On full-encrypted systems, including /boot, the current code omits
cryptodisk commands needed to open the drives if Secure Boot is enabled.
This prevents grub2 from reading any further configuration residing on
the encrypted disk.
This patch fixes this issue by adding the needed "cryptomount" commands in
the load.cfg file that is then copied in the EFI partition.
Bug-Debian: https://bugs.debian.org/917117
Last-Update: 2019-02-10
Patch-Name: uefi-secure-boot-cryptomount.patch
Code is currently ignoring errors from efibootmgr, giving users
clearly bogus output like:
Setting up grub-efi-amd64 (2.02~beta3-4) ...
Installing for x86_64-efi platform.
Could not delete variable: No space left on device
Could not prepare Boot variable: No space left on device
Installation finished. No error reported.
and then potentially unbootable systems. If efibootmgr fails,
grub-install should know that and report it!
Signed-off-by: Steve McIntyre <93sam@debian.org>
Bug-Debian: https://bugs.debian.org/853234
Forwarded: https://lists.gnu.org/archive/html/grub-devel/2017-01/msg00107.html
Patch-Name: grub-install-efibootmgr-check.patch
Add an extra option to grub-install "--force-extra-removable". On EFI
platforms, this will cause an extra copy of the grub-efi image to be
written to the appropriate removable media patch
/boot/efi/EFI/BOOT/BOOT$ARCH.EFI as well. This will help with broken
UEFI implementations where the firmware does not work when configured
with new boot paths.
Signed-off-by: Steve McIntyre <93sam@debian.org>
Bug-Debian: https://bugs.debian.org/767037https://bugs.debian.org/773092
Forwarded: Not yet
Last-Update: 2014-12-20
Patch-Name: grub-install-extra-removable.patch
Some powerpc machines require not updating the NVRAM. This can be handled
by existing grub-install command-line options, but it's friendlier to detect
this automatically.
On chrp_ibm machines, use the nvram utility rather than nvsetenv. (This
is possibly suitable for other machines too, but that needs to be
verified.)
Forwarded: no
Last-Update: 2014-10-15
Patch-Name: install_powerpc_machtypes.patch
This is not a very good approach, and certainly not sanely upstreamable;
we probably need to split GRUB_DISTRIBUTOR into a couple of different
variables.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1242417
Forwarded: not-needed
Last-Update: 2013-12-25
Patch-Name: install_efi_ubuntu_flavours.patch
In util/getroot and efidisk slightly modify exitsing comment to mostly
retain it but still make GCC7 compliant with respect to fall through
annotation.
In grub-core/lib/xzembed/xz_dec_lzma2.c it adds same comments as
upstream.
In grub-core/tests/setjmp_tets.c declare functions as "noreturn" to
suppress GCC7 warning.
In grub-core/gnulib/regexec.c use new __attribute__, because existing
annotation is not recognized by GCC7 parser (which requires that comment
immediately precedes case statement).
Otherwise add FALLTHROUGH comment.
Closes: 50598
Incorrect drive name was being passed into grub_util_sparc_setup,
causing the grub-install to fail.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
canonicalize_file_name clashed with gnulib function. Additionally
it was declared in 2 places: emu/misc.h and util/misc.h. Added
grub_ prefix and removed second declaration.
Commit 588744d0dc caused grub-mkconfig
no longer to be forgiving of trailing spaces on grub-probe output
lines, which among other things means that util/grub.d/10_linux.in
no longer detects LVM. To fix this, make grub-probe's output
delimiting more consistent. As a bonus, this improves the coverage
of the -0 option.
Fixes Debian bug #735935.
* grub-core/disk/cryptodisk.c
(grub_util_cryptodisk_get_abstraction): Add a user-data argument.
* grub-core/disk/diskfilter.c (grub_diskfilter_get_partmap):
Likewise.
* include/grub/cryptodisk.h (grub_util_cryptodisk_get_abstraction):
Update prototype.
* include/grub/diskfilter.h (grub_diskfilter_get_partmap): Likewise.
* util/grub-install.c (push_partmap_module, push_cryptodisk_module,
probe_mods): Adjust for extra user-data arguments.
* util/grub-probe.c (do_print, probe_partmap, probe_cryptodisk_uuid,
probe_abstraction): Use configured delimiter. Update callers.
According to UEFI 2.4 specification, default boot file name on AArch64
is BOOTAA64.EFI (3.4.1.1 Removable Media Boot Behavior). Also set default
GRUB image name to grubaa64.efi to match it.
grub-install already resolved passed install device to grub device. So do the
same as grub-setup and strip parenthesis if we get legacy (hdX).
I accidentally commited revert of 69ca97c820 and
this patch as part of f585c90505. So this commit
just adds ChangeLog entry and cosmetic whitespace fix.
/usr/local/grub2/sbin/grub-install: info: grub-mkimage --directory '/usr/local/grub2/lib/grub/i386-pc' --prefix '(mduuid/e6d1dcf06cea72140bafae74a8677f36)/grub' --output '/boot/grub/i386-pc/core.img' --format 'i386-pc' --compression 'auto' 'ext2' 'msdos' 'msdos' 'diskfilter' 'mdraid1x' 'biosdisk'
.
/usr/local/grub2/sbin/grub-install: error: cannot open `/usr/local/grub2/lib/grub/i386-pc/msdos.mod': No such file or directory.
Introduce common helper for both diskfilter and non-diskfilter case that
converts partition map names into module names.
Compare function used in qsort gets arguments by reference, so strcmp
cannot be used directly - it expects pointer to char, but gets pointer
to pointer to char.
Introduce new helper grub_qsort_strcmp and use it in grub-install.
This helper is going to be used in a couple more places as well so
add it to global file, not in grub-install.c.
the function of these files exceeds what can be sanely handled in shell
in posix-comaptible way. Also writing it in C extends the functionality
to non-UNIX-like OS and minimal environments.
