it mainly does general tasks, like handling utils
and enabling ccache. the vfiles are a small part.
rename the function accordingly. it is called by
premake, so let's call it corebootpremake.
this change will also make sense when cherry-picked
into cbmk, which does not handle vfiles at all.
Signed-off-by: Leah Rowe <leah@libreboot.org>
define it with a single variable, rather than several.
this allows several checks to be greatly simplified.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Futility tests enlarge the src tarballs, without much utility.
Uttterly futile.
Also, I already removed certain files within these directories,
so those definitions have been removed, since removing the
entire directory also removes those files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also pcsx-redux
this way, commands like "./mk -u" without argument
will not fail. these fake makefile commands do nothing.
otherwise, an error errors because their makefiles
do not define these options.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This brings in several changes from upstream:
* 73d1c959e cryptocheck: Add --quiet option
* dbc0eb5bd disk/cryptodisk: Wipe the passphrase from memory
* 301b4ef25 disk/cryptodisk: Add the "erase secrets" function
* 23ec4535f docs: Document available crypto disks checks
* 10d778c4b commands/search: Add the diskfilter support
* 7a584fbde disk/diskfilter: Introduce the "cryptocheck" command
* ed691c0e0 commands/search: Introduce the --cryptodisk-only argument
* c448f511e kern/rescue_reader: Block the rescue mode until the CLI authentication
* 4abac0ad5 fs/xfs: Fix large extent counters incompat feature support
This commit is of particular interest:
* dbc0eb5bd disk/cryptodisk: Wipe the passphrase from memory
Signed-off-by: Leah Rowe <leah@libreboot.org>
already present on a few other config files, e.g. arch
i noticed on debian-experimental that i needed to explicitly
install it, whereas it was implicitly installed on debian 12
Signed-off-by: Leah Rowe <leah@libreboot.org>
aka a l l o f t h e m
On Intel Sandybridge, IvyBridge and Haswell platforms,
the flash is divided into these partitions:
* Intel Flash Descriptor (IFD)
* Intel Management Engine (ME)
* Intel Gigabit Ethernet NVM (GbE)
* Platform Data
* BIOS
IFD contains many configuration details of the entire
machine, but for our purpose, you might compare this
to the MBR or GPT section (partition table) on an HDD
or SSD. It does, among other things, define these regions.
Intel Management Engine is a coprocessor that handles,
among other things, certain power management and OOB
execution for things like Intel AMT, providing remote
management features; it also implements a soft TPM on
some platforms, and (on later platforms) Intel Boot Guard.
GbE contains configuration data for the onboard ethernet
chipset, if it's an Intel chipset. It also stores the
MAC address.
Platform Data is essentially just text, where you can
store any number of things. Vendors will sometimes put
information here e.g. version information for firmware.
The BIOS region contains actual boot firmware, for
example Canoeboot.
The Intel ME is a binary blob, so it cannot be included
in Canoeboot. On *Libreboot*, we handle this where needed,
by automatically downloading it from a vendor, and
processing it with the me_cleaner utility which disables
the ME after early bringup; only the ROMP and BUP modules
remain. These are essentially an analog of coreboot, as
they initialise the Intel ME. The Intel ME's own bootrom
executes the ME firmware stored in system flash, from
the ME region.
The *Canoeboot* setup differs greatly from Libreboot, in
that the Intel ME is not handled at all, on these platforms.
It is possible to still disable early ME bringup, by setting
the HAP (ME AltDisable) bit in the IFD; coreboot also has
an option called ME Soft Temporary Disable, and we use this
by default.
With use of either HAP and/or Temporary Disable, a full ME
region, with nothing removed (no me_cleaner) is functionally
identical, as this means only the ROMP and BUP modules will
run, and other modules are disabled.
Libreboot handles Intel ME by generating a *full* image,
including Intel ME, downloading the ME firmware at build
time; Libreboot's way of doing it violates GNU FSDG, and
thus could not be used in Canoeboot.
Canoeboot *does not* handle the Intel ME, but it doesn't
need to. We simply provide images where the Intel ME region
in the ROM is all zeroes. If you then flash the ME region
with that, it will result in a brick; however, you can avoid
flashing the ME region.
