mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-22 22:21:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

sys-boot/grub: Move to portage-stable, bump to 2.12

Browse Source 
We can now use Gentoo's upstream ebuild, save for a few small overrides
in a separate env file.

This bumps GRUB from 2.06 to 2.12, The existing two Flatcar patches have
been rebased.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
This commit is contained in:
James Le Cuirot 2024-09-06 11:43:41 +01:00
parent b031f0bc93
commit 9d2026b40e
No known key found for this signature in database
GPG Key ID: 1226415D00DD3137
19 changed files with 1116 additions and 291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/portage-stable-packages-list vendored
View File

@ -609,6 +609,7 @@ sys-block/thin-provisioning-tools
sys-boot/efibootmgr sys-boot/efibootmgr
sys-boot/gnu-efi sys-boot/gnu-efi
sys-boot/grub
sys-boot/mokutil sys-boot/mokutil
sys-devel/bc sys-devel/bc

1
changelog/updates/2024-09-06-grub-2.12.md Normal file
View File

@ -0,0 +1 @@
- grub ([2.12](https://lists.gnu.org/archive/html/grub-devel/2023-12/msg00052.html))

28
sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-boot/grub vendored
View File

@ -1,14 +1,14 @@
PKG_INSTALL_MASK+=" /etc/grub.d/00_header # Replace Gentoo's SBAT with Flatcar's.
/etc/grub.d/10_linux cros_post_src_install_sbat() {
/etc/grub.d/30_os-prober insinto /usr/share/grub
/etc/grub.d/40_custom newins - sbat.csv <<-EOF
/etc/grub.d/README sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
/lib64/grub/grub-mkconfig_lib grub,4,Free Software Foundation,grub,${PV},https://www.gnu.org/software/grub/
/lib64/grub/update-grub_lib" grub.flatcar,1,Flatcar,grub2,${PVR},https://github.com/flatcar/Flatcar
INSTALL_MASK+=" /etc/grub.d/00_header EOF
/etc/grub.d/10_linux }
/etc/grub.d/30_os-prober
/etc/grub.d/40_custom # Flatcar does not use grub-install or grub-mkconfig. All the files under /etc
/etc/grub.d/README # relate to grub-mkconfig.
/lib64/grub/grub-mkconfig_lib INSTALL_MASK+=" ${EPREFIX}/etc/ *grub-install* *mkconfig*"
/lib64/grub/update-grub_lib" PKG_INSTALL_MASK+=" ${EPREFIX}/etc/ *grub-install* *mkconfig*"

15
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/README.md → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/README.md vendored
View File

@ -1,5 +1,5 @@
Flatcar uses a patched version of the GRUB, which implements the functionality to Flatcar uses a patched version of the GRUB, which implements the functionality to
read the [Flatcar Container Linux partition table](https://www.flatcar.org/docs/latest/reference/developer-guides/sdk-disk-partitions/#partition-table) read the [Flatcar Container Linux partition table](https://www.flatcar.org/docs/latest/reference/developer-guides/sdk-disk-partitions/#partition-table).
## History ## History
@ -11,14 +11,11 @@ and referenced in the Flatcar's coreos-overlay. Except for a few, now many chang
where brought into the system. where brought into the system.
The repo was maintained at 2.02 version. During the 2.06 migration, the philosophy The repo was maintained at 2.02 version. During the 2.06 migration, the philosophy
to use a separate repo was scraped, and a single patch file was created. The patch to use a separate repo was scrapped, and two patch files were created. The patch
files migrated only the essential commits, and dropped all the other commits, which files migrated only the essential commits, and dropped all the other commits, which
were either half-baked, or redundant at the point of migration. The two patches are applied were either half-baked, or redundant at the point of migration.
on top of the grub sources, and emerge is done.
Given below are the list of commits that were referenced to create the two patches. ## Summary of the Flatcar patches
## Summary of the patches
The patch starts with adding a new implementation of reading the GPT instead The patch starts with adding a new implementation of reading the GPT instead
of using the traditional module. It provides essential functionality to interact of using the traditional module. It provides essential functionality to interact
@ -33,9 +30,9 @@ partition booting. The `gptrepair` command implements the repair functions for
GPT information on a specified device. Few other functions include searching GPT information on a specified device. Few other functions include searching
devices by partition label or partition UUID. devices by partition label or partition UUID.
## Commits ## Commits in the Flatcar patches
Below are the commits that are picked to create the two patches for the grub. One is Below are the commits that are picked to create the two Flatcar patches. One is
descriptive, and other is comprehensive. descriptive, and other is comprehensive.
<details> <details>

282
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-gpt-partition-scheme.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-gpt-partition-scheme.patch vendored
View File

