Re: [PATCH] Refuse to install on XFS destroying its superblock

[Robert Millan <rmh@aybabtu.com>]

[-- Attachment #1: Type: text/plain, Size: 566 bytes --]


Ok, let's try this:  We refuse to install on a partition UNLESS:

  - A filesystem can be identified in it.

  - This filesystem is known to reserve the first block for DOS-style
    chainload.

If these conditions aren't met, user will have to override our check.

Patch attached.  Also in people/robertmh/grub-setup-fs-probe.

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."

[-- Attachment #2: fs_probe.diff --]
[-- Type: text/x-diff, Size: 4579 bytes --]

=== modified file 'ChangeLog'
--- ChangeLog	2009-10-24 23:13:27 +0000
+++ ChangeLog	2009-10-24 23:57:58 +0000
@@ -1,5 +1,15 @@
 2009-10-25  Robert Millan  <rmh.grub@aybabtu.com>
 
+	* include/grub/fs.h (struct grub_fs): Add `reserved_first_sector'
+	member.
+	* fs/ext2.c (grub_ext2_fs): Initialize `reserved_first_sector' to 1.
+	* util/i386/pc/grub-setup.c (setup): Add safety check that probes for
+	filesystems which begin at first sector.
+	(options): New option --skip-fs-probe.
+	(main): Handle --skip-fs-probe and pass it to setup().
+
+2009-10-25  Robert Millan  <rmh.grub@aybabtu.com>
+
 	* fs/cpio.c [MODE_USTAR]: Finish `tar' module instead of
 	`cpio'.
 	[! MODE_USTAR]: Finish `cpio' module instead of `tar'.

=== modified file 'fs/ext2.c'
--- fs/ext2.c	2009-07-19 13:59:21 +0000
+++ fs/ext2.c	2009-10-24 23:57:58 +0000
@@ -924,6 +924,7 @@
     .label = grub_ext2_label,
     .uuid = grub_ext2_uuid,
     .mtime = grub_ext2_mtime,
+    .reserved_first_sector = 1,
     .next = 0
   };
 

=== modified file 'include/grub/fs.h'
--- include/grub/fs.h	2009-06-10 21:04:23 +0000
+++ include/grub/fs.h	2009-10-24 23:57:58 +0000
@@ -68,6 +68,11 @@
   /* Get writing time of filesystem. */
   grub_err_t (*mtime) (grub_device_t device, grub_int32_t *timebuf);
 
+#ifdef GRUB_UTIL
+  /* Whether this filesystem reserves first sector for DOS-style boot.  */
+  int reserved_first_sector;
+#endif
+
   /* The next filesystem.  */
   struct grub_fs *next;
 };

=== modified file 'util/i386/pc/grub-setup.c'
--- util/i386/pc/grub-setup.c	2009-08-25 08:28:13 +0000
+++ util/i386/pc/grub-setup.c	2009-10-24 23:57:58 +0000
@@ -86,7 +86,7 @@
 static void
 setup (const char *dir,
        const char *boot_file, const char *core_file,
-       const char *root, const char *dest, int must_embed, int force)
+       const char *root, const char *dest, int must_embed, int force, int fs_probe)
 {
   char *boot_path, *core_path, *core_path_dev;
   char *boot_img, *core_img;
@@ -251,6 +251,21 @@
   if (grub_disk_read (dest_dev->disk, 0, 0, GRUB_DISK_SECTOR_SIZE, tmp_img))
     grub_util_error ("%s", grub_errmsg);
 
+  if (dest_dev->disk->partition && fs_probe)
+    {
+      grub_fs_t fs;
+      fs = grub_fs_probe (dest_dev);
+      if (! fs)
+	grub_util_error ("Unable to identify a filesystem in %s; safety check can't be performed.");
+
+      if (! fs->reserved_first_sector)
+	grub_util_error ("%s appears to contain a %s filesystem which isn't known to "
+			 "reserve space for DOS-style boot.  Installing GRUB there could "
+			 "result in FILESYSTEM DESTRUCTION if valuable data is overwritten "
+			 "by grub-setup (--skip-fs-probe disables this "
+			 "check, use at your own risk).", dest_dev->disk->name, fs->name);
+    }
+
   /* Copy the possible DOS BPB.  */
   memcpy (boot_img + GRUB_BOOT_MACHINE_BPB_START,
 	  tmp_img + GRUB_BOOT_MACHINE_BPB_START,
@@ -556,6 +571,7 @@
     {"device-map", required_argument, 0, 'm'},
     {"root-device", required_argument, 0, 'r'},
     {"force", no_argument, 0, 'f'},
+    {"skip-fs-probe", no_argument, 0, 's'},
     {"help", no_argument, 0, 'h'},
     {"version", no_argument, 0, 'V'},
     {"verbose", no_argument, 0, 'v'},
@@ -580,6 +596,7 @@
   -m, --device-map=FILE   use FILE as the device map [default=%s]\n\
   -r, --root-device=DEV   use DEV as the root device [default=guessed]\n\
   -f, --force             install even if problems are detected\n\
+  -s, --skip-fs-probe     do not probe for filesystems in DEVICE\n\
   -h, --help              display this message and exit\n\
   -V, --version           print version information and exit\n\
   -v, --verbose           print verbose messages\n\
@@ -613,7 +630,7 @@
   char *dev_map = 0;
   char *root_dev = 0;
   char *dest_dev;
-  int must_embed = 0, force = 0;
+  int must_embed = 0, force = 0, fs_probe = 1;
 
   progname = "grub-setup";
 
@@ -666,6 +683,10 @@
 	    force = 1;
 	    break;
 
+	  case 's':
+	    fs_probe = 0;
+	    break;
+
 	  case 'h':
 	    usage (0);
 	    break;
@@ -767,7 +788,7 @@
 	  setup (dir ? : DEFAULT_DIRECTORY,
 		 boot_file ? : DEFAULT_BOOT_FILE,
 		 core_file ? : DEFAULT_CORE_FILE,
-		 root_dev, grub_util_get_grub_dev (devicelist[i]), 1, force);
+		 root_dev, grub_util_get_grub_dev (devicelist[i]), 1, force, fs_probe);
 	}
     }
   else
@@ -776,7 +797,7 @@
     setup (dir ? : DEFAULT_DIRECTORY,
 	   boot_file ? : DEFAULT_BOOT_FILE,
 	   core_file ? : DEFAULT_CORE_FILE,
-	   root_dev, dest_dev, must_embed, force);
+	   root_dev, dest_dev, must_embed, force, fs_probe);
 
   /* Free resources.  */
   grub_fini_all ();