This patch reserves space for the GRUB environment block inside the
Btrfs header. The block is placed at an offset of GRUB_ENV_BTRFS_OFFSET,
256 KiB from the start of the device, and occupies one sector. To
protect the space, overflow guard sectors are placed before and after
the reserved block.
The Btrfs header already defines regions for bootloader use. By adding
this entry, GRUB gains a fixed and safe location to store the environment
block without conflicting with other structures in the header.
Add Btrfs and its reserved area information to the fs_envblk_spec table.
With the groundworks done in previous patches, the function is now
complete and working in grub-editenv.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the probe_fs_envblk() function to identify the root
filesystem and invoke fs_envblk_init() with the probed filesystem type
and device. This checks if the feature is available and initializes the
handle, fs_envblk, to access the external environment block. It avoids
configurations with diskfilter or cryptodisk where filesystem blocks may
be remapped or encrypted.
The probe is only invoked when grub-editenv is working on the default
environment file path. This restriction ensures that probing and
possible raw device access are not triggered for arbitrary user supplied
paths, but only for the standard grubenv file. In that case the code
checks if the filename equals DEFAULT_ENVBLK_PATH and then calls
probe_fs_envblk with fs_envblk_spec. The result is stored in the global
fs_envblk handle. At this stage the external environment block is only
detected and recorded, and the behavior of grub-editenv is unchanged.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch updates list_variables() so that it also prints entries from
the external environment block when one is present. The function first
lists all variables from the file based envblk, then iterates over the
external envblk and prints those as well.
The output format remains the same as before. The change makes it
possible to inspect variables regardless of whether they are stored in
the file envblk or in the reserved block.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch updates unset_variables() so that removals are also applied
to the external environment block when it is present. The code opens the
external block, deletes the same named keys there, and then writes the
external block back using fs_envblk_write(). The file based envblk is
still updated and written as before.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch changes set_variables() so that it can use an external
environment block when one is present. The variable next_entry is
written into the external block, env_block is treated as read only, and
all other variables are written into the normal file based envblk.
A cleanup step is added to handle cases where GRUB at runtime writes
variables into the external block because file based updates are not
safe on a copy on write filesystem such as Btrfs. For example, the
savedefault command can update saved_entry, and on Btrfs GRUB will place
that update in the external block instead of the file envblk. If an
older copy remains in the external block, it would override the newer
value from the file envblk when GRUB first loads the file and then
applies the external block on top of it. To avoid this, whenever
a variable is updated in the file envblk, any same named key in
the external block is deleted.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the function fs_envblk_write to update the reserved
environment block on disk. The helper takes an in memory envblk buffer
and writes it back to the device at the location defined by the
fs_envblk specification. It performs size checks and uses file sync to
ensure that the updated data is flushed.
The helper is also added into the fs_envblk ops table, together with the
open helper from the previous patch. With this change the basic input
and output path for an external environment block is complete. The
choice of which variables should be written externally will be handled
by later patches.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the logic to locate and open an environment block that
is stored in a reserved area on the device. It introduces the function
fs_envblk_open() together with helper routines to read the block pointed
to by the env_block variable, and to create the block on disk when it
does not exist yet. When a block is created, the code records its
location inside the file based envblk by setting env_block in block list
syntax of offset plus size in sectors.
The env_block variable acts as a link from the file envblk to the raw
disk region so that later runs of grub-editenv can follow it and access
the external block. The helper is exposed through a small ops table
attached to fs_envblk so that later patches can call
fs_envblk->ops->open() without touching core code again. At this stage
variables are still stored in the file envblk and no redirection has
been applied.
In relation to this, the fs_envblk_spec table defines the file-system
specific layout of the reserved raw blocks used for environment storage.
It is prepared to facilitate integration in grub-editenv, with Btrfs to
be added in the future once its reserved area is defined.
An fs_envblk_init() helper is added to prepare it for using the ops with
its associated data context if the feature is available. It is not used
yet, but will be used later when a filesystem and its device are probed
to initialize the fs_envblk handle and enable access to the feature.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The return value of ftell() may be negative (-1) on error. While it is
probably unlikely to occur, we should not blindly cast to an unsigned
value without first testing that it is not negative.
Fixes: CID 73856
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Many of GRUB's utilities don't check anywhere near all the possible
write errors. For example, if grub-install runs out of space when
copying a file, it won't notice. There were missing checks for the
return values of write, fflush, fsync, and close (or the equivalents on
other OSes), all of which must be checked.