@ -12,66 +12,42 @@ This patch also includes the supporting functions like gptprio,
gptrepair, search commands. gptrepair, search commands.
The patch is prepared using the coreos/grub PRs, picking the only The patch is prepared using the coreos/grub PRs, picking the only
required ones, and dropping the others. The README.md file in the required ones, and dropping the others. The README.md file in this
coreos-overlay/sys-boot/grub/ contains more contexual information directory contains more contexual information along with the commits
along with the commits used to create the patch. used to create the patch.
Authored-by: Michael Marineau <michael.marineau@coreos.com> Authored-by: Michael Marineau <michael.marineau@coreos.com>
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com> Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
--- ---
Makefile.util.def | 30 +
grub-core/Makefile.core.def | 25 +
grub-core/commands/gptprio.c | 223 +++++++
grub-core/commands/gptrepair.c | 110 ++++
grub-core/commands/search.c | 49 ++
grub-core/commands/search_part_label.c | 5 +
grub-core/commands/search_part_uuid.c | 5 +
grub-core/commands/search_wrap.c | 12 +
grub-core/lib/gpt.c | 757 +++++++++++++++++++++++
include/grub/gpt_partition.h | 211 ++++++-
include/grub/search.h | 4 +
tests/gpt_unit_test.c | 807 +++++++++++++++++++++++++
tests/gptprio_test.in | 207 +++++++
tests/gptrepair_test.in | 102 ++++
14 files changed, 2530 insertions(+), 17 deletions(-)
create mode 100644 grub-core/commands/gptprio.c
create mode 100644 grub-core/commands/gptrepair.c
create mode 100644 grub-core/commands/search_part_label.c
create mode 100644 grub-core/commands/search_part_uuid.c
create mode 100644 grub-core/lib/gpt.c
create mode 100644 tests/gpt_unit_test.c
create mode 100644 tests/gptprio_test.in
create mode 100644 tests/gptrepair_test.in
diff --git a/Makefile.util.def b/Makefile.util.def diff -Naur a/Makefile.util.def b/Makefile.util.def
index f8b356cc1..07df521ec 100644 --- a/Makefile.util.def 2024-09-05 16:04:35.405205341 -0000
--- a/Makefile.util.def +++ b/Makefile.util.def 2024-09-05 16:05:42.308358821 -0000
+++ b/Makefile.util.def @@ -1334,6 +1334,18 @@
@@ -1211,6 +1211,18 @@ script = { common = tests/test_asn1.in;
common = tests/syslinux_test.in;
}; };
+script = { +script = {
+ testcase; + testcase = native;
+ name = gptrepair_test; + name = gptrepair_test;
+ common = tests/gptrepair_test.in; + common = tests/gptrepair_test.in;
+}; +};
+ +
+script = { +script = {
+ testcase; + testcase = native;
+ name = gptprio_test; + name = gptprio_test;
+ common = tests/gptprio_test.in; + common = tests/gptprio_test.in;
+}; +};
+ +
program = { program = {
testcase; testcase = native;
name = example_unit_test; name = example_unit_test;
@@ -1288,6 +1300,24 @@ program = { @@ -1411,6 +1423,24 @@
ldadd = '$(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; ldadd = '$(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)';
}; };
+program = { +program = {
+ testcase; + testcase = native;
+ name = gpt_unit_test; + name = gpt_unit_test;
+ common = tests/gpt_unit_test.c; + common = tests/gpt_unit_test.c;
+ common = tests/lib/unit_test.c; + common = tests/lib/unit_test.c;
@ -91,15 +67,13 @@ index f8b356cc1..07df521ec 100644
program = { program = {
name = grub-menulst2cfg; name = grub-menulst2cfg;
mansection = 1; mansection = 1;
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def diff -Naur a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 8022e1c0a..e9baa2144 100644 --- a/grub-core/Makefile.core.def 2024-09-05 16:04:35.460205469 -0000
--- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def 2024-09-05 16:05:42.309358823 -0000
+++ b/grub-core/Makefile.core.def @@ -968,6 +968,21 @@
@@ -897,6 +897,21 @@ module = {
common = commands/gptsync.c;
}; };
+module = { module = {
+ name = gptrepair; + name = gptrepair;
+ common = commands/gptrepair.c; + common = commands/gptrepair.c;
+}; +};
@ -114,14 +88,14 @@ index 8022e1c0a..e9baa2144 100644
+ common = lib/gpt.c; + common = lib/gpt.c;
+}; +};
+ +
module = { +module = {
name = halt; name = halt;
nopc = commands/halt.c; nopc = commands/halt.c;
@@ -1073,6 +1088,16 @@ module = { i386_pc = commands/i386/pc/halt.c;
common = commands/search_label.c; @@ -1157,6 +1172,16 @@
}; };
+module = { module = {
+ name = search_part_uuid; + name = search_part_uuid;
+ common = commands/search_part_uuid.c; + common = commands/search_part_uuid.c;
+}; +};
@ -131,14 +105,13 @@ index 8022e1c0a..e9baa2144 100644
+ common = commands/search_part_label.c; + common = commands/search_part_label.c;
+}; +};
+ +
module = { +module = {
name = setpci; name = setpci;
common = commands/setpci.c; common = commands/setpci.c;
diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c enable = pci;
new file mode 100644 diff -Naur a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c
index 000000000..4a24fa62d --- a/grub-core/commands/gptprio.c 1970-01-01 00:00:00.000000000 -0000
--- /dev/null +++ b/grub-core/commands/gptprio.c 2024-09-05 16:37:53.072065206 -0000
+++ b/grub-core/commands/gptprio.c
@@ -0,0 +1,223 @@ @@ -0,0 +1,223 @@
+/* gptprio.c - manage priority based partition selection. */ +/* gptprio.c - manage priority based partition selection. */
+/* +/*
@ -217,7 +190,7 @@ index 000000000..4a24fa62d
+ +
+static grub_err_t +static grub_err_t
+grub_find_next (const char *disk_name, +grub_find_next (const char *disk_name,
+ const grub_gpt_part_type_t *part_type, + const grub_packed_guid_t *part_type,
+ char **part_name, char **part_guid) + char **part_name, char **part_guid)
+{ +{
+ struct grub_gpt_partentry *part, *part_found = NULL; + struct grub_gpt_partentry *part, *part_found = NULL;
@ -304,7 +277,7 @@ index 000000000..4a24fa62d
+ char *p, *root = NULL, *part_name = NULL, *part_guid = NULL; + char *p, *root = NULL, *part_name = NULL, *part_guid = NULL;
+ +
+ /* TODO: Add a uuid parser and a command line flag for providing type. */ + /* TODO: Add a uuid parser and a command line flag for providing type. */
+ grub_gpt_part_type_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64; + grub_packed_guid_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64;
+ +
+ if (!state[NEXT_SET_DEVICE].set || !state[NEXT_SET_UUID].set) + if (!state[NEXT_SET_DEVICE].set || !state[NEXT_SET_UUID].set)
+ { + {
@ -363,11 +336,9 @@ index 000000000..4a24fa62d
+{ +{
+ grub_unregister_extcmd (cmd_next); + grub_unregister_extcmd (cmd_next);
+} +}
diff --git a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c diff -Naur a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c
new file mode 100644 --- a/grub-core/commands/gptrepair.c 1970-01-01 00:00:00.000000000 -0000
index 000000000..c17c7346c +++ b/grub-core/commands/gptrepair.c 2024-09-05 16:05:42.309358823 -0000
--- /dev/null
+++ b/grub-core/commands/gptrepair.c
@@ -0,0 +1,110 @@ @@ -0,0 +1,110 @@
+/* gptrepair.c - verify and restore GPT info from alternate location. */ +/* gptrepair.c - verify and restore GPT info from alternate location. */
+/* +/*
@ -479,21 +450,21 @@ index 000000000..c17c7346c
+{ +{
+ grub_unregister_command (cmd); + grub_unregister_command (cmd);
+} +}
diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c diff -Naur a/grub-core/commands/search.c b/grub-core/commands/search.c
index ed090b3af..4ad72c5b4 100644 --- a/grub-core/commands/search.c 2024-09-05 16:04:35.464205478 -0000
--- a/grub-core/commands/search.c +++ b/grub-core/commands/search.c 2024-09-05 16:14:56.337547508 -0000
+++ b/grub-core/commands/search.c @@ -33,6 +33,10 @@
@@ -30,6 +30,9 @@ #include <grub/efi/api.h>
#include <grub/i18n.h> #include <grub/time.h>
#include <grub/disk.h>
#include <grub/partition.h>
+#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL) +#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL)
+#include <grub/gpt_partition.h> +#include <grub/gpt_partition.h>
+#endif +#endif
+
GRUB_MOD_LICENSE ("GPLv3+"); GRUB_MOD_LICENSE ("GPLv3+");
@@ -90,6 +93,44 @@ iterate_device (const char *name, void *data) struct cache_entry
@@ -264,6 +268,44 @@
} }
grub_free (buf); grub_free (buf);
} }
@ -538,8 +509,8 @@ index ed090b3af..4ad72c5b4 100644
#else #else
{ {
/* SEARCH_FS_UUID or SEARCH_LABEL */ /* SEARCH_FS_UUID or SEARCH_LABEL */
@@ -313,6 +354,10 @@ static grub_command_t cmd; @@ -487,6 +529,10 @@
#ifdef DO_SEARCH_FILE #ifdef DO_SEARCH_FILE
GRUB_MOD_INIT(search_fs_file) GRUB_MOD_INIT(search_fs_file)
+#elif defined(DO_SEARCH_PART_UUID) +#elif defined(DO_SEARCH_PART_UUID)
@ -549,8 +520,8 @@ index ed090b3af..4ad72c5b4 100644
#elif defined (DO_SEARCH_FS_UUID) #elif defined (DO_SEARCH_FS_UUID)
GRUB_MOD_INIT(search_fs_uuid) GRUB_MOD_INIT(search_fs_uuid)
#else #else
@@ -327,6 +372,10 @@ GRUB_MOD_INIT(search_label) @@ -501,6 +547,10 @@
#ifdef DO_SEARCH_FILE #ifdef DO_SEARCH_FILE
GRUB_MOD_FINI(search_fs_file) GRUB_MOD_FINI(search_fs_file)
+#elif defined(DO_SEARCH_PART_UUID) +#elif defined(DO_SEARCH_PART_UUID)
@ -560,33 +531,28 @@ index ed090b3af..4ad72c5b4 100644
#elif defined (DO_SEARCH_FS_UUID) #elif defined (DO_SEARCH_FS_UUID)
GRUB_MOD_FINI(search_fs_uuid) GRUB_MOD_FINI(search_fs_uuid)
#else #else
diff --git a/grub-core/commands/search_part_label.c b/grub-core/commands/search_part_label.c diff -Naur a/grub-core/commands/search_part_label.c b/grub-core/commands/search_part_label.c
new file mode 100644 --- a/grub-core/commands/search_part_label.c 1970-01-01 00:00:00.000000000 -0000
index 000000000..ca906cbd9 +++ b/grub-core/commands/search_part_label.c 2024-09-05 16:05:42.310358826 -0000
--- /dev/null
+++ b/grub-core/commands/search_part_label.c
@@ -0,0 +1,5 @@ @@ -0,0 +1,5 @@
+#define DO_SEARCH_PART_LABEL 1 +#define DO_SEARCH_PART_LABEL 1
+#define FUNC_NAME grub_search_part_label +#define FUNC_NAME grub_search_part_label
+#define COMMAND_NAME "search.part_label" +#define COMMAND_NAME "search.part_label"
+#define HELP_MESSAGE N_("Search devices by partition label. If VARIABLE is specified, the first device found is set to a variable.") +#define HELP_MESSAGE N_("Search devices by partition label. If VARIABLE is specified, the first device found is set to a variable.")
+#include "search.c" +#include "search.c"
diff --git a/grub-core/commands/search_part_uuid.c b/grub-core/commands/search_part_uuid.c diff -Naur a/grub-core/commands/search_part_uuid.c b/grub-core/commands/search_part_uuid.c
new file mode 100644 --- a/grub-core/commands/search_part_uuid.c 1970-01-01 00:00:00.000000000 -0000
index 000000000..2d1d3d0d7 +++ b/grub-core/commands/search_part_uuid.c 2024-09-05 16:05:42.310358826 -0000
--- /dev/null
+++ b/grub-core/commands/search_part_uuid.c
@@ -0,0 +1,5 @@ @@ -0,0 +1,5 @@
+#define DO_SEARCH_PART_UUID 1 +#define DO_SEARCH_PART_UUID 1
+#define FUNC_NAME grub_search_part_uuid +#define FUNC_NAME grub_search_part_uuid
+#define COMMAND_NAME "search.part_uuid" +#define COMMAND_NAME "search.part_uuid"
+#define HELP_MESSAGE N_("Search devices by partition UUID. If VARIABLE is specified, the first device found is set to a variable.") +#define HELP_MESSAGE N_("Search devices by partition UUID. If VARIABLE is specified, the first device found is set to a variable.")
+#include "search.c" +#include "search.c"
diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c diff -Naur a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c
index 47fc8eb99..d357454a9 100644 --- a/grub-core/commands/search_wrap.c 2024-09-05 16:04:35.438205418 -0000
