| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| olpc-prefix-hack.patch | Hack prefix for OLPC This sucks, but it's better than what OFW was giving us. |
Colin Watson <cjwatson@debian.org> | no | 2014-01-13 | ||
| core-in-fs.patch | Write marker if core.img was written to filesystem The Debian bug reporting script includes a warning in this case. |
Colin Watson <cjwatson@debian.org> | no | 2014-01-13 | ||
| grub-legacy-0-based-partitions.patch | Support running grub-probe in grub-legacy's update-grub | Colin Watson <cjwatson@debian.org> | not-needed | 2013-12-25 | ||
| disable-floppies.patch | Disable use of floppy devices An ugly kludge. Should this be merged upstream? |
Robert Millan | no | 2014-01-13 | ||
| gfxpayload-keep-default.patch | Disable gfxpayload=keep by default Setting gfxpayload=keep has been known to cause efifb to be inappropriately enabled. In any case, with the current Linux kernel the result of this option is that early kernelspace will be unable to print anything to the console, so (for example) if boot fails and you end up dumped to an initramfs prompt, you won't be able to see anything on the screen. As such it shouldn't be enabled by default in Debian, no matter what kernel options are enabled. gfxpayload=keep is a good idea but rather ahead of its time ... |
Colin Watson <cjwatson@debian.org> | no | debian | 2013-12-25 | |
| install-stage2-confusion.patch | If GRUB Legacy is still around, tell packaging to ignore it | Colin Watson <cjwatson@debian.org> | not-needed | debian | 2021-09-24 | |
| mkconfig-loopback.patch | Handle filesystems loop-mounted on file images Improve prepare_grub_to_access_device to emit appropriate commands for such filesystems, and ignore them in Linux grub.d scripts. This is needed for Ubuntu's Wubi installation method. This patch isn't inherently Debian/Ubuntu-specific. losetup and /proc/mounts are Linux-specific, though, so we might need to refine this before sending it upstream. The changes to the Linux grub.d scripts might be better handled by integrating 10_lupin properly instead. |
Colin Watson <cjwatson@debian.org> | no | 2014-01-13 | ||
| restore-mkdevicemap.patch | Restore grub-mkdevicemap This is kind of a mess, requiring lots of OS-specific code to iterate over all possible devices. However, we use it in a number of scripts to discover devices and reimplementing those in terms of something else would be very complicated. |
Dimitri John Ledkov <dimitri.ledkov@canonical.com> | no | 2021-09-24 | ||
| gettext-quiet.patch | Silence error messages when translations are unavailable | Colin Watson <cjwatson@ubuntu.com> | yes | upstream | 2013-11-14 | |
| install-efi-fallback.patch | Fall back to non-EFI if booted using EFI but -efi is missing It may be possible, particularly in recovery situations, to be booted using EFI on x86 when only the i386-pc target is installed, or on ARM when only the arm-uboot target is installed. There's nothing actually stopping us installing i386-pc or arm-uboot from an EFI environment, and it's better than returning a confusing error. |
Steve McIntyre <93sam@debian.org> | no | 2019-05-24 | ||
| mkconfig-ubuntu-recovery.patch | "single" -> "recovery" when friendly-recovery is installed If configured with --enable-ubuntu-recovery, also set nomodeset for recovery mode, and disable 'set gfxpayload=keep' even if the system normally supports it. See https://launchpad.net/ubuntu/+spec/desktop-o-xorg-tools-and-processes. |
Stéphane Graber <stgraber@ubuntu.com> | no | 2013-12-25 | ||
| install-locale-langpack.patch | Prefer translations from Ubuntu language packs if available | Colin Watson <cjwatson@ubuntu.com> | not-needed | 2013-12-25 | ||
| mkconfig-nonexistent-loopback.patch | Avoid getting confused by inaccessible loop device backing paths | Colin Watson <cjwatson@ubuntu.com> | no | 2021-09-24 | ||
| default-grub-d.patch | Read /etc/default/grub.d/*.cfg after /etc/default/grub | Colin Watson <cjwatson@ubuntu.com> | no | 2021-09-24 | ||
| blacklist-1440x900x32.patch | Blacklist 1440x900x32 from VBE preferred mode handling | Colin Watson <cjwatson@ubuntu.com> | no | 2013-11-14 | ||
| mkconfig-ubuntu-distributor.patch | Remove GNU/Linux from default distributor string for Ubuntu Ubuntu is called "Ubuntu", not "Ubuntu GNU/Linux". |