The flashprog software (also flashrom which we no longer
use) can be made to flash only specific parts of the flash,
by using either the --ifd option, or by using a layout file.
To generate a layout file, do this on a Canoeboot ROM:
./ifdtool -f layout.txt canoeboot.rom
You can then do e.g.:
./flashprog -l layout.txt -i fd canoeboot.rom
./flashprog -l layout.txt -i gbe canoeboot.rom
./flashprog -l layout.txt -i bios canoeboot.rom
In these examples, fd means IFD, gbe means GbE and
bios means BIOS, so you flash these regions. If you
wanted to flash Intel ME, you could use -i me, but
Canoeboot users migrating from factory firmware or
Libreboot can simply leave the ME region alone.
For all of these machines being added, the BIOS region
is entirely free software; even microcode updates are
excluded. The machines run just fine without microcode
updates, after extensive testing.
The IFD and GBE are not software; they are just config,
and their data format is fully documented by public
Intel datasheets. Canoeboot provides the nvmutil software
for changing GBE MAC addresses, and also ifdtool from
coreboot which can be used to modify IFD if you wish.
The general rule of thumb is this:
* If flashing Canoeboot from factory firmware, please
flash both the IFD and BIOS regions; you may also
modify the GBE region if you wish
* If flashing Canoeboot from Libreboot firmware, please
note that Libreboot *shrinks* the ME, and uses a different
IFD layout; some Dell mainboards also use 16KB GbE in
the Canoeboot setup, mirroring what the vendor did, where
Libreboot corrected this to 8KB:
* Therefore, if flashing Canoeboot from Libreboot, please
flash ONLY the GbE and BIOS regions; do not flash the IFD
region.
Libreboot's way of doing it is superior, because you don't
need to care what's in the original flash, since Intel ME
and other vendor files are automatically downloaded at
build time and inserted into images, or inserted after
the fact by use of a special script on release images.
Canoeboot's method has risks, because for example you might
ignore this entire commit message or the documentation that
I'm going to write covering these facts, and you would then
possibly overwrite the ME region with zeroes, or something
else stupid. If you did do that, you could always just build
Libreboot or something, and use that, but obviously We in
the Canoeboot project do not recommend this, as it would
be extremely unGNU.
Signed-off-by: Leah Rowe <leah@libreboot.org>
We are calling xbmkget in the same way, whether it's
a subfile or subrepo.
Rename these variables to subcurl and subgit, so that we
can call xbmkget unconditionally.
Signed-off-by: Leah Rowe <leah@libreboot.org>
See, coreboot bug report:
https://ticket.coreboot.org/issues/590
We hadn't noticed this for quite a while, since we always
just booted with iomem=relaxed when needing to run cbmem,
since in practise it was always combined with other tasks
that require access to lower memory.
GRUB currently matches coreboot's own mmap for cbmem, but
for example SeaBIOS marks cbmem as E820 reserved. Therefore,
this change replicates the SeaBIOS behaviour.
Without this patch, Linux needs to boot with iomem=relaxed
for cbmem access, for example when running ./cbmem -1
With this patch, cbmem is now accessible regardless. This
patch also prevents Linux from overwriting parts of CBMEM.
Thanks go to Paul Menzel, who wrote this GRUB patch.
Thanks also go to Nicholas Chin, who provided testing, all
the way from Coreboot 25.03 back to Coreboot 4.20. It seems
that this is just something the payloads have to handle.
This means that both SeaBIOS and GRUB no longer have this
bug, in Libreboot; now what remains is to replicate the
test with our U-Boot payload.
Signed-off-by: Leah Rowe <leah@libreboot.org>
remove it from mkhelper files, because rom.sh doesn't
initialise any variables globally, except one that
never changes.
Signed-off-by: Leah Rowe <leah@libreboot.org>
I fixed the AHCI bug, with a patch that I wrote. It works by
restoring the old SeaBIOS AHCI initialisation behaviour, whereby
the AHCI controller is enabled from its current state; the patch
that broke AHCI in coreboot (tested on ThinkPad T420), changed
AHCI initialisation behaviour so that the controller's state is
first reset, prior to enablement.
