INITRD_LINUX_CUSTOM is for user created images. User
images will be loaded after the stock images.
These separate configurations allow the distribution and user to
declare different image sets without clobbering each other.
This also makes a minor update to ensure that UUID partition labels
stay disabled when no initrd image is found, even if early images are
present.
This is a continuation of a previous patch published by Christian
Hesse in 2016:
http://lists.gnu.org/archive/html/grub-devel/2016-02/msg00025.html
Down stream Gentoo bug:
https://bugs.gentoo.org/645088
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Signed-off-by: Matthew S. Turnbull <sparky@bluefang-logic.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This can cause an issue where GRUB is trying to display both a text and
graphical menu on the display at the same time, resulting in a flickering
effect when e.g. scrolling quickly through a menu (LP: #1752767).
Revert for now while we look for a better solution for the original issue.
This reverts commit 52ef7b23f5.
Signed-off-by: dann frazier <dann.frazier@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-mkconfig will set GRUB_TERMINAL_OUTPUT to "gfxterm" unless the user
has overridden it. On EFI systems, this will stop output from going to the
default "console" terminal. When the EFI fw console is configured to output to
both serial and video, this will cause GRUB to only display on video - while
continuing to accept input from both video and serial.
Instead of switching from "console" to "gfxterm", let's output to both.
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The multiboot2 is much more preferable than multiboot. Especiall
if booting under EFI where multiboot does not have the functionality
to pass ImageHandler.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Commit d33045ce7f introduced
the support for this, but it does not work under x86 (as it stops
20_linux_xen from running).
The 20_linux_xen is run under a shell and any exits from within it:
(For example on x86):
+ /usr/bin/grub2-file --is-arm64-efi /boot/xen-4.9.0.gz
[root@tst063 grub]# echo $?
1
will result in 20_linux_xen exiting without continuing
and also causing grub2-mkconfig to stop processing.
As in:
[root@tst063 grub]# ./grub-mkconfig | tail
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.13.0-0.rc5.git1.1.fc27.x86_64
Found initrd image: /boot/initramfs-4.13.0-0.rc5.git1.1.fc27.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-ec082ee24aea41b9b16aca52a6d10cc2
Found initrd image: /boot/initramfs-0-rescue-ec082ee24aea41b9b16aca52a6d10cc2.img
echo 'Loading Linux 0-rescue-ec082ee24aea41b9b16aca52a6d10cc2 ...'
linux /vmlinuz-0-rescue-ec082ee24aea41b9b16aca52a6d10cc2 root=/dev/mapper/fedora_tst063-root ro single
echo 'Loading initial ramdisk ...'
initrd /initramfs-0-rescue-ec082ee24aea41b9b16aca52a6d10cc2.img
}
}
### END /usr/local/etc/grub.d/10_linux ###
### BEGIN /usr/local/etc/grub.d/20_linux_xen ###
root@tst063 grub]#
And no more.
This patch wraps the invocation of grub-file to be a in subshell
and to process the return value in a conditional. That fixes
the issue.
RH-BZ 1486002: grub2-mkconfig does not work if xen.gz is installed.
CC: Fu Wei <fu.wei@linaro.org>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the support of xen_boot command for aarch64:
xen_hypervisor
xen_module
These two commands are only for aarch64, since it has its own protocol and
commands to boot xen hypervisor and Dom0, but not multiboot.
For other architectures, they are still using multiboot and module
commands.
Signed-off-by: Fu Wei <fu.wei@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
If root filesystem is multidev btrfs, do not attempt to pass all devices as
kernel root= argument. This results in splitting command line in GRUB due to
embedded newline and even if we managed to quote it, kernel does not know how
to interpret it anyway. Multidev btrfs requires user space device scanning,
so passing single device would not work too.
This still respects user settings GRUB_DISABLE_LINUX_UUID. Not sure what we
should do in this case.
Closes: 45709
Currently only Windows gets distinguished icons, everything else is displayed
using the same generic one. Add additional --class based on os-prober returned
label, which usually is expected to match primary distribution name.
Also use it for Windows as well - chainloader prober may actually return
different strings (Windows, MS-DOS, Windows9xME).
util/grub-mkconfig_lib.in(version_test_gt): "echo -n" is not really needed,
final newline is stripped by command substitution.
util/grub.d/10_kfreebsd.in, util/grub.d/10_linux.in,
util/grub.d/20_linux_xen.in: change how list is built, to avoid echo -n
completely.
util/grub.d/30_os-prober.in: add spaces to printed line directly
Closes 43668.
* util/grub.d/30_os-prober.in: Tolerate devices with no filesystem
UUID. Other parts of grub-mkconfig tolerate these, they were
previously allowed here up to commit
55e706c918, and they can arise in
practice when the system has active LVM snapshots.
Fixes Ubuntu bug #1287436.
* util/grub.d/00_header.in (make_timeout): Use && rather than test
-a.
* util/grub.d/10_windows.in: Likewise.
* util/grub.d/10_netbsd.in (netbsd_load_fs_module): Use || rather
than test -o.
* util/grub.d/30_os-prober.in: Use && rather than test -a, and ||
rather than test -o.