--- a/grub-core/commands/search_wrap.c +++ b/grub-core/commands/search_wrap.c 2024-09-05 16:12:58.537303529 -0000
+++ b/grub-core/commands/search_wrap.c @@ -36,6 +36,10 @@
@@ -36,6 +36,10 @@ static const struct grub_arg_option options[] =
0, 0}, 0, 0},
{"fs-uuid", 'u', 0, N_("Search devices by a filesystem UUID."), {"fs-uuid", 'u', 0, N_("Search devices by a filesystem UUID."),
0, 0}, 0, 0},
@ -597,7 +563,7 @@ index 47fc8eb99..d357454a9 100644
{"set", 's', GRUB_ARG_OPTION_OPTIONAL, {"set", 's', GRUB_ARG_OPTION_OPTIONAL,
N_("Set a variable to the first device found."), N_("VARNAME"), N_("Set a variable to the first device found."), N_("VARNAME"),
ARG_TYPE_STRING}, ARG_TYPE_STRING},
@@ -71,6 +75,8 @@ enum options @@ -73,6 +77,8 @@
SEARCH_FILE, SEARCH_FILE,
SEARCH_LABEL, SEARCH_LABEL,
SEARCH_FS_UUID, SEARCH_FS_UUID,
@ -605,25 +571,21 @@ index 47fc8eb99..d357454a9 100644
+ SEARCH_PART_UUID, + SEARCH_PART_UUID,
SEARCH_SET, SEARCH_SET,
SEARCH_NO_FLOPPY, SEARCH_NO_FLOPPY,
SEARCH_HINT, SEARCH_EFIDISK_ONLY,
@@ -186,6 +192,12 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) @@ -198,6 +204,10 @@
grub_search_label (id, var, flags, hints, nhints);
else if (state[SEARCH_FS_UUID].set) else if (state[SEARCH_FS_UUID].set)
grub_search_fs_uuid (id, var, state[SEARCH_NO_FLOPPY].set, grub_search_fs_uuid (id, var, flags, hints, nhints);
hints, nhints);
+ else if (state[SEARCH_PART_LABEL].set) + else if (state[SEARCH_PART_LABEL].set)
+ grub_search_part_label (id, var, state[SEARCH_NO_FLOPPY].set, + grub_search_part_label (id, var, flags, hints, nhints);
+ hints, nhints);
+ else if (state[SEARCH_PART_UUID].set) + else if (state[SEARCH_PART_UUID].set)
+ grub_search_part_uuid (id, var, state[SEARCH_NO_FLOPPY].set, + grub_search_part_uuid (id, var, flags, hints, nhints);
+ hints, nhints);
else if (state[SEARCH_FILE].set) else if (state[SEARCH_FILE].set)
grub_search_fs_file (id, var, state[SEARCH_NO_FLOPPY].set, grub_search_fs_file (id, var, flags, hints, nhints);
hints, nhints); else
diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c diff -Naur a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c
new file mode 100644 --- a/grub-core/lib/gpt.c 1970-01-01 00:00:00.000000000 -0000
index 000000000..098fa65c4 +++ b/grub-core/lib/gpt.c 2024-09-05 16:43:30.533499724 -0000
--- /dev/null
+++ b/grub-core/lib/gpt.c
@@ -0,0 +1,757 @@ @@ -0,0 +1,757 @@
+/* gpt.c - Read/Verify/Write GUID Partition Tables (GPT). */ +/* gpt.c - Read/Verify/Write GUID Partition Tables (GPT). */
+/* +/*
@ -666,7 +628,7 @@ index 000000000..098fa65c4
+ grub_size_t *ret_entries_size); + grub_size_t *ret_entries_size);
+ +
+char * +char *
+grub_gpt_guid_to_str (grub_gpt_guid_t *guid) +grub_gpt_guid_to_str (grub_packed_guid_t *guid)
+{ +{
+ return grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + return grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+ grub_le_to_cpu32 (guid->data1), + grub_le_to_cpu32 (guid->data1),
@ -915,7 +877,7 @@ index 000000000..098fa65c4
+ return 0; + return 0;
+ +
+ return grub_memcmp(&gpt->primary.guid, &gpt->backup.guid, + return grub_memcmp(&gpt->primary.guid, &gpt->backup.guid,
+ sizeof(grub_gpt_guid_t)) == 0; + sizeof(grub_packed_guid_t)) == 0;
+} +}
+ +
+static grub_err_t +static grub_err_t
@ -1312,7 +1274,7 @@ index 000000000..098fa65c4
+ +
+ if (grub_le_to_cpu32 (header->headersize) != sizeof (*header)) + if (grub_le_to_cpu32 (header->headersize) != sizeof (*header))
+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, + return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET,
+ "Header size is %u, must be %u", + "Header size is %u, must be %zu",
+ grub_le_to_cpu32 (header->headersize), + grub_le_to_cpu32 (header->headersize),
+ sizeof (*header)); + sizeof (*header));
+ +
@ -1382,30 +1344,20 @@ index 000000000..098fa65c4
+ grub_free (gpt->entries); + grub_free (gpt->entries);
+ grub_free (gpt); + grub_free (gpt);
+} +}
diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h diff -Naur a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h
index 7a93f4329..5c4372dce 100644 --- a/include/grub/gpt_partition.h 2023-11-22 17:52:44.000000000 -0000
--- a/include/grub/gpt_partition.h +++ b/include/grub/gpt_partition.h 2024-09-05 16:43:04.107463044 -0000
+++ b/include/grub/gpt_partition.h @@ -21,25 +21,45 @@
@@ -21,6 +21,7 @@
#include <grub/types.h> #include <grub/types.h>
#include <grub/partition.h> #include <grub/partition.h>
+#include <grub/msdos_partition.h> +#include <grub/msdos_partition.h>
struct grub_gpt_part_guid
{
@@ -30,25 +31,46 @@ struct grub_gpt_part_guid
grub_uint8_t data4[8];
} GRUB_PACKED;
typedef struct grub_gpt_part_guid grub_gpt_part_guid_t;
+typedef struct grub_gpt_part_guid grub_gpt_guid_t;
+typedef struct grub_gpt_part_guid grub_gpt_part_type_t;
-#define GRUB_GPT_PARTITION_TYPE_EMPTY \ -#define GRUB_GPT_PARTITION_TYPE_EMPTY \
- { 0x0, 0x0, 0x0, \ - { 0x0, 0x0, 0x0, \
- { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } \ - { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } \
+/* Format the raw little-endian GUID as a newly allocated string. */ +/* Format the raw little-endian GUID as a newly allocated string. */
+char * grub_gpt_guid_to_str (grub_gpt_guid_t *guid); +char * grub_gpt_guid_to_str (grub_packed_guid_t *guid);
+ +
+ +
+#define GRUB_GPT_GUID_INIT(a, b, c, d1, d2, d3, d4, d5, d6, d7, d8) \ +#define GRUB_GPT_GUID_INIT(a, b, c, d1, d2, d3, d4, d5, d6, d7, d8) \
@ -1415,7 +1367,7 @@ index 7a93f4329..5c4372dce 100644
+ grub_cpu_to_le16_compile_time (c), \ + grub_cpu_to_le16_compile_time (c), \
+ { d1, d2, d3, d4, d5, d6, d7, d8 } \ + { d1, d2, d3, d4, d5, d6, d7, d8 } \
} }
+#define GRUB_GPT_PARTITION_TYPE_EMPTY \ +#define GRUB_GPT_PARTITION_TYPE_EMPTY \
+ GRUB_GPT_GUID_INIT (0x0, 0x0, 0x0, \ + GRUB_GPT_GUID_INIT (0x0, 0x0, 0x0, \
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
@ -1432,7 +1384,7 @@ index 7a93f4329..5c4372dce 100644
- } - }
+ GRUB_GPT_GUID_INIT (0x21686148, 0x6449, 0x6e6f, \ + GRUB_GPT_GUID_INIT (0x21686148, 0x6449, 0x6e6f, \
+ 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49) + 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49)
#define GRUB_GPT_PARTITION_TYPE_LDM \ #define GRUB_GPT_PARTITION_TYPE_LDM \
- { grub_cpu_to_le32_compile_time (0x5808C8AAU),\ - { grub_cpu_to_le32_compile_time (0x5808C8AAU),\
- grub_cpu_to_le16_compile_time (0x7E8F), \ - grub_cpu_to_le16_compile_time (0x7E8F), \
@ -1451,10 +1403,10 @@ index 7a93f4329..5c4372dce 100644
+ +
+#define GRUB_GPT_HEADER_VERSION \ +#define GRUB_GPT_HEADER_VERSION \
+ grub_cpu_to_le32_compile_time (0x00010000U) + grub_cpu_to_le32_compile_time (0x00010000U)
struct grub_gpt_header struct grub_gpt_header
{ {
@@ -57,11 +79,11 @@ struct grub_gpt_header @@ -48,11 +68,11 @@
grub_uint32_t headersize; grub_uint32_t headersize;
grub_uint32_t crc32; grub_uint32_t crc32;
grub_uint32_t unused1; grub_uint32_t unused1;
@ -1465,18 +1417,18 @@ index 7a93f4329..5c4372dce 100644
grub_uint64_t start; grub_uint64_t start;
grub_uint64_t end; grub_uint64_t end;
- grub_uint8_t guid[16]; - grub_uint8_t guid[16];
+ grub_gpt_part_guid_t guid; + grub_packed_guid_t guid;
grub_uint64_t partitions; grub_uint64_t partitions;
grub_uint32_t maxpart; grub_uint32_t maxpart;
grub_uint32_t partentry_size; grub_uint32_t partentry_size;
@@ -75,13 +97,168 @@ struct grub_gpt_partentry @@ -66,13 +86,168 @@
grub_uint64_t start; grub_uint64_t start;
grub_uint64_t end; grub_uint64_t end;
grub_uint64_t attrib; grub_uint64_t attrib;
- char name[72]; - char name[72];
+ grub_uint16_t name[36]; + grub_uint16_t name[36];
} GRUB_PACKED; };
+enum grub_gpt_part_attr_offset +enum grub_gpt_part_attr_offset
+{ +{
+ /* Standard partition attribute bits defined by UEFI. */ + /* Standard partition attribute bits defined by UEFI. */
@ -1527,7 +1479,7 @@ index 7a93f4329..5c4372dce 100644
grub_gpt_partition_map_iterate (grub_disk_t disk, grub_gpt_partition_map_iterate (grub_disk_t disk,
grub_partition_iterate_hook_t hook, grub_partition_iterate_hook_t hook,
void *hook_data); void *hook_data);
+/* Advanced GPT library. */ +/* Advanced GPT library. */
+ +
+/* Status bits for the grub_gpt.status field. */ +/* Status bits for the grub_gpt.status field. */
@ -1639,25 +1591,24 @@ index 7a93f4329..5c4372dce 100644
+grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid); +grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid);
#endif /* ! GRUB_GPT_PARTITION_HEADER */ #endif /* ! GRUB_GPT_PARTITION_HEADER */
diff --git a/include/grub/search.h b/include/grub/search.h diff -Naur a/include/grub/search.h b/include/grub/search.h
index d80347df3..c2f40abe9 100644 --- a/include/grub/search.h 2024-09-05 16:04:35.439205420 -0000
--- a/include/grub/search.h +++ b/include/grub/search.h 2024-09-05 16:05:42.312358830 -0000
+++ b/include/grub/search.h @@ -36,5 +36,11 @@
@@ -25,5 +25,9 @@ void grub_search_fs_uuid (const char *key, const char *var, int no_floppy, void grub_search_label (const char *key, const char *var,
char **hints, unsigned nhints); enum search_flags flags,
void grub_search_label (const char *key, const char *var, int no_floppy,
char **hints, unsigned nhints); char **hints, unsigned nhints);
+void grub_search_part_uuid (const char *key, const char *var, int no_floppy, +void grub_search_part_uuid (const char *key, const char *var,
+ char **hints, unsigned nhints); + enum search_flags flags,
+void grub_search_part_label (const char *key, const char *var, int no_floppy, + char **hints, unsigned nhints);
+ char **hints, unsigned nhints); +void grub_search_part_label (const char *key, const char *var,
+ enum search_flags flags,
+ char **hints, unsigned nhints);
#endif #endif
diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c diff -Naur a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c
new file mode 100644 --- a/tests/gpt_unit_test.c 1970-01-01 00:00:00.000000000 -0000
index 000000000..53f686912 +++ b/tests/gpt_unit_test.c 2024-09-05 16:05:42.313358833 -0000
--- /dev/null
+++ b/tests/gpt_unit_test.c
@@ -0,0 +1,807 @@ @@ -0,0 +1,807 @@
+/* +/*
+ * GRUB -- GRand Unified Bootloader + * GRUB -- GRand Unified Bootloader
@ -2466,11 +2417,9 @@ index 000000000..53f686912
+ grub_test_unregister ("gpt_search_part_uuid_test"); + grub_test_unregister ("gpt_search_part_uuid_test");
+ grub_fini_all (); + grub_fini_all ();
+} +}
diff --git a/tests/gptprio_test.in b/tests/gptprio_test.in diff -Naur a/tests/gptprio_test.in b/tests/gptprio_test.in
new file mode 100644 --- a/tests/gptprio_test.in 1970-01-01 00:00:00.000000000 -0000
index 000000000..c5cf0f3b7 +++ b/tests/gptprio_test.in 2024-09-05 16:05:42.313358833 -0000
--- /dev/null
+++ b/tests/gptprio_test.in
@@ -0,0 +1,207 @@ @@ -0,0 +1,207 @@
+#! /bin/bash +#! /bin/bash
+set -e +set -e
@ -2679,11 +2628,9 @@ index 000000000..c5cf0f3b7
+check_next 4 1 0 1 +check_next 4 1 0 1
+check_prio 2 3 0 0 +check_prio 2 3 0 0
+check_prio 3 2 0 0 +check_prio 3 2 0 0
diff --git a/tests/gptrepair_test.in b/tests/gptrepair_test.in diff -Naur a/tests/gptrepair_test.in b/tests/gptrepair_test.in
new file mode 100644 --- a/tests/gptrepair_test.in 1970-01-01 00:00:00.000000000 -0000
index 000000000..805dc171a +++ b/tests/gptrepair_test.in 2024-09-05 16:05:42.313358833 -0000
--- /dev/null
+++ b/tests/gptrepair_test.in
@@ -0,0 +1,102 @@ @@ -0,0 +1,102 @@
+#! /bin/sh +#! /bin/sh
+set -e +set -e
@ -2787,6 +2734,3 @@ index 000000000..805dc171a
+do_repair +do_repair
+cmp "${img1}" "${img2}" +cmp "${img1}" "${img2}"
+echo +echo
--
2.34.1