Harald Sitter <apachelogger@kubuntu.org> | not-needed | 2013-12-25 | ||
| maybe-quiet.patch | Add configure option to reduce visual clutter at boot time If this option is enabled, then do all of the following: Don't display introductory message about line editing unless we're actually offering a shell prompt. (This is believed to be a workaround for a different bug. We'll go with this for now, but will drop this in favour of a better fix upstream if somebody figures out what that is.) Don't clear the screen just before booting if we never drew the menu in the first place. Remove verbose messages printed before reading configuration. In some ways this is awkward because it makes debugging harder, but it's a requirement for a smooth-looking boot process; we may be able to do better in future. Upstream doesn't want this, though. Disable the cursor as well, for similar reasons of tidiness. Suppress kernel/initrd progress messages, except in recovery mode. Suppress "GRUB loading" message unless Shift is held down. Upstream doesn't want this, as it makes debugging harder. Ubuntu wants it to provide a cleaner boot experience. |
Will Thompson <will@willthompson.co.uk> | invalid | 2021-09-24 | ||
| install-efi-adjust-distributor.patch | Adjust efi_distributor for some distributions This is not a very good approach, and certainly not sanely upstreamable; we probably need to split GRUB_DISTRIBUTOR into a couple of different variables. |
Colin Watson <cjwatson@ubuntu.com> | not-needed | debian | 2019-08-06 | |
| quick-boot.patch | Add configure option to bypass boot menu if possible If other operating systems are installed, then automatically unhide the menu. Otherwise, if GRUB_HIDDEN_TIMEOUT is 0, then use keystatus if available to check whether Shift is pressed. If it is, show the menu, otherwise boot immediately. If keystatus is not available, then fall back to a short delay interruptible with Escape. This may or may not remain Ubuntu-specific, although it's not obviously wanted upstream. It implements a requirement of https://wiki.ubuntu.com/DesktopExperienceTeam/KarmicBootExperienceDesignSpec#Bootloader. If the previous boot failed (defined as failing to get to the end of one of the normal runlevels), then show the boot menu regardless. |
Robie Basak <robie.basak@ubuntu.com> | no | 2015-09-04 | ||
| quick-boot-lvm.patch | If we don't have writable grubenv and we're on EFI, always show the menu If we don't have writable grubenv, recordfail doesn't work, which means our quickboot behavior - with a timeout of 0 - leaves the user without a reliable way to access the boot menu if they're on UEFI, because unlike BIOS, UEFI does not support checking the state of modifier keys (i.e. holding down shift at boot is not detectable). Handle this corner case by always using a non-zero timeout on EFI when save_env doesn't work. Reuse GRUB_RECORDFAIL_TIMEOUT to avoid introducing another variable. |
Steve Langasek <steve.langasek@ubuntu.com> | no | 2019-06-24 | ||
| gfxpayload-dynamic.patch | Add configure option to enable gfxpayload=keep dynamically Set GRUB_GFXPAYLOAD_LINUX=keep unless it's known to be unsupported on the current hardware. See https://blueprints.launchpad.net/ubuntu/+spec/packageselection-foundations-n-grub2-boot-framebuffer. |
Colin Watson <cjwatson@ubuntu.com> | no | 2019-05-25 | ||
| vt-handoff.patch | Add configure option to use vt.handoff=7 This is used for non-recovery Linux entries only; it enables flicker-free booting if gfxpayload=keep is in use and a suitable kernel is present. |
Andy Whitcroft <apw@canonical.com> | not-needed | 2013-12-25 | ||
| probe-fusionio.patch | Probe FusionIO devices | Colin Watson <cjwatson@ubuntu.com> | no | 2016-09-18 | ||
| ignore-grub_func_test-failures.patch | Ignore functional test failures for now as they are broken | Colin Watson <cjwatson@debian.org> | not-needed | 2013-11-19 | ||
| mkconfig-recovery-title.patch | Add GRUB_RECOVERY_TITLE option This allows the controversial "recovery mode" text to be customised. |
Colin Watson <cjwatson@ubuntu.com> | no | 2013-12-25 | ||
| install-powerpc-machtypes.patch | Port yaboot logic for various powerpc machine types Some powerpc machines require not updating the NVRAM. This can be handled by existing grub-install command-line options, but it's friendlier to detect this automatically. On chrp_ibm machines, use the nvram utility rather than nvsetenv. (This is possibly suitable for other machines too, but that needs to be verified.) |
