diff --git a/.gitignore b/.gitignore index f072794..c48971f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,9 @@ SOURCES/grub-2.02.tar.xz +SOURCES/redhatsecureboot301.cer +SOURCES/redhatsecureboot502.cer +SOURCES/redhatsecureboot601.cer +SOURCES/redhatsecureboot701.cer +SOURCES/redhatsecurebootca3.cer +SOURCES/redhatsecurebootca5.cer SOURCES/theme.tar.bz2 SOURCES/unifont-5.1.20080820.pcf.gz diff --git a/.grub2.metadata b/.grub2.metadata index 3bb3b94..c0c9b64 100644 --- a/.grub2.metadata +++ b/.grub2.metadata @@ -1,3 +1,9 @@ 3d7eb6eaab28b88cb969ba9ab24af959f4d1b178 SOURCES/grub-2.02.tar.xz +4a07b56e28741884b86da6ac91f8f9929541a1e4 SOURCES/redhatsecureboot301.cer +3f94c47f1d08bacc7cb29bdd912e286b8d2f6fcf SOURCES/redhatsecureboot502.cer +039357ef97aab3e484d1119edd4528156f5859e6 SOURCES/redhatsecureboot601.cer +e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot701.cer +cf9230e69000076727e5b784ec871d22716dc5da SOURCES/redhatsecurebootca3.cer +e6f506462069aa17d2e8610503635c20f3a995c3 SOURCES/redhatsecurebootca5.cer cf0b7763c528902da7e8b05cfa248f20c8825ce5 SOURCES/theme.tar.bz2 87f8600ba24e521b5d20bdf6c4b71af8ae861e3a SOURCES/unifont-5.1.20080820.pcf.gz diff --git a/SOURCES/0576-efi-http-change-uint32_t-to-uintn_t-for-grub_efi_htt.patch b/SOURCES/0576-efi-http-change-uint32_t-to-uintn_t-for-grub_efi_htt.patch new file mode 100644 index 0000000..65ac476 --- /dev/null +++ b/SOURCES/0576-efi-http-change-uint32_t-to-uintn_t-for-grub_efi_htt.patch @@ -0,0 +1,30 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Matt Hsiao +Date: Mon, 24 Apr 2023 13:39:05 +0800 +Subject: [PATCH] efi/http: change uint32_t to uintn_t for + grub_efi_http_message_t + +Modify UINT32 to UINTN in EFI_HTTP_MESSAGE to be UEFI 2.9 compliant. + +Signed-off-by: Matt Hsiao +Signed-off-by: Nicolas Frayer +--- + include/grub/efi/http.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/include/grub/efi/http.h b/include/grub/efi/http.h +index c5e9a89f5050..ad164ba1913d 100644 +--- a/include/grub/efi/http.h ++++ b/include/grub/efi/http.h +@@ -171,9 +171,9 @@ typedef struct { + grub_efi_http_request_data_t *request; + grub_efi_http_response_data_t *response; + } data; +- grub_efi_uint32_t header_count; ++ grub_efi_uintn_t header_count; + grub_efi_http_header_t *headers; +- grub_efi_uint32_t body_length; ++ grub_efi_uintn_t body_length; + void *body; + } grub_efi_http_message_t; + diff --git a/SOURCES/0577-ieee1275-Converting-plain-numbers-to-constants-in-Ve.patch b/SOURCES/0577-ieee1275-Converting-plain-numbers-to-constants-in-Ve.patch new file mode 100644 index 0000000..ce3e113 --- /dev/null +++ b/SOURCES/0577-ieee1275-Converting-plain-numbers-to-constants-in-Ve.patch @@ -0,0 +1,46 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Avnish Chouhan +Date: Thu, 23 Mar 2023 08:16:25 -0400 +Subject: [PATCH] ieee1275 : Converting plain numbers to constants in Vec5 + +This patch converts the plain numbers used in Vec5 properties to +constants. + +1. LPAR : Client program supports logical partitioning and + associated hcall()s. +2. SPLPAR : Client program supports the Shared + Processor LPAR Option. +3. CMO : Enables the Cooperative Memory Over-commitment Option. +4. MAX_CPU : Defines maximum number of CPUs supported. + +Signed-off-by: Avnish Chouhan +--- + grub-core/kern/ieee1275/init.