60
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-add-verity-hash.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-boot/grub/grub-2.12-add-verity-hash.patch vendored
View File

@ -7,76 +7,67 @@ Read the verity hash from the kernel binary and pass it to the running
system via the kernel command line system via the kernel command line
The patch is prepared using the coreos/grub PRs, picking the only The patch is prepared using the coreos/grub PRs, picking the only
required ones, and dropping the others. The README.md file in the required ones, and dropping the others. The README.md file in this
coreos-overlay/sys-boot/grub/ contains more contexual information directory contains more contexual information along with the commits
along with the commits used to create the patch. used to create the patch.
Authored-by: Matthew Garrett <mjg59@coreos.com> Authored-by: Matthew Garrett <mjg59@coreos.com>
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com> Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
--- ---
grub-core/loader/arm64/linux.c | 6 +++-
grub-core/loader/i386/linux.c | 3 ++
include/grub/verity-hash.h | 51 ++++++++++++++++++++++++++++++++++
3 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 include/grub/verity-hash.h
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c diff -Naur a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index ef3e9f944..17bed4e15 100644 --- a/grub-core/loader/efi/linux.c 2023-10-03 12:21:48.000000000 -0000
--- a/grub-core/loader/arm64/linux.c +++ b/grub-core/loader/efi/linux.c 2024-09-12 10:18:36.454803371 -0000
+++ b/grub-core/loader/arm64/linux.c
@@ -34,6 +34,8 @@ @@ -34,6 +34,8 @@
#include <grub/lib/cmdline.h> #include <grub/lib/cmdline.h>
#include <grub/verify.h> #include <grub/verify.h>
+#include <grub/verity-hash.h> +#include <grub/verity-hash.h>
+ +
GRUB_MOD_LICENSE ("GPLv3+"); GRUB_MOD_LICENSE ("GPLv3+");
static grub_dl_t my_mod; static grub_dl_t my_mod;
@@ -333,7 +335,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), @@ -533,7 +535,8 @@
grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
- cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); - cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE);
+ cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE) + cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE)
+ + VERITY_CMDLINE_LENGTH; + + VERITY_CMDLINE_LENGTH;
linux_args = grub_malloc (cmdline_size); linux_args = grub_malloc (cmdline_size);
if (!linux_args) if (!linux_args)
{ {
@@ -350,6 +353,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), @@ -550,6 +553,7 @@
if (grub_errno == GRUB_ERR_NONE) if (grub_errno == GRUB_ERR_NONE)
{ {
+ grub_pass_verity_hash (kernel_addr, linux_args, cmdline_size); + grub_pass_verity_hash (kernel_addr, linux_args, cmdline_size);
grub_loader_set (grub_linux_boot, grub_linux_unload, 0); grub_loader_set (grub_linux_boot, grub_linux_unload, 0);
loaded = 1; loaded = 1;
} }
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c diff -Naur a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 9f74a96b1..1c76ac5bf 100644 --- a/grub-core/loader/i386/linux.c 2023-10-03 12:21:48.000000000 -0000
--- a/grub-core/loader/i386/linux.c +++ b/grub-core/loader/i386/linux.c 2024-09-12 10:28:05.571587951 -0000
+++ b/grub-core/loader/i386/linux.c
@@ -38,6 +38,8 @@ @@ -38,6 +38,8 @@
#include <grub/machine/kernel.h> #include <grub/machine/kernel.h>
#include <grub/safemath.h> #include <grub/safemath.h>
+#include <grub/verity-hash.h> +#include <grub/verity-hash.h>
+ +
GRUB_MOD_LICENSE ("GPLv3+"); GRUB_MOD_LICENSE ("GPLv3+");
#ifdef GRUB_MACHINE_PCBIOS #ifdef GRUB_MACHINE_PCBIOS
@@ -1006,6 +1008,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)), @@ -1018,6 +1020,7 @@
goto fail; goto fail;
} }
+ grub_pass_verity_hash(&lh, linux_cmdline, maximal_cmdline_size); + grub_pass_verity_hash (&lh, linux_cmdline, maximal_cmdline_size);
len = prot_file_size; len = prot_file_size;
if (grub_file_read (file, prot_mode_mem, len) != len && !grub_errno) if (grub_file_read (file, prot_mode_mem, len) != len && !grub_errno)
grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"), grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"),
diff --git a/include/grub/verity-hash.h b/include/grub/verity-hash.h diff -Naur a/include/grub/verity-hash.h b/include/grub/verity-hash.h
new file mode 100644 --- a/include/grub/verity-hash.h 1970-01-01 00:00:00.000000000 -0000
index 000000000..448d9aff0 +++ b/include/grub/verity-hash.h 2024-09-12 10:18:39.993826952 -0000
--- /dev/null
+++ b/include/grub/verity-hash.h
@@ -0,0 +1,51 @@ @@ -0,0 +1,51 @@
+/* CoreOS verity hash */ +/* CoreOS verity hash */
+ +
@ -129,6 +120,3 @@ index 000000000..448d9aff0
+ cmdline_len += VERITY_HASH_LENGTH; + cmdline_len += VERITY_HASH_LENGTH;
+ cmdline[cmdline_len] = '\0'; + cmdline[cmdline_len] = '\0';
+} +}
--
2.34.1

5
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/Manifest vendored
View File

@ -1,5 +0,0 @@
DIST dejavu-sans-ttf-2.37.zip 417746 BLAKE2B c8904f3cd5a49370a7dc10e456684c88aeae998a99090bf4d0a5baa4f36cc8fb8f70586cf6d610a5ffeee97261d28c80f55bbe9dcfc3ed796d5c2d60e79adb58 SHA512 ede5899daa1984c5aa8cacb1c850eb53f189dddef3d9bb78bf9774d8976b7c0d6eb0bcf86237cd7d11f5b36cf5b5058d42cd94d3bd76f2bd0931c7ceb1271fae
DIST grub-2.06-backports-r3.tar.xz 47612 BLAKE2B 235610e826c7a76d05872fb51e74564fb3861590f95377d5dcb9a5a4b0f5037d0b71c9f334bfe0bbe399f65036088d808f7af8e43090007ab7394002d05f7b4a SHA512 561f031dca2cdc13fc1b3f3cfdbdccd7decd67ef18ddcc588327f141b026eadcda5d64d729929859cad54959b3855ff86c1f62e3ff1d8ae5f6f5ac5761fa6ba4
DIST grub-2.06.tar.xz 6581924 BLAKE2B 2a40b9b03d7bb3b9e7b1309ab274d686f01b3c42e7035ebc6e5a0e59a59c3b7362ba518341664b314cb0dbc8222bb10ea05ce09f08ce9d58a293207cb909e417 SHA512 4f11c648f3078567e53fc0c74d5026fdc6da4be27d188975e79d9a4df817ade0fe5ad2ddd694238a07edc45adfa02943d83c57767dd51548102b375e529e8efe
DIST grub-2.06.tar.xz.sig 566 BLAKE2B 2ff18fb40d9cce36cac110ba9996f88236dbaa261d19e777a6d23a0e9754a9fc8bc45a01896f4838c88bb44edff0172a97611202cb3ffd5653a3cbdfc102ae16 SHA512 797683dafade76b5981bd02f079d7dcecb36f5d07eca652181fd69f3df821931f84cc0d8771bfb80506ef41fbd96edfb202b6698af1fec3c8228dd320a05fa84
DIST unifont-12.1.02.pcf.gz 1335424 BLAKE2B 97080312468e3f3c8aa6f49cef08f5622641e8c9c035f3ede1e09d8d98de4e78d3b23c8aba2e8070eb46cbebd2d55e8568e467d7f15f35aa8fc8db792b7e5f14 SHA512 b280b2db7cf5f480b0668c331130dede2c0cc87d5e02e44566b77787113d0f6604d0105522858288f2ac6b8e77df7a2d9878725013a6c778dc5bfb183156e2f0

3
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/sbat.csv.in vendored
View File

@ -1,3 +0,0 @@
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
grub,4,Free Software Foundation,grub,@@UPSTREAM_VERSION@@,https://www.gnu.org/software/grub/
grub.flatcar,1,Flatcar,grub2,@@VERSION@@,https://github.com/flatcar/flatcar

