From 8900e3e6f840b95c1c8126f9c283ca5c99f5f4fd Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 17 Sep 2022 05:16:32 +0100 Subject: gentoo auto-resync : 17:09:2022 - 05:16:32 --- sys-boot/Manifest.gz | Bin 6211 -> 6209 bytes sys-boot/grub/Manifest | 3 +- .../grub-2.06-grub-mkconfig-restore-umask.patch | 41 +++ sys-boot/grub/grub-2.06-r2.ebuild | 319 -------------------- sys-boot/grub/grub-2.06-r3.ebuild | 320 +++++++++++++++++++++ 5 files changed, 363 insertions(+), 320 deletions(-) create mode 100644 sys-boot/grub/files/grub-2.06-grub-mkconfig-restore-umask.patch delete mode 100644 sys-boot/grub/grub-2.06-r2.ebuild create mode 100644 sys-boot/grub/grub-2.06-r3.ebuild (limited to 'sys-boot') diff --git a/sys-boot/Manifest.gz b/sys-boot/Manifest.gz index ed5089e8f98e..e725a1c3cd95 100644 Binary files a/sys-boot/Manifest.gz and b/sys-boot/Manifest.gz differ diff --git a/sys-boot/grub/Manifest b/sys-boot/grub/Manifest index 1c2573048f26..2b8e78118a9b 100644 --- a/sys-boot/grub/Manifest +++ b/sys-boot/grub/Manifest @@ -1,6 +1,7 @@ AUX gfxpayload.patch 1118 BLAKE2B 4104fc696535b1c3feba5876bccc64f9b2e52319ee992c59e7f17b8310cc9addf7545630fff78c73ca3f4b0dcd44e1bf69f4df5264d6f58777f7e5aeae93cbcb SHA512 00324825c369902a0383b792cd21e161853eadccbdc5abe2420f2d443bf6a74f72be6c15243107b936acd38c3547387c3771dc2cb566003c4c754c9260b4aa00 AUX grub-2.02_beta2-KERNEL_GLOBS.patch 2355 BLAKE2B c120f06d3597a2ff9566778afd69d80a814904726e47766b7582626d182a2703e54fd69ecf00b54bcc5541e22a3d93ff8b85c9cf8d0440623454e8e7da3aaa91 SHA512 23416ac17838f101ed73103af6aa7305609667f47288bfa3bd5ae80d1123da664ba6f9b518451b0bd5f528e069893a51444d203953be0b0644790cea0b4b9cf0 AUX grub-2.06-binutils-2.36.patch 1894 BLAKE2B 10bfce5c3c05f711a430a6f1c67e840e7ef0adaf2ecb4825c069106ef9e25f7e1f3bbf07b054cc38cf88fb37bcdfd8d4366548385fdd51a3dc4179177c054984 SHA512 8c35663ef72683bd23c18e75134a0ddb1bb9a7c053ed87691e2ac5c9765fdf802761a6ad54f8bdc7999679d9cc5ebea9c01f1c0f615ac90505f7a398129d157b +AUX grub-2.06-grub-mkconfig-restore-umask.patch 1377 BLAKE2B ea5369b79a1ec0dbb4e212749a406aa361a5f12baf38737e273b19fb94eba78d7734bd532d91f40889f0cc7f0573d1a247baa548b6ac1963961181a85ff928ce SHA512 e899e6f0575e35b747aae6d14140dcecb453485abf0f7d53649fe35301313d7de16a350301a53e476d4b18ad1909ed4d4ce26cbd986728154137c970c7ce3bca AUX grub-2.06-test-words.patch 2553 BLAKE2B 21d6167945b461be7cc73198451ae0dc15ce0dfe2a301342f1a3bb75d6fcb5d73da9997fb8a93f36dffb43a351f056a1a4db9eed3147b0f3e77c65034b805c64 SHA512 627422377bdad97d0197f178814d6616a0f7ec07357182b00166a455d38ba0c5a60185c5febf4dfb7a11b35f26c7af607508cb5f418acdb7290517240fbd99e4 AUX grub-2.06-xfs-v4.patch 4440 BLAKE2B 8682d2b9520f96b098160d431906059537a6d09f4af36e4e8453e9fd821f774f49db50b24c16f650eff3ac69848573ed9a988859426829ef5b9f43c7189eead2 SHA512 743203685dca932f2f6c3d6fa85cef8631cfe8dae4afc25e7cfd50de6351e3f5974d4dded5127efb3d7f3b0cf94b60c5435135f05c6c4d9a90eb724b40076dbb AUX grub.default-3 2528 BLAKE2B c32de43644eca5fae8d8d727ff443600917a93e015f8a83dde555e3bca7506a817b08a2fc926970eeb5b7f40028f4951c6cdcd281f9fc0b6504f26c8e76bf0c5 SHA512 505960e62b44c70af0a90c7ff486bd57101831d7c6e9d80084013e374070ff02b40f77b0790aebb926e1e0854e375867cba1d4977dbb00c2ba54ebaa9f6a1a0b @@ -8,6 +9,6 @@ DIST dejavu-sans-ttf-2.37.zip 417746 BLAKE2B c8904f3cd5a49370a7dc10e456684c88aea DIST grub-2.06-backports-r1.tar.xz 31900 BLAKE2B