However, my patch also retains the new AHCI initialisation
behaviour, when a CSM is in use. The AHCI reset patch was done,
by the author, specifically for SeaBIOS in CSM mode, so it makes
sense to only change the behaviour conditionally according to that.
This reverts commit 8245f0b3211812ac818adadd6526b0b39c63f3f0.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Rolled back the recent SeaBIOS revision update, which
therefore removes these SeaBIOS patches:
* 9029a010 kconfig: fix the check-lxdialog.sh to work with gcc 14+
* 8863cbbd ahci: add controller reset
* df9dd418 update pci_pad_mem64 handling
* a4fc1845 add romfile_loadbool()
* a2725e28 drop acpi tables and hex includes
* 35aa9a72 drop obsolete acpi table code
* 1b598a1d usb-hid: Support multiple USB HID devices by storing them in a linked list
Technically, I need only revert instead to revision df9dd418, but
that and the other revisions above contain changes that may possibly
cause other breakage.
We know the old revision worked, so roll back these 7 SeaBIOS commits.
Now I will re-compile the 25.04 release and re-upload it as rev1.
This bug was reported on a T420 thinkpad, which Canoeboot doesn't
support, but since that AHCI code is fairly generic, and these
controllers all so similar, it makes sense to just roll back SeaBIOS
on Canoeboot in addition to Libreboot.
Therefore, both Libreboot and Canoeboot will both provide a revision
release for the 25.04 series.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This reverts commit a08b8d94fc58fa195adb0261539509d8ddaf4799.
From #libreboot IRC today:
07:02 <irys> ooh this is fun. seabios commit 8863cbbd15a73b03153553c562f5b1fb939ad4d7 (ahci: add controller reset) breaks ahci entirely on t420
07:05 <irys> cbmem console on that seabios commit has a timeout then "AHCI/0: device not ready"
07:07 <irys> AHCI works fine if i change config/seabios/default/target.cfg to use the immediate previous seabios commit (df9dd418b3b0e586cb208125094620fc7f90f23d)
07:07 <irys> works in grub payload either way though
07:31 <irys> here, `cbmem -c` after booting the broken rev: https://0x0.st/84oQ.log
07:31 <irys> compared to the working one https://0x0.st/84o1.log
07:33 <irys> i can't report to upstream myself *right now* but i figure you might want to know about this leah
I have downloaded those logs locally for reference, so that an upstream
report can be made to SeaBIOS. For the purposes of this Libreboot commit,
the diff of the logs is as follows (diff -u broken.log working.log):
Taking each diff line out of the log, the relevant entries
seem to be:
Searching bootorder for: /pci@i0cf8/*@1f,2/drive@0/disk@0
+AHCI/0: Set transfer mode to UDMA-6
+Searching bios-geometry for: /pci@i0cf8/*@1f,2/drive@0/disk@0
+AHCI/0: registering: "AHCI/0: Netac SSD 128GB ATA-11 Hard-Disk (119 GiBytes)"
-WARNING - Timeout at ahci_port_setup:477!
-AHCI/0: device not ready (tf 0x80)
-All threads complete.
-2. Payload [memtest]
+2. AHCI/0: Netac SSD 128GB ATA-11 Hard-Disk (119 GiBytes)
+3. Payload [memtest]
-Space available for UMB: c7000-eb800, f5880-f5ff0
-Returned 16777216 bytes of ZoneHigh
+drive 0x000f5fa0: PCHS=16383/16/63 translation=lba LCHS=1024/255/63 s=250069680
+Space available for UMB: c7000-eb800, f5880-f5fa0
+Returned 16773120 bytes of ZoneHigh
Therefore, the revision will be reverted back for now. It was
only about 8 additional patches imported in the update anyway.
while cherry picking other recent lbmk changes, i
skipped the coreboot updates, because the lbmk ones
were done in mayn commits. it's more efficient just
to do it all in bulk, when adapting for canoeboot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
src/rp2_common/boot_stage2/boot2_w25x10cl.S:142: Error: junk at end of line, first unrecognized character is `0'
src/rp2_common/boot_stage2/boot2_w25x10cl.S:145: Error: garbage following instruction -- `beq 00b'
This should also fix it on Debian sid Experimental, where I'm testing
with GCC 15 and other bleeding edge dependencies.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Many users report bugs, so I'm reverting lbmk back to only
supporting the rp2040 dongles for the time being. The
documentation will be updated to reflect this.