5
sdk_container/src/third_party/portage-stable/sys-boot/grub/Manifest vendored Normal file
View File

@ -0,0 +1,5 @@
DIST dejavu-sans-ttf-2.37.zip 417746 BLAKE2B c8904f3cd5a49370a7dc10e456684c88aeae998a99090bf4d0a5baa4f36cc8fb8f70586cf6d610a5ffeee97261d28c80f55bbe9dcfc3ed796d5c2d60e79adb58 SHA512 ede5899daa1984c5aa8cacb1c850eb53f189dddef3d9bb78bf9774d8976b7c0d6eb0bcf86237cd7d11f5b36cf5b5058d42cd94d3bd76f2bd0931c7ceb1271fae
DIST grub-2.12-bash-completion.patch.gz 3627 BLAKE2B 6ba80fd4fb4b28ae2e5a2387133d815da126a4eaa4b5cb24b13f4ba5a2499ab4099d10ada366ed39f84be2c38774122f48e1a1894768c5bee29149528610d095 SHA512 a9ee6d2253ae48d7f90907a9e975a3a1d01346bc621d8b8cddf7cc815cd91e078f6c61392724d13556ee64f099fa15c94fcb88a49ff02d4a90ebd376252cea5c
DIST grub-2.12.tar.xz 6675608 BLAKE2B a678f7fafb945d325c8cf47aa086f48357a8f6335b762f77038c30a3896b3b05491598d9931d5335841d224fffcbe4a9a43ca1479057c1f1ce52b8d2a952c431 SHA512 761c060a4c3da9c0e810b0ea967e3ebc66baa4ddd682a503ae3d30a83707626bccaf49359304a16b3a26fc4435fe6bea1ee90be910c84de3c2b5485a31a15be3
DIST grub-2.12.tar.xz.sig 566 BLAKE2B 9b77fe53041b99f1196743aa6d9fc9c727b17c6512129bab2b35005f2c70f371e30521ddd804bf0c666e36cf2667247980f385ca1ac911fa9b8e0311427dc01c SHA512 fbe971d8c382578b49d33902234edd9cbd084b70820a1a56a59df4ec30874c0dd4fe27f8dc44bb380716bb7480ca68a87d120a25b92a6a10ff6c8ec1b60548d3
DIST unifont-15.0.06.pcf.gz 1358322 BLAKE2B 81811e3de390ca35d1a2dc1f1dee73464e97f44907ba522c218ba9c5e39ca3c9d767552780a257a97c156eb623c17786d9c0d2b67786d61df5ca33a1e10db7ca SHA512 0a28a406629c604f5cbf51f501528239a7ed50d19f93ea505bc5bdc72639e4b926b03f4b8782a5733041f7cdb4aebb9948ac7cfd5a8ad9a0fe309944e595517b

0
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/gfxpayload.patch → sdk_container/src/third_party/portage-stable/sys-boot/grub/files/gfxpayload.patch vendored
View File

0
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch → sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.02_beta2-KERNEL_GLOBS.patch vendored
View File

0
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub-2.06-test-words.patch → sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.06-test-words.patch vendored
View File

38
sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub-2.12-fwsetup.patch vendored Normal file
View File

@ -0,0 +1,38 @@
From 6e0b2277eba062bf7950536cd27f9789c545d20f Mon Sep 17 00:00:00 2001
From: Mike Gilbert <floppym@gentoo.org>
Date: Thu, 11 Apr 2024 15:33:45 -0400
Subject: [PATCH] grub.d: avoid calling fwsetup unconditionally
This causes grub to enter the firmware setup on boot when using a
grub core that does not support the 'fwsetup --is-supported' option.
Upstream has rejected attempts to resolve this, so we will carry this as
a distro patch for a bit.
Bug: https://bugs.gentoo.org/925370
---
util/grub.d/30_uefi-firmware.in | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/util/grub.d/30_uefi-firmware.in b/util/grub.d/30_uefi-firmware.in
index 1c2365ddb..b6041b55e 100644
--- a/util/grub.d/30_uefi-firmware.in
+++ b/util/grub.d/30_uefi-firmware.in
@@ -32,11 +32,8 @@ gettext_printf "Adding boot menu entry for UEFI Firmware Settings ...\n" >&2
cat << EOF
if [ "\$grub_platform" = "efi" ]; then
- fwsetup --is-supported
- if [ "\$?" = 0 ]; then
- menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
- fwsetup
- }
- fi
+ menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+ fwsetup
+ }
fi
EOF
--
2.44.0

6
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/files/grub.default-4 → sdk_container/src/third_party/portage-stable/sys-boot/grub/files/grub.default-4 vendored
View File

@ -34,9 +34,9 @@ GRUB_DISTRIBUTOR="Gentoo"
# Uncomment to disable graphical terminal (grub-pc only) # Uncomment to disable graphical terminal (grub-pc only)
#GRUB_TERMINAL=console #GRUB_TERMINAL=console
# The resolution used on graphical terminal. # Resolution used on graphical terminal.
# Note that you can use only modes which your graphic card supports via VBE. # The list of valid modes may be obtained using the 'vbeinfo' (PC BIOS) or
# You can see them in real GRUB with the command `vbeinfo'. # 'videoinfo' (EFI) command from a GRUB boot prompt.
#GRUB_GFXMODE=640x480 #GRUB_GFXMODE=640x480
# Set to 'text' to force the Linux kernel to boot in normal text # Set to 'text' to force the Linux kernel to boot in normal text

3
sdk_container/src/third_party/portage-stable/sys-boot/grub/files/sbat.csv vendored Normal file
View File

@ -0,0 +1,3 @@
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
grub,3,Free Software Foundation,grub,%PV%,https://www.gnu.org/software/grub/
grub.gentoo,1,Gentoo,grub,%PV%,https://bugs.gentoo.org/
1 sbat 1 SBAT Version sbat 1 https://github.com/rhboot/shim/blob/main/SBAT.md
2 grub 3 Free Software Foundation grub %PV% https://www.gnu.org/software/grub/
3 grub.gentoo 1 Gentoo grub %PV% https://bugs.gentoo.org/

93
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/grub-2.06-r10.ebuild → sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r4.ebuild vendored
View File