Colin Watson <cjwatson@debian.org> | no | 2014-10-15 | ||
| ieee1275-clear-reset.patch | Include a text attribute reset in the clear command for ppc Always clear text attribute for clear command in order to avoid problems after it boots. * grub-core/term/terminfo.c: Add escape for text attribute reset |
Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com> | no | other, https://lists.gnu.org/archive/html/grub-devel/2014-09/msg00076.html | 2014-09-26 | |
| ppc64el-disable-vsx.patch | Disable VSX instruction VSX bit is enabled by default for Power7 and Power8 CPU models, so we need to disable them in order to avoid instruction exceptions. Kernel will activate it when necessary. * grub-core/kern/powerpc/ieee1275/startup.S: Disable VSX. |
Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com> | no | other, https://lists.gnu.org/archive/html/grub-devel/2014-09/msg00078.html | 2015-01-27 | |
| grub-install-pvxen-paths.patch | grub-install: Install PV Xen binaries into the upstream specified path Upstream have defined a specification for where guests ought to place their xenpv grub binaries in order to facilitate chainloading from a stage 1 grub loaded from dom0. http://xenbits.xen.org/docs/unstable-staging/misc/x86-xenpv-bootloader.html The spec calls for installation into /boot/xen/pvboot-i386.elf or /boot/xen/pvboot-x86_64.elf. |
Ian Campbell <ijc@hellion.org.uk> | yes | debian | 2014-10-24 | |
| insmod-xzio-and-lzopio-on-xen.patch | Arrange to insmod xzio and lzopio when booting a kernel as a Xen guest This is needed in case the Linux kernel is compiled with CONFIG_KERNEL_XZ or CONFIG_KERNEL_LZO rather than CONFIG_KERNEL_GZ (gzio is already loaded by grub.cfg today). |
Ian Campbell <ijc@debian.org> | yes | debian | 2014-11-30 | |
| zpool-full-device-name.patch | Tell zpool to emit full device names zfs-initramfs currently provides extraneous, undesired symlinks to devices directly underneath /dev/ to satisfy zpool's historical output of unqualified device names. By including this environment variable to signal our intent to zpool, zfs-linux packages can drop the symlink behavior when updating to its upstream or backported output behavior. |
Chad MILLER <chad.miller@canonical.com> | yes | debian upstream | 2016-11-01 | |
| network/net-http-check-result-of-grub_netbuff_put-in-http_receive.patch | net/http: check result of grub_netbuff_put() in http_receive() | Robbie Harwood <rharwood@redhat.com> | no | 2023-04-25 | ||
| network/bootp-new-net_bootp6-command.patch | efinet + bootp: add net_bootp6 command supporting dhcpv6 Implement new net_bootp6 command for IPv6 network auto configuration via the DHCPv6 protocol (RFC3315). |
Peter Jones <pjones@redhat.com> | no | 2023-04-25 | ||
| network/efinet-add-structures-for-PXE-messages.patch | efinet: add structures for PXE messages When grub2 image is booted from UEFI IPv6 PXE, the DHCPv6 Reply packet is cached in firmware buffer which can be obtained by PXE Base Code protocol. The network interface can be setup through the parameters in that obtained packet. Augment existing structures to represent this, and make them agnostic between ipv4 and ipv6. |
Michael Chang <mchang@suse.com> | no | 2023-04-25 | ||
| network/bootp-process-dhcpack-http-boot.patch | bootp: Process DHCPACK packet during HTTP Boot The vendor class identifier with the string "HTTPClient" is used to denote the packet as responding to HTTP boot request. In DHCP4 config, the filename for HTTP boot is the URL of the boot file, while for PXE boot it is the path to the boot file. As a consequence, the next-server becomes obselete because the HTTP URL already contains the server address for the boot file. For DHCP6 config, there's no difference definition in existing config as dhcp6.bootfile-url can be used to specify URL for both HTTP and PXE boot file. Add processing for "HTTPClient" vendor class identifier in DHCPACK packet by treating it as HTTP format, not as the PXE format. |
Michael Chang <mchang@suse.com> | no | 2023-04-25 | ||