I tried to be consistent with the existing logging practices of the
various hostdisk implementations, but they weren't entirely consistent
to start with so I used my judgement. The result at least looks
reasonable on GNU/Linux when I provoke a write error:
Installing for x86_64-efi platform.
grub-install: error: cannot copy `/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed' to `/boot/efi/EFI/debian/grubx64.efi': No space left on device.
There are more missing checks in other utilities, but this should fix
the most critical ones.
Fixes Debian bug #922741.
Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
Reviewed-by: Steve McIntyre <93sam@debian.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
as printf format strings; the translations might contain '%' which
could cause a crash.
(main): Likewise.
* util/grub-fstest.c (argp_parser): Likewise.
* util/grub-setup.c (argp_parser): Likewise.
(main): Likewise.
* util/grub-editenv.c (main): If only a command is given, use
DEFAULT_DIRECTORY "/" GRUB_ENVBLK_DEFCFG as a default file name.
(usage): FILENAME is now optional and has a default.
Make the format of Environment Block plain text. The boot loader
part is not tested well yet.
* util/grub-editenv.c (DEFAULT_ENVBLK_SIZE): New macro.
(buffer): Removed.
(envblk): Likewise.
(usage): Remove "info" and "clear". Add "unset". Update the
description of "set", as this does not delete variables any
longer.
(create_envblk_file): Complete rewrite.
(open_envblk_file): Likewise.
(cmd_info): Removed.
(cmd_list): Likewise.
(cmd_set): Likewise.
(cmd_clear): Likewise.
(list_variables): New function.
(write_envblk): Likewise.
(set_variables): Likewise.
(unset_variables): Likewise.
(main): Complete rewrite.
* commands/loadenv.c (buffer): Removed.
(envblk): Likewise.
(open_envblk_file): New function.
(read_envblk_file): Complete rewrite.
(grub_cmd_load_env): Likewise.
(grub_cmd_list_env): Likewise.
(struct blocklist): New struct.
(free_blocklists): New function.
(check_blocklists): Likewise.
(write_blocklists): Likewise.
(grub_cmd_save_env): Complete rewrite.
* include/grub/lib/envblk.h (GRUB_ENVBLK_SIGNATURE): Replaced with
a plain text signature.
(GRUB_ENVBLK_MAXLEN): Removed.
(struct grub_envblk): Complete rewrite.
(grub_envblk_find): Removed.
(grub_envblk_insert): Likewise.
(grub_envblk_open): New prototype.
(grub_envblk_set): Likewise.
(grub_envblk_delete): Put const to VALUE.
(grub_envblk_iterate): Put const to NAME and VALUE.
(grub_envblk_close): New prototype.
(grub_envblk_buffer): New inline function.
(grub_envblk_size): Likewise.
* lib/envblk.c: Include grub/mm.h.
(grub_env_find): Removed.
(grub_envblk_open): New function.
(grub_envblk_close): Likewise.
(escaped_value_len): Likewise.
(find_next_line): Likewise.
(grub_envblk_insert): Removed.
(grub_envblk_set): New function.
(grub_envblk_delete): Complete rewrite.
(grub_envblk_iterate): Likewise.
Modularize at_keyboard.mod:
* conf/i386.rmk (pkglib_MODULES): Add `at_keyboard.mod'.
(at_keyboard_mod_SOURCES, at_keyboard_mod_CFLAGS)
(at_keyboard_mod_LDFLAGS): New variables.
Actual terminal split:
* include/grub/term.h (struct grub_term): Split in ...
(struct grub_term_input): ... this, and ...
(struct grub_term_output): ... this. Update all users.
(grub_term_set_current): Split in ...
(grub_term_set_current_input): ... this, and ...
(grub_term_set_current_output): ... this.
(grub_term_get_current): Split in ...
(grub_term_get_current_input): ... this, and ...
(grub_term_get_current_output): ... this.
(grub_term_register): Split in ...
(grub_term_register_input): ... this, and ...
(grub_term_register_output): ... this.
(grub_term_unregister): Split in ...
(grub_term_unregister_input): ... this, and ...
(grub_term_unregister_output): ... this.
(grub_term_iterate): Split in ...
(grub_term_iterate_input): ... this, and ...
(grub_term_iterate_output): ... this.
* kern/term.c (grub_term_list): Split in ...
(grub_term_list_input): ... this, and ...
(grub_term_list_output): ... this. Update all users.
(grub_cur_term): Split in ...
(grub_cur_term_input): ... this, and ...
(grub_cur_term_output): ... this. Update all users.
(grub_term_set_current): Split in ...
(grub_term_set_current_input): ... this, and ...
(grub_term_set_current_output): ... this.
(grub_term_get_current): Split in ...
(grub_term_get_current_input): ... this, and ...
(grub_term_get_current_output): ... this.