d8320eff8cebc408b7c4845d17adf82470407fd3837ab8508703f0f3b2bf5271d6ea8ec2cdf57461e77dd9b69458e9a9d197b533029df3637aad3656b2968b65 SHA512 2487a305ca3f969ed735df0ef181cc7caceffcfaf0126dbd8cceb19ce1062952404f0e5deeaa4f9431cafa94c40c2d57c77da17ea3da4ff62592e42e852b107a DIST grub-2.06.tar.xz 6581924 BLAKE2B 2a40b9b03d7bb3b9e7b1309ab274d686f01b3c42e7035ebc6e5a0e59a59c3b7362ba518341664b314cb0dbc8222bb10ea05ce09f08ce9d58a293207cb909e417 SHA512 4f11c648f3078567e53fc0c74d5026fdc6da4be27d188975e79d9a4df817ade0fe5ad2ddd694238a07edc45adfa02943d83c57767dd51548102b375e529e8efe DIST unifont-12.1.02.pcf.gz 1335424 BLAKE2B 97080312468e3f3c8aa6f49cef08f5622641e8c9c035f3ede1e09d8d98de4e78d3b23c8aba2e8070eb46cbebd2d55e8568e467d7f15f35aa8fc8db792b7e5f14 SHA512 b280b2db7cf5f480b0668c331130dede2c0cc87d5e02e44566b77787113d0f6604d0105522858288f2ac6b8e77df7a2d9878725013a6c778dc5bfb183156e2f0 -EBUILD grub-2.06-r2.ebuild 8048 BLAKE2B 6a8762f62ea69826e60e18960213f170f1441349f67576c32d34f1dd3969d5b95b0fe67ddb7d980b55c6b16455dbc0f84c6221f79211fb9e522bfedd913ec667 SHA512 faec37c131cfcc5473d39454a51ddc45ba4a38b7258888337e02fe01451710da7dcc303703ed02c122cde5b335f8a19fec9d200d69547df510af299dd8d8ce0b +EBUILD grub-2.06-r3.ebuild 8107 BLAKE2B e108ad246d53fbfc3d1e88561525c0b6b834d07f599496f50fe21b056cf6237797f03952d999a9400fea5387111ed1880bf209d078e0cc9ad0856a79f8475346 SHA512 55fbde5ddf99b192f30eef13dcd096b4888338947cc693a42507ac152cf0652c0321c63a338445190adbad01b4e188d60de2c582763e9188b9e6f3e64a1e88b2 EBUILD grub-9999.ebuild 7940 BLAKE2B ec2c7cd1028e60c13db74c4e8ef1ae0edb2e26c41c03e58567b8431e9d90ca1d564b06a2c13df19f63bfce7e4654ee9a9e368e1f506b0690892326cd43e6ef0c SHA512 d555bf188380574d0ee33c639b60f19dcc6c36faabd984a01188c9aa3fe5f317c0ce0b18a4d11486659bd0f0dca174e6efd3e24c3c2046985c0bff129d4c3f7e MISC metadata.xml 986 BLAKE2B 7c03fac1bf235c1d82e435926c5a9079a21eb16e9937c0ac4e6297bc2f129bc9022efa11c099df07fd9e3b6c47a13246e25ae1c4cc390878ead82394c9b9ed11 SHA512 eb62f4b746c87bf2756669d57e76e60f24cea493948b19429a45e52d02fc1a501b4465ba52940757409258f7ad0ceef0e0f473aeb80cbd9b693b866ae015f13c diff --git a/sys-boot/grub/files/grub-2.06-grub-mkconfig-restore-umask.patch b/sys-boot/grub/files/grub-2.06-grub-mkconfig-restore-umask.patch new file mode 100644 index 000000000000..e2a6414ef05b --- /dev/null +++ b/sys-boot/grub/files/grub-2.06-grub-mkconfig-restore-umask.patch @@ -0,0 +1,41 @@ +From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001 +From: Michael Chang +Date: Fri, 3 Dec 2021 16:13:28 +0800 +Subject: grub-mkconfig: Restore umask for the grub.cfg + +The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating +configuration by grub-mkconfig) has inadvertently discarded umask for +creating grub.cfg in the process of running grub-mkconfig. The resulting +wrong permission (0644) would allow unprivileged users to read GRUB +configuration file content. This presents a low confidentiality risk +as grub.cfg may contain non-secured plain-text passwords. + +This patch restores the missing umask and sets the creation file mode +to 0600 preventing unprivileged access. + +Fixes: CVE-2021-3981 + +Signed-off-by: Michael Chang +Reviewed-by: Daniel Kiper +--- + util/grub-mkconfig.in | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index c3ea761..62335d0 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with + exit 1 + else + # none of the children aborted with error, install the