| network/efinet-Configure-network-from-UEFI-device-path.patch | efinet Configure network from UEFI device path The PXE Base Code protocol used to obtain cached PXE DHCPACK packet is no longer provided for HTTP Boot. Instead, we have to get the HTTP boot information from the device path nodes defined in following UEFI Specification sections. 9.3.5.12 IPv4 Device Path 9.3.5.13 IPv6 Device Path 9.3.5.23 Uniform Resource Identifiers (URI) Device Path This patch basically does: include/grub/efi/api.h: Add new structure for Uniform Resource Identifiers (URI) Device Path grub-core/net/drivers/efi/efinet.c: Check if PXE Base Code is available. If not, try to obtain the netboot information from the device path where the image booted from. The DHCPACK packet is recoverd from the information in device patch and fed into the same DHCP packet processing functions to ensure the network interface is set up the same way it used to be. |
Michael Chang <mchang@suse.com> | no | 2023-04-25 | ||
| network/efinet-set-dns-from-uefi-proto.patch | efinet: set DNS server from UEFI protocol In the URI device path node, any name rather than address can be used for looking up the resources so that DNS service become needed to get answer of the name's address. Unfortunately, DNS is not defined in any of the device path nodes so that we use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain it. These two protcols are defined the sections of UEFI specification. 27.5 EFI IPv4 Configuration II Protocol 27.7 EFI IPv6 Configuration Protocol include/grub/efi/api.h: Add new structure and protocol UUID of EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL. grub-core/net/drivers/efi/efinet.c: Use the EFI_IP4_CONFIG2_PROTOCOL and EFI_IP6_CONFIG_PROTOCOL to obtain the list of DNS server address for IPv4 and IPv6 respectively. The address of DNS servers is structured into DHCPACK packet and feed into the same DHCP packet processing functions to ensure the network interface is setting up the same way it used to be. (rebased against 2.12) |
Michael Chang <mchang@suse.com> | no | 2023-04-25 | ||
| network/support-uefi-networking-protocols.patch | Support UEFI networking protocols | Michael Chang <mchang@suse.com> | no | 2023-01-09 | ||
| network/efinet-also-use-the-firmware-acceleration-for-http.patch | efinet: also use the firmware acceleration for http | Peter Jones <pjones@redhat.com> | no | 2023-01-09 | ||
| network/efi-http-match-protocol-hostname-of-boot-url-in-root.patch | efi/http: match protocol+hostname of boot url in root_url This lets you write config files that don't know urls. |
Peter Jones <pjones@redhat.com> | no | 2023-01-09 | ||
| network/add-fw_path-variable-to-detect-config-file-on-efi.patch | Add fw_path variable to detect config file on efi This patch makes grub look for its config file on efi where the app was found. |
Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com> | no | 2023-01-09 | ||
| network/use-fw_path-prefix-when-fallback-searching-for-grub-config.patch | use fw_path prefix when fallback searching for grub config When PXE booting via UEFI firmware, grub was searching for grub.cfg in the fw_path directory where the grub application was found. If that didn't exist, a fallback search would look for config file names based on MAC and IP address. However, the search would look in the prefix directory which may not be the same fw_path. This patch changes that behavior to use the fw_path directory for the fallback search. Only if fw_path is NULL will the prefix directory be searched. |
Mark Salter <msalter@redhat.com> | no | 2023-01-09 | ||
| network/try-prefixes-for-tftp-config-file.patch | Try mac/guid/etc before grub.cfg on tftp config files | Peter Jones <pjones@redhat.com> | no | 2023-01-09 | ||
| network/prepend-prefix-when-http-path-is-relative.patch | Prepend prefix when HTTP path is relative This sets a couple of variables. With the url http://www.example.com/foo/bar : http_path: /foo/bar http_url: http://www.example.com/foo/bar |
Stephen Benjamin <stephen@redhat.com> | no | 2023-01-09 | ||
| network/efi-http-enclose-literal-ipv6-addresses-in-square-br.patch | efi/http: Enclose literal IPv6 addresses in square brackets According to RFC 2732 (https://www.ietf.org/rfc/rfc2732.txt), literal IPv6 addresses must be enclosed in square brackets. But GRUB currently does not do this and is causing HTTP servers to send Bad Request (400) responses. For example, the following is the HTTP stream when fetching a config file: HEAD /EFI/BOOT/grub.cfg HTTP/1.1 HTTP/1.1 400 Bad Request and after enclosing the IPv6 address the HTTP request is successful: HEAD /EFI/BOOT/grub.cfg HTTP/1.1 HTTP/1.1 200 OK |
