diff --git a/0314-Revert-Disable-multiboot-multiboot2-and-linux16-modu.patch b/0314-Revert-Disable-multiboot-multiboot2-and-linux16-modu.patch
new file mode 100644
index 0000000..6653e65
--- /dev/null
+++ b/0314-Revert-Disable-multiboot-multiboot2-and-linux16-modu.patch
@@ -0,0 +1,48 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Thu, 11 Jul 2019 13:04:21 +0200
+Subject: [PATCH] Revert "Disable multiboot, multiboot2, and linux16 modules on
+ EFI builds."
+
+This reverts commit 155d4e84604 which disabled building the multiboot and
+multiboot2 modules on EFI builds. But that made the menu entries created
+by the Xen package to stop working since they use the multiboot2 module.
+
+The mentioned commit disabled building the multiboot{,2} modules because
+they can be used to bypass the Secure Boot mechanism. But it's enough to
+not include these modules in the grub2 EFI binary that's signed, which
+is the case already in the grub2 package.
+
+Having them as modules if the user installs the grub2-efi-x64-modules is
+a valid use case. And since module loading isn't allowed when Secure Boot
+is enabled, it doesn't represent any security threat.
+
+Resolves: rhbz#1703872
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ grub-core/Makefile.core.def | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
+index 8a00c6177e1..b662312ca6f 100644
+--- a/grub-core/Makefile.core.def
++++ b/grub-core/Makefile.core.def
+@@ -1696,7 +1696,7 @@ module = {
+ 
+   common = loader/multiboot.c;
+   common = loader/multiboot_mbi2.c;
+-  enable = i386_pc;
++  enable = x86;
+   enable = mips;
+ };
+ 
+@@ -1705,7 +1705,7 @@ module = {
+   common = loader/multiboot.c;
+   x86 = loader/i386/multiboot_mbi.c;
+   extra_dist = loader/multiboot_elfxx.c;
+-  enable = i386_pc;
++  enable = x86;
+ };
+ 
+ module = {
diff --git a/grub.patches b/grub.patches
index aada811..c6a907c 100644
--- a/grub.patches
+++ b/grub.patches
@@ -311,3 +311,4 @@ Patch0310: 0310-arm-Align-section-alignment-with-manual-relocation-o.patch
 Patch0311: 0311-grub-core-loader-efi-fdt.c-Do-not-copy-random-memory.patch
 Patch0312: 0312-linux-efi-arm-fdt-break-FDT-extra-allocation-space-o.patch
 Patch0313: 0313-Preserve-multi-device-workflows.patch
+Patch0314: 0314-Revert-Disable-multiboot-multiboot2-and-linux16-modu.patch
diff --git a/grub2.spec b/grub2.spec
index 173e8cd..af0981b 100644
--- a/grub2.spec
+++ b/grub2.spec
@@ -7,7 +7,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.02
-Release:	90%{?dist}
+Release:	91%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@@ -518,6 +518,12 @@ rm -r /boot/grub2.tmp/ || :
 %endif
 
 %changelog
+* Sat Jul 13 2019 Javier Martinez Canillas <javierm@redhat.com> - 2.02-91
+- Includes security modules in Grub2 EFI builds (benjamin.doron)
+  Resolves: rhbz#1722938
+- Enable again multiboot and multiboot2 modules on EFI builds
+  Resolves: rhbz#1703872
+
 * Fri Jul 05 2019 Javier Martinez Canillas <javierm@redhat.com> - 2.02-90
 - Fix failure to request grub.cfg over HTTP
 - Some ARM fixes (pbrobinson)