Pico2 support will be re-added at a later date, once more
testing has been done, and fixes made if necessary.
This brings in the following improvements from upstream:
* 9029a010 kconfig: fix the check-lxdialog.sh to work with gcc 14+
* 8863cbbd ahci: add controller reset
* df9dd418 update pci_pad_mem64 handling
* a4fc1845 add romfile_loadbool()
* a2725e28 drop acpi tables and hex includes
* 35aa9a72 drop obsolete acpi table code
* 1b598a1d usb-hid: Support multiple USB HID devices by storing them in a linked list
Signed-off-by: Leah Rowe <leah@libreboot.org>
One of our SeaBIOS patches causes build errors with GCC 15:
src/romfile.c: In function 'romfile_loadfile_g':
src/romfile.c:65:18: error: too many arguments to function 'malloc_fn'; expected 0, have 1
65 | char *data = malloc_fn(filesize+add_len);
| ^~~~~~~~~ ~~~~~~~~~~~~~~~~
src/romfile.c: In function 'romfile_loadfile':
src/romfile.c:88:50: error: passing argument 3 of 'romfile_loadfile_g' from incompatible pointer type [-Wincompatible-pointer-types]
88 | char *data = romfile_loadfile_g(name, psize, &malloc_tmphigh, 1);
| ^~~~~~~~~~~~~~~
| |
| void * (*)(u32) {aka void * (*)(unsigned int)}
src/romfile.c:55:28: note: expected 'void * (*)(void)' but argument is of type 'void * (*)(u32)' {aka 'void * (*)(unsigned int)'}
55 | void *(*malloc_fn)(), int add_len)
| ~~~~~~~~^~~~~~~~~~~~
In file included from src/romfile.c:8:
src/malloc.h:42:21: note: 'malloc_tmphigh' declared here
42 | static inline void *malloc_tmphigh(u32 size) {
| ^~~~~~~~~~~~~~
make: *** [Makefile:142: out/src/romfile.o] Error 1
make: *** Waiting for unfinished jobs....
src/optionroms.c: In function 'vgarom_setup':
src/optionroms.c:468:60: error: passing argument 3 of 'romfile_loadfile_g' from incompatible pointer type [-Wincompatible-pointer-types]
468 | void *mxm_sis = romfile_loadfile_g("mxm-30-sis", NULL, &malloc_low, 0);
| ^~~~~~~~~~~
| |
| void * (*)(u32) {aka void * (*)(unsigned int)}
In file included from src/optionroms.c:18:
src/romfile.h:17:34: note: expected 'void * (*)(void)' but argument is of type 'void * (*)(u32)' {aka 'void * (*)(unsigned int)'}
17 | void *(*malloc_fn)(), int add_len);
| ~~~~~~~~^~~~~~~~~~~~
In file included from src/optionroms.c:16:
src/malloc.h:30:21: note: 'malloc_low' declared here
30 | static inline void *malloc_low(u32 size) {
| ^~~~~~~~~~
make: *** [Makefile:141: out/src/optionroms.o] Error 1
make: Leaving directory '/tmp/lbmk/src/seabios/default'
This is because the function pointer defined as `void *(*malloc_fn)()`
refers to a function that takes no arguments, unlike `malloc_tmphigh`
which takes an unsigned int. Add the missing argument type.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The Debian package for libusb is "libusb-1.0-0". Fix the typo in the
list which is missing the suffix. While we're here, also fix a line
continuation.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Recently, gru boards were migrated to use common stack addresses with
U-Boot commit 5e7cd8a11995 ("rockchip: Use common bss and stack
addresses on RK3399") and commit 49f8131e5594 ("rockchip: rk3399-gru:
Use TPL with common bss and stack addresses"). This is done with the
ROCKCHIP_COMMON_STACK_ADDR config.
With POSITION_INDEPENDENT, INIT_SP_RELATIVE defaults to enabled as well.