(grub_term_register): Split in ...
(grub_term_register_input): ... this, and ...
(grub_term_register_output): ... this.
(grub_term_unregister): Split in ...
(grub_term_unregister_input): ... this, and ...
(grub_term_unregister_output): ... this.
(grub_term_iterate): Split in ...
(grub_term_iterate_input): ... this, and ...
(grub_term_iterate_output): ... this.
* kern/misc.c (grub_abort): Split use of grub_term_get_current() into
a check for input and one for output (and only attempt to get keys
from user when input works).
* util/grub-probe.c (grub_term_get_current): Split in ...
(grub_term_get_current_input): ... this, and ...
(grub_term_get_current_output): ... this.
* util/grub-fstest.c: Likewise.
* util/i386/pc/grub-setup.c: Likewise.
* util/grub-editenv.c: Likewise.
Portability adjustments:
* conf/i386-ieee1275.rmk (kernel_elf_SOURCES): Remove
`term/i386/pc/at_keyboard.c'.
* kern/ieee1275/init.c [__i386__] (grub_machine_init): Remove call to
grub_keyboard_controller_init() (now handled by terminal .init).
* kern/i386/coreboot/init.c (grub_machine_init): Add call to
grub_at_keyboard_init().
* include/grub/i386/ieee1275/console.h (grub_keyboard_controller_init)
(grub_console_checkkey, grub_console_getkey): Remove (now provided by
at_keyboard.mod via input terminal interface).
* include/grub/i386/coreboot/console.h: Convert into a stub for
`<grub/i386/pc/console.h>'.
Migrate full terminals to new API:
* term/efi/console.c (grub_console_term): Split into ...
(grub_console_term_input): ... this, and ...
(grub_console_term_output): ... this. Update all users.
* term/ieee1275/ofconsole.c: Remove __i386__ hack.
(grub_ofconsole_init): Split into ...
(grub_ofconsole_init_input): ... this, and ...
(grub_ofconsole_init_output): ... this.
(grub_ofconsole_term): Split into ...
(grub_ofconsole_term_input): ... this, and ...
(grub_ofconsole_term_output): ... this. Update all users.
* term/i386/pc/serial.c (grub_serial_term): Split into ...
(grub_serial_term_input): ... this, and ...
(grub_serial_term_output): ... this. Update all users.
* term/i386/pc/console.c (grub_console_term): Split into ...
(grub_console_term_input): ... this, and ...
(grub_console_term_output): ... this. Update all users.
(grub_console_term_input): Only enable it on PC/BIOS platform.
(grub_console_init): Remove grub_keyboard_controller_init() call.
Migrate input terminals to new API:
* term/i386/pc/at_keyboard.c: Replace `cpu' and `machine' with
`i386' and `i386/pc' to enable build on x86_64 (this driver is
i386-specific anyway).
(grub_console_checkkey): Rename to ...
(grub_at_keyboard_checkkey): ... this. Static-ize. Update all
users.
(grub_keyboard_controller_orig): New variable.
(grub_console_getkey): Rename to ...
(grub_at_keyboard_getkey): ... this. Static-ize. Update all
users.
(grub_keyboard_controller_init): Static-ize. Save original
controller value so that it can be restored ...
(grub_keyboard_controller_fini): ... here (new function).
(grub_at_keyboard_term): New structure.
(GRUB_MOD_INIT(at_keyboard), GRUB_MOD_FINI(at_keyboard)): New
functions.
Migrate output terminals to new API:
* term/i386/pc/vga.c (grub_vga_term): Change type to
`struct grub_term_output'. Remove `.checkkey' and `.getkey'
members. Update all users.
* term/gfxterm.c (grub_video_term): Change type to
`struct grub_term_output'. Remove `.checkkey' and `.getkey'
members. Update all users.
* include/grub/i386/pc/console.h (grub_console_checkkey)
(grub_console_getkey): Do not export (no longer needed by gfxterm,
etc).
Migrate `terminal' command and userland tools to new API:
* commands/terminal.c (grub_cmd_terminal): Split into ...
(grub_cmd_terminal_input): ... this, and ...
(grub_cmd_terminal_output): ... this.
(GRUB_MOD_INIT(terminal)): Split `terminal' command in two commands:
`terminal_input' and `terminal_output'.
* util/grub.d/00_header.in: Adjust `terminal' calls to new
`terminal_input' / `terminal_output' API.
* util/grub-mkconfig.in: Export ${GRUB_TERMINAL_INPUT} and
${GRUB_TERMINAL_OUTPUT} instead of ${GRUB_TERMINAL} (and if user
provided ${GRUB_TERMINAL}, convert it).