@ -1,4 +1,4 @@
# Copyright 1999-2023 Gentoo Authors # Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI=7 EAPI=7
@ -16,29 +16,24 @@ EAPI=7
# If any of the above applies to a user patch, the user should set the # If any of the above applies to a user patch, the user should set the
# corresponding variable in make.conf or the environment. # corresponding variable in make.conf or the environment.
if [[ ${PV} == 9999 ]]; then
GRUB_AUTORECONF=1
GRUB_BOOTSTRAP=1
fi
GRUB_AUTOGEN=1
GRUB_AUTORECONF=1 GRUB_AUTORECONF=1
PYTHON_COMPAT=( python3_{8..11} ) PYTHON_COMPAT=( python3_{10..12} )
WANT_LIBTOOL=none WANT_LIBTOOL=none
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/dkiper.gpg VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg
if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then
inherit python-any-r1
fi
if [[ -n ${GRUB_AUTORECONF} ]]; then if [[ -n ${GRUB_AUTORECONF} ]]; then
inherit autotools inherit autotools
fi fi
inherit bash-completion-r1 flag-o-matic multibuild optfeature toolchain-funcs verify-sig inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1 toolchain-funcs
DESCRIPTION="GNU GRUB boot loader"
HOMEPAGE="https://www.gnu.org/software/grub/"
MY_P=${P} MY_P=${P}
if [[ ${PV} != 9999 ]]; then if [[ ${PV} != 9999 ]]; then
inherit verify-sig
if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then
# The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860
MY_P=${P/_/'~'} MY_P=${P/_/'~'}
@ -50,36 +45,30 @@ if [[ ${PV} != 9999 ]]; then
else else
SRC_URI=" SRC_URI="
mirror://gnu/${PN}/${P}.tar.xz mirror://gnu/${PN}/${P}.tar.xz
https://dev.gentoo.org/~floppym/dist/${P}-bash-completion.patch.gz
verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig ) verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig )
" "
S=${WORKDIR}/${P%_*} S=${WORKDIR}/${P%_*}
fi fi
# Flatcar: Mark as stable for arm64. BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )"
KEYWORDS="amd64 ~arm arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc x86" KEYWORDS="amd64 arm arm64 ~ia64 ~loong ppc ppc64 ~riscv sparc x86"
else else
inherit git-r3 inherit git-r3
EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git"
fi fi
SRC_URI+=" https://dev.gentoo.org/~floppym/dist/${P}-backports-r3.tar.xz"
PATCHES=( PATCHES=(
"${WORKDIR}/${P}-backports"
"${FILESDIR}"/gfxpayload.patch "${FILESDIR}"/gfxpayload.patch
"${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch
"${FILESDIR}"/grub-2.06-test-words.patch "${FILESDIR}"/grub-2.06-test-words.patch
# Flatcar: Add our patches. "${FILESDIR}"/grub-2.12-fwsetup.patch
"${FILESDIR}"/grub-2.06-add-verity-hash.patch "${WORKDIR}"/grub-2.12-bash-completion.patch
"${FILESDIR}"/grub-2.06-add-gpt-partition-scheme.patch
) )
DEJAVU=dejavu-sans-ttf-2.37 DEJAVU=dejavu-sans-ttf-2.37
UNIFONT=unifont-12.1.02 UNIFONT=unifont-15.0.06
SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )
themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )" themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )"
DESCRIPTION="GNU GRUB boot loader"
HOMEPAGE="https://www.gnu.org/software/grub/"
# Includes licenses for dejavu and unifont # Includes licenses for dejavu and unifont
LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )"
@ -88,9 +77,6 @@ IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs
GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot
qemu qemu-mips pc uboot xen xen-32 xen-pvh ) qemu qemu-mips pc uboot xen xen-32 xen-pvh )
# Flatcar: Add arm64 to the list of platforms
GRUB_ALL_PLATFORMS+=( arm64 )
IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"
REQUIRED_USE=" REQUIRED_USE="
@ -100,21 +86,19 @@ REQUIRED_USE="
grub_platforms_loongson? ( fonts ) grub_platforms_loongson? ( fonts )
" "
# Flatcar: Add a dependency on aarch64 cross gcc for arm64 platform. BDEPEND+="
BDEPEND="
${PYTHON_DEPS} ${PYTHON_DEPS}
>=sys-devel/flex-2.5.35 >=sys-devel/flex-2.5.35
sys-devel/bison sys-devel/bison
sys-apps/help2man sys-apps/help2man
sys-apps/texinfo sys-apps/texinfo
grub_platforms_arm64? ( cross-aarch64-cros-linux-gnu/gcc )
fonts? ( fonts? (
media-libs/freetype:2 media-libs/freetype:2
virtual/pkgconfig virtual/pkgconfig
) )
test? ( test? (
app-admin/genromfs app-admin/genromfs
app-arch/cpio app-alternatives/cpio
app-arch/lzop app-arch/lzop
app-emulation/qemu app-emulation/qemu
dev-libs/libisoburn dev-libs/libisoburn
@ -128,17 +112,16 @@ BDEPEND="
virtual/pkgconfig virtual/pkgconfig
) )
truetype? ( virtual/pkgconfig ) truetype? ( virtual/pkgconfig )
verify-sig? ( sec-keys/openpgp-keys-danielkiper )
" "
DEPEND=" DEPEND="
app-arch/xz-utils app-arch/xz-utils
>=sys-libs/ncurses-5.2-r5:0= >=sys-libs/ncurses-5.2-r5:0=
grub_platforms_emu? ( grub_platforms_emu? (
sdl? ( media-libs/libsdl ) sdl? ( media-libs/libsdl2 )
) )
device-mapper? ( >=sys-fs/lvm2-2.02.45 ) device-mapper? ( >=sys-fs/lvm2-2.02.45 )
libzfs? ( sys-fs/zfs:= ) libzfs? ( sys-fs/zfs:= )
mount? ( sys-fs/fuse:0 ) mount? ( sys-fs/fuse:3 )
truetype? ( media-libs/freetype:2= ) truetype? ( media-libs/freetype:2= )
ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
@ -152,7 +135,7 @@ RDEPEND="${DEPEND}
nls? ( sys-devel/gettext ) nls? ( sys-devel/gettext )
" "
RESTRICT="!test? ( test )" RESTRICT="!test? ( test ) test? ( userpriv )"
QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*"
QA_PRESTRIPPED="usr/lib/grub/.*" QA_PRESTRIPPED="usr/lib/grub/.*"
@ -181,11 +164,7 @@ src_unpack() {
src_prepare() { src_prepare() {
default default
if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then python_setup
python_setup
else
export PYTHON=true
fi
if [[ -n ${GRUB_BOOTSTRAP} ]]; then if [[ -n ${GRUB_BOOTSTRAP} ]]; then
eautopoint --force eautopoint --force
@ -197,6 +176,10 @@ src_prepare() {
if [[ -n ${GRUB_AUTORECONF} ]]; then if [[ -n ${GRUB_AUTORECONF} ]]; then
eautoreconf eautoreconf
fi fi
# Avoid error due to extra_deps.lst missing from source tarball:
# make[3]: *** No rule to make target 'grub-core/extra_deps.lst', needed by 'syminfo.lst'. Stop.
echo "depends bli part_gpt" > grub-core/extra_deps.lst || die
} }
grub_do() { grub_do() {
@ -214,8 +197,6 @@ grub_configure() {
efi*) platform=efi ;; efi*) platform=efi ;;
xen-pvh) platform=xen_pvh ;; xen-pvh) platform=xen_pvh ;;
xen*) platform=xen ;; xen*) platform=xen ;;
# Flatcar: Handle arm64 as efi platform
arm64*) platform=efi ;;
guessed) ;; guessed) ;;
*) platform=${MULTIBUILD_VARIANT} ;; *) platform=${MULTIBUILD_VARIANT} ;;
esac esac
@ -243,7 +224,8 @@ grub_configure() {
$(use_enable themes grub-themes) $(use_enable themes grub-themes)
$(use_enable truetype grub-mkfont) $(use_enable truetype grub-mkfont)
$(use_enable libzfs) $(use_enable libzfs)
$(use_enable sdl grub-emu-sdl) --enable-grub-emu-sdl=no
$(use_enable sdl grub-emu-sdl2)
${platform:+--with-platform=}${platform} ${platform:+--with-platform=}${platform}
# Let configure detect this where supported # Let configure detect this where supported
@ -298,7 +280,7 @@ src_configure() {
src_compile() { src_compile() {
# Sandbox bug 404013. # Sandbox bug 404013.
use libzfs && addpredict /etc/dfs:/dev/zfs use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; }
grub_do emake grub_do emake
use doc && grub_do_once emake -C docs html use doc && grub_do_once emake -C docs html
@ -307,7 +289,9 @@ src_compile() {
src_test() { src_test() {
# The qemu dependency is a bit complex. # The qemu dependency is a bit complex.
# You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.
grub_do emake check local SANDBOX_WRITE=${SANDBOX_WRITE}
addwrite /dev
grub_do emake -j1 check
} }
src_install() { src_install() {
@ -322,10 +306,14 @@ src_install() {
# https://bugs.gentoo.org/231935 # https://bugs.gentoo.org/231935
dostrip -x /usr/lib/grub dostrip -x /usr/lib/grub
# SBAT format documentation https://github.com/rhboot/shim/blob/main/SBAT.md sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die
dodir /usr/share/grub insinto /usr/share/grub
sed -e "s/@@UPSTREAM_VERSION@@/${PV}/" -e "s/@@VERSION@@/${PVR}/" "${FILESDIR}"/sbat.csv.in >"${ED}/usr/share/grub/sbat.csv" || die doins "${T}/sbat.csv"
if use elibc_musl; then
# https://bugs.gentoo.org/900348
QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} )
fi
} }
pkg_postinst() { pkg_postinst() {
@ -346,8 +334,9 @@ pkg_postinst() {
else else
elog elog
optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober
optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools
optfeature "enabling RAID device detection" sys-fs/mdadm optfeature "enabling RAID device detection" sys-fs/mdadm
optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]"
fi fi
if has_version 'sys-boot/grub:0'; then if has_version 'sys-boot/grub:0'; then

435
sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-2.12-r5.ebuild vendored Normal file
View File