Javier Martinez Canillas <javierm@redhat.com> | no | 2020-03-05 | ||
| network/http-prepend-prefix-when-the-http-path-is-relative.patch | http: Prepend prefix when the HTTP path is relative There are two different HTTP drivers that can be used when requesting an HTTP resource: the efi/http that uses the EFI_HTTP_PROTOCOL and the http that uses GRUB's HTTP and TCP/IP implementation. The efi/http driver appends a prefix that is defined in the variable http_path, but the http driver doesn't. So using this driver and attempting to fetch a resource using a relative path fails. Match the behavior of efi/http. |
Javier Martinez Canillas <javierm@redhat.com> | no | 2023-01-09 | ||
| network/discover-the-device-to-read-the-config-from-as-fallback.patch | normal/main: Discover the device to read the config from as a fallback When core.img is generated locally, the grub2-probe tool figures out the device and partition that needs to be read to parse the GRUB configuration file. But in some cases the core.img can't be generated on the host and instead has to be done at package build time. In particular, this will be true when it needs to be signed with a key that's only available on the package building infrastructure. In that case, the prefix variable won't have a device and partition but only a directory path. So there's no way for GRUB to know from which device has to read the configuration file. To allow GRUB to continue working on that scenario, fallback to iterating over all the available devices if reading the config failed when using the prefix and fw_path variables. |
Javier Martinez Canillas <javierm@redhat.com> | no | 2023-01-09 | ||
| network/efinet-add-dhcp-proxy-support.patch | efinet: Add DHCP proxy support If a proxyDHCP configuration is used, the server name, server IP and boot file values should be taken from the DHCP proxy offer instead of the DHCP server ack packet. |
Ian Page Hands <iphands@gmail.com> | no | 2023-01-09 | ||
| network/rhboot-http-message-field-size.patch | efi/http: change uint32_t to uintn_t Modify UINT32 to UINTN in EFI_HTTP_MESSAGE to be UEFI 2.9 compliant. |
Keng-Yu Lin <kengyu@hpe.com> | no | 2023-04-26 | ||
| skip-grub_cmd_set_date.patch | Skip flaky grub_cmd_set_date test | Colin Watson <cjwatson@debian.org> | no | debian | 2018-10-28 | |
| bash-completion-drop-have-checks.patch | bash-completion: Drop "have" checks These don't work with and aren't needed by dynamically-loaded completions. |
Colin Watson <cjwatson@debian.org> | no | debian | 2018-11-16 | |
| at_keyboard-module-init.patch | at_keyboard: initialize keyboard in module init if keyboard is ready The change in 0c62a5b2 caused at_keyboard to fail on some machines. Immediately initializing the keyboard in the module init if the keyboard is ready makes the problem go away. |
Jeroen Dekkers <jeroen@dekkers.ch> | no | debian | 2019-02-09 | |
| uefi-secure-boot-cryptomount.patch | Fix setup on Secure Boot systems where cryptodisk is in use On full-encrypted systems, including /boot, the current code omits cryptodisk commands needed to open the drives if Secure Boot is enabled. This prevents grub2 from reading any further configuration residing on the encrypted disk. This patch fixes this issue by adding the needed "cryptomount" commands in the load.cfg file that is then copied in the EFI partition. |
=?utf-8?q?Herv=C3=A9_Werner?= <dud225@hotmail.com> | no | debian | 2019-02-10 | |
