It works only on UEFI platforms but can be quite easily extended to
others architectures and platforms if needed.
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Marco A Benatto <mbenatto@redhat.com>
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
Patch-Name: 2021-02-security/099-kern-efi-Add-initial-stack-protector-implementation.patch
Several places we take the length of a device path and subtract 4 from
it, without ever checking that it's >= 4. There are also cases where
this kind of malformation will result in unpredictable iteration,
including treating the length from one dp node as the type in the next
node. These are all errors, no matter where the data comes from.
This patch adds a checking macro, GRUB_EFI_DEVICE_PATH_VALID(), which
can be used in several places, and makes GRUB_EFI_NEXT_DEVICE_PATH()
return NULL and GRUB_EFI_END_ENTIRE_DEVICE_PATH() evaluate as true when
the length is too small. Additionally, it makes several places in the
code check for and return errors in these cases.
Signed-off-by: Peter Jones <pjones@redhat.com>
Patch-Name: efi-malformed-device-path.patch
In the URI device path node, any name rahter than address can be used for
looking up the resources so that DNS service become needed to get answer of the
name's address. Unfortunately the DNS is not defined in any of the device path
nodes so that we use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL
to obtain it.
These two protcols are defined the sections of UEFI specification.
27.5 EFI IPv4 Configuration II Protocol
27.7 EFI IPv6 Configuration Protocol
include/grub/efi/api.h:
Add new structure and protocol UUID of EFI_IP4_CONFIG2_PROTOCOL and
EFI_IP6_CONFIG_PROTOCOL.
grub-core/net/drivers/efi/efinet.c:
Use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain the list
of DNS server address for IPv4 and IPv6 respectively. The address of DNS
servers is structured into DHCPACK packet and feed into the same DHCP packet
processing functions to ensure the network interface is setting up the same way
it used to be.
Signed-off-by: Michael Chang <mchang@suse.com>
Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet-set-dns-from-uefi-proto.patch
The PXE Base Code protocol used to obtain cached PXE DHCPACK packet is no
longer provided for HTTP Boot. Instead, we have to get the HTTP boot
information from the device path nodes defined in following UEFI Specification
sections.
9.3.5.12 IPv4 Device Path
9.3.5.13 IPv6 Device Path
9.3.5.23 Uniform Resource Identifiers (URI) Device Path
This patch basically does:
include/grub/efi/api.h:
Add new structure of Uniform Resource Identifiers (URI) Device Path
grub-core/net/drivers/efi/efinet.c:
Check if PXE Base Code is available, if not it will try to obtain the netboot
information from the device path where the image booted from. The DHCPACK
packet is recoverd from the information in device patch and feed into the same
DHCP packet processing functions to ensure the network interface is setting up
the same way it used to be.
Signed-off-by: Michael Chang <mchang@suse.com>
Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet-set-network-from-uefi-devpath.patch
When grub2 image is booted from UEFI IPv6 PXE, the DHCPv6 Reply packet is
cached in firmware buffer which can be obtained by PXE Base Code protocol. The
network interface can be setup through the parameters in that obtained packet.
Signed-off-by: Michael Chang <mchang@suse.com>
Signed-off-by: Ken Lin <ken.lin@hpe.com>
Patch-Name: efinet-uefi-ipv6-pxe-support.patch
This patch adds support for RISC-V to the grub build system. With this
patch, I can successfully build grub on RISC-V as a UEFI application.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Define
* GRUB_EFI_PERSISTENT_MEMORY (UEFI memory map type 14) per UEFI 2.5
* GRUB_MEMORY_PERSISTENT (E820 type 7) per ACPI 3.0
* GRUB_MEMORY_PERSISTENT_LEGACY (E820 unofficial type 12) per ACPI 3.0
and translate GRUB_EFI_PERSISTENT_MEMORY to GRUB_MEMORY_PERSISTENT in
grub_efi_mmap_iterate().
Includes
* adding the E820 names to lsmmap
* handling the E820 types in make_efi_memtype()
Suggested-by: Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com>
Suggested-by: Andrei Borzenkov <arvidjaar@gmail.com>
Exclusive open on SNP will close all existing protocol instances which
may disable all receive filters on interface. Reinstall them after we
opened protocol exclusively.
Also follow UEFI specification recommendation and stop interfaces when
closing them:
Unexpected system errors, reboots and hangs can occur if an OS is loaded
and the network devices are not Shutdown() and Stopped().
Also by: Mark Salter <msalter@redhat.com>
Closes: 45204
a const pointer.
* grub-core/efiemu/runtime/efiemu.c (efiemu_memcpy): Make from a
const pointer.
(efiemu_set_variable): Make vendor_guid a const pointer.
* grub-core/commands/efi/efifwsetup.c: New file.
* grub-core/kern/efi/efi.c (grub_efi_set_variable): New function
* include/grub/efi/api.h (GRUB_EFI_OS_INDICATIONS_BOOT_TO_FW_UI):
New define.
* include/grub/efi/efi.h (grub_efi_set_variable): New proto.
* docs/grub.texi (Platform-specific limitations): Fix the columen video
on emu. Mention arc and emu as the only platforms without serial
support.
* grub-core/Makefile.core.def (serial): Enable on all terminfomodule and
ieee1275 platforms.
* grub-core/term/efi/serial.c: New file.
* grub-core/term/ieee1275/serial.c: Likewise.
* grub-core/term/serial.c (grub_serial_find): Disable direct port
specification if no ns8250 driver is available.
(grub_cmd_serial): Likewise.
(GRUB_MOD_INIT) [GRUB_MACHINE_IEEE1275]: Init ofserial.
(GRUB_MOD_INIT) [GRUB_MACHINE_EFI]: Init efiserial.
* include/grub/efi/api.h (GRUB_EFI_SERIAL_IO_GUID): New define.
(grub_efi_parity_type_t): New type.
(grub_efi_stop_bits_t): Likewise.
(grub_efi_serial_io_interface): New struct.
* include/grub/serial.h (grub_serial_port): Make 'broken' field
available for all interfaces.
Add EFI and IEEE1275 fields.
(grub_ofserial_init): New proto.
(grub_efiserial_init): Likeiwse.
* util/grub.d/00_header.in: Don't check for the presence of serial
module.
* grub-core/Makefile.core.def (lsefimmap): New module.
* include/grub/efi/api.h (PRIxGRUB_EFI_UINTN_T): New definition.
Also-By: Robert Millan <rmh.grub@aybabtu.com>
Also-By: Vladimir Serbinenko <phcoder@gmail.com>
* include/grub/efi/api.h (GRUB_EFI_PIWG_DEVICE_PATH_SUBTYPE):
New constant.
(grub_efi_piwg_device_path): New structure
(grub_efi_piwg_device_path_t): New type.
* loader/efi/appleloader.c (piwg_full_device_path): New structure.
(devpath_1): Transform to a structure. All users updated.
(devpath_2): Likewise.
(devpath_3): Likewise.
(devpath_4): Likewise.
(devpath_5): Likewise.