new grub.cfg ++ oldumask=$(umask) ++ umask 077 + cat ${grub_cfg}.new > ${grub_cfg} ++ umask $oldumask + rm -f ${grub_cfg}.new + fi + fi +-- +cgit v1.1 + diff --git a/sys-boot/grub/grub-2.06-r2.ebuild b/sys-boot/grub/grub-2.06-r2.ebuild deleted file mode 100644 index 6373aeeb54b7..000000000000 --- a/sys-boot/grub/grub-2.06-r2.ebuild +++ /dev/null @@ -1,319 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -# This ebuild uses 3 special global variables: -# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib). -# GRUB_AUTOGEN: Depend on python and invoke the autogen.sh. -# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf. -# -# When applying patches: -# If gnulib is updated, set GRUB_BOOTSTRAP=1 -# If *.def is updated, set GRUB_AUTOGEN=1 -# If gnulib, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1 -# -# If any of the above applies to a user patch, the user should set the -# corresponding variable in make.conf or the environment. - -if [[ ${PV} == 9999 ]]; then - GRUB_BOOTSTRAP=1 -fi - -GRUB_AUTORECONF=1 -PYTHON_COMPAT=( python3_{8..11} ) -WANT_LIBTOOL=none - -if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then - inherit python-any-r1 -fi - -if [[ -n ${GRUB_AUTORECONF} ]]; then - inherit autotools -fi - -inherit bash-completion-r1 flag-o-matic multibuild optfeature toolchain-funcs - -if [[ ${PV} != 9999 ]]; then - if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then - # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 - MY_P=${P/_/'~'} - SRC_URI="https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz" - S=${WORKDIR}/${MY_P} - else - SRC_URI="mirror://gnu/${PN}/${P}.tar.xz" - S=${WORKDIR}/${P%_*} - fi - KEYWORDS="amd64 arm arm64 ~ia64 ppc ppc64 ~riscv sparc x86" -else - inherit git-r3 - EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" -fi - -SRC_URI+=" https://dev.gentoo.org/~floppym/dist/grub-2.06-backports-r1.tar.xz" - -PATCHES=( - "${WORKDIR}/${P}-backports" - "${FILESDIR}"/gfxpayload.patch - "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch - "${FILESDIR}"/grub-2.06-test-words.patch -) - -DEJAVU=dejavu-sans-ttf-2.37 -UNIFONT=unifont-12.1.02 -SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) - themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )" - -DESCRIPTION="GNU GRUB boot loader" -HOMEPAGE="https://www.gnu.org/software/grub/" - -# Includes licenses for dejavu and unifont -LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" -SLOT="2/${PVR}" -IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs" - -GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 xen-pvh ) -IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" - -REQUIRED_USE=" - grub_platforms_coreboot? ( fonts ) - grub_platforms_qemu? ( fonts ) - grub_platforms_ieee1275? ( fonts ) - grub_platforms_loongson? ( fonts ) -" - -BDEPEND=" - ${PYTHON_DEPS} - sys-devel/flex - sys-devel/bison - sys-apps/help2man - sys-apps/texinfo - fonts? ( - media-libs/freetype:2 - virtual/pkgconfig - ) - test? ( - app-admin/genromfs - app-arch/cpio - app-arch/lzop - app-emulation/qemu - dev-libs/libisoburn - sys-apps/miscfiles - sys-block/parted - sys-fs/squashfs-tools - ) - themes? ( - app-arch/unzip - media-libs/freetype:2 - virtual/pkgconfig - ) - truetype? ( virtual/pkgconfig ) -" -DEPEND=" - app-arch/xz-utils - >=sys-libs/ncurses-5.2-r5:0= - grub_platforms_emu? ( - sdl? ( media-libs/libsdl ) - ) - device-mapper? ( >=sys-fs/lvm2-2.02.45 ) - libzfs? ( sys-fs/zfs:= ) - mount? ( sys-fs/fuse:0 ) - truetype? ( media-libs/freetype:2= ) - ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) - ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) -" -RDEPEND="${DEPEND} - kernel_linux? ( - grub_platforms_efi-32? ( sys-boot/efibootmgr ) - grub_platforms_efi-64? ( sys-boot/efibootmgr ) - ) - !sys-boot/grub:0 - nls? ( sys-devel/gettext ) -" - -RESTRICT="!test? ( test )" - -QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" -QA_PRESTRIPPED="usr/lib/grub/.*" -QA_MULTILIB_PATHS="usr/lib/grub/.*" -QA_WX_LOAD="usr/lib/grub/*" - -pkg_setup() { - : -} - -src_unpack() { - if [[ ${PV} == 9999 ]]; then - git-r3_src_unpack - pushd "${P}" >/dev/null || die - local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git" - local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}") - git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}" - git-r3_checkout "${GNULIB_URI}" gnulib - popd >/dev/null || die - fi - default -} - -src_prepare() { - default - - sed -i -e /autoreconf/d autogen.sh || die - - if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then - python_setup - else - export PYTHON=true - fi - - if [[ -n ${GRUB_BOOTSTRAP} ]]; then - eautopoint --force - AUTOPOINT=: AUTORECONF=: ./bootstrap || die - elif [[ -n ${GRUB_AUTOGEN} ]]; then - ./autogen.sh || die - fi - - if [[ -n ${GRUB_AUTORECONF} ]]; then - eautoreconf - fi -} - -grub_do() { - multibuild_foreach_variant run_in_build_dir "$@" -} - -grub_do_once() { - multibuild_for_best_variant run_in_build_dir "$@" -} - -grub_configure() { - local platform - - case ${MULTIBUILD_VARIANT} in - efi*) platform=efi ;; - xen-pvh) platform=xen_pvh ;; - xen*) platform=xen ;; - guessed) ;; - *) platform=${MULTIBUILD_VARIANT} ;; - esac - - case ${MULTIBUILD_VARIANT} in - *-32) - if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then - local CTARGET=i386 - fi ;; - *-64) - if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then - local CTARGET=x86_64 - local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}" - local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}" - fi ;; - esac - - local myeconfargs=( - --disable-werror - --program-prefix= - --libdir="${EPREFIX}"/usr/lib - $(use_enable device-mapper) - $(use_enable mount grub-mount) - $(use_enable nls) - $(use_enable themes grub-themes) - $(use_enable truetype grub-mkfont) - $(use_enable libzfs) - $(use_enable sdl grub-emu-sdl) - ${platform:+--with-platform=}${platform} - - # Let configure detect this where supported - $(usex efiemu '' '--disable-efiemu') - ) - - if use fonts; then - ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die - fi - - if use themes; then - ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die - fi - - local ECONF_SOURCE="${S}" - econf "${myeconfargs[@]}" -} - -src_configure() { - # Bug 508758. - replace-flags -O3 -O2 - - # Workaround for bug 829165. - filter-ldflags -pie - - # We don't want to leak flags onto boot code. - export HOST_CCASFLAGS=${CCASFLAGS} - export HOST_CFLAGS=${CFLAGS} - export HOST_CPPFLAGS=${CPPFLAGS} - export HOST_LDFLAGS=${LDFLAGS} - unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS - - tc-ld-disable-gold #439082 #466536 #526348 - export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}" - unset LDFLAGS - - tc-export CC NM OBJCOPY RANLIB STRIP - tc-export