However, ROCKCHIP_COMMON_STACK_ADDR selects HAS_CUSTOM_SYS_INIT_SP_ADDR,
which depends on INIT_SP_RELATIVE being disabled. So this results in a
configuration warning:
WARNING: unmet direct dependencies detected for HAS_CUSTOM_SYS_INIT_SP_ADDR
Depends on [n]: ARM [=y] && ARCH_KIRKWOOD [=n] || ARC [=n] || ARM [=y] && !INIT_SP_RELATIVE [=y] || MIPS [=n] || PPC [=n] || RISCV [=n]
Selected by [y]:
- ROCKCHIP_COMMON_STACK_ADDR [=y] && ARM [=y] && ARCH_ROCKCHIP [=y] && SPL_SHARES_INIT_SP_ADDR [=y]
I'm not sure if adhering to the Rockchip values means we can't be
position-independent. Disabling INIT_SP_RELATIVE still appears to keep
my kevin board working, so let's do that for now.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Apply our preserved changes to the new U-Boot defconfigs. Upstream
rearranged memory layouts for Rockchip boards to a unified layout, which
got rid of CUSTOM_SYS_INIT_SP_ADDR and HAS_CUSTOM_SYS_INIT_SP_ADDR, and
will need a change to a related INIT_SP_RELATIVE later.
Normalize the positions of each line in the config by regenerating the
defconfig by `./mk -l u-boot` and then `./mk -s u-boot`, so that the
diff looks all green when we actually expand it to the full config.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Set the U-Boot revision to the commit hash for v2025.04, and rebase the
patches for the default U-Boot tree to accommodate for upstream changes:
- The SPL/TPL/VPL phases are being unified under the xPL name, so
there's a config rename.
- Some test macros were renamed, for the video-related patches.
- Add some missing hunks for video damage series.
- Upstream Makefile adds another argument to the binman call.
- The SWIG related patch is merged upstream, drop it.
I'm not sure if src/u-boot/* directories are regenerated on new builds,
so it may be necessary to remove them manually after applying this.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Run diffconfig from Linux to track our modifications to the old upstream
defconfigs, so we can apply them to the new ones. Restore the original
defconfigs to highlight our changes here, and upstream changes in the
next commit. Done manually, but something like:
do_diff() {
ours="$1"
theirs="$2"
tree="$3"
diffconfig \
src/u-boot/${tree}/configs/${theirs}_defconfig \
config/u-boot/${ours}/config/default \
>config/u-boot/${ours}/config/diffconfig
cp src/u-boot/${tree}/configs/${theirs}_defconfig \
config/u-boot/${ours}/config/default
}
do_diff amd64coreboot coreboot64 x86_64
do_diff i386coreboot coreboot x86
do_diff gru_bob chromebook_bob default
do_diff gru_kevin chromebook_kevin default
do_diff qemu_arm64_12mb qemu_arm64 default
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Run `./mk -s u-boot` to convert our configs into defconfigs, so we can
keep our changes to the old upstream defconfigs and re-apply them to the
new upstream defconfigs.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
A number of regressions were caused by the recent CVE fixes,
many of which have since been fixed upstream. This includes
several ext4 file system bugs, which caused some systems not
to boot properly, when dealing with very large initramfs files.
No additional patching has been made. This will be tested, and
then used to provide a revision update for Libreboot 20241206.
After this, there are several additional OOT patches that will
be merged, for the next *testing release* of Libreboot.