| efi-variable-storage-minimise-writes.patch | Minimise writes to EFI variable storage Some UEFI firmware is easily provoked into running out of space in its variable storage. This is usually due to certain kernel drivers (e.g. pstore), but regardless of the cause it can cause grub-install to fail because it currently asks efibootmgr to delete and re-add entries, and the deletion often doesn't result in an immediate garbage collection. Writing variables frequently also increases wear on the NVRAM which may have limited write cycles. For these reasons, it's desirable to find a way to minimise writes while still allowing grub-install to ensure that a suitable boot entry exists. Unfortunately, efibootmgr doesn't offer an interface that would let grub-install do this. It doesn't in general make very much effort to minimise writes; it doesn't allow modifying an existing Boot* variable entry, except in certain limited ways; and current versions don't have a way to export the expected variable data so that grub-install can compare it to the current data. While it would be possible (and perhaps desirable?) to add at least some of this to efibootmgr, that would still leave the problem that there isn't a good upstreamable way for grub-install to guarantee that it has a new enough version of efibootmgr. In any case, it's cumbersome and slow for grub-install to have to fork efibootmgr to get things done. Fortunately, a few years ago Peter Jones helpfully factored out a substantial part of efibootmgr to the efivar and efiboot libraries, and so it's now possible to have grub-install use those directly. We still have to use some code from efibootmgr, but much less than would previously have been necessary. grub-install now reuses existing boot entries where possible, and avoids writing to variables when the new contents are the same as the old contents. In the common upgrade case where nothing needs to change, it no longer writes to NVRAM at all. It's also now slightly faster, since using libefivar is faster than forking efibootmgr. Fixes Debian bug #891434. |
Colin Watson <cjwatson@ubuntu.com> | yes | debian | 2019-03-23 | |
| xen-no-xsm-policy-in-non-xsm-options.patch | 20_linux_xen: Do not load XSM policy in non-XSM options For complicated reasons, even if you have XSM/FLASK disabled (as is the default) the Xen build system still builds a policy file and puts it in /boot. Even so, we shouldn't be loading this in the usual non-"XSM enabled" entries. It doesn't do any particular harm but it is quite confusing. |
Ian Jackson <ian.jackson@eu.citrix.com> | no | debian | 2020-05-29 | |
| pc-verifiers-module.patch | i386-pc: build verifiers API as module Given no core functions on i386-pc would require verifiers to work and the only consumer of the verifier API is the pgp module, it looks good to me that we can move the verifiers out of the kernel image and let moddep.lst to auto-load it when pgp is loaded on i386-pc platform. This helps to reduce the size of core image and thus can relax the tension of exploding on some i386-pc system with very short MBR gap size. See also a very comprehensive summary from Colin [1] about the details. [1] https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00240.html V2: Drop COND_NOT_i386_pc and use !COND_i386_pc. Add comment in kern/verifiers.c to help understanding what's going on without digging into the commit history. |
Michael Chang <mchang@suse.com> | no | debian | other, https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00251.html | 2021-09-24 |
| debug_verifiers.patch | Add debug to display what's going on with verifiers | Steve McIntyre <93sam@debian.org> | no | 2021-04-17 | ||
| mkimage-fix-section-sizes.patch | util/mkimage: Some fixes to PE binaries section size calculation Commit f60ba9e5945 (util/mkimage: Refactor section setup to use a helper) added a helper function to setup PE sections, but it caused regressions in some arches where the natural alignment lead to wrong section sizes. This patch fixes a few things that were caused the section sizes to be calculated wrongly. These fixes are: * Only align the virtual memory addresses but not the raw data offsets. * Use aligned sizes for virtual memory sizes but not for raw data sizes. * Always align the sizes to set the virtual memory sizes. These seems to not cause problems for x64 and aa64 EFI platforms but was a problem for ia64. Because the size of the ".data" and "mods" sections were wrong and didn't have the correct content. Which lead to GRUB not being able to load any built-in module. |
Javier Martinez Canillas <javierm@redhat.com> | no | debian | 2021-04-16 | |
