grub: clean up CVE patches

Clean up several patches introduced in commit 6732918498 ("grub:fix
several CVEs in grub 2.04").

1) Add CVE tags to individual patches.
2) Rename upstream patches and prefix them with CVE tags.
3) Add description of reference to upstream patch.

(From OE-Core rev: 4f395ad49ef9035954d0fda7b7df14dea18b49a0)

Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bcb8b6719beaf6625e6b703e91958fe8afba5819)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-bsp/grub/files/CVE-2020-14308-calloc-Use-calloc-at-most-places.patch

@@ -19,11 +19,15 @@ Among other issues, this fixes:
 
 Fixes: CVE-2020-14308
 
-Upstream-Status: Backport [commit f725fa7cb2ece547c5af01eeeecfe8d95802ed41
-from https://git.savannah.gnu.org/git/grub.git]
-
 Signed-off-by: Peter Jones <pjones@redhat.com>
 Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-14308
+
+Reference to upstream patch:
+https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f725fa7cb2ece547c5af01eeeecfe8d95802ed41
+
 [YL: don't patch on grub-core/lib/json/json.c, which is not existing in grub 2.04]
 Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
 ---

meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch

@@ -26,11 +26,15 @@ Among other issues, this fixes:
 
 Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
 
-Upstream-Status: Backport [commit 3f05d693d1274965ffbe4ba99080dc2c570944c6
-from https://git.savannah.gnu.org/git/grub.git]
-
 Signed-off-by: Peter Jones <pjones@redhat.com>
 Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
+
+Reference to upstream patch:
+https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f05d693d1274965ffbe4ba99080dc2c570944c6
+
 Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
 ---
  grub-core/commands/legacycfg.c | 29 +++++++++++++++++++-----

meta/recipes-bsp/grub/files/CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch

@@ -19,11 +19,15 @@ dependent on the current behaviour without being broken.
 
 Fixes: CVE-2020-15706
 
-Upstream-Status: Backport [commit 426f57383d647406ae9c628c472059c27cd6e040
-from https://git.savannah.gnu.org/git/grub.git]
-
 Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
 Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-15706
+
+Reference to upstream patch:
+https://git.savannah.gnu.org/cgit/grub.git/commit/?id=426f57383d647406ae9c628c472059c27cd6e040
+
 Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
 ---
  grub-core/script/execute.c  |  2 ++

meta/recipes-bsp/grub/files/CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch

@@ -7,12 +7,16 @@ These could be triggered by a crafted filesystem with very large files.
 
 Fixes: CVE-2020-15707
 
-Upstream-Status: Backport [commit e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
-from https://git.savannah.gnu.org/git/grub.git]
-
 Signed-off-by: Colin Watson <cjwatson@debian.org>
 Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
 Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-15707
+
+Reference to upstream patch:
+https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
+
 Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
 ---
  grub-core/loader/linux.c | 74 +++++++++++++++++++++++++++++++++++-------------

meta/recipes-bsp/grub/grub2.inc

@@ -19,14 +19,14 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
            file://grub-module-explicitly-keeps-symbole-.module_license.patch \
            file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
            file://CVE-2020-10713.patch \
-           file://0001-calloc-Make-sure-we-always-have-an-overflow-checking.patch \
-           file://0002-lvm-Add-LVM-cache-logical-volume-handling.patch \
-           file://0003-calloc-Use-calloc-at-most-places.patch \
-           file://0004-safemath-Add-some-arithmetic-primitives-that-check-f.patch \
-           file://0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch \
-           file://0006-script-Remove-unused-fields-from-grub_script_functio.patch \
-           file://0007-script-Avoid-a-use-after-free-when-redefining-a-func.patch \
-           file://0008-linux-Fix-integer-overflows-in-initrd-size-handling.patch \
+           file://calloc-Make-sure-we-always-have-an-overflow-checking.patch \
+           file://lvm-Add-LVM-cache-logical-volume-handling.patch \
+           file://CVE-2020-14308-calloc-Use-calloc-at-most-places.patch \
+           file://safemath-Add-some-arithmetic-primitives-that-check-f.patch \
+           file://CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch \
+           file://script-Remove-unused-fields-from-grub_script_functio.patch \
+           file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch \
+           file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch \
 "
 SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
 SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"