Update to this revision, for all GRUB trees:
a4da71dafeea519b034beb159dfe80c486c2107c
This brings in the following changes from upstream:
* a4da71daf util/grub-install: Include raid5rec module for RAID 4 as well
* 223fcf808 loader/ia64/efi/linux: Reset grub_errno on failure to allocate
* 6504a8d4b lib/datetime: Specify license in emu module
* 8fef533cf configure: Add -mno-relax on riscv*
* 1fe094855 docs: Document the long options of tpm2_key_protect_init
* 6252eb97c INSTALL: Document the packages needed for TPM2 key protector tests
* 9d4b382aa docs: Update NV index mode of TPM2 key protector
* 2043b6899 tests/tpm2_key_protector_test: Add more NV index mode tests
* 9f66a4719 tests/tpm2_key_protector_test: Reset "ret" on fail
* b7d89e667 tests/tpm2_key_protector_test: Simplify the NV index mode test
* 5934bf51c util/grub-protect: Support NV index mode
* cd9cb944d tpm2_key_protector: Support NV index handles
* fa69deac5 tpm2_key_protector: Unseal key from a buffer
* 75c480885 tss2: Add TPM 2.0 NV index commands
* 041164d00 tss2: Fix the missing authCommand
* 46c9f3a8d tpm2_key_protector: Add tpm2_dump_pcr command
* 617dab9e4 tpm2_key_protector: Dump PCRs on policy fail
* 204a6ddfb loader/i386/linux: Update linux_kernel_params to match upstream
* 6b64f297e loader/xnu: Fix memory leak
* f94d257e8 fs/btrfs: Fix memory leaks
* 81146fb62 loader/i386/linux: Fix resource leak
* 1d0059447 lib/reloacator: Fix memory leaks
* f3f1fcecd disk/ldm: Fix memory leaks
* aae2ea619 fs/ntfs: Fix NULL pointer dereference and possible infinite loop
* 3b25e494d net/drivers/ieee1275/ofnet: Add missing grub_malloc()
* fee6081ec kern/ieee1275/init: Increase MIN_RMA size for CAS negotiation on PowerPC machines
* b66c6f918 fs/zfs: Fix a number of memory leaks in ZFS code
* 1d59f39b5 tests/util/grub-shell: Remove the work directory on successful run and debug is not on
* e0116f3bd tests/grub_cmd_cryptomount: Remove temporary directories if successful and debug is not on
* e6e2b73db tests/grub_cmd_cryptomount: Default TMPDIR to /tmp
* 32b02bb92 tests/grub_cmd_cryptomount: Cleanup the cryptsetup script unless debug is enabled
* c188ca5d5 tests: Cleanup generated files on expected failure in grub_cmd_cryptomount
* 50320c093 tests/util/grub-shell-luks-tester: Add missing line to create RET variable in cleanup
* bb6d3199b tests/util/grub-shell-luks-tester: Find cryptodisk by UUID
* 3fd163e45 tests/util/grub-shell: Default qemuopts to envvar $GRUB_QEMU_OPTS
* ff7f55307 disk/lvm: Add informational messages in error cases of ignored features
* a16b4304a disk/lvm: Add support for cachevol LV
* 9a37d6114 disk/lvm: Add support for integrity LV
* 6c14b87d6 lvm: Match all LVM segments before validation
* d34b9120e disk/lvm: Remove unused cache_pool
* 90848a1f7 disk/lvm: Make cache_lv more generic as ignored_feature_lv
* 488ac8bda commands/ls: Add directory header for dir args
* 096bf59e4 commands/ls: Print full paths for file args
* 90288fc48 commands/ls: Output path for single file arguments given with path
* 6337d84af commands/ls: Show modification time for file paths
* cbfb031b1 commands/ls: Merge print_files_long() and print_files() into print_file()
* 112d2069c commands/ls: Return proper GRUB_ERR_* for functions returning type grub_err_t
* da9740cd5 commands/acpi: Use options enum to index command options
* 1acf11fe4 docs: Capture additional commands restricted by lockdown
* 6a168afd3 docs: Document restricted filesystems in lockdown
* be0ae9583 loader/i386/bsd: Fix type passed for the kernel
* ee27f07a6 kern/partition: Unbreak support for nested partitions
* cb639acea lib/tss2/tss2_structs.h: Fix clang build - remove duplicate typedef
* 696e35b7f include/grub/mm.h: Remove duplicate inclusion of grub/err.h
* 187338f1a script/execute: Don't let trailing blank lines determine the return code