| 987008-lvrename-boot-fail.patch | fix renamed LV detection It looks like the detection of the LVM logical volumes fails in certain edge conditions. In particular, it was reported that renaming an LV will make grub fail to boot from the system as it cannot properly detect it anymore. . I have looked at the code surrounding the patch and cannot claim to understand the entire function here, as it is huge and quite cryptic. But it seems sane: the `ptr` we're inspecting here starts at the `rlocn->offset`, but we were adding `mda_size` to the (somewhat) unrelated metadatabuf instead. Now we're marking the `mda_end` correctly, based on the rlocn->offsite and ->size. . I have not tested this myself as the test setup is quite involved, but it seems others (e.g. "Hoyer, David" <David.Hoyer@netapp.com>) have tested the patch and confirmed it worked. |
Rogier <rogier777@gmail.com> | yes | debian upstream | other | 2023-02-25 |
| grub_os-prober.patch | grub_os-prober | GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net> | no | 2023-06-19 | ||
| secure-boot/revert-efi-fallback-to-legacy.patch | Disable fallback to legacy mode if shim is loaded on x86 archs This reverts commits - 6425c12cd77ad51ad24be84c092aefacf0875089: this originally adds the fallback - e60015f574024584e43d1b3b245551e864aa8c4d: this triggers it in another case |
Julian Andres Klode <julian.klode@canonical.com> | no | 2023-07-19 | ||
| secure-boot/loader-framework.patch | efi: Provide wrappers for load_image, start_image, unload_image These can be used to register a different implementation later, for example, when shim provides a protocol with those functions. |
Julian Andres Klode <julian.klode@canonical.com> | no | 2023-07-24 | ||
| secure-boot/efi-use-peimage-shim.patch | efi: Provide a shim for load_image, start_image, unload_image Provide custom implementations of load_image(), start_image(), and unload_image() to workaround shim just forwarding those calls to the firmware. The code consumes a PE-COFF image loaded into memory. The functions * check validity of header * copy the sections * relocate the code * invalidate the instruction cache * execute the image * return to caller This was previously in use in Ubuntu on riscv64 and arm64 only, exposed as a single function grub_efi_run_image(). It was originally written by Heinrich and split up into 3 functions by Julian to integrate with the upstream boot loader. Caveats: - We do not always check for over and underflows, but at the point we reach this loader, the file has been verified by shim already, so this is not much of a concern. |
Julian Andres Klode <julian.klode@canonical.com> | no | 2023-07-24 | ||
| zstd-require-8-byte-buffer.patch | zstd: Require at least 8 byte buffer in entropy_common This fixes the build on s390x which was rightfully complaining that iend - 7 = buffer + 4 - 7 = buffer -3 is outside the array bounds. ../../grub-core/lib/zstd/entropy_common.c: In function ‘FSE_readNCount’: ../../grub-core/lib/zstd/entropy_common.c:121:28: error: array subscript -3 is outside array bounds of ‘char[4]’ [-Werror=array-bounds] 121 | if ((ip <= iend-7) || (ip + (bitCount>>3) <= iend-4)) { | ~~~~^~ ../../grub-core/lib/zstd/entropy_common.c:77:14: note: while referencing ‘buffer’ 77 | char buffer[4]; | ^~~~~~ ../../grub-core/lib/zstd/entropy_common.c:105:30: error: array subscript -1 is outside array bounds of ‘char[4]’ [-Werror=array-bounds] 105 | if (ip < iend-5) { | ~~~~^~ ../../grub-core/lib/zstd/entropy_common.c:77:14: note: while referencing ‘buffer’ 77 | char buffer[4]; | ^~~~~~ ../../grub-core/lib/zstd/entropy_common.c:150:28: error: array subscript -3 is outside array bounds of ‘char[4]’ [-Werror=array-bounds] 150 | if ((ip <= iend-7) || (ip + (bitCount>>3) <= iend-4)) { | ~~~~^~ ../../grub-core/lib/zstd/entropy_common.c:77:14: note: while referencing ‘buffer’ 77 | char buffer[4]; | ^~~~~~ This is fixed in more recent zstd versions in basically the same way, but the new versions needs more work to import. |
Julian Andres Klode <julian.klode@canonical.com> | no | 2021-12-02 | ||
| recovery-dis_ucode_ldr.patch | Pass dis_ucode_ldr to kernel for recovery mode In case of a botched microcode update, this allows people to easily roll back. It will of course break in the more unlikely event that you are missing a microcode update in your firmware that is needed to boot the system, but editing the entry to remove an option is easier than having to figure out the option and add it. |
Julian Andres Klode <julian.klode@canonical.com> | no | 2020-06-19 | ||
