From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1prcOl-0004Ws-HC
	for mharc-grub-devel@gnu.org; Wed, 26 Apr 2023 06:29:19 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <steve@einval.com>) id 1prcOj-0004We-Ch
 for grub-devel@gnu.org; Wed, 26 Apr 2023 06:29:17 -0400
Received: from cheddar.halon.org.uk ([93.93.131.118])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <steve@einval.com>) id 1prcOh-00017z-9o
 for grub-devel@gnu.org; Wed, 26 Apr 2023 06:29:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=einval.com; 
 s=default;
 h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:
 Subject:Cc:To:From:Date:From:Reply-To:Subject:Content-Transfer-Encoding:
 Content-ID:Content-Description:X-Debbugs-Cc;
 bh=nV451Nr3Tk7NznvHEAyBq/MlPYHarqowuH60yorGiUM=; b=0J2LNbR4l1u77hcRF4B+oBB40H
 vHCpv2M+o9gthk6aUcpOlQmlruVV3ky1ruZpXcQwTcFLIlq0IcvzA3eozWopbvvDpTCOD4kJpVFKw
 NFB4pH1MqnRfEnA5malmS6tzCEAre7CPok6QzSHvNKS272E4x9gpnI6ZAFOHQ+GCqilQLZZJstQl7
 C8MAKRjm7iBODFS0JGi46yZU8c11In5v4530hGphExitG4tznwKhp3n1d3ClH1fn7adD8rc+MNDhJ
 a36HplFt20YhfEcUwC0rfEouJ5pSxLenuT9fPnOejJw0IoK7UPRMBnDJEWTBwpwda9Iip7ShPQmSS
 DPFeT8hA==;
Received: from bsmtp by cheddar.halon.org.uk with local-bsmtp (Exim 4.92)
 (envelope-from <steve@einval.com>)
 id 1prcOb-00034M-Ro; Wed, 26 Apr 2023 11:29:09 +0100
Received: from steve by tack.einval.org with local (Exim 4.94.2)
 (envelope-from <steve@einval.com>)
 id 1prcO5-00BLIZ-2V; Wed, 26 Apr 2023 11:28:37 +0100
Date: Wed, 26 Apr 2023 11:28:37 +0100
From: Steve McIntyre <steve@einval.com>
To: The development of GNU GRUB <grub-devel@gnu.org>
Cc: daniel.kiper@oracle.com, Chris Coulson <chris.coulson@canonical.com>
Subject: Re: [PATCH] font: Try opening fonts from the bundled memdisk
Message-ID: <20230426102826.GE812714@tack.einval.com>
References: <20230426100652.150775-1-chris.coulson@canonical.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20230426100652.150775-1-chris.coulson@canonical.com>
X-attached: none
User-Agent: Mutt/1.10.1 (2018-07-13)
Received-SPF: pass client-ip=93.93.131.118; envelope-from=steve@einval.com;
 helo=cheddar.halon.org.uk
X-Spam_score_int: -43
X-Spam_score: -4.4
X-Spam_bar: ----
X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2023 10:29:17 -0000

We're running with this patch in Debian builds right now and it's
working well...

Reviewed-by: Steve McIntyre <93sam@debian.org>
Tested-by: Steve McIntyre <93sam@debian.org>

(whichever you prefer!)

On Wed, Apr 26, 2023 at 12:06:52PM +0200, Chris Coulson wrote:
>Grub since 93a786a00163e50c29f0394df198518617e1c9a5 has enforced
>verification of font files in secure boot mode. In order to continue to
>be able to load some default fonts, vendors may bundle them with their
>signed EFI image by adding them to the built-in memdisk.
>
>This change makes the font loader try loading fonts from the memdisk
>before the prefix path when attempting to load a font file by specifying
>its filename, which avoids having to make changes to grub configurations
>in order to accommodate memdisk bundled fonts. It expects the directory
>structure to be the same as fonts stored in the prefix path
>(ie, /fonts/<name>.pf2).
>
>Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
>---
> grub-core/font/font.c | 48 ++++++++++++++++++++++++++++---------------
> 1 file changed, 31 insertions(+), 17 deletions(-)
>
>diff --git a/grub-core/font/font.c b/grub-core/font/font.c
>index 24adcb35a..7c83467a3 100644
>--- a/grub-core/font/font.c
>+++ b/grub-core/font/font.c
>@@ -415,6 +415,27 @@ read_section_as_short (struct font_file_section *section,
>   return 0;
> }
> 
>+static grub_file_t
>+try_open_from_prefix (const char *prefix, const char *filename)
>+{
>+  grub_file_t file;
>+  char *fullname, *ptr;
>+
>+  fullname = grub_malloc (grub_strlen (prefix) + grub_strlen (filename) + 1
>+			  + sizeof ("/fonts/") + sizeof (".pf2"));
>+  if (!fullname)
>+    return 0;
>+  ptr = grub_stpcpy (fullname, prefix);
>+  ptr = grub_stpcpy (ptr, "/fonts/");
>+  ptr = grub_stpcpy (ptr, filename);
>+  ptr = grub_stpcpy (ptr, ".pf2");
>+  *ptr = 0;
>+
>+  file = grub_buffile_open (fullname, GRUB_FILE_TYPE_FONT, 1024);
>+  grub_free (fullname);
>+  return file;
>+}
>+
> /* Load a font and add it to the beginning of the global font list.
>    Returns 0 upon success, nonzero upon failure.  */
> grub_font_t
>@@ -433,25 +454,18 @@ grub_font_load (const char *filename)
>     file = grub_buffile_open (filename, GRUB_FILE_TYPE_FONT, 1024);
>   else
>     {
>-      const char *prefix = grub_env_get ("prefix");
>-      char *fullname, *ptr;
>-      if (!prefix)
>+      file = try_open_from_prefix ("(memdisk)", filename);
>+      if (!file)
> 	{
>-	  grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("variable `%s' isn't set"),
>-		      "prefix");
>-	  goto fail;
>+	  const char *prefix = grub_env_get ("prefix");
>+	  if (!prefix)
>+	    {
>+	      grub_error (GRUB_ERR_FILE_NOT_FOUND, N_("variable `%s' isn't set"),
>+			  "prefix");
>+	      goto fail;
>+	    }
>+	  file = try_open_from_prefix (prefix, filename);
> 	}
>-      fullname = grub_malloc (grub_strlen (prefix) + grub_strlen (filename) + 1
>-			      + sizeof ("/fonts/") + sizeof (".pf2"));
>-      if (!fullname)
>-	goto fail;
>-      ptr = grub_stpcpy (fullname, prefix);
>-      ptr = grub_stpcpy (ptr, "/fonts/");
>-      ptr = grub_stpcpy (ptr, filename);
>-      ptr = grub_stpcpy (ptr, ".pf2");
>-      *ptr = 0;
>-      file = grub_buffile_open (fullname, GRUB_FILE_TYPE_FONT, 1024);
>-      grub_free (fullname);
>     }
>   if (!file)
>     goto fail;
>-- 
>2.39.2
>
>
>_______________________________________________
>Grub-devel mailing list
>Grub-devel@gnu.org
>https://lists.gnu.org/mailman/listinfo/grub-devel
-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
'There is some grim amusement in watching Pence try to run the typical
 "politician in the middle of a natural disaster" playbook, however
 incompetently, while Trump scribbles all over it in crayon and eats some
 of the pages.'   -- Russ Allbery