* ff173a1c0 gitignore: Ignore generated files from libtasn
* fbcc38891 util/grub.d/30_os-prober.in: Conditionally show or hide chain and efi menu entries
* 56ccc5ed5 util/grub.d/30_os-prober.in: Fix GRUB_OS_PROBER_SKIP_LIST for non-EFI
* 01f064064 docs: Do not reference non-existent --dumb option
* 3f440b5a5 docs: Replace @lbracechar{} and @rbracechar{} with @{ and @}
* f20988738 fs/xfs: Fix grub_xfs_iterate_dir() return value in case of failure
* 1ed2628b5 fs/xfs: Add new superblock features added in Linux 6.12/6.13
* 348cd416a fs/ext2: Rework out-of-bounds read for inline and external extents
* c730eddd2 disk/ahci: Remove conditional operator for endtime
* f0a08324d term/ns8250-spcr: Return if redirection is disabled
* 7161e2437 commands/file: Fix NULL dereference in the knetbsd tests
* 11b9c2dd0 gdb_helper: Typo hueristic
* 224aefd05 kern/efi/mm: Reset grub_mm_add_region_fn after ExitBootServices() call
* 531750f7b i386/tsc: The GRUB menu gets stuck due to unserialized rdtsc
* f2a1f66e7 kern/i386/tsc_pmtimer: The GRUB menu gets stuck due to failed calibration
* 13f005ed8 loader/i386/linux: Fix cleanup if kernel doesn't support 64-bit addressing
Signed-off-by: Leah Rowe <leah@libreboot.org>
instead of running pwd all the time, run it once in lib.sh,
and export PWD.
for cbmk-specific use of PWD, use xbmkpwd, which contains
the value of PWD as was set by the pwd utility in lib.sh.
many parts of cbmk rely on pwd, and it *must* be correct.
this change adds basic error handling, since pwd can in
fact return errors in some cases.
Signed-off-by: Leah Rowe <leah@libreboot.org>
PWD could be anything, if the user manually exported
it before running cbmk.
always run pwd instead, to get the real string.
Signed-off-by: Leah Rowe <leah@libreboot.org>
I was importing a patch for the z790 boards, but
Libreboot doesn't support this board yet, and the
patch was a hack that may affect other boards.
When I do later merge that board, and I find that the
hack is needed, I'll simply make another grub tree
within lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
You can find information about these patches here:
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
GRUB has been on a crusade as of late, to proactively audit
and fix many security vulnerabilities. This lbmk change brings
in a comprehensive series of patches that fix bugs ranging from
possible buffer overflows, use-after frees, null derefs and so on.
These changes are critical, so a revision release *will* be issued,
for the Libreboot 20241206 release series.
This change imports the following 73 patches which
are present on the upstream GRUB repository (commit IDs
matched to upstream):
* 4dc616657 loader/i386/bsd: Use safe math to avoid underflow
* 490a6ab71 loader/i386/linux: Cast left shift to grub_uint32_t
* a8d6b0633 kern/misc: Add sanity check after grub_strtoul() call
* 8e6e87e79 kern/partition: Add sanity check after grub_strtoul() call
* 5b36a5210 normal/menu: Use safe math to avoid an integer overflow
* 9907d9c27 bus/usb/ehci: Define GRUB_EHCI_TOGGLE as grub_uint32_t
* f8795cde2 misc: Ensure consistent overflow error messages
* 66733f7c7 osdep/unix/getroot: Fix potential underflow
* d13b6e8eb script/execute: Fix potential underflow and NULL dereference
* e3c578a56 fs/sfs: Check if allocated memory is NULL
* 1c06ec900 net: Check if returned pointer for allocated memory is NULL
* dee2c14fd net: Prevent overflows when allocating memory for arrays
* 4beeff8a3 net: Use safe math macros to prevent overflows
* dd6a4c8d1 fs/zfs: Add missing NULL check after grub_strdup() call
* 13065f69d fs/zfs: Check if returned pointer for allocated memory is NULL
* 7f38e32c7 fs/zfs: Prevent overflows when allocating memory for arrays
* 88e491a0f fs/zfs: Use safe math macros to prevent overflows
