grub2

proxmox-mirrors/grub2

Fork 0

mirror of https://git.proxmox.com/git/grub2 synced 2025-10-04 13:35:46 +00:00

Commit Graph

Author	SHA1	Message	Date
Luca Boccassi	b2c4515a83	Do not overwrite sentinel byte in boot_params, breaks lockdown grub currently copies the entire boot_params, which includes setting sentinel byte to 0xff, which triggers sanitize_boot_params in the kernel which in turn clears various boot_params variables, including the indication that the bootloader chain is verified and thus the kernel disables lockdown mode. According to the information on the Fedora bug tracker, only the information from byte 0x1f1 is necessary, so start copying from there instead. Author: Luca Boccassi <bluca@debian.org> Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1418360 Forwarded: no Patch-Name: fix-lockdown.patch	2021-09-27 20:09:39 +01:00
Matthew Garrett	fc550c31c2	Add "linuxefi" loader which avoids ExitBootServices Origin: vendor, http://pkgs.fedoraproject.org/cgit/grub2.git/tree/grub2-linuxefi.patch Author: Colin Watson <cjwatson@ubuntu.com> Author: Steve Langasek <steve.langasek@canonical.com> Author: Linn Crosetto <linn@hpe.com> Forwarded: no Last-Update: 2021-09-24 Patch-Name: linuxefi.patch	2021-09-27 20:09:34 +01:00

Author

SHA1

Message

Date

Luca Boccassi

b2c4515a83

Do not overwrite sentinel byte in boot_params, breaks lockdown

grub currently copies the entire boot_params, which includes setting
sentinel byte to 0xff, which triggers sanitize_boot_params in the kernel
which in turn clears various boot_params variables, including the
indication that the bootloader chain is verified and thus the kernel
disables lockdown mode.  According to the information on the Fedora bug
tracker, only the information from byte 0x1f1 is necessary, so start
copying from there instead.

Author: Luca Boccassi <bluca@debian.org>
Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1418360
Forwarded: no

Patch-Name: fix-lockdown.patch

2021-09-27 20:09:39 +01:00

Matthew Garrett

fc550c31c2

Add "linuxefi" loader which avoids ExitBootServices

Origin: vendor, http://pkgs.fedoraproject.org/cgit/grub2.git/tree/grub2-linuxefi.patch
Author: Colin Watson <cjwatson@ubuntu.com>
Author: Steve Langasek <steve.langasek@canonical.com>
Author: Linn Crosetto <linn@hpe.com>
Forwarded: no
Last-Update: 2021-09-24

Patch-Name: linuxefi.patch

2021-09-27 20:09:34 +01:00

2 Commits