@ -0,0 +1,435 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
# This ebuild uses 3 special global variables:
# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib).
# GRUB_AUTOGEN: Depend on python and invoke autogen.sh.
# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf.
#
# When applying patches:
# If gnulib is updated, set GRUB_BOOTSTRAP=1
# If gentpl.py or *.def is updated, set GRUB_AUTOGEN=1
# If gnulib, gentpl.py, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1
#
# If any of the above applies to a user patch, the user should set the
# corresponding variable in make.conf or the environment.
GRUB_AUTORECONF=1
PYTHON_COMPAT=( python3_{10..12} )
WANT_LIBTOOL=none
VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg
if [[ -n ${GRUB_AUTORECONF} ]]; then
inherit autotools
fi
inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1
inherit secureboot toolchain-funcs
DESCRIPTION="GNU GRUB boot loader"
HOMEPAGE="https://www.gnu.org/software/grub/"
MY_P=${P}
if [[ ${PV} != 9999 ]]; then
inherit verify-sig
if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then
# The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860
MY_P=${P/_/'~'}
SRC_URI="
https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz
verify-sig? ( https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz.sig )
"
S=${WORKDIR}/${MY_P}
else
SRC_URI="
mirror://gnu/${PN}/${P}.tar.xz
https://dev.gentoo.org/~floppym/dist/${P}-bash-completion.patch.gz
verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig )
"
S=${WORKDIR}/${P%_*}
fi
BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )"
KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
else
inherit git-r3
EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git"
fi
PATCHES=(
"${FILESDIR}"/gfxpayload.patch
"${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch
"${FILESDIR}"/grub-2.06-test-words.patch
"${FILESDIR}"/grub-2.12-fwsetup.patch
"${WORKDIR}"/grub-2.12-bash-completion.patch
)
DEJAVU=dejavu-sans-ttf-2.37
UNIFONT=unifont-15.0.06
SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )
themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )"
# Includes licenses for dejavu and unifont
LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )"
SLOT="2/${PVR}"
IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs"
GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot
qemu qemu-mips pc uboot xen xen-32 xen-pvh )
IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"
REQUIRED_USE="
grub_platforms_coreboot? ( fonts )
grub_platforms_qemu? ( fonts )
grub_platforms_ieee1275? ( fonts )
grub_platforms_loongson? ( fonts )
"
BDEPEND+="
${PYTHON_DEPS}
>=sys-devel/flex-2.5.35
sys-devel/bison
sys-apps/help2man
sys-apps/texinfo
fonts? (
media-libs/freetype:2
virtual/pkgconfig
)
test? (
app-admin/genromfs
app-alternatives/cpio
app-arch/lzop
app-emulation/qemu
dev-libs/libisoburn
sys-apps/miscfiles
sys-block/parted
sys-fs/squashfs-tools
)
themes? (
app-arch/unzip
media-libs/freetype:2
virtual/pkgconfig
)
truetype? ( virtual/pkgconfig )
"
DEPEND="
app-arch/xz-utils
>=sys-libs/ncurses-5.2-r5:0=
grub_platforms_emu? (
sdl? ( media-libs/libsdl2 )
)
device-mapper? ( >=sys-fs/lvm2-2.02.45 )
libzfs? ( sys-fs/zfs:= )
mount? ( sys-fs/fuse:3 )
truetype? ( media-libs/freetype:2= )
ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
"
RDEPEND="${DEPEND}
kernel_linux? (
grub_platforms_efi-32? ( sys-boot/efibootmgr )
grub_platforms_efi-64? ( sys-boot/efibootmgr )
)
!sys-boot/grub:0
nls? ( sys-devel/gettext )
"
RESTRICT="!test? ( test ) test? ( userpriv )"
QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*"
QA_PRESTRIPPED="usr/lib/grub/.*"
QA_MULTILIB_PATHS="usr/lib/grub/.*"
QA_WX_LOAD="usr/lib/grub/*"
pkg_setup() {
:
}
src_unpack() {
if [[ ${PV} == 9999 ]]; then
git-r3_src_unpack
pushd "${P}" >/dev/null || die
local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git"
local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}")
git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}"
git-r3_checkout "${GNULIB_URI}" gnulib
popd >/dev/null || die
elif use verify-sig; then
verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.sig}
fi
default
}
src_prepare() {
default
python_setup
if [[ -n ${GRUB_BOOTSTRAP} ]]; then
eautopoint --force
AUTOPOINT=: AUTORECONF=: ./bootstrap || die
elif [[ -n ${GRUB_AUTOGEN} ]]; then
FROM_BOOTSTRAP=1 ./autogen.sh || die
fi
if [[ -n ${GRUB_AUTORECONF} ]]; then
eautoreconf
fi
# Avoid error due to extra_deps.lst missing from source tarball:
# make[3]: *** No rule to make target 'grub-core/extra_deps.lst', needed by 'syminfo.lst'. Stop.
echo "depends bli part_gpt" > grub-core/extra_deps.lst || die
}
grub_do() {
multibuild_foreach_variant run_in_build_dir "$@"
}
grub_do_once() {
multibuild_for_best_variant run_in_build_dir "$@"
}
grub_configure() {
local platform
case ${MULTIBUILD_VARIANT} in
efi*) platform=efi ;;
xen-pvh) platform=xen_pvh ;;
xen*) platform=xen ;;
guessed) ;;
*) platform=${MULTIBUILD_VARIANT} ;;
esac
case ${MULTIBUILD_VARIANT} in
*-32)
if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then
local CTARGET=i386
fi ;;
*-64)
if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then
local CTARGET=x86_64
local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}"
local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}"
fi ;;
esac
local myeconfargs=(
--disable-werror
--program-prefix=
--libdir="${EPREFIX}"/usr/lib
$(use_enable device-mapper)
$(use_enable mount grub-mount)
$(use_enable nls)
$(use_enable themes grub-themes)
$(use_enable truetype grub-mkfont)
$(use_enable libzfs)
--enable-grub-emu-sdl=no
$(use_enable sdl grub-emu-sdl2)
${platform:+--with-platform=}${platform}
# Let configure detect this where supported
$(usex efiemu '' '--disable-efiemu')
)
if use fonts; then
ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die
fi
if use themes; then
ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die
fi
local ECONF_SOURCE="${S}"
econf "${myeconfargs[@]}"
}
src_configure() {
# Bug 508758.
replace-flags -O3 -O2
# Workaround for bug 829165.
filter-ldflags -pie
# We don't want to leak flags onto boot code.
export HOST_CCASFLAGS=${CCASFLAGS}
export HOST_CFLAGS=${CFLAGS}
export HOST_CPPFLAGS=${CPPFLAGS}
export HOST_LDFLAGS=${LDFLAGS}
unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS
tc-ld-disable-gold #439082 #466536 #526348
export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}"
unset LDFLAGS
tc-export CC NM OBJCOPY RANLIB STRIP
tc-export BUILD_CC BUILD_PKG_CONFIG
# Force configure to use flex & bison, bug 887211.
export LEX=flex
unset YACC
MULTIBUILD_VARIANTS=()
local p
for p in "${GRUB_ALL_PLATFORMS[@]}"; do
use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" )
done
[[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed )
grub_do grub_configure
}
src_compile() {
# Sandbox bug 404013.
use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; }
grub_do emake
use doc && grub_do_once emake -C docs html
}
src_test() {
# The qemu dependency is a bit complex.
# You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.
local SANDBOX_WRITE=${SANDBOX_WRITE}
addwrite /dev
grub_do emake -j1 check
}
grub_mkstandalone_secureboot() {
use secureboot || return
if tc-is-cross-compiler; then
ewarn "USE=secureboot is not supported when cross-compiling."
ewarn "No standalone EFI executable will be built."
return 1
fi
local standalone_targets
case ${CTARGET:-${CHOST}} in
i?86* | x86_64*)
use grub_platforms_efi-32 && standalone_targets+=( i386-efi )
use grub_platforms_efi-64 && standalone_targets+=( x86_64-efi )
;;
arm* | aarch64*)
use grub_platforms_efi-32 && standalone_targets+=( arm-efi )
use grub_platforms_efi-64 && standalone_targets+=( arm64-efi )
;;
riscv*)
use grub_platforms_efi-32 && standalone_targets+=( riscv32-efi )
use grub_platforms_efi-64 && standalone_targets+=( riscv64-efi )
;;
ia64*)
use grub_platforms_efi-64 && standalone_targets+=( ia64-efi )
;;
loongarch64*)
use grub_platforms_efi-64 && standalone_targets+=( loongarch64-efi )
;;
esac
if [[ ${#standalone_targets[@]} -eq 0 ]]; then
ewarn "USE=secureboot is enabled, but no suitable EFI target in GRUB_PLATFORMS."
ewarn "No standalone EFI executable will be built."
return 1
fi
local target mkstandalone_args
# grub-mkstandalone embeds a config file, make this config file chainload
# a config file in the same directory grub is installed in. This requires
# pre-loading the part_gpt and part_msdos modules.
echo 'configfile ${cmdpath}/grub.cfg' > "${T}/grub.cfg" || die
for target in "${standalone_targets[@]}"; do
ebegin "Building standalone EFI executable for ${target}"
mkstandalone_args=(
--verbose
--directory="${ED}/usr/lib/grub/${target}"
--locale-directory="${ED}/usr/share/locale"
--format="${target}"
--modules="part_gpt part_msdos"
--sbat="${ED}/usr/share/grub/sbat.csv"
--output="${ED}/usr/lib/grub/grub-${target%-efi}.efi"
"boot/grub/grub.cfg=${T}/grub.cfg"
)
"${ED}/usr/bin/grub-mkstandalone" "${mkstandalone_args[@]}"
eend ${?} || die "grub-mkstandalone failed to build EFI executable"
done
secureboot_auto_sign
}
src_install() {
grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)"
use doc && grub_do_once emake -C docs install-html DESTDIR="${D}"
einstalldocs
insinto /etc/default
newins "${FILESDIR}"/grub.default-4 grub
# https://bugs.gentoo.org/231935
dostrip -x /usr/lib/grub
sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die
insinto /usr/share/grub
doins "${T}/sbat.csv"
if use elibc_musl; then
# https://bugs.gentoo.org/900348
QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} )
fi
grub_mkstandalone_secureboot
}
pkg_postinst() {
elog "For information on how to configure GRUB2 please refer to the guide:"
elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start"
if [[ -n ${REPLACING_VERSIONS} ]]; then
local v
for v in ${REPLACING_VERSIONS}; do
if ver_test -gt ${v}; then
ewarn
ewarn "Re-run grub-install to update installed boot code!"
ewarn "Re-run grub-mkconfig to update grub.cfg!"
ewarn
break
fi
done
else
elog
optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober
optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools
optfeature "enabling RAID device detection" sys-fs/mdadm
optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]"
fi
if has_version 'sys-boot/grub:0'; then
elog "A migration guide for GRUB Legacy users is available:"
elog " https://wiki.gentoo.org/wiki/GRUB2_Migration"
fi
if has_version sys-boot/os-prober; then
ewarn "Due to security concerns, os-prober is disabled by default."
ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it."
fi
if use secureboot; then
elog
elog "The signed standalone grub EFI executable(s) are available in:"
elog " /usr/lib/grub/grub-<target>.efi(.signed)"
elog "These EFI executables should be copied to the usual location at:"
elog " ESP/EFI/Gentoo/grub<arch>.efi"
elog "Note that 'grub-install' does not install these images."
elog
elog "These standalone grub executables read the grub config file from"
elog "the grub.cfg in the same directory instead of the default"
elog "/boot/grub/grub.cfg. When sys-kernel/installkernel[grub] is used,"
elog "the location of the grub.cfg may be overridden by setting the"
elog "GRUB_CFG environment variable:"
elog " GRUB_CFG=ESP/EFI/Gentoo/grub.cfg"
elog
fi
}

432
sdk_container/src/third_party/portage-stable/sys-boot/grub/grub-9999.ebuild vendored Normal file
View File