| hwmatch-only-on-grub-pc-platform.patch | Call hwmatch only on the grub-pc platform Call hwmatch only on i386/pc as it is only available there. This avoids "error: can't find command `hwmatch'." on e.g., x86_64/efi. The equivalent behavior is linux_gfx_mode=keep because grub is special: the `if hwmatch` clause is true on that error and `$match = 0` is true too, as it is undefined (confirmed in grub shell.) A quick fix for now. Before and After: grub> hwmatch error: can't find command `hwmatch'. grub> echo $grub_platform efi grub> echo $linux_gfx_mode keep |
Mauricio Faria de Oliveira <mfo@canonical.com> | no | debian | 2020-08-20 | |
| fat-fix-listing-the-root-directory.patch | fat: fix listing the root directory ls / for a FAT partition leads to error: invalid modification timestamp for /. Not all entries of the directory are displayed. Linux never updates the modification timestamp of the /. directory entry. The FAT specification allows the access and creation date fields to be zero. We should follow Linux and render initial FAT timestamps as start of the epoch. |
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | no | https://lists.gnu.org/archive/html/grub-devel/2022-01/msg00116.html | 2022-01-21 | |
| efivar-check-that-efivarfs-is-writeable.patch | [PATCH 1/1] efivar: check that efivarfs is writeable Some UEFI implementations (notably U-Boot) don't implement the SetVariable() runtime service. On these systems the GRUB installation must be completed manually. Write a warning in this case but avoid throwing an error. (LP: #1965288) |
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | no | 2022-03-18 | ||
| fdt-add-debug-output-to-devicetree-command.patch | [PATCH] fdt: add debug output to devicetree command For debugging we need feedback that the devicetree command has be executed. |
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | no | 2022-03-24 | ||
| fdt-device-tree-fixup-protocol.patch | [PATCH] efi: EFI Device Tree Fixup Protocol Device-trees are used to convey information about hardware to the operating system. Some of the properties are only known at boot time. (One example of such a property is the number of the boot hart on RISC-V systems.) Therefore the firmware applies fix-ups to the original device-tree. Some nodes and properties are added or altered. When using GRUB's device-tree command the same fix-ups have to be applied. The EFI Device Tree Fixup Protocol allows to pass the loaded device tree to the firmware for this purpose. The protocol can * add nodes and update properties * reserve memory according to the /reserved-memory node and the memory reservation block * install the device-tree as configuration table With the patch GRUB checks if the protocol is installed and invokes it if available. (LP: #1965796) |
Heinrich Schuchardt <xypron.glpk@gmx.de> | no | 2021-01-29 | ||
| extra_deps_lst.patch | Checkout "extra_deps.lst" from upstream/master This file is unfortunately missing from upstream release tarball. |
Mate Kukri <mate.kukri@canonical.com> | no | 2024-01-10 | ||
| install-signed.patch | Install signed images if UEFI Secure Boot is enabled | Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> | no | 2023-01-15 | ||
| grub-install-extra-removable.patch | Add support for forcing EFI installation to the removable media path Add an extra option to grub-install "--force-extra-removable". On EFI platforms, this will cause an extra copy of the grub-efi image to be written to the appropriate removable media patch /boot/efi/EFI/BOOT/BOOT$ARCH.EFI as well. This will help with broken UEFI implementations where the firmware does not work when configured with new boot paths. |
Steve McIntyre <93sam@debian.org> | invalid | debian | 2021-09-24 | |
| grub-install-removable-shim.patch | Deal with --force-extra-removable with signed shim too In this case, we need both the signed shim as /EFI/BOOT/BOOTXXX.EFI and signed Grub as /EFI/BOOT/grubXXX.efi. Also install the BOOTXXX.CSV into /EFI/debian, and FBXXX.EFI into /EFI/BOOT/ so that it can work when needed (*iff* we're updating the NVRAM). [cjwatson: Refactored also_install_removable somewhat for brevity and so that we're using consistent case-insensitive logic.] |
Steve McIntyre <93sam@debian.org> | no | debian | 2021-09-24 |