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index 3ea9b73b2a59..2516e02091cb 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -56,6 +56,12 @@ extern char _end[]; + grub_addr_t grub_ieee1275_original_stack; + #endif + ++#define LPAR 0x80 ++#define SPLPAR 0x40 ++#define BYTE2 (LPAR | SPLPAR) ++#define CMO 0x80 ++#define MAX_CPU 256 ++ + void + grub_exit (int rc __attribute__((unused))) + { +@@ -372,7 +378,7 @@ grub_ieee1275_ibm_cas (void) + .vec4 = 0x0001, // set required minimum capacity % to the lowest value + .vec5_size = 1 + sizeof(struct option_vector5) - 2, + .vec5 = { +- 0, 192, 0, 128, 0, 0, 0, 0, 256 ++ 0, BYTE2, 0, CMO, 0, 0, 0, 0, MAX_CPU + } + }; + diff --git a/SOURCES/0578-ieee1275-extended-support-in-options-vector5.patch b/SOURCES/0578-ieee1275-extended-support-in-options-vector5.patch new file mode 100644 index 0000000..48b224c --- /dev/null +++ b/SOURCES/0578-ieee1275-extended-support-in-options-vector5.patch @@ -0,0 +1,125 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Avnish Chouhan +Date: Thu, 23 Mar 2023 08:33:12 -0400 +Subject: [PATCH] ieee1275 : extended support in options vector5 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch enables the multiple options in Options Vector5 which are +required and solves the boot issue seen on some machines which are looking for these specific options. + +1. LPAR : Client program supports logical partitioning and + associated hcall()s. +2. SPLPAR : Client program supports the Shared + Processor LPAR Option. +3. DYN_RCON_MEM : Client program supports the + “ibm,dynamic-reconfiguration-memory” property and it may be + presented in the device tree. +4. LARGE_PAGES : Client supports pages larger than 4 KB. +5. DONATE_DCPU_CLS : Client supports donating dedicated processor cycles. +6. PCI_EXP : Client supports PCI Express implementations + utilizing Message Signaled Interrupts (MSIs). + +7. CMOC : Enables the Cooperative Memory Over-commitment Option. +8. EXT_CMO : Enables the Extended Cooperative Memory Over-commit + Option. + +9. ASSOC_REF : Enables “ibm,associativity” and + “ibm,associativity-reference-points” properties. +10. AFFINITY : Enables Platform Resource Reassignment Notification. +11. NUMA : Supports NUMA Distance Lookup Table Option. + +12. HOTPLUG_INTRPT : Supports Hotplug Interrupts. +13. HPT_RESIZE : Enable Hash Page Table Resize Option. + +14. MAX_CPU : Defines maximum number of CPUs supported. + +15. PFO_HWRNG : Supports Random Number Generator. +16. PFO_HW_COMP : Supports Compression Engine. +17. PFO_ENCRYPT : Supports Encryption Engine. + +18. SUB_PROCESSORS : Supports Sub-Processors. + +19. DY_MEM_V2 : Client program supports the “ibm,dynamic-memory-v2” property in the + “ibm,dynamic-reconfiguration-memory” node and it may be presented in the device tree. +20. DRC_INFO : Client program supports the “ibm,drc-info” property definition and it may be + presented in the device tree. + +Signed-off-by: Avnish Chouhan +--- + grub-core/kern/ieee1275/init.c | 47 ++++++++++++++++++++++++++++++++++++------ + 1 file changed, 41 insertions(+), 6 deletions(-) + +diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c +index 2516e02091cb..1fae84440403 100644 +--- a/grub-core/kern/ieee1275/init.c ++++ b/grub-core/kern/ieee1275/init.c +@@ -56,11 +56,41 @@ extern char _end[]; + grub_addr_t grub_ieee1275_original_stack; + #endif + +-#define LPAR 0x80 +-#define SPLPAR 0x40 +-#define BYTE2 (LPAR | SPLPAR) +-#define CMO 0x80 +-#define MAX_CPU 256 ++/* Options vector5 properties */ ++ ++#define LPAR 0x80 ++#define SPLPAR 0x40 ++#define DYN_RCON_MEM 0x20 ++#define LARGE_PAGES 0x10 ++#define DONATE_DCPU_CLS 0x02 ++#define PCI_EXP 0x01 ++#define BYTE2 (LPAR | SPLPAR | DYN_RCON_MEM | LARGE_PAGES | DONATE_DCPU_CLS | PCI_EXP) ++ ++#define CMOC 0x80 ++#define EXT_CMO 0x40 ++#define CMO (CMOC | EXT_CMO) ++ ++#define ASSOC_REF 0x80 ++#define AFFINITY 0x40 ++#define NUMA 0x20 ++#define ASSOCIATIVITY (ASSOC_REF | AFFINITY | NUMA) ++ ++#define HOTPLUG_INTRPT 0x04 ++#define HPT_RESIZE 0x01 ++#define BIN_OPTS (HOTPLUG_INTRPT | HPT_RESIZE) ++ ++#define MAX_CPU 256 ++ ++#define PFO_HWRNG 0x80000000 ++#define PFO_HW_COMP 0x40000000 ++#define PFO_ENCRYPT 0x20000000 ++#define PLATFORM_FACILITIES (PFO_HWRNG | PFO_HW_COMP | PFO_ENCRYPT) ++ ++#define SUB_PROCESSORS 1 ++ ++#define DY_MEM_V2 0x80 ++#define DRC_INFO 0x40 ++#define BYTE22 (DY_MEM_V2 | DRC_INFO) + + void + grub_exit (int rc __attribute__((unused))) +@@ -323,6 +353,11 @@ struct option_vector5 { + grub_uint8_t micro_checkpoint; + grub_uint8_t reserved0; + grub_uint32_t max_cpus; ++ grub_uint16_t base_PAPR; ++ grub_uint16_t mem_reference; ++ grub_uint32_t platform_facilities; ++ grub_uint8_t sub_processors; ++ grub_uint8_t byte22; + } __attribute__((packed)); + + struct pvr_entry { +@@ -378,7 +413,7 @@ grub_ieee1275_ibm_cas (void) + .vec4 = 0x0001, // set required minimum capacity % to the lowest value + .vec5_size = 1 + sizeof(struct option_vector5) - 2, + .vec5 = { +- 0, BYTE2, 0, CMO, 0, 0, 0, 0, MAX_CPU ++ 0, BYTE2, 0, CMO, ASSOCIATIVITY, BIN_OPTS, 0, 0, MAX_CPU, 0, 0, PLATFORM_FACILITIES, SUB_PROCESSORS, BYTE22 + } + }; + diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches index 3eacbac..3bb7067 100644 --- a/SOURCES/grub.patches +++ b/SOURCES/grub.patches @@ -573,3 +573,6 @@ Patch0572: 0572-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch Patch0573: 0573-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch Patch0574: 0574-Enable-TDX-measurement-to-RTMR-register.patch Patch0575: 0575-Enable-shared-processor-mode-in-vector-5.patch +Patch0576: 0576-efi-http-change-uint32_t-to-uintn_t-for-grub_efi_htt.patch +Patch0577: 0577-ieee1275-Converting-plain-numbers-to-constants-in-Ve.patch +Patch0578: 0578-ieee1275-extended-support-in-options-vector5.patch diff --git a/SOURCES/redhatsecureboot301.cer b/SOURCES/redhatsecureboot301.cer deleted file mode 100644 index 4ff8b79..0000000 Binary files a/SOURCES/redhatsecureboot301.cer and /dev/null differ diff --git a/SOURCES/redhatsecureboot502.cer b/SOURCES/redhatsecureboot502.cer deleted file mode 100644 index be0b5e2..0000000 Binary files a/SOURCES/redhatsecureboot502.cer and /dev/null differ diff --git a/SOURCES/redhatsecureboot601.cer b/SOURCES/redhatsecureboot601.cer deleted file mode 100644 index c92b96b..0000000 Binary files a/SOURCES/redhatsecureboot601.cer and /dev/null differ diff --git a/SOURCES/redhatsecureboot701.cer b/SOURCES/redhatsecureboot701.cer deleted file mode 100644 index 25e3743..0000000 Binary files a/SOURCES/redhatsecureboot701.cer and /dev/null differ diff --git a/SOURCES/redhatsecurebootca3.cer b/SOURCES/redhatsecurebootca3.cer deleted file mode 100644 index b235400..0000000 Binary files a/SOURCES/redhatsecurebootca3.cer and /dev/null differ diff --git a/SOURCES/redhatsecurebootca5.cer b/SOURCES/redhatsecurebootca5.cer deleted file mode 100644 index dfb0284..0000000 Binary files a/SOURCES/redhatsecurebootca5.cer and /dev/null differ diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec index 64bb124..0672188 100644 --- a/SPECS/grub2.spec +++ b/SPECS/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 148%{?dist} +Release: 148%{?dist}.1 Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -510,6 +510,10 @@ fi %endif %changelog +* Fri Jun 16 2023 Nicolas Frayer - 2.02-148.el8_8.1 +- Sync with 8.9 (actually 2.02-150) +- Resolves: #2207972 + * Mon Feb 06 2023 Robbie Harwood - 2.02-148 - ppc64le: cas5, take 3 - Resolves: #2139508