@ -0,0 +1,432 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
# This ebuild uses 3 special global variables:
# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib).
# GRUB_AUTOGEN: Depend on python and invoke autogen.sh.
# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf.
#
# When applying patches:
# If gnulib is updated, set GRUB_BOOTSTRAP=1
# If gentpl.py or *.def is updated, set GRUB_AUTOGEN=1
# If gnulib, gentpl.py, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1
#
# If any of the above applies to a user patch, the user should set the
# corresponding variable in make.conf or the environment.
if [[ ${PV} == 9999 ]]; then
GRUB_AUTORECONF=1
GRUB_BOOTSTRAP=1
fi
PYTHON_COMPAT=( python3_{10..12} )
WANT_LIBTOOL=none
VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dkiper.gpg
if [[ -n ${GRUB_AUTORECONF} ]]; then
inherit autotools
fi
inherit bash-completion-r1 flag-o-matic multibuild optfeature python-any-r1
inherit secureboot toolchain-funcs
DESCRIPTION="GNU GRUB boot loader"
HOMEPAGE="https://www.gnu.org/software/grub/"
MY_P=${P}
if [[ ${PV} != 9999 ]]; then
inherit verify-sig
if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then
# The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860
MY_P=${P/_/'~'}
SRC_URI="
https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz
verify-sig? ( https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz.sig )
"
S=${WORKDIR}/${MY_P}
else
SRC_URI="
mirror://gnu/${PN}/${P}.tar.xz
verify-sig? ( mirror://gnu/${PN}/${P}.tar.xz.sig )
"
S=${WORKDIR}/${P%_*}
fi
BDEPEND="verify-sig? ( sec-keys/openpgp-keys-danielkiper )"
KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
else
inherit git-r3
EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git"
fi
PATCHES=(
"${FILESDIR}"/gfxpayload.patch
"${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch
"${FILESDIR}"/grub-2.06-test-words.patch
)
DEJAVU=dejavu-sans-ttf-2.37
UNIFONT=unifont-15.0.06
SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz )
themes? ( https://downloads.sourceforge.net/dejavu/${DEJAVU}.zip )"
# Includes licenses for dejavu and unifont
LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )"
SLOT="2/${PVR}"
IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs"
GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot
qemu qemu-mips pc uboot xen xen-32 xen-pvh )
IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}"
REQUIRED_USE="
grub_platforms_coreboot? ( fonts )
grub_platforms_qemu? ( fonts )
grub_platforms_ieee1275? ( fonts )
grub_platforms_loongson? ( fonts )
"
BDEPEND+="
${PYTHON_DEPS}
>=sys-devel/flex-2.5.35
sys-devel/bison
sys-apps/help2man
sys-apps/texinfo
fonts? (
media-libs/freetype:2
virtual/pkgconfig
)
test? (
app-admin/genromfs
app-alternatives/cpio
app-arch/lzop
app-emulation/qemu
dev-libs/libisoburn
sys-apps/miscfiles
sys-block/parted
sys-fs/squashfs-tools
)
themes? (
app-arch/unzip
media-libs/freetype:2
virtual/pkgconfig
)
truetype? ( virtual/pkgconfig )
"
DEPEND="
app-arch/xz-utils
>=sys-libs/ncurses-5.2-r5:0=
grub_platforms_emu? (
sdl? ( media-libs/libsdl2 )
)
device-mapper? ( >=sys-fs/lvm2-2.02.45 )
libzfs? ( sys-fs/zfs:= )
mount? ( sys-fs/fuse:3 )
truetype? ( media-libs/freetype:2= )
ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 )
"
RDEPEND="${DEPEND}
kernel_linux? (
grub_platforms_efi-32? ( sys-boot/efibootmgr )
grub_platforms_efi-64? ( sys-boot/efibootmgr )
)
!sys-boot/grub:0
nls? ( sys-devel/gettext )
"
RESTRICT="!test? ( test ) test? ( userpriv )"
QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*"
QA_PRESTRIPPED="usr/lib/grub/.*"
QA_MULTILIB_PATHS="usr/lib/grub/.*"
QA_WX_LOAD="usr/lib/grub/*"
pkg_setup() {
:
}
src_unpack() {
if [[ ${PV} == 9999 ]]; then
git-r3_src_unpack
pushd "${P}" >/dev/null || die
local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git"
local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}")
git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}"
git-r3_checkout "${GNULIB_URI}" gnulib
popd >/dev/null || die
elif use verify-sig; then
verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.sig}
fi
default
}
src_prepare() {
default
python_setup
if [[ -n ${GRUB_BOOTSTRAP} ]]; then
eautopoint --force
AUTOPOINT=: AUTORECONF=: ./bootstrap || die
elif [[ -n ${GRUB_AUTOGEN} ]]; then
FROM_BOOTSTRAP=1 ./autogen.sh || die
fi
if [[ -n ${GRUB_AUTORECONF} ]]; then
eautoreconf
fi
}
grub_do() {
multibuild_foreach_variant run_in_build_dir "$@"
}
grub_do_once() {
multibuild_for_best_variant run_in_build_dir "$@"
}
grub_configure() {
local platform
case ${MULTIBUILD_VARIANT} in
efi*) platform=efi ;;
xen-pvh) platform=xen_pvh ;;
xen*) platform=xen ;;
guessed) ;;
*) platform=${MULTIBUILD_VARIANT} ;;
esac
case ${MULTIBUILD_VARIANT} in
*-32)
if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then
local CTARGET=i386
fi ;;
*-64)
if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then
local CTARGET=x86_64
local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}"
local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}"
fi ;;
esac
local myeconfargs=(
--disable-werror
--program-prefix=
--libdir="${EPREFIX}"/usr/lib
$(use_enable device-mapper)
$(use_enable mount grub-mount)
$(use_enable nls)
$(use_enable themes grub-themes)
$(use_enable truetype grub-mkfont)
$(use_enable libzfs)
--enable-grub-emu-sdl=no
$(use_enable sdl grub-emu-sdl2)
${platform:+--with-platform=}${platform}
# Let configure detect this where supported
$(usex efiemu '' '--disable-efiemu')
)
if use fonts; then
ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die
fi
if use themes; then
ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die
fi
local ECONF_SOURCE="${S}"
econf "${myeconfargs[@]}"
}
src_configure() {
# Bug 508758.
replace-flags -O3 -O2
# Workaround for bug 829165.
filter-ldflags -pie
# We don't want to leak flags onto boot code.
export HOST_CCASFLAGS=${CCASFLAGS}
export HOST_CFLAGS=${CFLAGS}
export HOST_CPPFLAGS=${CPPFLAGS}
export HOST_LDFLAGS=${LDFLAGS}
unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS
tc-ld-disable-gold #439082 #466536 #526348
export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}"
unset LDFLAGS
tc-export CC NM OBJCOPY RANLIB STRIP
tc-export BUILD_CC BUILD_PKG_CONFIG
# Force configure to use flex & bison, bug 887211.
export LEX=flex
unset YACC
MULTIBUILD_VARIANTS=()
local p
for p in "${GRUB_ALL_PLATFORMS[@]}"; do
use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" )
done
[[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed )
grub_do grub_configure
}
src_compile() {
# Sandbox bug 404013.
use libzfs && { addpredict /etc/dfs; addpredict /dev/zfs; }
grub_do emake
use doc && grub_do_once emake -C docs html
}
src_test() {
# The qemu dependency is a bit complex.
# You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform.
local SANDBOX_WRITE=${SANDBOX_WRITE}
addwrite /dev
grub_do emake -j1 check
}
grub_mkstandalone_secureboot() {
use secureboot || return
if tc-is-cross-compiler; then
ewarn "USE=secureboot is not supported when cross-compiling."
ewarn "No standalone EFI executable will be built."
return 1
fi
local standalone_targets
case ${CTARGET:-${CHOST}} in
i?86* | x86_64*)
use grub_platforms_efi-32 && standalone_targets+=( i386-efi )
use grub_platforms_efi-64 && standalone_targets+=( x86_64-efi )
;;
arm* | aarch64*)
use grub_platforms_efi-32 && standalone_targets+=( arm-efi )
use grub_platforms_efi-64 && standalone_targets+=( arm64-efi )
;;
riscv*)
use grub_platforms_efi-32 && standalone_targets+=( riscv32-efi )
use grub_platforms_efi-64 && standalone_targets+=( riscv64-efi )
;;
ia64*)
use grub_platforms_efi-64 && standalone_targets+=( ia64-efi )
;;
loongarch64*)
use grub_platforms_efi-64 && standalone_targets+=( loongarch64-efi )
;;
esac
if [[ ${#standalone_targets[@]} -eq 0 ]]; then
ewarn "USE=secureboot is enabled, but no suitable EFI target in GRUB_PLATFORMS."
ewarn "No standalone EFI executable will be built."
return 1
fi
local target mkstandalone_args
# grub-mkstandalone embeds a config file, make this config file chainload
# a config file in the same directory grub is installed in. This requires
# pre-loading the part_gpt and part_msdos modules.
echo 'configfile ${cmdpath}/grub.cfg' > "${T}/grub.cfg" || die
for target in "${standalone_targets[@]}"; do
ebegin "Building standalone EFI executable for ${target}"
mkstandalone_args=(
--verbose
--directory="${ED}/usr/lib/grub/${target}"
--locale-directory="${ED}/usr/share/locale"
--format="${target}"
--modules="part_gpt part_msdos"
--sbat="${ED}/usr/share/grub/sbat.csv"
--output="${ED}/usr/lib/grub/grub-${target%-efi}.efi"
"boot/grub/grub.cfg=${T}/grub.cfg"
)
"${ED}/usr/bin/grub-mkstandalone" "${mkstandalone_args[@]}"
eend ${?} || die "grub-mkstandalone failed to build EFI executable"
done
secureboot_auto_sign
}
src_install() {
grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)"
use doc && grub_do_once emake -C docs install-html DESTDIR="${D}"
einstalldocs
insinto /etc/default
newins "${FILESDIR}"/grub.default-4 grub
# https://bugs.gentoo.org/231935
dostrip -x /usr/lib/grub
sed -e "s/%PV%/${PV}/" "${FILESDIR}/sbat.csv" > "${T}/sbat.csv" || die
insinto /usr/share/grub
doins "${T}/sbat.csv"
if use elibc_musl; then
# https://bugs.gentoo.org/900348
QA_CONFIG_IMPL_DECL_SKIP=( re_{compile_pattern,match,search,set_syntax} )
fi
grub_mkstandalone_secureboot
}
pkg_postinst() {
elog "For information on how to configure GRUB2 please refer to the guide:"
elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start"
if [[ -n ${REPLACING_VERSIONS} ]]; then
local v
for v in ${REPLACING_VERSIONS}; do
if ver_test -gt ${v}; then
ewarn
ewarn "Re-run grub-install to update installed boot code!"
ewarn "Re-run grub-mkconfig to update grub.cfg!"
ewarn
break
fi
done
else
elog
optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober
optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn sys-fs/mtools
optfeature "enabling RAID device detection" sys-fs/mdadm
optfeature "automatically updating GRUB's configuration on each kernel installation" "sys-kernel/installkernel[grub]"
fi
if has_version 'sys-boot/grub:0'; then
elog "A migration guide for GRUB Legacy users is available:"
elog " https://wiki.gentoo.org/wiki/GRUB2_Migration"
fi
if has_version sys-boot/os-prober; then
ewarn "Due to security concerns, os-prober is disabled by default."
ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it."
fi
if use secureboot; then
elog
elog "The signed standalone grub EFI executable(s) are available in:"
elog " /usr/lib/grub/grub-<target>.efi(.signed)"
elog "These EFI executables should be copied to the usual location at:"
elog " ESP/EFI/Gentoo/grub<arch>.efi"
elog "Note that 'grub-install' does not install these images."
elog
elog "These standalone grub executables read the grub config file from"
elog "the grub.cfg in the same directory instead of the default"
elog "/boot/grub/grub.cfg. When sys-kernel/installkernel[grub] is used,"
elog "the location of the grub.cfg may be overridden by setting the"
elog "GRUB_CFG environment variable:"
elog " GRUB_CFG=ESP/EFI/Gentoo/grub.cfg"
elog
fi
}

0
sdk_container/src/third_party/coreos-overlay/sys-boot/grub/metadata.xml → sdk_container/src/third_party/portage-stable/sys-boot/grub/metadata.xml vendored
View File