Package: grub2
Version: 2.04-7
Tags: patch
Hi. Please find a followup patch to my recently-incorporated MR
https://salsa.debian.org/grub-team/grub/-/merge_requests/18
Sorry about this. I have only just discovered this wrinkle.
For a fuller explanation of this slightly suboptimal situation, see
this posting of mine to the xen-devel list and various Xen folks:
https://lists.xenproject.org/archives/html/xen-devel/2020-05/msg01710.html
Thanks,
Ian.
>From 143c0b32f7db83ca63bb80b9bd9486dd62dffc71 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ian.jack...@eu.citrix.com>
Date: Wed, 27 May 2020 17:00:45 +0100
Subject: [PATCH] 20_linux_xen: Do not load XSM policy in non-XSM options
For complicated reasons, even if you have XSM/FLASK disabled (as is
the default) the Xen build system still builds a policy file and puts
it in /boot.
Even so, we shouldn't be loading this in the usual non-"XSM enabled"
entries. It doesn't do any particular harm but it is quite confusing.
Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
---
util/grub.d/20_linux_xen.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
index 7a092b898..cbad5f95a 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
@@ -173,7 +173,7 @@ EOF
${module_loader} --nounzip $(echo $initrd_path)
EOF
fi
- if test -n "${xenpolicy}" ; then
+ if ${xsm} && test -n "${xenpolicy}" ; then
message="$(gettext_printf "Loading XSM policy ...")"
sed "s/^/$submenu_indentation/" << EOF
echo '$(echo "$message" | grub_quote)'
--
2.20.1
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.