* cde9f7f33 fs: Prevent overflows when assigning returned values from read_number()
* 84bc0a9a6 fs: Prevent overflows when allocating memory for arrays
* 6608163b0 fs: Use safe math macros to prevent overflows
* fbaddcca5 disk/ieee1275/ofdisk: Call grub_ieee1275_close() when grub_malloc() fails
* 33bd6b5ac disk: Check if returned pointer for allocated memory is NULL
* d8151f983 disk: Prevent overflows when allocating memory for arrays
* c407724da disk: Use safe math macros to prevent overflows
* c4bc55da2 fs: Disable many filesystems under lockdown
* 26db66050 fs/bfs: Disable under lockdown
* 5f31164ae commands/hexdump: Disable memory reading in lockdown mode
* 340e4d058 commands/memrw: Disable memory reading in lockdown mode
* 34824806a commands/minicmd: Block the dump command in lockdown mode
* c68b7d236 commands/test: Stack overflow due to unlimited recursion depth
* dad8f5029 commands/read: Fix an integer overflow when supplying more than 2^31 characters
* b970a5ed9 gettext: Integer overflow leads to heap OOB write
* 09bd6eb58 gettext: Integer overflow leads to heap OOB write or read
* 7580addfc gettext: Remove variables hooks on module unload
* 9c1619773 normal: Remove variables hooks on module unload
* 2123c5bca commands/pgp: Unregister the "check_signatures" hooks on module unload
* 0bf56bce4 commands/ls: Fix NULL dereference
* 05be856a8 commands/extcmd: Missing check for failed allocation
* 98ad84328 kern/dl: Check for the SHF_INFO_LINK flag in grub_dl_relocate_symbols()
* d72208423 kern/dl: Use correct segment in grub_dl_set_mem_attrs()
* 500e5fdd8 kern/dl: Fix for an integer overflow in grub_dl_ref()
* 2c34af908 video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG
* 0707accab net/tftp: Fix stack buffer overflow in tftp_open()
* 5eef88152 net: Fix OOB write in grub_net_search_config_file()
* aa8b4d7fa net: Remove variables hooks when interface is unregisted
* a1dd8e59d net: Unregister net_default_ip and net_default_mac variables hooks on unload
* d8a937cca script/execute: Limit the recursion depth
* 8a7103fdd kern/partition: Limit recursion in part_iterate()
* 18212f064 kern/disk: Limit recursion depth
* 67f70f70a disk/loopback: Reference tracking for the loopback
* 13febd78d disk/cryptodisk: Require authentication after TPM unlock for CLI access
* 16f196874 kern/file: Implement filesystem reference counting
* a79106872 kern/file: Ensure file->data is set
* d1d6b7ea5 fs/xfs: Ensuring failing to mount sets a grub_errno
* 6ccc77b59 fs/xfs: Fix out-of-bounds read
* 067b6d225 fs/ntfs: Implement attribute verification
* 048777bc2 fs/ntfs: Use a helper function to access attributes
* 237a71184 fs/ntfs: Track the end of the MFT attribute buffer
* aff263187 fs/ntfs: Fix out-of-bounds read
* 7e2f750f0 fs/ext2: Fix out-of-bounds read for inline extents
* edd995a26 fs/jfs: Inconsistent signed/unsigned types usage in return values
* bd999310f fs/jfs: Use full 40 bits offset and address for a data extent
* ab09fd053 fs/jfs: Fix OOB read caused by invalid dir slot index
* 66175696f fs/jfs: Fix OOB read in jfs_getent()
* 1443833a9 fs/iso9660: Fix invalid free
* 965db5970 fs/iso9660: Set a grub_errno if mount fails
* f7c070a2e fs/hfsplus: Set a grub_errno if mount fails
* 563436258 fs/f2fs: Set a grub_errno if mount fails
* 0087bc690 fs/tar: Integer overflow leads to heap OOB write
* 2c8ac08c9 fs/tar: Initialize name in grub_cpio_find_file()
* 417547c10 fs/hfs: Fix stack OOB write with grub_strcpy()
* c1a291b01 fs/ufs: Fix a heap OOB write
* ea703528a misc: Implement grub_strlcpy()
Signed-off-by: Leah Rowe <leah@libreboot.org>
genisoimage is not a an AUR package as suggested by aur_notice. It is
available in the "cdrtools" package in the repositories.
References: https://archlinux.org/packages/extra/x86_64/cdrtools/
Signed-off-by: Runxi Yu <me@runxiyu.org>
Leah Rowe