BUILD_CC BUILD_PKG_CONFIG - - MULTIBUILD_VARIANTS=() - local p - for p in "${GRUB_ALL_PLATFORMS[@]}"; do - use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" ) - done - [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed ) - grub_do grub_configure -} - -src_compile() { - # Sandbox bug 404013. - use libzfs && addpredict /etc/dfs:/dev/zfs - - grub_do emake - use doc && grub_do_once emake -C docs html -} - -src_test() { - # The qemu dependency is a bit complex. - # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. - grub_do emake check -} - -src_install() { - grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)" - use doc && grub_do_once emake -C docs install-html DESTDIR="${D}" - - einstalldocs - - insinto /etc/default - newins "${FILESDIR}"/grub.default-3 grub - - # https://bugs.gentoo.org/231935 - dostrip -x /usr/lib/grub -} - -pkg_postinst() { - elog "For information on how to configure GRUB2 please refer to the guide:" - elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start" - - if has_version 'sys-boot/grub:0'; then - elog "A migration guide for GRUB Legacy users is available:" - elog " https://wiki.gentoo.org/wiki/GRUB2_Migration" - fi - - if [[ -z ${REPLACING_VERSIONS} ]]; then - elog - optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober - optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn - optfeature "enabling RAID device detection" sys-fs/mdadm - fi - - if has_version sys-boot/os-prober; then - ewarn "Due to security concerns, os-prober is disabled by default." - ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it." - fi -} diff --git a/sys-boot/grub/grub-2.06-r3.ebuild b/sys-boot/grub/grub-2.06-r3.ebuild new file mode 100644 index 000000000000..3331ce3f9b71 --- /dev/null +++ b/sys-boot/grub/grub-2.06-r3.ebuild @@ -0,0 +1,320 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +# This ebuild uses 3 special global variables: +# GRUB_BOOTSTRAP: Depend on python and invoke bootstrap (gnulib). +# GRUB_AUTOGEN: Depend on python and invoke the autogen.sh. +# GRUB_AUTORECONF: Inherit autotools and invoke eautoreconf. +# +# When applying patches: +# If gnulib is updated, set GRUB_BOOTSTRAP=1 +# If *.def is updated, set GRUB_AUTOGEN=1 +# If gnulib, *.def, or any autotools files are updated, set GRUB_AUTORECONF=1 +# +# If any of the above applies to a user patch, the user should set the +# corresponding variable in make.conf or the environment. + +if [[ ${PV} == 9999 ]]; then + GRUB_BOOTSTRAP=1 +fi + +GRUB_AUTORECONF=1 +PYTHON_COMPAT=( python3_{8..11} ) +WANT_LIBTOOL=none + +if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then + inherit python-any-r1 +fi + +if [[ -n ${GRUB_AUTORECONF} ]]; then + inherit autotools +fi + +inherit bash-completion-r1 flag-o-matic multibuild optfeature toolchain-funcs + +if [[ ${PV} != 9999 ]]; then + if [[ ${PV} == *_alpha* || ${PV} == *_beta* || ${PV} == *_rc* ]]; then + # The quote style is to work with <=bash-4.2 and >=bash-4.3 #503860 + MY_P=${P/_/'~'} + SRC_URI="https://alpha.gnu.org/gnu/${PN}/${MY_P}.tar.xz" + S=${WORKDIR}/${MY_P} + else + SRC_URI="mirror://gnu/${PN}/${P}.tar.xz" + S=${WORKDIR}/${P%_*} + fi + KEYWORDS="amd64 arm arm64 ~ia64 ppc ppc64 ~riscv sparc x86" +else + inherit git-r3 + EGIT_REPO_URI="https://git.savannah.gnu.org/git/grub.git" +fi + +SRC_URI+=" https://dev.gentoo.org/~floppym/dist/grub-2.06-backports-r1.tar.xz" + +PATCHES=( + "${WORKDIR}/${P}-backports" + "${FILESDIR}"/gfxpayload.patch + "${FILESDIR}"/grub-2.02_beta2-KERNEL_GLOBS.patch + "${FILESDIR}"/grub-2.06-test-words.patch + "${FILESDIR}"/grub-2.06-grub-mkconfig-restore-umask.patch +) + +DEJAVU=dejavu-sans-ttf-2.37 +UNIFONT=unifont-12.1.02 +SRC_URI+=" fonts? ( mirror://gnu/unifont/${UNIFONT}/${UNIFONT}.pcf.gz ) + themes? ( mirror://sourceforge/dejavu/${DEJAVU}.zip )" + +DESCRIPTION="GNU GRUB boot loader" +HOMEPAGE="https://www.gnu.org/software/grub/" + +# Includes licenses for dejavu and unifont +LICENSE="GPL-3+ BSD MIT fonts? ( GPL-2-with-font-exception ) themes? ( CC-BY-SA-3.0 BitstreamVera )" +SLOT="2/${PVR}" +IUSE="device-mapper doc efiemu +fonts mount nls sdl test +themes truetype libzfs" + +GRUB_ALL_PLATFORMS=( coreboot efi-32 efi-64 emu ieee1275 loongson multiboot qemu qemu-mips pc uboot xen xen-32 xen-pvh ) +IUSE+=" ${GRUB_ALL_PLATFORMS[@]/#/grub_platforms_}" + +REQUIRED_USE=" + grub_platforms_coreboot? ( fonts ) + grub_platforms_qemu? ( fonts ) + grub_platforms_ieee1275? ( fonts ) + grub_platforms_loongson? ( fonts ) +" + +BDEPEND=" + ${PYTHON_DEPS} + sys-devel/flex + sys-devel/bison + sys-apps/help2man + sys-apps/texinfo + fonts? ( + media-libs/freetype:2 + virtual/pkgconfig + ) + test? ( + app-admin/genromfs + app-arch/cpio + app-arch/lzop + app-emulation/qemu + dev-libs/libisoburn + sys-apps/miscfiles + sys-block/parted + sys-fs/squashfs-tools + ) + themes? ( + app-arch/unzip + media-libs/freetype:2 + virtual/pkgconfig + ) + truetype? ( virtual/pkgconfig ) +" +DEPEND=" + app-arch/xz-utils + >=sys-libs/ncurses-5.2-r5:0= + grub_platforms_emu? ( + sdl? ( media-libs/libsdl ) + ) + device-mapper? ( >=sys-fs/lvm2-2.02.45 ) + libzfs? ( sys-fs/zfs:= ) + mount? ( sys-fs/fuse:0 ) + truetype? ( media-libs/freetype:2= ) + ppc? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) + ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) +" +RDEPEND="${DEPEND} + kernel_linux? ( + grub_platforms_efi-32? ( sys-boot/efibootmgr ) + grub_platforms_efi-64? ( sys-boot/efibootmgr ) + ) + !sys-boot/grub:0 + nls? ( sys-devel/gettext ) +" + +RESTRICT="!test? ( test )" + +QA_EXECSTACK="usr/bin/grub-emu* usr/lib/grub/*" +QA_PRESTRIPPED="usr/lib/grub/.*" +QA_MULTILIB_PATHS="usr/lib/grub/.*" +QA_WX_LOAD="usr/lib/grub/*" + +pkg_setup() { + : +} + +src_unpack() { + if [[ ${PV} == 9999 ]]; then + git-r3_src_unpack + pushd "${P}" >/dev/null || die + local GNULIB_URI="https://git.savannah.gnu.org/git/gnulib.git" + local GNULIB_REVISION=$(source bootstrap.conf >/dev/null; echo "${GNULIB_REVISION}") + git-r3_fetch "${GNULIB_URI}" "${GNULIB_REVISION}" + git-r3_checkout "${GNULIB_URI}" gnulib + popd >/dev/null || die + fi + default +} + +src_prepare() { + default + + sed -i -e /autoreconf/d autogen.sh || die + + if [[ -n ${GRUB_AUTOGEN} || -n ${GRUB_BOOTSTRAP} ]]; then + python_setup + else + export PYTHON=true + fi + + if [[ -n ${GRUB_BOOTSTRAP} ]]; then + eautopoint --force + AUTOPOINT=: AUTORECONF=: ./bootstrap || die + elif [[ -n ${GRUB_AUTOGEN} ]]; then + ./autogen.sh || die + fi + + if [[ -n ${GRUB_AUTORECONF} ]]; then + eautoreconf + fi +} + +grub_do() { + multibuild_foreach_variant run_in_build_dir "$@" +} + +grub_do_once() { + multibuild_for_best_variant run_in_build_dir "$@" +} + +grub_configure() { + local platform + + case ${MULTIBUILD_VARIANT} in + efi*) platform=efi ;; + xen-pvh) platform=xen_pvh ;; + xen*) platform=xen ;; + guessed) ;; + *) platform=${MULTIBUILD_VARIANT} ;; + esac + + case ${MULTIBUILD_VARIANT} in + *-32) + if [[ ${CTARGET:-${CHOST}} == x86_64* ]]; then + local CTARGET=i386 + fi ;; + *-64) + if [[ ${CTARGET:-${CHOST}} == i?86* ]]; then + local CTARGET=x86_64 + local -x TARGET_CFLAGS="-Os -march=x86-64 ${TARGET_CFLAGS}" + local -x TARGET_CPPFLAGS="-march=x86-64 ${TARGET_CPPFLAGS}" + fi ;; + esac + + local myeconfargs=( + --disable-werror + --program-prefix= + --libdir="${EPREFIX}"/usr/lib + $(use_enable device-mapper) + $(use_enable mount grub-mount) + $(use_enable nls) + $(use_enable themes grub-themes) + $(use_enable truetype grub-mkfont) + $(use_enable libzfs) + $(use_enable sdl grub-emu-sdl) + ${platform:+--with-platform=}${platform} + + # Let configure detect this where supported + $(usex efiemu '' '--disable-efiemu') + ) + + if use fonts; then + ln -rs "${WORKDIR}/${UNIFONT}.pcf" unifont.pcf || die + fi + + if use themes; then + ln -rs "${WORKDIR}/${DEJAVU}/ttf/DejaVuSans.ttf" DejaVuSans.ttf || die + fi + + local ECONF_SOURCE="${S}" + econf "${myeconfargs[@]}" +} + +src_configure() { + # Bug 508758. + replace-flags -O3 -O2 + + # Workaround for bug 829165. + filter-ldflags -pie + + # We don't want to leak flags onto boot code. + export HOST_CCASFLAGS=${CCASFLAGS} + export HOST_CFLAGS=${CFLAGS} + export HOST_CPPFLAGS=${CPPFLAGS} + export HOST_LDFLAGS=${LDFLAGS} + unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + tc-ld-disable-gold #439082 #466536 #526348 + export TARGET_LDFLAGS="${TARGET_LDFLAGS} ${LDFLAGS}" + unset LDFLAGS + + tc-export CC NM OBJCOPY RANLIB STRIP + tc-export BUILD_CC BUILD_PKG_CONFIG + + MULTIBUILD_VARIANTS=() + local p + for p in "${GRUB_ALL_PLATFORMS[@]}"; do + use "grub_platforms_${p}" && MULTIBUILD_VARIANTS+=( "${p}" ) + done + [[ ${#MULTIBUILD_VARIANTS[@]} -eq 0 ]] && MULTIBUILD_VARIANTS=( guessed ) + grub_do grub_configure +} + +src_compile() { + # Sandbox bug 404013. + use libzfs && addpredict /etc/dfs:/dev/zfs + + grub_do emake + use doc && grub_do_once emake -C docs html +} + +src_test() { + # The qemu dependency is a bit complex. + # You will need to adjust QEMU_SOFTMMU_TARGETS to match the cpu/platform. + grub_do emake check +} + +src_install() { + grub_do emake install DESTDIR="${D}" bashcompletiondir="$(get_bashcompdir)" + use doc && grub_do_once emake -C docs install-html DESTDIR="${D}" + + einstalldocs + + insinto /etc/default + newins "${FILESDIR}"/grub.default-3 grub + + # https://bugs.gentoo.org/231935 + dostrip -x /usr/lib/grub +} + +pkg_postinst() { + elog "For information on how to configure GRUB2 please refer to the guide:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Quick_Start" + + if has_version 'sys-boot/grub:0'; then + elog "A migration guide for GRUB Legacy users is available:" + elog " https://wiki.gentoo.org/wiki/GRUB2_Migration" + fi + + if [[ -z ${REPLACING_VERSIONS} ]]; then + elog + optfeature "detecting other operating systems (grub-mkconfig)" sys-boot/os-prober + optfeature "creating rescue media (grub-mkrescue)" dev-libs/libisoburn + optfeature "enabling RAID device detection" sys-fs/mdadm + fi + + if has_version sys-boot/os-prober; then + ewarn "Due to security concerns, os-prober is disabled by default." + ewarn "Set GRUB_DISABLE_OS_PROBER=false in /etc/default/grub to enable it." + fi +} -- cgit v1.2.3